DOCSLIB.ORG

Cyber Threats and NATO 2030: Horizon Scanning and Analysis

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Cyber Threats and NATO 2030: Horizon Scanning and Analysis Published by Cyber Threats and NATO 2030: Horizon Scanning and Analysis A. Ertan, K. Floyd, P. Pernik, T. Stevens (Eds.) Published by Cyber Threats and NATO 2030: Horizon Scanning and Analysis A. Ertan, K. Floyd, P. Pernik, T. Stevens (Eds.) Cyber Threats and NATO 2030: Horizon Scanning and Analysis Copyright © 2020 by NATO CCDCOE Publications. All rights re- served. ISBN (print): 978-9916-9565-0-2 ISBN (pdf): 978-9916-9565-1-9 COPYRIGHT AND REPRINT PERMISSIONS No part of this publication may be reprinted, reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without the prior written permission of the NATO Cooperative Cyber Defence Centre of Excellence ([email protected]). This restriction does not apply to making digital or hard copies of this publication for internal use within NATO, or for personal or educational use when for non-profit or non-commercial purposes, providing that copies bear this notice and a full citation on the first page as follows: Cyber Threats and NATO 2030: Horizon Scanning and Analysis A. Ertan, K. Floyd, P. Pernik, T. Stevens (Eds.) 2020 © NATO CCDCOE Publications NATO CCDCOE Publications LEGAL NOTICE: This publication contains Filtri tee 12, 10132 Tallinn, Estonia the opinions of the respective authors only. They do not necessarily reflect the policy or Phone: +372 717 6800 the opinion of NATO CCDCOE, NATO, or any Fax: +372 717 6308 agency or any government. NATO CCDCOE E-mail: [email protected] may not be held responsible for any loss or Web: www.ccdcoe.org harm arising from the use of information contained in this book and is not responsi- ble for the content of the external sources, including external websites referenced in this publication. NATO COOPERATIVE CYBER DEFENCE CENTRE OF EXCELLENCE The NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) is a NATO-accredited cyber defence hub focusing on research, training and exercises. It represents a community of 29 nations providing a 360-degree look at cyber defence, with expertise in technology, strategy, operations and law. The heart of the Centre is a diverse group of international experts from military, government, academia and industry backgrounds. The CCDCOE is home to the Tallinn Manual 2.0, the most comprehensive guide on how international law applies to cyber operations. The Centre organises the world’s largest and most complex international live-fire cyber defence exercise Locked Shields and hosts the International Conference on Cyber Conflict (CyCon), a unique annual event in Tallinn, joining key experts and decision-makers from the global cyber defence community. As the Department Head for Cyberspace Operations Training and Education, the CCDCOE is responsible for identifying and coordinating education and training solutions in the field of cyber defence operations for all NATO bodies across the Alliance. The Centre is staffed and financed by its member nations: Austria, Belgium, Bulgaria, Croatia, the Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Italy, Latvia, Lithuania, Montenegro, the Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey, the United Kingdom and the United States. NATO-accredited centres of excellence are not part of the NATO Command Structure. KING’S COLLEGE LONDON King’s College London is the fourth oldest university in England and provides world-class teaching in the heart of London to over 31,000 students from 150 countries. It has a distinguished reputation in law, the humanities, science— particularly health and medicine—and the social sciences, including international affairs. As King’s approaches its 200th anniversary in 2029, it continues to encourage the critical thinkers, problem-solvers and change- makers the world needs to address its diverse challenges. Its School of Security Studies is dedicated to the understanding of security issues in an increasingly complex and uncertain world. Harnessing the depth and breadth of expertise across the War Studies and Defence Studies Departments, we are one of the largest communities of scholars in the world engaged in the teaching and research of all aspects of conflict, war, security and defence. Through our multi-disciplinary approach, we promote and value the study of security from different perspectives and methodologies. Our distinctiveness derives from the long history of King’s College London as a university dedicated to the advancement of knowledge, learning and understanding of issues in the service of society. WILLIAM & MARY William & Mary, in Williamsburg, Virginia, carries on an educational tradition that traces back more than three centuries. As the second-oldest institution of higher education in the United States, William & Mary was founded by King William III and Queen Mary II of England as an American overseas campus representing the British Crown. Known as the alma mater of globally- renowned historical figures such as George Washington, Thomas Jefferson, James Monroe and John Marshall, William & Mary today is a leading force for international education and training ground for international specialists around the world. William & Mary boats more than 40 undergraduate programs and more than 40 graduate and professional degree programs, attracting students from 50 states and more than 60 foreign countries. The mission of the William & Mary Whole of Government Center of Excellence is to train a new generation of future leaders who have hands-on, practical experience working across the different organizational cultures. These leaders must harmonize to facilitate true interagency collaboration— long before finding themselves forced to deal with such issues during a foreign deployment or national emergency. The work of the Center is primarily focused on training, education, and research related to interagency collaboration, complex national security challenges, and other public policy problems for mid-career policy professionals and military officers. The Center also brings together leaders from all levels of government and the military for symposia, discussions, and projects to promote creative, collaborative solutions to emerging issues. Disclaimer The views expressed in this volume belong to the authors of the chapters. This publication is a product of the NATO CCDCOE. It does not necessarily reflect the policy or the opinion of the CCDCOE or NATO. The CCDCOE may not be held responsible for any loss or harm arising from the use of information contained in this publication and is not responsible for the content of the external sources, including external websites referenced in this publication. Digital or hard copies of this publication may be produced for internal use within NATO and for personal or educational use when for non-profit and non-commercial purpose, provided that copies bear a full citation. TABLE OF CONTENTS Foreword 1 Ciaran Martin Introduction 4 PART I Cyberspace Adversaries and NATO’s Response 9 1 The Russian National Segment of the Internet as a Source of Structural Cyber Asymmetry Juha Kukkola 2 Russia’s Cyber Limitations in Personnel and 31 Innovation, Their Potential Impact on Future Operations, and How NATO and Its Members Can Respond Joe Cheravitch and Bilyana Lilly 3 Cyberspace Escalation: Ladders or Lattices? 60 Martin C. Libicki and Olesya Tkacheva PART II New Technologies and NATO’s Response 4 Securing 5G: A NATO’s Role in Collaborative Risk As- 74 sessment and Mitigation Luiz A. DaSilva, Jeffrey H. Reed, Sachin Shetty, Jerry Park, Duminda Wijesekera and Haining Wang 5 The Impact of New and Emerging Technologies on The 88 Cyber Threat Landscape and Their Implications for NATO Jacopo Bellasio and Erik Silfversten 6 Smart Cities, Cyber Warfare and Social Disorder 108 Simona R. Soare and Joe Burton PART III Warfighting, the Cyber Domain and NATO’s Response 7 Cyber Threats to NATO from a Multi-Domain 126 Perspective James Black and Alice Lynch 8 Cyber Capabilities and Multi-Domain Operations in 151 Future High-Intensity Warfare in 2030 Franz-Stefan Gady and Alexander Stronell PART IV Information Sharing, Cyber Threat Intelligence and Exercises 9 Repairing the Foundation: How Cyber Threat 178 Information Sharing Can Live Up to its Promise and Implications for NATO Michael Daniel and Joshua Kenway 10 Considerations for NATO in Reconciling Barriers to 194 Shared Cyber Threat Intelligence: A study of Japan, the UK and the US Chon Abraham and Sally Daultrey 11 Imagining and Anticipating Cyber Futures with Games 215 Andreas Haggman PART V Regulatory and Policy Responses to Cyber Security Challenges 12 Refocusing Export Control Regimes to Effectively 223 Address Cyber Security Concerns Cindy Whang 13 The Challenge of Networked Complexity to NATO’s 236 Digital Security Laurin B. Weissinger Biographies 253 FOREWORD Many things of profound historical importance happened in the Western alliance in 2016. Voters in the United Kingdom and the United States con- founded expectations by voting, respectively, to leave the European Union and elect a businessman with no previous governing experience as President. North Korea gave its most overt indications to date of the extent of its missile arsenal. Turkey saw off an attempted coup. International terrorism struck several European countries. More positively, for the purposes of human de- velopment, the proportion of the world connected to the internet passed the half-way point. Yet for the Western
Load more

Recommended publications
  • Dialectical Versus Empirical Thinking: Ten Key Elements of the Russian Understanding of Information Operations
    WARNING! The views expressed in FMSO publications and reports are those of the authors and do not necessarily represent the official policy or position of the Department of the Army, Department of Defense, or the U.S. Government. Dialectical Versus Empirical Thinking: Ten Key Elements of the Russian Understanding of Information Operations CALL Publication #98-21 by Mr. Thimothy L. Thomas Foreign Military Studies Office, Fort Leavenworth, KS. This article was previously published in The Journal of Slavic Military Studies, Vol. 11, No 1 (March 1998), pp. 40-62. and Conflict Studies Research Centre, RMA Sandhurst, England, July 1997, Report AA29 Introduction Finding similarities in the Russian and U.S. approaches to information operations (IO) is not a difficult task. Both countries' specialists closely study electronic warfare and command and control systems of other countries, and both stress the importance of the use of computers and information management in the preparation and conduct of modern combat operations. This includes the use of information to conduct psychological operations (PSYOP). Upon closer examination, however, the Russian approach to the information warfare (IW) aspect of IO has several elements that makes it unique and different. There are three principal reasons for the distinct Russian method. First, there is the issue of overall context. The Russian state, economy, and society are in a transition period resulting in institutional and philosophical instability. Russian mass consciousness, according to many prominent scientists and government officials, is vulnerable to manipulation by slick marketing campaigns and to exploitation by promises of economic and social prosperity during this transition period.
    [Show full text]
  • Strategic Surveillance for Food Safety Designing a Surveillance Approach and Considerations for Implementation
    Strategic Surveillance for Food Safety Designing a surveillance approach and considerations for implementation Jon Freeman, Nathan Ryan, Julian Glenesk For more information on this publication, visit www.rand.org/t/RR2519 Published by the RAND Corporation, Santa Monica, Calif., and Cambridge, UK © Copyright 2019 RAND Corporation R® is a registered trademark. RAND Europe is a not-for-profit research organisation that helps to improve policy and decision making through research and analysis. RAND’s publications do not necessarily reflect the opinions of its research clients and sponsors. Limited Print and Electronic Distribution Rights This document and trademark(s) contained herein are protected by law. This representation of RAND intellectual property is provided for noncommercial use only. Unauthorized posting of this publication online is prohibited. Permission is given to duplicate this document for personal use only, as long as it is unaltered and complete. Permission is required from RAND to reproduce, or reuse in another form, any of its research documents for commercial use. For information on reprint and linking permissions, please visit www.rand.org/pubs/permissions. Support RAND Make a tax-deductible charitable contribution at www.rand.org/giving/contribute www.rand.org www.randeurope.org Preface This document reports on RAND Europe’s study into the Food Standards Agency’s (FSA) strategic surveillance programme. The FSA commissioned the study in February 2018. The aim of the project is to design a high-level end-to-end approach for strategic surveillance, identify relevant analytic tools and methods, and develop an implementation plan for the programme. The report’s intended audience is the FSA, the programme’s senior responsible officer (SRO), those involved in the current practice of food surveillance and the nascent strategic surveillance team (SST).
    [Show full text]
  • Air Defence in Northern Europe
    FINNISH DEFENCE STUDIES AIR DEFENCE IN NORTHERN EUROPE Heikki Nikunen National Defence College Helsinki 1997 Finnish Defence Studies is published under the auspices of the National Defence College, and the contributions reflect the fields of research and teaching of the College. Finnish Defence Studies will occasionally feature documentation on Finnish Security Policy. Views expressed are those of the authors and do not necessarily imply endorsement by the National Defence College. Editor: Kalevi Ruhala Editorial Assistant: Matti Hongisto Editorial Board: Chairman Prof. Pekka Sivonen, National Defence College Dr. Pauli Järvenpää, Ministry of Defence Col. Erkki Nordberg, Defence Staff Dr., Lt.Col. (ret.) Pekka Visuri, Finnish Institute of International Affairs Dr. Matti Vuorio, Scientific Committee for National Defence Published by NATIONAL DEFENCE COLLEGE P.O. Box 266 FIN - 00171 Helsinki FINLAND FINNISH DEFENCE STUDIES 10 AIR DEFENCE IN NORTHERN EUROPE Heikki Nikunen National Defence College Helsinki 1997 ISBN 951-25-0873-7 ISSN 0788-5571 © Copyright 1997: National Defence College All rights reserved Oy Edita Ab Pasilan pikapaino Helsinki 1997 INTRODUCTION The historical progress of air power has shown a continuous rising trend. Military applications emerged fairly early in the infancy of aviation, in the form of first trials to establish the superiority of the third dimension over the battlefield. Well- known examples include the balloon reconnaissance efforts made in France even before the birth of the aircraft, and it was not long before the first generation of flimsy, underpowered aircraft were being tested in a military environment. The Italians used aircraft for reconnaissance missions at Tripoli in 1910-1912, and the Americans made their first attempts at taking air power to sea as early as 1910-1911.
    [Show full text]
  • Inside Russia's Intelligence Agencies
    EUROPEAN COUNCIL ON FOREIGN BRIEF POLICY RELATIONS ecfr.eu PUTIN’S HYDRA: INSIDE RUSSIA’S INTELLIGENCE SERVICES Mark Galeotti For his birthday in 2014, Russian President Vladimir Putin was treated to an exhibition of faux Greek friezes showing SUMMARY him in the guise of Hercules. In one, he was slaying the • Russia’s intelligence agencies are engaged in an “hydra of sanctions”.1 active and aggressive campaign in support of the Kremlin’s wider geopolitical agenda. The image of the hydra – a voracious and vicious multi- headed beast, guided by a single mind, and which grows • As well as espionage, Moscow’s “special services” new heads as soon as one is lopped off – crops up frequently conduct active measures aimed at subverting in discussions of Russia’s intelligence and security services. and destabilising European governments, Murdered dissident Alexander Litvinenko and his co-author operations in support of Russian economic Yuri Felshtinsky wrote of the way “the old KGB, like some interests, and attacks on political enemies. multi-headed hydra, split into four new structures” after 1991.2 More recently, a British counterintelligence officer • Moscow has developed an array of overlapping described Russia’s Foreign Intelligence Service (SVR) as and competitive security and spy services. The a hydra because of the way that, for every plot foiled or aim is to encourage risk-taking and multiple operative expelled, more quickly appear. sources, but it also leads to turf wars and a tendency to play to Kremlin prejudices. The West finds itself in a new “hot peace” in which many consider Russia not just as an irritant or challenge, but • While much useful intelligence is collected, as an outright threat.
    [Show full text]
  • Horizon Scanning
    Horizon Scanning Process Updated: April 2015 Version 1.0 REVISION HISTORY Periodically, this document will be revised as part of ongoing process improvement activities. The following version control table, as well the version number and date on the cover page, is to be updated when any updates or revisions are made. Section Revision Date Description/Changes Made Number Horizon Scanning: Process 2 Effective Date: April 2015 TABLE OF CONTENTS Revision History ....................................................................................................................... 2 Abbreviations ........................................................................................................................... 4 1. Introduction ....................................................................................................................... 5 1.1 About Horizon Scanning .............................................................................................. 5 1.2 Scope .......................................................................................................................... 5 1.3 Audience ...................................................................................................................... 5 1.3.1 Primary Audience: ............................................................................................ 5 1.3.2 Secondary Audience ........................................................................................ 5 1.4 Purpose and Application for Decision-Making .............................................................
    [Show full text]
  • The CLASP Application Security Process
    The CLASP Application Security Process Secure Software, Inc. Copyright (c) 2005, Secure Software, Inc. The CLASP Application Security Process The CLASP Application Security Process TABLE OF CONTENTS CHAPTER 1 Introduction 1 CLASP Status 4 An Activity-Centric Approach 4 The CLASP Implementation Guide 5 The Root-Cause Database 6 Supporting Material 7 CHAPTER 2 Implementation Guide 9 The CLASP Activities 11 Institute security awareness program 11 Monitor security metrics 12 Specify operational environment 13 Identify global security policy 14 Identify resources and trust boundaries 15 Identify user roles and resource capabilities 16 Document security-relevant requirements 17 Detail misuse cases 18 Identify attack surface 19 Apply security principles to design 20 Research and assess security posture of technology solutions 21 Annotate class designs with security properties 22 Specify database security configuration 23 Perform security analysis of system requirements and design (threat modeling) 24 Integrate security analysis into source management process 25 Implement interface contracts 26 Implement and elaborate resource policies and security technologies 27 Address reported security issues 28 Perform source-level security review 29 Identify, implement and perform security tests 30 The CLASP Application Security Process i Verify security attributes of resources 31 Perform code signing 32 Build operational security guide 33 Manage security issue disclosure process 34 Developing a Process Engineering Plan 35 Business objectives 35 Process
    [Show full text]
  • Why Governments Target Civil Society and What Can Be Done in Response a New Agenda
    APRIL 2015 Why Governments Target Civil Society and What Can Be Done in Response A New Agenda AUTHOR Sarah E. Mendelson A Report of the CSIS Human Rights Initiative 1616 Rhode Island Avenue NW Washington, DC 20036 202-887-0200 | www.csis.org Cover photo: Shutterstock.com. Blank Why Governments Target Civil Society and What Can Be Done in Response A New Agenda Author Sarah E. Mendelson A Report of the CSIS Human Rights Initiative April 2015 About CSIS For over 50 years, the Center for Strategic and International Studies (CSIS) has worked to develop solutions to the world’s greatest policy challenges. Today, CSIS scholars are providing strategic insights and bipartisan policy solutions to help decisionmakers chart a course toward a better world. CSIS is a nonprofit organization headquartered in Washington, D.C. The Center’s 220 full- time staff and large network of affiliated scholars conduct research and analysis and develop policy initiatives that look into the future and anticipate change. Founded at the height of the Cold War by David M. Abshire and Admiral Arleigh Burke, CSIS was dedicated to finding ways to sustain American prominence and prosperity as a force for good in the world. Since 1962, CSIS has become one of the world’s preeminent international institutions focused on defense and security; regional stability; and transnational challenges ranging from energy and climate to global health and economic integration. Former U.S. senator Sam Nunn has chaired the CSIS Board of Trustees since 1999. Former deputy secretary of defense John J. Hamre became the Center’s president and chief executive officer in 2000.
    [Show full text]
  • Cybersecurity Guide: Hackers and Defenders Harness Design and Machine Learning
    Cybersecurity Guide: HACKERS AND DEFENDERS HARNESS DESIGN AND MACHINE LEARNING CYBERSECURITY GUIDE: HACKERS AND DEFENDERS HARNESS DESIGN AND MACHINE LEARNING TABLE OF CONTENTS 3 INTRODUCTION 4 SECTION 1 THE SITUATION REPORT 9 SECTION 2 THINK LIKE DA VINCI: MORE ART IS NEEDED IN THE SCIENCE OF CYBERSECURITY 16 SECTION 3 THROUGH THE LOOKING GLASS: MACHINE LEARNING AND ARTIFICIAL INTELLIGENCE 21 ENDNOTES PAGE 2 CYBERSECURITY GUIDE: HACKERS AND DEFENDERS HARNESS DESIGN AND MACHINE LEARNING Across the globe, lives and livelihoods are increasingly For information-security professionals, successfully moving online, physical and digital worlds are beginning to defending against the fire hose of now-nonstop online overlap, and digital currencies with no real-world equivalent attacks are both the stuff of nightmares and the reason to can buy real-world goods and services. Artificial intelligence get out of bed in the morning. Who’s winning — the is powering autonomous vehicle decision-making,1 finding attackers or the defenders? new drug candidates2 daily and personalizing lessons3 to help students learn. At the same time, doctors are Given the daily drumbeat of successful intrusions that often performing life-saving surgeries on the other side of the cripple companies’ operations and erase millions of dollars in globe via the internet4 and robot proxies while networked stock value,5 it’s hard to tell. sensors shake up industries from power generation to public transit. Every year, the list of industries being disrupted by To bring the current and future landscape of cybersecurity sensors, smart machines, and microprocessors expand. into focus, HP conferred with leading experts in the field to create this comprehensive, up-to-date guide.
    [Show full text]
  • What You Should Know About Kaspersky
    What you should know Proven. Transparent. about Kaspersky Lab Independent. Fighting for your digital freedom Your data and privacy are under attack by cybercriminals and spy agencies, so you need a partner who is not afraid of standing beside you to protect what matters to you most. For over 20 years, Kaspersky Lab has been catching all kinds of cyberthreats. No matter whether they come from script kiddies, cybercriminals or governments, or from the north, south, east or west. We believe the online world should be free from attack and state-sponsored espionage, and will continue fighting for a truly free and safe digital world. Proven Transparent Independent Kaspersky Lab routinely scores the highest We are totally transparent and are making As a private company, we are independent marks in independent ratings and surveys. it even easier to understand what we do: from short term business considerations and institutional influence. • Measured alongside more than 100 other • Independent review of the company’s well-known vendors in the industry source code, software updates and We share our expertise, knowledge • 72 first places in 86 tests in 2017 threat detection rules and technical findings with the world’s • Top 3 ranking* in 91% of all product tests • Independent review of internal security community, IT security vendors, • In 2017, Kaspersky Lab received processes international organizations, and law Platinum Status for Gartner’s Peer • Three transparency centers by 2020 enforcement agencies. Insight** Customer Choice Award 2017, • Increased bug bounty rewards with up in the Endpoint Protection Platforms to $100K per discovered vulnerability Our research team is spread across the market world and includes some of the most renowned security experts in the world.
    [Show full text]
  • Finnish Defence Forces International Centre the Many Faces of Military
    Finnish Defence Forces International Finnish Defence Forces Centre 2 The Many Faces of Military Crisis Management Lessons from the Field Edited by Mikaeli Langinvainio Finnish Defence Forces FINCENT Publication Series International Centre 1:2011 1 FINNISH DEFENCE FORCES INTERNATIONAL CENTRE FINCENT PUBLICATION SERIES 1:2011 The Many Faces of Military Crisis Management Lessons from the Field EDITED BY MIKAELI LANGINVAINIO FINNISH DEFENCE FORCES INTERNATIONAL CENTRE TUUSULA 2011 2 Mikaeli Langinvainio (ed.): The Many Faces of Military Crisis Management Lessons from the Field Finnish Defence Forces International Centre FINCENT Publication Series 1:2011 Cover design: Harri Larinen Layout: Heidi Paananen/TKKK Copyright: Puolustusvoimat, Puolustusvoimien Kansainvälinen Keskus ISBN 978–951–25–2257–6 ISBN 978–951–25–2258–3 (PDF) ISSN 1797–8629 Printed in Finland Juvenens Print Oy Tampere 2011 3 Contents Jukka Tuononen Preface .............................................................................................5 Mikaeli Langinvainio Introduction .....................................................................................8 Mikko Laakkonen Military Crisis Management in the Next Decade (2020–2030) ..............................................................12 Antti Häikiö New Military and Civilian Training - What can they learn from each other? What should they learn together? And what must both learn? .....................................................................................20 Petteri Kurkinen Concept for the PfP Training
    [Show full text]
  • Cyber Law and Espionage Law As Communicating Vessels
    Maurer School of Law: Indiana University Digital Repository @ Maurer Law Books & Book Chapters by Maurer Faculty Faculty Scholarship 2018 Cyber Law and Espionage Law as Communicating Vessels Asaf Lubin Maurer School of Law - Indiana University, [email protected] Follow this and additional works at: https://www.repository.law.indiana.edu/facbooks Part of the Information Security Commons, International Law Commons, Internet Law Commons, and the Science and Technology Law Commons Recommended Citation Lubin, Asaf, "Cyber Law and Espionage Law as Communicating Vessels" (2018). Books & Book Chapters by Maurer Faculty. 220. https://www.repository.law.indiana.edu/facbooks/220 This Book is brought to you for free and open access by the Faculty Scholarship at Digital Repository @ Maurer Law. It has been accepted for inclusion in Books & Book Chapters by Maurer Faculty by an authorized administrator of Digital Repository @ Maurer Law. For more information, please contact [email protected]. 2018 10th International Conference on Cyber Conflict CyCon X: Maximising Effects T. Minárik, R. Jakschis, L. Lindström (Eds.) 30 May - 01 June 2018, Tallinn, Estonia 2018 10TH INTERNATIONAL CONFERENCE ON CYBER CONFLicT CYCON X: MAXIMISING EFFECTS Copyright © 2018 by NATO CCD COE Publications. All rights reserved. IEEE Catalog Number: CFP1826N-PRT ISBN (print): 978-9949-9904-2-9 ISBN (pdf): 978-9949-9904-3-6 COPYRigHT AND REPRINT PERmissiONS No part of this publication may be reprinted, reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without the prior written permission of the NATO Cooperative Cyber Defence Centre of Excellence ([email protected]).
    [Show full text]
  • Beyond MOV ADD XOR – the Unusual and Unexpected
    Beyond MOV ADD XOR the unusual and unexpected in x86 Mateusz "j00ru" Jurczyk, Gynvael Coldwind CONFidence 2013, Kraków Who • Mateusz Jurczyk o Information Security Engineer @ Google o http://j00ru.vexillium.org/ o @j00ru • Gynvael Coldwind o Information Security Engineer @ Google o http://gynvael.coldwind.pl/ o @gynvael Agenda • Getting you up to speed with new x86 research. • Highlighting interesting facts and tricks. • Both x86 and x86-64 discussed. Security relevance • Local vulnerabilities in CPU ↔ OS integration. • Subtle CPU-specific information disclosure. • Exploit mitigations on CPU level. • Loosely related considerations and quirks. x86 - introduction not required • Intel first ships 8086 in 1978 o 16-bit extension of the 8-bit 8085. • Only 80386 and later are used today. o first shipped in 1985 o fully 32-bit architecture o designed with security in mind . code and i/o privilege levels . memory protection . segmentation x86 - produced by... Intel, AMD, VIA - yeah, we all know these. • Chips and Technologies - left market after failed 386 compatible chip failed to boot the Windows operating system. • NEC - sold early Intel architecture compatibles such as NEC V20 and NEC V30; product line transitioned to NEC internal architecture http://www.cpu-collection.de/ x86 - other manufacturers Eastern Bloc KM1810BM86 (USSR) http://www.cpu-collection.de/ x86 - other manufacturers Transmeta, Rise Technology, IDT, National Semiconductor, Cyrix, NexGen, Chips and Technologies, IBM, UMC, DM&P Electronics, ZF Micro, Zet IA-32, RDC Semiconductors, Nvidia, ALi, SiS, GlobalFoundries, TSMC, Fujitsu, SGS-Thomson, Texas Instruments, ... (via Wikipedia) At first, a simple architecture... At first, a simple architecture... x86 bursted with new functions • No eXecute bit (W^X, DEP) o completely redefined exploit development, together with ASLR • Supervisor Mode Execution Prevention • RDRAND instruction o cryptographically secure prng • Related: TPM, VT-d, IOMMU Overall..
    [Show full text]