DOCSLIB.ORG

Group Project

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Group Project Awareness & Prevention of Black Hat Hackers Mohamed Islam & Yves Francois IASP 470 History on Hacking • Was born in MIT’s Tech Model Railway Club in 1960 • Were considered computer wizards who had a passion for exploring electronic systems • Would examine electronic systems to familiarize themselves with the weaknesses of the system • Had strict ethical codes • As computers became more accessible hackers were replaced with more youthful that did not share the same ethical high ground. Types of Hackers • Script Kiddie: Uses existing computer scripts or code to hack into computers usually lacking the expertise to write their own. Common script kiddie attack is DoSing or DDoSing. • White Hat: person who hacks into a computer network to test or evaluate its security system. They are also known as ethical hackers usually with a college degree in IT security. • Black Hat: Person who hacks into a computer network with malicious or criminal intent. • Grey Hat: This person falls between white and black hat hackers. This is a security expert who may sometimes violate laws or typical ethical standards but does not have the malicious intent associated with a black hat hacker. • Green Hat: Person who is new to the hacking world but is passionate about the craft and works vigorously to excel at it to become a full-blown hacker • Red Hat: Security experts that have a similar agenda to white hat hackers which is stopping black hat hackers. Instead of reporting a malicious attack like a white hat hacker would do they would and believe that they can and will take down the perpretrator. • Blue Hat: Much like script Kiddies. They are novist hackers whose main agenda is to take revenge on anyone who may make them angry, with no desire to learn just to exact revenge on opposing parties. Famous Black Hat Hackers • John Draper AKA “Captain Crunch” • Exploited telephone systems that were managed by automated systems that used specific analogue frequencies back in the 70’s • Process of exploiting these frequencies is called “Phreaking”. • Equipment used to Phreak was a toy whistle that came from in a box of Cap’n Crunch cereal. • Created his own Phreaking tool whistle known as the blue box • Inspired the two Steve’s of Apple Famous Black Hat Hackers cont. • Created the Morris Worm November 2nd 1998 • Morris worm infected 6000 systems which was 10 percent of internet attached computers. • The Morris worm copied itself excessively which caused heavy system loads causing financial damage that lead back to him. • First person indicted and convicted under the Computer Fraud and Abuse Act of 1986. • Served 3 years of federal jail time for probation. • Currently works for MIT in the electrical engineering and computer science department and helped found Silicon Valley Tech Incubator Y Combinator which is a program that assist young startups to get businesses off the ground. Famous Black Hat Hackers cont. • Kevin Mitnick AKA “The Condor” AKA “The Darkside Hacker”. • Considered the most famous hacker in history first to make the FBI’s most wanted list. • Master in Social Engineering • Manipulating people into giving out passwords and other information that can unlock sensitive data on networks. • Broke into computer networks Pacific Bell, Nokia, IBM, and Motorola • Evaded FBI for 3 years using cloned cell phones that helped hide his location • In 1999 served 5 years and upon his release started his own computer security consultancy Mitnick Security Consulting LLC Famous Black Hat Hackers cont. • Jeff Moss AKA “The Dark Tangent” • Graduate of Gonzaga University with BA in Criminal Justice. • Professional career started at Ernst & Young LLP in their information system security division. • Director at Secure Computing Corporation assisted in establishing the Professional Services Department in the U.S., Asia, and Australia. • 1993 Created DEF CON hacker convention. • 1997 created Black Hat Briefings computer security conference. • Cyber security advisor for the U.S. • 2009 sworn into Homeland Security Advisory Council. • April 2011 was appointed Chief Security Officer of ICANN. • 2017 named the Commissioner at the Global Commission on the Stability of Cyberspace. DEF CON Hacker Conference • One of the worlds largest hacker conventions that is held annually in Las Vegas. • Started in June 1993 by Jeff Moss meant to be a party for member of Platinum Net a Fido based hacking network out of Canada. • Attendees include computer security professionals, lawyers, journalist, security researchers, students, federal government employees. • Topics covered phone phreaking, hardware modification, computer architecture anything that can be hacked. • Most popular game is Capture the Flag (CTF) this is a hacking competition where teams of hackers attempt to attack and defend computers and networks using certain software and network structures • Federal law enforcement agents from FBI, DoD, United States Postal Inspection Service, DHS Black Hat Briefings • Computer security conference started in 1997 by Jeff Moss. • Takes place different parts of the world. Its been held in Las Vegas, Barcelona, Abu Dhabi, Tokyo, Washington DC, and London. • It is typically scheduled before DEF CON • Two major sections of the conference is the Black Hat Briefings and Black Hat Trainings • Has hosted the NSA’s information assurance manager course. • Has hosted Cisco Systems course as well as Offensive Security courses. • Topics range from reverse engineering, identity and privacy and hacking. Conclusion • With computers becoming more and more popular in civilian life, using them for everyday activities like keeping in contact with loved ones, schooling and banking. Our computers store our personal sensitive data on them, and keeping that information secure is becoming more difficult as technology evolves. As technology evolves so do the ones that look to exploit these systems. Government agencies recognize this problem as well as the skills that hackers have, to the point that they look to employ them to keep our systems safe. They attend these hacker inspired conferences in hopes to recruit hackers with as many as 25% of hackers working with government agencies at some capacity whether as security advisors or consultants. They may have the mind set if you can’t beat them or catch them have them work for you so they can catch others alike. Introduction In the present time we see a lot of companies getting hacked by black hat hackers. Within the past we see hackers stealing sensitive information through the network infrastructure. By the time company realizes they’ve been hacked the hacker already covered their tracks and made it look like a malfunction in the system. Black hat hackers are very malicious and aggressive. The education system should offer actual hands on training or courses for anyone in the technology field. This will help reduce the amount of malicious hackers, from gaining sensitive information about an individual or company secrets. Prevention Companies tools and protocols • network bound control • First line of defense • Attack will originate from outside the defended network. • defense-in-depth • Second line of defense • It was designed to overcome the single point of failure of the network boundary control model • continuous monitoring • Network will not remain in a healthy state and will find it necessary to continuously review for faults • Main drawback of continuous monitoring is managing the complexity of information collected. Prevention (Continuation) • content filters • filters they serve as gatekeepers for your internal employees. • Configure a content filter to disallow connection to certain websites or entire categories of websites. • This is important because many Black Hat hackers gain access to your network via your employees’ visits to their websites. Sometimes just visiting the site allows • security testing • Consider hiring a security company for a penetration test on your network to find what vulnerabilities exist. • With such a list in hand, you can begin to plug holes you did not know existed. Future The future of Black Hat hackers • Pwning Internet of Things (IoT) • segment your IoT network • update the firmware regularly. • machine learning going to the dark side • These technologies are used for everything from categorizing cat pictures on the Internet • Helping create self-driving cars. More recently security industry are adopting these technologies to improve malware and attack detection. • they introduced a tool called DeepHack, an open source AI that hacks web applications. Future (Continuation) • teaching how to hack at a college level • computer science, information technology, cyber-security majors how to hack in college. • Most colleges offer it as an elective credit but the class is called ethical hacking. • But they don’t teach you hands on they teach theories which is helpful but hands on would be better. • With such skills, a student will be able to test the systems of a future employer in order to pinpoint flaws in system designs as well as security issues. • By understanding how to hack, a student not only knows how a system might be breached but can identify the signs of a breach and can determine where in a system a hacker might attempt an attack. Conclusion In conclusion as the modern world advances, we also notice the use of technology is either being pwned or hacked by black hat hackers. We can assume that with the latest technological advances that black hat hacker can either take control or steal valuable information to exploit companies all over the world. The reason why we even have protocols and plans is to assume the company either as a mole or the infrastructure is compromised. With the companies and government agencies that they have top on the line tools, protocols and equipment to prevents cyber threats. In the future we can assume that black hat hackers are going to be more malicious then they are in the present. .
Load more

Recommended publications
  • (U//Fouo) Assessment of Anonymous Threat to Control Systems
    UNCLASSIFIED//FOR OFFICIAL USE ONLY A‐0020‐NCCIC / ICS‐CERT –120020110916 DISTRIBUTION NOTICE (A): THIS PRODUCT IS INTENDED FOR MISION PARTNERS AT THE “FOR OFFICIAL USE ONLY” LEVEL, ACROSS THE CYBERSECURITY, CRITICAL INFRASTRUCTURE AND / OR KEY RESOURCES COMMUNITY AT LARGE. (U//FOUO) ASSESSMENT OF ANONYMOUS THREAT TO CONTROL SYSTEMS EXECUTIVE SUMMARY (U) The loosely organized hacking collective known as Anonymous has recently expressed an interest in targeting inDustrial control systems (ICS). This proDuct characterizes Anonymous’ capabilities and intent in this area, based on expert input from DHS’s Control Systems Security Program/Industrial Control Systems Cyber Emergency Response Team (ICS‐CERT) in coordination with the other NCCIC components. (U//FOUO) While Anonymous recently expressed intent to target ICS, they have not Demonstrated a capability to inflict Damage to these systems, instead choosing to harass and embarrass their targets using rudimentary attack methoDs, readily available to the research community. Anonymous does have the ability to impact aspects of critical infrastructure that run on common, internet accessible systems (such as web‐based applications and windows systems) by employing tactics such as denial of service. Anonymous’ increased interest may indicate intent to Develop an offensive ICS capability in the future. ICS‐CERT assesses that the publically available information regarding exploitation of ICS coulD be leveraged to reDuce the amount of time to develop offensive ICS capabilities. However, the lack of centralized leadership/coordination anD specific expertise may pose challenges to this effort. DISCUSSION (U//FOUO) Several racist, homophobic, hateful, and otherwise maliciously intolerant cyber and physical inciDents throughout the past Decadea have been attributeD to Anonymous, though recently, their targets and apparent motivations have evolved to what appears to be a hacktivist1 agenda.
    [Show full text]
  • Underground Hacker Markets ANNUAL REPORT—APRIL 2016
    Underground Hacker Markets ANNUAL REPORT—APRIL 2016 1 Underground Hacker Markets | APRIL 2016 Contents 3 Introduction: Welcome Back to the Underground 4 Price List for Hacker Goods and Services 7 Russian Hackers Expand their Working Hours and Use Guarantors to Ensure Customers’ Happiness 9 Hacking Services for Hire 11 Business Dossiers for Companies in the Russian Federation Bank Account Credentials, Tax Identification Numbers (TINS), Articles of Incorporation, Phone Numbers, Lease Agreements 12 Hacker Goods for Sale Bank Accounts, Popular Online Payment Accounts, Airline Points Accounts, Credit Cards, Hacker Tutorials…You Name It 16 Is ATM Skimming Passé? Not on Your Life. 19 Security Measures for Protecting Against Cyber Threats 22 Conclusion 23 Glossary of Terms 2 Underground Hacker Markets | APRIL 2016 Introduction: Welcome Back to the Underground For our 3rd Annual Underground Hacker Markets Report, Dell SecureWorks engaged two of our top intelligence analysts from our CISO INTEL Team. The team members spend time tracking hackers on the numerous underground hacker forums and marketplaces all over the world. While much of the cybercrime hitting organizations throughout the world is the result of cooperation by hackers working outside the confines of publicly-accessible marketplaces, these underground forums provide a small window into the world cybercriminals occupy. In this report, we concentrated on marketplaces located on the Russian Underground and on English-speaking marketplaces between Q3 2015 and Q1 2016. Just as we did in the 2013 and 2014 Underground Hacker Reports, we wanted to see if any trends had emerged. For example, did prices for popular hacker goods such as stolen bank accounts, credit cards, and malware go up or down? What about services such as Distributed Denial of Service (DDoS) attacks or hacking company databases? Not only did we answer those questions, but we also found some intriguing new products for sale and some interesting new trends as well.
    [Show full text]
  • Hacks, Cracks, and Crime: an Examination of the Subculture and Social Organization of Computer Hackers Thomas Jeffrey Holt University of Missouri-St
    View metadata, citation and similar papers at core.ac.uk brought to you by CORE provided by University of Missouri, St. Louis University of Missouri, St. Louis IRL @ UMSL Dissertations UMSL Graduate Works 11-22-2005 Hacks, Cracks, and Crime: An Examination of the Subculture and Social Organization of Computer Hackers Thomas Jeffrey Holt University of Missouri-St. Louis, [email protected] Follow this and additional works at: https://irl.umsl.edu/dissertation Part of the Criminology and Criminal Justice Commons Recommended Citation Holt, Thomas Jeffrey, "Hacks, Cracks, and Crime: An Examination of the Subculture and Social Organization of Computer Hackers" (2005). Dissertations. 616. https://irl.umsl.edu/dissertation/616 This Dissertation is brought to you for free and open access by the UMSL Graduate Works at IRL @ UMSL. It has been accepted for inclusion in Dissertations by an authorized administrator of IRL @ UMSL. For more information, please contact [email protected]. Hacks, Cracks, and Crime: An Examination of the Subculture and Social Organization of Computer Hackers by THOMAS J. HOLT M.A., Criminology and Criminal Justice, University of Missouri- St. Louis, 2003 B.A., Criminology and Criminal Justice, University of Missouri- St. Louis, 2000 A DISSERTATION Submitted to the Graduate School of the UNIVERSITY OF MISSOURI- ST. LOUIS In partial Fulfillment of the Requirements for the Degree DOCTOR OF PHILOSOPHY in Criminology and Criminal Justice August, 2005 Advisory Committee Jody Miller, Ph. D. Chairperson Scott H. Decker, Ph. D. G. David Curry, Ph. D. Vicki Sauter, Ph. D. Copyright 2005 by Thomas Jeffrey Holt All Rights Reserved Holt, Thomas, 2005, UMSL, p.
    [Show full text]
  • Black Hat Hacker White Hat Hacker Gray Hat Hacker
    Crackers or Malicious Hackers: System crackers attempt to access computing facilities for which they have not been authorized. Cracking a computer's defenses is seen as the ultimate victimless crime. The perception is that nobody is hurt or even endangered by a little stolen machine time. Crackers enjoy the simple challenge of trying to log in, just to see whether it can be done. Most crackers can do their harm without confronting anybody, not even making a sound. In the absence of explicit warnings not to trespass in a system, crackers infer that access is permitted. Others attack for curiosity, personal gain, or self-satisfaction. And still others enjoy causing chaos, loss, or harm. There is no common profile or motivation for these attackers. Classification of Hackers: Hackers can be classified broadly into three different categories: 1. Black Hat Hacker 2. White Hat Hacker 3. Grey Hat Hacker Black Hat Hacker Black-hat Hackers are also known as an Unethical Hacker or a Security Cracker. These people hack the system illegally to steal money or to achieve their own illegal goals. They find banks or other companies with weak security and steal money or credit card information. They can also modify or destroy the data as well. Black hat hacking is illegal. White Hat Hacker White hat Hackers are also known as Ethical Hackers or a Penetration Tester. White hat hackers are the good guys of the hacker world. These people use the same technique used by the black hat hackers. They also hack the system, but they can only hack the system that they have permission to hack in order to test the security of the system.
    [Show full text]
  • Address Munging: the Practice of Disguising, Or Munging, an E-Mail Address to Prevent It Being Automatically Collected and Used
    Address Munging: the practice of disguising, or munging, an e-mail address to prevent it being automatically collected and used as a target for people and organizations that send unsolicited bulk e-mail address. Adware: or advertising-supported software is any software package which automatically plays, displays, or downloads advertising material to a computer after the software is installed on it or while the application is being used. Some types of adware are also spyware and can be classified as privacy-invasive software. Adware is software designed to force pre-chosen ads to display on your system. Some adware is designed to be malicious and will pop up ads with such speed and frequency that they seem to be taking over everything, slowing down your system and tying up all of your system resources. When adware is coupled with spyware, it can be a frustrating ride, to say the least. Backdoor: in a computer system (or cryptosystem or algorithm) is a method of bypassing normal authentication, securing remote access to a computer, obtaining access to plaintext, and so on, while attempting to remain undetected. The backdoor may take the form of an installed program (e.g., Back Orifice), or could be a modification to an existing program or hardware device. A back door is a point of entry that circumvents normal security and can be used by a cracker to access a network or computer system. Usually back doors are created by system developers as shortcuts to speed access through security during the development stage and then are overlooked and never properly removed during final implementation.
    [Show full text]
  • Web Security School Article #1
    Know your enemy: Why your Web site is at risk By Michael Cobb To the tag line for the Internet -- “Build it and they will come” -- I would add “...and try to crack it, deface it, abuse it, break it and steal it.” Hackers have more resources and time than even the largest organizations, and they don't suffer from the usual organizational constraints, such as office politics and budgets, that security practitioners face. In fact, hackers can show an almost enviable example of online collaboration, sharing information in order to achieve a result. This article will help you understand the tools, tactics and motives of the black hat community so that you have a better appreciation of the threats to your Web site and the system it runs on, and the importance of protecting them. Statistics to keep you awake at night In a test conducted over a two-week period in September 2004 by USA TODAY, there were 305,922 attempts to break into six computers connected to the Internet. The attacks literally began as soon as the computers went online, averaging more than 300 per hour against both a Windows XP Service Pack 1 machine with no firewall and an Apple Macintosh. There were more than 60 attacks per hour against a Windows Small Business Server. During the test, both of the Windows-based machines were compromised. These figures show how active the hacker community is. Any computer connected to the Internet is at risk, particularly a Web server. Although e-commerce Web sites receive more targeted attacks than any other type of Web site, it is no longer a question of if, but when your site will be probed.
    [Show full text]
  • Trojans and Malware on the Internet an Update
    Attitude Adjustment: Trojans and Malware on the Internet An Update Sarah Gordon and David Chess IBM Thomas J. Watson Research Center Yorktown Heights, NY Abstract This paper continues our examination of Trojan horses on the Internet; their prevalence, technical structure and impact. It explores the type and scope of threats encountered on the Internet - throughout history until today. It examines user attitudes and considers ways in which those attitudes can actively affect your organization’s vulnerability to Trojanizations of various types. It discusses the status of hostile active content on the Internet, including threats from Java and ActiveX, and re-examines the impact of these types of threats to Internet users in the real world. Observations related to the role of the antivirus industry in solving the problem are considered. Throughout the paper, technical and policy based strategies for minimizing the risk of damage from various types of Trojan horses on the Internet are presented This paper represents an update and summary of our research from Where There's Smoke There's Mirrors: The Truth About Trojan Horses on the Internet, presented at the Eighth International Virus Bulletin Conference in Munich Germany, October 1998, and Attitude Adjustment: Trojans and Malware on the Internet, presented at the European Institute for Computer Antivirus Research in Aalborg, Denmark, March 1999. Significant portions of those works are included here in original form. Descriptors: fidonet, internet, password stealing trojan, trojanized system, trojanized application, user behavior, java, activex, security policy, trojan horse, computer virus Attitude Adjustment: Trojans and Malware on the Internet Trojans On the Internet… Ever since the city of Troy was sacked by way of the apparently innocuous but ultimately deadly Trojan horse, the term has been used to talk about something that appears to be beneficial, but which hides an attack within.
    [Show full text]
  • Attacker Behaviour Forecasting Using Methods of Intelligent Data Analysis: a Comparative Review and Prospects
    information Review Attacker Behaviour Forecasting Using Methods of Intelligent Data Analysis: A Comparative Review and Prospects Elena Doynikova 1,*, Evgenia Novikova 1,2 and Igor Kotenko 1 1 St. Petersburg Institute for Informatics and Automation of the Russian Academy of Sciences, St. Petersburg 199178, Russia; [email protected] (E.N.); [email protected] (I.K.) 2 Saint Petersburg Electrotechnical University “LETI”, Department of computer science and technology, St. Petersburg 197022, Russia * Correspondence: [email protected] Received: 18 February 2020; Accepted: 16 March 2020; Published: 23 March 2020 Abstract: Early detection of the security incidents and correct forecasting of the attack development is the basis for the efficient and timely response to cyber threats. The development of the attack depends on future steps available to the attackers, their goals, and their motivation—that is, the attacker “profile” that defines the malefactor behaviour in the system. Usually, the “attacker profile” is a set of attacker’s attributes—both inner such as motives and skills, and external such as existing financial support and tools used. The definition of the attacker’s profile allows determining the type of the malefactor and the complexity of the countermeasures, and may significantly simplify the attacker attribution process when investigating security incidents. The goal of the paper is to analyze existing techniques of the attacker’s behaviour, the attacker’ profile specifications, and their application for the forecasting of the attack future steps. The implemented analysis allowed outlining the main advantages and limitations of the approaches to attack forecasting and attacker’s profile constructing, existing challenges, and prospects in the area.
    [Show full text]
  • America Exposed Who’S Watching You Through Your Computer’S
    America Exposed Who’s Watching You Through Your Computer’s Camera? May 2017 By: James Scott, Senior Fellow, The Institute for Critical Infrastructure Technology 1 America Exposed Who’s Watching You Through Your Computer’s Camera May 2017 Authored by: James Scott, Sr. Fellow, ICIT Except for (1) brief quotations used in media coverage of this publication, (2) links to the www.icitech.org website, and (3) certain other noncommercial uses permitted as fair use under United States copyright law, no part of this publication may be reproduced, distributed, or transmitted in any form or by any means, including photocopying, recording, or other electronic or mechanical methods, without the prior written permission of the publisher. For permission requests, contact the Institute for Critical Infrastructure Technology. Copyright © 2017 Institute for Critical Infrastructure Technology – All Rights Reserved ` 2 Support ICIT & Increase Webcam Privacy CamPatch®, the world’s leading manufacturer of webcam covers, is proud to donate 100% of net proceeds to ICIT. Custom Branded Webcam Covers are a powerful tool for security training initiatives, and are a valuable and impactful promotional giveaway item. Visit www.CamPatch.com or contact [email protected] to learn more. Upcoming Events The Annual ICIT Forum June 7, 2017, The Four Seasons Washington D.C. www.icitforum.org ` 3 Contents Are You Being Watched? .............................................................................................................................. 4 Computing Devices
    [Show full text]
  • Ethics of Hacktivism by Tennille W
    Ethics of Hacktivism by Tennille W. Scott and O. Shawn Cupp Introduction Do hacktivists have ethics? Some would say yes and others suggest that no, they do not. Are there rules that those who engage in hacking follow or abide by during the conduct of their activities? Does the hacktivist maintain any semblance of actions described under the just war theory? If so, it would seem to be only in jus in bello1 or the just conduct in war, due to the perpetual nature of hacker activities and hacktivist operations. First, what is a hacktivist?2 They are defined as those who through the nonviolent use for political ends of “illegal or legally ambiguous digital tools” like website defacements, information theft, website parodies, denial-of-service attacks, virtual sit-ins, and virtual sabotage.3 This provides the basis for understanding more about where hacktivists’ motivations come from and what kinds of ideologies they may exhibit. Nevertheless, hacktivists must conform to some sort of norm. Based upon the nature of hacktivist activities, there must be a way to categorize or identify their overarching ethic. Understanding the motivation of this group is a huge undertaking because of the great variance and diversity of the people who make up the hacktivist collective. Unlike cyberterrorists, who typically belong to a hierarchical group structure and have a common cause, hacktivists are not bound in the same way, which makes them more dynamic and difficult to analyze. A prime example is the hacktivist group known as Anonymous and its spinoff group, Lulz Security (LulzSec), who eventually participated in different activities with different motives.
    [Show full text]
  • Strategic Latency: Red, White, and Blue Managing the National and International Security Consequences of Disruptive Technologies Zachary S
    Strategic Latency: Red, White, and Blue Managing the National and International Security Consequences of Disruptive Technologies Zachary S. Davis and Michael Nacht, editors Center for Global Security Research Lawrence Livermore National Laboratory February 2018 Disclaimer: This document was prepared as an account of work sponsored by an agency of the United States government. Neither the United States government nor Lawrence Livermore National Security, LLC, nor any of their employees makes any warranty, expressed or implied, or assumes any legal liability or responsibility for the accuracy, completeness, or usefulness of any information, apparatus, product, or process disclosed, or represents that its use would not infringe privately owned rights. Reference herein to any specific commercial product, process, or service by trade name, trademark, manufacturer, or otherwise does not necessarily constitute or imply its endorsement, recommendation, or favoring by the United States government or Lawrence Livermore National Security, LLC. The views and opinions of authors expressed herein do not necessarily state or reflect those of the United States government or Lawrence Livermore National Security, LLC, and shall not be used for advertising or product endorsement purposes. LLNL-BOOK-746803 Strategic Latency: Red, White, and Blue: Managing the National and International Security Consequences of Disruptive Technologies Zachary S. Davis and Michael Nacht, editors Center for Global Security Research Lawrence Livermore National Laboratory February
    [Show full text]
  • Defending an Open, Global, Secure, and Resilient Internet
    Spine Should Adjust depending on page count Defending an Open,Defending Global, Secure, and Resilient Internet The Council on Foreign Relations sponsors Independent Task Forces to assess issues of current and critical importance to U.S. foreign policy and provide policymakers with concrete judgments and recommendations. Diverse in backgrounds and perspectives, Task Force members aim to reach a meaningful consensus on policy through private and nonpartisan deliberations. Once launched, Task Forces are independent of CFR and solely responsible for the content of their reports. Task Force members are asked to join a consensus signifying that they endorse “the general policy thrust and judgments reached by the group, though not necessarily every finding and recommendation.” Each Task Force member also has the option of putting forward an additional or a dissenting view. Members’ affiliations are listed for identification purposes only and do not imply institutional endorsement. Task Force observers participate in discussions, but are not asked to join the consensus. Task Force Members Elana Berkowitz Craig James Mundie McKinsey & Company, Inc. Microsoft Corporation Bob Boorstin John D. Negroponte Google, Inc. McLarty Associates Jeff A. Brueggeman Joseph S. Nye Jr. AT&T Harvard University Peter Matthews Cleveland Samuel J. Palmisano Intel Corporation IBM Corporation Esther Dyson Neal A. Pollard EDventure Holdings, Inc. PricewaterhouseCoopers LLP Martha Finnemore Elliot J. Schrage George Washington University Facebook Patrick Gorman Adam Segal Bank of America Council on Foreign Relations Independent Task Force Report No. 70 Michael V. Hayden Anne-Marie Slaughter Chertoff Group Princeton University Eugene J. Huang James B. Steinberg John D. Negroponte and Samuel J.
    [Show full text]