SlideShare a Scribd company logo

標的型(サイバースパイ)攻撃とソーシャルエンジニアリング, KPMGセミナー

Gohsuke Takama
Gohsuke Takama
TechnologyBusiness
1 of 62
Download to read offline
Gohsuke Takama / , Meta Associates, 2012 2 http://www.slideshare.net/gohsuket
about… ✴ Gohsuke Takama / , Meta Associates http://www.meta-associates.com/ ✴ , IT , ✴ , , ✴ : Black Hat Japan, PacSec ✴ ( , , ) ✴ ( ) ✴ : DHS, NIST, NERC, EPRI, Stanford Research, Sandia , Bell , ISAC Council, John Arquilla(NPS ), Richard Clarke, John Tritak, Paul Kurtz (Good Harbor Consulting) ✴ : , , ✴ : Patch Advisor( ), SecWest (PacSec ) ✴ IT , ( ) ✴ : CodeGate2008 ( ), (2002, 2010), ✴ : http://blog.f-secure.jp/ http://scan.netsecurity.ne.jp/ ✴ Privacy International, London, UK http://www.privacyinternational.org/ ✴ , Gohsuke Takama
Gohsuke Takama
http://www.ipa.go.jp/security/fy23/reports/measures/documents/report20120120.pdf Gohsuke Takama
http://www.ipa.go.jp/security/vuln/newattack.html Gohsuke Takama
11 x 10 = 9 8 7 R 6 5 4 3 2 1 A B C D E F G H I J K Gohsuke Takama
A Attacks Gohsuke Takama
? "Spear Phishing" "Advanced Persistent Threat" APT "Targeted Cyber Espionage" "Adaptive Persistent Attack" APA "Top APT Research of 2011 (That You Probably Haven’t Heard About)" Gohsuke Takama http://blog.trendmicro.com/top-apt-research-of-2011-that-you-probably-havent-heard-about/
? http://paulsparrows.wordpress.com/2011-cyber-attacks-timeline-master-index/ Gohsuke Takama http://paulsparrows.wordpress.com/2012-cyber-attacks-timeline-master-index/
? • , IHI... (2011) • , ... (2011, ID, ?) • JAXA (2011, NASA ?) • ShadyRAT (2011, 14 OperationAurora (2010, Google 70 ), 34 ), Night Dragon (2010, ), GhostNet (2009, 103 ) • RSA / Lockheed Martin (2011, SecurID , Lockheed ) • DigiNotar (2011, Google SSL ) Gohsuke Takama • Stuxnet (2010, )
? RSA SecurID Gohsuke Takama
? Diginotar 2011 9 19 20 Gohsuke Takama
? = (Cyber Espionage) "Targeted Cyber Espionage" "Advanced Persistent Threat" APT "Adaptive Persistent Attack" APA Gohsuke Takama
? / 1 , Gohsuke Takama
? ✴ APT, • = • • : , , • → → → ✴ ( ) • = • Gohsuke Takama • →
? EU $1 Trillion/ = 80 (McAfee 2009 ) EU $3.4 Billion = 2720 (2011,VISA CyberSource ) ¥57.4 ¥19 (2011) https://www.europol.europa.eu/sites/default/files/publications/iocta.pdf Gohsuke Takama http://www.net-security.org/secworld.php?id=12273
? • : OSI Gohsuke Takama
? 7 Psychological , Human Factor 6 Custom (Habit) , 5 Operation 4 Content Intangibles 3 OS/Application 2 Hardware Tangibles 1 Physical Gohsuke Takama
? , APT, Psychological , Phishing ? , ID / , , , Custom XSS, XSRF, CSIRT, PKI, ID, SSL DoS, Spam, , CSIRT , , Operation , , , , , , Content Spam, , IDS OS/ DoS, , , IDS, Application 0day, rootkit, IPS, , OS/ , , Hardware , , , , , , , Physical , Gohsuke Takama
? ✴ (Firewall) •( + ) ✴ •= ( ) ✴ 100% > • ( ?) ✴ PKI = DigiNotar ✴ = Gohsuke Takama •( )
S Social Engineering Gohsuke Takama
: : syoutenn_aguri@aol.jp : ( ) : Photo.zip : : 3 , 7 ( 1 ( ), 10 Gohsuke Takama
Gohsuke Takama
Gohsuke Takama
Gohsuke Takama
90% Gohsuke Takama
10% Gohsuke Takama
90% or 10% Gohsuke Takama
: A28 90% 3:20 : .xls Gohsuke Takama
: A28 10% 3:20 : .xls Gohsuke Takama
Visual Cognition Lab 1999 http://www.youtube.com/watch?v=vJG698U2Mvo Gohsuke Takama
http://ja.wikipedia.org/wiki/ Gohsuke Takama
http://ja.wikipedia.org/wiki/ Gohsuke Takama
http://ja.wikipedia.org/wiki/ Gohsuke Takama
http://ja.wikipedia.org/wiki/ Gohsuke Takama
http://ja.wikipedia.org/wiki/ Gohsuke Takama
( : Turing test) 1950 Computing Machinery and Intelligence [1] http://ja.wikipedia.org/wiki/ Gohsuke Takama
W Who, Why, What Gohsuke Takama
? ? Law, Market, Norms, Architecture Gohsuke Takama
? ? Gohsuke Takama
? ? Gohsuke Takama
? ? Political Power Money Ideology - - - - Gohsuke Takama Technical Control
? ? Political Power Money Ideology : - - - - Gohsuke Takama Technical Control
? ? Political Power APT Money Ideology Lulz : - - - - Gohsuke Takama Technical Control
HUMINT, COMINT→CYBINT? Gohsuke Takama
HUMINT, COMINT→CYBINT? HUMINT: Human Intelligence COMINT: Communications Intelligence (Signals Intelligence) CYBINT*: Cyber Intelligence (Network Intelligence) http://en.wikipedia.org/wiki/Network_intelligence Gohsuke Takama
HUMINT, COMINT→CYBINT? , , , , , • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • , • • • • • • • • • • • • • • • • • Gohsuke Takama
HUMINT, COMINT→CYBINT? , , , , , • NW • NW • •Spam ( ) • • • •IP • • • • • • • • , F/W • •Fax, • USB • • • • • CD-ROM • • • • • • • • • • • • • • • • • • LAN • • • •Fax • • • • • • • • • • • • • • • • • • • • • • • • • • • • • , • • • • Gohsuke Takama
"Stuxnet" HUMINT, CYBINT "Nuclear scientist killed in Tehran was Iran's top Stuxnet expert" Gohsuke Takama http://www.debka.com/article/20406/
"Stuxnet" HUMINT, CYBINT Gohsuke Takama
A x S xW = what to do? Gohsuke Takama
? , , , , , • / • • • • • VPN, • • - • • • / / • • • • • • • • • • •MAC • PR • / • Gohsuke Takama
✴ , ✴ ✴ / ✴ • • -DMZ • - Gohsuke Takama
• • • • • Twitter, Facebook, IRC, Weibo, RenRen • : https://www.recordedfuture.com/ "RQ-170" Jul 30 2006--Mar 14 2012 https://www.recordedfuture.com/rf/s/2z0Cm4 Gohsuke Takama
✴ • = • • = • • • = • Gohsuke Takama •
✴ ) ( ✴ • • • • / Gohsuke Takama
✴ • SSL / TLS ✴ (PGP ) ✴ (Chat, IM, SMS, ) ✴ • Chat, IM, SMS ,VoIP Gohsuke Takama •
Gohsuke Takama
MAC Gohsuke Takama
/ MAC ✴ LAN • LAN • LAN • F/W Gohsuke Takama
✴ PR • • / • Soft Power = 1990 ( Joseph Nye Hard Power ) • http://ja.wikipedia.org/wiki/ • Gohsuke Takama
Gohsuke Takama

Recommended

BCL WhiteSalon "Convergence of Bio X Silicon X Robotics may bring us to the C...
BCL WhiteSalon "Convergence of Bio X Silicon X Robotics may bring us to the C...BCL WhiteSalon "Convergence of Bio X Silicon X Robotics may bring us to the C...
BCL WhiteSalon "Convergence of Bio X Silicon X Robotics may bring us to the C...Gohsuke Takama
 
A perspective for counter strategy against cybercrime and cyber espionage
A perspective for counter strategy against cybercrime and cyber espionageA perspective for counter strategy against cybercrime and cyber espionage
A perspective for counter strategy against cybercrime and cyber espionageGohsuke Takama
 
データプライバシーでのEUとアメリカ...そして日本
データプライバシーでのEUとアメリカ...そして日本データプライバシーでのEUとアメリカ...そして日本
データプライバシーでのEUとアメリカ...そして日本Gohsuke Takama
 
パーソナルデータ保護の課題と国際情勢2013
パーソナルデータ保護の課題と国際情勢2013パーソナルデータ保護の課題と国際情勢2013
パーソナルデータ保護の課題と国際情勢2013Gohsuke Takama
 
サイバー犯罪・サイバースパイ活動とアイデンティティ_11-04-2011
サイバー犯罪・サイバースパイ活動とアイデンティティ_11-04-2011サイバー犯罪・サイバースパイ活動とアイデンティティ_11-04-2011
サイバー犯罪・サイバースパイ活動とアイデンティティ_11-04-2011Gohsuke Takama
 
Privacy is Personal Security, Digital Privacy is Digital Self Defense 11-18-2015
Privacy is Personal Security, Digital Privacy is Digital Self Defense 11-18-2015Privacy is Personal Security, Digital Privacy is Digital Self Defense 11-18-2015
Privacy is Personal Security, Digital Privacy is Digital Self Defense 11-18-2015Gohsuke Takama
 
Hackers and Hacking a brief overview 5-26-2016
Hackers and Hacking a brief overview 5-26-2016Hackers and Hacking a brief overview 5-26-2016
Hackers and Hacking a brief overview 5-26-2016Gohsuke Takama
 
パーソナルデータ保護の課題と国際情勢 2013 - 2014, EU, USA, と日本
パーソナルデータ保護の課題と国際情勢 2013 - 2014, EU, USA, と日本パーソナルデータ保護の課題と国際情勢 2013 - 2014, EU, USA, と日本
パーソナルデータ保護の課題と国際情勢 2013 - 2014, EU, USA, と日本Gohsuke Takama
 

Recommended

BCL WhiteSalon "Convergence of Bio X Silicon X Robotics may bring us to the C...
BCL WhiteSalon "Convergence of Bio X Silicon X Robotics may bring us to the C...BCL WhiteSalon "Convergence of Bio X Silicon X Robotics may bring us to the C...
BCL WhiteSalon "Convergence of Bio X Silicon X Robotics may bring us to the C...Gohsuke Takama
 
A perspective for counter strategy against cybercrime and cyber espionage
A perspective for counter strategy against cybercrime and cyber espionageA perspective for counter strategy against cybercrime and cyber espionage
A perspective for counter strategy against cybercrime and cyber espionageGohsuke Takama
 
データプライバシーでのEUとアメリカ...そして日本
データプライバシーでのEUとアメリカ...そして日本データプライバシーでのEUとアメリカ...そして日本
データプライバシーでのEUとアメリカ...そして日本Gohsuke Takama
 
パーソナルデータ保護の課題と国際情勢2013
パーソナルデータ保護の課題と国際情勢2013パーソナルデータ保護の課題と国際情勢2013
パーソナルデータ保護の課題と国際情勢2013Gohsuke Takama
 
サイバー犯罪・サイバースパイ活動とアイデンティティ_11-04-2011
サイバー犯罪・サイバースパイ活動とアイデンティティ_11-04-2011サイバー犯罪・サイバースパイ活動とアイデンティティ_11-04-2011
サイバー犯罪・サイバースパイ活動とアイデンティティ_11-04-2011Gohsuke Takama
 
Privacy is Personal Security, Digital Privacy is Digital Self Defense 11-18-2015
Privacy is Personal Security, Digital Privacy is Digital Self Defense 11-18-2015Privacy is Personal Security, Digital Privacy is Digital Self Defense 11-18-2015
Privacy is Personal Security, Digital Privacy is Digital Self Defense 11-18-2015Gohsuke Takama
 
Hackers and Hacking a brief overview 5-26-2016
Hackers and Hacking a brief overview 5-26-2016Hackers and Hacking a brief overview 5-26-2016
Hackers and Hacking a brief overview 5-26-2016Gohsuke Takama
 
パーソナルデータ保護の課題と国際情勢 2013 - 2014, EU, USA, と日本
パーソナルデータ保護の課題と国際情勢 2013 - 2014, EU, USA, と日本パーソナルデータ保護の課題と国際情勢 2013 - 2014, EU, USA, と日本
パーソナルデータ保護の課題と国際情勢 2013 - 2014, EU, USA, と日本Gohsuke Takama
 
Workshop「企画書・プレゼン・リリース作成に効く! ネットメディア時代のロジカル文章脳プログラミング術」
Workshop「企画書・プレゼン・リリース作成に効く! ネットメディア時代のロジカル文章脳プログラミング術」Workshop「企画書・プレゼン・リリース作成に効く! ネットメディア時代のロジカル文章脳プログラミング術」
Workshop「企画書・プレゼン・リリース作成に効く! ネットメディア時代のロジカル文章脳プログラミング術」Gohsuke Takama
 
TGC Planning Sheet 1.30
TGC Planning Sheet 1.30TGC Planning Sheet 1.30
TGC Planning Sheet 1.30Gohsuke Takama
 
Startup Weekend Tokyo12 20 2009 Wubble Yoga App1
Startup Weekend Tokyo12 20 2009 Wubble Yoga App1Startup Weekend Tokyo12 20 2009 Wubble Yoga App1
Startup Weekend Tokyo12 20 2009 Wubble Yoga App1Gohsuke Takama
 
Privacy in Digital Society デジタル社会におけるプライバシー
Privacy in Digital Society デジタル社会におけるプライバシーPrivacy in Digital Society デジタル社会におけるプライバシー
Privacy in Digital Society デジタル社会におけるプライバシーGohsuke Takama
 
Data Privacy: Anonymization & Re-Identification
Data Privacy: Anonymization & Re-IdentificationData Privacy: Anonymization & Re-Identification
Data Privacy: Anonymization & Re-IdentificationMike Nowakowski
 
EU-U.S. Privacy Shield: Should You Sign Up?
EU-U.S. Privacy Shield: Should You Sign Up?EU-U.S. Privacy Shield: Should You Sign Up?
EU-U.S. Privacy Shield: Should You Sign Up?Winston & Strawn LLP
 
ARX - a comprehensive tool for anonymizing / de-identifying biomedical data
ARX - a comprehensive tool for anonymizing / de-identifying biomedical dataARX - a comprehensive tool for anonymizing / de-identifying biomedical data
ARX - a comprehensive tool for anonymizing / de-identifying biomedical dataarx-deidentifier
 
An overview of methods for data anonymization
An overview of methods for data anonymizationAn overview of methods for data anonymization
An overview of methods for data anonymizationarx-deidentifier
 
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...Gohsuke Takama
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embeddingZilliz
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxnull - The Open Security Community
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 

More Related Content

Viewers also liked

Workshop「企画書・プレゼン・リリース作成に効く! ネットメディア時代のロジカル文章脳プログラミング術」
Workshop「企画書・プレゼン・リリース作成に効く! ネットメディア時代のロジカル文章脳プログラミング術」Workshop「企画書・プレゼン・リリース作成に効く! ネットメディア時代のロジカル文章脳プログラミング術」
Workshop「企画書・プレゼン・リリース作成に効く! ネットメディア時代のロジカル文章脳プログラミング術」Gohsuke Takama
 
TGC Planning Sheet 1.30
TGC Planning Sheet 1.30TGC Planning Sheet 1.30
TGC Planning Sheet 1.30Gohsuke Takama
 
Startup Weekend Tokyo12 20 2009 Wubble Yoga App1
Startup Weekend Tokyo12 20 2009 Wubble Yoga App1Startup Weekend Tokyo12 20 2009 Wubble Yoga App1
Startup Weekend Tokyo12 20 2009 Wubble Yoga App1Gohsuke Takama
 
Privacy in Digital Society デジタル社会におけるプライバシー
Privacy in Digital Society デジタル社会におけるプライバシーPrivacy in Digital Society デジタル社会におけるプライバシー
Privacy in Digital Society デジタル社会におけるプライバシーGohsuke Takama
 
Data Privacy: Anonymization & Re-Identification
Data Privacy: Anonymization & Re-IdentificationData Privacy: Anonymization & Re-Identification
Data Privacy: Anonymization & Re-IdentificationMike Nowakowski
 
EU-U.S. Privacy Shield: Should You Sign Up?
EU-U.S. Privacy Shield: Should You Sign Up?EU-U.S. Privacy Shield: Should You Sign Up?
EU-U.S. Privacy Shield: Should You Sign Up?Winston & Strawn LLP
 
ARX - a comprehensive tool for anonymizing / de-identifying biomedical data
ARX - a comprehensive tool for anonymizing / de-identifying biomedical dataARX - a comprehensive tool for anonymizing / de-identifying biomedical data
ARX - a comprehensive tool for anonymizing / de-identifying biomedical dataarx-deidentifier
 
An overview of methods for data anonymization
An overview of methods for data anonymizationAn overview of methods for data anonymization
An overview of methods for data anonymizationarx-deidentifier
 
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...Gohsuke Takama
 

Viewers also liked (9)

Workshop「企画書・プレゼン・リリース作成に効く! ネットメディア時代のロジカル文章脳プログラミング術」
Workshop「企画書・プレゼン・リリース作成に効く! ネットメディア時代のロジカル文章脳プログラミング術」Workshop「企画書・プレゼン・リリース作成に効く! ネットメディア時代のロジカル文章脳プログラミング術」
Workshop「企画書・プレゼン・リリース作成に効く! ネットメディア時代のロジカル文章脳プログラミング術」
 
TGC Planning Sheet 1.30
TGC Planning Sheet 1.30TGC Planning Sheet 1.30
TGC Planning Sheet 1.30
 
Startup Weekend Tokyo12 20 2009 Wubble Yoga App1
Startup Weekend Tokyo12 20 2009 Wubble Yoga App1Startup Weekend Tokyo12 20 2009 Wubble Yoga App1
Startup Weekend Tokyo12 20 2009 Wubble Yoga App1
 
Privacy in Digital Society デジタル社会におけるプライバシー
Privacy in Digital Society デジタル社会におけるプライバシーPrivacy in Digital Society デジタル社会におけるプライバシー
Privacy in Digital Society デジタル社会におけるプライバシー
 
Data Privacy: Anonymization & Re-Identification
Data Privacy: Anonymization & Re-IdentificationData Privacy: Anonymization & Re-Identification
Data Privacy: Anonymization & Re-Identification
 
EU-U.S. Privacy Shield: Should You Sign Up?
EU-U.S. Privacy Shield: Should You Sign Up?EU-U.S. Privacy Shield: Should You Sign Up?
EU-U.S. Privacy Shield: Should You Sign Up?
 
ARX - a comprehensive tool for anonymizing / de-identifying biomedical data
ARX - a comprehensive tool for anonymizing / de-identifying biomedical dataARX - a comprehensive tool for anonymizing / de-identifying biomedical data
ARX - a comprehensive tool for anonymizing / de-identifying biomedical data
 
An overview of methods for data anonymization
An overview of methods for data anonymizationAn overview of methods for data anonymization
An overview of methods for data anonymization
 
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
 

Recently uploaded

Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embeddingZilliz
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfSeasiaInfotech2
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesZilliz
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 

Recently uploaded (20)

Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embedding
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdf
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector Databases
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 

標的型(サイバースパイ)攻撃とソーシャルエンジニアリング, KPMGセミナー

  • 1. Gohsuke Takama / , Meta Associates, 2012 2 http://www.slideshare.net/gohsuket
  • 2. about… ✴ Gohsuke Takama / , Meta Associates http://www.meta-associates.com/ ✴ , IT , ✴ , , ✴ : Black Hat Japan, PacSec ✴ ( , , ) ✴ ( ) ✴ : DHS, NIST, NERC, EPRI, Stanford Research, Sandia , Bell , ISAC Council, John Arquilla(NPS ), Richard Clarke, John Tritak, Paul Kurtz (Good Harbor Consulting) ✴ : , , ✴ : Patch Advisor( ), SecWest (PacSec ) ✴ IT , ( ) ✴ : CodeGate2008 ( ), (2002, 2010), ✴ : http://blog.f-secure.jp/ http://scan.netsecurity.ne.jp/ ✴ Privacy International, London, UK http://www.privacyinternational.org/ ✴ , Gohsuke Takama
  • 6. 11 x 10 = 9 8 7 R 6 5 4 3 2 1 A B C D E F G H I J K Gohsuke Takama
  • 7. A Attacks Gohsuke Takama
  • 8. ? "Spear Phishing" "Advanced Persistent Threat" APT "Targeted Cyber Espionage" "Adaptive Persistent Attack" APA "Top APT Research of 2011 (That You Probably Haven’t Heard About)" Gohsuke Takama http://blog.trendmicro.com/top-apt-research-of-2011-that-you-probably-havent-heard-about/
  • 9. ? http://paulsparrows.wordpress.com/2011-cyber-attacks-timeline-master-index/ Gohsuke Takama http://paulsparrows.wordpress.com/2012-cyber-attacks-timeline-master-index/
  • 10. ? • , IHI... (2011) • , ... (2011, ID, ?) • JAXA (2011, NASA ?) • ShadyRAT (2011, 14 OperationAurora (2010, Google 70 ), 34 ), Night Dragon (2010, ), GhostNet (2009, 103 ) • RSA / Lockheed Martin (2011, SecurID , Lockheed ) • DigiNotar (2011, Google SSL ) Gohsuke Takama • Stuxnet (2010, )
  • 11. ? RSA SecurID Gohsuke Takama
  • 12. ? Diginotar 2011 9 19 20 Gohsuke Takama
  • 13. ? = (Cyber Espionage) "Targeted Cyber Espionage" "Advanced Persistent Threat" APT "Adaptive Persistent Attack" APA Gohsuke Takama
  • 14. ? / 1 , Gohsuke Takama
  • 15. ? ✴ APT, • = • • : , , • → → → ✴ ( ) • = • Gohsuke Takama • →
  • 16. ? EU $1 Trillion/ = 80 (McAfee 2009 ) EU $3.4 Billion = 2720 (2011,VISA CyberSource ) ¥57.4 ¥19 (2011) https://www.europol.europa.eu/sites/default/files/publications/iocta.pdf Gohsuke Takama http://www.net-security.org/secworld.php?id=12273
  • 17. ? • : OSI Gohsuke Takama
  • 18. ? 7 Psychological , Human Factor 6 Custom (Habit) , 5 Operation 4 Content Intangibles 3 OS/Application 2 Hardware Tangibles 1 Physical Gohsuke Takama
  • 19. ? , APT, Psychological , Phishing ? , ID / , , , Custom XSS, XSRF, CSIRT, PKI, ID, SSL DoS, Spam, , CSIRT , , Operation , , , , , , Content Spam, , IDS OS/ DoS, , , IDS, Application 0day, rootkit, IPS, , OS/ , , Hardware , , , , , , , Physical , Gohsuke Takama
  • 20. ? ✴ (Firewall) •( + ) ✴ •= ( ) ✴ 100% > • ( ?) ✴ PKI = DigiNotar ✴ = Gohsuke Takama •( )
  • 21. S Social Engineering Gohsuke Takama
  • 22. : : syoutenn_aguri@aol.jp : ( ) : Photo.zip : : 3 , 7 ( 1 ( ), 10 Gohsuke Takama
  • 28. 90% or 10% Gohsuke Takama
  • 29. : A28 90% 3:20 : .xls Gohsuke Takama
  • 30. : A28 10% 3:20 : .xls Gohsuke Takama
  • 31. Visual Cognition Lab 1999 http://www.youtube.com/watch?v=vJG698U2Mvo Gohsuke Takama
  • 37. ( : Turing test) 1950 Computing Machinery and Intelligence [1] http://ja.wikipedia.org/wiki/ Gohsuke Takama
  • 38. W Who, Why, What Gohsuke Takama
  • 39. ? ? Law, Market, Norms, Architecture Gohsuke Takama
  • 40. ? ? Gohsuke Takama
  • 41. ? ? Gohsuke Takama
  • 42. ? ? Political Power Money Ideology - - - - Gohsuke Takama Technical Control
  • 43. ? ? Political Power Money Ideology : - - - - Gohsuke Takama Technical Control
  • 44. ? ? Political Power APT Money Ideology Lulz : - - - - Gohsuke Takama Technical Control
  • 46. HUMINT, COMINT→CYBINT? HUMINT: Human Intelligence COMINT: Communications Intelligence (Signals Intelligence) CYBINT*: Cyber Intelligence (Network Intelligence) http://en.wikipedia.org/wiki/Network_intelligence Gohsuke Takama
  • 47. HUMINT, COMINT→CYBINT? , , , , , • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • , • • • • • • • • • • • • • • • • • Gohsuke Takama
  • 48. HUMINT, COMINT→CYBINT? , , , , , • NW • NW • •Spam ( ) • • • •IP • • • • • • • • , F/W • •Fax, • USB • • • • • CD-ROM • • • • • • • • • • • • • • • • • • LAN • • • •Fax • • • • • • • • • • • • • • • • • • • • • • • • • • • • • , • • • • Gohsuke Takama
  • 49. "Stuxnet" HUMINT, CYBINT "Nuclear scientist killed in Tehran was Iran's top Stuxnet expert" Gohsuke Takama http://www.debka.com/article/20406/
  • 50. "Stuxnet" HUMINT, CYBINT Gohsuke Takama
  • 51. A x S xW = what to do? Gohsuke Takama
  • 52. ? , , , , , • / • • • • • VPN, • • - • • • / / • • • • • • • • • • •MAC • PR • / • Gohsuke Takama
  • 53. , ✴ ✴ / ✴ • • -DMZ • - Gohsuke Takama
  • 54. • • • • Twitter, Facebook, IRC, Weibo, RenRen • : https://www.recordedfuture.com/ "RQ-170" Jul 30 2006--Mar 14 2012 https://www.recordedfuture.com/rf/s/2z0Cm4 Gohsuke Takama
  • 55. • = • • = • • • = • Gohsuke Takama •
  • 56. ) ( ✴ • • • • / Gohsuke Takama
  • 57. • SSL / TLS ✴ (PGP ) ✴ (Chat, IM, SMS, ) ✴ • Chat, IM, SMS ,VoIP Gohsuke Takama •
  • 60. / MAC ✴ LAN • LAN • LAN • F/W Gohsuke Takama
  • 61. PR • • / • Soft Power = 1990 ( Joseph Nye Hard Power ) • http://ja.wikipedia.org/wiki/ • Gohsuke Takama