Critical Infrastructures

1. Critical Infrastructures CJ416 Unit 7 Seminar Eric Salvador

2. Current Events - Threat • Anonymous Hacker Havittaja Takes Down US Department of Justice Website LEO.gov 4/16/12: A member of the Anonymous hacking group has taken down the website of the US Department of Justice with a Distributed Denial of Service (DDoS) attack. Following a similar attack on the CIA website, which had reportedly been offline for 45 minutes, Brazilian hacker Havittaja launched an assault on the department’s homepage. On Twitter, he claimed responsibility for the DDoS, saying it was done for the “lulz“, which refers to the popular online abbreviation “for laughs“. • The collective targeted the department of justice in January as part of Operation Megaupload, in a retaliatory attack against the US government’s decision to close the popular file-sharing site. Along with the Department of Justice, Anonymous launched a DDoS against the FBI — the largest attack to date. Hacktivists have hit the CIA website twice before. In June 2011, LulzSec, an offshoot of Anonymous, temporarily brought down the agency’s homepage. Hackers affiliated with Anonymous launched a “Tango down” of the CIA site in February 2012, taking it offline for several hours. Five hacktivist member of Anonymous offshoot Lulzsec were arrested in March by law enforcement officials in Europe and the US, who acted on information leaked by the group’s prominent leader, Hextor Xavier Mensegu, called Sabu. LulzSec is allegedly responsible for billions of dollars in damage to governments, international banks and corporations through coordinated cyber-attacks.

3. FBI Warns Smart Meter Hacking May Cost Utility Companies $400 Million A YearThe FBI has seen an increase of smart meter hacks which allow consumers to reduced power bills by 50-75%. Crazy hacking skills are not required and can be accomplished by using a magnet to fake readings or hiring hackers to attack smart meters. The FBI warned the cost of smart meter fraud may cost utility companies $400 million per year. While smart meters going dumb has been called an "urban myth," and some Americans have padlocked their dumb meters to stop smart meters from being installed, others have happily welcomed and hacked smart meters in order to significantly reduce power bills by 50-75%. The FBI warned that hacking smart meters and the resulting fraudulent power bills may end up costing utility companies about $400 million per year. http://www.networkworld.com/community/blog/fbi-warns-smart-meter-hacking-may-cost-utilities-400-million-year?t51hb

4. Unit 7 Project Preview The assignment for this unit requires you to develop a cyber crime Attack Tree for the Adrian Lamo case against The New York Times. Attack tree must be completed in outline format. See Unit 2 Seminar for guidance, or see the sample posted in the docshare.

5. Critical Infrastructure

6. What do we refer to when we say Critical Infrastructure?

7. What is Critical Infrastructure?

8. Which critical infrastructure do you feel is the MOST vulnerable?

9. Which critical infrastructure do you feel requires the least training, planning, and experience?

10. Which critical infrastructure do you feel the government needs to focus most upon securing?

11. What is responsible for what?

12. President’s Directive PDD-63 • (1998) • President Clinton recognized a threat to telecommunications and through the PDD-63, he required that “No Later than 2000, the United States shall have achieved an initial operating capability and no later than May 2003, the United States shall have achieved and shall maintain the ability to protect the nation’s critical infrastructures from intentional acts that would significantly diminish the abilities of : . . .

13. President’s Directive PDD-63 • ... the private sector to ensure the orderly functioning of the economy and the delivery of essential telecommunications, energy, financial and transportation services."

14. (2001) Cyber security grows as a national security interest • The President's Critical Infrastructure Protection Board - with cabinet-level representation and chaired by the Special Advisor to the President for Cyberspace Security within the National Security Council. • (2002) Electronic Government Act

15. Changing the scope of the PDD • 2003, President Bush introduces a National Strategy to Secure Cyberspace that recognized the increased threat of attacks on national information technology infrastructure and established three objectives: • Prevent cyber attacks against America’s critical infrastructures. • Reduce national vulnerability to cyber attacks. • Minimize damage and recovery time from cyber attacks that do occur.

16. Then what? • (December 2003) • Homeland Security Presidential Directive 7 (HSPD-7) creates the Department of Homeland Security as the focal point for the security of cyberspace. • The directive of HSPD7 established a national policy for federal departments and agencies to identify and prioritize United States critical infrastructure and key resources and to protect them from terrorist attacks.

17. So where did we go next? • January 2008: Bush signed HSPD-23 which establishes a National Cyber Security Center within DHS • May 2009: President Obama identified cybersecurity as one of the most serious economic and national security challenges we face as a nation, but one that we as a government or as a country are not adequately prepared to counter. • - Shortly after taking office, the President ordered a thorough review of federal efforts to defend the U.S. information and communications infrastructure and the development of a comprehensive approach to securing America’s digital infrastructure.

18. The Comprehensive National Cybersecurity Initiative • To establish a front line of defense against today’s immediate threats • Creating or enhancing shared situational awareness of network vulnerabilities, threats, and events within the Federal Government • To defend against the full spectrum of threats • Enhancing U.S. counterintelligence capabilities and increasing the security of the supply chain for key information technologies.

19. The Comprehensive National Cybersecurity Initiative • To strengthen the future cybersecurity environment • Expanding cyber education; coordinating and redirecting research and development efforts across the Federal Government; and working to define and develop strategies to deter hostile or malicious activity in cyberspace.

20. What are the initiatives? • Manage the Federal Enterprise Network as a single network enterprise with Trusted Internet Connections • Deploy an instrusion detection systems of sensors across the Federal enterprise • Pursue development of intrusion prevention systems across the Federal enterprise • Coordinate and redirect research and development efforts • Connect current cyber ops centers to enhance situational awareness • Develop and implement a government-wide cyber counterintelligence plan • Increase the security of our classified networks • Expand cyber education • Define and develop enduring “lead-ahead” technology, strategies, and programs. • Define and develop enduring deterrence strategies and programs. • Develop a multi-pronged approach for global supply chain risk management • Define the Federal role for extending cybersecurity into critical infrastructure domains.

21. What has changed since 9/11? Generally speaking, a lot has changed..

22. What has changed since 9/11? http://projects.washingtonpost.com/top-secret-america/articles/a-hidden-world-growing-beyond-control/print/ • Some 1,271 government organizations and 1,931 private companies work on programs related to counterterrorism, homeland security and intelligence in about 10,000 locations across the United States. • An estimated 854,000 people, nearly 1.5 times as many people as live in Washington, D.C., hold top-secret security clearances. • In Washington and the surrounding area, 33 building complexes for top-secret intelligence work are under construction or have been built since September 2001. Together they occupy the equivalent of almost three Pentagons or 22 U.S. Capitol buildings - about 17 million square feet of space.

23. What has changed since 9/11? http://projects.washingtonpost.com/top-secret-america/articles/a-hidden-world-growing-beyond-control/print/ • Many security and intelligence agencies do the same work, creating redundancy and waste. For example, 51 federal organizations and military commands, operating in 15 U.S. cities, track the flow of money to and from terrorist networks. • * Analysts who make sense of documents and conversations obtained by foreign and domestic spying share their judgment by publishing 50,000 intelligence reports each year - a volume so large that many are routinely ignored.

24. What hasn’t changed since 9/11 relative to computers and network security? http://www.informationweek.com/news/security/management/232200029

25. According to the US Government Accountability Office (July 2011 report), despite recent actions taken, a number of significant challenges remain to enhancing the security of cyber-reliant critical infrastructures, such as: • implementing actions recommended by the president’s cybersecurity policy review; • updating the national strategy for securing the information and communications infrastructure; • reassessing DHS’s planning approach to critical infrastructure protection; • strengthening public-private partnerships, particularly for information sharing; • enhancing the national capability for cyber warning and analysis; addressing global aspects of cybersecurity and governance; • and securing the modernized electricity grid, referred to as the “smart grid.” • http://www.gao.gov/search?q=critical+infrastructure

26. Questions?