DOCSLIB.ORG

NS/EP) Internet Communications an Awareness Document

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
NS/EP) Internet Communications an Awareness Document The Electronic Intrusion Threat to National Security and Emergency Preparedness (NS/EP) Internet Communications An Awareness Document December 2000 Office of the Manager National Communications System 701 South Courthouse Road Arlington, VA 22204-2198 TABLE OF CONTENTS EXECUTIVE SUMMARY............................................................................................................... ES-1 1. OVERVIEW AND SCOPE............................................................................................................ 1 2. BACKGROUND ............................................................................................................................ 3 2.1 NS/EP FUNCTIONS ................................................................................................................... 4 2.1.1 NS/EP Responsibilities ........................................................................................................ 4 2.1.2 NS/EP Communications Services and the Functions They Support........................................ 4 2.1.3 NS/EP Community’s Current Dependence on the Internet .................................................... 5 2.2 INTERNET DESCRIPTION........................................................................................................ 5 2.2.1 Internet Technology............................................................................................................. 6 2.2.2 The Internet and Security..................................................................................................... 6 2.3 NS/EP FUNCTIONS AND THE INTERNET .............................................................................. 7 2.3.1 NS/EP Dependence on Dedicated TCP/IP Networks............................................................. 7 2.3.2 Current NS/EP Dependence on the Internet ......................................................................... 9 2.3.3 Evolving Technologies, Applications, and Protocols .......................................................... 10 2.3.4 Implications of Electronic Intrusion................................................................................... 10 2.4 CONVERGENCE ISSUES........................................................................................................ 10 2.4.1 Challenges to Network Convergence.................................................................................. 11 2.4.2 Implications of Convergence on NS/EP Services ................................................................ 12 3. TOOLS AND TECHNIQUES ..................................................................................................... 13 3.1 MALICIOUS SOFTWARE ....................................................................................................... 13 3.2 DENIAL OF SERVICE ATTACKS........................................................................................... 15 3.3 OTHER SECURITY CONCERNS ............................................................................................ 17 3.3.1 Mobile Code: Java and ActiveX......................................................................................... 17 3.3.2 Rogue Applets ................................................................................................................... 18 3.3.3 Embedded Code ................................................................................................................ 18 3.4 TRENDS................................................................................................................................... 18 4. THREATS.................................................................................................................................... 20 4.1 FOREIGN AGENCIES.............................................................................................................. 20 4.1.1 Motivation......................................................................................................................... 20 4.1.2 Capabilities....................................................................................................................... 24 4.1.3 State of Affairs................................................................................................................... 26 4.1.4 Implications ...................................................................................................................... 28 4.2 TERRORIST AND RADICAL ORGANIZATIONS .................................................................. 28 4.2.1 Motivation......................................................................................................................... 29 4.2.2 Capabilities....................................................................................................................... 31 4.2.3 Implications ...................................................................................................................... 33 4.3 CRIMINALS AND CRIMINAL ORGANIZATIONS ................................................................ 34 4.3.1 Motivation......................................................................................................................... 35 4.3.2 Capabilities....................................................................................................................... 35 4.3.3 Implications ...................................................................................................................... 39 4.4 HACKERS ................................................................................................................................ 40 4.4.1 Motivation......................................................................................................................... 40 4.4.2 Capabilities....................................................................................................................... 43 4.4.3 Implications ...................................................................................................................... 45 4.5 INSIDERS................................................................................................................................. 45 4.5.1 Motivation......................................................................................................................... 47 4.5.2 Capabilities....................................................................................................................... 48 4.5.3 Insider Incidents................................................................................................................ 50 i 4.5.4 Implications ...................................................................................................................... 51 5. CONCLUSIONS .......................................................................................................................... 53 APPENDIX A: NCS MEMBERS................................................................................................... A-1 APPENDIX B: NS/EP COMMUNICATIONS SERVICES AND THE FUNCTIONS THEY SUPPORT.........................................................................................................B-1 APPENDIX C: EVOLVING TECHNOLOGIES, APPLICATIONS, AND PROTOCOLS ......... C-1 APPENDIX D: AWARENESS ....................................................................................................... D-1 GOVERNMENT ACTIVITIES........................................................................................................ D-1 JOINT GOVERNMENT-INDUSTRY ACTIVITIES........................................................................ D-5 APPENDIX E: ACRONYMS..........................................................................................................E-1 APPENDIX F: GLOSSARY ...........................................................................................................F-1 APPENDIX G: REFERENCES...................................................................................................... G-1 LIST OF FIGURES FIGURE 2-1: INTERNET HOST NUMBERS: 1969 - 1999................................................................................ 3 TABLES TABLE 2-1: NS/EP-RELATED DEDICATED TCP/IP NETWORKS................................................................... 8 TABLE B-1: NS/EP SERVICES AND FUNCTIONS ......................................................................................B-2 ii EXECUTIVE SUMMARY One of the most significant roles of any government is to protect its citizens and their property. In fulfilling this role, the responsibility of some government agencies include protection from attacks by adversary nations and terrorists, and the destruction caused by natural as well as man-made disasters. By enabling an immediate and coordinated response to all emergencies, national security and emergency preparedness (NS/EP) communications are a vital component of federal emergency response strategies. Traditionally, federal departments and agencies have primarily used voice communications to support NS/EP functions. However, to increase efficiency and decrease costs, the Government is expected to leverage new information technologies. This drive for efficiency is fueling a move toward the increased use of the Internet, e- Government, and information technology (IT) applications to deliver NS/EP functions and responsibilities. The threat posed by electronic intrusion grows concurrently with the increased use of electronic media, widespread availability of intrusion tools
Load more

Recommended publications
  • Attribution and Response to Cybercrime/Terrorism/Warfare Susan W
    Journal of Criminal Law and Criminology Volume 97 Article 2 Issue 2 Winter Winter 2007 At Light Speed: Attribution and Response to Cybercrime/Terrorism/Warfare Susan W. Brenner Follow this and additional works at: https://scholarlycommons.law.northwestern.edu/jclc Part of the Criminal Law Commons, Criminology Commons, and the Criminology and Criminal Justice Commons Recommended Citation Susan W. Brenner, At Light Speed: Attribution and Response to Cybercrime/Terrorism/Warfare, 97 J. Crim. L. & Criminology 379 (2006-2007) This Symposium is brought to you for free and open access by Northwestern University School of Law Scholarly Commons. It has been accepted for inclusion in Journal of Criminal Law and Criminology by an authorized editor of Northwestern University School of Law Scholarly Commons. 0091-4169/07/9702-0379 THE JOURNALOF CRIMINAL LAW & CRIMINOLOGY Vol. 97. No. 2 Copyright 0 2007 by NorthwesternUniversity. Schoolof Low Printedin U.S.A. "AT LIGHT SPEED": ATTRIBUTION AND RESPONSE TO CYBERCRIME/TERRORISM/WARFARE SUSAN W. BRENNER* This Article explains why and how computer technology complicates the related processes of identifying internal (crime and terrorism) and external (war) threats to social order of respondingto those threats. First, it divides the process-attribution-intotwo categories: what-attribution (what kind of attack is this?) and who-attribution (who is responsiblefor this attack?). Then, it analyzes, in detail, how and why our adversaries' use of computer technology blurs the distinctions between what is now cybercrime, cyberterrorism, and cyberwarfare. The Article goes on to analyze how and why computer technology and the blurring of these distinctions erode our ability to mount an effective response to threats of either type.
    [Show full text]
  • Recent Developments in Cybersecurity Melanie J
    American University Business Law Review Volume 2 | Issue 2 Article 1 2013 Fiddling on the Roof: Recent Developments in Cybersecurity Melanie J. Teplinsky Follow this and additional works at: http://digitalcommons.wcl.american.edu/aublr Part of the Law Commons Recommended Citation Teplinsky, Melanie J. "Fiddling on the Roof: Recent Developments in Cybersecurity." American University Business Law Review 2, no. 2 (2013): 225-322. This Article is brought to you for free and open access by the Washington College of Law Journals & Law Reviews at Digital Commons @ American University Washington College of Law. It has been accepted for inclusion in American University Business Law Review by an authorized administrator of Digital Commons @ American University Washington College of Law. For more information, please contact [email protected]. ARTICLES FIDDLING ON THE ROOF: RECENT DEVELOPMENTS IN CYBERSECURITY MELANIE J. TEPLINSKY* TABLE OF CONTENTS Introduction .......................................... ..... 227 I. The Promise and Peril of Cyberspace .............. ........ 227 II. Self-Regulation and the Challenge of Critical Infrastructure ......... 232 III. The Changing Face of Cybersecurity: Technology Trends ............ 233 A. Mobile Technology ......................... 233 B. Cloud Computing ........................... ...... 237 C. Social Networking ................................. 241 IV. The Changing Face of Cybersecurity: Cyberthreat Trends ............ 244 A. Cybercrime ................................. ..... 249 1. Costs of Cybercrime
    [Show full text]
  • Tangled Web : Tales of Digital Crime from the Shadows of Cyberspace
    TANGLED WEB Tales of Digital Crime from the Shadows of Cyberspace RICHARD POWER A Division of Macmillan USA 201 West 103rd Street, Indianapolis, Indiana 46290 Tangled Web: Tales of Digital Crime Associate Publisher from the Shadows of Cyberspace Tracy Dunkelberger Copyright 2000 by Que Corporation Acquisitions Editor All rights reserved. No part of this book shall be reproduced, stored in a Kathryn Purdum retrieval system, or transmitted by any means, electronic, mechanical, pho- Development Editor tocopying, recording, or otherwise, without written permission from the Hugh Vandivier publisher. No patent liability is assumed with respect to the use of the infor- mation contained herein. Although every precaution has been taken in the Managing Editor preparation of this book, the publisher and author assume no responsibility Thomas Hayes for errors or omissions. Nor is any liability assumed for damages resulting from the use of the information contained herein. Project Editor International Standard Book Number: 0-7897-2443-x Tonya Simpson Library of Congress Catalog Card Number: 00-106209 Copy Editor Printed in the United States of America Michael Dietsch First Printing: September 2000 Indexer 02 01 00 4 3 2 Erika Millen Trademarks Proofreader Benjamin Berg All terms mentioned in this book that are known to be trademarks or ser- vice marks have been appropriately capitalized. Que Corporation cannot Team Coordinator attest to the accuracy of this information. Use of a term in this book should Vicki Harding not be regarded as affecting the validity of any trademark or service mark. Design Manager Warning and Disclaimer Sandra Schroeder Every effort has been made to make this book as complete and as accurate Cover Designer as possible, but no warranty or fitness is implied.
    [Show full text]
  • Ethical Hacking
    Ethical Hacking Alana Maurushat University of Ottawa Press ETHICAL HACKING ETHICAL HACKING Alana Maurushat University of Ottawa Press 2019 The University of Ottawa Press (UOP) is proud to be the oldest of the francophone university presses in Canada and the only bilingual university publisher in North America. Since 1936, UOP has been “enriching intellectual and cultural discourse” by producing peer-reviewed and award-winning books in the humanities and social sciences, in French or in English. Library and Archives Canada Cataloguing in Publication Title: Ethical hacking / Alana Maurushat. Names: Maurushat, Alana, author. Description: Includes bibliographical references. Identifiers: Canadiana (print) 20190087447 | Canadiana (ebook) 2019008748X | ISBN 9780776627915 (softcover) | ISBN 9780776627922 (PDF) | ISBN 9780776627939 (EPUB) | ISBN 9780776627946 (Kindle) Subjects: LCSH: Hacking—Moral and ethical aspects—Case studies. | LCGFT: Case studies. Classification: LCC HV6773 .M38 2019 | DDC 364.16/8—dc23 Legal Deposit: First Quarter 2019 Library and Archives Canada © Alana Maurushat, 2019, under Creative Commons License Attribution— NonCommercial-ShareAlike 4.0 International (CC BY-NC-SA 4.0) https://creativecommons.org/licenses/by-nc-sa/4.0/ Printed and bound in Canada by Gauvin Press Copy editing Robbie McCaw Proofreading Robert Ferguson Typesetting CS Cover design Édiscript enr. and Elizabeth Schwaiger Cover image Fragmented Memory by Phillip David Stearns, n.d., Personal Data, Software, Jacquard Woven Cotton. Image © Phillip David Stearns, reproduced with kind permission from the artist. The University of Ottawa Press gratefully acknowledges the support extended to its publishing list by Canadian Heritage through the Canada Book Fund, by the Canada Council for the Arts, by the Ontario Arts Council, by the Federation for the Humanities and Social Sciences through the Awards to Scholarly Publications Program, and by the University of Ottawa.
    [Show full text]
  • Infosec Year in Review -- 1999
    InfoSec Year In Review -- 1999 M. E. Kabay, PhD, CISSP. Security Leader, INFOSEC Group, AtomicTangerine Inc. Category 11 Breaches of confidentiality Date 1999-01-29 Keyword data leakage privacy confidentiality control Web Source, Vol, No. RISKS 20 18 The Canadian consumer-tracking service Air Miles inadvertently left 50,000 records of applicants for its loyalty program publicly accessible on their Web site for an undetermined length of time. The Web site was offline as of 21 January until the problem was fixed. Date 1999-02-03 Keyword data leakage Web script QA vulnerability confidentiality Source, Vol, No. WIRED via PointCast An error in the configuration or programming of the F. A. O. Schwarz Web site resulted paradoxically in weakening the security of transactions deliberately completed by FAX instead of through SSL. Customers who declined to send their credit-card numbers via SSL ended up having their personal details — address and so forth — stored in a Web page that could be accessed by anyone entering a URL with an appropriate (even if randomly chosen) numerical component. Date 1999-02-10 Keyword e-commerce credit card personal information password privacy Source, Vol, No. RISKS 20 20 Prof. Ross Anderson of Cambridge University analyzed requirements on the AMAZON.COM online bookstore for credit card number, password, and personal details such as phone number. He identified several risks: (1) merchant retention of credit card numbers poses a far higher risk of capture than of capture in transit; (2) adding a password increases the likelihood of compromise because so many naïve users choose bad passwords and then write them down; (3) even the British site for Amazon contravenes European rules on protecting consumer privacy; (3) such practices make it easier for banks to reject their clients' claims of fraudulent use of their credit-card numbers.
    [Show full text]
  • WORLD WAR C : Understanding Nation-State Motives Behind Today’S Advanced Cyber Attacks
    REPORT WORLD WAR C : Understanding Nation-State Motives Behind Today’s Advanced Cyber Attacks Authors: Kenneth Geers, Darien Kindlund, Ned Moran, Rob Rachwald SECURITY REIMAGINED World War C: Understanding Nation-State Motives Behind Today’s Advanced Cyber Attacks CONTENTS Executive Summary ............................................................................................................................................................................................................................................................................................................... 3 Introduction ............................................................................................................................................................................................................................................................................................................................................... 4 A Word of Warning ................................................................................................................................................................................................................................................................................................................. 5 The FireEye Perspective ...........................................................................................................................................................................................................................................................................................
    [Show full text]
  • Defending America Redefining the Conceptual Borders of Homeland Defense
    CSIS_______________________________ Center for Strategic and International Studies 1800 K Street N.W. Washington, DC 20006 (202) 775-3270 Updates from: CSIS.ORG, “Homeland Defense” Comments to: [email protected] DEFENDING AMERICA REDEFINING THE CONCEPTUAL BORDERS OF HOMELAND DEFENSE CRITICAL INFRASTRUCTURE PROTECTION AND INFORMATION WARFARE Final Review Draft for Comment Anthony H. Cordesman Arleigh A. Burke Chair in Strategy Revision: December 8, 2000 Copyright CSIS, all rights reserved. CSIS Homeland Defense: Asymmetric Warfare & Terrorism 12/12/00 Page ii Introduction The following report is a rough initial draft section of a full report on Homeland Defense being prepared as part of the CSIS Homeland Defense project. It is a rough working draft, and reflects solely the views of the author and not of the CSIS team working on the project. It is being circulated for comment and reaction and will be substantially modified and updated before being included in the final report. Copyright CSIS, all rights reserved CSIS Homeland Defense: Asymmetric Warfare & Terrorism 12/12/00 Page iii Acknowledgments The author would like to thank Stephanie M. Lanz, Andrew Li, Steve Chu, and Preston Golson for their help in researching and writing this study. Copyright CSIS, all rights reserved CSIS Homeland Defense: Asymmetric Warfare & Terrorism 12/12/00 Page iv Executive Summary There is nothing new about critical infrastructure protection. The US carried out limited contingency planning to deal with threats to its infrastructure facilities during the Cold War. These plans included attacks on key utilities such as power plants and grids, oil and gas pipelines, telecommunication, and critical facilities that affected the continuity of government.
    [Show full text]
  • Cyber Warfare an Analysis of the Means and Motivations of Selected Nation States
    CYBER WARFARE AN ANALYSIS OF THE MEANS AND MOTIVATIONS OF SELECTED NATION STATES INSTITUTE FOR SECURITY TECHNOLOGY STUDIES AT DARTMOUTH COLLEGE November 2004 Charles Billo Revised December 2004 Welton Chang 45 Lyme Road Hanover, NH 03755 603-646-0700 INSTITUTE FOR SECURITY TECHNOLOGY STUDIES ___________________________________________________________ Authors of this report: Charles G. Billo Senior Research Associate, ISTS Welton Chang Research Intern, ISTS ACKNOWLEDGEMENTS We are grateful for the numerous comments received from our anonymous reviewers as well as ISTS reviewers. In particular, the substantive suggestions received from Professor David Kotz, Eric Goetz, and Colleen Hurd, were especially helpful. We would like to thank Sarah Brooks and Jocelyn Troy for their help. We would also like to thank George Bakos, Kathleen Cassedy, Amy Gannon, Robert Hillery, Dennis McGrath, and the Technical Analysis Group at ISTS. DISCLAIMERS All Internet links and citations contained within were active at the time of publication. We cannot guarantee that the links will remain active indefinitely, although an effort was made to ensure that each citation contained enough information for the cited source to be located in print or other forms of media. Information available prior to November 1, 2004 was used in this report. Copyright © 2004, Trustees of Dartmouth College. All rights reserved. This project was supported under Award No. 2000-DT-CX-K001 from the Office for Domestic Preparedness, U.S. Department of Homeland Security. Points of view in this document are those of the authors and do not necessarily represent the official position of the U.S.Department of Homeland Security. 2 INSTITUTE FOR SECURITY TECHNOLOGY STUDIES ___________________________________________________________ FOREWORD This study, written in response to a grant provided by the Department of Homeland Security, assesses potential foreign computer threats to information technology networks in the United States.
    [Show full text]
  • Cyber War Methods and Practice Version 9.0 – 17 Jun 2014
    LV Internet policy Fachbereich 1 49069 Osnabrueck Cyber war Methods and Practice Version 9.0 – 17 Jun 2014 Summary Computer and internet security is under discussion due to the increasing relevance of the Internet and of the information and communication technology (ICT). The cyberspace is meanwhile regarded as separate military dimension. This paper gives an overview on the methods and practice of cyber war and presents the cyber war activities since 1998 and the security architecture of the cyberspace. Finally, the cyber war strategies of the United States, China and Russia and the cyber policies of the European and African Union are discussed. Version 9.0 – 17 Jun 2014_English 1 apl. Prof. Dr. Dr. K. Saalbach Table of Contents 1. Fundamentals ....................................................................................................... 4 1.1 Introduction ............................................................................................................... 4 1.2 Background ............................................................................................................... 4 1.3 Definition .................................................................................................................. 6 1.4 The general concept of cyber war ............................................................................. 7 1.4.1 Basic principles .................................................................................................. 7 1.4.2 Cyber war Definition ........................................................................................
    [Show full text]
  • Netcat, Superscan, Winscan
    IEEE Globecom 2011 Information Warfare Tom Chen Swansea University Wales, UK [email protected] Outline • Background - Definitions; actors; targets; historical cases • Attack techniques - Reconnaissance; intrusions; stealth; persistent control; DDoS • Defense techniques - Deterrence; prevention; detection; attribution; intrusion tolerance; self healing • Open research issues • Conclusions and future directions TC/Globecom2011/12-9-11 p. 2 Background TC/Globecom2011/12-9-11 p. 3 Section Outline • Definitions • Actors • Targets • Historical cases TC/Globecom2011/12-9-11 p. 4 Definitions • Info. warfare (or cyber warfare): military or political conflicts between nations carried out through computer networks - Actions to adversely affect enemy’s info. and info. systems while defending own - Information is both target and means for gaining advantage (in support of military/political goals) - Definitions vary, e.g., U.S. DoD defines broadly: “operations directed against information in any form, transmitted over any media, including operations against information content, its supporting systems and software, the physical hardware device that stores the data or instructions, and also human practices and perceptions” TC/Globecom2011/12-9-11 p. 5 DoD Definitions Info. Operations Broad (info. warfare) definition Psychological Military Operations Computer Electronic operations deception security network warfare Propaganda Weapon hiding, Classified operations Radio Examples: leaflets target decoys info. (CNO) jamming *Definition here Computer Computer Computer network network network exploitation/ attack (CNA) defense (CND) espionage (CNE) DDoS, Firewalls, Backdoors, malware IDS data theft TC/Globecom2011/12-9-11 p. 6 Recognition as Warfare Domain • U.S. DoD Strategy for Operating in Cyberspace (July 2011) recognizes cyberspace as 5th operational domain (with sea, air, land, space) “Potential U.S.
    [Show full text]
  • The Rise of China's Hacking Culture: Defining Chinese Hackers
    California State University, San Bernardino CSUSB ScholarWorks Electronic Theses, Projects, and Dissertations Office of aduateGr Studies 6-2016 The Rise of China's Hacking Culture: Defining Chinese Hackers William Howlett IV California State University - San Bernardino Follow this and additional works at: https://scholarworks.lib.csusb.edu/etd Part of the Asian Studies Commons, Criminology and Criminal Justice Commons, International Relations Commons, Politics and Social Change Commons, and the Science and Technology Studies Commons Recommended Citation Howlett, William IV, "The Rise of China's Hacking Culture: Defining Chinese Hackers" (2016). Electronic Theses, Projects, and Dissertations. 383. https://scholarworks.lib.csusb.edu/etd/383 This Thesis is brought to you for free and open access by the Office of aduateGr Studies at CSUSB ScholarWorks. It has been accepted for inclusion in Electronic Theses, Projects, and Dissertations by an authorized administrator of CSUSB ScholarWorks. For more information, please contact [email protected]. THE RISE OF CHINA’S HACKING CULTURE DEFINING CHINESE HACKERS A Thesis Presented to the Faculty of California State University, San Bernardino In Partial Fulfillment of the Requirements for the Degree Master of Arts in Social Sciences and Globalization by William Sedgwick Howlett June 2016 THE RISE OF CHINA’S HACKING CULTURE DEFINING CHINESE HACKERS A Thesis Presented to the Faculty of California State University, San Bernardino by William Sedgwick Howlett June 2016 Approved by: Cherstin Lyon, Committee Chair, Social Sciences and Globalization Jeremy Murray, Committee Member, History Jose Munoz, Committee Member, Sociology © 2016 William Sedgwick Howlett ABSTRACT China has been home to some of the most prominent hackers and hacker groups of the global community throughout the last decade.
    [Show full text]
  • Cyber Conflicts in International Relations: Framework and Case Studies
    Cyber Conflicts in International Relations: Framework and Case Studies Alexander Gamero-Garrido Engineering Systems Division Massachusetts Institute of Technology [email protected] | [email protected] Executive Summary Overview Although cyber conflict is no longer considered particularly unusual, significant uncertainties remain about the nature, scale, scope and other critical features of it. This study addresses a subset of these issues by developing an internally consistent framework and applying it to a series of 17 case studies. We present each case in terms of (a) its socio-political context, (b) technical features, (c) the outcome and inferences drawn in the sources examined. The profile of each case includes the actors, their actions, tools they used and power relationships, and the outcomes with inferences or observations. Our findings include: • Cyberspace has brought in a number of new players – activists, shady government contractors – to international conflict, and traditional actors (notably states) have increasingly recognized the importance of the domain. • The involvement of the private sector on cybersecurity (“cyber defense”) has been critical: 16 out of the 17 cases studied involved the private sector either in attack or defense. • All of the major international cyber conflicts presented here have been related to an ongoing conflict (“attack” or “war”) in the physical domain. • Rich industrialized countries with a highly developed ICT infrastructure are at a higher risk concerning cyber attacks. • Distributed Denial of Service (DDoS) is by far the most common type of cyber attack. • Air-gapped (not connected to the public Internet) networks have not been exempt from attacks. • A perpetrator does not need highly specialized technical knowledge to intrude computer networks.
    [Show full text]