DOCSLIB.ORG

Learn How to Protect It Before It Is Too Late Your Critical Infrastructure Is

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

0100110001101111011100100110010101101101001000000110100101110 0000111001101110101011011010010000001100100011011110110110001 1011110111001000100000011100110110100101110100001000000110000 1011011010110010101110100001011000010000001100011011011110110 1110011100110110010101100011011101000110010101110100011101010 1110010001000000110000101100100010100110001101111011100100110 0101011011010010000001101001011100000111001101110101011011010 0100000011001000110111101101100011011110111001000100000011100 1101101001011101000010000001100001011011010110010101110100001 0110000100000011000110110111101101110011100110110010101100011 0111010001100101011101000111010101110010001000000110000101100 10001 0100110001101111011100100110010101101101001000000110100 1011100000111001101110101011011010010000001100100011011110110 1100011011110111001000100000011100110110100101110100001000000 1100001011011010110010101110100001011000010000001100011011011 1101101110011100110110010101100011011101000110010101110100011 1010101110010001000000110000101100100010100110001101111011100 1001100101011011010010000001101001011100000111001101110101011 0110100100000011001000110111101101100011011110111001000100000 0111001101101001011101000010000001100001011011010110010101110 1000010110000100000011000110110111101101110011100110110010101 1000110111010001100101011101000111010101110010001000000110000 1011001000101001100011011110111001001100101011011010010000001 1010010111000001110011011101010110110100100000011001000110111 1011011000110111101110010001000000111001101101001011101000010Your Critical Infrastructure 0000011000010110110101100101011101000010110000100000011000110 1101111011011100111001101100101011000110111010001100101011101is No Longer Immune 0001110101011100100010000001100001011001000101001100011011110 1110010011001010110110100100000011010010111000001110011011101to Cyber Attacks 010110110100100000011001000110111101101100011011110111001000 Learn How to Protect it Before it is Too Late Whitepaper WHITEPAPER TABLE OF CONTENTS Executive Summary 3 More Threats Than Ever, No Slowing Down 4 Concurrently Increasing Threat Sophistication 4 Everyone is Affected – But CIs See Highest Impact 5 Where are CIs Vis à Vis These Threats? 5 Six Factors Making CIs More Vulnerable to Cyber Threats Than Any Other Organization 6 Security for ICS/SCADA Was Not Built-In From the Get Go 6 Reluctance to Replace/Update Equipment and Software 7 Cyber Security Directives are Mostly Voluntary 7 Assumed Physical Isolation, Obscurity, Are Myths 8 Using Security Solutions That Don’t Fit the Job 8 CIs are Prime Target for Hostile Hackers, Hacktivists and Nation States 9 What Can CIs Do to Dramatically Lower risk Exposure? 9 Periodic Training and Awareness Campaigns 9 Strategic Segmentation 10 Defense in Depth 10 Real-Time Malware Protection 10 Detect Unknown Cyber and Operational Threats 11 Keep Evolving! Threats Are a Moving Target 11 Your Critical Infrastructure is No Longer Immune to Cyber Attacks Confidential 2 WHITEPAPER EXECUTIVE SUMMARY Researchers and organizations tasked with evaluating the evolution of cyber threats as they apply to consumers, businesses and critical infrastructure (CI), have been increasingly sounding the alarm that threats are growing in severity. Cyber- borne malice is on the rise in scale and sophistication, frequently bringing highly targeted, complex, and dangerous attack scenarios to light. The information revolution launched by the Internet has reached into every corner of our lives, and cyber threats nowadays adversely affect every type of organization. However, there is one sector where impact by an attack can be devastating. That sector is the industries defined as critical infrastructure; the backbone of the economy and the facilitator of life as we know it. Critical infrastructure is not only where impact from cyber-attacks can reach catastrophic dimensions, it is also a very vulnerable sector due to the historical way security was neglected for most systems still being used today. This paper will explore the particularities that result in significantly higher risk levels for CIs as compared with those encountered by other organizations. The conclusion section offers some best practices and suggests ways to use technological innovations to make CIs more resilient and better protected in the face of a brave new world of connectivity and threats from cyber space. Your Critical Infrastructure is No Longer Immune to Cyber Attacks Confidential 3 WHITEPAPER MORE THREATS THAN EVER, NO SLOWING DOWN The way things stand in the world of online threat nowadays, the information revolution and Internet connectivity have brought with them the threat of constant cyber-attacks that increase in number every year. Looking at some statistics, 2013 was the seventeenth record year for phishing attacks, with over 450,000 incidents. The number of phishing attacks have increased every single year since 1996 when this type of cyber threat started gaining momentum. On the malware front, new malicious code of all types exceeded the 20 million variant mark in the third quarter of 20131, and the tally grows every year. In fact, one AV vendor2 claimed that 20% of all malware ever invented saw light in 2013. Another stark example is mobile malware. 2014 marks the tenth anniversary of this threat, which saw a major boom throughout the past four years, evolving to include Trojans, spyware, adware, and most troubling – leveraged in the facilitation of targeted cyber espionage attacks. Researchers3 note having found an average of 272 new malware variants and five new families per month in 2013. In a report released late March 2014, it was further indicated that mobile malware and high risk apps reached the 2 million milestone, which is double the number reported a mere six months earlier. The picture is clear: the number of threats and attacks they are used in is growing exponentially and their rapid evolution is unstoppable. CONCURRENTLY INCREASING THREAT SOPHISTICATION Beyond their sheer number, cyber threats and the attacks experts who see the escalation first hand. Take for they are linked with have also been evolving in terms example the espionage operation dubbed Careto / of sophistication. This trend holds true for commercially The Mask; the campaign was named “One of the most available threats, sold in underground markets, where a new, advanced global cyber espionage campaigns to date5” notable maturity has been emerging, pointing to greater by Kaspersky Labs researchers. sophistication, stealthier malware, and better encryption keeping attackers anonymous and out of sight4. Another recent example is the Uroburos APT; it was named “one of the most advanced rootkits we have ever analyzed”, It is quite alarming that the same progression applies by G-Data’s research team. to targeted attacks (and advanced persistent threats). Carefully tailored to their victims’ systems, APTs are made To that effect, in a recent interview at the RSA Conference to circumvent existing security, infiltrate the infrastructure, 2014, Wade Baker, principal analyst at Verizon, noted: and slowly make their way toward the final mark. Those targeted attack schemes are one of the top concerns for security teams in all types of organizations. “…The bad guys are winning at a faster rate than The notable, increased intricacy of the targeted breed the good guys are winning and we’ve got to of cyber-attacks is frequently underscored by industry solve that; we’ve got to do something different. ” Phishing: Over 450,000 unique attacks in 2013 Malware: Tens of millions of variants per quarter in 2013. 20% of all malware ever was released in 2013. Mobile Malware: On average 272 new malware variants and five new families per month in 2013. Variant count doubles within six months from 1 million to 2 million. 1 Source: McAfee Labs 2 Source: Panda Security 3 Source: Symantec 4 Source: RAND Corp. 5 Source: Kaspersky Labss Your Critical Infrastructure is No Longer Immune to Cyber Attacks Confidential 4 WHITEPAPER EVERYONE IS AFFECTED – Another quote on the subject came from former head of the NSA Gen. Keith Alexander (see side bar). In a speech to the BUT CIs SEE HIGHEST IMPACT senate, Alexander described the imminence of a devastating cyber-attack that would affect critical infrastructure and the High profile cyber-attacks publicized over the past five years population as a whole, indicating it was only a matter of time have organizations of all sizes more invested than ever in before such a scenario becomes reality. protecting their sensitive data and that of their customers. Nevertheless, adversaries still seem to be getting through, disrupting, destroying, stealing intellectual property and valuable, sensitive data even from organizations with the WHERE ARE CIs VIS À VIS largest security budgets. THESE THREATS? The list of victims exposed in the aftermath of large scale operations is widely diverse. While some industries suffer Facing the increasing threats and the new means attackers more attacks than others, not one sector is exempt from the have nowadays to infiltrate organizations and inflict harm, threats posed by hackers and attackers, which can result in critical infrastructure IT security teams are under major customer data breaches, bank account heists, intelligence pressure to find ways to secure their mixed environments collection, and the theft of invaluable intellectual property. of machines, computers and connectivity. Well known cases of targeted attack campaigns, like The task is daunting; much more daunting in fact
Recommended publications
  • Recent Developments in Cybersecurity Melanie J

    Recent Developments in Cybersecurity Melanie J

    American University Business Law Review Volume 2 | Issue 2 Article 1 2013 Fiddling on the Roof: Recent Developments in Cybersecurity Melanie J. Teplinsky Follow this and additional works at: http://digitalcommons.wcl.american.edu/aublr Part of the Law Commons Recommended Citation Teplinsky, Melanie J. "Fiddling on the Roof: Recent Developments in Cybersecurity." American University Business Law Review 2, no. 2 (2013): 225-322. This Article is brought to you for free and open access by the Washington College of Law Journals & Law Reviews at Digital Commons @ American University Washington College of Law. It has been accepted for inclusion in American University Business Law Review by an authorized administrator of Digital Commons @ American University Washington College of Law. For more information, please contact [email protected]. ARTICLES FIDDLING ON THE ROOF: RECENT DEVELOPMENTS IN CYBERSECURITY MELANIE J. TEPLINSKY* TABLE OF CONTENTS Introduction .......................................... ..... 227 I. The Promise and Peril of Cyberspace .............. ........ 227 II. Self-Regulation and the Challenge of Critical Infrastructure ......... 232 III. The Changing Face of Cybersecurity: Technology Trends ............ 233 A. Mobile Technology ......................... 233 B. Cloud Computing ........................... ...... 237 C. Social Networking ................................. 241 IV. The Changing Face of Cybersecurity: Cyberthreat Trends ............ 244 A. Cybercrime ................................. ..... 249 1. Costs of Cybercrime
  • Mobile Financial Fraud April 2013

    Mobile Financial Fraud April 2013

    White Paper: Mobile Financial Fraud April 2013 Mobile Threats and the Underground Marketplace Principal Investigator and Corresponding Author Jart Armin Contributing Researchers Andrey Komarov, Mila Parkour, Raoul Chiesa, Bryn Thompson, Will Rogofsky Panel & Review Dr. Ray Genoe (UCD), Robert McArdle (Trend Micro), Dave Piscitello (ICANN), Foy Shiver (APWG), Edgardo Montes de Oca (Montimage), Peter Cassidy (APWG) APWG Mobile Fraud web site http://ecrimeresearch.org/wirelessdevice/Fraud/ Table of Contents Abstract ..................................................................................................................................... 2 Introduction and Starting Position ........................................................................................ 2 A Global Overview .................................................................................................................. 3 Vulnerabilities Overview ....................................................................................................... 3 The Underground Mobile Market ....................................................................................... 13 Mobile DNS & Traffic ........................................................................................................... 15 iBots & the Pocket Botnet ..................................................................................................... 18 Mobile Intrusion ...................................................................................................................
  • A Systematic Empirical Analysis of Unwanted Software Abuse, Prevalence, Distribution, and Economics

    A Systematic Empirical Analysis of Unwanted Software Abuse, Prevalence, Distribution, and Economics

    UNIVERSIDAD POLITECNICA´ DE MADRID ESCUELA TECNICA´ SUPERIOR DE INGENIEROS INFORMATICOS´ A Systematic Empirical Analysis of Unwanted Software Abuse, Prevalence, Distribution, and Economics PH.D THESIS Platon Pantelis Kotzias Copyright c 2019 by Platon Pantelis Kotzias iv DEPARTAMENTAMENTO DE LENGUAJES Y SISTEMAS INFORMATICOS´ E INGENIERIA DE SOFTWARE ESCUELA TECNICA´ SUPERIOR DE INGENIEROS INFORMATICOS´ A Systematic Empirical Analysis of Unwanted Software Abuse, Prevalence, Distribution, and Economics SUBMITTED IN PARTIAL FULFILLMENT OF THE REQUIREMENTS FOR THE DEGREE OF: Doctor of Philosophy in Software, Systems and Computing Author: Platon Pantelis Kotzias Advisor: Dr. Juan Caballero April 2019 Chair/Presidente: Marc Dasier, Professor and Department Head, EURECOM, France Secretary/Secretario: Dario Fiore, Assistant Research Professor, IMDEA Software Institute, Spain Member/Vocal: Narseo Vallina-Rodriguez, Assistant Research Professor, IMDEA Networks Institute, Spain Member/Vocal: Juan Tapiador, Associate Professor, Universidad Carlos III, Spain Member/Vocal: Igor Santos, Associate Research Professor, Universidad de Deusto, Spain Abstract of the Dissertation Potentially unwanted programs (PUP) are a category of undesirable software that, while not outright malicious, can pose significant risks to users’ security and privacy. There exist indications that PUP prominence has quickly increased over the last years, but the prevalence of PUP on both consumer and enterprise hosts remains unknown. Moreover, many important aspects of PUP such as distribution vectors, code signing abuse, and economics also remain unknown. In this thesis, we empirically and sys- tematically analyze in both breadth and depth PUP abuse, prevalence, distribution, and economics. We make the following four contributions. First, we perform a systematic study on the abuse of Windows Authenticode code signing by PUP and malware.
  • Download Slides

    Download Slides

    THE UNBEARABLE LIGHTNESS OF APTing WHO ARE WE? Ron Davidson Head of Threat Intelligence and Research Check Point Software Technologies Yaniv Balmas Security Researcher Check Point Software Technologies APT Advanced Persistent Threat APT “An APT is a network attack in which an unauthorized person gains access to a Advanced network and stays there undetected for a long period of time.“ Threat APT “An APT is a network attack in which an unauthorized person gains access to a Advanced network and stays there undetected for a long period of time.“ “APT is a set of stealthy and continuous computer hacking processes … APT usually targets organizations and/or nations for business or political motives.” APT “An APT is a network attack in which an unauthorized person gains access to a ? network and stays there undetected for a long period of time.“ “APT is a set of stealthy and continuous computer hacking processes … APT usually targets organizations and/or nations for business or political motives.” APT HISTORY Cosmic Duke Dragonfly Carbanak Equation Energetic Bear Duqu2 Regin Havex Babar 2015 Casper PlugX 79 Madi Flame 2014 Shamoon 107 Subpab Wiper 2013 Gauss 54 APT1 Red October 2012 Aurora 24 Machete 2011 Stuxnet 13 Duqu 2010 12 RSA Hack github.com/kbandla/APTnotes WHAT’S COMMON? At t ribution @AttributionDice WHAT’S IN COMMON? France 11% Iran 9% China Israel 44% 5% Russia 23% USA 9% @AttributionDice WHEN IN DOUBT… It’s probably China! WITH GREAT POWER COME GREAT APTS VOLATILE CEDAR • A targeted campaign • Has been active since late 2012 • Operation
  • Red Teaming the Red Team: Utilizing Cyber Espionage to Combat Terrorism

    Red Teaming the Red Team: Utilizing Cyber Espionage to Combat Terrorism

    Journal of Strategic Security Volume 6 Number 5 Volume 6, No. 3, Fall 2013 Supplement: Ninth Annual IAFIE Article 3 Conference: Expanding the Frontiers of Intelligence Education Red Teaming the Red Team: Utilizing Cyber Espionage to Combat Terrorism Gary Adkins The University of Texas at El Paso Follow this and additional works at: https://scholarcommons.usf.edu/jss pp. 1-9 Recommended Citation Adkins, Gary. "Red Teaming the Red Team: Utilizing Cyber Espionage to Combat Terrorism." Journal of Strategic Security 6, no. 3 Suppl. (2013): 1-9. This Papers is brought to you for free and open access by the Open Access Journals at Scholar Commons. It has been accepted for inclusion in Journal of Strategic Security by an authorized editor of Scholar Commons. For more information, please contact [email protected]. Red Teaming the Red Team: Utilizing Cyber Espionage to Combat Terrorism This papers is available in Journal of Strategic Security: https://scholarcommons.usf.edu/jss/vol6/iss5/ 3 Adkins: Red Teaming the Red Team: Utilizing Cyber Espionage to Combat Terrorism Red Teaming the Red Team: Utilizing Cyber Espionage to Combat Terrorism Gary Adkins Introduction The world has effectively exited the Industrial Age and is firmly planted in the Information Age. Global communication at the speed of light has become a great asset to both businesses and private citizens. However, there is a dark side to the age we live in as it allows terrorist groups to communicate, plan, fund, recruit, and spread their message to the world. Given the relative anonymity the Internet provides, many law enforcement and security agencies investigations are hindered in not only locating would be terrorists but also in disrupting their operations.
  • List of Targets of Arrested Computer Hackers 6 March 2012

    List of Targets of Arrested Computer Hackers 6 March 2012

    List of targets of arrested computer hackers 6 March 2012 The five computer hackers charged in New York Tribune and Los Angeles Times, using on Tuesday and a sixth who pleaded guilty are misappropriated login credentials. accused of involvement in some of the most notorious hacking incidents of the past 18 months. -- February 2011: A cyberattack on private computer security firm HBGary that involved the The following are some of the cyberattacks in theft of 60,000 emails from HBGary employees and which the two Britons, two Irishmen and two the HBGary chief executive, as well as defacing his Americans allegedly played a role as members of Twitter account. Anonymous, Lulz Security or associated groups: -- April-May 2011: A cyberattack on a Fox -- December 2010: Operation Payback. Distributed Broadcasting Company website that involved the denial of service (DDoS) attacks by members of theft of names, dates of birth, telephone numbers, Anonymous on the websites of MasterCard, email and residential addresses for more than PayPal and Visa in retaliation for their refusal to 70,000 potential contestants on the Fox television accept donations for WikiLeaks. In a DDoS attack, show the "X-Factor." a website is bombarded with traffic, slowing it down or knocking it offline completely. -- May 2011: A cyberattack on Sony Pictures Entertainment that revealed the passwords, email -- January 2011: Defacing a website of the Irish addresses, home addresses and dates of birth of political party Fine Gael after accessing computer 100,000 users of the www.sonypictures.com servers in Arizona used to maintain the website, website and a subsequent online attack against www.finegael2011.com.
  • What You Should Know About Kaspersky

    What You Should Know About Kaspersky

    What you should know Proven. Transparent. about Kaspersky Lab Independent. Fighting for your digital freedom Your data and privacy are under attack by cybercriminals and spy agencies, so you need a partner who is not afraid of standing beside you to protect what matters to you most. For over 20 years, Kaspersky Lab has been catching all kinds of cyberthreats. No matter whether they come from script kiddies, cybercriminals or governments, or from the north, south, east or west. We believe the online world should be free from attack and state-sponsored espionage, and will continue fighting for a truly free and safe digital world. Proven Transparent Independent Kaspersky Lab routinely scores the highest We are totally transparent and are making As a private company, we are independent marks in independent ratings and surveys. it even easier to understand what we do: from short term business considerations and institutional influence. • Measured alongside more than 100 other • Independent review of the company’s well-known vendors in the industry source code, software updates and We share our expertise, knowledge • 72 first places in 86 tests in 2017 threat detection rules and technical findings with the world’s • Top 3 ranking* in 91% of all product tests • Independent review of internal security community, IT security vendors, • In 2017, Kaspersky Lab received processes international organizations, and law Platinum Status for Gartner’s Peer • Three transparency centers by 2020 enforcement agencies. Insight** Customer Choice Award 2017, • Increased bug bounty rewards with up in the Endpoint Protection Platforms to $100K per discovered vulnerability Our research team is spread across the market world and includes some of the most renowned security experts in the world.
  • Easier Said Than Done: Legal Reviews of Cyber Weapons

    Easier Said Than Done: Legal Reviews of Cyber Weapons

    Easier Said Than Done: Legal Reviews of Cyber Weapons Gary D. Brown* & Andrew O. Metcalf** INTRODUCTION On June 1, 2012, author and New York Times reporter David Sanger created a sensation within the cyber-law community. Just over a year previously, Vanity Fair, among other media outlets, reported that a malware package of unprec- edented complexity had effectively targeted the Iranian nuclear research pro- gram.1 The malware, which came to be known as Stuxnet, was also discovered on many computer systems outside Iran, but it did not appear to do any damage to these other systems. Just as the discussions spurred by the discovery of Stuxnet had begun to die down, the New York Times published an interview with Mr. Sanger to discuss his newest book, in which he alleged that the Stuxnet malware had been part of a U.S. planned and led covert cyber operation. The assertion that a nation state had used a “cyber attack” in support of its national objectives reinvigorated the attention of cyber-law commentators, both in and out of government. What makes Stuxnet interesting as a point of discussion is that the basic functioning of the software is easy to understand and easy to categorize. A piece of software was deliberately inserted into the target systems, and physical damage was the result. However, resulting physical damage is not characteristic of most cyber operations, and the legal analysis of Stuxnet is of limited utility when examining a broad range of cyber activities.2 A distinct lack of physical effects is much more characteristic of cyber operations, and the absence of physical effects has continued to complicate the legal analysis of cyber in the context of military operations.
  • A PRACTICAL METHOD of IDENTIFYING CYBERATTACKS February 2018 INDEX

    A PRACTICAL METHOD of IDENTIFYING CYBERATTACKS February 2018 INDEX

    In Collaboration With A PRACTICAL METHOD OF IDENTIFYING CYBERATTACKS February 2018 INDEX TOPICS EXECUTIVE SUMMARY 4 OVERVIEW 5 THE RESPONSES TO A GROWING THREAT 7 DIFFERENT TYPES OF PERPETRATORS 10 THE SCOURGE OF CYBERCRIME 11 THE EVOLUTION OF CYBERWARFARE 12 CYBERACTIVISM: ACTIVE AS EVER 13 THE ATTRIBUTION PROBLEM 14 TRACKING THE ORIGINS OF CYBERATTACKS 17 CONCLUSION 20 APPENDIX: TIMELINE OF CYBERSECURITY 21 INCIDENTS 2 A Practical Method of Identifying Cyberattacks EXECUTIVE OVERVIEW SUMMARY The frequency and scope of cyberattacks Cyberattacks carried out by a range of entities are continue to grow, and yet despite the seriousness a growing threat to the security of governments of the problem, it remains extremely difficult to and their citizens. There are three main sources differentiate between the various sources of an of attacks; activists, criminals and governments, attack. This paper aims to shed light on the main and - based on the evidence - it is sometimes types of cyberattacks and provides examples hard to differentiate them. Indeed, they may of each. In particular, a high level framework sometimes work together when their interests for investigation is presented, aimed at helping are aligned. The increasing frequency and severity analysts in gaining a better understanding of the of the attacks makes it more important than ever origins of threats, the motive of the attacker, the to understand the source. Knowing who planned technical origin of the attack, the information an attack might make it easier to capture the contained in the coding of the malware and culprits or frame an appropriate response. the attacker’s modus operandi.
  • Analysis of Human Factors in Cyber Security: a Case Study of Anonymous Attack on Hbgary

    Analysis of Human Factors in Cyber Security: a Case Study of Anonymous Attack on Hbgary

    Analysis of Human Factors in Cyber Security: A Case Study of Anonymous Attack on Hbgary Benjamin Aruwa Gyunka Directorate of Information and Communication Technology National Open University of Nigeria (NOUN) Abuja, Nigeria [email protected] Abikoye Oluwakemi Christiana Department of Computer Science University of Ilorin Ilorin, Nigeria [email protected] ABSTRACT awareness programmes for workforces and the Purpose: This paper critically analyses the implementations and maintenance of basic human factors or behaviours as major threats to security culture and policies as a panacea for cyber security. Focus is placed on the usual roles social engineering cyber attacks against played by both the attackers and defenders (the individuals and organizations. targets of the attacker) in cyber threats’ Originality: Lots of work has been done and pervasiveness and the potential impacts of such many still on-going in the field of social actions on critical security infrastructures. engineering attacks and human factors, but this Design/Methodology/Approach: To enable an study is the first to adopt an approach of a effective and practical analysis, the Anonymous practical case study to critically analyze the attack against HBGary Federal (A security firm effects of human factors on cyber security. in the United State of America) was taken as a Keywords: The Anonymous; HBGary Federal; case study to reveal the huge damaging impacts Uniform Resource Location (URL); Content of human errors and attitudes against the security Management System (CMS); SQL Injection; of organizations and individuals. Cross-site Scripting (XXS); Social Engineering; Findings: The findings revealed that the Cyber Security; Information Security powerful security firm was compromised and Paper Type: Research Paper overtaken through simple SQL injection techniques and a very crafty social engineering attack which succeeded because of sheer 1 Introduction personnel negligence and unwitting utterances.
  • Darpa Starts Sleuthing out Disloyal Troops

    Darpa Starts Sleuthing out Disloyal Troops

    UNCLASSIFIED (U) FBI Tampa Division CI Strategic Partnership Newsletter JANUARY 2012 (U) Administrative Note: This product reflects the views of the FBI- Tampa Division and has not been vetted by FBI Headquarters. (U) Handling notice: Although UNCLASSIFIED, this information is property of the FBI and may be distributed only to members of organizations receiving this bulletin, or to cleared defense contractors. Precautions should be taken to ensure this information is stored and/or destroyed in a manner that precludes unauthorized access. 10 JAN 2012 (U) The FBI Tampa Division Counterintelligence Strategic Partnership Newsletter provides a summary of previously reported US government press releases, publications, and news articles from wire services and news organizations relating to counterintelligence, cyber and terrorism threats. The information in this bulletin represents the views and opinions of the cited sources for each article, and the analyst comment is intended only to highlight items of interest to organizations in Florida. This bulletin is provided solely to inform our Domain partners of news items of interest, and does not represent FBI information. In the JANUARY 2012 Issue: Article Title Page NATIONAL SECURITY THREAT NEWS FROM GOVERNMENT AGENCIES: American Jihadist Terrorism: Combating a Complex Threat p. 2 Authorities Uncover Increasing Number of United States-Based Terror Plots p. 3 Chinese Counterfeit COTS Create Chaos For The DoD p. 4 DHS Releases Cyber Strategy Framework p. 6 COUNTERINTELLIGENCE/ECONOMIC ESPIONAGE THREAT ITEMS FROM THE PRESS: United States Homes In on China Spying p. 6 Opinion: China‟s Spies Are Catching Up p. 8 Canadian Politician‟s Chinese Crush Likely „Sexpionage,‟ Former Spies Say p.
  • Predicting the Spread of Malware Outbreaks Using

    Predicting the Spread of Malware Outbreaks Using

    ISSN: 1803-3814 (Printed), 2571-3701 (Online) https://doi.org/10.13164/mendel.2019.1.157 PREDICTING THE SPREAD OF MALWARE OUTBREAKS USING AUTOENCODER BASED NEURAL NETWORK Bhardwaj Gopika , Yadav Rashi Department of Information Technology, Indira Gandhi Delhi Technical University for Women, India [email protected] Abstract Malware Outbreaks are pervasive in today's digital world. However, there is a lack of awareness on part of general public on how to safeguard against such attacks and a need for increased cooperation between various national and international research as well as governmental organizations to combat the threat. On the positive side, cyber security websites, blogs and newsletters post articles outlining the working and spread of a malware outbreak and steps to recover from the same as well. In this project, an effective approach to predicting the spread of malware outbreaks is presented. The scope of the project is 15 Malware Outbreaks and the approach involves collecting these cyber aware articles from the web, assigning them to the 15 Malware Outbreaks using Topic Modeling and Similarity Analysis and along with Spread information of the Malware Outbreaks, this is input to auto encoder neural network for learning latent space representations which are further used to predict the spread of malware outbreak as either high or low spread outbreak, achieving a prediction accuracy of 75.56. This work can be used to process large amount of cyber aware content for effective and accurate prediction in the era of much-needed cyber security. Received: 14 April 2019 Keywords: malware outbreaks, topic modeling, similarity analysis, auto encoders, Accepted: 31 May 2019 prediction.