SlideShare ist ein Scribd-Unternehmen logo

Pukhraj Singh - Keynote - ITWeb Security Summit-2019, Johannesburg, South Africa

P
Pukhraj Singh

My keynote at the ITWeb Security Summit 2019, Johannesburg. Talk audio: http://bit.ly/2WVgMSf.

Technologie
1 von 35
Downloaden Sie, um offline zu lesen
Politics & Power in ‘Cybersecurity’ Pukhraj Singh #PukhrajSingh
Cognitive cyber offence
DecieveDenyDegradeDestroyDisrupt True innovation in ‘cyberwar’ is cognitive OfferRemoveAnalyseAccess Innovations around techniques Innovations around effects Increasing innovation Increasing symmetricity Ref: Dave Aitel
Cognitive cyber offence There are fundamental reasons why most countries focus on passive or kinetic cyber as the ultimate tier of capability—typically the organisations with authority to engage in cyber are the Intelligence Services and the Military. They are institutionally predisposed to collecting data or conducting “deny, disrupt, destroy, degrade” operations to enable and support their forces -- The Grugq
Cognitive cyber offence [The way the US] came to technology defines how we think of it, and the West came to cyberspace through computers and hacking. Other cultures, however, approached cyber differently, primarily from its basic theoretical premise of providing a tool for control of populations -- Richard Danzig
Cognitive cyber offence [Cyber] effects will be produced by the manipulation of software, data, knowledge, and opinion. The objective is not kinetic but cognitive effect, the manipulation of information to change thoughts and behaviours -- James A. Lewis
Cognitive cyber offence On January 24, 2019, The Bulletin of the Atomic Scientists set the doomsday clock to two minutes to midnight The group added: “rather than a cyber Armageddon that causes financial meltdown or nationwide electrical blackouts,” a larger risk is the use of cyber-enabled information warfare that erodes “the trust and cohesion on which civilised societies rely”
Cognitive cyber offence • “…the heart and soul of the Soviet intelligence was subversion. Not intelligence collection, but subversion: active measures” – Oleg Kalugin, KGB • The Smidth-Mundt Act & the US Information Agency • TS Kuhn’s The Structure of Scientific Revolutions & data-driven behavioral modelling
Cyber offence is pure politics
Cyber offence is pure politics The state of threat intelligence
Cyber offence is pure politics • With the right kind of eye, you can see politics in malware code • Offensive toolchains have a political architecture • Cyber attacks have a distinct political signature
Cyber offence is pure politics • Case studies: • Malware code reuse as an expression of political semantics • Exploitation as a technology tree (ref: Dave Aitel)
Code reuse: from opcodes to ontology …we hope that the research community will take cautious advantage of a higher ontological category to describe collaborative frameworks for multiple threat actors …a focus on this ‘multi-tenant’ model of modular malware development…should allow for…an understanding of… the organizational complexities behind clusters of malicious activity that defy simplistic attribution claims -- J. A. Guerrero-Saade/Chronicle
Code reuse: from opcodes to ontology “Your adversary has a boss and a budget” -- The Grugq paraphrasing Phil Venables
Code reuse: from opcodes to ontology 2006: Thomas Dullien ran a “phylogenetic clustering algorithm” on a genus of malware, finding that “although we have ~200 samples, we only have two large families, three small families, two pairs of siblings, & a few isolated samples” 2011: Google acquires Zynamics 2012: Google acquires VirusTotal 2017:
Exploitation as a technology tree Lineage & Mathematics
Exploitation as a technology tree Lineage & Mathematics Operation Aurora -> Barium/Winnti/APT17/Axiom Winnti >>> Hashing subroutine <<< ShadowPad/NetSarang Winnti >>> base64 <<< CCleaner Stage 1 Winnti >>> String obfuscation <<< CCleaner Stage 2 (Sources: Costin Raiu & Intezer)
Cyber offence is pure politics Map the adversarial ecosystem of cyberspace in anthropological detail with the aim of increasing our understanding of our adversaries and our own incentives and methods of operation -- Richard Danzig
Nation state sovereignty in cyberspace is crashing
Power & conflict in meatspace*
Power & conflict in cyberspace
Cyberspace is [a] continuously contested territory in which we can control memory & operating capabilities some of the time but cannot be assured of complete control all of the time or even of any control at any particular time -- Richard Danzig A Contested Territory A contested territory
Possession, ownership & control [of data & assets in cyberspace] do not overlap -- Thomas Dullien AKA Halvar Flake A Contested Territory A contested territory
Ecology professor Philip Greear would challenge his graduate students to catalog all the life in a cubic yard of forest floor. Computer science professor Donald Knuth would challenge his graduate students to catalog everything their computers had done in the last ten seconds -- Dan Geer A Contested Territory A contested territory
[Cyber] offence & defence is the wrong dichotomy: it should be control & non-control -- Dave Aitel, A Contested Territory A contested territory
We will respond…we’ll respond proportionally, and we’ll respond in a place and time and manner that we choose -- President Obama on the Sony Pictures hack A Contested Territory Gone for a toss: causality & proportionality
Enterprise security: dying by a thousand cuts
A Contested Territory Mudge, 2011
A Contested Territory Mudge, 2015
A Contested Territory Why do we need universal threat ontologies & taxonomies? • OpenC2 • ATT&CK • CAPEC • OpenDXL • MITRE CAR • Unfetter • STIX-TAXII • YARA • OpenIoC • IODEF • MISP • VERIS • SCAP • …
A Contested Territory Vendors as foot soldiers Malware used by the U.S. in offensive cyber-operations plays “nice”…”We see guardrails on malware from nations like the U.S.” -- Kevin Mandia, FireEye
From declaratory to escalatory dominance
The declaratory model: 1995-2014 • Dave Aitel labelled Stuxnet as the “announcement of a team” more than anything else, which could take out any factory, any time • The current structures of offence are biased towards declaratory dominance
The escalatory puzzle Look, we’re moving into a new era here where a number of countries have significant capacities…But our goal is not to suddenly, in the cyber arena, duplicate a cycle of escalation that we saw when it comes to other arms races in the past, but rather to start instituting some norms so everybody’s acting responsibly -- Barack Obama, 2016
Questions? Thank you

Empfohlen

Synergy in Joint Cyber Operations - Indian National Defence University & HQ I...
Synergy in Joint Cyber Operations - Indian National Defence University & HQ I...Synergy in Joint Cyber Operations - Indian National Defence University & HQ I...
Synergy in Joint Cyber Operations - Indian National Defence University & HQ I...Pukhraj Singh
 
The death of enterprise security as we know it - Pukhraj Singh - RootConf 2018
The death of enterprise security as we know it - Pukhraj Singh - RootConf 2018The death of enterprise security as we know it - Pukhraj Singh - RootConf 2018
The death of enterprise security as we know it - Pukhraj Singh - RootConf 2018Pukhraj Singh
 
Understanding the 'physics' of cyber-operations - Pukhraj Singh
Understanding the 'physics' of cyber-operations - Pukhraj SinghUnderstanding the 'physics' of cyber-operations - Pukhraj Singh
Understanding the 'physics' of cyber-operations - Pukhraj SinghPukhraj Singh
 
In cyber, the generals should lead from behind - College of Air Warfare - Puk...
In cyber, the generals should lead from behind - College of Air Warfare - Puk...In cyber, the generals should lead from behind - College of Air Warfare - Puk...
In cyber, the generals should lead from behind - College of Air Warfare - Puk...Pukhraj Singh
 
BSides Delhi-2018 Keynote by Pukhraj Singh (Politics & Power in Cybersecurity)
BSides Delhi-2018 Keynote by Pukhraj Singh (Politics & Power in Cybersecurity)BSides Delhi-2018 Keynote by Pukhraj Singh (Politics & Power in Cybersecurity)
BSides Delhi-2018 Keynote by Pukhraj Singh (Politics & Power in Cybersecurity)Pukhraj Singh
 
Cyber Conflicts - Time for Reality Check
Cyber Conflicts - Time for Reality CheckCyber Conflicts - Time for Reality Check
Cyber Conflicts - Time for Reality CheckJarno Limnéll
 
Cyberwarfare and Aggressiveness in Cyberspace
Cyberwarfare and Aggressiveness in CyberspaceCyberwarfare and Aggressiveness in Cyberspace
Cyberwarfare and Aggressiveness in CyberspaceJarno Limnéll
 
Crim cybersecurity_jarno_limnéll
Crim cybersecurity_jarno_limnéllCrim cybersecurity_jarno_limnéll
Crim cybersecurity_jarno_limnéllJarno Limnéll
 

Empfohlen

Synergy in Joint Cyber Operations - Indian National Defence University & HQ I...
Synergy in Joint Cyber Operations - Indian National Defence University & HQ I...Synergy in Joint Cyber Operations - Indian National Defence University & HQ I...
Synergy in Joint Cyber Operations - Indian National Defence University & HQ I...Pukhraj Singh
 
The death of enterprise security as we know it - Pukhraj Singh - RootConf 2018
The death of enterprise security as we know it - Pukhraj Singh - RootConf 2018The death of enterprise security as we know it - Pukhraj Singh - RootConf 2018
The death of enterprise security as we know it - Pukhraj Singh - RootConf 2018Pukhraj Singh
 
Understanding the 'physics' of cyber-operations - Pukhraj Singh
Understanding the 'physics' of cyber-operations - Pukhraj SinghUnderstanding the 'physics' of cyber-operations - Pukhraj Singh
Understanding the 'physics' of cyber-operations - Pukhraj SinghPukhraj Singh
 
In cyber, the generals should lead from behind - College of Air Warfare - Puk...
In cyber, the generals should lead from behind - College of Air Warfare - Puk...In cyber, the generals should lead from behind - College of Air Warfare - Puk...
In cyber, the generals should lead from behind - College of Air Warfare - Puk...Pukhraj Singh
 
BSides Delhi-2018 Keynote by Pukhraj Singh (Politics & Power in Cybersecurity)
BSides Delhi-2018 Keynote by Pukhraj Singh (Politics & Power in Cybersecurity)BSides Delhi-2018 Keynote by Pukhraj Singh (Politics & Power in Cybersecurity)
BSides Delhi-2018 Keynote by Pukhraj Singh (Politics & Power in Cybersecurity)Pukhraj Singh
 
Cyber Conflicts - Time for Reality Check
Cyber Conflicts - Time for Reality CheckCyber Conflicts - Time for Reality Check
Cyber Conflicts - Time for Reality CheckJarno Limnéll
 
Cyberwarfare and Aggressiveness in Cyberspace
Cyberwarfare and Aggressiveness in CyberspaceCyberwarfare and Aggressiveness in Cyberspace
Cyberwarfare and Aggressiveness in CyberspaceJarno Limnéll
 
Crim cybersecurity_jarno_limnéll
Crim cybersecurity_jarno_limnéllCrim cybersecurity_jarno_limnéll
Crim cybersecurity_jarno_limnéllJarno Limnéll
 
Are we ready for Cyberwarfare
Are we ready for CyberwarfareAre we ready for Cyberwarfare
Are we ready for CyberwarfareAurin Sheikh
 
Cyber Warfare vs. Hacking (in English)
Cyber Warfare vs. Hacking (in English)Cyber Warfare vs. Hacking (in English)
Cyber Warfare vs. Hacking (in English)Digicomp Academy AG
 
Cyber Ethics: TechNet Augusta 2015
Cyber Ethics: TechNet Augusta 2015Cyber Ethics: TechNet Augusta 2015
Cyber Ethics: TechNet Augusta 2015AFCEA International
 
Defending Your Base of Operations: How Industrial Control Systems are Being T...
Defending Your Base of Operations: How Industrial Control Systems are Being T...Defending Your Base of Operations: How Industrial Control Systems are Being T...
Defending Your Base of Operations: How Industrial Control Systems are Being T...AFCEA International
 
2019 11 terp_mansonbulletproof_master copy
2019 11 terp_mansonbulletproof_master copy2019 11 terp_mansonbulletproof_master copy
2019 11 terp_mansonbulletproof_master copySara-Jayne Terp
 
Cyber weapons 1632578286
Cyber weapons 1632578286Cyber weapons 1632578286
Cyber weapons 1632578286Udaysharma3
 
Cyberwar and Geopolitics
Cyberwar and GeopoliticsCyberwar and Geopolitics
Cyberwar and Geopoliticstnwac
 
About cyber war
About cyber warAbout cyber war
About cyber wareugenvaleriu
 
Global Partnership Key to Cyber Security
Global Partnership Key to Cyber SecurityGlobal Partnership Key to Cyber Security
Global Partnership Key to Cyber SecurityDominic Karunesudas
 
Is the us engaged in a cyber war
Is the us engaged in a cyber warIs the us engaged in a cyber war
Is the us engaged in a cyber warDavid Willson, Attorney, CISSP, Security +
 
Artificial Intelligence (AI) – Two Paths to ISO Compliance
Artificial Intelligence (AI) – Two Paths to ISO ComplianceArtificial Intelligence (AI) – Two Paths to ISO Compliance
Artificial Intelligence (AI) – Two Paths to ISO CompliancePECB
 
Due Diligence Considerations for Scientists, Commanders, and Politicians As T...
Due Diligence Considerations for Scientists, Commanders, and Politicians As T...Due Diligence Considerations for Scientists, Commanders, and Politicians As T...
Due Diligence Considerations for Scientists, Commanders, and Politicians As T...Dr. Lydia Kostopoulos
 
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...Cyber Security Alliance
 
USSTRATCOM Cyber & Space 2011 Herbert Lin
USSTRATCOM Cyber & Space 2011 Herbert LinUSSTRATCOM Cyber & Space 2011 Herbert Lin
USSTRATCOM Cyber & Space 2011 Herbert LinAFCEA International
 
Information warfare, assurance and security in the energy sectors
Information warfare, assurance and security in the energy sectorsInformation warfare, assurance and security in the energy sectors
Information warfare, assurance and security in the energy sectorsLove Steven
 
No National 'Stand Your Cyberground' Law Please
No National 'Stand Your Cyberground' Law PleaseNo National 'Stand Your Cyberground' Law Please
No National 'Stand Your Cyberground' Law PleaseWilliam McBorrough
 
Why_TG
Why_TGWhy_TG
Why_TGTOP GUN
 
Information warfare and information operations
Information warfare and information operationsInformation warfare and information operations
Information warfare and information operationsClifford Stone
 
2020 09-01 disclosure
2020 09-01 disclosure2020 09-01 disclosure
2020 09-01 disclosureSara-Jayne Terp
 
Cyberwar - Is India Ready
Cyberwar - Is India ReadyCyberwar - Is India Ready
Cyberwar - Is India ReadyDinesh O Bareja
 
Hunting for cyber threats targeting weapon systems
Hunting for cyber threats targeting weapon systemsHunting for cyber threats targeting weapon systems
Hunting for cyber threats targeting weapon systemsFidelis Cybersecurity
 
Models of Escalation and De-escalation in Cyber Conflict
Models of Escalation and De-escalation in Cyber ConflictModels of Escalation and De-escalation in Cyber Conflict
Models of Escalation and De-escalation in Cyber ConflictZsolt Nemeth
 

Weitere ähnliche Inhalte

Was ist angesagt?

Are we ready for Cyberwarfare
Are we ready for CyberwarfareAre we ready for Cyberwarfare
Are we ready for CyberwarfareAurin Sheikh
 
Cyber Warfare vs. Hacking (in English)
Cyber Warfare vs. Hacking (in English)Cyber Warfare vs. Hacking (in English)
Cyber Warfare vs. Hacking (in English)Digicomp Academy AG
 
Cyber Ethics: TechNet Augusta 2015
Cyber Ethics: TechNet Augusta 2015Cyber Ethics: TechNet Augusta 2015
Cyber Ethics: TechNet Augusta 2015AFCEA International
 
Defending Your Base of Operations: How Industrial Control Systems are Being T...
Defending Your Base of Operations: How Industrial Control Systems are Being T...Defending Your Base of Operations: How Industrial Control Systems are Being T...
Defending Your Base of Operations: How Industrial Control Systems are Being T...AFCEA International
 
2019 11 terp_mansonbulletproof_master copy
2019 11 terp_mansonbulletproof_master copy2019 11 terp_mansonbulletproof_master copy
2019 11 terp_mansonbulletproof_master copySara-Jayne Terp
 
Cyber weapons 1632578286
Cyber weapons 1632578286Cyber weapons 1632578286
Cyber weapons 1632578286Udaysharma3
 
Cyberwar and Geopolitics
Cyberwar and GeopoliticsCyberwar and Geopolitics
Cyberwar and Geopoliticstnwac
 
Global Partnership Key to Cyber Security
Global Partnership Key to Cyber SecurityGlobal Partnership Key to Cyber Security
Global Partnership Key to Cyber SecurityDominic Karunesudas
 
Artificial Intelligence (AI) – Two Paths to ISO Compliance
Artificial Intelligence (AI) – Two Paths to ISO ComplianceArtificial Intelligence (AI) – Two Paths to ISO Compliance
Artificial Intelligence (AI) – Two Paths to ISO CompliancePECB
 
Due Diligence Considerations for Scientists, Commanders, and Politicians As T...
Due Diligence Considerations for Scientists, Commanders, and Politicians As T...Due Diligence Considerations for Scientists, Commanders, and Politicians As T...
Due Diligence Considerations for Scientists, Commanders, and Politicians As T...Dr. Lydia Kostopoulos
 
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...Cyber Security Alliance
 
USSTRATCOM Cyber & Space 2011 Herbert Lin
USSTRATCOM Cyber & Space 2011 Herbert LinUSSTRATCOM Cyber & Space 2011 Herbert Lin
USSTRATCOM Cyber & Space 2011 Herbert LinAFCEA International
 
Information warfare, assurance and security in the energy sectors
Information warfare, assurance and security in the energy sectorsInformation warfare, assurance and security in the energy sectors
Information warfare, assurance and security in the energy sectorsLove Steven
 
No National 'Stand Your Cyberground' Law Please
No National 'Stand Your Cyberground' Law PleaseNo National 'Stand Your Cyberground' Law Please
No National 'Stand Your Cyberground' Law PleaseWilliam McBorrough
 
Information warfare and information operations
Information warfare and information operationsInformation warfare and information operations
Information warfare and information operationsClifford Stone
 
Cyberwar - Is India Ready
Cyberwar - Is India ReadyCyberwar - Is India Ready
Cyberwar - Is India ReadyDinesh O Bareja
 

Was ist angesagt? (20)

Are we ready for Cyberwarfare
Are we ready for CyberwarfareAre we ready for Cyberwarfare
Are we ready for Cyberwarfare
 
Cyber Warfare vs. Hacking (in English)
Cyber Warfare vs. Hacking (in English)Cyber Warfare vs. Hacking (in English)
Cyber Warfare vs. Hacking (in English)
 
Cyber Ethics: TechNet Augusta 2015
Cyber Ethics: TechNet Augusta 2015Cyber Ethics: TechNet Augusta 2015
Cyber Ethics: TechNet Augusta 2015
 
Defending Your Base of Operations: How Industrial Control Systems are Being T...
Defending Your Base of Operations: How Industrial Control Systems are Being T...Defending Your Base of Operations: How Industrial Control Systems are Being T...
Defending Your Base of Operations: How Industrial Control Systems are Being T...
 
2019 11 terp_mansonbulletproof_master copy
2019 11 terp_mansonbulletproof_master copy2019 11 terp_mansonbulletproof_master copy
2019 11 terp_mansonbulletproof_master copy
 
Cyber weapons 1632578286
Cyber weapons 1632578286Cyber weapons 1632578286
Cyber weapons 1632578286
 
Cyberwar and Geopolitics
Cyberwar and GeopoliticsCyberwar and Geopolitics
Cyberwar and Geopolitics
 
About cyber war
About cyber warAbout cyber war
About cyber war
 
Global Partnership Key to Cyber Security
Global Partnership Key to Cyber SecurityGlobal Partnership Key to Cyber Security
Global Partnership Key to Cyber Security
 
Is the us engaged in a cyber war
Is the us engaged in a cyber warIs the us engaged in a cyber war
Is the us engaged in a cyber war
 
Artificial Intelligence (AI) – Two Paths to ISO Compliance
Artificial Intelligence (AI) – Two Paths to ISO ComplianceArtificial Intelligence (AI) – Two Paths to ISO Compliance
Artificial Intelligence (AI) – Two Paths to ISO Compliance
 
Due Diligence Considerations for Scientists, Commanders, and Politicians As T...
Due Diligence Considerations for Scientists, Commanders, and Politicians As T...Due Diligence Considerations for Scientists, Commanders, and Politicians As T...
Due Diligence Considerations for Scientists, Commanders, and Politicians As T...
 
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
 
USSTRATCOM Cyber & Space 2011 Herbert Lin
USSTRATCOM Cyber & Space 2011 Herbert LinUSSTRATCOM Cyber & Space 2011 Herbert Lin
USSTRATCOM Cyber & Space 2011 Herbert Lin
 
Information warfare, assurance and security in the energy sectors
Information warfare, assurance and security in the energy sectorsInformation warfare, assurance and security in the energy sectors
Information warfare, assurance and security in the energy sectors
 
No National 'Stand Your Cyberground' Law Please
No National 'Stand Your Cyberground' Law PleaseNo National 'Stand Your Cyberground' Law Please
No National 'Stand Your Cyberground' Law Please
 
Why_TG
Why_TGWhy_TG
Why_TG
 
Information warfare and information operations
Information warfare and information operationsInformation warfare and information operations
Information warfare and information operations
 
2020 09-01 disclosure
2020 09-01 disclosure2020 09-01 disclosure
2020 09-01 disclosure
 
Cyberwar - Is India Ready
Cyberwar - Is India ReadyCyberwar - Is India Ready
Cyberwar - Is India Ready
 

Ähnlich wie Pukhraj Singh - Keynote - ITWeb Security Summit-2019, Johannesburg, South Africa

Hunting for cyber threats targeting weapon systems
Hunting for cyber threats targeting weapon systemsHunting for cyber threats targeting weapon systems
Hunting for cyber threats targeting weapon systemsFidelis Cybersecurity
 
Models of Escalation and De-escalation in Cyber Conflict
Models of Escalation and De-escalation in Cyber ConflictModels of Escalation and De-escalation in Cyber Conflict
Models of Escalation and De-escalation in Cyber ConflictZsolt Nemeth
 
VFAC REVIEW issue12_extract_2016
VFAC REVIEW issue12_extract_2016VFAC REVIEW issue12_extract_2016
VFAC REVIEW issue12_extract_2016Cameron Brown
 
The Information Warfare: how it can affect us
The Information Warfare: how it can affect usThe Information Warfare: how it can affect us
The Information Warfare: how it can affect usLuis Borges Gouveia
 
Cyber Security for Oil and Gas
Cyber Security for Oil and Gas Cyber Security for Oil and Gas
Cyber Security for Oil and Gas mariaidga
 
Cyber(in)security: systemic risks and responses
Cyber(in)security: systemic risks and responsesCyber(in)security: systemic risks and responses
Cyber(in)security: systemic risks and responsesblogzilla
 
Systemic cybersecurity risk
Systemic cybersecurity riskSystemic cybersecurity risk
Systemic cybersecurity riskblogzilla
 
Francesca Bosco, Le nuove sfide della cyber security
Francesca Bosco, Le nuove sfide della cyber securityFrancesca Bosco, Le nuove sfide della cyber security
Francesca Bosco, Le nuove sfide della cyber securityAndrea Rossetti
 
Running head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docx
Running head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docxRunning head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docx
Running head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docxglendar3
 
Running head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docx
Running head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docxRunning head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docx
Running head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docxtodd581
 
The Hacked World Order By Adam Segal
The Hacked World Order By Adam SegalThe Hacked World Order By Adam Segal
The Hacked World Order By Adam SegalLeslie Lee
 
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docxalinainglis
 
Cyber Warfare - Jamie Reece Moore
Cyber Warfare - Jamie Reece MooreCyber Warfare - Jamie Reece Moore
Cyber Warfare - Jamie Reece MooreJamie Moore
 
Artificial Intelligence and Cybersecurity
Artificial Intelligence and CybersecurityArtificial Intelligence and Cybersecurity
Artificial Intelligence and CybersecurityOlivier Busolini
 
AECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and Afraid
AECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and AfraidAECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and Afraid
AECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and AfraidPhil Agcaoili
 
Case studies in cybersecurity strategies
Case studies in cybersecurity strategiesCase studies in cybersecurity strategies
Case studies in cybersecurity strategiesEyesOpen Association
 
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copy
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copyBest_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copy
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copyStephanie McVitty
 

Ähnlich wie Pukhraj Singh - Keynote - ITWeb Security Summit-2019, Johannesburg, South Africa (20)

Hunting for cyber threats targeting weapon systems
Hunting for cyber threats targeting weapon systemsHunting for cyber threats targeting weapon systems
Hunting for cyber threats targeting weapon systems
 
Models of Escalation and De-escalation in Cyber Conflict
Models of Escalation and De-escalation in Cyber ConflictModels of Escalation and De-escalation in Cyber Conflict
Models of Escalation and De-escalation in Cyber Conflict
 
VFAC REVIEW issue12_extract_2016
VFAC REVIEW issue12_extract_2016VFAC REVIEW issue12_extract_2016
VFAC REVIEW issue12_extract_2016
 
The Information Warfare: how it can affect us
The Information Warfare: how it can affect usThe Information Warfare: how it can affect us
The Information Warfare: how it can affect us
 
Cyber Security for Oil and Gas
Cyber Security for Oil and Gas Cyber Security for Oil and Gas
Cyber Security for Oil and Gas
 
Cyber(in)security: systemic risks and responses
Cyber(in)security: systemic risks and responsesCyber(in)security: systemic risks and responses
Cyber(in)security: systemic risks and responses
 
Systemic cybersecurity risk
Systemic cybersecurity riskSystemic cybersecurity risk
Systemic cybersecurity risk
 
Francesca Bosco, Le nuove sfide della cyber security
Francesca Bosco, Le nuove sfide della cyber securityFrancesca Bosco, Le nuove sfide della cyber security
Francesca Bosco, Le nuove sfide della cyber security
 
Running head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docx
Running head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docxRunning head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docx
Running head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docx
 
Running head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docx
Running head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docxRunning head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docx
Running head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docx
 
The Hacked World Order By Adam Segal
The Hacked World Order By Adam SegalThe Hacked World Order By Adam Segal
The Hacked World Order By Adam Segal
 
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
 
C3 Cyber
C3 CyberC3 Cyber
C3 Cyber
 
Malwares
MalwaresMalwares
Malwares
 
Cyber of things 2.0
Cyber of things 2.0Cyber of things 2.0
Cyber of things 2.0
 
Cyber Warfare - Jamie Reece Moore
Cyber Warfare - Jamie Reece MooreCyber Warfare - Jamie Reece Moore
Cyber Warfare - Jamie Reece Moore
 
Artificial Intelligence and Cybersecurity
Artificial Intelligence and CybersecurityArtificial Intelligence and Cybersecurity
Artificial Intelligence and Cybersecurity
 
AECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and Afraid
AECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and AfraidAECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and Afraid
AECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and Afraid
 
Case studies in cybersecurity strategies
Case studies in cybersecurity strategiesCase studies in cybersecurity strategies
Case studies in cybersecurity strategies
 
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copy
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copyBest_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copy
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copy
 

Kürzlich hochgeladen

Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 

Kürzlich hochgeladen (20)

Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 

Pukhraj Singh - Keynote - ITWeb Security Summit-2019, Johannesburg, South Africa

  • 1. Politics & Power in ‘Cybersecurity’ Pukhraj Singh #PukhrajSingh
  • 3. DecieveDenyDegradeDestroyDisrupt True innovation in ‘cyberwar’ is cognitive OfferRemoveAnalyseAccess Innovations around techniques Innovations around effects Increasing innovation Increasing symmetricity Ref: Dave Aitel
  • 4. Cognitive cyber offence There are fundamental reasons why most countries focus on passive or kinetic cyber as the ultimate tier of capability—typically the organisations with authority to engage in cyber are the Intelligence Services and the Military. They are institutionally predisposed to collecting data or conducting “deny, disrupt, destroy, degrade” operations to enable and support their forces -- The Grugq
  • 5. Cognitive cyber offence [The way the US] came to technology defines how we think of it, and the West came to cyberspace through computers and hacking. Other cultures, however, approached cyber differently, primarily from its basic theoretical premise of providing a tool for control of populations -- Richard Danzig
  • 6. Cognitive cyber offence [Cyber] effects will be produced by the manipulation of software, data, knowledge, and opinion. The objective is not kinetic but cognitive effect, the manipulation of information to change thoughts and behaviours -- James A. Lewis
  • 7. Cognitive cyber offence On January 24, 2019, The Bulletin of the Atomic Scientists set the doomsday clock to two minutes to midnight The group added: “rather than a cyber Armageddon that causes financial meltdown or nationwide electrical blackouts,” a larger risk is the use of cyber-enabled information warfare that erodes “the trust and cohesion on which civilised societies rely”
  • 8. Cognitive cyber offence • “…the heart and soul of the Soviet intelligence was subversion. Not intelligence collection, but subversion: active measures” – Oleg Kalugin, KGB • The Smidth-Mundt Act & the US Information Agency • TS Kuhn’s The Structure of Scientific Revolutions & data-driven behavioral modelling
  • 9. Cyber offence is pure politics
  • 10. Cyber offence is pure politics The state of threat intelligence
  • 11. Cyber offence is pure politics • With the right kind of eye, you can see politics in malware code • Offensive toolchains have a political architecture • Cyber attacks have a distinct political signature
  • 12. Cyber offence is pure politics • Case studies: • Malware code reuse as an expression of political semantics • Exploitation as a technology tree (ref: Dave Aitel)
  • 13. Code reuse: from opcodes to ontology …we hope that the research community will take cautious advantage of a higher ontological category to describe collaborative frameworks for multiple threat actors …a focus on this ‘multi-tenant’ model of modular malware development…should allow for…an understanding of… the organizational complexities behind clusters of malicious activity that defy simplistic attribution claims -- J. A. Guerrero-Saade/Chronicle
  • 14. Code reuse: from opcodes to ontology “Your adversary has a boss and a budget” -- The Grugq paraphrasing Phil Venables
  • 15. Code reuse: from opcodes to ontology 2006: Thomas Dullien ran a “phylogenetic clustering algorithm” on a genus of malware, finding that “although we have ~200 samples, we only have two large families, three small families, two pairs of siblings, & a few isolated samples” 2011: Google acquires Zynamics 2012: Google acquires VirusTotal 2017:
  • 16. Exploitation as a technology tree Lineage & Mathematics
  • 17. Exploitation as a technology tree Lineage & Mathematics Operation Aurora -> Barium/Winnti/APT17/Axiom Winnti >>> Hashing subroutine <<< ShadowPad/NetSarang Winnti >>> base64 <<< CCleaner Stage 1 Winnti >>> String obfuscation <<< CCleaner Stage 2 (Sources: Costin Raiu & Intezer)
  • 18. Cyber offence is pure politics Map the adversarial ecosystem of cyberspace in anthropological detail with the aim of increasing our understanding of our adversaries and our own incentives and methods of operation -- Richard Danzig
  • 19. Nation state sovereignty in cyberspace is crashing
  • 20. Power & conflict in meatspace*
  • 21. Power & conflict in cyberspace
  • 22. Cyberspace is [a] continuously contested territory in which we can control memory & operating capabilities some of the time but cannot be assured of complete control all of the time or even of any control at any particular time -- Richard Danzig A Contested Territory A contested territory
  • 23. Possession, ownership & control [of data & assets in cyberspace] do not overlap -- Thomas Dullien AKA Halvar Flake A Contested Territory A contested territory
  • 24. Ecology professor Philip Greear would challenge his graduate students to catalog all the life in a cubic yard of forest floor. Computer science professor Donald Knuth would challenge his graduate students to catalog everything their computers had done in the last ten seconds -- Dan Geer A Contested Territory A contested territory
  • 25. [Cyber] offence & defence is the wrong dichotomy: it should be control & non-control -- Dave Aitel, A Contested Territory A contested territory
  • 26. We will respond…we’ll respond proportionally, and we’ll respond in a place and time and manner that we choose -- President Obama on the Sony Pictures hack A Contested Territory Gone for a toss: causality & proportionality
  • 27. Enterprise security: dying by a thousand cuts
  • 30. A Contested Territory Why do we need universal threat ontologies & taxonomies? • OpenC2 • ATT&CK • CAPEC • OpenDXL • MITRE CAR • Unfetter • STIX-TAXII • YARA • OpenIoC • IODEF • MISP • VERIS • SCAP • …
  • 31. A Contested Territory Vendors as foot soldiers Malware used by the U.S. in offensive cyber-operations plays “nice”…”We see guardrails on malware from nations like the U.S.” -- Kevin Mandia, FireEye
  • 32. From declaratory to escalatory dominance
  • 33. The declaratory model: 1995-2014 • Dave Aitel labelled Stuxnet as the “announcement of a team” more than anything else, which could take out any factory, any time • The current structures of offence are biased towards declaratory dominance
  • 34. The escalatory puzzle Look, we’re moving into a new era here where a number of countries have significant capacities…But our goal is not to suddenly, in the cyber arena, duplicate a cycle of escalation that we saw when it comes to other arms races in the past, but rather to start instituting some norms so everybody’s acting responsibly -- Barack Obama, 2016