DOCSLIB.ORG

INFOWAR: Introduction to Cyberwarfare

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
INFOWAR: Introduction to Cyberwarfare INFOWAR Class Notes INFOWAR: Overview Part 1: Introduction to Information Introduction to Warfare Part 2: Weapons Cyberwarfare Part 3: Military M. E. Kabay, PhD, CISSP-ISSMP Perspectives Part 4: Cyberdefense Professor of Computer Information Systems Policy Issues School of Business & Management Part 5: Emerging College of Professional Schools Vulnerabilities & Norwich University Threats 1 Copyright © 2016 M. E. Kabay. All rights reserved. 2 Copyright © 2016 M. E. Kabay. All rights reserved. Part 1: Introduction to Introduction Information Warfare Definition* Offensive and defensive use Introduction of information & information Vulnerabilities systems Goals and Objectives To deny, exploit, corrupt or Sources of Threats and Attacks destroy Weapons of Cyberwar An adversary’s information, NOTE: information-based processes, References to “CSH6” are to this textbook: information systems, and Bosworth, S., M. E. Kabay, & E. Whyne (2014), eds. Computer Security computer-based networks Handbook, 6th Edition. Wiley (ISBN 978-0471716525). 2 volumes, 2240 pp. AMAZON < http://www.amazon.com/Computer-Security-Handbook-Seymour- While protecting one’s own. Used with permission of Bosworth/dp/1118127064/ > or Designed to achieve Robert Duffy, Avalon5.com < http://tinyurl.com/ldg9c8r > advantages over military or business See in particular Chapter 14: “Information Warfare” by S. Bosworth. _____________adversaries. *Dr Ivan Goldberg, Institute for Advanced Study of Information Warfare 3 Copyright © 2016 M. E. Kabay. All rights reserved. 4 Copyright © 2016 M. E. Kabay. All rights reserved. Vulnerabilities Critical Infrastructure Presidential Decision Directive 63 (PDD-63) President Clinton (1998) Critical Infrastructure http://www.fas.org/irp/offdocs/pdd-63.htm COTS Software Defined US critical infrastructure includes Dissenting Views Telecommunications Rebuttal Energy Banking and finance Transportation Water systems Emergency services These systems are vulnerable to asymmetric warfare – effective attack by much weaker adversaries (e.g., Mafia Boy vs AMAZON & eBAY in 2000) 5 Copyright © 2016 M. E. Kabay. All rights reserved. 6 Copyright © 2016 M. E. Kabay. All rights reserved. Copyright © 2016 M. E. Kabay 1 All rights reserved. INFOWAR Class Notes COTS Software Dissenting Views Military and civilian sectors both depend on COTS Some critics dismiss discussion of cyberwar as FUD (commercial off-the-shelf ) software Fear, Uncertainty and Doubt Microsoft OS has become Designed to increase sales of hardware, software monoculture and consulting services Continues to be vulnerable to Personal attacks on early promulgators of information subversion warfare doctrine Allows study and exploitation by Controversial figure: Winn Schwartau adversaries Author of novel Terminal Compromise Some hardware being manufactured Nonfiction Information Warfare and in potentially hostile nations Cybershock texts Much manufacturing in PRC Lampooned as wild-eyed Some claims of hardware Trojans (e.g., self-publicist keyboard equipped with keylogger) Actually a committed security expert 7 Copyright © 2016 M. E. Kabay. All rights reserved. 8 Copyright © 2016 M. E. Kabay. All rights reserved. Rebuttal to FUD claims Goals and Objectives of IW Growing evidence of asymmetric use of information systems in conflicts Military Industrial espionage from PRC Government growing Transportation Conflicts around world demonstrate role Commerce of Internet as tool and target Financial Disruptions India/Pakistan Medical Security Bosnia Koreas Law Enforcement Iranian unrest in June 2009 International & Corporate Espionage Arab Spring ISIS/ISIL/DAESH Communications Potential remains high – e.g., PSYOP using flash crowds to Economic Infrastructure obstruct emergency personnel or create targets for terrorists 9 Copyright © 2016 M. E. Kabay. All rights reserved. 10 Copyright © 2016 M. E. Kabay. All rights reserved. Sources of IW Threats and Military Perspective Attacks US Joint Doctrine for Operations Security (OPSEC) Identifying critical information Nation-States Analyzing friendly actions in military ops Cyberterrorists Identify which ops can be observed by adversaries Corporations Determine what adversaries Activists could learn Criminals Select and apply measures to control vulnerabilities to Hobbyists minimize adversarial exploitation Some discussion of potential offensive cyberoperations US Air Force established AF Cyber Operations Command to be stood up June 2009 Image © 2009 Beatrix Kiddoe. Used under terms of service of Photobucket. US Army established 2009 Army Posture Statement on http://media.photobucket.com/image/threats/BeatrixKiddoe/motivator639310.jpg?o=19 Cyber Operations 11 Copyright © 2016 M. E. Kabay. All rights reserved. 12 Copyright © 2016 M. E. Kabay. All rights reserved. Copyright © 2016 M. E. Kabay 2 All rights reserved. INFOWAR Class Notes Nation-States: Stuxnet Nation-States: China (2010) People’s Republic of China major actor Written to subvert SCADA for People’s Liberation Army doctrine explicitly Siemens centrifuge programmable includes information warfare logic controllers (PLCs) Widespread evidence of Damaged Uranium-enrichment massive probes and attacks centrifuges in Iran originating from China Spun too fast – crashed physically through state sponsorship 60% of Stuxnet infections were in Iran Formal training for cadres Speculations that US & Israel Other countries involved in information warfare wrote Stuxnet Worm ECHELON (SIGINT) organized by UK-USA No direct proof Security Agreement (Australia, Canada, New Zealand, the United Kingdom, and the United Circumstantial evidence includes codes and States) dates that might be related to Israel Documents supporting view that US involved were released by Edward Snowden in July 2013 13 Copyright © 2016 M. E. Kabay. All rights reserved. 14 Copyright © 2016 M. E. Kabay. All rights reserved. Cyberterrorists Corporations (1) Remains a theoretical possibility Potential for sabotage against rivals Individual criminal-hacker / Documented cases of interference using hobbyist attacks raise concerns computers and networks Documented interference 1999 – BUY.COM underpriced its $588 (mostly pranks) with Hitachi monitors at $164 – perhaps Ground traffic through effects of competing knowbots Emergency 911 systems 2000 – Sun accused Microsoft of corrupting Java to interfere with platform independence Air-traffic control 2000 – Steptoe & Johnson employee accused of Hospital systems…. denial-of-service attack on Moore Publishing Pranksters have been spreading 2000 – AOL accused of interfering with other false news via Twitter (deaths of ISPs by tampering with Internet settings celebrities….) Growing use of insecure wireless systems raises additional concerns for PSYOP 15 Copyright © 2016 M. E. Kabay. All rights reserved. 16 Copyright © 2016 M. E. Kabay. All rights reserved. Corporations (2) Corporations (3) 2005 – FCC investigated phone FBI deems economic espionage serious problem: < company ISP interference with Vonage VoIP https://www.fbi.gov/about- us/investigate/counterintelligence/economic-espionage > 2006 – Businessman selling t-shirts hired hacker to damage competitors using DDoS Infected 2000 PCs with slave programs in botnet Disabled Websites and online sales Jason Arabo (19 years old) sentenced to 30 months prison & $500K restitution Younger hacker (16 years old) sentenced to 5 years prison & $35K restitution 17 Copyright © 2016 M. E. Kabay. All rights reserved. 18 Copyright © 2016 M. E. Kabay. All rights reserved. Copyright © 2016 M. E. Kabay 3 All rights reserved. INFOWAR Class Notes Hacktivists (1) Hacktivists (2) Hacktivists use criminal hacking in support of 1998: Free East Timor (Indonesian Web sites) politics or ideology 1998: Legions of the Underground declared 1989: WANK (Worms cyberwar on Iraq and China Against Nuclear Killers) 1999: Jam Echelon Day: traffic with many keywords thought to spark capture by spy Infected DOE, network HEPNET & NASA networks 2000: World Trade Organization “You talk of times of peace for all, and then Hackers probed Web sites prepare for war.” 700 times 1998: Electronic Disturbance Theater Tried to penetrate barriers 54 times Indigenous peoples’ rights in Chiapas, Mexico Electrohippies launched DoS attack 19 Copyright © 2016 M. E. Kabay. All rights reserved. 20 Copyright © 2016 M. E. Kabay. All rights reserved. Hacktivists (3) Hacktivists (4) 2004: Electronic Disturbance Theater launched DoS on Anonymous (Anon) conservative Web sites during 2003 – 4chan board Republican National Convention No leaders 2008: Project Chanology Focus on defending launched against Church of Wikileaks in 2010-2011 Scientology Attacked Church of 2008: Chinese hackers attacked Scientology CNN Web sites to protest Western media bias QUESTION: doing good or not? 2009: much Web-defacement activity during attack by Israel See extensive list at on Gaza < https://en.wikipedia.org/wiki/Ti meline_of_events_associated_ Guy Fawkes Mask with_Anonymous > 21 Copyright © 2016 M. E. Kabay. All rights reserved. 22 Copyright © 2016 M. E. Kabay. All rights reserved. Hacktivists (5): Criminals (1) Recent Campaigns by Anonymous 2014 Stock manipulation: pump ‘n’ dump schemes Ferguson re shooting of Mike Brown NEI Webworld pump-and-dump (Nov 1999) Operation Hong Kong vs government repression 2 UCLA grad students & associate bought Attacks on Philippine govt for poor response to almost all shares of bankrupt NEI Super Typhoon Yolanda Webworld company 2015 Using
Load more

Recommended publications
  • Asia-Europe Meeting
    Asia-Europe Meeting Topic A: Identifying, Sharing and Remediating Faults in Cybersecurity Topic B: Tackling Local, Regional and Global Hunger MUNUC 32 TABLE OF CONTENTS ______________________________________________________ Letter from the Chair………………………………………………………….. 3 Topic A ………………………………………………………………………..… 4 Statement of the Problem…………………………………………….. 4 History of the Problem……………………………………….…..…….. 9 Past Actions…………………………………………………………….. 14 Possible Solutions………………………………………………………. 18 Bloc Positions…………………………………………………………… 20 Glossary…………………………………………………………………. 22 Topic B ………………………………………………………………...………. 23 Statement of the Problem…………………………………………….23 History of the Problem………………………………………………… 28 Past Actions…………………………………………………………….. 31 Possible Solutions………………………………………………………. 33 Bloc Positions…………………………………………………………… 35 Glossary…………………………………………………………………. 37 Bibliography……………………………………….…………………………. 38 2 Asia-Europe Meeting | MUNUC 32 LETTER FROM THE CHAIR ______________________________________________________ Dear Delegates, Welcome to the Asia-Europe Meeting Forum, or ASEM, at MUNUC 32! My name is Randolph Ramirez, and I usually go by Randy. I am a third year here at The University of Chicago studying Statistics and Political Science. I was born and raised in Wilton, Connecticut, and coming out to attend UChicago was my first trip out to Illinois! All throughout high school I was heavily involved in Model Congress, and partaking in MUNUC my first year here helped transition me into the world of Model UN! I am certain that this conference and committee will be a success, and I cannot wait to experience it with you all! The Asia-Europe Meeting Forum will offer a multitude of experiences, problems, solutions, and overall will hopefully give a descriptive look into the affairs of the two regions. Throughout this experience, I hope delegates learn the various factors that make solving the issues of cybersecurity and huger instability a difficult endeavor, and how best to go about solving them.
    [Show full text]
  • Web Warriors – CBC Documentary
    Cyber Crime Unit The federal government has suffered a nearly 680 percent increase in cyber security breaches in the past six years. 1 Computer Security Risks • A computer security risk is any event or action that could cause a loss of or damage to computer hardware, software, data, information, or processing capability • A cybercrime is an online or Internet-based illegal act Hackers Crackers Script Kiddies Corporate Spies Unethical Cyberextortionists Cyberterrorists Employees Pages 556 - 557 Discovering Computers 2011: Living in a Digital World 2 Chapter 11 3 HACKER Someone who gets into another persons computer or network ILLEGALLY. Say their intent is to improve SECURITY. Have advanced COMPUTER and NETWORK skills. CRACKER 4 Someone who gets into another persons computer or network ILLEGALLY. Their intent is to: 1. GET RID OF data 2. STEAL information 3.Other SPITEFUL acts. Have advanced COMPUTER and NETWORK skills. 5 SCRIPT KIDDIE Not as knowledgeable as a cracker but has the SAME intent. Often use PREWRITTEN hacking and cracking software packages to crack into computers. 6 CYBEREXTORTIONIST Uses EMAIL as a channel for BLACKMAIL. If they are not paid a sum of money, they threaten to: 1. REVEAL confidential material 2. TAKE ADVANTAGE OF a safety flaw 3. BEGIN an attack that will compromise a organization’s network 7 CYBERTERRORIST They use the INTERNET or NETWORK to destroy or damage computers for GOVERNMENTAL motives. Targets may be: 1. Nation’s AIR TRAFFIC system 2. ELECTRICITY-generating companies 3. TELECOMMUNICATION infrastructure 8 CORPORATE SPYS Have OUTSTANDING computer and networking skills and are hired to break into a specific computer and ROB its exclusive FILES and information or to help identify SAFETY risks in their own ORGANIZATION.
    [Show full text]
  • ESCUELA SUPERIOR POLITÉCNICA DEL LITORAL Facultad De
    ESCUELA SUPERIOR POLITÉCNICA DEL LITORAL Facultad de Ingeniería en Electricidad y Computación Maestría en Seguridad Informática Aplicada “DISEÑO E IMPLEMENTACIÓN DE UN SISTEMA DE DEFENSA CONTRA ATAQUES DE DENEGACIÓN DE SERVICIO DISTRIBUIDO EN LA RED PARA UNA EMPRESA DE SERVICIOS.” TESIS DE GRADO PREVIA A LA OBTENCIÓN DEL TÍTULO DE: MAGISTER EN SEGURIDAD INFORMÁTICA APLICADA KAROL PAMELA BRIONES FUENTES OMAR ANTONIO CÓRDOVA BALÓN GUAYAQUIL – ECUADOR 2015 ii AGRADECIMIENTO A Dios, A nuestras familias. iii DEDICATORIA A nuestras familias. iv TRIBUNAL DE SUSTENTACIÓN MSIG. LENIN FREIRE COBO DIRECTOR DEL MSIA MSIG. ROKY BARBOSA DIRECTOR DE TESIS MSIG. ALBERT ESPINAL SANTANA MIEMBRO PRINCIPAL v DECLARACIÓN EXPRESA “La responsabilidad del contenido de esta Tesis de Grado, me corresponde exclusivamente; y, el patrimonio intelectual de la misma, a la ESCUELA SUPERIOR POLITÉCNICA DEL LITORAL” ING. KAROL BRIONES FUENTES CI 0921279162 vi DECLARACIÓN EXPRESA “La responsabilidad del contenido de esta Tesis de Grado, me corresponde exclusivamente; y, el patrimonio intelectual de la misma, a la ESCUELA SUPERIOR POLITÉCNICA DEL LITORAL” ING. OMAR CORDOVA CI 0922892161 vii RESUMEN Internet ha revolucionado la forma en que operan los negocios en la actualidad. Gran cantidad de datos son transmitidos a nivel mundial en tiempo real, como es el caso de las compañías en línea, las cuales dependen de la disponibilidad de sus servicios las veinticuatro horas del día, los trescientos sesenta y cinco días del año para que sus clientes se mantengan conectados de diversas maneras y sin interrupciones. Pero, este nuevo mundo de mayores velocidades, grandes volúmenes de datos y alta disponibilidad de los servicios, trae consigo oportunidades para los criminales cibernéticos, cuyo objetivo es aprovechar el mínimo fallo en los sistemas que operan dentro de la gran red mundial.
    [Show full text]
  • Analisis Y Diagnostico De La Seguridad Informatica De Indeportes Boyaca
    ANALISIS Y DIAGNOSTICO DE LA SEGURIDAD INFORMATICA DE INDEPORTES BOYACA ANA MARIA RODRIGUEZ CARRILLO 53070244 UNIVERSIDAD NACIONAL ABIERTA Y A DISTANCIA “UNAD” ESPECIALIZACION EN SEGURIDAD INFORMATICA TUNJA 2014 ANALISIS Y DIAGNOSTICO DE LA SEGURIDAD INFORMATICA DE INDEPORTES BOYACA ANA MARIA RODRIGUEZ CARRILLO 53070244 Trabajo de grado como requisito para optar el título de Especialista En Seguridad informática Ingeniero SERGIO CONTRERAS Director de Proyecto UNIVERSIDAD NACIONAL ABIERTA Y A DISTANCIA UNAD ESPECIALIZACION EN SEGURIDAD INFORMATICA TUNJA 2014 _____________________________________ _____________________________________ _____________________________________ _____________________________________ _____________________________________ _____________________________________ _____________________________________ Firma del presidente del jurado _____________________________________ Firma del jurado _____________________________________ Firma del jurado Tunja, 06 de Octubre de 2014. DEDICATORIA El presente trabajo es dedicado en primera instancia a Dios quien día a día bendice mi profesión y me ayuda con cada uno de los retos que se me presentan a lo largo del camino de mi vida. A mi fiel compañero, amigo, cómplice y esposo, quien es la ayuda idónea diaria y mi fortaleza constante para seguir en el camino del conocimiento, quien no deja que me rinda y me apoya incondicionalmente para que día a día logre ser mejor persona. A mis familiares y compañeros de trabajo, por todo su amor, confianza y apoyo incondicional, a nuestros compañeros y profesores gracias por la amistad, la comprensión, los conocimientos y dedicación a lo largo de todo este camino recorrido que empieza a dar indudablemente los primeros frutos que celebramos. AGRADECIMIENTOS La vida está llena de metas y retos, que por lo general van de la mano con grandes sacrificios, por eso hoy podemos decir que gracias a Dios y nuestras familias esta meta se ha cumplido y seguramente vendrá muchas metas que harán parte de nuestro gran triunfo personal como familiar.
    [Show full text]
  • Countering the Proliferation of Offensive Cyber Capabilities
    COUNTERING THE PROLIFERATION OF OFFENSIVE CYBER CAPABILITIES Mr. Robert Morgus, Cybersecurity Initiative & International Security Program, New America Mr. Max Smeets, Centre for International Security and Cooperation (CISAC), Stanford University Mr. Trey Herr, Harvard Kennedy School MEMO №2 GCSC ISSUE BRIEF 161 TABLE OF CONTENTS SECTION 1: INTRODUCTION 163 SECTION 2: SCOPE OF ANALYSIS 165 SECTION 3: THE PILLARS AND OBJECTIVES OF COUNTERPROLIFERATION 167 SECTION 4: THE TRACE FRAMEWORK 169 SECTION 5: MAKING PROGRESS ON PROLIFERATION: APPLYING THE TRACE MODEL 177 Potential International Agreements 177 Arms Control Agreement 178 Export Control Arrangement 180 Tools for States or Like-minded Actors 181 Enhance Offensive and Defensive Capability 182 Diplomatic Toolbox 183 SECTION 6: RECOMMENDATIONS 184 1. Patience. 184 2. Increase the cost of developing offensive cyber capabilities 185 3. Further explore ways to increase barriers to spreading offensive cyber capability 186 CONCLUSIONS 187 GCSC ISSUE BRIEF 162 SECTION 1: INTRODUCTION The tenor of the cyber stability debate, often moribund and moving more sideways than forward, changed with the 2010 United Nations Governmental Group of Experts (UN GGE) Consensus Report that international law applied to cyberspace.164 It followed a position paper by the Obama administration published in January of that year to bring the various sides closer together. Though it wasn’t a steep trend line which followed, the slow process towards cyber norms was considered to be meaningful and positive.165 Despite this and subsequent progress, however, the events of 2017 have shed doubt on this progressive dynamic. The collapse of the UN GGE process in June sent an alarming message that we are moving away from establishing a meaningful cyber stability regime, rather than towards it.
    [Show full text]
  • A History of Cyber Security Attacks 1980 to Present a History of Cyber Security Attacks 1980 to Present
    A History of Cyber Security Attacks 1980 to Present http://taylorandfrancis.com A History of Cyber Security Attacks 1980 to Present Bruce Middleton CRC Press Taylor & Francis Group 6000 Broken Sound Parkway NW, Suite 300 Boca Raton, FL 33487-2742 © 2017 by Taylor & Francis Group, LLC CRC Press is an imprint of Taylor & Francis Group, an Informa business No claim to original U.S. Government works Printed on acid-free paper International Standard Book Number-13: 978-1-4987-8586-0 (Hardback) This book contains information obtained from authentic and highly regarded sources. Reasonable efforts have been made to publish reliable data and information, but the author and publisher cannot assume responsibility for the validity of all materials or the consequences of their use. The authors and publishers have attempted to trace the copyright holders of all material reproduced in this publication and apologize to copyright holders if permission to publish in this form has not been obtained. If any copyright material has not been acknowledged please write and let us know so we may rectify in any future reprint. Except as permitted under U.S. Copyright Law, no part of this book may be reprinted, reproduced, trans- mitted, or utilized in any form by any electronic, mechanical, or other means, now known or hereafter invented, including photocopying, microfilming, and recording, or in any information storage or retrieval system, without written permission from the publishers. For permission to photocopy or use material electronically from this work, please access www.copyright .com (http://www.copyright.com/) or contact the Copyright Clearance Center, Inc.
    [Show full text]
  • Teens and Computer Crime
    Teens and Computer Crime Many teens are smart with computers. Sometimes they like to show off just how smart they can be. One way is to hack into a big computer system. For the hacker, this can be a kind of challenge. For the big computer systems, it’s bad news. And it’s also illegal. Fifteen year-old Jonathan James was the first juvenile convicted and jailed in the United States for hacking. He caused a 21-day shutdown of the NASA computers that run the international space station. Michael Calce, known as “Mafiaboy” on the internet, was arrested in Montreal for attacks against major sites like eBay, Amazon, and CNN. Perhaps the most famous teen hacker, James Kosta, broke into several big business and military computers, including major banks. He was sentenced to 45 years in prison. According to the National Crime Agency in England, most teenage hackers aren’t in it for the money. Some see it as a game. Others do it to impress their friends. According to the NCA report, “Conquering the challenge, proving oneself to the group and intellectual satisfaction are more important motivations than financial gain.” Adam Mudd is an exception. When he was 16, he created malware that was used to carry out 1.7 million cyber attacks. He made over $500,000 selling his program to other cyber criminals. Some people believe that the best way to prevent cyber crime is to teach teenagers how to hack. After all, cyber crime and cyber security are two sides of the same coin.
    [Show full text]
  • Ddos.Synflood 216.209.82.62
    CS 361S Malware: Worms and Botnets Vitaly Shmatikov slide 1 Viruses vs. Worms VIRUS WORM Propagates by infecting Propagates automatically other programs by copying itself to target systems Usually inserted into host A standalone program code (not a standalone program) slide 2 1988 Morris Worm (Redux) No malicious payload, but bogged down infected machines by uncontrolled spawning • Infected 10% of all Internet hosts at the time Dictionary Multiple propagation vectors attack • Remote execution using rsh and cracked passwords – Tried to crack passwords using a small dictionary and publicly readable password file; targeted hosts from /etc/hosts.equiv • Buffer overflow in fingerd on VAX – Standard stack smashing exploit Memory corruption attack • DEBUG command in Sendmail – In early Sendmail, can execute a command on a remote machine by sending an SMTP (mail transfer) message slide 3 Summer of 2001 [“How to 0wn the Internet in Your Spare Time”] Three major worm outbreaks slide 4 Code Red I July 13, 2001: First worm of the modern era Exploited buffer overflow in Microsoft’s Internet Information Server (IIS) 1st through 20th of each month: spread • Finds new targets by random scan of IP address space – Spawns 99 threads to generate addresses and look for IIS • Creator forgot to seed the random number generator, and every copy scanned the same set of addresses 21st through the end of each month: attack • Defaces websites with “HELLO! Welcome to http://www.worm.com! Hacked by Chinese!” slide 5 Usurped Exception Handling In IIS [Chien and
    [Show full text]
  • (Ddos) Attacks
    Distributed Denial of Service Attacks Against Independent Media and Human Rights Sites Ethan Zuckerman, Hal Roberts, Ryan McGrady, Jillian York, John Palfrey† The Berkman Center for Internet & Society at Harvard University December 2010 † Ethan Zuckerman is a senior researcher at the Berkman Center for Internet & Society. Hal Roberts is a fellow at the Berkman Center. Ryan McGrady is a PhD student at North Carolina State University. Jillian York is a staff member at the Berkman Center. John Palfrey is a faculty co-director of the Berkman Center. 1 Table of Contents 1. Executive Summary 3 2. Introduction 6 3. Background 8 3.1. Core vs. Edge 9 3.2. A Brief History of DDoS 11 3.3. Current State of the Art 13 3.4. How DDoS Works 15 3.5. Mitigating DDoS 21 3.6. Additional Attacks 23 4. Research 25 4.1. Media Review 25 4.2. Survey 33 4.3. Interviews 38 4.4. Working Meeting 42 5. Recommendations 48 6. Glossary 58 2 1. Executive Summary Our research begins with the idea that Distributed Denial of Service (DDoS) is an increasingly common Internet phenomenon and is capable of silencing Internet speech, usually for a brief interval but occasionally for longer. We explore the specific phenomenon of DDoS attacks on independent media and human rights organizations, seeking to understand the nature and frequency of these attacks, their efficacy, and the responses available to sites under attack. Our report offers advice to independent media and human rights sites likely to be targeted by DDoS but comes to the uncomfortable conclusion that there is no easy solution to these attacks for many of these sites, particularly for attacks that exhaust network bandwidth.
    [Show full text]
  • Cybercrime, Cyber-Espionage, Information Warfare and “Cyber War”: the Fil-Rouge Which Connects the Dots
    Cybercrime, Cyber-Espionage, Information Warfare and “Cyber War”: the fil-rouge which connects the dots Raoul “Nobody” Chiesa Expert Disclaimer ● The information contained within this presentation do not infringe on any intellectual property nor does it contain tools or recipe that could be in breach with known laws. ● The statistical data presented belongs to the Hackers Profiling Project by UNICRI and ISECOM. ● Quoted trademarks belongs to registered owners. ● The views expressed are those of the author(s) and speaker(s) and do not necessary reflect the views of UNICRI or others United Nations agencies and institutes, nor the view of ENISA and its PSG (Permanent Stakeholders Group), neither Security Brokers. ● Contents of this presentation may be quoted or reproduced, provided that the source of information is acknowledged. October 26-27, Istanbul, Turkey Istanbul 2015 FIRST Technical Colloquium & TRANSITS Training 2 AgendaAgenda . Introductions . The scenarios and the Actors . Profiling «Hackers» . Information Warfare . Cyber Espionage case study . Conclusions . References, Q&A October 26-27, Istanbul, Turkey Istanbul 2015 FIRST Technical Colloquium & TRANSITS Training 3 Introductions The Speaker . President, Founder, Security Brokers . Principal, CyberDefcon Ltd. Independent Senior Advisor on Cybercrime @ UNICRI (United Nations Interregional Crime & Justice Research Institute) . Former PSG Member (2010-2012 / 2013.2015) @ ENISA (Permanent Stakeholders Group @ European Union Network & Information Security Agency) . Founder, Board of Directors and Technical Commitee Member @ CLUSIT (Italian Information Security Association) . Steering Committee, AIP/OPSI, Privacy & Security Observatory . Former Member, Co-coordinator of the WG «Cyber World» @ Italian MoD . Cultural Attachè, APWG European Chapter (APWG.EU) . Board of Directors, ISECOM . Board of Directors, OWASP Italian Chapter .
    [Show full text]
  • Ciber-Terrorismo Definición De Políticas De Seguridad Para Proteger Infraestructuras Críticas Frente a Ciber-Ataques Terroristas
    UNIVERSIDAD EUROPEA DE MADRID ESCUELA POLITÉCNICA MÁSTER UNIVERSITARIO EN SEGURIDAD DE LAS TECNOLOGÍAS DE LA INFORMACIÓN Y LAS COMUNICACIONES TRABAJO FIN DE MÁSTER Ciber-terrorismo Definición de políticas de seguridad para proteger infraestructuras críticas frente a ciber-ataques terroristas Carlos Díez Molina Javier Perojo Gascón Juan José Penide Blanco Mikel Arias R.Antigüedad CURSO 2010-2011 TÍTULO: Ciber-terrorismo. Definición de políticas de seguridad para proteger infraestructuras críticas frente a ciber-ataques terroristas AUTOR: Carlos Díez Molina Javier Perojo Gascón Juan José Penide Blanco Mikel Arias R. Antigüedad DIRECTOR: Pilar Santamaría MIEMBROS DEL TRIBUNAL CALIFICADOR: PRESIDENTE: VOCAL: SECRETARIO: FECHA DE LECTURA: 19 de mayo de 2011 CALIFICACIÓN: Resumen en español Los ataques digitales son a día de hoy una realidad de la cual nadie está a salvo. Las infraestructuras que albergan servicios básicos para la sociedad actual (energía, agua, comunicaciones…) no son una excepción, siendo elementos críticos a proteger. El presente documento trata de analizar la situación en la que se encuentran a día de hoy dichas infraestructuras, explicando la legalidad vigente y futuros proyectos de ley y normativas. Se describe la evolución de los ataques digitales y se destacan dos de ellos. Por un lado Stuxnet, virus informático realizado supuestamente para atacar centrales nucleares iranís. Por otro se encuentra Wikileaks, fenómeno nacido en la red que intenta filtrar información secreta de los gobiernos. Según un estudio de Tecnocom el 96% de los ataques existentes se podrían haber evitado con la aplicación de políticas de seguridad básicas. Por ello, se propondrán políticas de seguridad aplicables contra las amenazas digitales, siendo su aplicación una manera preventiva de luchar contra los ataques.
    [Show full text]
  • Cyber-Enabled Financial Abuse of Older Americans: A
    Cyber-Enabled Financial Abuse of Older Americans: A Public Policy Problem An interpretative framework investigating the social, economic, and policy characteristics of cyber-enabled older American financial abuse Christine Lyons A dissertation submitted in partial fulfillment of the requirements for the degree of Doctor of Public Administration College of Public Affairs University of Baltimore Baltimore, Maryland December, 2019 This dissertation is dedicated to those who bravely shared their story with me in confidence. I am truly honored to be entrusted by you with the details of your financial and emotional trauma stemming from a time in your life so vividly painful. ACKNOWLEDGMENTS No one writes a dissertation without significant help from others and this is so very true with this endeavor. I would like to give a special thanks to three strong, admiralty intelligent, and hard-working women, my committee: Dr. Heather Wyatt- Nichol (chair), Dr. Lorenda Naylor, and Dr. Shelly Bumphus. Thank you for not giving up on me and encouraging me to continue to research a much under-studied public administration topic. Without your support, this dissertation would not be finished. I wish to express my thanks to Ms. Nina Helwig; the Adult Protective Services of Montgomery County, MD; and the Fraud Department of the Montgomery County, MD Police. I am also thankful for the time and assistance from Dr. Richard Mestas, as well as two of the best research librarians – Ms. Elizabeth Ventura and Mr. Andrew Wheeler, I am unable to adequately express my gratitude for the unwavering and unconditional support from my life partner of almost forty years, Clint Lyons; our son Clinton, his wife Annie, and our grandchildren CJ, Gabby, Natalie, and Alex; and our daughter Mary-Michael.
    [Show full text]