A Common Architecture for Cyber Offences and Assaults - (Organized Advanced Multi-Vector Persistent Attack)
Total Page:16
File Type:pdf, Size:1020Kb
ROYAL HOLLOWAY MSc PROJECT R. Osman Tekes Student Number: 100682179 Supervisor: John Austen A Common Architecture for Cyber Offences and Assaults - (Organized Advanced Multi-Vector Persistent Attack): Cyber War Cyber Intelligence, Espionage, and Subversion Cyber Crime SEPTEMBER 2011 Submitted as part of the requirements for the award of the MSc in Information Security at Royal Holloway, University of London. I declare that this assignment is all my own work and that I have acknowledged all quotations from the published or unpublished works of other people. I declare that I have also read the statements on plagiarism in Section 1 of the Regulations Governing Examination and Assessment Offences and in accordance with it I submit this project report as my own work. Signature Date ACKNOWLEDGEMENTS I would like to thank John Austen, my Project Supervisor, for his invaluable encouragement and guidance in helping me to achieve better results in the MSc in general and in completing this project. RHUL ISG MSc. Information Security Project O Tekes Table of Contents ABSTRACT .................................................................................................................................................. 6 1. INTRODUCTION............................................................................................................................... 8 1.1. OBJECTIVES ................................................................................................................................. 9 1.2. THE MOTIVATION ....................................................................................................................... 10 1.3. METHODOLOGY OVERVIEW ....................................................................................................... 10 1.4. OVERVIEW OF THE CHAPTERS.................................................................................................... 13 2. THE BACKGROUND AND CONTINUUMS................................................................................ 14 2.1. THE HUMANISTIC VIEW ............................................................................................................. 15 2.2. THE HISTORICAL AND ANTHROPOLOGICAL PERSPECTIVE: ......................................................... 16 2.3. THE TWO CONTINUUMS ............................................................................................................. 16 2.3.1 CONTINUUM ONE: THE SCALE OF ESCALATION - INTENSITY OF COERCION............................... 16 2.3.2 CONTINUUM TWO: THE SCALE OF LEGITIMACY......................................................................... 18 3. ANALYSIS: STRATEGIC SCOPE - CONTEXTUAL VIEW – ROW 1 OF ZACHMAN’S FRAMEWORK .......................................................................................................................................... 19 3.1. USA........................................................................................................................................... 19 3.1.1 U.S. CYBER STRATEGY:............................................................................................................. 19 3.1.2 US CYBER COMMAND................................................................................................................ 23 3.1.3 NSA........................................................................................................................................... 25 3.1.4 AN EVALUATION OF ALIGNMENTS, MISALIGNMENTS, GAPS, AND CONFLICTS .......................... 26 3.2. CHINA ........................................................................................................................................ 27 3.3. RUSSIA ....................................................................................................................................... 28 3.4. STRATEGIC SCOPE: THE MAIN POINTS....................................................................................... 31 4. ANALYSIS: ENTERPRISE MODEL CONCEPTUAL VIEW – ROW 2 OF ZACHMAN’S FRAMEWORK .......................................................................................................................................... 33 4.1. CYBER WAR............................................................................................................................... 34 4.1.1 FIRST CUT DATA MODEL ........................................................................................................... 34 4.1.2 FIRST CUT PROCESS MODEL ...................................................................................................... 35 4.2. CYBER INTELLIGENCE, ESPIONAGE AND SUBVERSION ............................................................... 38 4.2.1 THE OBJECTIVES OF INTELLIGENCE, ESPIONAGE AND SUBVERSION OPERATIONS ..................... 39 4.2.2 FIRST CUT DATA MODEL ........................................................................................................... 39 4.2.3 FIRST CUT PROCESS MODEL ...................................................................................................... 41 4.3. CYBER CRIME ............................................................................................................................ 42 4.3.1 THE OBJECTIVES OF CYBER CRIME ORGANIZATIONS................................................................. 42 4.3.2 FIRST CUT DATA MODEL ........................................................................................................... 43 4.3.3 FIRST CUT PROCESS MODEL ...................................................................................................... 45 4.4. CONCEPTUAL ANALYSIS: THE MAIN POINTS -SUMMARY .......................................................... 46 5. SYNTHESIS: ENTERPRISE MODEL CONCEPTUAL VIEW – ROW 2 OF ZACHMAN’S FRAMEWORK .......................................................................................................................................... 47 5.1. WHY: (OFFENCE TYPES) (OBJECTIVES) X (OFFENCE TYPES) (OBJECTIVES) MATRIX – SAMPLE 47 5.2. WHAT: (OFFENCE TYPES) (OBJECTIVES) X (ENTITY TYPES) MATRIX – SAMPLE ...................... 50 5.3. HOW: (OFFENCE TYPES) (OBJECTIVES) X (PROCESS MATRIX) – SAMPLE ................................. 52 6. CONCLUSION ................................................................................................................................. 54 6.1. THE PURPOSE OF THIS PROJECT.................................................................................................. 54 6.2. THE MAIN FINDINGS .................................................................................................................. 54 6.3. THE MAIN RESULTS ................................................................................................................... 55 6.3.1 RESULTS FROM THE SYNTHESIS MATRICES................................................................................ 55 6.3.2 THE MOTIVATIONS: THE WHY MATRIX - WHAT IS THE DEGREE OF SIMILARITY AMONG THE OBJECTIVES? ............................................................................................................................................ 56 6.3.3 THE ORGANIZATIONAL CONCEPTS AND DATA: THE WHAT MATRIX - WHAT IS THE DEGREE OF ALIGNMENT AND SUPPORT PROVIDED BY THE ENTITY TYPES? .................................................................. 57 6.3.4 THE ORGANIZATIONAL PROCESS AND VALUE CHAIN: THE HOW MATRIX - WHAT IS THE DEGREE OF ALIGNMENT AND SUPPORT PROVIDED BY THE PROCESSES?..................................................... 58 2011-08-31 13:09:53 Final Draft Osman Tekes 20110831 3 / 152 RHUL ISG MSc. Information Security Project O Tekes 6.3.5 SUMMARY OF MAIN RESULTS FROM THE SYNTHESIS MATRICES ............................................... 60 6.3.6 ADDITIONAL OBSERVATIONS AND CONCLUSIONS...................................................................... 60 6.3.6.1 Who............................................................................................................................................ 60 6.3.6.2 When.......................................................................................................................................... 60 6.3.6.3 Where......................................................................................................................................... 61 6.3.6.4 Additional Observations for Cyber War and Active Defence .................................................... 61 6.4. THE PROJECT OBJECTIVES AND THE PROJECT RESULTS ............................................................. 62 6.5. CONTRIBUTION TO KNOWLEDGE................................................................................................ 64 6.6. THE FUTURE OF THE CYBER WAR; CYBER INTELLIGENCE, ESPIONAGE AND SUBVERSION; AND CYBER CRIME........................................................................................................................................... 65 CONCLUDING REMARKS:.................................................................................................................... 66 REFERENCES ........................................................................................................................................... 67 APPENDICES ............................................................................................................................................ 92 1. AN OVERVIEW OF ENTERPRISE ARCHITECTURE APPROACH AND ZACHMAN’S FRAMEWORK ............... 92 2. SOME POLITICAL THOUGHTS ON INJUSTICE,