1 / 28

Cyber Terrorism

Cyber Terrorism. Part 2 of 2 ( When the Hackers Grow Up). CYBER WARFIGHTER. Terrorists Terrorist sympathizers Government agents Organized Crime Thrill seekers. Incidents normally take the form of organized Asymmetric Attacks. Case #1. Pakistan/India Conflict

Télécharger la présentation

Cyber Terrorism

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.


Presentation Transcript

  1. Cyber Terrorism Part 2 of 2 (When the Hackers Grow Up) Hacking as Warfare

  2. CYBER WARFIGHTER • Terrorists • Terrorist sympathizers • Government agents • Organized Crime • Thrill seekers Incidents normally take the form of organized Asymmetric Attacks. Hacking as Warfare

  3. Case #1 Pakistan/India Conflict • Indian sites defaced by Pakistani hacker groups including G-Force and Doctor Nuker have been either political, highly visible, or involved in information dissemination • 5 megabytes of possibly sensitive nuclear research information was downloaded from the Bhabha Atomic Research Center Hacking as Warfare

  4. Case #2 Israel/Palestinian Conflict Close connection between political events in the region between 1999 and 2001: • Feb. 3: Barak-Arafat summit breaks up • Feb. 8: Israel launches airstrikes against Hezbollah sites in Lebanon • Oct. 17: Sharm el Sheikh summit • Nov.20: bombs kill 4, injure 69 Israelis • Nov: Israeli soldiers & artillery kill 32 Palestinians • Jan. 12: Palestinian man shot & dragged; Arafat demands apology • Apr.22: 2 weeks violence culminate in suicide bombing at bus stop Hacking as Warfare

  5. Case #3 Yugoslavia Conflict • When NATO air strikes hit Former republic of Yugoslavia in Kosovo and Serbia, NATO web servers were subjected to sustained attacks by hackers employed by the Yugoslav military • All NATO’s 100 servers were subjected to “ping saturation” DDoS assaults and bombarded with thousands of emails, many containing viruses • The attacks on NATO servers coincided with numerous website defacements of American military, government, and commercial sites by Serbian, Russian, and Chinese sympathizers of Yugoslavia • These attacks causes serious disruption of NATA communications infrastructures Hacking as Warfare

  6. Case #4 China fighter plane collision with American spy plane • On April 1, 2001, there was a mid-air collision between an American surveillance plane and a Chinese fighter aircraft. • Chinese hacker groups, such as the Honker Union of China and the Chinese Red Guest Network Security Technology Alliance, organized a massive and sustained week-long campaign of cyber attacks against American targets in retaliation for the death of Chinese pilot Wang Wei • Chinese hackers used Internet postings and IRC to plan and coordinate their assault against US systems. • Approximately 1,200 U.S. sites, including those belonging to the White House, the U.S. Air Force, U.S. Geological Survey, and the Department of Energy, had been subjected to DDoS attacks or defaced with pro-Chinese images. • A number of recent Internet worms including Lion, Adore, and Code Red are suspected of having originated in China Hacking as Warfare CNN May 2, 2001

  7. Case #5 • Vulnerabilities in the Nation's power distribution grid were first exposed during the Joint Chiefs of Staff exercise “Eligible Receiver” Mr. Kenneth H. Bacon, Pentagon spokesperson, stated, “we did learn that computer hackers could have a dramatic impact on the nation's infrastructure, including the electrical power grid.” This vulnerability was exploited for real in June 2001, when computer hackers, routed through networks operated by China Telecom, penetrated the defenses of a practice network of the California Independent Systems Operator (Cal-ISO) for 17 days. • The specter of an unanticipated and massive attack on critical infrastructures that disables core functions such as telecommunications, electrical power systems, gas and oil, banking and finance, transportation, water supply systems, government services, and emergency services, has been raised in a number of reports on national security and by the National Infrastructure Protection Center (NIPC). Hacking as Warfare

  8. Case #6 • A series of intrusions, collectively known as Moonlight Maze, in U.S. government systems over a period of several years may have originated in Russia. The first attacks were detected in March 1998 and, in the course of this sustained assault, hundreds of unclassified networks used by the Pentagon, the Department of Energy, NASA, as well as a variety of defense contractors, may have been compromised. • While authorities insist that no classified systems were breached, it is undisputed that vast quantities of technical defense research were illegally downloaded. Hacking as Warfare

  9. Case #7 http://www.newsmax.com/archives/articles/2001/12/18/224826.shtml • NEWSMAX, Wed. Dec. 19, 2001 - In the wake of the Sept. 11 terrorist attack, the FBI has stumbled on the largest espionage ring ever discovered inside the United States. The U.S. Justice Department is now holding nearly 100 Israeli citizens with direct ties to foreignmilitary, criminal and intelligence services. The spy ringreportedly includes employees of two Israeli-owned companiesthat currently perform almost all the official wiretaps forU.S. local, state and federal law enforcement. • The U.S. law enforcement wiretaps, authorized by theCommunications Assistance for Law Enforcement Act (CALEA),appear to have been breached by organized crime units working inside Israel and the Israeli intelligence service, Mossad. • The spy ring enabled criminals to use reverse wiretaps against U.S. intelligence and law enforcement operations. The illegal monitoring may have resulted in the deaths of several informants and reportedly spoiled planned anti-drug raids on crime syndicates. • "Why do you think Putin so nonchalantly and with such great fanfare announced the shutdown of the Lourdes listening post in Cuba?" noted Douglas Brown, president of Multilingual DataSolutions Inc. and program director at the Nathan HaleInstitute. Hacking as Warfare

  10. Case #8 • Hackers Attacked 103 Moroccan Web Sites in 2001 • RABAT (Reuters) - At least 103 Moroccan Internet Web sites were attacked by hackers last year, in several attempts to modify their contents, the official MAP news agency said on Friday. • Quoting experts at leading Menara site, MAP said local firms specializing in information technologies have urged the authorities to set up a legal framework and proceedings to deter hacker attacks and protect the E-business activity in Morocco. • The Casablanca-based Menara is run by state-owned Moroccan telecom operator Maroc Telecom. • MAP didn't say if the hackers' attempts caused damage to the target sites. • The first hackers' attack was registered in November 2000 and targeted the finance ministry Web site, officials had said. • Morocco has an estimated 200,000 to 400,000 internet users, and had some 2,500 providers and cybercafes in 2001. Hacking as Warfare REUTERS, January 18, 2002 07:33 AM ET

  11. High Energy Radio Frequency http://www.infowar.com/class_3/harden.html-ssi http://www.zdnet.com/zdnn/stories/news/0,4586,2331772,00.html Cyberwar attack or hacking will in many instances be the preferred mode of attack, but in some instances electromagnetic attack intended to cause denial of service for short or long periods of time may be a possibility. In the short term, electromagnetic attack is not particularly likely, although some reports from Europe and the US suggest that it is beginning to occur. Once police forces worldwide start deploying HERF guns for traffic control purposes (see an early November issue of New Scientist for more detail here), the technology will however become more available, thus better understood in the wider community, and the frequency of incidents will inevitably increase. The law enforcement community should give some careful thought to the fact that in promoting the proliferation of the HERF gun to solve one law enforcement problem, they may have inadvertently opened a Pandora's box of other law enforcement problems, potentially far more expensive to the general public. Hacking as Warfare

  12. High Energy Radio Frequency (cont.) Having determined that we are at risk from electromagnetic attack, we must then determine what the likely style of attack will be. The threat can be divided into high power and low power styles of attack. High power attack, by flux generator bomb or microwave bomb, is less likely but considerably more damaging. It is less likely because the technology is difficult to produce without the resources of a government research establishment, and the equipment to perform this kind of attack requires often difficult to source materials, such as high grade plastic explosives, high performance detonation systems similar to those used in nuclear weapons, and finally a non-trivial amount of expertise is required to use these weapons properly. Delivery may also prove to be an issue, as a high power flux generator requires a packaging volume similar to that of a sizeable car bomb. High power attack is therefore only likely in the instance of war, or a terrorist attack sponsored by a hostile government prepared to provide the logistical support for the weapons. It is worth noting that any government with the ability to build an implosion type nuclear bomb will have the required hydro-dynamics expertise to eventually design themselves a flux generator or microwave bomb. Hacking as Warfare

  13. Observations • Direct correlations exist between Political/Military actions and computer attacks • Cyber attacks immediately accompany Military Attacks • Politically motivated Cyber Attacks are Increasing • Cyber Attackers are becoming more sophisticated • Cyber Attackers are Attracted to High Value Targets Hacking as Warfare

  14. September 11, 2001 Hacking as Warfare

  15. IMPACT ON CITIZENS • Economic Losses • Tourism • Airlines • International trade* • Living in Fear • Wartime Environment • Significantly Less Productive *The World Trade Center attacks not only took lives and property but closed markets and destroyed a significant component of the financial information infrastructure in New York City. Hacking as Warfare

  16. Approaches before 9/11 will no longer work • Current security infrastructures are not prepared to deal with the new styles of terrorism • Traditional police/military reactions will not work • “catching the terrorist” is impossible: there could be thousands of terrorists in collusion, all hidden and absorbed into our society • Guerilla war with invisible enemies – possibly even “friends” • Police inability to control terrorism • Mass Insecurity - People must have a framework to deal with fears • What could happen next - Air traffic control? Reservoir Poisoning? • What damage will be done? • What can I do? • Terrorism can thrive in a “Open and Free Society” • “I’m Coming…” Hacking as Warfare

  17. Strategic Recommendations • Preventative Medicine? • What are the procedures we need to have ? • How can we implement such procedures? • Who should implement the procedures? • Government? • Private Sector? • Citizens? • Hacker/Terrorist Profiling? • Profiles of known terrorists/hackers • Behavior, grooming, travel, ethnics, etc.? • Role of Governments • FBI, CIA, Military? • “Homeland Defense”? • DISCUSSION Hacking as Warfare

  18. Practical Recommendations • Raise awareness of the importance of system security at all levels • Report suspicious activity to law enforcement immediately to facilitate the warning and investigative processes • Apply and follow standard best practices for computer and physical security; apply regular software updates, and install worm protection, intrusion detection systems and firewalls • Secure critical information assets by implementing recommended measures against known exploits and back up all vital systems and information • Utilize ingress and egress filtering to protect against Distributed Denial of Service (DDoS) attacks Hacking as Warfare

  19. Societal Recommendations • Coordinated Terrorisms = > Major Strike Entropy • Cyber > Terrorism • Bio > Terrorism • Physical > Terrorism • Social > Terrorism • Empower ordinary citizens to cope with terrorism • Get citizens involved, informed, “in control” rather than “in fear” • Provide easy access to information and latest updates Hacking as Warfare

  20. Tactical Recommendations • Improved Authentication procedures • Users • Resources • Services • Education & Awareness Training • Disaster Recovery Planning • A new multi-disciplinary sleuth is needed: • Epidemiologist with computer and criminology training • Discern NATURAL from CRIMINAL disease situations • Detect early warning signs • Have resources and credentials to identify/deter terrorism • Provide evidence for legal prosecution Hacking as Warfare

  21. Say What ?? Uncle Sam Wants Napster! By Leslie Walker Thursday, November 8, 2001; Page E01 The WASHINGTON POST The Pentagon is taking a friendlier view of Napster's file-sharing concept than are America's big entertainment companies, which have repeatedly sued tech upstarts to stop people from swapping songs, movies and other copyrighted material. Rather than trying to shut down the new computer networks that allow people to directly connect other personal computers, the military wants to enlist their creators in the war against terrorism. Hacking as Warfare

  22. Say What ?? "You guys could help us," Lt. Col. Robert Wardell, special assistant to Gen. Richard B. Myers, chairman of the Joint Chiefs of Staff, told technologists at an industry conference in Washington this week. Indeed, the technology behind Napster, the music-sharing network that record companies sued for copyright infringement, may be getting a public relations boost in the wake of the Sept. 11 terrorist attacks. Public anxiety over flying, a desire to cut travel costs and growing awareness of the need for secure communication appear to be heightening interest in Napster-like collaboration tools. Wardell said the technology might help the military share information on the fly across its many branches, agencies, ships, airplanes, tanks and ground troops -- here and around the world. Hacking as Warfare

  23. cDc http://cultdeadcow.com/details.php3?listing_id=425 THE CULT OF THE DEAD COW OFFERS A HELPING HAND IN AMERICA'S TIME OF NEED In an effort to turn the tide in the war on terrorism, a private-sector think tank offers its expertise to the FBI. LUBBOCK, TX, November 26 -- Never before has the United States faced a more troublesome enemy. To meet this growing challenge, the Federal Bureau of Investigation has announced an ongoing effort to create and deploy best-of-breed electronic surveillance software. In July 2000 the FBI unveiled Carnivore (now called the DCS-1000), a sniffer capable of plucking relevant packet headers out of live data streams. To augment the investigative value of the DCS-1000, last week the FBI announced the development of "Magic Lantern", a rootkit for gathering information on target computers. Hacking as Warfare

  24. cDc (cont.) According to all accounts, this represents a major leap forward in the fight against all forms of computercrime. But we in the CULT OF THE DEAD COW (cDc) believe that there are opportunities here for public/private sector synergy. "While we applaud the innovation and drive of the federal law enforcement agency, those of us who are U.S. citizens would be remiss if we did not offer our expertise in this area." said Reid Fleming, a cDc member. The CULT OF THE DEAD COW has more targeted experience than anyone else in this field. We have repeatedly demonstrated our long-term commitment to this technology area with the release of the original Back Orifice in 1998, and its successor, Back Orifice 2000.” Hacking as Warfare

  25. Sun Tzu, ART OF WAR If you know the enemy and know yourself, You need not fear the result of a hundred battles. If you know yourself but not the enemy, For every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, You will succumb in every battle. Hacking as Warfare

  26. What Can You Do? ? Who can or should take action ? ? What can The Government do ? ? What can the Military do ? ? What can You, as an Individual, do ? ? Can ANYONE do ANYTHING at All ? Hacking as Warfare

  27. References • CERT http://www.cert.org/nav/index_main.html • SANS http://www.sans.org • Internet Security Systems http://www.iss.net/search.php • Symantec (Norton) http://securityresponse.symantec.com/ • Security Reference Handbook • McAfee http://www.mcafee.com/ • SecurityFocus http://www.securityfocus.com/ • Internet Engineering Task Force • http://www.ietf.org/rfc/rfc2504.txt?number=2504 Hacking as Warfare

  28. References (cont.) • IDS Discussions • http://msgs.securepoint.com/ids • http://www.ticm.com/kb/faq/idsfaq.html • http://www-rnks.informatik.tu-cottbus.de/~sobirey/ids.html#CISCO • Dorothy Denning, Georgetown Institute for Information Assurance • http://www.nautilus.org/info-policy/workshop/papers/denning.html • Michael Vatis, Institute for Security Studies (Dartmouth) • http://www.ists.dartmouth.edu/ISTS/counterterrorism/cyber_attacks.htm Personal • Russian Space Science Internet: http://www.rssi.ru/rssiak_e.html Hacking as Warfare

More Related