SlideShare ist ein Scribd-Unternehmen logo

Dni nato cyber panel via the intercept

B
BaddddBoyyyy
1 von 3
Downloaden Sie, um offline zu lesen
SECRET//REL TO USA, NATO NIM/Cyber Talking Points 14 September 2011 Subject: (S//REL NATO) NATO Civilian Intelligence Council—Cyber Panel National Input A. Threat Overview (U) (U//FOUO) Thank you for the opportunity to discuss our assessment on the cyber threat to NATO. I would like to start by making a clear distinction between the terms "cyber espionage" and "cyber attack":  Cyber espionage is the theft of information that is being stored or transmitted as digital data.   Cyber attack refers to malicious activity intended to disrupt data networks or deny access to them, to manipulate or corrupt the data on them, or to cause physical damage to infrastructure and equipment connected to them. (S//REL NATO) We believe it is important to maintain a clear distinction between cyber espionage and cyber attacks because the probability of, consequences from and response to the two types of cyber incidents are distinctly different. The vast majority of cyber incidents against NATO networks are cyber espionage, not cyber attacks. (S//REL NATO) We assess that cyber espionage is—and will remain—the principle threat to NATO systems over the next three years. We judge that cyber attacks against NATO networks by most nation states, including Russia and China, are unlikely outside of the context of a diplomatic or military conflict. However, we are concerned that the access that adversaries gain from cyber espionage activities could accelerate the deployment of cyber attacks in the event of such a conflict. B. Specifics (U) B1: Threat Actors (U) (S//REL NATO) Russia poses the greatest cyber threat to NATO computer networks due to its strategic interests, its record of effective cyber collection, and its capability to target and disrupt NATO and member state computer infrastructures. SECRET//REL TO USA, NATO 1
SECRET//REL TO USA, NATO  (S//REL NATO) Russia is a robust, multi-disciplinary cyber actor with proven access and tradecraft which can conduct the full scope of operations, including computer network exploitation, insider-enabled operations, supply-chain operations, and computer network attack.  (S//REL NATO) In addition, Russian nationalist hackers—who previously conducted cyber attacks against Estonian and Georgian networks—could target NATO systems in the event of a military or diplomatic conflict that pitted NATO against Russian interests. (S//REL NATO) China lags behind Russia in terms of sophistication, but the scale and scope of their overall cyber activities and their increasing interest in information associated with NATO and its member states makes them the second most strategic threat to NATO networks.  (S//REL NATO) Beijing has dramatically expanded its cyber espionage operations in the last five years and has conducted network intrusions—probably sponsored by the People’s Liberation Army—against US military and diplomatic organizations.  (S//REL NATO) We judge that China’s concerns over NATO activities on its periphery, including ISAF operations in Afghanistan, almost certainly would make NATO information and networks a target for Chinese cyber espionage. (S//REL NATO) Although “hacktivist” groups such as Anonymous have made headlines recently with their theft of NATO information, the threat posed by such activity is minimal relative to that of nation-states.  (S//REL NATO) One area of concern, however, is the possibility of nation-states using hackers as proxies for their own operations. Difficulties with real-time attribution make it difficult to quickly identify threats, meaning that cyber espionage or cyber attacks can be disguised as cyber-crime or patriotic hacking activity. The example of Russian nationalist hackers targeting Estonia and Georgia serves to underscore this concern. B2: Methods (U) (S//REL NATO) (S//REL NATO) We assess that any unclassified NATO network that is directly connected to the Internet should be considered potentially compromised, creating uncertainty regarding the confidentiality, integrity and continued availability of all data on that network. Spear phishing, although relatively unsophisticated at a technical level, has proved to be an effective intrusion method for many malicious actors. Full implementation of security best practices would help to significantly reduce the threat of cyber espionage against unclassified networks. SECRET//REL TO USA, NATO 2
SECRET//REL TO USA, NATO (S//REL NATO) As former deputy secretary of Defense William Lynn pointed out in a media article, in 2008 classified US military systems were infected with a cyber exploitation tool deployed by a foreign nation state, exemplifying the potential threat to protected military networks. We assess that the most immediate threat to classified NATO networks are insiders working on behalf of third-party nation states and unwitting NATO officers who create vulnerabilities by mishandling classified information systems and data, such as emailing classified NATO information through Internet-connected systems or using an infected thumb drive with classified computers. In addition, the presence of Russian intelligence officers operating in NATO spaces raises the risk of close access penetrations. Without the implementation of more robust security policies, monitoring tools, and training to counter these factors, we assess that any data on classified NATO networks is at potential risk. B3: Other Factors (U) (S//REL NATO) The discussion so far today on the threat actors and the methods they could employ represents the standard methodology for discussing and evaluating potential solutions to cyber security. A threat-based analytical model is useful for understanding the problem, but it only captures part of the picture. (S//REL NATO) An alternative way to think about the defense of NATO's networks is to start by identifying which NATO data or networks would have the most consequences if they were stolen or disrupted, and work from there. Prioritizing the data and networks we need to protect the most would make it easier to map NATO gaps and vulnerabilities to actionable solutions, develop mitigation and response plans, and enable us to better allocate scarce resources. (S//REL NATO) Separately, NATO’s efforts to work with non-Alliance members on cyber security issues are commendable. The Alliance’s ongoing work with the European Union and recent discussions on partnering with India only underscore the point that this is a global issue that affects everyone. We appreciate the Alliance’s efforts to improve its own cyber defenses and look forward to continued work in this area. Prepared by: Jessica Vielhuber NIC/CY – National Intelligence Council [REDACTED] (secure) SECRET//REL TO USA, NATO 3

Empfohlen

Security Solutions for Hyperconnectivity and the Internet of Things
Security Solutions for Hyperconnectivity and the Internet of ThingsSecurity Solutions for Hyperconnectivity and the Internet of Things
Security Solutions for Hyperconnectivity and the Internet of ThingsMaurice Dawson
 
University of Missouri - Saint Louis Cyber Security
University of Missouri - Saint Louis Cyber SecurityUniversity of Missouri - Saint Louis Cyber Security
University of Missouri - Saint Louis Cyber SecurityMaurice Dawson
 
CYBER AWARENESS
CYBER AWARENESSCYBER AWARENESS
CYBER AWARENESSEDUJIE DOMINIC IGHODALO
 
Cyber warfare an architecture for deterrence
Cyber warfare an architecture for deterrenceCyber warfare an architecture for deterrence
Cyber warfare an architecture for deterrenceBikrant Gautam
 
Cyber warfare introduction
Cyber warfare introductionCyber warfare introduction
Cyber warfare introductionjagadeesh katla
 
Cybercrime and data sharing
Cybercrime and data sharingCybercrime and data sharing
Cybercrime and data sharingblogzilla
 
Cyber Security Cooperation
Cyber Security CooperationCyber Security Cooperation
Cyber Security Cooperationসানজিদা ইয়াসমিন
 
Case study 13
Case study 13Case study 13
Case study 13khaled alsaeh
 

Empfohlen

Security Solutions for Hyperconnectivity and the Internet of Things
Security Solutions for Hyperconnectivity and the Internet of ThingsSecurity Solutions for Hyperconnectivity and the Internet of Things
Security Solutions for Hyperconnectivity and the Internet of ThingsMaurice Dawson
 
University of Missouri - Saint Louis Cyber Security
University of Missouri - Saint Louis Cyber SecurityUniversity of Missouri - Saint Louis Cyber Security
University of Missouri - Saint Louis Cyber SecurityMaurice Dawson
 
CYBER AWARENESS
CYBER AWARENESSCYBER AWARENESS
CYBER AWARENESSEDUJIE DOMINIC IGHODALO
 
Cyber warfare an architecture for deterrence
Cyber warfare an architecture for deterrenceCyber warfare an architecture for deterrence
Cyber warfare an architecture for deterrenceBikrant Gautam
 
Cyber warfare introduction
Cyber warfare introductionCyber warfare introduction
Cyber warfare introductionjagadeesh katla
 
Cybercrime and data sharing
Cybercrime and data sharingCybercrime and data sharing
Cybercrime and data sharingblogzilla
 
Cyber Security Cooperation
Cyber Security CooperationCyber Security Cooperation
Cyber Security Cooperationসানজিদা ইয়াসমিন
 
Case study 13
Case study 13Case study 13
Case study 13khaled alsaeh
 
Case study 11
Case study 11Case study 11
Case study 11khaled alsaeh
 
Cyber Terrorism Presentation
Cyber Terrorism PresentationCyber Terrorism Presentation
Cyber Terrorism Presentationmerlyna
 
Cyber Terrorism
Cyber TerrorismCyber Terrorism
Cyber TerrorismSai praveen Seva
 
The National Cyber Security Strategy: Success Through Cooperation
The National Cyber Security Strategy: Success Through CooperationThe National Cyber Security Strategy: Success Through Cooperation
The National Cyber Security Strategy: Success Through CooperationMark Johnson
 
Computers as weapons of war
Computers as weapons of warComputers as weapons of war
Computers as weapons of warMark Johnson
 
Cyberwar and Geopolitics
Cyberwar and GeopoliticsCyberwar and Geopolitics
Cyberwar and Geopoliticstnwac
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorismMaria Parra
 
Cyber Warfare vs. Hacking (in English)
Cyber Warfare vs. Hacking (in English)Cyber Warfare vs. Hacking (in English)
Cyber Warfare vs. Hacking (in English)Digicomp Academy AG
 
Are we ready for Cyberwarfare
Are we ready for CyberwarfareAre we ready for Cyberwarfare
Are we ready for CyberwarfareAurin Sheikh
 
Cyber Civil Defense - Risk Masters - Allan Cytryn
Cyber Civil Defense - Risk Masters - Allan CytrynCyber Civil Defense - Risk Masters - Allan Cytryn
Cyber Civil Defense - Risk Masters - Allan CytrynBoston Global Forum
 
Francesca Bosco, Le nuove sfide della cyber security
Francesca Bosco, Le nuove sfide della cyber securityFrancesca Bosco, Le nuove sfide della cyber security
Francesca Bosco, Le nuove sfide della cyber securityAndrea Rossetti
 
Mike Alcorn presentation
Mike Alcorn presentationMike Alcorn presentation
Mike Alcorn presentationsvito
 
Presentation Undergraduate Project
Presentation Undergraduate ProjectPresentation Undergraduate Project
Presentation Undergraduate ProjectCevdet Basaran
 
Cyber War ( World War 3 )
Cyber War ( World War 3 )Cyber War ( World War 3 )
Cyber War ( World War 3 )Sameer Paradia
 
On How the Darknet and its Access to SCADA is a Threat to National Critical I...
On How the Darknet and its Access to SCADA is a Threat to National Critical I...On How the Darknet and its Access to SCADA is a Threat to National Critical I...
On How the Darknet and its Access to SCADA is a Threat to National Critical I...Matthew Kurnava
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorismHiren Selani
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorismAbhay Vijay
 
Session 3.2 Zahri Hj Yunos
Session 3.2 Zahri Hj YunosSession 3.2 Zahri Hj Yunos
Session 3.2 Zahri Hj YunosCommonwealth Telecommunications Organisation
 
Shubhrat.presentationfor cybercrime.ppt
Shubhrat.presentationfor cybercrime.pptShubhrat.presentationfor cybercrime.ppt
Shubhrat.presentationfor cybercrime.pptShubhrat Mishra
 
Survey_ttronco
Survey_ttroncoSurvey_ttronco
Survey_ttroncoTonya Tronco
 
Us9ag 000288dp
Us9ag 000288dpUs9ag 000288dp
Us9ag 000288dpBaddddBoyyyy
 
Us9af 000667dp
Us9af 000667dpUs9af 000667dp
Us9af 000667dpBaddddBoyyyy
 

Weitere ähnliche Inhalte

Was ist angesagt?

Cyber Terrorism Presentation
Cyber Terrorism PresentationCyber Terrorism Presentation
Cyber Terrorism Presentationmerlyna
 
The National Cyber Security Strategy: Success Through Cooperation
The National Cyber Security Strategy: Success Through CooperationThe National Cyber Security Strategy: Success Through Cooperation
The National Cyber Security Strategy: Success Through CooperationMark Johnson
 
Computers as weapons of war
Computers as weapons of warComputers as weapons of war
Computers as weapons of warMark Johnson
 
Cyberwar and Geopolitics
Cyberwar and GeopoliticsCyberwar and Geopolitics
Cyberwar and Geopoliticstnwac
 
Cyber Warfare vs. Hacking (in English)
Cyber Warfare vs. Hacking (in English)Cyber Warfare vs. Hacking (in English)
Cyber Warfare vs. Hacking (in English)Digicomp Academy AG
 
Are we ready for Cyberwarfare
Are we ready for CyberwarfareAre we ready for Cyberwarfare
Are we ready for CyberwarfareAurin Sheikh
 
Cyber Civil Defense - Risk Masters - Allan Cytryn
Cyber Civil Defense - Risk Masters - Allan CytrynCyber Civil Defense - Risk Masters - Allan Cytryn
Cyber Civil Defense - Risk Masters - Allan CytrynBoston Global Forum
 
Francesca Bosco, Le nuove sfide della cyber security
Francesca Bosco, Le nuove sfide della cyber securityFrancesca Bosco, Le nuove sfide della cyber security
Francesca Bosco, Le nuove sfide della cyber securityAndrea Rossetti
 
Mike Alcorn presentation
Mike Alcorn presentationMike Alcorn presentation
Mike Alcorn presentationsvito
 
Presentation Undergraduate Project
Presentation Undergraduate ProjectPresentation Undergraduate Project
Presentation Undergraduate ProjectCevdet Basaran
 
Cyber War ( World War 3 )
Cyber War ( World War 3 )Cyber War ( World War 3 )
Cyber War ( World War 3 )Sameer Paradia
 
On How the Darknet and its Access to SCADA is a Threat to National Critical I...
On How the Darknet and its Access to SCADA is a Threat to National Critical I...On How the Darknet and its Access to SCADA is a Threat to National Critical I...
On How the Darknet and its Access to SCADA is a Threat to National Critical I...Matthew Kurnava
 
Shubhrat.presentationfor cybercrime.ppt
Shubhrat.presentationfor cybercrime.pptShubhrat.presentationfor cybercrime.ppt
Shubhrat.presentationfor cybercrime.pptShubhrat Mishra
 

Was ist angesagt? (20)

Case study 11
Case study 11Case study 11
Case study 11
 
Cyber Terrorism Presentation
Cyber Terrorism PresentationCyber Terrorism Presentation
Cyber Terrorism Presentation
 
Cyber Terrorism
Cyber TerrorismCyber Terrorism
Cyber Terrorism
 
The National Cyber Security Strategy: Success Through Cooperation
The National Cyber Security Strategy: Success Through CooperationThe National Cyber Security Strategy: Success Through Cooperation
The National Cyber Security Strategy: Success Through Cooperation
 
Computers as weapons of war
Computers as weapons of warComputers as weapons of war
Computers as weapons of war
 
Cyberwar and Geopolitics
Cyberwar and GeopoliticsCyberwar and Geopolitics
Cyberwar and Geopolitics
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorism
 
Cyber Warfare vs. Hacking (in English)
Cyber Warfare vs. Hacking (in English)Cyber Warfare vs. Hacking (in English)
Cyber Warfare vs. Hacking (in English)
 
Are we ready for Cyberwarfare
Are we ready for CyberwarfareAre we ready for Cyberwarfare
Are we ready for Cyberwarfare
 
Cyber Civil Defense - Risk Masters - Allan Cytryn
Cyber Civil Defense - Risk Masters - Allan CytrynCyber Civil Defense - Risk Masters - Allan Cytryn
Cyber Civil Defense - Risk Masters - Allan Cytryn
 
Francesca Bosco, Le nuove sfide della cyber security
Francesca Bosco, Le nuove sfide della cyber securityFrancesca Bosco, Le nuove sfide della cyber security
Francesca Bosco, Le nuove sfide della cyber security
 
Mike Alcorn presentation
Mike Alcorn presentationMike Alcorn presentation
Mike Alcorn presentation
 
Presentation Undergraduate Project
Presentation Undergraduate ProjectPresentation Undergraduate Project
Presentation Undergraduate Project
 
Cyber War ( World War 3 )
Cyber War ( World War 3 )Cyber War ( World War 3 )
Cyber War ( World War 3 )
 
On How the Darknet and its Access to SCADA is a Threat to National Critical I...
On How the Darknet and its Access to SCADA is a Threat to National Critical I...On How the Darknet and its Access to SCADA is a Threat to National Critical I...
On How the Darknet and its Access to SCADA is a Threat to National Critical I...
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorism
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorism
 
Session 3.2 Zahri Hj Yunos
Session 3.2 Zahri Hj YunosSession 3.2 Zahri Hj Yunos
Session 3.2 Zahri Hj Yunos
 
Shubhrat.presentationfor cybercrime.ppt
Shubhrat.presentationfor cybercrime.pptShubhrat.presentationfor cybercrime.ppt
Shubhrat.presentationfor cybercrime.ppt
 
Survey_ttronco
Survey_ttroncoSurvey_ttronco
Survey_ttronco
 

Andere mochten auch

Andere mochten auch (18)

Us9ag 000288dp
Us9ag 000288dpUs9ag 000288dp
Us9ag 000288dp
 
Us9af 000667dp
Us9af 000667dpUs9af 000667dp
Us9af 000667dp
 
Us9af 001075dp
Us9af 001075dpUs9af 001075dp
Us9af 001075dp
 
Us9af 001165dp
Us9af 001165dpUs9af 001165dp
Us9af 001165dp
 
Us9af 000933dp
Us9af 000933dpUs9af 000933dp
Us9af 000933dp
 
Us9af 000635dp
Us9af 000635dpUs9af 000635dp
Us9af 000635dp
 
Us9af 000987dp
Us9af 000987dpUs9af 000987dp
Us9af 000987dp
 
Us9af 000006dp
Us9af 000006dpUs9af 000006dp
Us9af 000006dp
 
Us9af 001010dp
Us9af 001010dpUs9af 001010dp
Us9af 001010dp
 
Us9af 000975dp
Us9af 000975dpUs9af 000975dp
Us9af 000975dp
 
Us9af 000629dp
Us9af 000629dpUs9af 000629dp
Us9af 000629dp
 
Us9af 000953dp
Us9af 000953dpUs9af 000953dp
Us9af 000953dp
 
Us4ag 010005dp
Us4ag 010005dpUs4ag 010005dp
Us4ag 010005dp
 
Us9af 000900dp
Us9af 000900dpUs9af 000900dp
Us9af 000900dp
 
Us9af 000968dp
Us9af 000968dpUs9af 000968dp
Us9af 000968dp
 
Us9ag 000311dp
Us9ag 000311dpUs9ag 000311dp
Us9ag 000311dp
 
Us9af 000943dp
Us9af 000943dpUs9af 000943dp
Us9af 000943dp
 
Pk9ag 001452dp
Pk9ag 001452dpPk9ag 001452dp
Pk9ag 001452dp
 

Ähnlich wie Dni nato cyber panel via the intercept

2016 December -- US, NATO, & The Baltics -- International Security and Cyber[...
2016 December -- US, NATO, & The Baltics -- International Security and Cyber[...2016 December -- US, NATO, & The Baltics -- International Security and Cyber[...
2016 December -- US, NATO, & The Baltics -- International Security and Cyber[...Ethan S. Burger
 
Cyber(in)security: systemic risks and responses
Cyber(in)security: systemic risks and responsesCyber(in)security: systemic risks and responses
Cyber(in)security: systemic risks and responsesblogzilla
 
Systemic cybersecurity risk
Systemic cybersecurity riskSystemic cybersecurity risk
Systemic cybersecurity riskblogzilla
 
Raduenzel_Mark_FinalAssignment_NSEC506_Fall2015
Raduenzel_Mark_FinalAssignment_NSEC506_Fall2015Raduenzel_Mark_FinalAssignment_NSEC506_Fall2015
Raduenzel_Mark_FinalAssignment_NSEC506_Fall2015Mark Raduenzel
 
Raduenzel_Mark_ResearchPaper_NSEC506_Fall2015
Raduenzel_Mark_ResearchPaper_NSEC506_Fall2015Raduenzel_Mark_ResearchPaper_NSEC506_Fall2015
Raduenzel_Mark_ResearchPaper_NSEC506_Fall2015Mark Raduenzel
 
THE PROFESSIONALIZATION OF THE HACKER INDUSTRY
THE PROFESSIONALIZATION OF THE HACKER INDUSTRYTHE PROFESSIONALIZATION OF THE HACKER INDUSTRY
THE PROFESSIONALIZATION OF THE HACKER INDUSTRYijcsit
 
Chapter-2.docx
Chapter-2.docxChapter-2.docx
Chapter-2.docxAmir Khan
 
College of Doctoral StudiesRES-845 Module 2 Problem.docx
College of Doctoral StudiesRES-845 Module 2 Problem.docx College of Doctoral StudiesRES-845 Module 2 Problem.docx
College of Doctoral StudiesRES-845 Module 2 Problem.docxShiraPrater50
 
College of Doctoral StudiesRES-845 Module 2 Problem.docx
College of Doctoral StudiesRES-845 Module 2 Problem.docxCollege of Doctoral StudiesRES-845 Module 2 Problem.docx
College of Doctoral StudiesRES-845 Module 2 Problem.docxadkinspaige22
 
UNDERSTANDING TRAFFIC PATTERNS OF COVID-19 IOC IN HUGE ACADEMIC BACKBONE NETW...
UNDERSTANDING TRAFFIC PATTERNS OF COVID-19 IOC IN HUGE ACADEMIC BACKBONE NETW...UNDERSTANDING TRAFFIC PATTERNS OF COVID-19 IOC IN HUGE ACADEMIC BACKBONE NETW...
UNDERSTANDING TRAFFIC PATTERNS OF COVID-19 IOC IN HUGE ACADEMIC BACKBONE NETW...IJNSA Journal
 
Review DNI WTAs for 2015 and 2016 (see attached). Compare and con.docx
Review DNI WTAs for 2015 and 2016 (see attached). Compare and con.docxReview DNI WTAs for 2015 and 2016 (see attached). Compare and con.docx
Review DNI WTAs for 2015 and 2016 (see attached). Compare and con.docxronak56
 

Ähnlich wie Dni nato cyber panel via the intercept (20)

2016 December -- US, NATO, & The Baltics -- International Security and Cyber[...
2016 December -- US, NATO, & The Baltics -- International Security and Cyber[...2016 December -- US, NATO, & The Baltics -- International Security and Cyber[...
2016 December -- US, NATO, & The Baltics -- International Security and Cyber[...
 
Cyber(in)security: systemic risks and responses
Cyber(in)security: systemic risks and responsesCyber(in)security: systemic risks and responses
Cyber(in)security: systemic risks and responses
 
Systemic cybersecurity risk
Systemic cybersecurity riskSystemic cybersecurity risk
Systemic cybersecurity risk
 
Terrorist Cyber Attacks
Terrorist Cyber AttacksTerrorist Cyber Attacks
Terrorist Cyber Attacks
 
Raduenzel_Mark_FinalAssignment_NSEC506_Fall2015
Raduenzel_Mark_FinalAssignment_NSEC506_Fall2015Raduenzel_Mark_FinalAssignment_NSEC506_Fall2015
Raduenzel_Mark_FinalAssignment_NSEC506_Fall2015
 
China Cyber
China CyberChina Cyber
China Cyber
 
Cyber Influence Operations
Cyber Influence OperationsCyber Influence Operations
Cyber Influence Operations
 
Cyber-what?
Cyber-what?Cyber-what?
Cyber-what?
 
Raduenzel_Mark_ResearchPaper_NSEC506_Fall2015
Raduenzel_Mark_ResearchPaper_NSEC506_Fall2015Raduenzel_Mark_ResearchPaper_NSEC506_Fall2015
Raduenzel_Mark_ResearchPaper_NSEC506_Fall2015
 
114-116
114-116114-116
114-116
 
Honeypots in Cyberwar
Honeypots in CyberwarHoneypots in Cyberwar
Honeypots in Cyberwar
 
THE PROFESSIONALIZATION OF THE HACKER INDUSTRY
THE PROFESSIONALIZATION OF THE HACKER INDUSTRYTHE PROFESSIONALIZATION OF THE HACKER INDUSTRY
THE PROFESSIONALIZATION OF THE HACKER INDUSTRY
 
The Professionalization of the Hacker Industry
The Professionalization of the Hacker IndustryThe Professionalization of the Hacker Industry
The Professionalization of the Hacker Industry
 
Cyberterrorism
CyberterrorismCyberterrorism
Cyberterrorism
 
Chapter-2.docx
Chapter-2.docxChapter-2.docx
Chapter-2.docx
 
YiR2022-External-Final.pdf
YiR2022-External-Final.pdfYiR2022-External-Final.pdf
YiR2022-External-Final.pdf
 
College of Doctoral StudiesRES-845 Module 2 Problem.docx
College of Doctoral StudiesRES-845 Module 2 Problem.docx College of Doctoral StudiesRES-845 Module 2 Problem.docx
College of Doctoral StudiesRES-845 Module 2 Problem.docx
 
College of Doctoral StudiesRES-845 Module 2 Problem.docx
College of Doctoral StudiesRES-845 Module 2 Problem.docxCollege of Doctoral StudiesRES-845 Module 2 Problem.docx
College of Doctoral StudiesRES-845 Module 2 Problem.docx
 
UNDERSTANDING TRAFFIC PATTERNS OF COVID-19 IOC IN HUGE ACADEMIC BACKBONE NETW...
UNDERSTANDING TRAFFIC PATTERNS OF COVID-19 IOC IN HUGE ACADEMIC BACKBONE NETW...UNDERSTANDING TRAFFIC PATTERNS OF COVID-19 IOC IN HUGE ACADEMIC BACKBONE NETW...
UNDERSTANDING TRAFFIC PATTERNS OF COVID-19 IOC IN HUGE ACADEMIC BACKBONE NETW...
 
Review DNI WTAs for 2015 and 2016 (see attached). Compare and con.docx
Review DNI WTAs for 2015 and 2016 (see attached). Compare and con.docxReview DNI WTAs for 2015 and 2016 (see attached). Compare and con.docx
Review DNI WTAs for 2015 and 2016 (see attached). Compare and con.docx
 

Mehr von BaddddBoyyyy

Mehr von BaddddBoyyyy (20)

Us9ag 000659dp
Us9ag 000659dpUs9ag 000659dp
Us9ag 000659dp
 
Us9ag 000533dp
Us9ag 000533dpUs9ag 000533dp
Us9ag 000533dp
 
Us9ag 000310dp
Us9ag 000310dpUs9ag 000310dp
Us9ag 000310dp
 
Us9ag 000292dp
Us9ag 000292dpUs9ag 000292dp
Us9ag 000292dp
 
Us9ag 000290dp
Us9ag 000290dpUs9ag 000290dp
Us9ag 000290dp
 
Us9ag 000284dp
Us9ag 000284dpUs9ag 000284dp
Us9ag 000284dp
 
Us9ag 000238dp
Us9ag 000238dpUs9ag 000238dp
Us9ag 000238dp
 
Us9ag 000175dp
Us9ag 000175dpUs9ag 000175dp
Us9ag 000175dp
 
Us9ag 000070dp
Us9ag 000070dpUs9ag 000070dp
Us9ag 000070dp
 
Us9af 003148dp
Us9af 003148dpUs9af 003148dp
Us9af 003148dp
 
Us9af 001157dp
Us9af 001157dpUs9af 001157dp
Us9af 001157dp
 
Us9af 001154dp
Us9af 001154dpUs9af 001154dp
Us9af 001154dp
 
Us9af 001119dp
Us9af 001119dpUs9af 001119dp
Us9af 001119dp
 
Us9af 001117dp
Us9af 001117dpUs9af 001117dp
Us9af 001117dp
 
Us9af 001103dp
Us9af 001103dpUs9af 001103dp
Us9af 001103dp
 
Us9af 001100dp
Us9af 001100dpUs9af 001100dp
Us9af 001100dp
 
Us9af 001074dp
Us9af 001074dpUs9af 001074dp
Us9af 001074dp
 
Us9af 001045dp
Us9af 001045dpUs9af 001045dp
Us9af 001045dp
 
Us9af 001043dp
Us9af 001043dpUs9af 001043dp
Us9af 001043dp
 
Us9af 001037dp
Us9af 001037dpUs9af 001037dp
Us9af 001037dp
 

Dni nato cyber panel via the intercept

  • 1. SECRET//REL TO USA, NATO NIM/Cyber Talking Points 14 September 2011 Subject: (S//REL NATO) NATO Civilian Intelligence Council—Cyber Panel National Input A. Threat Overview (U) (U//FOUO) Thank you for the opportunity to discuss our assessment on the cyber threat to NATO. I would like to start by making a clear distinction between the terms "cyber espionage" and "cyber attack":  Cyber espionage is the theft of information that is being stored or transmitted as digital data.   Cyber attack refers to malicious activity intended to disrupt data networks or deny access to them, to manipulate or corrupt the data on them, or to cause physical damage to infrastructure and equipment connected to them. (S//REL NATO) We believe it is important to maintain a clear distinction between cyber espionage and cyber attacks because the probability of, consequences from and response to the two types of cyber incidents are distinctly different. The vast majority of cyber incidents against NATO networks are cyber espionage, not cyber attacks. (S//REL NATO) We assess that cyber espionage is—and will remain—the principle threat to NATO systems over the next three years. We judge that cyber attacks against NATO networks by most nation states, including Russia and China, are unlikely outside of the context of a diplomatic or military conflict. However, we are concerned that the access that adversaries gain from cyber espionage activities could accelerate the deployment of cyber attacks in the event of such a conflict. B. Specifics (U) B1: Threat Actors (U) (S//REL NATO) Russia poses the greatest cyber threat to NATO computer networks due to its strategic interests, its record of effective cyber collection, and its capability to target and disrupt NATO and member state computer infrastructures. SECRET//REL TO USA, NATO 1
  • 2. SECRET//REL TO USA, NATO  (S//REL NATO) Russia is a robust, multi-disciplinary cyber actor with proven access and tradecraft which can conduct the full scope of operations, including computer network exploitation, insider-enabled operations, supply-chain operations, and computer network attack.  (S//REL NATO) In addition, Russian nationalist hackers—who previously conducted cyber attacks against Estonian and Georgian networks—could target NATO systems in the event of a military or diplomatic conflict that pitted NATO against Russian interests. (S//REL NATO) China lags behind Russia in terms of sophistication, but the scale and scope of their overall cyber activities and their increasing interest in information associated with NATO and its member states makes them the second most strategic threat to NATO networks.  (S//REL NATO) Beijing has dramatically expanded its cyber espionage operations in the last five years and has conducted network intrusions—probably sponsored by the People’s Liberation Army—against US military and diplomatic organizations.  (S//REL NATO) We judge that China’s concerns over NATO activities on its periphery, including ISAF operations in Afghanistan, almost certainly would make NATO information and networks a target for Chinese cyber espionage. (S//REL NATO) Although “hacktivist” groups such as Anonymous have made headlines recently with their theft of NATO information, the threat posed by such activity is minimal relative to that of nation-states.  (S//REL NATO) One area of concern, however, is the possibility of nation-states using hackers as proxies for their own operations. Difficulties with real-time attribution make it difficult to quickly identify threats, meaning that cyber espionage or cyber attacks can be disguised as cyber-crime or patriotic hacking activity. The example of Russian nationalist hackers targeting Estonia and Georgia serves to underscore this concern. B2: Methods (U) (S//REL NATO) (S//REL NATO) We assess that any unclassified NATO network that is directly connected to the Internet should be considered potentially compromised, creating uncertainty regarding the confidentiality, integrity and continued availability of all data on that network. Spear phishing, although relatively unsophisticated at a technical level, has proved to be an effective intrusion method for many malicious actors. Full implementation of security best practices would help to significantly reduce the threat of cyber espionage against unclassified networks. SECRET//REL TO USA, NATO 2
  • 3. SECRET//REL TO USA, NATO (S//REL NATO) As former deputy secretary of Defense William Lynn pointed out in a media article, in 2008 classified US military systems were infected with a cyber exploitation tool deployed by a foreign nation state, exemplifying the potential threat to protected military networks. We assess that the most immediate threat to classified NATO networks are insiders working on behalf of third-party nation states and unwitting NATO officers who create vulnerabilities by mishandling classified information systems and data, such as emailing classified NATO information through Internet-connected systems or using an infected thumb drive with classified computers. In addition, the presence of Russian intelligence officers operating in NATO spaces raises the risk of close access penetrations. Without the implementation of more robust security policies, monitoring tools, and training to counter these factors, we assess that any data on classified NATO networks is at potential risk. B3: Other Factors (U) (S//REL NATO) The discussion so far today on the threat actors and the methods they could employ represents the standard methodology for discussing and evaluating potential solutions to cyber security. A threat-based analytical model is useful for understanding the problem, but it only captures part of the picture. (S//REL NATO) An alternative way to think about the defense of NATO's networks is to start by identifying which NATO data or networks would have the most consequences if they were stolen or disrupted, and work from there. Prioritizing the data and networks we need to protect the most would make it easier to map NATO gaps and vulnerabilities to actionable solutions, develop mitigation and response plans, and enable us to better allocate scarce resources. (S//REL NATO) Separately, NATO’s efforts to work with non-Alliance members on cyber security issues are commendable. The Alliance’s ongoing work with the European Union and recent discussions on partnering with India only underscore the point that this is a global issue that affects everyone. We appreciate the Alliance’s efforts to improve its own cyber defenses and look forward to continued work in this area. Prepared by: Jessica Vielhuber NIC/CY – National Intelligence Council [REDACTED] (secure) SECRET//REL TO USA, NATO 3