anti terrorism level ii
Download
Skip this Video
Download Presentation
Anti-Terrorism Level II

Loading in 2 Seconds...

play fullscreen
1 / 34

Anti-Terrorism Level II - PowerPoint PPT Presentation


  • 277 Views
  • Uploaded on

Anti-Terrorism Level II. Cyber “Terrorism” The Future of Modern Terrorism? . References. Rand Corporation Operation Cyber Sweep DOJ U.S. Attorneys Office of Legal Education. OVERVIEW. Definitions The Cyber Terrorist Defined Goals and Objectives of a Cyber Terrorist

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Anti-Terrorism Level II' - naif


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
anti terrorism level ii

Anti-TerrorismLevel II

Cyber “Terrorism”

The Future of Modern Terrorism?

references
References
  • Rand Corporation
  • Operation Cyber Sweep DOJ
  • U.S. Attorneys Office of Legal Education
overview
OVERVIEW
  • Definitions
  • The Cyber Terrorist Defined
  • Goals and Objectives of a Cyber Terrorist
  • Cyber Terrorism Tactics and Techniques
  • Noted Incidents and Attacks
  • Cyber Terrorist potential Objectives “Scenarios”
  • Prevention and Detection
cyber terrorism definitions
Cyber Terrorism Definitions
  • COMPUTER TAMPERINGunauthorized modifications of computer programs or the way in which a computer or computer network operates
  • COMPUTER TRESPASSdirected generally towards computer hackers

lack of authorization to access a computer or computer system

  • COMPUTER FRAUD

use of a computer to perpetuate the fraud

CYBERSTALKING

use of e-mail or electronic means of communicating language threatening to inflict harm to persons or property, or for the purpose of extorting money or property

the cyber profiles
The Cyber Profiles
  • Hackers
  • Crackers
  • Cyber Terrorists
hackers
Hackers
  • “Hackers”: Computer Hacking is Defined as the Display of Exceptional Computer Talent.
    • Who Does Not Engage in Criminal Conduct for Profit or Gain
    • Separate Society
    • Those who have the ability to enter computer systems without consent from the owner (Computer Trespassing)
crackers
Crackers
  • “Crackers”(Cyber Extortionist): Computer Cracking is Defined as a Person Who, Without Authorization, Uses Computer Skills To:
    • Access, Move, Alter, Delete, or Destroy Automated Data or Information
    • Breaks codes for personal profit or gain
crackers8
Crackers
  • Crackers are Most Commonly Associated with Terrorism
  • Mostly Due to the Blackmail Schemes Against the Banking Industry (Extortion of money)
  • These Assaults Normally Go Unreported
cyber extortionist gangs crackers
Cyber Extortionist Gangs/Crackers
  • Four Operational “High End” Cyber Extortionist Gangs
    • One American Based, One Russian Based, and two Others Unknown.
cyber extortionist
Cyber Extortionist
  • Ability of Cyber Extortionists:
  • Cyber Extortionist demands are met within hours and money is wired to foreign bank accounts.
  • Cyber Extortionists then remove the money within minutes of arrival without a trace.
the cyber terrorist
The Cyber Terrorist
  • Is defined as one who assaults an electronic communications network with intent to coerce or intimidate a government.
  • They can act very similar to and within terrorist organizations
goals of the cyber terrorists
Goals of the Cyber Terrorists
  • Access:

Starting point, weak passwords with internet and e-mail use (Social Engineering)

  • Control:

The goal of remote administration

  • Mining (Information Sharing):

Process that supports the knowledge of acquisition

Uses FOUR Modes:

Transmission, Connection, Aggregation, Retrieval

cyber terrorism tactics
Cyber Terrorism Tactics
  • Sent Mail (sending Malicious Codes)
  • Packet Sniffing (Gather Network Traffic)
  • Man in the Middle Technique (one computer system believes its talking to another when in reality it is talking one of the three profiles)
  • Key Logging (Gather Keyboard Keystrokes)
  • Viruses
  • Onel A Deguzmann
cyber terrorism tactics14
Cyber terrorism Tactics
  • Security Administration Tools for Analyzing Networks
  • Mining (Information Sharing)
  • Emergency Destruction

- High Energy Radio Frequency Guns

- Electro Magnetic Pulse Bombs

- Thermite

pentagon computers attacked
Pentagon Computers Attacked
  • Military Satellite System “Software”
  • In Late “April 98” The Computer Security Expert John Vranesevich was Contacted.
  • Vranesevich was involved in tracking down Israeli hacker “The Analyzer” who broke into the Pentagon in February
pentagon computers attacked16
Pentagon Computers Attacked
  • The Software Stole Coordinates to the Military Global Positioning System, Used To Target Missiles, and Accurately Pinpoint Unit Locations.
  • Vranesevich Interviewed Them Via the Internet Relay Chat and E-Mail and Posted Pictures of the Stolen Software In Action On His Web Site.
pentagon computers attacked17
Pentagon Computers Attacked
  • The Defense Department Confirmed the Software Was Genuine.
  • The Group Stated During The Interviews
    • “I think international terrorist groups would be interested in the data we could gain access to.”
    • “Governments would buy it for intelligence purposes.”
    • “The information is very dangerous in the wrong hands”
pentagon computers attacked18
Pentagon Computers Attacked
  • Vranesevich Said Members Of The Group Range From 19 to 28, Older Than The Average.
  • The Group Claims 15 Members--Eight In The United States, Five In Britain And Two In Russia.
noted incidents and attacks
Noted Incidents And Attacks

Kevin Poulsen

Handle: Dark Dante

Claim to fame: In 1990 Poulsen took over all telephone lines going into Los Angeles area radio station KIIS-FM, assuring that he would be the 102nd caller. Poulsen won a Porsche 944 S2 for his efforts.

First encountered a computer: When his parents

bought him a TRS-80 (better known as a "Trash-80").

Unusual tools: A set of locksmith tools he used to break into phone company trailers. He was caught after a friend commemorated the break-ins with snapshots of Poulsen picking locks.

noted incidents and attacks20
Noted Incidents And Attacks

Kevin Poulsen

Little-known fact: Admitted breaking into computers to get the names of undercover businesses operated by the FBI.

Current status: Thanks to an episode of Unsolved Mysteries, Kevin Poulsen was arrested and spent three years in prison. He was then forbidden to touch a computer for another three years. Poulsen is now a self-proclaimed "reformed and penitent" journalist, and serves as editorial director for Security Focus.

noted incidents and attacks21
Noted Incidents And Attacks
  • Rome Laboratory, New York
  • Disguised As a User Of Rome Labs Launched Attacks Against NASA, Wright Patterson AFB, Defense Contractors, and Other Organizations
  • This Was All Unknown To Rome Labs for at Least Three Days.
  • One British Hacker Was Caught, the Other Unidentified Hacker Escaped.
other incidents of note
Other Incidents Of Note
  • A “PLO” Virus Developed at Hebrew University, in Israel.
  • Japan Groups have Attacked the Computerized Control Systems for Commuter Trains, Paralyzing Major Cities
  • The Italian Red Brigade’s Manifesto Specified the Destruction of Computer Systems and Installations “Striking The Heart Of The State”
other incidents of note23
Other Incidents Of Note
  • Sinn Fein Supporters Working Out of the University Of Texas, Austin, TX, Posted Sensitive Details About British Army Intelligence Installations, Military Bases, and Police Stations In Northern Ireland On the Internet.
potential objectives scenarios
Potential Objectives (Scenarios)
  • The Key Attribute(s) of the Cyber Terrorist Attacks Through the Computer, Is Minimal Risk and Achievement of Desired Objective(s)/Goals
  • How Can This Be Accomplished?
potential objectives scenarios25
Potential Objectives (Scenarios)
  • Remotely Through the Computer Access Food Processing Control Systems of a Cereal Manufacturer, Changing the Levels of Iron Supplements, Sickening and Killing the Children of a Nation. (Recently seen in California with baby food)
  • (Key Attribute(s)): No Risk to the Cyber Terrorist and Fulfillment of an Objective!
potential objectives scenarios26
Potential Objectives (Scenarios)
  • Place a Number of Computerized Bombs In a City, All Transmitting Encrypted Patterns, that are Received by the Others. If One Stops Transmitting or is Compromised They Go Off Simultaneously.
potential objectives scenarios27
Potential Objectives (Scenarios)
  • Disrupt the Banking Industry, International Financial Transactions, and Stock Exchanges.
  • (Key Attribute(s)): Loss of Confidence in the Government Economic System, Destabilization of a Government From Within.
potential objectives scenarios28
Potential Objectives (Scenarios)
  • Launch Attacks Against the Air Traffic Control Systems to Include the In-Flight Deck Sensors and Cause Two Large Aircraft to Collide this Could Also Be Conducted Against a Railway System. Exchanges.
  • (Key Attribute(s)): No Risk of Manpower or Equipment.
potential objectives scenarios29
Potential Objectives (Scenarios)
  • Remotely Alter the Formulas of Medication at Pharmaceutical Manufacturers, With Unfathomable Potential For Loss of Life.
  • (Key Attribute(s)): No Risk of Manpower or Equipment.
potential objectives scenarios30
Potential Objectives (Scenarios)
  • Remotely Change the Pressure in Gas Lines, Causing a Valve Failure; a Block of a Sleepy Suburb Detonates and Burns. In an Alternate Scenario an Electrical Grid Becomes Vulnerable.
  • (Key Attribute(s)): No Risk of Manpower or Equipment.
prevention detection
Prevention/Detection
  • Safe Computing Practices
    • Do Not Share Resources Across a Network Without Using Password Controls
    • Never Execute a Program Received Through Unknown Sources
    • Routinely Verify All Software is Current
    • Use a Virus Scanner
    • Use a firewall (www.zonelabs.com)
prevention detection32
Prevention/Detection
  • Detection:
    • Symantec Norton Anti-Virus
    • Army’s Land Information Warfare Activity
    • Symantec’s Ant-Virus products and Latest Signature File - http://powhatan.iiie.disa.mil/symantec.htm
    • http://www.cert.mil (access from any computer, however, downloads must be done from a .mil domain)
prevention detection33
Prevention/Detection
  • Reporting
    • At a Minimum, the Site’s Information Systems Security Manager (each site does not have), the Responsible Computer Incident Response Team, and a Law Enforcement Agent Should be Contacted
summary
SUMMARY
  • Definitions
  • The Cyber Terrorist Defined
  • Goals and Objectives of a Cyber Terrorist
  • Cyber Terrorism Tactics and Techniques
  • Noted Incidents and Attacks
  • Cyber Terrorist potential Objectives “Scenarios”
  • Prevention and Detection
ad