DOCSLIB.ORG

Cyber Threats Facing America: an Overview of the Cybersecurity Threat Landscape

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

S. Hrg. 115–298 CYBER THREATS FACING AMERICA: AN OVERVIEW OF THE CYBERSECURITY THREAT LANDSCAPE HEARING BEFORE THE COMMITTEE ON HOMELAND SECURITY AND GOVERNMENTAL AFFAIRS UNITED STATES SENATE ONE HUNDRED FIFTEENTH CONGRESS FIRST SESSION MAY 10, 2017 Available via the World Wide Web: http://www.fdsys.gov/ Printed for the use of the Committee on Homeland Security and Governmental Affairs ( U.S. GOVERNMENT PUBLISHING OFFICE 27–390 PDF WASHINGTON : 2018 COMMITTEE ON HOMELAND SECURITY AND GOVERNMENTAL AFFAIRS RON JOHNSON, Wisconsin, Chairman JOHN MCCAIN, Arizona CLAIRE MCCASKILL, Missouri ROB PORTMAN, Ohio THOMAS R. CARPER, Delaware RAND PAUL, Kentucky JON TESTER, Montana JAMES LANKFORD, Oklahoma HEIDI HEITKAMP, North Dakota MICHAEL B. ENZI, Wyoming GARY C. PETERS, Michigan JOHN HOEVEN, North Dakota MAGGIE HASSAN, New Hampshire STEVE DAINES, Montana KAMALA D. HARRIS, California CHRISTOPHER R. HIXON, Staff Director GABRIELLE D’ADAMO SINGER, Chief Counsel COLLEEN BERNY, Professional Staff Member MARGARET E. DAUM, Minority Staff Director JULIE KLEIN, Minority Professional Staff Member LAURA W. KILBRIDE, Chief Clerk BONNI DINERSTEIN, Hearing Clerk (II) C O N T E N T S Opening statements: Page Senator Johnson ............................................................................................... 1 Senator McCaskill ............................................................................................ 2 Senator Lankford .............................................................................................. 15 Senator Daines ................................................................................................. 18 Prepared statements: Senator Johnson ............................................................................................... 31 Senator McCaskill ............................................................................................ 32 WITNESSES WEDNESDAY, MAY 10, 2017 Jeffrey E. Greene, Senior Director, Global Government Affairs and Policy, Symantec Corporation ......................................................................................... 4 Steven R. Chabinsky, Global Chair of Data, Privacy, and Cyber Security, White and Case LLP ............................................................................................ 6 Brandon Valeriano, Ph.D., Donald Bren Chair of Armed Politics, Marine Corps University, and Adjunct Fellow, Niskanen Center ................................ 8 Kevin Keeney, Captain, Missouri National Guard, and Director, Cyber Inci- dent Response Team, Monsanto Company ........................................................ 10 ALPHABETICAL LIST OF WITNESSES Chabinsky, Steven R: Testimony .......................................................................................................... 6 Prepared statement .......................................................................................... 42 Greene, Jeffrey E.: Testimony .......................................................................................................... 4 Prepared statement .......................................................................................... 34 Keeney, Kevin: Testimony .......................................................................................................... 10 Prepared statement .......................................................................................... 69 Valeriano, Brandon Ph.D.: Testimony .......................................................................................................... 8 Prepared statement .......................................................................................... 58 APPENDIX Center for Strategic and International Studies report submitted by Senator Johnson ................................................................................................................. 73 EPIC statement for the Record .............................................................................. 97 Kaspersky Lab statement for the Record .............................................................. 99 Responses to post-hearing questions for the Record Mr. Greene ........................................................................................................ 106 Mr. Chabinsky .................................................................................................. 115 Mr. Valeriano .................................................................................................... 124 Mr. Keeney ........................................................................................................ 133 (III) CYBER THREATS FACING AMERICA: AN OVERVIEW OF THE CYBERSECURITY THREAT LANDSCAPE WEDNESDAY, MAY 10, 2017 U.S. SENATE, COMMITTEE ON HOMELAND SECURITY AND GOVERNMENTAL AFFAIRS, Washington, DC. The Committee met, pursuant to notice, at 10:06 a.m., in room SD–342, Dirksen Senate Office Building, Hon. Ron Johnson, Chair- man of the Committee, presiding. Present: Senators Johnson, Lankford, Daines, McCaskill, Carper, Tester, Heitkamp, Peters, and Hassan. OPENING STATEMENT OF CHAIRMAN JOHNSON Chairman JOHNSON. Good morning. This hearing will come to order. I apologize for my tardiness. I thought the vote was actually scheduled for 10. I want to welcome the witnesses. I want to thank you for your thoughtful testimony. I think this will be an excellent hearing based on reading the testimony. This Committee has four primary goals: border security, we have held, I think, 23 or 24 hearings on it now; cybersecurity, the sub- ject of this Committee hearing; protecting our critical infrastruc- ture, which has a lot of cybersecurity components to that as well, and combating Islamist terror, any type of extreme violent behav- ior, also definitely has a cyber component to it as well. So, this is going to continue to be a focus. I really do appreciate the way we are going to discuss this today. Again, based on the tes- timony, it is going to be a very good presentation of a variety of views in terms of what we need to do. What I am hoping to certainly get out of this is what we have gotten out of some earlier hearings. We held a hearing on agents on the front line trying to secure our border and enforce our immi- gration laws, and out of that hearing, I think, we developed a con- sensus and a process for trying to give those agencies the authority to fix their personnel issues so they can actually hire the people and treat them with parity. Last week we had a hearing on the Government Accountability Office (GAO) duplication, and I think we also developed a con- sensus that we need to take GAO’s recommendation to actually produce legislation to force the agencies to actually implement their recommendations. (1) 2 What I am hoping we get out of this hearing, because I think this is really the crux of what we need to do in government, is we have to figure out how we can employ, engage, utilize the absolute best and brightest minds when it comes to dealing with this enor- mously difficult, enormously complex issue of how do we protect the Internet, the Internet of Things (IOT), our cyber assets from the relentless and incredibly destructive attacks that are just ongo- ing virtually every second of the day. It was General Keith Alexander, the former National Security Agency (NSA) Director, who said that cyber attacks represent the greatest transfer of wealth in history. I have a report here, I guess by the Center for Strategic and International Studies.1 They did an estimate. Somewhere between $375 and $575 billion per year is what they are estimating is the global economic cost of all these cyber attacks. Again, this is an important hearing. It is just going to be one in a series as we try and grapple with this. But, again, what I am hoping is we all recognize we have to figure out how to break through the bureaucratic rules, our pay scales, or how do we en- gage the private sector so we literally do have the best and bright- est. And, by the way, we have some really fabulous patriots who are working at way below what they can make in the marketplace al- ready working in different agencies here addressing this. We just need to make sure we get as many bright minds as possible work- ing on such a difficult issue. I do ask unanimous consent that my written statement be en- tered in the record.2 Without objection, so ordered. Chairman JOHNSON. And, with that, I will turn it over to Senator McCaskill. OPENING STATEMENT OF SENATOR MCCASKILL3 Senator MCCASKILL. Thank you, Chairman Johnson. This hearing is an important opportunity for us to focus on the threats we face and to begin talking about how to address our Na- tion’s cybersecurity needs. We have critical vulnerabilities in cybersecurity, and they impact our Nation and countries around the globe. The Federal Govern- ment, States, and the private sector have all experienced cyber breaches with devastating outcomes. Just last week, a candidate in the French Presidential race had electronic messages and documents from his campaign hacked and posted online in an attack that looks remarkably similar to the at- tack on the Democratic National Committee (DNC) just prior to the party’s summer convention, nominating convention, and prior to the Presidential elections. The perpetrators of these types of attacks are trying to under- mine our democracy by tarnishing particular candidates. In this in- stance, those attacks were, in fact, carried out by Russia to influ- ence voters and portray our electoral system as flawed. 1 The report referenced
Recommended publications
  • Recent Developments in Cybersecurity Melanie J

    Recent Developments in Cybersecurity Melanie J

    American University Business Law Review Volume 2 | Issue 2 Article 1 2013 Fiddling on the Roof: Recent Developments in Cybersecurity Melanie J. Teplinsky Follow this and additional works at: http://digitalcommons.wcl.american.edu/aublr Part of the Law Commons Recommended Citation Teplinsky, Melanie J. "Fiddling on the Roof: Recent Developments in Cybersecurity." American University Business Law Review 2, no. 2 (2013): 225-322. This Article is brought to you for free and open access by the Washington College of Law Journals & Law Reviews at Digital Commons @ American University Washington College of Law. It has been accepted for inclusion in American University Business Law Review by an authorized administrator of Digital Commons @ American University Washington College of Law. For more information, please contact [email protected]. ARTICLES FIDDLING ON THE ROOF: RECENT DEVELOPMENTS IN CYBERSECURITY MELANIE J. TEPLINSKY* TABLE OF CONTENTS Introduction .......................................... ..... 227 I. The Promise and Peril of Cyberspace .............. ........ 227 II. Self-Regulation and the Challenge of Critical Infrastructure ......... 232 III. The Changing Face of Cybersecurity: Technology Trends ............ 233 A. Mobile Technology ......................... 233 B. Cloud Computing ........................... ...... 237 C. Social Networking ................................. 241 IV. The Changing Face of Cybersecurity: Cyberthreat Trends ............ 244 A. Cybercrime ................................. ..... 249 1. Costs of Cybercrime
  • Kaspersky Lab, Inc. V. United States, No

    Kaspersky Lab, Inc. V. United States, No

    United States Court of Appeals FOR THE DISTRICT OF COLUMBIA CIRCUIT Argued September 14, 2018 Decided November 30, 2018 No. 18-5176 KASPERSKY LAB, INC. AND KASPERSKY LABS LIMITED, APPELLANTS v. UNITED STATES DEPARTMENT OF HOMELAND SECURITY AND KIRSTJEN M. NIELSEN, IN HER OFFICIAL CAPACITY AS SECRETARY OF HOMELAND SECURITY, APPELLEES Consolidated with 18-5177 Appeals from the United States District Court for the District of Columbia (No. 1:17-cv-02697) (No. 1:18-cv-00325) Scott H. Christensen argued the cause for appellants. With him on the briefs were Ryan P. Fayhee and Stephen R. Halpin III. Lewis S. Yelin, Attorney, U.S. Department of Justice, argued the cause for appellees. With him on the brief was H. Thomas Byron, III. 2 Before: TATEL, Circuit Judge, and EDWARDS and GINSBURG, Senior Circuit Judges. Opinion for the Court filed by Circuit Judge TATEL. TATEL, Circuit Judge: Kaspersky Lab is a Russian-based cybersecurity company that provides products and services to customers around the world. Recently, however, Kaspersky lost an important client: the United States government. In September 2017, based on concerns that the Russian government could exploit Kaspersky’s access to federal computers for ill, the Acting Secretary of Homeland Security directed federal agencies to remove the company’s products from government information systems. And a few months later, Congress broadened and codified that prohibition in the National Defense Authorization Act. Kaspersky sued, arguing that the prohibition constitutes an impermissible legislative punishment—what the Constitution calls a bill of attainder. The government responded that the prohibition is not a punishment but a prophylaxis necessary to protect federal computer systems from Russian cyber-threats.
  • Mobile Financial Fraud April 2013

    Mobile Financial Fraud April 2013

    White Paper: Mobile Financial Fraud April 2013 Mobile Threats and the Underground Marketplace Principal Investigator and Corresponding Author Jart Armin Contributing Researchers Andrey Komarov, Mila Parkour, Raoul Chiesa, Bryn Thompson, Will Rogofsky Panel & Review Dr. Ray Genoe (UCD), Robert McArdle (Trend Micro), Dave Piscitello (ICANN), Foy Shiver (APWG), Edgardo Montes de Oca (Montimage), Peter Cassidy (APWG) APWG Mobile Fraud web site http://ecrimeresearch.org/wirelessdevice/Fraud/ Table of Contents Abstract ..................................................................................................................................... 2 Introduction and Starting Position ........................................................................................ 2 A Global Overview .................................................................................................................. 3 Vulnerabilities Overview ....................................................................................................... 3 The Underground Mobile Market ....................................................................................... 13 Mobile DNS & Traffic ........................................................................................................... 15 iBots & the Pocket Botnet ..................................................................................................... 18 Mobile Intrusion ...................................................................................................................
  • View Final Report (PDF)

    View Final Report (PDF)

    TABLE OF CONTENTS TABLE OF CONTENTS I EXECUTIVE SUMMARY III INTRODUCTION 1 GENESIS OF THE PROJECT 1 RESEARCH QUESTIONS 1 INDUSTRY SITUATION 2 METHODOLOGY 3 GENERAL COMMENTS ON INTERVIEWS 5 APT1 (CHINA) 6 SUMMARY 7 THE GROUP 7 TIMELINE 7 TYPOLOGY OF ATTACKS 9 DISCLOSURE EVENTS 9 APT10 (CHINA) 13 INTRODUCTION 14 THE GROUP 14 TIMELINE 15 TYPOLOGY OF ATTACKS 16 DISCLOSURE EVENTS 18 COBALT (CRIMINAL GROUP) 22 INTRODUCTION 23 THE GROUP 23 TIMELINE 25 TYPOLOGY OF ATTACKS 27 DISCLOSURE EVENTS 30 APT33 (IRAN) 33 INTRODUCTION 34 THE GROUP 34 TIMELINE 35 TYPOLOGY OF ATTACKS 37 DISCLOSURE EVENTS 38 APT34 (IRAN) 41 INTRODUCTION 42 THE GROUP 42 SIPA Capstone 2020 i The Impact of Information Disclosures on APT Operations TIMELINE 43 TYPOLOGY OF ATTACKS 44 DISCLOSURE EVENTS 48 APT38 (NORTH KOREA) 52 INTRODUCTION 53 THE GROUP 53 TIMELINE 55 TYPOLOGY OF ATTACKS 59 DISCLOSURE EVENTS 61 APT28 (RUSSIA) 65 INTRODUCTION 66 THE GROUP 66 TIMELINE 66 TYPOLOGY OF ATTACKS 69 DISCLOSURE EVENTS 71 APT29 (RUSSIA) 74 INTRODUCTION 75 THE GROUP 75 TIMELINE 76 TYPOLOGY OF ATTACKS 79 DISCLOSURE EVENTS 81 COMPARISON AND ANALYSIS 84 DIFFERENCES BETWEEN ACTOR RESPONSE 84 CONTRIBUTING FACTORS TO SIMILARITIES AND DIFFERENCES 86 MEASURING THE SUCCESS OF DISCLOSURES 90 IMPLICATIONS OF OUR RESEARCH 92 FOR PERSISTENT ENGAGEMENT AND FORWARD DEFENSE 92 FOR PRIVATE CYBERSECURITY VENDORS 96 FOR THE FINANCIAL SECTOR 96 ROOM FOR FURTHER RESEARCH 97 ACKNOWLEDGEMENTS 98 ABOUT THE TEAM 99 SIPA Capstone 2020 ii The Impact of Information Disclosures on APT Operations EXECUTIVE SUMMARY This project was completed to fulfill the including the scope of the disclosure and capstone requirement for Columbia Uni- the disclosing actor.
  • Download Slides

    Download Slides

    THE UNBEARABLE LIGHTNESS OF APTing WHO ARE WE? Ron Davidson Head of Threat Intelligence and Research Check Point Software Technologies Yaniv Balmas Security Researcher Check Point Software Technologies APT Advanced Persistent Threat APT “An APT is a network attack in which an unauthorized person gains access to a Advanced network and stays there undetected for a long period of time.“ Threat APT “An APT is a network attack in which an unauthorized person gains access to a Advanced network and stays there undetected for a long period of time.“ “APT is a set of stealthy and continuous computer hacking processes … APT usually targets organizations and/or nations for business or political motives.” APT “An APT is a network attack in which an unauthorized person gains access to a ? network and stays there undetected for a long period of time.“ “APT is a set of stealthy and continuous computer hacking processes … APT usually targets organizations and/or nations for business or political motives.” APT HISTORY Cosmic Duke Dragonfly Carbanak Equation Energetic Bear Duqu2 Regin Havex Babar 2015 Casper PlugX 79 Madi Flame 2014 Shamoon 107 Subpab Wiper 2013 Gauss 54 APT1 Red October 2012 Aurora 24 Machete 2011 Stuxnet 13 Duqu 2010 12 RSA Hack github.com/kbandla/APTnotes WHAT’S COMMON? At t ribution @AttributionDice WHAT’S IN COMMON? France 11% Iran 9% China Israel 44% 5% Russia 23% USA 9% @AttributionDice WHEN IN DOUBT… It’s probably China! WITH GREAT POWER COME GREAT APTS VOLATILE CEDAR • A targeted campaign • Has been active since late 2012 • Operation
  • Red Teaming the Red Team: Utilizing Cyber Espionage to Combat Terrorism

    Red Teaming the Red Team: Utilizing Cyber Espionage to Combat Terrorism

    Journal of Strategic Security Volume 6 Number 5 Volume 6, No. 3, Fall 2013 Supplement: Ninth Annual IAFIE Article 3 Conference: Expanding the Frontiers of Intelligence Education Red Teaming the Red Team: Utilizing Cyber Espionage to Combat Terrorism Gary Adkins The University of Texas at El Paso Follow this and additional works at: https://scholarcommons.usf.edu/jss pp. 1-9 Recommended Citation Adkins, Gary. "Red Teaming the Red Team: Utilizing Cyber Espionage to Combat Terrorism." Journal of Strategic Security 6, no. 3 Suppl. (2013): 1-9. This Papers is brought to you for free and open access by the Open Access Journals at Scholar Commons. It has been accepted for inclusion in Journal of Strategic Security by an authorized editor of Scholar Commons. For more information, please contact [email protected]. Red Teaming the Red Team: Utilizing Cyber Espionage to Combat Terrorism This papers is available in Journal of Strategic Security: https://scholarcommons.usf.edu/jss/vol6/iss5/ 3 Adkins: Red Teaming the Red Team: Utilizing Cyber Espionage to Combat Terrorism Red Teaming the Red Team: Utilizing Cyber Espionage to Combat Terrorism Gary Adkins Introduction The world has effectively exited the Industrial Age and is firmly planted in the Information Age. Global communication at the speed of light has become a great asset to both businesses and private citizens. However, there is a dark side to the age we live in as it allows terrorist groups to communicate, plan, fund, recruit, and spread their message to the world. Given the relative anonymity the Internet provides, many law enforcement and security agencies investigations are hindered in not only locating would be terrorists but also in disrupting their operations.
  • What You Should Know About Kaspersky

    What You Should Know About Kaspersky

    What you should know Proven. Transparent. about Kaspersky Lab Independent. Fighting for your digital freedom Your data and privacy are under attack by cybercriminals and spy agencies, so you need a partner who is not afraid of standing beside you to protect what matters to you most. For over 20 years, Kaspersky Lab has been catching all kinds of cyberthreats. No matter whether they come from script kiddies, cybercriminals or governments, or from the north, south, east or west. We believe the online world should be free from attack and state-sponsored espionage, and will continue fighting for a truly free and safe digital world. Proven Transparent Independent Kaspersky Lab routinely scores the highest We are totally transparent and are making As a private company, we are independent marks in independent ratings and surveys. it even easier to understand what we do: from short term business considerations and institutional influence. • Measured alongside more than 100 other • Independent review of the company’s well-known vendors in the industry source code, software updates and We share our expertise, knowledge • 72 first places in 86 tests in 2017 threat detection rules and technical findings with the world’s • Top 3 ranking* in 91% of all product tests • Independent review of internal security community, IT security vendors, • In 2017, Kaspersky Lab received processes international organizations, and law Platinum Status for Gartner’s Peer • Three transparency centers by 2020 enforcement agencies. Insight** Customer Choice Award 2017, • Increased bug bounty rewards with up in the Endpoint Protection Platforms to $100K per discovered vulnerability Our research team is spread across the market world and includes some of the most renowned security experts in the world.
  • Last Summer, the World's Top Software-Security Experts Were

    Last Summer, the World's Top Software-Security Experts Were

    A DeclarationLast summer, the world’s top software-security experts were of Cyber-War panicked by the discovery of a drone-like computer virus, radically different from and far more sophisticated than any they’d seen. The race was on to figure out its payload, its purpose, and who was behind it. As the world now knows, the Stuxnet worm appears to have attacked Iran’s nuclear program. And, as MICHAEL JOSEPH GROSS reports, while its source remains something of a mystery, Stuxnet is the new face of 21st-century war: invisible, anonymous, and devastating 152 VANITY FAIR PHOTOGRAPHS BY JONAS FREDWALL KARLSSON APRIL 2011 A DeclarationLast summer, the world’s top software-security experts were of Cyber-War panicked by the discovery of a drone-like computer virus, radically different from and far more sophisticated than any they’d seen. The race was on to figure out its payload, its purpose, and who was behind it. As the world now knows, the Stuxnet worm appears to have attacked Iran’s nuclear program. And, as MICHAEL JOSEPH GROSS reports, while its source remains something of a mystery, Stuxnet is the new face of 21st-century war: invisible, anonymous, and devastating GAME OF SHADOWS Eugene Kaspersky, co-founder and C.E.O. of Kaspersky Lab— a Moscow-based computer-security company and an early investigator of Stuxnet—photographed on the Bolshoy Moskvoretsky Bridge, FOR DETAILS, GO TO VF.COM/CREDITS near the Kremlin. APRIL 2011 153 “PERSON OF INTEREST” Computer-security researcher Frank Rieger, one of the !rst to study the Stuxnet worm closely, at Berlin’s Chaos computer Club.
  • (“Spider-Man”) Cr

    (“Spider-Man”) Cr

    PRIVILEGED ATTORNEY-CLIENT COMMUNICATION EXECUTIVE SUMMARY SECOND AMENDED AND RESTATED LICENSE AGREEMENT (“SPIDER-MAN”) CREATIVE ISSUES This memo summarizes certain terms of the Second Amended and Restated License Agreement (“Spider-Man”) between SPE and Marvel, effective September 15, 2011 (the “Agreement”). 1. CHARACTERS AND OTHER CREATIVE ELEMENTS: a. Exclusive to SPE: . The “Spider-Man” character, “Peter Parker” and essentially all existing and future alternate versions, iterations, and alter egos of the “Spider- Man” character. All fictional characters, places structures, businesses, groups, or other entities or elements (collectively, “Creative Elements”) that are listed on the attached Schedule 6. All existing (as of 9/15/11) characters and other Creative Elements that are “Primarily Associated With” Spider-Man but were “Inadvertently Omitted” from Schedule 6. The Agreement contains detailed definitions of these terms, but they basically conform to common-sense meanings. If SPE and Marvel cannot agree as to whether a character or other creative element is Primarily Associated With Spider-Man and/or were Inadvertently Omitted, the matter will be determined by expedited arbitration. All newly created (after 9/15/11) characters and other Creative Elements that first appear in a work that is titled or branded with “Spider-Man” or in which “Spider-Man” is the main protagonist (but not including any team- up work featuring both Spider-Man and another major Marvel character that isn’t part of the Spider-Man Property). The origin story, secret identities, alter egos, powers, costumes, equipment, and other elements of, or associated with, Spider-Man and the other Creative Elements covered above. The story lines of individual Marvel comic books and other works in which Spider-Man or other characters granted to SPE appear, subject to Marvel confirming ownership.
  • “I Am the Villain of This Story!”: the Development of the Sympathetic Supervillain

    “I Am the Villain of This Story!”: the Development of the Sympathetic Supervillain

    “I Am The Villain of This Story!”: The Development of The Sympathetic Supervillain by Leah Rae Smith, B.A. A Thesis In English Submitted to the Graduate Faculty of Texas Tech University in Partial Fulfillment of the Requirements for the Degree of MASTER OF ARTS Approved Dr. Wyatt Phillips Chair of the Committee Dr. Fareed Ben-Youssef Mark Sheridan Dean of the Graduate School May, 2021 Copyright 2021, Leah Rae Smith Texas Tech University, Leah Rae Smith, May 2021 ACKNOWLEDGMENTS I would like to share my gratitude to Dr. Wyatt Phillips and Dr. Fareed Ben- Youssef for their tutelage and insight on this project. Without their dedication and patience, this paper would not have come to fruition. ii Texas Tech University, Leah Rae Smith, May 2021 TABLE OF CONTENTS ACKNOWLEDGMENTS………………………………………………………….ii ABSTRACT………………………………………………………………………...iv I: INTRODUCTION……………………………………………………………….1 II. “IT’S PERSONAL” (THE GOLDEN AGE)………………………………….19 III. “FUELED BY HATE” (THE SILVER AGE)………………………………31 IV. "I KNOW WHAT'S BEST" (THE BRONZE AND DARK AGES) . 42 V. "FORGIVENESS IS DIVINE" (THE MODERN AGE) …………………………………………………………………………..62 CONCLUSION ……………………………………………………………………76 BIBLIOGRAPHY …………………………………………………………………82 iii Texas Tech University, Leah Rae Smith, May 2021 ABSTRACT The superhero genre of comics began in the late 1930s, with the superhero growing to become a pop cultural icon and a multibillion-dollar industry encompassing comics, films, television, and merchandise among other media formats. Superman, Spider-Man, Wonder Woman, and their colleagues have become household names with a fanbase spanning multiple generations. However, while the genre is called “superhero”, these are not the only costume clad characters from this genre that have become a phenomenon.
  • Predicting the Spread of Malware Outbreaks Using

    Predicting the Spread of Malware Outbreaks Using

    ISSN: 1803-3814 (Printed), 2571-3701 (Online) https://doi.org/10.13164/mendel.2019.1.157 PREDICTING THE SPREAD OF MALWARE OUTBREAKS USING AUTOENCODER BASED NEURAL NETWORK Bhardwaj Gopika , Yadav Rashi Department of Information Technology, Indira Gandhi Delhi Technical University for Women, India [email protected] Abstract Malware Outbreaks are pervasive in today's digital world. However, there is a lack of awareness on part of general public on how to safeguard against such attacks and a need for increased cooperation between various national and international research as well as governmental organizations to combat the threat. On the positive side, cyber security websites, blogs and newsletters post articles outlining the working and spread of a malware outbreak and steps to recover from the same as well. In this project, an effective approach to predicting the spread of malware outbreaks is presented. The scope of the project is 15 Malware Outbreaks and the approach involves collecting these cyber aware articles from the web, assigning them to the 15 Malware Outbreaks using Topic Modeling and Similarity Analysis and along with Spread information of the Malware Outbreaks, this is input to auto encoder neural network for learning latent space representations which are further used to predict the spread of malware outbreak as either high or low spread outbreak, achieving a prediction accuracy of 75.56. This work can be used to process large amount of cyber aware content for effective and accurate prediction in the era of much-needed cyber security. Received: 14 April 2019 Keywords: malware outbreaks, topic modeling, similarity analysis, auto encoders, Accepted: 31 May 2019 prediction.
  • 1 United States District Court for the District Of

    1 United States District Court for the District Of

    Case 1:17-cv-02697-CKK Document 26 Filed 05/30/18 Page 1 of 55 UNITED STATES DISTRICT COURT FOR THE DISTRICT OF COLUMBIA KASPERSKY LAB, INC., et al., Plaintiffs v. Civil Action No. 17-2697 (CKK) UNITED STATES DEPARTMENT OF HOMELAND SECURITY, et al., Defendants KASPERSKY LAB, INC., et al., Plaintiffs v. Civil Action No. 18-325 (CKK) UNITED STATES OF AMERICA, Defendant MEMORANDUM OPINION (May 30, 2018) The United States government’s networks and computer systems are extremely important strategic national assets. Threats to these systems are constantly expanding and evolving. Their security depends on the government’s ability to act swiftly against perceived threats and to take preventive action to minimize vulnerabilities. These defensive actions may very well have adverse consequences for some third-parties. But that does not make them unconstitutional. Plaintiffs in the two lawsuits discussed in this Opinion represent Kaspersky Lab, a large multinational cybersecurity company headquartered in Russia. At least until 2017, Kaspersky Lab’s cybersecurity products were used to defend the networks and computer systems of a number of United States federal government agencies. Amid growing concerns in early 2017 about malicious Russian cyber activity against the United States, government officials and members of Congress began asking questions, and voicing concerns, about the presence of these products on government systems. These concerns were based on the risk that the use of 1 Case 1:17-cv-02697-CKK Document 26 Filed 05/30/18 Page 2 of 55 Kaspersky Lab products to defend United States government computer systems could be exploited by Russia, either with or without Kaspersky Lab’s consent, cooperation, or knowledge.