DOCSLIB.ORG

The State of IT Security in Germany 2018 the STATE of IT SECURITY in GERMANY 2018

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

The State of IT Security in Germany 2018 THE STATE OF IT SECURITY IN GERMANY 2018 2 THE STATE OF IT SECURITY IN GERMANY 2018 | FOREWORD Foreword Our modern, high-tech society depends on the functio- In its 2018 report on the state of IT security in Germany, nal integrity of information technologies and commu- the BSI has presented a well-founded and comprehen- nication systems, effective infrastructure and a secure sive overview of the threats facing our country, our supply of energy. These systems are the foundation for people and our economy in cyberspace. Above all, how- technical progress and economic development in our ever, it illustrates the successful and indispensable efforts country. the BSI undertakes on our behalf. Germany, its residents, businesses and governmental agencies remain in the As such systems grow more complex and all the areas crosshairs of those looking to carry out cyberattacks. of our information society become more interconnect- Taking on these challenges and devising rapid, efficient ed, however, the risks posed by disruptions and attacks responses to the latest dangers in cyberspace remains from within Germany or abroad are increasing as well. the central task of the BSI and its employees. Threats in cyberspace are highly dynamic, and cyber attacks are becoming more adaptive and professional. Both IT systems and the methods used to attack them are constantly evolving at a rapid pace. The Federal Government takes seriously its responsibili- ty to ensure security also in cyberspace by maintaining a framework of IT security laws, pursuing a cybersecurity strategy and strengthening the relevant agencies. Nevertheless, we cannot – indeed, we must not – rest on our accomplishments. Instead, we will further develop our IT security legislation (IT-Sicherheitsgesetz 2.0) as a way to strengthen the government’s mandate to provide adequate protection in this regard. Our aim is to achieve a further expansion of the guidance and support the BSI offers to our federal republic, its states, citizens and companies. Nevertheless, these matters demand more than just governmental action. When it comes to guarding against such threats in business and industry, companies themselves are called upon to enhance their IT security measures and adapt them to new challenges. Cooperation and the sharing of information among all the entities involved are essential to address the dangers of cyberspace effectively. Security standards need to be established and enforced, and that requires a strong moderator. In addition to serving as the security service provider for Germany’s federal administration, the BSI already offers a broad portfolio of security services for business and industry as well as society in general. I am committed to further expanding the BSI’s capabilities Horst Seehofer and advancing it as our national cybersecurity authority. Federal Minister of the Interior, Building and Community 3 THE STATE OF IT SECURITY IN GERMANY 2018 | FOREWORD Foreword With the increase in motorised traffic at the beginning the level of threat. The legal framework must be further of the industrial age, new regulations had to be created, developed, existing cooperation efforts intensified nation- new technical facilities implemented and new behaviour ally and internationally, and affected protection measures learned in order to guarantee road safety. For more than continually put to the test. We need to remain open to new 100 years, traffic lights have regulated the traffic and road things, anticipate current threats and intensify our aware- traffic regulations have been in place since 1934, providing ness of the importance of IT security. rules of conduct for all road users. For some road users a required test was even introduced before they were allowed We must stay clear on one point: the digitisation process to use their vehicle. New professions were created, new cannot continue successfully without cyber security. BSI rules laid down, and new institutions had to govern traffic. approaches this process in line with its own guidelines: as the national cyber security authority, the BSI is responsible Today, we are at the beginning of a new era again. Digiti- for digital information security for the state, businesses and sation increasingly determines the activities of states and society through prevention, detection and reaction. businesses, as well as the everyday life of citizens. And just as in the early days of the industrial age, we need to create new I hope you find the 2018 status report interesting and regulations, implement new technical facilities and learn informative. new behaviours to increase cyber security. A few examples include the German IT Security Act, IT-Grundschutz stand- ards and behavioural rules on how to handle smartphones, tablets and more are just a few examples. In contrast to the start of the industrial age, however, we have less time to respond and adapt to this new techno- logical foundation as a society. The pace of innovation in digitisation is breath-taking. New applications and new products are reaching the market in ever shorter cycles with new companies based on innovative digital technologies displacing the old established ones. And globalisation and technical networking mean that mistakes in development, gaps in regulations and negligence in behaviour often have immense consequences. The more important digitisation becomes for governmental activities, our businesses and our everyday life, the more the associated challenges of cyber security must be tackled jointly by all those involved at national and international level. Germany has made good progress in this direction. Impor- tant legislative and operational measures have been imple- mented in all areas. The networking of players at federal, state and local level has been driven forward, cooperation with industry has been expanded, and the BSI has been significantly increased in terms of personnel. We are well prepared. But only as long as we as a society continue to increase our Arne Schönbohm efforts for a stable and successful cyber defence at least President of the Federal Office proportionately to but ideally as a proactive response to for Information Security (BSI) 4 THE STATE OF IT SECURITY IN GERMANY 2018 | CONTENT Content Foreword Foreword Horst Seehofer, Federal Minister of the Interior, Building and Community 3 Foreword Arne Schönbohm, President of the Federal Office for Information Security (BSI) 4 1 The Level of Threat 7 1.1 The level of threat to the Federal Government 7 1.2 The level of threat to critical infrastructures and the business world 10 1.3 The level of threat to society 17 1.4 Attack methods and means 23 2 BSI Solutions and Services 53 2.1 Target audience: state and administration 53 2.2 Target audience: the business world 64 2.3 Target audience: society 72 2.4 Target audience: international cooperation 84 2.5 Cyber security needs IT professionals 88 3 General Evaluation and Conclusion 91 4 Glossary 96 Legal Notice 99 5 The Level of Threat 6 THE STATE OF IT SECURITY IN GERMANY 2018 | THE LEVEL OF THREAT 1 The Level of Threat This chapter describes the level of threat to IT security in Protection against malware Germany in the period from 1 July 2017 to 31 May 2018. It is divided into three areas: the Federal Administration, Cyber attacks on the German government’s networks critical infrastructures/the business world and society. occur on a daily basis. In addition to arbitrary large-scale It also looks at the methods and means of attack used by operations, these networks are exposed to targeted attack perpetrators, in addition to the general conditions and campaigns. causes, providing a number of examples of how attacks on IT security can affect life in a digitised society. The most frequently detected attacks on the Federal Administration involve e-mails containing malware. Using automated anti-virus measures, an average of 28,000 e-mails 1.1 The level of threat to the of this kind were intercepted in real time each month before Federal Government they reached the recipients’ inboxes. Of these, an average of around 6,000 malicious e-mails were collected each To ensure that government institutions are able to carry month using specially created anti-virus signatures alone. out their constitutional tasks safely and sustainably, the The decline in these figures compared to the previous year’s state‘s information systems must be able to operate reliably report can mainly be attributed to the sharp downturn in and without disruption. This is the only reliable way to ransomware in 2017, which was also observed outside the guarantee forgery-proof documentation of administrative government’s networks. In comparison to previous years, activities and to allow the state to communicate with its significantly more malware was distributed via links in citizens without gaps and protected against manipula- e-mails rather than as attachments. tion of any kind. If this is not possible due to impaired or non-functional information systems, confidence in the In HTTP traffic, an average of around 500 malware pro- integrity of the state is shaken. In digital society, the infor- grammes were detected and blocked each month in 2017. mation systems of the state authorities have thus become This was another area in which the trend towards merely critical factors for the functioning of the community. incorporating links to malware into e-mails rather than attaching the malware itself continued in 2018. 1.1.1 Insights from the protection of To supplement its automated anti-virus measures, the BSI government networks operates an additional downstream system to detect malware in the government’s network traffic in accordance with End-to-end encrypted communications and a robust, the expanded authority granted to the BSI by German law redundant architecture are the most important measures (Section 5 of the BSIG). The manner in which it combines taken to protect the central government.
Recommended publications
  • Ransom Where?

    Ransom Where?

    Ransom where? Holding data hostage with ransomware May 2019 Author With the evolution of digitization and increased interconnectivity, the cyberthreat landscape has transformed from merely a security and privacy concern to a danger much more insidious by nature — ransomware. Ransomware is a type of malware that is designed to encrypt, Imani Barnes Analyst 646.572.3930 destroy or shut down networks in exchange [email protected] for a paid ransom. Through the deployment of ransomware, cybercriminals are no longer just seeking to steal credit card information and other sensitive personally identifiable information (PII). Instead, they have upped their games to manipulate organizations into paying large sums of money in exchange for the safe release of their data and control of their systems. While there are some business sectors in which the presence of this cyberexposure is overt, cybercriminals are broadening their scopes of potential victims to include targets of opportunity1 across a multitude of industries. This paper will provide insight into how ransomware evolved as a cyberextortion instrument, identify notorious strains and explain how companies can protect themselves. 1 WIRED. “Meet LockerGoga, the Ransomware Crippling Industrial Firms” March 25, 2019; https://www.wired.com/story/lockergoga-ransomware-crippling-industrial-firms/. 2 Ransom where? | May 2019 A brief history of ransomware The first signs of ransomware appeared in 1989 in the healthcare industry. An attacker used infected floppy disks to encrypt computer files, claiming that the user was in “breach of a licensing agreement,”2 and demanded $189 for a decryption key. While the attempt to extort was unsuccessful, this attack became commonly known as PC Cyborg and set the archetype in motion for future attacks.
  • Monthly Threat Report November 2020

    Monthly Threat Report November 2020

    NTT Ltd. Global Threat Intelligence Center Monthly Threat Report November 2020 hello.global.ntt report | GTIC Monthly Threat Report: November 2020 Contents Feature article: Security in the app economy 03 Spotlight article: The Trickbot takedown 07 Spotlight article: Snapshot of threats to retail 08 About NTT Ltd.’s Global Threat Intelligence Center 09 2 | © Copyright NTT Ltd. hello.global.ntt report | GTIC Monthly Threat Report: November 2020 Security in the app economy Lead Analyst: Zach Jones, Sr. Director of Detection Research, WhiteHat Security, US It used to be simple; a retailer Attack vectors and security spending when organizations are trying to enable was a retailer and a bank was are misaligned customer access in our ‘there’s an app for that’ world. The problem is that a bank. Initially, the role of According to our 2020 NTT Ltd. represents a pipeline where benign and Global Threat Intelligence Report, 33% software in non-technology malicious traffic alike enter networks of observed attacks globally were sectors stayed behind the straight through firewalls and DMZs. The application-specific and 22% of attacks protocol was never designed for secure scenes, supporting the core were web-application based. This means application delivery so building HTTP competencies of that industry, a total of 55% of attacks detected globally applications is prone to error. Threat like inventory management occurred at the application layer. for retailers and account actors will continue to abuse these virtual According to Gartner Group, the 2020 front doors and windows. They are easy management for banks. Security Market Segment spend is to access and are often the weakest link This is no longer the case.
  • CYBER ATTACK TRENDS Mid Year Report 2021 CONTENTS

    CYBER ATTACK TRENDS Mid Year Report 2021 CONTENTS

    CYBER ATTACK TRENDS Mid Year Report 2021 CONTENTS 04 EXECUTIVE SUMMARY 07 TRIPLE EXTORTION RANSOMWARE—THE THIRD-PARTY THREAT 11 SOLARWINDS AND WILDFIRES 15 THE FALL OF AN EMPIRE—EMOTET’S FALL AND SUCCESSORS 19 MOBILE ARENA DEVELOPMENTS 2 22 COBALT STRIKE STANDARDIZATION 26 CYBER ATTACK CATEGORIES BY REGION 28 GLOBAL THREAT INDEX MAP 29 TOP MALICIOUS FILE TYPES—WEB VS. EMAIL CHECK POINT SOFTWARE MID-YEAR REPORT 2021 31 GLOBAL MALWARE STATISTICS 31 TOP MALWARE FAMILIES 34 Top Cryptomining Malware 36 Top Mobile Malware 38 Top Botnets 40 Top Infostealers Malware 42 Top Banking Trojans 44 HIGH PROFILE GLOBAL VULNERABILITIES 3 47 MAJOR CYBER BREACHES (H1 2021) 53 H2 2021: WHAT TO EXPECT AND WHAT TO DO 56 PREVENTING MEGA CYBER ATTACKS 60 CONCLUSION CHECK POINT SOFTWARE MID-YEAR REPORT 2021 EXECUTIVE SUMMARY CHECK POINT SOFTWARE’S MID-YEAR SECURITY REPORT REVEALS A 29% INCREASE IN CYBERATTACKS AGAINST ORGANIZATIONS GLOBALLY ‘Cyber Attack Trends: 2021 Mid-Year Report’ uncovers how cybercriminals have continued to exploit the Covid-19 pandemic and highlights a dramatic global 93% increase in the number of ransomware attacks • EMEA: organizations experienced a 36% increase in cyber-attacks since the beginning of the year, with 777 weekly attacks per organization • USA: 17% increase in cyber-attacks since the beginning of the year, with 443 weekly attacks per organization • APAC: 13% increase in cyber-attacks on organizations since the beginning of the year, with 1338 weekly attacks per organization In the first six months of 2021, the global rollout of COVID-19 vaccines gave hope that we will be able to live without restrictions at some point—but for a majority of organizations internationally, a return to pre-pandemic ‘norms’ is still some way off.
  • Global Security Report End Year 2020 Executive Summary

    Global Security Report End Year 2020 Executive Summary

    Global Security Report End Year 2020 Executive Summary The Zix | AppRiver Global Security Report for 2020 highlights the threats and trends Zix | AppRiver Security analysts saw throughout the year. In 2020, analysts saw attackers shift their tactics to take advantage of the unprecedented situation the world faced due to the Covid-19 pandemic. These attacks: • Aimed to take advantage of uncertainty surrounding the pandemic and the shift to “work from home” throughout much of the year. • Leveraged other world events, like the contentious US election, to distribute their attacks. • Multiplied "living off the land” attacks across many new and otherwise legitimate services. • Continued shift from high volume email blasts to a much more focused and customized attack style. • Posed impersonation attacks as internal executive communications and were persistent throughout 2020. In this report, we will take a deep dive into many of the threats and trends we saw in email security as well as discuss examples of prevalent attacks and explore potential impacts. Introduction Threat actors have always leveraged both local and world events to help spread their attacks. Never more so than in 2020. Early in the year, as the global pandemic came to fruition, attackers began launching spam, phishing and malware attacks utilizing interest in the pandemic. It wasn’t long before they had begun crafting attacks centered around the surge in remote work. Later in the year they took advantage of the contentious US Election cycle to distribute attacks. In 2020, Attackers continued to embrace the use of more targeted attacks versus the large volume email blasts we have seen in the past.
  • Why We Should Consider the Plurality of Hacker and Maker Cultures 2017

    Why We Should Consider the Plurality of Hacker and Maker Cultures 2017

    Repositorium für die Medienwissenschaft Sebastian Kubitschko; Annika Richterich; Karin Wenz „There Simply Is No Unified Hacker Movement.“ Why We Should Consider the Plurality of Hacker and Maker Cultures 2017 https://doi.org/10.25969/mediarep/1115 Veröffentlichungsversion / published version Zeitschriftenartikel / journal article Empfohlene Zitierung / Suggested Citation: Kubitschko, Sebastian; Richterich, Annika; Wenz, Karin: „There Simply Is No Unified Hacker Movement.“ Why We Should Consider the Plurality of Hacker and Maker Cultures. In: Digital Culture & Society, Jg. 3 (2017), Nr. 1, S. 185– 195. DOI: https://doi.org/10.25969/mediarep/1115. Erstmalig hier erschienen / Initial publication here: https://doi.org/10.14361/dcs-2017-0112 Nutzungsbedingungen: Terms of use: Dieser Text wird unter einer Creative Commons - This document is made available under a creative commons - Namensnennung - Nicht kommerziell - Keine Bearbeitungen 4.0 Attribution - Non Commercial - No Derivatives 4.0 License. For Lizenz zur Verfügung gestellt. Nähere Auskünfte zu dieser Lizenz more information see: finden Sie hier: https://creativecommons.org/licenses/by-nc-nd/4.0 https://creativecommons.org/licenses/by-nc-nd/4.0 “There Simply Is No Unified Hacker Movement.” Why We Should Consider the Plurality of Hacker and Maker Cultures Sebastian Kubitschko in Conversation with Annika Richterich and Karin Wenz Sebastian Kubitschko is a postdoctoral researcher at the Centre for Media, Communication and Information Research (ZeMKI) at the University of Bremen in Germany. His main research fields are political communication, social movements and civil society organisations. In order to address the relevance of new forms of techno-political civic engagement, he has conducted qualitative, empirical research on one of the world’s oldest and largest hacker organisations, the Chaos Computer Club (CCC).
  • Threat Landscape Report

    Threat Landscape Report

    QUARTERLY Threat Landscape Report Q3 2020 NUSPIRE.COM THIS REPORT IS SOURCED FROM 90 BILLION TRAFFIC LOGS INGESTED FROM NUSPIRE CLIENT SITES AND ASSOCIATED WITH THOUSANDS OF DEVICES AROUND THE GLOBE. Nuspire Threat Report | Q2Q3 | 2020 Contents Introduction 4 Summary of Findings 6 Methodology and Overview 7 Quarter in Review 8 Malware 9 Botnets 15 Exploits 20 The New Normal 28 Conclusion and Recommendations 31 About Nuspire 33 3 | Contents Nuspire Threat Report | Q3 | 2020 Introduction In Q2 2020, Nuspire observed the increasing lengths threat actors were going to in order to capitalize on the pandemic and resulting crisis. New attack vectors were created; including VPN usage, home network security issues, personal device usage for business purposes and auditability of network traffic. In Q3 2020, we’ve observed threat actors become even more ruthless. Shifting focus from home networks to overburdened public entities including the education sector and the Election Assistance Commission (EAC). Many school districts were forced into 100% virtual or hybrid learning models by the pandemic. Attackers have waged ransomware attacks at learning institutions who not only have the financial resources to pay ransoms but feel a sense of urgency to do so in order to avoid disruptions during the school year. Meanwhile, the U.S. Elections have provided lures for phishers to attack. Nuspire witnessed Q3 attempts to guide victims to fake voter registration pages to harvest information while spoofing the Election Assistance Commission (EAC). Like these examples, cybercriminals taking advantage of prominent media themes are expected. We anticipate our Q4 2020 Threat Report 4 | Introduction Nuspire Threat Report | Q3 | 2020 to find campaigns leveraging more of the United report each quarter is a great step to gain that States Presidential election as well.
  • Cybersecurity Forum Für Datensicherheit, Datenschutz Und Datenethik 23

    Cybersecurity Forum Für Datensicherheit, Datenschutz Und Datenethik 23

    3. JAHRESTAGUNG CYBERSECURITY FORUM FÜR DATENSICHERHEIT, DATENSCHUTZ UND DATENETHIK 23. APRIL 2020, FRANKFURT AM MAIN #cyberffm Premium-Partner: Veranstaltungspartner: 3. JAHRESTAGUNG CYBERSECURITY DEUTSCHLAND — DIGITAL — SICHER — BSI Die Schadsoftware »Emotet« hat uns in den letzten Wochen und Monaten erneut schmerzhaft vor Augen geführt, welche Auswirkungen es haben kann, wenn man die Vorteile der Digitalisierung genießt, ohne die dafür unabdingbar notwendige Infor- mationssicherheit zu gewährleisten. Stadtverwaltungen, Behörden, Krankenhäuser und Universitäten wurden lahmgelegt, Unternehmen mussten zeitweise den Betrieb einstellen. Die Folgen sind für jeden von uns spürbar: Arbeitsplätze sind in Gefahr, Waren und Dienstleistungen können nicht mehr angeboten und verkauft werden, Krankenhäuser müssen die Patientenannahme ablehnen. Stadtverwaltungen sind nicht mehr arbeitsfähig und schließen ihre Bürgerbüros. Bürgerinnen und Bürger konnten keine Ausweise und Führerscheine beantragen, keine Autos anmelden und keine Sperrmüllabfuhr bestellen. Sogar Hochzeiten mussten verschoben werden. Und wie würde die Lage wohl erst aussehen, wenn wir tatsächlich in einer voll digitalisierten Welt lebten? Das BSI beschäftigt sich damit, in welchen Anwendungsfeldern der Digitalisierung Risiken entstehen könnten und wie wir diese Risiken kalkulierbar und beherrschbar machen können. Unsere Stärke ist es, Themen der Informationssicherheit gebündelt fachlich zu analysieren und aus der gemeinsamen Analyse heraus konkrete Angebote für unterschiedliche Zielgruppen
  • Jane Hutt: Businesses That Have Received Welsh Government Grants During 2011/12

    Jane Hutt: Businesses That Have Received Welsh Government Grants During 2011/12

    Jane Hutt: Businesses that have received Welsh Government grants during 2011/12 1 STOP FINANCIAL SERVICES 100 PERCENT EFFECTIVE TRAINING 1MTB1 1ST CHOICE TRANSPORT LTD 2 WOODS 30 MINUTE WORKOUT LTD 3D HAIR AND BEAUTY LTD 4A GREENHOUSE COM LTD 4MAT TRAINING 4WARD DEVELOPMENT LTD 5 STAR AUTOS 5C SERVICES LTD 75 POINT 3 LTD A AND R ELECTRICAL WALES LTD A JEFFERY BUILDING CONTRACTOR A & B AIR SYSTEMS LTD A & N MEDIA FINANCE SERVICES LTD A A ELECTRICAL A A INTERNATIONAL LTD A AND E G JONES A AND E THERAPY A AND G SERVICES A AND P VEHICLE SERVICES A AND S MOTOR REPAIRS A AND T JONES A B CARDINAL PACKAGING LTD A BRADLEY & SONS A CUSHLEY HEATING SERVICES A CUT ABOVE A FOULKES & PARTNERS A GIDDINGS A H PLANT HIRE LTD A HARRIES BUILDING SERVICES LTD A HIER PLUMBING AND HEATING A I SUMNER A J ACCESS PLATFORMS LTD A J RENTALS LIMITED A J WALTERS AVIATION LTD A M EVANS A M GWYNNE A MCLAY AND COMPANY LIMITED A P HUGHES LANDSCAPING A P PATEL A PARRY CONSTRUCTION CO LTD A PLUS TRAINING & BUSINES SERVICES A R ELECTRICAL TRAINING CENTRE A R GIBSON PAINTING AND DEC SERVS A R T RHYMNEY LTD A S DISTRIBUTION SERVICES LTD A THOMAS A W JONES BUILDING CONTRACTORS A W RENEWABLES LTD A WILLIAMS A1 CARE SERVICES A1 CEILINGS A1 SAFE & SECURE A19 SKILLS A40 GARAGE A4E LTD AA & MG WOZENCRAFT AAA TRAINING CO LTD AABSOLUTELY LUSH HAIR STUDIO AB INTERNET LTD ABB LTD ABER GLAZIERS LTD ABERAVON ICC ABERDARE FORD ABERGAVENNY FINE FOODS LTD ABINGDON FLOORING LTD ABLE LIFTING GEAR SWANSEA LTD ABLE OFFICE FURNITURE LTD ABLEWORLD UK LTD ABM CATERING FOR LEISURE LTD ABOUT TRAINING
  • User Controlled Hardware Security Anchors: Evaluation and Designs Dr David Oswald, Prof Mark Ryan, Prof Flavio Garcia the University of Birmingham

    User Controlled Hardware Security Anchors: Evaluation and Designs Dr David Oswald, Prof Mark Ryan, Prof Flavio Garcia the University of Birmingham

    User Controlled Hardware Security Anchors: Evaluation and Designs Dr David Oswald, Prof Mark Ryan, Prof Flavio Garcia The University of Birmingham Industry partners: HP Labs, Yubico Why Hardware Security Anchors? 2 Why Hardware Security Anchors? 3 User Controlled Hardware Security Anchors: Evaluation and Designs (1) . WP1: Evaluate the security of available security anchors and Trusted Execution Environments (more later) . WP2: Establishing secure channels between TEE and the user through … – Auxiliary devices – Platform features for secure I/O 4 User Controlled Hardware Security Anchors: Evaluation and Designs (2) . WP3: Enhancing user authentication – Basis: FIDO(2) and U2F – Addressing enrollment and revocation – Authentication policies (e.g. location, …) – Formal modelling and verification . WP4: Demonstrators – TEE implementation – Smartphone app – Authentication token 5 Evaluating the state of TEE security An overview Trusted Execution Environments in a nutshell . Main technologies at present: – Trusted Platform Module (separate chip or firmware) – Intel Software Guard eXtensions (microcode w/ HW) – AMD Platform Security Processor (separate core) – ARM TrustZone (software w/ HW support) – Apple Secure Enclave Processor (separate core, same die) . All provide some form of running code or crypto operations in isolation . Most require cooperation with the silicon/device manufacturer (to different extent) 7 Relevant attack vectors . “Classical” vulnerabilities, e.g. buffer overflows . Microarchitecture (e.g. cache timing, Spectre and
  • Ethical Hacking

    Ethical Hacking

    Ethical Hacking Alana Maurushat University of Ottawa Press ETHICAL HACKING ETHICAL HACKING Alana Maurushat University of Ottawa Press 2019 The University of Ottawa Press (UOP) is proud to be the oldest of the francophone university presses in Canada and the only bilingual university publisher in North America. Since 1936, UOP has been “enriching intellectual and cultural discourse” by producing peer-reviewed and award-winning books in the humanities and social sciences, in French or in English. Library and Archives Canada Cataloguing in Publication Title: Ethical hacking / Alana Maurushat. Names: Maurushat, Alana, author. Description: Includes bibliographical references. Identifiers: Canadiana (print) 20190087447 | Canadiana (ebook) 2019008748X | ISBN 9780776627915 (softcover) | ISBN 9780776627922 (PDF) | ISBN 9780776627939 (EPUB) | ISBN 9780776627946 (Kindle) Subjects: LCSH: Hacking—Moral and ethical aspects—Case studies. | LCGFT: Case studies. Classification: LCC HV6773 .M38 2019 | DDC 364.16/8—dc23 Legal Deposit: First Quarter 2019 Library and Archives Canada © Alana Maurushat, 2019, under Creative Commons License Attribution— NonCommercial-ShareAlike 4.0 International (CC BY-NC-SA 4.0) https://creativecommons.org/licenses/by-nc-sa/4.0/ Printed and bound in Canada by Gauvin Press Copy editing Robbie McCaw Proofreading Robert Ferguson Typesetting CS Cover design Édiscript enr. and Elizabeth Schwaiger Cover image Fragmented Memory by Phillip David Stearns, n.d., Personal Data, Software, Jacquard Woven Cotton. Image © Phillip David Stearns, reproduced with kind permission from the artist. The University of Ottawa Press gratefully acknowledges the support extended to its publishing list by Canadian Heritage through the Canada Book Fund, by the Canada Council for the Arts, by the Ontario Arts Council, by the Federation for the Humanities and Social Sciences through the Awards to Scholarly Publications Program, and by the University of Ottawa.
  • Hacktivism Cyberspace Has Become the New Medium for Political Voices

    Hacktivism Cyberspace Has Become the New Medium for Political Voices

    White Paper Hacktivism Cyberspace has become the new medium for political voices By François Paget, McAfee Labs™ Table of Contents The Anonymous Movement 4 Origins 4 Defining the movement 6 WikiLeaks meets Anonymous 7 Fifteen Months of Activity 10 Arab Spring 10 HBGary 11 The Sony ordeal 11 Lulz security and denouncements 12 Groups surrounding LulzSec 13 Green rights 14 Other operations 15 AntiSec, doxing, and copwatching 16 Police responses 17 Anonymous in the streets 18 Manipulation and pluralism 20 Operation Megaupload 21 Communications 21 Social networks and websites 21 IRC 22 Anonymity 23 DDoS Tools 24 Cyberdissidents 25 Telecomix 26 Other achievements 27 Patriots and Cyberwarriors 28 Backlash against Anonymous 29 TeaMp0isoN 30 Other achievements 30 Conclusion 32 2 Hacktivism What is hacktivism? It combines politics, the Internet, and other elements. Let’s start with the political. Activism, a political movement emphasising direct action, is the inspiration for hacktivism. Think of Greenpeace activists who go to sea to disrupt whaling campaigns. Think of the many demonstrators who protested against human rights violations in China by trying to put out the Olympic flame during its world tour in 2008. Think of the thousands of activists who responded to the Adbusters call in July 2011 to peacefully occupy a New York City park as part of Occupy Wall Street. Adding the online activity of hacking (with both good and bad connotations) to political activism gives us hacktivism. One source claims this term was first used in an article on the filmmaker Shu Lea Cheang; the article was written by Jason Sack and published in InfoNation in 1995.
  • Superseding Indictment

    Superseding Indictment

    _.1{:~~")li~~lti:f~{ FilED ~'Y.:{fs;v, ~,;;rin>---- f-:V' . .. mOPEN COURT .. .1 ''· ··\wi IN THE UNITED STATES DISTRICT COURT F ~~ ffHE f 'f.i 2 EASTERN DISTRICT OF VIRGINIA I?_! ~ 'iJII~ J .·· CLEHI\ U.S. DISTRICT COURT Alexandria Division illgi\NDRIA, VIRGIN!~--~~-' UNITED STATES OF AMERICA Criminal No. 1:18-cr-111 (CMH) v. Count 1: 18 U.S.C. § 793(g) Conspiracy To Obtain and Disclose National JULIAN PAUL ASSANGE, Defense Information Defendant. Count 2: 18 U.S.C. § 371 Conspiracy to Commit Computer Intrusions Counts 3, 4: 18: 18 U.S.C §§ 793(b) and2 Obtaining National Defense Infmmation Counts 5-8: 18 U.S.C. §§ 793(c) and 2 Obtaining National Defense Information Counts 9-11: 18 U.S.C. §§ 793(d) and2 Disclosure ofNational Defense Infmmation Counts 12-14: 18 U.S.C. §§ 793(e) and 2 Disclosure ofNational Defense Information Counts 15-17: 18 U.S.C. § 793(e) Disclosure ofNational Defense Information SECOND SUPERSEDING INDICTMENT June 2020 Term- at Alexandria, Virginia . THE GRAND JURY CHARGES THAT: GENERAL ALLEGATIONS A. ASSANGE and WikiLeaks 1. From at least 2007,1 JULIAN PAUL ASSANGE ("ASSANGE"} was the public 1 When the Grand Jury alleges in this Superseding Indictment that an event occurred on a particular date, the Grand Jury means to convey that the event occmTed "on or about" that date. face of"WikiLeaks," a website he founded with others as an "intelligence agency ofthe people." To obtain information to release on the WikiLeaks website, ASSANGE recruited sources and predicated the success of WikiLeaks in pmi upon the recruitment of sources to (i) illegally circumvent legal safeguards on infonnation, including classification restrictions and computer and network access restrictions; (ii) provide that illegally obtained information to WikiLeaks for public dissemination; and (iii) continue the pattern of illegally procuring and providing classified and hacked information to WikiLeaks for distribution to the public.