Collateral Damage: Cyberwar and its affect on organisations
•
1 gefällt mir•1,752 views
This presentation has been delivered by Bevan Lane at the PECB Insights Conference 2017.
Empfohlen
Empfohlen
Weitere ähnliche Inhalte
Was ist angesagt?
Was ist angesagt? (20)
Andere mochten auch
Ähnlich wie Collateral Damage: Cyberwar and its affect on organisations
Ähnlich wie Collateral Damage: Cyberwar and its affect on organisations (20)
Mehr von PECB
Mehr von PECB (20)
Kürzlich hochgeladen
Kürzlich hochgeladen (20)
Collateral Damage: Cyberwar and its affect on organisations
- 1. Standards, Security, and Audit Collateral Damage: Cyberwar and its affect on organisations
- 2. BEVAN LANE Information Security Consultant Bevan Lane has 17 years of experience as a consultant in information security, firstly with PwC and then as an independent consultant. He has extensive experience in information security compliance auditing and implementations, including areas such as Policy development, Controls implementation, Technical testing, Risk assessment, investigations and training and has consulted for major organization across the globe He has the following certifications: CISSP, CCSP CISA, CISM, CGEIT and PECB Certified ISO27001 LA, LI, ISO 27005 Risk Manager and 27032 Cyber security Manager. . Contact Information +27829283620 bevan@infosecconsulting.co.za www.infosecconsulting.co.za linkedin.com/bevan.lane
- 3. 3 Cyberwar: Collateral Damage Contents 1. Cyberwar. What exactly is it? 2. The History of Cyberwar 3. Civil War 4. Collateral Damage 5. What does this mean?
- 5. 5 Cyberwar: what is it? The use of computer technology to disrupt the activities of a state or organization, especially the deliberate attacking of information systems for strategic or military purposes. ‘cyberwar is asymmetric, which means it benefits lesser military powers as much as military goliaths’
- 6. 6 Types of Cyberwar Cyberattacks Cyber espionage Sabotage Cyber Deterrence Reduce national vulnerability to cyber attacks Protect critical infrastructure Minimize damage and recovery time
- 7. 7 The History of Cyberwar
- 8. 8 1980’s/1990’s 1982 1985 1998 1999
- 9. 9 The Noughties 2003 2007 2008 2009
- 10. 10 2010 to now… 2010 2010 2012 2014
- 11. 11 Who has the capability?
- 12. 12 Cyber Thermo Nuclear War: Who goes first “So they’re doing it to us. We’re doing it to them. So the danger is that, in a crisis—what we used to call in the nuclear field a crisis situation, or crisis stability and crisis instability—this is inherently a crisis—a situation of crisis instability. We’re in each other’s networks. If something looks like it’s approaching war and if you think that going after the guy’s computer networks can seriously degrade his command and control, and therefore you have a one-up in the war that seems on the verge of happening, then you have an incentive to go first. And it can be done instantaneously, before the other guy goes first. ‘the same strategies that averted nuclear Armageddon may also work to stave off a cyberwar’
- 14. 14 Collateral Damage Military slang for the deaths of civilians through the use of weapons which are known in advance to be imprecise and/or to cause damage across a large area (e.g. cluster bombs).
- 16. 16 The Antidote “Anytime you choose to make a cyberweapon, you better make the antidote at the same time. For it will be captured, reverse-engineered, and turned against its creators, their allies, and other bystanders. Be prepared. Predict it will happen and know how to detect, prevent, and respond when it come back to haunt you and the rest of the world.”
- 17. 17 Collateral Cyber Damage: Indirect Effects
- 18. 18 Collateral Cyber Damage: Direct Effects
- 19. 19 What does this mean?
- 20. 20 Tactics we need to consider
- 21. 21 In Conclusion
- 22. 22 Post Scriptum: NSA/Russian Jokes
Hinweis der Redaktion
- Offensive , where immediate damage or disruption is caused are the main concern.[13] , which can provide the information needed to make a successful cyberattack or scandal to launch an information warfare. Traditional espionage is not an act of war, nor is cyber-espionage,[14] and both are generally assumed to be ongoing between major powers. Despite this assumption, some incidents can cause serious tensions between nations, and are often described as "attacks". For example: • Massive spying by the US on many countries, revealed by Edward Snowden. • After the NSA's spying on Germany's Chancellor Angela Merkel was revealed, the Chancellor compared the NSA with the Stasi.[15] • The NSA recording nearly every cell phone conversation in the Bahamas, without the Bahamian government's permission,[16] and similar programmes in Kenya, the Philippines, Mexico and Afghanistan.[17] • The "Titan Rain" probes of American defence contractors computer systems since 2003.[18] • The Office of Personnel Management data breach, in the US, widely attributed to China.[19][20] Computers and satellites that coordinate other activities are vulnerable components of a system and could lead to the disruption of equipment. Compromise of military systems, such as C4ISTAR components that are responsible for orders and communications could lead to their interception or malicious replacement. Power, water, fuel, communications, and transportation infrastructure all may be vulnerable to disruption. According to Clarke, the civilian realm is also at risk, noting that the security breaches have already gone beyond stolen credit card numbers, and that potential targets can also include the electric power grid, trains, or the stock market.[21] In mid July 2010, security experts discovered a malicious software program called Stuxnet that had infiltrated factory computers and had spread to plants around the world. It is considered "the first attack on critical industrial infrastructure that sits at the foundation of modern economies," notes The New York Times.[22] Stuxnet, while extremely effective in delaying Iran's nuclear program for the development of nuclear weaponry, came at a high cost. For the first time, it became clear that not only could cyber weapons be defensive but they could be offensive. The large decentralization and scale of cyberspace makes it extremely difficult to direct from a policy perspective. Non-state actors can play as large a part in the cyberwar space as state actors, which leads to dangerous, sometimes disastrous, consequences. Small groups of highly skilled malware developers are able to as effectively impact global politics and cyber warfare as large governmental agencies. A major aspect of this ability lies in the willingness of these groups to share their exploits and developments on the web as a form of arms proliferation. This allows lesser hackers to become more proficient in creating the large scale attacks that once only a small handful were skillful enough to manage. In addition, thriving black markets for these kinds of cyber weapons are buying and selling these cyber capabilities to the highest bidder without regard for consequences.[23] In computing, a denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to make a machine or network resource unavailable to its intended users. Perpetrators of DoS attacks typically target sites or services hosted on high-profile web servers such as banks, credit card payment gateways, and even root nameservers. DoS attacks may not be limited to computer-based methods, as strategic physical attacks against infrastructure can be just as devastating. For example, cutting undersea communication cables may severely cripple some regions and countries with regards to their information warfare ability.
- In June 1983, President Reagan watched the movie War Games, in which a teenager unwittingly hacks the Pentagon, and asked his top general if the scenario was plausible. The general said it was. This set in motion the first presidential directive on computer security.
- June 1982 After learning that the Soviet Union planned to steal software from a Canadian company to control its Trans-Siberian Pipeline, the CIA alters the software to cause the pipeline to explode. It is considered the first cyberattack. National security officials in the United States launched one of the world's first cyberattacks on another country: the Soviet Union. U.S. officials heard, through a KGB source named Farewell, that the Soviets intended to buy computer equipment through a front company to operate a gas pipeline. U.S. agents altered the software, which later caused the pipeline to explode. MARKUS HESS/CLIFFORD STOLL West German hacker Markus Hess, recruited by the KGB as a US spy, attacks Lawrence Berkley National Labs with the intention of securing US military information. Hess was later discovered by Clifford Stoll, and Stoll's efforts to track and capture Hess were later outlined in the popular book the Cuckoo's Egg. This was one of the first incidents for awareness of cyber conflict problems. Markus Hess, a German citizen, is best known for his endeavours as a hacker in the late 1980s. Alongside fellow hackers Dirk Brzezinski and Peter Carl, Hess hacked into networks of military and industrial computers based in the United States, Europe and the East Asia, and sold the information to the Soviet KGB for US$54,000. The hacked material included "sensitive semiconductor, satellite, space, and aircraft technologies". lar Sunrise was a dangerous virus that ran on Solaris, and one of the only known viruses on Solaris. It was active in 1998, created by unknown hackers. This virus had caused millions in damage and had manage to take control of 500+ military computers. This is the one of the only recorded virus for Oracle's OS: Solaris. Its not very well known other than for one incident. History Using a computer virus, hackers in 1998 penetrated and took control of over 500 computer systems that belonged to the army, government and private sector of the United States. They also inserted malware into the computers. The whole situation was dubbed "Solar Sunrise" after the popular vulnerabilities in computers that ran on operating systems called SunSolaris. Initially, it was believed that the attacks were planned by operators in Iraq. It was later revealed that the incidents represented the work of two American teenagers from California. After the attacks, the defense department took drastic actions to prevent further incidents of this kind.
- June 1982 After learning that the Soviet Union planned to steal software from a Canadian company to control its Trans-Siberian Pipeline, the CIA alters the software to cause the pipeline to explode. It is considered the first cyberattack. National security officials in the United States launched one of the world's first cyberattacks on another country: the Soviet Union. U.S. officials heard, through a KGB source named Farewell, that the Soviets intended to buy computer equipment through a front company to operate a gas pipeline. U.S. agents altered the software, which later caused the pipeline to explode. MARKUS HESS/CLIFFORD STOLL West German hacker Markus Hess, recruited by the KGB as a US spy, attacks Lawrence Berkley National Labs with the intention of securing US military information. Hess was later discovered by Clifford Stoll, and Stoll's efforts to track and capture Hess were later outlined in the popular book the Cuckoo's Egg. This was one of the first incidents for awareness of cyber conflict problems. Markus Hess, a German citizen, is best known for his endeavours as a hacker in the late 1980s. Alongside fellow hackers Dirk Brzezinski and Peter Carl, Hess hacked into networks of military and industrial computers based in the United States, Europe and the East Asia, and sold the information to the Soviet KGB for US$54,000. The hacked material included "sensitive semiconductor, satellite, space, and aircraft technologies". lar Sunrise was a dangerous virus that ran on Solaris, and one of the only known viruses on Solaris. It was active in 1998, created by unknown hackers. This virus had caused millions in damage and had manage to take control of 500+ military computers. This is the one of the only recorded virus for Oracle's OS: Solaris. Its not very well known other than for one incident. History Using a computer virus, hackers in 1998 penetrated and took control of over 500 computer systems that belonged to the army, government and private sector of the United States. They also inserted malware into the computers. The whole situation was dubbed "Solar Sunrise" after the popular vulnerabilities in computers that ran on operating systems called SunSolaris. Initially, it was believed that the attacks were planned by operators in Iraq. It was later revealed that the incidents represented the work of two American teenagers from California. After the attacks, the defense department took drastic actions to prevent further incidents of this kind.
- June 1982 After learning that the Soviet Union planned to steal software from a Canadian company to control its Trans-Siberian Pipeline, the CIA alters the software to cause the pipeline to explode. It is considered the first cyberattack. National security officials in the United States launched one of the world's first cyberattacks on another country: the Soviet Union. U.S. officials heard, through a KGB source named Farewell, that the Soviets intended to buy computer equipment through a front company to operate a gas pipeline. U.S. agents altered the software, which later caused the pipeline to explode. MARKUS HESS/CLIFFORD STOLL West German hacker Markus Hess, recruited by the KGB as a US spy, attacks Lawrence Berkley National Labs with the intention of securing US military information. Hess was later discovered by Clifford Stoll, and Stoll's efforts to track and capture Hess were later outlined in the popular book the Cuckoo's Egg. This was one of the first incidents for awareness of cyber conflict problems. Markus Hess, a German citizen, is best known for his endeavours as a hacker in the late 1980s. Alongside fellow hackers Dirk Brzezinski and Peter Carl, Hess hacked into networks of military and industrial computers based in the United States, Europe and the East Asia, and sold the information to the Soviet KGB for US$54,000. The hacked material included "sensitive semiconductor, satellite, space, and aircraft technologies". lar Sunrise was a dangerous virus that ran on Solaris, and one of the only known viruses on Solaris. It was active in 1998, created by unknown hackers. This virus had caused millions in damage and had manage to take control of 500+ military computers. This is the one of the only recorded virus for Oracle's OS: Solaris. Its not very well known other than for one incident. History Using a computer virus, hackers in 1998 penetrated and took control of over 500 computer systems that belonged to the army, government and private sector of the United States. They also inserted malware into the computers. The whole situation was dubbed "Solar Sunrise" after the popular vulnerabilities in computers that ran on operating systems called SunSolaris. Initially, it was believed that the attacks were planned by operators in Iraq. It was later revealed that the incidents represented the work of two American teenagers from California. After the attacks, the defense department took drastic actions to prevent further incidents of this kind.
- 120 nations 29 countries have formal cyber offensive military or intelligence teams 49 countries purchase offensive cyber tools 63 countries leverage tools for either foreign or domestic surveillance
- The word "collateral" comes from medieval Latin collateralis, from col-, "together with" + lateralis (from latus, later-, "side" ) and is otherwise mainly used as a synonym for "parallel" or "additional" in certain expressions ("collateral veins" run parallel to each other and "collateral security" means additional security to the main obligation in a contract). The first known usage of the term "collateral damage" in this context occurred in a May 1961 article written by T. C. Schelling entitled "DISPERSAL, DETERRENCE, AND DAMAGE".[7] The U.S. military states the term is used in regards to unintentional or incidental damage to non-combatant casualties and non-combatant property,[1] however, at least one source claims that the term "collateral damage" originated as a euphemism during the Vietnam War and can refer to friendly fire, or the intentional killing of non-combatants and the destruction of their property.[11]
- Matthew Rosenquist Cybersecurity Strategist and Evangelist Intel Corporation The message continues to hold true. It is a brave new world where cybersecurity professionals defending civilian organizations will find the challenges to grow quickly as nation-states become more advanced. It is just the nature of things.