1 / 16

Cybersecurity Threats and Trends in 21st Century

The cyber threat landscape is evolving rapidly with increasing incidents of malware attacks, data breaches, and state-sponsored cyber warfare. Major events include hacks on US government data, power grids, and financial institutions, as well as ransomware and spyware threats. The Dark Web presents a platform for illicit activities, including the sale of contraband. Various actors engage in cyber activities ranging from lone wolves to nation-state organizations, posing serious risks to critical infrastructure, financial systems, and personal data security.

berbegall
Download Presentation

Cybersecurity Threats and Trends in 21st Century

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. The threat gets worse before it gets better Ted Gordon 1 Smilax Dr Old Lyme, CT 06371 tedjgordon@gmail.com

  2. US And China Seek Arms Deal For Cyberspace Active WordpressMalware Compromises Thousands Of Websites Huge Hack Of US Government Data Affected 21.5 Million Cyber Attack On U.S. Power Grid Could Cost $1 Trillion Silk Road Mastermind (Ross Ulbricht) Gets Life Prison Sentence Homeland Security Moves To Prevent Attack On Power Grid Zeus Malware Gang Take-down Hacker: 'Hundreds Of Thousands' Of Vehicles Are At Risk Of Attack China Acknowledges That It Has Units For War On Computer Networks Ransomware Porn App Takes Photos Of Users And Holds Phone Hostage White House Shoots Down Petition To Pardon Edward Snowden HeartbleedIs Far From Dead. 200,000+ Vulnerable Devices United (Airlines) Should Thank, Not Ban, Researcher Who Pointed Out A Major Security Flaw             

  3.  Anthem  Target  Sony  Neiman Marcus  JPMorgan Chase  Experian  eBay  Home Depot  Department of Defense  SCORE: about 100 million records

  4. Relative Impact 12 Systems control WMD Principal Objectives Sabotage/espionage Theft 10 Blackmail Intimidation Surveillance Recruitment Terror 8 Money laundering Disruption 6 US China Russia N Korea UK Iran Israel Others Vandalism 4 Show prowess 2 Actors 0 Hackers Lone Wolves Terrorist Organized Crime Intel Org Nation State Orgs

  5. Number Killed in a SIMAD Attack ? 16 14 12 10 Number of respondents 8 When a SIMAD Might Kill 100,000 or more 6 4 2 0 prior to 2015 2015-203 2030-20150 2050-2075 after 2075 or never www.lonewolfthreat.com

  6. US Cyber Command Plan and conduct activities to defend specified DoD information networks Conduct military cyberspace operations to ensure US/Allied freedom of action in cyberspace and deny the same to our adversaries. Assemble cyberspace resources and synchronize war-fighting to defend the information security environment

  7.  Well Known Activities  Office of Personnel Mgmt data breech  Stuxnet  Attack on SONY to prevent “The Interview”  MI 6 “cupcake caper”  “Red October” data theft malware in Word and Excel  DDoSin Estonia, Georgia, and Ukraine  Cyber attacks on large banks  US (NSA)  China  Russia  N Korea  UK  Iran  Israel  Many others

  8.  Manifestos (many terrorists write them)  Plans and Confessions (for various reasons Lone Wolves tell plans and confess their crimes)  Recruitment, funding (Al Qaeda and ISIS are expert, use horror as a magnet)  Cyber bullying (15% of all high school students last year)  Encryption (now available to all)  DIY Instructions (How to make a bomb in your Mom’s kitchen)  Clandestine market places

  9.  DyreWolf discovered by IBM Cyber Security  Target: people in specific companies using email attachments  The malware activates when the user logs onto a bank website  A fake screen says the bank’s site is temporarily down and offers instructions to call a phone number.  A live “operator” answers with the name of the bank  Users typically share their wire transfer details to withdraw funds  The thieves then move the money to another bank to avoid detection  On request for a download of a fake porno site to a smart phone  Ransomware takes unauthorized photo of user  Threatens a report to FBI, locks the phone  Demands a “fine” of $500 Quoted from: http://www-01.ibm.com/common/ssi/cgi-bin/ssialias?subtype=WH&infotype=SA&htmlfid=SEW03073USEN&attachment=SEW03073USEN.PDF

  10.  Dark web’s Amazon: unregulated bazaar anything bought and sold, narcotics  In three years 1,5 million purchases; called billion dollar marketplace  Ross Ulbricht convicted of seven crimes including narcotics and conspiracy  Sentenced to life http://www.wired.com/2015/02/silk-road-ross-ulbricht-verdict/

  11.  Hacking  Viruses  Trojan horses  Denial of service  Back doors  Impersonation Purchasing contraband  Of particular concern:  Insertion of false information  3.6 million PC’s are said to be infected in the U.S. alone

  12.  Big targets (financial system, agriculture, electricity grid, frauds)  Hacking automated autos, trucks, aircraft control, robots  Consumer products: AI dolls and Internet of Things  Spy devices, tiny cameras  Facial recognition

  13.  Sting and honeypot operations  Receiving information from informants  Online surveillance: chat rooms, postings, email  Tracking associates of known terrorists (including photos)  Tracking purchases of poisons and bomb-making chemical  Automated screening and synthesis of big data bases  Third-party reporting of unusual behavior  Psychological screening

  14.  Consider attacks on:  control systems (e.g. Stuxnet) create risks for transport systems, public services (e.g. water, electricity, pipelines, industry, sanitation, agriculture)  algorithms create risks for financial systems, funds transfer, equities markets, payment systems (e.g. social security)  data bases result in lack of trust, social chaos, anarchy  communications result in loss of command and control, diminished trust in news reporting, and government authority http://www.cse.wustl.edu/~jain/cse571-14/ftp/cyber_espionage/#summary

  15.  Potential will be recognized for:  massive disruptions from non state actors  threat of cyber lone wolves and SIMAD  new cyber crime targets and anti-crime weapons  New measures for dealing with cyber crime will be devised  technical, military, and legal solutions  automated screening and synthesis of big data bases to identify terrorists and possible attacks against people, data, or infrastructure.  rewards for capture of cyber criminals (e.g. $3 m by FBI)  International bilateral or multilateral agreements about cyber war http://www.cse.wustl.edu/~jain/cse571-14/ftp/cyber_espionage/#summary http://www.cnn.com/2015/02/24/politics/russi an-cyber-criminal-reward/ http://www.nytimes.com/2015/09/20/world/asia/us-and-china-seek-arms-deal-for-cyberspace.html?_r=0  The race between cyber offense and defense will intensify

  16. Lone Wolf Terrorism Prospects and Potential Strategies to Address the Threat E-book: www.lonewolfthreat.com Paperback: www.amazon.com by Theodore J. Gordon, Co-Founder, The Millennium Project YairSharan, Director TAM-C/FIRST group, Co-Chair Israel MP Node Elizabeth Florescu, Director of Research, The Millennium Project

More Related