DOCSLIB.ORG

Book and Is Not Responsible for the Web: Content of the External Sources, Including External Websites Referenced in This Publication

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Book and Is Not Responsible for the Web: Content of the External Sources, Including External Websites Referenced in This Publication 2020 12th International Conference on Cyber Conflict 20/20 Vision: The Next Decade T. Jančárková, L. Lindström, M. Signoretti, I. Tolga, G. Visky (Eds.) 2020 12TH INTERNATIONAL CONFERENCE ON CYBER CONFLicT 20/20 VISION: THE NEXT DECADE Copyright © 2020 by NATO CCDCOE Publications. All rights reserved. IEEE Catalog Number: CFP2026N-PRT ISBN (print): 978-9949-9904-6-7 ISBN (pdf): 978-9949-9904-7-4 COPYRIGHT AND REPRINT PERMissiONS No part of this publication may be reprinted, reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without the prior written permission of the NATO Cooperative Cyber Defence Centre of Excellence ([email protected]). This restriction does not apply to making digital or hard copies of this publication for internal use within NATO, or for personal or educational use when for non-profit or non-commercial purposes, providing that copies bear this notice and a full citation on the first page as follows: [Article author(s)], [full article title] 2020 12th International Conference on Cyber Conflict 20/20 Vision: The Next Decade T. Jančárková, L. Lindström, M. Signoretti, I. Tolga, G. Visky (Eds.) 2020 © NATO CCDCOE Publications NATO CCDCOE Publications LEGAL NOTICE: This publication contains the opinions of the respective authors only. They do not Filtri tee 12, 10132 Tallinn, Estonia necessarily reflect the policy or the opinion of NATO Phone: +372 717 6800 CCDCOE, NATO, or any agency or any government. NATO CCDCOE may not be held responsible for Fax: +372 717 6308 any loss or harm arising from the use of information E-mail: [email protected] contained in this book and is not responsible for the Web: www.ccdcoe.org content of the external sources, including external websites referenced in this publication. Head of publishing: Jaanika Rannu Layout: JDF NATO COOPERATivE CYBER DEFENCE CENTRE OF ExcELLENCE NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) is an international military organisation, similar to other 24 NATO´s Centres of Excellence (COE). Although accredited by NATO, all COEs are independent research, training and exercise centres initiated by a Framework Nation (in the case of CCDCOE – Estonia) and belong to their member nations. COEs are not part of NATO command structure. This Tallinn-based cyber defence facility conducts research, trainings and exercises in four core areas: technology, strategy, operations and law. The heart of the Centre is a diverse staff of international experts from military, government, academia and industry, currently representing 25 member nations from NATO Allies and like- minded partners beyond the Alliance, with many more on the path to joining. In short, CCDCOE is a NATO-accredited cyber defence hub that supports its member nations and NATO with cyber defence expertise, enabling a unique 360-degree approach to some of the most relevant cyber defence issues. The Centre’s training courses are based on the latest research and cyber defence exercises. The continuously updated selection of training courses addresses the emerging demands in the cyber defence. To best meet the training requirements of our Allies, Partners and NATO as a whole, The Centre provides courses in different formats and locations, including e-learning or training by a mobile team, covering a broad range of topics in the technical, legal, strategic and operational cyber security domains. Appointed by NATO as the Department Head for Cyberspace Operations Discipline, CCDCOE is responsible for identifying cyberspace operations training needs and matching them with education and training solutions for all NATO bodies across the Alliance. Every spring the Centre hosts the annual conference on cyber conflict, CyCon, which unites decision-makers and experts from government, academia and industry from all over the world. In May 2019, CyCon brought to Tallinn around 600 cyber experts from more than 40 nations, the conference theme was ‘Silent Battle’. CCDCOE organises the largest and most complex international live-fire cyber defence exercise in the world – Locked Shields. The annual exercise enables cyber security experts to enhance their skills in defending national IT systems and critical infrastructure under real-time attacks. More than 1400 cyber experts from 30 nations took part in Locked Shields 2019. The Centre is also home to the Tallinn Manual 2.0 on the International Law Applicable to Cyber Operations, the most comprehensive analysis on how existing international law applies to operations in cyber space. It further hosts the Cyber Law Toolkit, an interactive web-based resource for legal professionals who work with matters at the intersection of international law and cyber operations. A regularly updated database of national cyber security documents, the International Cyber Developments Review (INCYDER) and comprehensive overviews of national cyber security organisations, together with other Centre’s publications and research papers are available on the Centre’s website. TABLE OF CONTENTS Introduction 1 Retorsion as a Response to Ongoing 9 Malign Cyber Operations Jeff Kosseff Collective Countermeasures in Cyberspace – 25 Lex Lata, Progressive Development or a Bad Idea? Przemysław Roguski Up in the Air: Ensuring Government 43 Data Sovereignty in the Cloud Neal Kushwaha, Przemysław Roguski and Bruce W. Watson Legal Issues Related to Cyber Threat 63 Information Sharing Among Private Entities for Critical Infrastructure Protection Livinus Nweke and Stephen Wolthusen Making the Cyber Mercenary – Autonomous 79 Weapons Systems and Common Article 1 of the Geneva Conventions Aleksi Kajander, Agnes Kasper and Evhen Tsybulenko Cyber Weapons Review in Situations 97 Below the Threshold of Armed Conflict Ivana Kudláčková, David Wallace and Jakub Harašta R2P & Cyberspace: Sovereignty as a Responsibility 113 Tina J. Park and Michael Switzer The Past, Present, and Future of 129 Russia’s Cyber Strategy and Forces Bilyana Lilly and Joe Cheravitch Measuring the Fragmentation of the Internet: 157 The Case of the Border Gateway Protocol (BGP) During the Ukrainian Crisis Frédérick Douzet, Louis Pétiniaud, Loqman Salamatian, Kevin Limonier, Kavé Salamatian and Thibaut Alchus Cyber in War: Assessing the Strategic, Tactical, 183 and Operational Utility of Military Cyber Operations Matthias Schulze Correlations Between Cyberspace 199 Attacks and Kinetic Attacks Martin C. Libicki Problems of Poison: New Paradigms and “Agreed” 215 Competition in the Era of AI-Enabled Cyber Operations Christopher Whyte The Next Generation of Cyber-Enabled 233 Information Warfare Kim Hartmann and Keir Giles Defenders Disrupting Adversaries: 251 Framework, Dataset, and Case Studies of Disruptive Counter-Cyber Operations Jason Healey, Neil Jenkins and JD Work Using Global Honeypot Networks 275 to Detect Targeted ICS Attacks Michael Dodson, Alastair R. Beresford and Mikael Vingaard Addressing the Cybersecurity Challenges 293 of Electrical Power Systems of the Future Gilberto Pires de Azevedo, Maxli Barroso Campos and Paulo César Pellanda Towards Classifying Devices on the 309 Internet Using Artificial Intelligence Artūrs Lavrenovs, Roman Graf and Kimmo Heinäaro Hacking the AI – The Next Generation of Hijacked Systems 327 Kim Hartmann and Christoph Steup Recent Developments in Cryptography 351 Lubjana Beshaj and Andrew O. Hall Biographies 369 INTRODUCTION Every edition of the CyCon proceedings is special. The book that you have just opened is particularly so: for the first time in CyCon’s history, it stands alone with no physical conference accompanying it. The event that has, over the twelve years of its existence, become a staple item on the agenda of many a cyber enthusiast in public administration, military and academia, drawing over 600 participants each May to the Estonian capital, had to cede to SARS-CoV-2 and public health concerns. True to the cyber ethos of thinking in categories of abstract and invisible threats, and in order to celebrate the work of our authors, CCDCOE has decided to carry on with the publication of the CyCon proceedings nonetheless. Moreover, at a time when a substantial part of professional and personal activities are moving online and the whole world struggles to maintain normality under unprecedented circumstances, the CyCon theme, 20/20 Vision: The Next Decade, could not be more relevant. More than ever we need to be aware of the new technologies, policies and legal frameworks that will shape the future at societal and personal levels, and we must ask how to best protect our values while ensuring that cyberspace becomes more transparent, predictable and safe. As usual, the papers gathered in this book reflect the three CyCon tracks: technical, strategic and legal. Of the total of 19 papers appearing in the book, five cover technical topics, seven touch upon strategic and seven upon legal issues. There is a variety of topics but a trend of shifting paradigms in their respective disciplines can be discerned. With the development of cyberspace as a domain of operations, new ideas appear, but old concepts are also being revamped and their application to cyberspace tested. Papers discussing artificial intelligence, autonomous weapons or cloud services stand shoulder to shoulder with papers dealing with energy distribution networks, security of industrial control systems (ICS) or responses available to states under international law. Jeff Kosseff thus explores retorsion as a possible response to malign
Load more

Recommended publications
  • Botnets, Cybercrime, and Cyberterrorism: Vulnerabilities and Policy Issues for Congress
    Order Code RL32114 Botnets, Cybercrime, and Cyberterrorism: Vulnerabilities and Policy Issues for Congress Updated January 29, 2008 Clay Wilson Specialist in Technology and National Security Foreign Affairs, Defense, and Trade Division Botnets, Cybercrime, and Cyberterrorism: Vulnerabilities and Policy Issues for Congress Summary Cybercrime is becoming more organized and established as a transnational business. High technology online skills are now available for rent to a variety of customers, possibly including nation states, or individuals and groups that could secretly represent terrorist groups. The increased use of automated attack tools by cybercriminals has overwhelmed some current methodologies used for tracking Internet cyberattacks, and vulnerabilities of the U.S. critical infrastructure, which are acknowledged openly in publications, could possibly attract cyberattacks to extort money, or damage the U.S. economy to affect national security. In April and May 2007, NATO and the United States sent computer security experts to Estonia to help that nation recover from cyberattacks directed against government computer systems, and to analyze the methods used and determine the source of the attacks.1 Some security experts suspect that political protestors may have rented the services of cybercriminals, possibly a large network of infected PCs, called a “botnet,” to help disrupt the computer systems of the Estonian government. DOD officials have also indicated that similar cyberattacks from individuals and countries targeting economic,
    [Show full text]
  • The Internet and Drug Markets
    INSIGHTS EN ISSN THE INTERNET AND DRUG MARKETS 2314-9264 The internet and drug markets 21 The internet and drug markets EMCDDA project group Jane Mounteney, Alessandra Bo and Alberto Oteo 21 Legal notice This publication of the European Monitoring Centre for Drugs and Drug Addiction (EMCDDA) is protected by copyright. The EMCDDA accepts no responsibility or liability for any consequences arising from the use of the data contained in this document. The contents of this publication do not necessarily reflect the official opinions of the EMCDDA’s partners, any EU Member State or any agency or institution of the European Union. Europe Direct is a service to help you find answers to your questions about the European Union Freephone number (*): 00 800 6 7 8 9 10 11 (*) The information given is free, as are most calls (though some operators, phone boxes or hotels may charge you). More information on the European Union is available on the internet (http://europa.eu). Luxembourg: Publications Office of the European Union, 2016 ISBN: 978-92-9168-841-8 doi:10.2810/324608 © European Monitoring Centre for Drugs and Drug Addiction, 2016 Reproduction is authorised provided the source is acknowledged. This publication should be referenced as: European Monitoring Centre for Drugs and Drug Addiction (2016), The internet and drug markets, EMCDDA Insights 21, Publications Office of the European Union, Luxembourg. References to chapters in this publication should include, where relevant, references to the authors of each chapter, together with a reference to the wider publication. For example: Mounteney, J., Oteo, A. and Griffiths, P.
    [Show full text]
  • GAIN-Tokyo-Workshop-Report.Pdf
    September 12th, 2018 Global AI Narratives – Tokyo Workshop 01 Table of Contents Summary ・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・2 Welcome remarks ・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・5 ・Dr Stephen Cave, Executive Director, CFI, University of Cambridge ・Professor Emeritus Shuji Hashimoto, Vice President, Waseda University Session 1: UK AI Narratives ・・・・・・・・・・・・・・・・・・・・・・・・・・・・ 7 ・Dr Kanta Dihal, PI ‘Global AI Narratives’ CFI, University of Cambridge ・Dr Stephen Cave, Executive Director, CFI, University of Cambridge ・Dr Sarah Dillon, University Lecturer in Literature and Film and co-PI ‘AI Narratives’ at CFI, University of Cambridge Session 2: JAPAN AI Narratives ・・・・・・・・・・・・・・・・・・・・・・・・・・9 ・Professor Toshie Takahashi, Faculty of Letters, Arts and Sciences, Waseda University ・Mr Masayoshi Sakai, visiting research fellow, GLOCOM(Center for Global Communications, International University of Japan) ・Professor Osamu Sakura, the Interfaculty Initiative in Information Studies, University of Tokyo, and RIKEN Center for Advanced Intelligence Project (AIP) ・Dr Kentaro Watanabe, Planning Offcer, Research Planning Offce for Artifcial Intelligence, Department of Information Technology and Human Factors, National Institute of Advanced Industrial Science and Technology (AIST) Session 3: KOREA AI Narratives ・・・・・・・・・・・・・・・・・・・・・・・・・ ・13 ・Professor Kyung Sin Park, Korea University Law School, Director, Open Net Korea ・Professor Chihyoung Jeon, KAIST ・Professor So-Young Kim, Head of the Graduate School of Science & Technology Policy, KAIST ・Dr Kyoungmi Oh, Seoul National University of Science and Technology Session 4: Interactive Exercise on Global AI Narratives “Cultural Differences between East and West about AI Imaginings” ・・・・・・・・ ・16 Closing Remarks ・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・ ・20 Professor Hironori Kasahara, Waseda University, IEEE Computer Society 2018 President Speakers and Participants ・・・・・・・・・・・・・・・・・・・・・・・・・・・ ・22 September 12th, 2018 Global AI Narratives – Tokyo Workshop September 12th, 2018 Global AI Narratives – Tokyo Workshop 02 Summary Dr. Stephen Cave & Dr.
    [Show full text]
  • ASEC REPORT Malicious Code Trend 5 6 Vol.17 Security Trend Web Security Trend
    Disclosure to or reproduction for others without the specific written authorization of AhnLab is prohibited. ASEC Copyright (c) AhnLab, Inc. All rights reserved. REPORT VOL.17 | 2011.6 AhnLab Monthly Security Report AhnLab ASEC (AhnLab Security Emergency Response Center) is a Security global security response group consisting of virus analysts and CONTENTS Emergency security experts. This monthly report is published by ASEC, response and it focuses on the most significant security threats and the latest security technologies to guard against these threats. For 01. Malicious Code Trend 02. Security Trend Center further information about this report, please refer to AhnLab, a. Malicious Code Statistics 05 a. Security Statistics 14 Inc.’s homepage (www.ahnlab.com). - Top 20 Malicious Code Reports - Microsoft Security Updates- May 2011 - Top 20 Malicious Code Variant Reports b. Malicious Code Issues 16 - Breakdown of Primary Malicious Code Types - Comparison of Malicious Codes with - Zeus Source Code Leaked and Spyeye Trend Previous Month - Coreflood, a Banking Trojan - Monthly Malicious Code Reports - Online Banking Hacking Scam - Top 20 New Malicious Code Reports - Breakdown of New Malicious Code Types 03. Web Security Trend b. Malicious Code Issues 10 a. Web Security Statistics 17 - 'Dislike' Button Scam - Web Security Summary - AntiVirus AntiSpyware 2011 Scam - Monthly Blocked Malicious URLs - Scam Emails From Bobijou Inc. - Monthly Reported Types of Malicious Code - Spam Promising Nude Photo Spreads Malware - Monthly Domains with Malicious Code - Osama Bin Laden Themed Malware - Monthly URLs with Malicious Code - Distribution of Malicious Codes by Type - Top 10 Distributed Malicious Codes b. Web Security Issues 20 - May 2011 Malicious Code Intrusion: Website ASEC REPORT Malicious Code Trend 5 6 Vol.17 Security Trend Web Security Trend 01.
    [Show full text]
  • ERP Applications Under Fire How Cyberattackers Target the Crown Jewels
    ERP Applications Under Fire How cyberattackers target the crown jewels July 2018 v1.0 With hundreds of thousands of implementations across the globe, Enterprise Resource Planning (ERP) applications are supporting the most critical business processes for the biggest organizations in the world. This report is the result of joint research performed by Digital Shadows and Onapsis, aimed to provide insights into how the threat landscape has been evolving over time for ERP applications. We have concentrated our efforts on the two most widely-adopted solutions across the large enterprise segment, SAP and Oracle E-Business Suite, focusing on the risks and threats organizations should care about. According to VP Distinguished Analyst, Neil MacDonald “As financially motivated attackers turn their attention ‘up the stack’ to the application layer, business applications such as ERP, CRM and human resources are attractive targets. In many organizations, the ERP application is maintained by a completely separate team and security has not been a high priority. As a result, systems are often left unpatched for years in the name of operational availability.” Gartner, Hype Cycle for Application Security, 2017, July 2017 1 1 Gartner, Hype Cycle for Application Security, 2017, Published: 28 July 2017 ID: G00314199, Analyst(s): Ayal Tirosh, https://www.gartner.com/doc/3772095/hype-cycle-application-security- 02 Executive Summary With hundreds of thousands of implementations across the globe, Enterprise Resource Planning (ERP) applications support the most critical business processes and house the most sensitive information for the biggest organizations in the world. The vast majority of these large organizations have implemented ERP applications from one of the two market leaders, SAP and Oracle.
    [Show full text]
  • Homeland Threats and Agency Responses”
    STATEMENT OF ROBERT S. MUELLER, III DIRECTOR FEDERAL BUREAU OF INVESTIGATION BEFORE THE COMMITTEE ON HOMELAND SECURITY AND GOVERNMENTAL AFFAIRS UNITED STATES SENATE AT A HEARING ENTITLED “HOMELAND THREATS AND AGENCY RESPONSES” PRESENTED SEPTEMBER 19, 2012 Statement of Robert S. Mueller, III Director Federal Bureau of Investigation Before the Committee on Homeland Security and Governmental Affairs United States Senate At a Hearing Entitled “Homeland Threats and Agency Responses” Presented September 19, 2012 Good morning, Chairman Lieberman, Ranking Member Collins, and Members of the Committee. Thank you for the opportunity to appear before the Committee today and for your continued support of the men and women of the FBI. As you know, the Bureau has undergone unprecedented transformation in recent years. Since the attacks of September 11th, we have refocused our efforts to address and prevent emerging terrorist threats. The terrorist threat is more diverse than it was 11 years ago, but today, we in the FBI are better prepared to meet that threat. We also face increasingly complex threats to our nation’s cyber security. Nation-state actors, sophisticated organized crime groups, and hackers for hire are stealing trade secrets and valuable research from America’s companies, universities, and government agencies. Cyber threats also pose a significant risk to our nation’s critical infrastructure. As these threats continue to evolve, so too must the FBI change to counter those threats. We must continue to build partnerships with our law enforcement and private sector partners, as well as the communities we serve. Above all, we must remain firmly committed to carrying out our mission while protecting the civil rights and civil liberties of the people we serve.
    [Show full text]
  • Tina GARABEDIAN ARM Simon PROULX-SENECAL
    ICE DANCE Date of birth: 13.06.1997 Tina GARABEDIAN Place of birth: Montreal CAN Height: 163 cm ARM Home town: Montreal CAN Profession: student Hobbies: swimming, music Start sk. / Club: 2002 / Armenia Internet / Social Media contact (couple): Facebook: Ice Dance Armenia.com Former Partners Alexandre Laliberte Date of birth: 06.12.1991 Simon PROULX-SENECAL Place of birth: Lasalle CAN Height: 186 cm ARM Home town: Montreal CAN Profession: student Hobbies: swimming, music, biking Start sk. / Club: 1998 / Armenia Internet / Social Media contact (couple): Facebook: Ice Dance Armenia.com Former Partners Melissandre Dumas Coach: Elise Hamel, Shawn Winter Choreographer: Former Coach: Shae Zukiwsky Practice low season: 25 h / week Montreal/CAN Practice high season: 25 h / week Montreal/CAN Music Short Program / Short Dance as of season 2016/2017 Blues Swing Music Free Skating / Free Dance as of season 2016/2017 Pearl Harbour (soundtrack) by Hans Zimmer Personal Best Total Score 139.28 07.12.2016 ISU CS Golden Spin 2016 Personal Best Score Short Dance 53.94 18.11.2016 ISU CS Warsaw Cup 2016 Personal Best Score Free Dance 87.54 07.12.2016 ISU CS Golden Spin 2016 09/10 10/11 11/12 12/13 13/14 14/15 15/16 16/17 Olympic Games World Champ. 27. European Champ. 18. 19. Four Continents World Juniors 16.(1) National Champ. 11.J(3) 11.J(3) 15.J(2) 9.J(1) / 11.S(4) 1.S(1) / 12.S(4) 1.S S=Senior; J=Junior; N=Novice International Competition Year Place Internation Competition Year Place ISU CS Ice Challenge 2015 Graz 2015 6.
    [Show full text]
  • Into the Reverie: Exploration of the Dream Market
    Into the Reverie: Exploration of the Dream Market Theo Carr1, Jun Zhuang2, Dwight Sablan3, Emma LaRue4, Yubao Wu5, Mohammad Al Hasan2, and George Mohler2 1Department of Mathematics, Northeastern University, Boston, MA 2Department of Computer & Information Science, Indiana University - Purdue University, Indianapolis, IN 3Department of Mathematics and Computer Science, University of Guam, Guam 4Department of Mathematics and Statistics, University of Arkansas at Little Rock, AK 5Department of Computer Science, Georgia State University, Atlanta, GA [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected] Abstract—Since the emergence of the Silk Road market in Onymous" in 2014, a worldwide action taken by law enforce- the early 2010s, dark web ‘cryptomarkets’ have proliferated and ment and judicial agencies aimed to put a kibosh on these offered people an online platform to buy and sell illicit drugs, illicit behaviors [5]. Law enforcement interventions such as relying on cryptocurrencies such as Bitcoin for anonymous trans- actions. However, recent studies have highlighted the potential for Onymous, along with exit scams and hacks, have successfully de-anonymization of bitcoin transactions, bringing into question shut down numerous cryptomarkets, including AlphaBay, Silk the level of anonymity afforded by cryptomarkets. We examine a Road, Dream, and more recently, Wall Street [6]. Despite these set of over 100,000 product reviews from several cryptomarkets interruptions, new markets have continued to proliferate. The collected in 2018 and 2019 and conduct a comprehensive analysis authors of [7] note that there appears to be a consistent daily of the markets, including an examination of the distribution of drug sales and revenue among vendors, and a comparison demand of about $500,000 for illicit products on the dark web, of incidences of opioid sales to overdose deaths in a US city.
    [Show full text]
  • GQ: Practical Containment for Measuring Modern Malware Systems
    GQ: Practical Containment for Measuring Modern Malware Systems Christian Kreibich Nicholas Weaver Chris Kanich ICSI & UC Berkeley ICSI & UC Berkeley UC San Diego [email protected] [email protected] [email protected] Weidong Cui Vern Paxson Microsoft Research ICSI & UC Berkeley [email protected] [email protected] Abstract their behavior, sometimes only for seconds at a time (e.g., to un- Measurement and analysis of modern malware systems such as bot- derstand the bootstrapping behavior of a binary, perhaps in tandem nets relies crucially on execution of specimens in a setting that en- with static analysis), but potentially also for weeks on end (e.g., to ables them to communicate with other systems across the Internet. conduct long-term botnet measurement via “infiltration” [13]). Ethical, legal, and technical constraints however demand contain- This need to execute malware samples in a laboratory setting ex- ment of resulting network activity in order to prevent the malware poses a dilemma. On the one hand, unconstrained execution of the from harming others while still ensuring that it exhibits its inher- malware under study will likely enable it to operate fully as in- ent behavior. Current best practices in this space are sorely lack- tended, including embarking on a large array of possible malicious ing: measurement researchers often treat containment superficially, activities, such as pumping out spam, contributing to denial-of- sometimes ignoring it altogether. In this paper we present GQ, service floods, conducting click fraud, or obscuring other attacks a malware execution “farm” that uses explicit containment prim- by proxying malicious traffic.
    [Show full text]
  • Special Committee Report
    REPORT OF THE 2009 SPECIAL REVIEW COMMITTEE ON FINRA’S EXAMINATION PROGRAM IN LIGHT OF THE STANFORD AND MADOFF SCHEMES SEPTEMBER 2009 SPECIAL REVIEW COMMITTEE Charles A. Bowsher (Chairman) ———————————— Ellyn L. Brown ———————————— Harvey J. Goldschmid ———————————— Joel Seligman ———————————— INDUSTRY GOVERNOR ADVISERS OF COUNSEL Mari Buechner Paul V. Gerlach W. Dennis Ferguson Griffith L. Green G. Donald Steel Dennis C. Hensley Michael A. Nemeroff SIDLEY AUSTIN LLP 1501 K Street, NW Washington, DC 20005 TABLE OF CONTENTS I. EXECUTIVE SUMMARY .............................................................................................. 1 A. The Stanford Case................................................................................................. 2 B. The Madoff Case................................................................................................... 4 C. Recommendations................................................................................................. 6 II. BACKGROUND ON FINRA EXAMINATION PROGRAM...................................... 9 III. EXAMINATIONS OF MEMBER FIRMS INVOLVED IN THE STANFORD AND MADOFF SCANDALS.................................................................. 11 A. The Stanford Case............................................................................................... 12 1. Background............................................................................................... 12 2. Daniel Arbitration and 2003 Cycle Examination...................................... 13 3. 2003
    [Show full text]
  • APT and Cybercriminal Targeting of HCS June 9, 2020 Agenda
    APT and Cybercriminal Targeting of HCS June 9, 2020 Agenda • Executive Summary Slides Key: • APT Group Objectives Non-Technical: managerial, strategic • APT Groups Targeting Health Sector and high-level (general audience) • Activity Timeline Technical: Tactical / IOCs; requiring • TTPs in-depth knowledge (sysadmins, IRT) • Malware • Vulnerabilities • Recommendations and Mitigations TLP: WHITE, ID#202006091030 2 Executive Summary • APT groups steal data, disrupt operations, and destroy infrastructure. Unlike most cybercriminals, APT attackers pursue their objectives over longer periods of time. They adapt to cyber defenses and frequently retarget the same victim. • Common HPH targets include: • Healthcare Biotechnology Medical devices • Pharmaceuticals Healthcare information technology • Scientific research • HPH organizations who have been victim of APT attacks have suffered: • Reputational harm Disruption to operations • Financial losses PII/PHI and proprietary data theft • HC3 recommends several mitigations and controls to counter APT threats. TLP: WHITE, ID#202006091030 3 APT Group Objectives • Motivations of APT Groups which target the health sector include: • Competitive advantage • Theft of proprietary data/intellectual capital such as technology, manufacturing processes, partnership agreements, business plans, pricing documents, test results, scientific research, communications, and contact lists to unfairly advance economically. • Intelligence gathering • Groups target individuals and connected associates to further social engineering
    [Show full text]
  • Stanford Ponzi Scheme: Lessons for Protecting Investors from the Next Securities Fraud
    THE STANFORD PONZI SCHEME: LESSONS FOR PROTECTING INVESTORS FROM THE NEXT SECURITIES FRAUD HEARING BEFORE THE SUBCOMMITTEE ON OVERSIGHT AND INVESTIGATIONS OF THE COMMITTEE ON FINANCIAL SERVICES U.S. HOUSE OF REPRESENTATIVES ONE HUNDRED TWELFTH CONGRESS FIRST SESSION MAY 13, 2011 Printed for the use of the Committee on Financial Services Serial No. 112–30 ( U.S. GOVERNMENT PRINTING OFFICE 66–868 PDF WASHINGTON : 2011 For sale by the Superintendent of Documents, U.S. Government Printing Office Internet: bookstore.gpo.gov Phone: toll free (866) 512–1800; DC area (202) 512–1800 Fax: (202) 512–2104 Mail: Stop IDCC, Washington, DC 20402–0001 VerDate Nov 24 2008 17:24 Aug 25, 2011 Jkt 066868 PO 00000 Frm 00001 Fmt 5011 Sfmt 5011 K:\DOCS\66868.TXT TERRIE HOUSE COMMITTEE ON FINANCIAL SERVICES SPENCER BACHUS, Alabama, Chairman JEB HENSARLING, Texas, Vice Chairman BARNEY FRANK, Massachusetts, Ranking PETER T. KING, New York Member EDWARD R. ROYCE, California MAXINE WATERS, California FRANK D. LUCAS, Oklahoma CAROLYN B. MALONEY, New York RON PAUL, Texas LUIS V. GUTIERREZ, Illinois DONALD A. MANZULLO, Illinois NYDIA M. VELA´ ZQUEZ, New York WALTER B. JONES, North Carolina MELVIN L. WATT, North Carolina JUDY BIGGERT, Illinois GARY L. ACKERMAN, New York GARY G. MILLER, California BRAD SHERMAN, California SHELLEY MOORE CAPITO, West Virginia GREGORY W. MEEKS, New York SCOTT GARRETT, New Jersey MICHAEL E. CAPUANO, Massachusetts RANDY NEUGEBAUER, Texas RUBE´ N HINOJOSA, Texas PATRICK T. MCHENRY, North Carolina WM. LACY CLAY, Missouri JOHN CAMPBELL, California CAROLYN MCCARTHY, New York MICHELE BACHMANN, Minnesota JOE BACA, California THADDEUS G. McCOTTER, Michigan STEPHEN F.
    [Show full text]