2. BEVAN LANE
Information Security Consultant
Bevan Lane has 17 years of experience as a consultant in information security, firstly with PwC
and then as an independent consultant. He has extensive experience in information security
compliance auditing and implementations, including areas such as Policy development,
Controls implementation, Technical testing, Risk assessment, investigations and training and
has consulted for major organization across the globe
He has the following certifications: CISSP, CCSP CISA, CISM, CGEIT and PECB Certified
ISO27001 LA, LI, ISO 27005 Risk Manager and 27032 Cyber security Manager.
.
Contact Information
+27829283620
bevan@infosecconsulting.co.za
www.infosecconsulting.co.za
linkedin.com/bevan.lane
5. 5
Cyberwar: what is it?
The use of computer technology to disrupt the activities of a state
or organization, especially the deliberate attacking of information
systems for strategic or military purposes.
‘cyberwar is asymmetric, which means it benefits lesser military
powers as much as military goliaths’
6. 6
Types of Cyberwar
Cyberattacks
Cyber espionage
Sabotage
Cyber Deterrence
Reduce national vulnerability
to cyber attacks
Protect critical infrastructure
Minimize damage and
recovery time
12. 12
Cyber Thermo Nuclear War: Who goes first
“So they’re doing it to us. We’re doing it to them. So the danger is that, in a crisis—what we
used to call in the nuclear field a crisis situation, or crisis stability and crisis instability—this is
inherently a crisis—a situation of crisis instability.
We’re in each other’s networks. If something looks like it’s approaching war and if you think
that going after the guy’s computer networks can seriously degrade his command and
control, and therefore you have a one-up in the war that seems on the verge of happening,
then you have an incentive to go first.
And it can be done instantaneously, before the other guy goes first.
‘the same strategies that averted nuclear Armageddon may also work to stave off a
cyberwar’
14. 14
Collateral Damage
Military slang for the deaths of civilians through the use
of weapons which are known in advance to be imprecise
and/or to cause damage across a large area (e.g. cluster bombs).
16. 16
The Antidote
“Anytime you choose to make a cyberweapon, you better make the
antidote at the same time.
For it will be captured, reverse-engineered, and turned against its
creators, their allies, and other bystanders.
Be prepared. Predict it will happen and know how to detect,
prevent, and respond when it come back to haunt you and the rest
of the world.”
Offensive
, where immediate damage or disruption is caused are the main concern.[13]
, which can provide the information needed to make a successful cyberattack or scandal to launch an information warfare.
Traditional espionage is not an act of war, nor is cyber-espionage,[14] and both are generally assumed to be ongoing between major powers. Despite this assumption, some incidents can cause serious tensions between nations, and are often described as "attacks". For example:
• Massive spying by the US on many countries, revealed by Edward Snowden.
• After the NSA's spying on Germany's Chancellor Angela Merkel was revealed, the Chancellor compared the NSA with the Stasi.[15]
• The NSA recording nearly every cell phone conversation in the Bahamas, without the Bahamian government's permission,[16] and similar programmes in Kenya, the Philippines, Mexico and Afghanistan.[17]
• The "Titan Rain" probes of American defence contractors computer systems since 2003.[18]
• The Office of Personnel Management data breach, in the US, widely attributed to China.[19][20]
Computers and satellites that coordinate other activities are vulnerable components of a system and could lead to the disruption of equipment. Compromise of military systems, such as C4ISTAR components that are responsible for orders and communications could lead to their interception or malicious replacement. Power, water, fuel, communications, and transportation infrastructure all may be vulnerable to disruption. According to Clarke, the civilian realm is also at risk, noting that the security breaches have already gone beyond stolen credit card numbers, and that potential targets can also include the electric power grid, trains, or the stock market.[21]
In mid July 2010, security experts discovered a malicious software program called Stuxnet that had infiltrated factory computers and had spread to plants around the world. It is considered "the first attack on critical industrial infrastructure that sits at the foundation of modern economies," notes The New York Times.[22]
Stuxnet, while extremely effective in delaying Iran's nuclear program for the development of nuclear weaponry, came at a high cost. For the first time, it became clear that not only could cyber weapons be defensive but they could be offensive. The large decentralization and scale of cyberspace makes it extremely difficult to direct from a policy perspective. Non-state actors can play as large a part in the cyberwar space as state actors, which leads to dangerous, sometimes disastrous, consequences. Small groups of highly skilled malware developers are able to as effectively impact global politics and cyber warfare as large governmental agencies. A major aspect of this ability lies in the willingness of these groups to share their exploits and developments on the web as a form of arms proliferation. This allows lesser hackers to become more proficient in creating the large scale attacks that once only a small handful were skillful enough to manage. In addition, thriving black markets for these kinds of cyber weapons are buying and selling these cyber capabilities to the highest bidder without regard for consequences.[23]
In computing, a denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to make a machine or network resource unavailable to its intended users. Perpetrators of DoS attacks typically target sites or services hosted on high-profile web servers such as banks, credit card payment gateways, and even root nameservers. DoS attacks may not be limited to computer-based methods, as strategic physical attacks against infrastructure can be just as devastating. For example, cutting undersea communication cables may severely cripple some regions and countries with regards to their information warfare ability.
In June 1983, President Reagan watched the movie War Games, in which a teenager unwittingly hacks the Pentagon, and asked his top general if the scenario was plausible. The general said it was. This set in motion the first presidential directive on computer security.
June 1982
After learning that the Soviet Union planned to steal software from a Canadian company to control its Trans-Siberian Pipeline, the CIA alters the software to cause the pipeline to explode. It is considered the first cyberattack. National security officials in the United States launched one of the world's first cyberattacks on another country: the Soviet Union. U.S. officials heard, through a KGB source named Farewell, that the Soviets intended to buy computer equipment through a front company to operate a gas pipeline. U.S. agents altered the software, which later caused the pipeline to explode.
MARKUS HESS/CLIFFORD STOLL
West German hacker Markus Hess, recruited by the KGB as a US spy, attacks Lawrence Berkley National Labs with the intention of securing US military information. Hess was later discovered by Clifford Stoll, and Stoll's efforts to track and capture Hess were later outlined in the popular book the Cuckoo's Egg. This was one of the first incidents for awareness of cyber conflict problems.
Markus Hess, a German citizen, is best known for his endeavours as a hacker in the late 1980s. Alongside fellow hackers Dirk Brzezinski and Peter Carl, Hess hacked into networks of military and industrial computers based in the United States, Europe and the East Asia, and sold the information to the Soviet KGB for US$54,000. The hacked material included "sensitive semiconductor, satellite, space, and aircraft technologies".
lar Sunrise was a dangerous virus that ran on Solaris, and one of the only known viruses on Solaris. It was active in 1998, created by unknown hackers. This virus had caused millions in damage and had manage to take control of 500+ military computers. This is the one of the only recorded virus for Oracle's OS: Solaris. Its not very well known other than for one incident.
History
Using a computer virus, hackers in 1998 penetrated and took control of over 500 computer systems that belonged to the army, government and private sector of the United States. They also inserted malware into the computers. The whole situation was dubbed "Solar Sunrise" after the popular vulnerabilities in computers that ran on operating systems called SunSolaris. Initially, it was believed that the attacks were planned by operators in Iraq. It was later revealed that the incidents represented the work of two American teenagers from California. After the attacks, the defense department took drastic actions to prevent further incidents of this kind.
June 1982
After learning that the Soviet Union planned to steal software from a Canadian company to control its Trans-Siberian Pipeline, the CIA alters the software to cause the pipeline to explode. It is considered the first cyberattack. National security officials in the United States launched one of the world's first cyberattacks on another country: the Soviet Union. U.S. officials heard, through a KGB source named Farewell, that the Soviets intended to buy computer equipment through a front company to operate a gas pipeline. U.S. agents altered the software, which later caused the pipeline to explode.
MARKUS HESS/CLIFFORD STOLL
West German hacker Markus Hess, recruited by the KGB as a US spy, attacks Lawrence Berkley National Labs with the intention of securing US military information. Hess was later discovered by Clifford Stoll, and Stoll's efforts to track and capture Hess were later outlined in the popular book the Cuckoo's Egg. This was one of the first incidents for awareness of cyber conflict problems.
Markus Hess, a German citizen, is best known for his endeavours as a hacker in the late 1980s. Alongside fellow hackers Dirk Brzezinski and Peter Carl, Hess hacked into networks of military and industrial computers based in the United States, Europe and the East Asia, and sold the information to the Soviet KGB for US$54,000. The hacked material included "sensitive semiconductor, satellite, space, and aircraft technologies".
lar Sunrise was a dangerous virus that ran on Solaris, and one of the only known viruses on Solaris. It was active in 1998, created by unknown hackers. This virus had caused millions in damage and had manage to take control of 500+ military computers. This is the one of the only recorded virus for Oracle's OS: Solaris. Its not very well known other than for one incident.
History
Using a computer virus, hackers in 1998 penetrated and took control of over 500 computer systems that belonged to the army, government and private sector of the United States. They also inserted malware into the computers. The whole situation was dubbed "Solar Sunrise" after the popular vulnerabilities in computers that ran on operating systems called SunSolaris. Initially, it was believed that the attacks were planned by operators in Iraq. It was later revealed that the incidents represented the work of two American teenagers from California. After the attacks, the defense department took drastic actions to prevent further incidents of this kind.
June 1982
After learning that the Soviet Union planned to steal software from a Canadian company to control its Trans-Siberian Pipeline, the CIA alters the software to cause the pipeline to explode. It is considered the first cyberattack. National security officials in the United States launched one of the world's first cyberattacks on another country: the Soviet Union. U.S. officials heard, through a KGB source named Farewell, that the Soviets intended to buy computer equipment through a front company to operate a gas pipeline. U.S. agents altered the software, which later caused the pipeline to explode.
MARKUS HESS/CLIFFORD STOLL
West German hacker Markus Hess, recruited by the KGB as a US spy, attacks Lawrence Berkley National Labs with the intention of securing US military information. Hess was later discovered by Clifford Stoll, and Stoll's efforts to track and capture Hess were later outlined in the popular book the Cuckoo's Egg. This was one of the first incidents for awareness of cyber conflict problems.
Markus Hess, a German citizen, is best known for his endeavours as a hacker in the late 1980s. Alongside fellow hackers Dirk Brzezinski and Peter Carl, Hess hacked into networks of military and industrial computers based in the United States, Europe and the East Asia, and sold the information to the Soviet KGB for US$54,000. The hacked material included "sensitive semiconductor, satellite, space, and aircraft technologies".
lar Sunrise was a dangerous virus that ran on Solaris, and one of the only known viruses on Solaris. It was active in 1998, created by unknown hackers. This virus had caused millions in damage and had manage to take control of 500+ military computers. This is the one of the only recorded virus for Oracle's OS: Solaris. Its not very well known other than for one incident.
History
Using a computer virus, hackers in 1998 penetrated and took control of over 500 computer systems that belonged to the army, government and private sector of the United States. They also inserted malware into the computers. The whole situation was dubbed "Solar Sunrise" after the popular vulnerabilities in computers that ran on operating systems called SunSolaris. Initially, it was believed that the attacks were planned by operators in Iraq. It was later revealed that the incidents represented the work of two American teenagers from California. After the attacks, the defense department took drastic actions to prevent further incidents of this kind.
120 nations
29 countries have formal cyber offensive military or intelligence teams49 countries purchase offensive cyber tools63 countries leverage tools for either foreign or domestic surveillance
The word "collateral" comes from medieval Latin collateralis, from col-, "together with" + lateralis (from latus, later-, "side" ) and is otherwise mainly used as a synonym for "parallel" or "additional" in certain expressions ("collateral veins" run parallel to each other and "collateral security" means additional security to the main obligation in a contract). The first known usage of the term "collateral damage" in this context occurred in a May 1961 article written by T. C. Schelling entitled "DISPERSAL, DETERRENCE, AND DAMAGE".[7]
The U.S. military states the term is used in regards to unintentional or incidental damage to non-combatant casualties and non-combatant property,[1] however, at least one source claims that the term "collateral damage" originated as a euphemism during the Vietnam War and can refer to friendly fire, or the intentional killing of non-combatants and the destruction of their property.[11]
Matthew Rosenquist
Cybersecurity Strategist and Evangelist
Intel Corporation
The message continues to hold true. It is a brave new world where cybersecurity professionals defending civilian organizations will find the challenges to grow quickly as nation-states become more advanced. It is just the nature of things.