DOCSLIB.ORG

Hacktivism and the Government of British Columbia

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

Hacktivism and the Government of British Columbia Prepared by: Morgan Beach Client: Information Security Branch, Office of the Chief Information Officer, Government of British Columbia School of Public Administration University of Victoria 2012 Disclaimer Although intended for an academic and professional audience, there are instances within this report where explicit language is used. The inclusion of this language is not gratuitous, and is meant to accurately reflect the realities of hacktivist culture. It is by no means the intent of the author to offend any readers, and the use of any explicit language is used simply to provide context to this report’s discussion. Hacktivism and the Government of British Columbia i Acknowledgements I would firstly like to extend a gracious thank you to Stu Hackett, without whom I would not have had the opportunity to write this report. His support over the last several months has been incredible. I would also like to thank Dr. James MacGregor and Dr. Henry Lee. Their encouragement, guidance, and expertise throughout the writing of this report has been beyond words, and I am truly grateful. Hacktivism and the Government of British Columbia ii Executive Summary Objective The British Columbia (BC) government’s Information Security Branch (ISB) is responsible for establishing information security governance in BC, implementing information security policies for the Province, and promoting security awareness amongst the Province’s employees. As such, the ISB has an interest in reviewing the information security environment for emerging threats. One such potential threat is hacktivism, which has become increasingly prominent over the last few years. As a proactive measure, the purpose of this report is to analyse current trends within hacktivism and assess the likelihood that the BC government may be an attractive target for hacktivists. The key research question for this report is: in consideration of current trends within hacktivism, to what extent may hacktivists consider the Government of BC an attractive target? Methodology In order to achieve the objectives of this report, the environmental scan methodology was used. The environmental scan methodology is a useful tool for improving organizational knowledge, and operates as an early warning system for potential threats that may exists in the external environment. For the purposes of this report, the environmental scan approach provides an effective method for reviewing and analyzing hacktivist threats to the BC government that may exist. A range of data sources were used throughout the development of this report. Sources included academic journal articles, books, online magazines and news articles, blogs, government websites, and information made available by information security practitioners. Key Findings Because of the confrontational tactics that hacktivist use, coupled with the ambiguity about what hacktivism denotes, there is a great deal of disagreement amongst academics and security practitioners about what in fact constitutes a hacktivist attack. For the purposes of this report, hacktivism may be understood as the act of committing a cyber attack for the purpose of protesting, or drawing attention to, a social or political issue; without the intent to obtain financial benefit or grievously harm the target. There are a number of groups today that are quite prominent within hacktivism, as defined by this report. These groups include the Anonymous collective, LulzSec, AntiSec, TeamPoison, and the People’s Liberation Front. Of these groups, the Anonymous collective is perhaps the most public and well-known. Some of the tactics used by these groups to commit cyber attacks may include website defacements, website redirects, distributed-denial-of-service (DDoS) attacks, and unauthorized data releases. Techniques to carry out these attacks include brute force attacks, SQL, pronounced sequel, and cross-site scripting (XSS) injections, and the use of programs to automate DDoS attacks. Interestingly, there is a great deal of uncertainty about whether or not Hacktivism and the Government of British Columbia iii instances of hacktivism are in fact increasing. Speculative statements and overstated findings have all contributed to this ambiguity. When hacktivist attacks do occur, it appears that they are triggered by changes to the status quo, or perceived instances where people’s rights and freedoms have been infringed upon. However, it is unclear why hacktivists have engaged in certain issues, while neglecting others. Nevertheless, many hacktivists have articulated a willingness to target government bodies in particular. The desire to target government organizations may come from their high profile in society, a general disdain for government bodies, or the view that all governments are intrinsically corrupt. Implications of successful hacktivist attacks may include public embarrassment, a slight to an organization’s reputation, and costly data breaches. The overall effect of hacktivist attacks appears to depend upon the type of organization that is targeted, the tactic used to commit cyber attacks, and what, if any, information is compromised as a result of the attack. Interestingly, recent studies have suggested that the financial costs associated with data breaches may be decreasing. Nevertheless, hacktivist attacks can have an impact upon both the targeted organization and the individuals who have entrusted an organization to manage their private information. Looking at recent instances of hacktivism, there appear to be a number of recurring themes that have triggered hacktivist attacks. As such, hacktivist attacks can be understood as typically aligning with one of seven categories: privacy concerns; perceived instances of censorship; alleged corruption; elections; wrongdoing on the part of law enforcement; retaliation for arrests of alleged hacktivists; and general contempt. Drawing upon this analysis, there appear to be issues within BC that could trigger hacktivist attacks against the BC government. Examples include censorship surrounding the Enbridge Northern Gateway Project review process, the perception that the BC government is a corrupt institution, the upcoming 2013 BC provincial election, the behaviour of law enforcement officers in BC, and general contempt for the BC government. Despite this observation, there is nothing at this time to suggest that hacktivists have any intent to launch attacks against the Government of BC. While the reasons for this are not clear, it is possible that the BC government is simply not considered to be an attractive, deserving, or interesting target. Nevertheless, there is still the potential that hacktivists could target the Government of BC in the future. By affording proper consideration to the on-going contentious issues in BC, and recognizing the types of issues that have stimulated hacktivists, it is expected that the BC government will be better prepared to anticipate and mitigate the likelihood of successful hacktivist attacks in the future. Regardless of whether or not the BC government is in fact facing impending attacks from hacktivists, it is essential that the BC government is proactive in its efforts to protect its information management (IM) and information technology (IT) infrastructure, and thus all information under its custody. The best security practices presented in this report include: investing the time and resources needed to regularly audit servers and conduct penetration tests of IM/IT systems; patch systems when vulnerabilities are discovered; develop a system for Hacktivism and the Government of British Columbia iv classifying sensitive information; establish clear policies for how sensitive data should be managed; do not store sensitive data on public servers; encrypt all sensitive and private information; establish measures for mitigating the effects of DDoS attacks; establish requirements for strong passwords; temporarily lockout user accounts after predetermined number of failed login attempts; and make usernames more complex. The inclusion of these best security practices in this report however does not imply that the Province does not already have some or all of these practices in place. Conclusion While there may be issues in BC that could stimulate hacktivists into targeting the BC government, there is nothing at this time to suggest that there are any impending hacktivist threats to the Government of BC. By continuing to regularly review instances of hacktivism, and remaining cognizant of the policies and activities that could trigger hacktivist attacks though, it is expected that the BC government will be much more prepared to anticipate the likelihood of hacktivist attacks. By adopting this proactive approach, coupled with the use of best security practices, the BC government may be better prepared to guard against potential hacktivist attacks, and better protect the resources and information under its custody. Recommendations Overall, there are three recommendations provided in this report for how the BC government may improve its ability to anticipate and guard against hacktivist attacks. 1. The BC government should continue to monitor trends within hacktivism. 2. The BC government should continue to periodically identify issues in BC that may attract the attention of hacktivists. 3. All areas within the BC government should be proactive about exercising best security practices for managing resources and information under their custody. Hacktivism and
Recommended publications
  • Social Networking and Digital Gaming Media Convergence: Classification and Its Consequences for Appropriation

    Social Networking and Digital Gaming Media Convergence: Classification and Its Consequences for Appropriation

    View metadata, citation and similar papers at core.ac.uk brought to you by CORE provided by University of Salford Institutional Repository Social Networking and Digital Gaming Media Convergence: Classification and its Consequences for Appropriation Marie Griffiths, PhD and Ben Light, PhD IS, Organisations and Society Research Centre University of Salford, Maxwell Building, Salford, M5 4WT. United Kingdom. Contact Author: Professor Ben Light IS, Organisations and Society Research Centre University of Salford, Maxwell Building, Salford, M5 4WT. United Kingdom. Tel. +44 161 295 5443 Email. [email protected] Suggested running title: Social Networking and Digital Gaming Convergence Biographies Marie Griffiths moved from the IT industry into academia and is now based at the University of Salford as an EPSRC Academic Fellow. She has, and continues to research gender and ICTs. Recently she has embarked upon the study "Cybercitizens and their Virtual Pursuits" to understand the consequence of growing up and living in a technologically saturated environment. Her work has been published in journals such as Gender, Work and Organization, the European Journal of Information Systems and Information Communication and Society. Ben Light is Professor of Technology and Society at the University of Salford. His research concerns the appropriation of configurable technologies within work, organisations and society. This has led him to explore the use of large-scale enterprise resource planning packages, call centre technologies, social networking sites and digital games. He has published in journals such as Communications of the ACM, Information Systems Journal, New Technology, Work and Employment, the European Journal of Information Systems and the Journal of Information Technology.
  • Business Analytics

    Business Analytics

    SPRING 2017 Business Analytics Meeting the need for talent. PAGE 4 VIRGINIA TECH BUSINESS is published twice a year by: RANKINGS Pamplin College of Business, Virginia Tech No. 2 1030 Pamplin Hall (0209) U.S. 880 West Campus Drive Blacksburg, VA 24061 540-231-6601 No. 2 No. 7 No. 6 World www.pamplin.vt.edu Master of Evening Hospitality and Address changes: [email protected] Information Technology MBA Tourism Management Editorial inquiries and story suggestions: [email protected] U.S. News & World Report QS Top Universities In this magazine, alumni, with some exceptions, are DONNIE GRAY identified by degree and the year it was received. VIRGINIA TECH’S EVENING MBA ranking in U.S. News & World Report has improved DEAN to No. 7 among the nation’s part-time Robert T. Sumichrast MBA programs, according to the 2018 EDITOR survey released in March. It was ranked Sookhan Ho No. 16 for the previous two years. Offered DESIGN by the Pamplin College of Business, the Uncork-it, Inc. Evening MBA program serves aspiring FEATURE WRITERS business leaders in the Washington, D.C., Sookhan Ho, Dan Radmacher area with classes taught at the Northern PHOTOGRAPHERS Virginia Center, and has seen significant STUDENTS such as Mala Lal balance work, Christina O’Connor, Jim Stroup, Logan Wallace, growth in recent years. study, and family in the highly ranked Evening Oliver Meredith MBA program. ALUMNI INFORMATION Gina French, Bonnie Gilbert DISTRIBUTION MANAGER Jodi Jennings Charles Schwab Financial Planning Suite ABOUT enhances learning for business students Virginia Tech’s nationally ranked Pamplin College of JIM STROUP Business offers undergraduate and graduate programs in accounting and information systems, business information technology, economics, finance, hospitality and tourism management, management, and market- ing.
  • Sample Iis Publication Page

    Sample Iis Publication Page

    https://doi.org/10.48009/1_iis_2012_133-143 Issues in Information Systems Volume 13, Issue 1, pp. 133-143, 2012 HACKERS GONE WILD: THE 2011 SPRING BREAK OF LULZSEC Stan Pendergrass, Robert Morris University, [email protected] ABSTRACT Computer hackers, like the group known as Anonymous, have made themselves more and more relevant to our modern life. As we create and expand more and more data within our interconnected electronic universe, the threat that they bring to its fragile structure grows as well. However Anonymous is not the only group of hackers/activists or hacktivists that have made their presence known. LulzSec was a group that wreaked havoc with information systems in 2011. This will be a case study examination of their activities so that a better understanding of five aspects can be obtained: the Timeline of activities, the Targets of attack, the Tactics the group used, the makeup of the Team and a category which will be referred to as The Twist for reasons which will be made clear at the end of the paper. Keywords: LulzSec, Hackers, Security, AntiSec, Anonymous, Sabu INTRODUCTION Information systems lie at the heart of our modern existence. We deal with them when we work, when we play and when we relax; texting, checking email, posting on Facebook, Tweeting, gaming, conducting e-commerce and e- banking have become so commonplace as to be nearly invisible in modern life. Yet, within each of these electronic interactions lies the danger that the perceived line of security and privacy might be breached and our most important information and secrets might be revealed and exploited.
  • Childhood Comes but Once National Strategy to Combat Violence and Sexual Abuse Against Children and Youth (2014–2017)

    Childhood Comes but Once National Strategy to Combat Violence and Sexual Abuse Against Children and Youth (2014–2017)

    Strategy Childhood comes but once National strategy to combat violence and sexual abuse against children and youth (2014–2017) Strategy Childhood comes but once National strategy to combat violence and sexual abuse against children and youth (2014–2017) 4 FOREWORD As a society, Norway has come a long way in its efforts to protect children and adolescents from violence, sexual abuse and bullying. The progress we have achieved is attributable to policy decisions, legislation, increased knowledge, public discussion, media attention and the work of professionals, parents and children themselves. We do not permit parents to harm their children, and we express collective grief and alarm when we hear of children exposed to serious abuse. To the vast majority of parents in Norway, nothing is more important than the well-being of children. All the same, violence and sexual abuse, whether in the family or elsewhere, are a part of daily life for many children. Extensive research shows how consequential violence may be, whether it is directed at a parent or the child itself, and whether it takes the form of direct physical violence, sexual abuse or bullying. Violence can lead to extensive cognitive, social, psychological and physical problems in both the short and long term. Violence against children and adolescents is a public health challenge. The approach to violence and sexual abuse against children in Norwegian society must be one of zero tolerance. We want safety and security for all children, enabling them to enjoy good health and a good quality of life as they grow. Taboos must be broken.
  • Technical Education Landscape in the UAE: Qualifications & Opportunities

    Technical Education Landscape in the UAE: Qualifications & Opportunities

    Technical Education Landscape in the UAE: Qualifications & Opportunities GLOBAL INNOVATIONS 2013 – DOHA, QATAR Sajida H. Shroff, April 2013 Agenda • Executive Summary • UAE Parameters for Technical Education • Current Status of TECH Education in the UAE • Enrollment Growth in Vocational/Technical/Career Track Education in the UAE • UAE’s Regulatory Landscape • Proposed and (sample) Private Qualifications Frameworks in the UAE • Current Career Track Training Options in the UAE • Public and Private Providers • Gaps and Potential Programmes • Next Steps • Potential Impact • Appendices: Sources Technical Education Landscape in the UAE- updated 04Apr13 2 Executive Summary The Technical (TECH) Landscape Study identifies the current status, prospects and challenges related to the expansion of TECH offerings in Dubai • There is a need for expanded Vocational/Technical Educational Programmes in Dubai to serve the UAE and the Region • Programmes would primarily serve the Expatriate population as there is sufficient capacity for the National population • The key target market is high school graduates from the UAE and the Region who DON’T/CAN’T go to university • To mitigate the identified skills gap, the focus of VTECH Education in the UAE needs to be on ‘white collar’ “career track opportunities” • In order for these career track programmes to have credibility, a qualifications framework aligned with global best practices and enabling transferability of qualifications is necessary • Due to the negative perception surrounding Vocational/Technical Education in this region as well as current labor market practices (i.e. importing blue collar workers) – VTECH Education needs to be repositioned in the UAE Technical Education Landscape in the UAE- updated 04Apr13 3 UAE’s parameters for Technical Education & Training (TECH) have to take into account regional nuances so they should be different from the global understanding; i.e.
  • Cyber-Conflict Between the United States of America and Russia CSS

    Cyber-Conflict Between the United States of America and Russia CSS

    CSS CYBER DEFENSE PROJECT Hotspot Analysis: Cyber-conflict between the United States of America and Russia Zürich, June 2017 Version 1 Risk and Resilience Team Center for Security Studies (CSS), ETH Zürich Cyber-conflict between the United States of America and Russia Authors: Marie Baezner, Patrice Robin © 2017 Center for Security Studies (CSS), ETH Zürich Contact: Center for Security Studies Haldeneggsteig 4 ETH Zürich CH-8092 Zurich Switzerland Tel.: +41-44-632 40 25 [email protected] www.css.ethz.ch Analysis prepared by: Center for Security Studies (CSS), ETH Zürich ETH-CSS project management: Tim Prior, Head of the Risk and Resilience Research Group; Myriam Dunn Cavelty, Deputy Head for Research and Teaching; Andreas Wenger, Director of the CSS Disclaimer: The opinions presented in this study exclusively reflect the authors’ views. Please cite as: Baezner, Marie; Robin, Patrice (2017): Hotspot Analysis: Cyber-conflict between the United States of America and Russia, June 2017, Center for Security Studies (CSS), ETH Zürich. 2 Cyber-conflict between the United States of America and Russia Table of Contents 1 Introduction 5 2 Background and chronology 6 3 Description 9 3.1 Tools and techniques 9 3.2 Targets 10 3.3 Attribution and actors 10 4 Effects 11 4.1 Social and internal political effects 11 4.2 Economic effects 13 4.3 Technological effects 13 4.4 International effects 13 5 Consequences 14 5.1 Improvement of cybersecurity 14 5.2 Raising awareness of propaganda and misinformation 15 5.3 Observation of the evolution of relations between the USA and Russia 15 5.4 Promotion of Confidence Building Measures 16 6 Annex 1 17 7 Glossary 18 8 Abbreviations 19 9 Bibliography 19 3 Cyber-conflict between the United States of America and Russia Executive Summary Effects Targets: US State institutions and a political The analysis found that the tensions between the party.
  • Bakalářská Práce 2013

    Bakalářská Práce 2013

    Masarykova univerzita Filozofická fakulta Ústav české literatury a knihovnictví Kabinet informa čních studií a knihovnictví Bakalá řská diplomová práce 2013 Alena Brožová Masarykova univerzita Filozofická fakulta Kabinet informa čních studií a knihovnictví Informa ční studia a knihovnictví Alena Brožová AntiSec: hacktivistická kampa ň za svobodu na internetu Bakalá řská diplomová práce Vedoucí práce: PhDr. Pavla Ková řová 2013 Prohlašuji, že jsem diplomovou práci vypracovala samostatn ě s využitím uvedených pramen ů a literatury. …………………………………………….. Podpis autora práce Zde bych cht ěla pod ěkovat vedoucí práce PhDr. Pavle Ková řové za pomoc a cenné rady v pr ůběhu tvorby bakalá řské diplomové práce. Bibliografický záznam BROŽOVÁ, Alena. AntiSec: hacktivistická kampa ň za svobodu na internetu . Brno: Masarykova univerzita, Filozofická fakulta, Ústav české literatury a knihovnictví, Kabinet informa čních studií a knihovnictví, 2013, 59 s. Vedoucí bakalá řské práce PhDr. Pavla Ková řová. Anotace Bakalá řská diplomová práce „AntiSec: hacktivistická kampa ň za svobodu na internetu“ se zabývá hackerskými útoky v rámci operace AntiSec, které byly uskute čněny pod záštitou propagace svobodného internetu, svobody informací a svobody projevu. Práce se zabývá etickou oprávn ěností provedení útok ů v souvislosti s pravidly definovaných etických teorií a kodex ů. Pro toto hodnocení jsou využity principy dimenzionální analýzy. Výsledkem práce je souhrn informací o prob ěhnuté operaci s důrazem na eti čnost provedených útok ů. Annotation Bachelor thesis „AntiSec: hacktivism campaign for freedom on the internet“ deals with hacker attacks in Operation AntiSec which were made under the auspices of promoting free internet, freedom of information and freedom of expression. The work deals with the ethical legitimacy of carrying out attacks in relation to the rules of defined ethical theories and codes.
  • You Are Not Welcome Among Us: Pirates and the State

    You Are Not Welcome Among Us: Pirates and the State

    International Journal of Communication 9(2015), 890–908 1932–8036/20150005 You Are Not Welcome Among Us: Pirates and the State JESSICA L. BEYER University of Washington, USA FENWICK MCKELVEY1 Concordia University, Canada In a historical review focused on digital piracy, we explore the relationship between hacker politics and the state. We distinguish between two core aspects of piracy—the challenge to property rights and the challenge to state power—and argue that digital piracy should be considered more broadly as a challenge to the authority of the state. We trace generations of peer-to-peer networking, showing that digital piracy is a key component in the development of a political platform that advocates for a set of ideals grounded in collaborative culture, nonhierarchical organization, and a reliance on the network. We assert that this politics expresses itself in a philosophy that was formed together with the development of the state-evading forms of communication that perpetuate unmanageable networks. Keywords: pirates, information politics, intellectual property, state networks Introduction Digital piracy is most frequently framed as a challenge to property rights or as theft. This framing is not incorrect, but it overemphasizes intellectual property regimes and, in doing so, underemphasizes the broader political challenge posed by digital pirates. In fact, digital pirates and broader “hacker culture” are part of a political challenge to the state, as well as a challenge to property rights regimes. This challenge is articulated in terms of contributory culture, in contrast to the commodification and enclosures of capitalist culture; as nonhierarchical, in contrast to the strict hierarchies of the modern state; and as faith in the potential of a seemingly uncontrollable communication technology that makes all of this possible, in contrast to a fear of the potential chaos that unsurveilled spaces can bring.
  • Investigating Web Defacement Campaigns at Large

    Investigating Web Defacement Campaigns at Large

    Session 11: Malware and Web ASIACCS’18, June 4–8, 2018, Incheon, Republic of Korea Investigating Web Defacement Campaigns at Large Federico Maggi, Marco Balduzzi, Ryan Flores, Lion Gu, Vincenzo Ciancaglini Forward-Looking Threat Research Team - Trend Micro, Inc. ABSTRACT the attack, team affiliation of the defacer(s), or nicknames ofthe Website defacement is the practice of altering the web pages of a supporting actors. Over the years, defacers have abandoned their website after its compromise. The altered pages, called deface pages, interested in defacing for the mere purpose of advertising the com- can negatively affect the reputation and business of the victim site. promise, pursuing defacement more as a mean to broadcast strong Previous research has focused primarily on detection, rather than messages “to the World”—by compromising popular websites. exploring the defacement phenomenon in depth. While investigat- Despite several actors are still driven by the desire of promot- ing several defacements, we observed that the artifacts left by the ing their own reputation, an increasing number of defacers strive defacers allow an expert analyst to investigate the actors’ modus instead to promote their ideologies, religious orientation, political operandi and social structure, and expand from the single deface views, or other forms of activism, often closely following real-world page to a group of related defacements (i.e., a campaign). However, events (e.g., war, elections, crisis, terrorist attacks). We refer to this manually performing such analysis on millions of incidents is te- phenomenon as dark propaganda, to highlight that legitimate re- dious, and poses scalability challenges. From these observations, we sources are abused for pushing the actors’ viewpoints.
  • The Deloitte Global 2021 Millennial and Gen Z Survey

    The Deloitte Global 2021 Millennial and Gen Z Survey

    A call for accountability and action T HE D ELO IT T E GLOB A L 2021 M IL LE N N IA L AND GEN Z SUR V E Y 1 Contents 01 06 11 INTRODUCTION CHAPTER 1 CHAPTER 2 Impact of the COVID-19 The effect on mental health pandemic on daily life 15 27 33 CHAPTER 3 CHAPTER 4 CONCLUSION How the past year influenced Driven to act millennials’ and Gen Zs’ world outlooks 2 Introduction Millennials and Generation Zs came of age at the same time that online platforms and social media gave them the ability and power to share their opinions, influence distant people and institutions, and question authority in new ways. These forces have shaped their worldviews, values, and behaviors. Digital natives’ ability to connect, convene, and create disruption via their keyboards and smartphones has had global impact. From #MeToo to Black Lives Matter, from convening marches on climate change to the Arab Spring, from demanding eco-friendly products to challenging stakeholder capitalism, these generations are compelling real change in society and business. The lockdowns resulting from the COVID-19 pandemic curtailed millennials’ and Gen Zs’ activities but not their drive or their desire to be heard. In fact, the 2021 Deloitte Global Millennial Survey suggests that the pandemic, extreme climate events, and a charged sociopolitical atmosphere may have reinforced people’s passions and given them oxygen. 01 Urging accountability Last year’s report1 reflected the results of two Of course, that’s a generality—no group of people is surveys—one taken just before the pandemic and a homogeneous.
  • List of Targets of Arrested Computer Hackers 6 March 2012

    List of Targets of Arrested Computer Hackers 6 March 2012

    List of targets of arrested computer hackers 6 March 2012 The five computer hackers charged in New York Tribune and Los Angeles Times, using on Tuesday and a sixth who pleaded guilty are misappropriated login credentials. accused of involvement in some of the most notorious hacking incidents of the past 18 months. -- February 2011: A cyberattack on private computer security firm HBGary that involved the The following are some of the cyberattacks in theft of 60,000 emails from HBGary employees and which the two Britons, two Irishmen and two the HBGary chief executive, as well as defacing his Americans allegedly played a role as members of Twitter account. Anonymous, Lulz Security or associated groups: -- April-May 2011: A cyberattack on a Fox -- December 2010: Operation Payback. Distributed Broadcasting Company website that involved the denial of service (DDoS) attacks by members of theft of names, dates of birth, telephone numbers, Anonymous on the websites of MasterCard, email and residential addresses for more than PayPal and Visa in retaliation for their refusal to 70,000 potential contestants on the Fox television accept donations for WikiLeaks. In a DDoS attack, show the "X-Factor." a website is bombarded with traffic, slowing it down or knocking it offline completely. -- May 2011: A cyberattack on Sony Pictures Entertainment that revealed the passwords, email -- January 2011: Defacing a website of the Irish addresses, home addresses and dates of birth of political party Fine Gael after accessing computer 100,000 users of the www.sonypictures.com servers in Arizona used to maintain the website, website and a subsequent online attack against www.finegael2011.com.
  • A PRACTICAL METHOD of IDENTIFYING CYBERATTACKS February 2018 INDEX

    A PRACTICAL METHOD of IDENTIFYING CYBERATTACKS February 2018 INDEX

    In Collaboration With A PRACTICAL METHOD OF IDENTIFYING CYBERATTACKS February 2018 INDEX TOPICS EXECUTIVE SUMMARY 4 OVERVIEW 5 THE RESPONSES TO A GROWING THREAT 7 DIFFERENT TYPES OF PERPETRATORS 10 THE SCOURGE OF CYBERCRIME 11 THE EVOLUTION OF CYBERWARFARE 12 CYBERACTIVISM: ACTIVE AS EVER 13 THE ATTRIBUTION PROBLEM 14 TRACKING THE ORIGINS OF CYBERATTACKS 17 CONCLUSION 20 APPENDIX: TIMELINE OF CYBERSECURITY 21 INCIDENTS 2 A Practical Method of Identifying Cyberattacks EXECUTIVE OVERVIEW SUMMARY The frequency and scope of cyberattacks Cyberattacks carried out by a range of entities are continue to grow, and yet despite the seriousness a growing threat to the security of governments of the problem, it remains extremely difficult to and their citizens. There are three main sources differentiate between the various sources of an of attacks; activists, criminals and governments, attack. This paper aims to shed light on the main and - based on the evidence - it is sometimes types of cyberattacks and provides examples hard to differentiate them. Indeed, they may of each. In particular, a high level framework sometimes work together when their interests for investigation is presented, aimed at helping are aligned. The increasing frequency and severity analysts in gaining a better understanding of the of the attacks makes it more important than ever origins of threats, the motive of the attacker, the to understand the source. Knowing who planned technical origin of the attack, the information an attack might make it easier to capture the contained in the coding of the malware and culprits or frame an appropriate response. the attacker’s modus operandi.