SlideShare une entreprise Scribd logo

Beza belayneh information_warfare_brief

Beza Belayneh
Beza Belayneh
1  sur  20
Télécharger pour lire hors ligne
Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and Present Danger to the Corporate World Opening Thank you for the questions and I am pleased to provide you detailed answers below. As you may know, issues of information security are changing with death defying speed and what was a solution yesterday may not be valid and what was a threat yesterday now changed today as a full blown attack. I would take cognisance of current information security threats and trends in my responses, remarks and overall presentation. This would help the audience to see the very current picture of the issue at hand. Very crucial fact that is often times ignored is that the ultimate objective of any information security measure is to protect human safety. Networks are under relentless attack, secure systems are breached, Information is stolen, and information is bought and sold. Just 5 days ago, researchers at the Internet Storm Center, an early warning system for Internet threats that is operated by the SANS Institute revealed that medical devices, MRI machines, infected with Conficker worm. This clearly brought the issue of information warfare attack to the level of a direct threat to human life. This is in addition to the recently reported security breach of the US power grid. The battle for information dominance is raging. Hackers attempt to break secured networks every 36 seconds. 250 new viruses are created every month. Over a trillion Rand lost as a result of various attacks and breaches that amount to be called information warfare. Many skeptics are starting to believe that we are at war. I am presenting not as a prophet of doom, but clearly providing the high risks presented by information warfare attacks. Today the world where the name of the game is deception is a world that businesses and managers ignore at their peril. Let me start by asking why should businesses be interested in information warfare? The reason is simple, because information warfare is interested in business. The presentation will show clearly series of current trends, weapons and experiences of numerous organisations that lost so much business and money. Simply put. Information warfare consists of those actions intended to protect, exploit, corrupt, deny, or destroy Information or information resources in order to achieve a significant advantage, objective, or victory over a Competitor. Before the responses, I would list few highly publicized and notable cases where information warfare attacks had taken place and critical systems were compromised for the past 12 months. To date, the best practices for information security in the private sector have focused on defence. Tremendous efforts have gone into developing and marketing defensive network tools – so much so that the market space is cluttered with www.bezaspeaks.com Beza Belayneh 1
Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and Present Danger to the Corporate World An array of “solutions” which become difficult to distinguish. Capabilities for active countermeasures have, for the most part, been considered outside of the appropriate scope of response for commercial enterprises. For a complete defense, offense must be considered. The concept of warfare comes in. Warfare in Business After all numerous business books are cluttered with concepts like flanking strategy, first –strike advantage, price wars, competitors’ intelligence, guerrilla marketing, killer application and so on. The similarity between military and business is growing each day. Both involve adversaries with various assets, motives and competing goals. It is for this reason, information warfare has become a serious issue in the corporate world and is regarded as an emerging threat by numerous authorise in the information security field including the annual Georgia Tech Information Security Centre. Georgia Tech declared information warfare (Cyber warfare) as one of the emerging threats for 2009 in its annual Emerging Cyber Threats Report for 2009. www.bezaspeaks.com Beza Belayneh 2
Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and Present Danger to the Corporate World Background Serious and Notable information warfare related attacks and breaches • Conficker worm hits hospital devices April 30th, 2009 By Elise Ackerman A computer worm that has alarmed security experts around the world has crawled into hundreds of medical devices at dozens of hospitals in the United States and other countries, according to technologists monitoring the threat. The worm, known as "Conficker," has not harmed any patients, they say, but it poses a potential threat to hospital operations."A few weeks ago, we discovered medical devices, MRI machines, infected with Conficker," said Marcus Sachs, director of the Internet Storm Center, an early warning system for Internet threats that is operated by the SANS Institute…(http://www.physorg.com/news160331005.html) • Chinese Hacktivists Waging People's Information Warfare Against CNN "We continue to import their junk with the lead paint on them and the poisoned pet food and export, you know, jobs to places where you can pay workers a dollar a month to turn out the stuff that we're buying from Wal-Mart." Speaking about the U.S. trade deficit with China on “The Situation Room”, Cafferty did not realize that his statement would provoke what amount to be unprecedented information warfare attack on CNN website by Chinese hackers. • Information warfare attack on Israeli Businesses - When Israeli tanks roll into Gaza, Pro-Palestinian hackers shut down approximately 700 Israeli web domains. A range of different Web sites were targeted by the group, including Web sites of banks, medical centers, car manufacturers and pension funds. Well-known companies and organizations, including Bank Hapoalim, the Rambam Medical Center, Bank Otsar Ha-Hayal, BMW Israel, Subaru Israel and Citroen Israel, real estate company Tarbut-Hadiur and the Jump fashion Web site all found their Web sites shut down and replaced by the message: Hacked by Team-Evil Arab hackers u KILL Palestine people we KILL Israel servers. www.bezaspeaks.com Beza Belayneh 3
Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and Present Danger to the Corporate World • Major corporations’ websites in New Zealand were attacked Turkish hackers broke into the New Zealand based registrar Domainz.net (which belongs to MelbourneIT) and redirected some of their customers' high profile web sites to a third party server with a defaced page. Companies which had their New Zealand web sites defaced include Microsoft, HSBC, Coca-Cola, F-secure, Bitdefender, Sony and Xerox. Mirror sites are at http://www.zone- h.org/news/id/4708 • Information warfare attacks on Danish sites Danish artist Kurt Westergaard never anticipated his drawings will cause unprecedented information warfare attack on numerous Danish websites. Internet hackers have attacked a website run by Denmark's Free Press Society selling prints of a controversial cartoon of the Prophet Mohammed, the group's director • Information Warfare Monitor uncovered cyber espionage network Researchers (Univ. of Toronto & SecDev Group) uncovered a suspected cyber espionage network of over 1,295 infected hosts in 103 countries. The researchers says the system — called GhostNet — sent e-mails that introduced malware into host computers, which in turn fed information back to servers located on the Chinese mainland. "The GhostNet system directs infected computers to download a Trojan (horse) known as ghOst RAT that allows attackers to gain complete, real-time control. • Verizon: Organized Crime Caused Spike in Data Breaches Apr 16, 2009 3:18 pm A new study from Verizon Business claims that organized crime is responsible for a large increase in the number of breached corporate electronic records, which totaled roughly 285 million last year. According to the study, which Verizon Business compiled using data from the 90 confirmed corporate network breaches it recorded last year, roughly 93% of all records breached came from the financial sector. The company also says that nine out every 10 of these breaches involved "groups identified by law enforcement as engaged in organized crime." www.bezaspeaks.com Beza Belayneh 4
Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and Present Danger to the Corporate World • Report: Spies hacked into U.S. electricity grid Spies from other countries have hacked into the United States' electricity grid, leaving traces of their activity and raising concerns over the security of the U.S. energy infrastructure to cyberattacks. The Wall Street Journal on Wednesday published a report saying that spies sought ways to navigate and control the power grid as well as the water and sewage infrastructure. It's part of a rising number of intrusions, the article said, quoting former and current national security officials. • Greece arrests man suspected of selling Dassault data Fri Jan 25, 2008 10:59am EST ATHENS (Reuters) - Greek police said on Friday they had arrested a man suspected of selling corporate secrets from France's Dassault Group, including data on weapons systems. This 58-year-old mathematician is responsible for causing damages in excess of $361 million to the company and he has sold this corporate data, including information on weapons systems, to about 250 buyers through the Internet," the official said. Police suspect the man of selling the data to buyers in Germany, Italy, France, South Africa, Brazil, as well as countries in Asia and the Balkans. "He is one of the world's best hackers, using the nickname ASTRA..," the official said. Dassault Group and its subsidiaries are a major player in civil aviation and the military sector. • Trojan.SilentBanker compromises online banking accounts April 24, 2009 - 5:30pm Trojan captures specific screen images, records keystrokes, steals all your confidential financial information and then sends it to a remote attacker. Recently certain computer security experts began paying attention to a Trojan that targets online bank accounts. This Trojan can cause extreme harm to customers’ finances, computer and their life. This Trojan is called Trojan.SilentBanker. Its computer attacks are executed in a very clever manner. It hides and waits on a hard drive without a user’s knowledge. Trojan.SilentBanker activates itself as soon as a user logs into his/her online banking account. www.bezaspeaks.com Beza Belayneh 5
Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and Present Danger to the Corporate World It steals usernames and passwords and uses them to change account details, then it takes such steps that makes user’s money be actually transferred to the bank account of the malware mastermind. It is important for all internet banking users to minimize many of the risks involved by working in their online bank accounts from their own computer. It is also extremely important to be aware that any e-mails that customers receive which ask them to update their banking details is probably false, even if it looks like original. All these warnings are not about only Trojan.SilentBanker, which is just one of many Trojans designed to steal your information and money. • Computer Spies Breach Fighter-Jet Project Computer spies have broken into the Pentagon's $300 billion Joint Strike Fighter project -- the Defense Department's costliest weapons program ever -- according to current and former government officials familiar with the attacks. Similar incidents have also breached the Air Force's air-traffic-control system in recent months, these people say. In the case of the fighter-jet program, the intruders were able to copy and siphon off several terabytes of data related to design and electronics systems, officials say, potentially making it easier to defend against the craft. The latest intrusions provide new evidence that a battle is heating up between the U.S. and potential adversaries over the data networks that tie the world together. The revelations follow a recent Wall Street Journal report that computers used to control the U.S. electrical-distribution system, as well as other infrastructure, have also been infiltrated by spies abroad. www.bezaspeaks.com Beza Belayneh 6
Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and Present Danger to the Corporate World 1. Beza’s Presentation Based on the above facts the presentation will cover the following issues Clearly explain to the audience that all these things happening around the world can happen to any organizations and what they must do to protect themselves. • What information warfare is and is not • Definition of information warfare from commerce point of view • Importance of information warfare awareness • Indications and examples of information warfare’s expansion to the commercial domain from military issue • Means of waging information warfare • Availability of current information warfare and attack tools freely online o Http bombers o Website defacing tools o Malware development kit • Highlight the need for corporate leaders to know about information warfare • The need for information security managers to develop a strategy that is offensive and defensive. Defensive may include how to develop framework for an information attack. • How to develop Information Warfare Risk Analysis Model – a system to be used by business organizations to help them protect against current and future risks. The presentation will highlight in detail why organizations must take information warfare threats seriously. Information warfare is almost antithesis of security. One is offensive, the other defensive. One tends to be proactive, the other reactive. In any organisation, the two are entwined but require totally different approaches. Organsiations wish to keep their own information advantage, and to deprive their competitors’. The use and abuse of information will be a critical factor in most organisations’ performance today and in the coming years. Information is not only a target but also a weapon. The presentation is all about this fact. www.bezaspeaks.com Beza Belayneh 7
Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and Present Danger to the Corporate World 2. Why is it important? In today's electronic age, the threat of cyber attacks is real and enormous. For any organisation with information-based assets, the deadliest weapons can come in the form of a keyboard, mouse, or personal computer. With hacking attacks and computer-based crimes increasing both in frequency and degree of seriousness, it's clear that information warfare is real and companies must protect themselves in order to survive. But how do you not get caught in the crossfire of these attacks and how do you prepare when the electronic future is uncertain? How would you prepare when you do not know the enemy and where the attack is coming from? How would you prepare when your organisations’ IT managers reaffirm that they are well protected? Future corporate information security strategy will be profoundly affected by the ongoing, rapid evolution of cyberspace — the global information infrastructure — and in particular by the growing dependence of the corporate world on potentially vulnerable elements of this information infrastructure. Understanding and knowing the trends that reveal the spreading of information warfare into civilian and commercial arena helps organisations and security practitioners to develop strategies for effective information security management. This presentation would give vivid evidences of the clear and present danger companies are exposed to and how best they can protect their information asset. The following key areas that will demonstrate the importance of the presentation will be covered: 1. Targets of information warfare or similar cyber conflicts are business establishments a. Many politically motivated attacks made business and commercial sites the prime targets. i. For Gaza attacks, many Israeli businesses were attacked b. Many information warfare attacks are not longer done by hobbyist for not for profit purposes or by advanced hackers but by predefined and freely available attack tools assisted no experienced individuals for profit purposes. 2. As it is revealed in the GhostNet computer breaches, the potential for attackers to disrupt vital networks and systems in critical infrastructure areas such as banking and power is growing daily. This calls for increased awareness of the dangers on business 3. The presentation also is important as it reveals how organisations can use information as weapon in addition to defending it as a target. The traditional defense tactic is no longer valid in today’s world. Organisations must have a strategic offensive plan with effective deployment of information warfare tools. 4. The above examples show that most of the information warfare attacks were committed with tools that are available freely online. These will help organisations to acquire these tools and test their systems if they can stand imminent breaches. www.bezaspeaks.com Beza Belayneh 8
Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and Present Danger to the Corporate World 5. The presentation will clearly illustrate acts that constitute information warfare by offering a clear definition 6. The presentation will clearly illustrate how the concept of information warfare is becoming a societal issue that has expanded to non-military areas. Many available literatures are more concerned with the military aspect of warfare than the corporate world. The presentation will highlight key trends that signal the expansion of information warfare (use and abuse of information) into the commercial space. 7. As the metaphor “warfare” gives this subject a military bias, the presentation will illustrate its implication to the corporate world with various business examples. This shift into the commercial world presents a growing threat to information managers who are responsible for protecting organisational information assets. The presentation will also demonstrate that the target of politically motivated computer crime is not limited to government networks: Commercial interests are equally attractive targets. Moreover, most corporate executives are not aware of the threat posed to their organisations by individuals and groups with political agendas. Here are a few questions that executives should consider: Is your organisation a potential target of online protest? How do you determine if you are a target? What would you do if online protesters disrupted your website for a day? For a week? What would you do if protesters attacked your customers or investors? How would you react to negative media reports? What if there was no disruption, but the attackers made press statements to the contrary? How should you protect your network? Do you understand the threats and impacts in order to balance costs and risks? Who would you contact? Law enforcement? Would you contact law enforcement if your network is attacked? www.bezaspeaks.com Beza Belayneh 9
Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and Present Danger to the Corporate World 3. What are the trends and challenges around information warfare? Trends of information warfare. • Information warfare is fast moving in terms of technical possibilities. • As seen on the above cases and real life examples, the prime targets of information attacks are becoming civilian targets and the private sector. • Computer related security incidents are widespread • Numerous attacks and breaches are becoming state sponsored or at least state supported. The example of GhostNet in China shows that the government distanced itself from the espionage attack • It is difficult to know where attacks are coming from. Though many researchers suspect China, there is no conclusive evidence that other countries like USA or Russia are not part of the network. • Evidence shows that many countries already built information warfare capabilities and units to defend their commercial interests which are different from the traditional warfare where protection is mainly provided to military targets. Research shows countries with information warfare capabilities have increased from 20 in 2006 to more than 140 in 2008 • Many information warfare attacking tools are becoming freely and easily available. These tools for example. The Mpack and IcePack exploit packages are designed for non-technical users. They group exploits together into one easy install package and using this package, non-technical users can run exploits on the browsers of unsuspecting visitors. Ultimately this grants non-technical attackers the ability to infect visitors to their sites without having to know how exactly it happens. • Information warfare is used by organisations and countries as a strategy against competitor to deny access to data, destroy or disrupt data, steal data and manipulate data. • Information warfare in some sort is used against individuals and small business that are considered as the first level of cyberspace. • "Rogue" states and criminal organisations have stepped up their capabilities to launch crippling online attacks e.g. (Russian Business Network (RBN) thought is offline these days considered as creator of the most effective and popular DOS (Denial of Service) attack tool Mpack. www.bezaspeaks.com Beza Belayneh 10
Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and Present Danger to the Corporate World Challenges a. A significant challenge associated with information warfare is that its governing legal principles are unclear. Where does it legally fit into the international and domestic environments, internal and external relations, state, corporate and business governance? Analysts and strategists gathered at the Cyber Warfare 2009 conference in London last January were grappling with some thorny problems associated with the cyber-aggression threat. One that proved particularly vexing was the matter of exactly what constitutes cyberwarfare under international law. There's no global agreement on the definitions of cyberwarfare or information warfare, so how does a nation conform to the rule of law if it's compelled to respond to a cyberattack? b. Everybody in the world owns information warfare weapons. The need to establish global norms about what is acceptable behavior in cyberspace is complicated by the fact that the weapons are not just in the hands of nation- states. They're essentially in everybody's hands. This makes it very hard and sometimes impossible to know the attacker and the driving motivation. c. .Laws of war does not apply to information warfare. Laws of war would forbid targeting purely civilian infrastructure, but most attackers don't limit themselves by the Geneva Conventions at it shows on the above examples. d..A challenge is paused by information warfare targets due to the fact that it's nearly impossible to identify all of the potential targets and sophisticated tools they acquire freely online. e.. Mindset. Many IT and security managers do not think there is a threat of attack from competitors. Many IT organizations will tell you either the threats are too far fetched or that they're adequately protected. This kind of complacency is a major challenge. In one assignment, we were able to secure a critical password from a system that is regarded exceptionally secured. As it is illustrated in the above example, hackers penetrated a crucial website in New Zealand using a commonly known vulnerability – SQL injection. Pentagon and other highly secured systems were recently compromised. • Organisaitons are stuck with the old culture of securing physical perimeter. For example North American businesses spent more than $17.5 billion in security alarms for their buildings, but only $6.2 billion on information security measures. www.bezaspeaks.com Beza Belayneh 11
Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and Present Danger to the Corporate World d..The balance between developing and producing commercially viable software and secure software. Huge number of software solutions deployed to improve productivity, process and defend critical information assets are infested with vulnerabilities. This presents a challenge to security experts and system administrators. e.. A lack of information sharing among nations means some countries have become a safe haven for cyber criminals. The sophistication of some attacks shows that the attackers had sufficient time and technology. In some cases, efforts to convince some countries (Ukraine, Russia, China) to follow up and close certain servers lead to a “dead-end”. Fsecure, Finland based Antivirus developer, recently pointed finger on Ukraine hackers as the creator of Conficker worm. Research showed that the attacking system made an effort to avoid infecting systems in a Ukrainian domain or using a Ukrainian keyboard layout.. This suggests that the creators of the malware may live in that part of the world and may be exempting their home country to avoid attracting attention from local authorities. f.. unlike the early internet days of show-off hackers and amateur vandals, today’s virus writers are all about making money. Typically, today’s malware attempts to sniff out personal details that could provide its author with access to the victim’s bank account or online auction account – or simply holds and individual or company’s data to ransom. g. More than 250 new viruses released monthly h. Growing insider threat. Once it’s been said “We have been watching the front door while the thieves were coming in the employee entrance.” This is to illustrate the growing insiders’ threat. 37% of employees surveyed at this year’s Infosecurity Europe event said that they are keeping their options open to be insiders if given the right The surveyed employees had access to the following company assets: • 83% had access to customer databases • 72% has access to business plans • 53% had access to accounting systems • 51% had access to HR databases • 31% had access to IT admin passwords www.bezaspeaks.com Beza Belayneh 12
Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and Present Danger to the Corporate World The incentives that they required in order to hand over sensitive data: • 63% required at least 1 million pounds to convert to insiders • 10% would become insiders if their mortgage was paid off • 5% are willing to participate in exchange for a holiday • Another 5% would do it if they are offered a new job • 4% would participate if their credit card debt is covered i. Occasionally, vulnerability is publicised before a patch is available. In some cases vulnerabilities received more publicity than the already available patches. www.bezaspeaks.com Beza Belayneh 13
Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and Present Danger to the Corporate World And what are the current technologies be used around information warfare? The types of attacks and method of attacks (technologies) will be described 1. The main types of attacks • Vandalism • Financial Fraud DECEPTION • Denial of service applies to all these attacks • Theft of transaction information Methods, Techniques, Technologies (From Attackers’ point of view) Note: some of the tools may have current versions of the attack tools but the older versions are still usable in most instances. The malware and malicious scripts in circulation today are mostly based on techniques and example code from tutorials which were published nearly a decade ago. These get adapted incrementally as Microsoft or other vendors release their system security patches A great many technologies and tools used to attack computers and networks could fall on these categories: • Malicious Codes • Network Scanning Tools • Password Cracking Tools • Denial of Service Tools • Cryptography Tools Note: For further analysis information warfare technologies and weapons matrix is presented below Attack Methods Technologies Description Password cracking Cain & Abel http://www.oxid.it/cain.html 1. delete or change Brute data relating to Passfinder orders, pricing or Crack product description There are companies available who give 2. copy data for use by password cracking service (We used some) competitor for (www.password-crackers.com/crack.html) fraudulent purposes http://www.passwordportal.net IP Spoofing "Spoofing" is a process by which the IP address of your machine is made to appear different from what it really is Spoofing attacks Forge from address so the www.bezaspeaks.com Beza Belayneh 14
Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and Present Danger to the Corporate World Web spoofing (phishing) message appears to have originated from trusted source http bomber http bomber With its very simple user interface, Bomber appears to allow a user to target specific web sites either by its URL or IP address. The attack tool claims to generate numerous HTTP GET and POST requests. Ping attack Sending large amounts of AtTacK PiNG 1.0 pings of large sizes at an IP address. Sql Injectors sqlninja People’s information Massive SQL injection attacks warfare Distributed Denial of Ping O, Death machines can be crashed attack (DDOS) by sending IP packets that exceed the maximum legal length (65535 octets) Malware attack Mpack IcePack Spyware Surveillance : Keylogger Lite Record all activities of Keyloggers Free Keylogger keyboard without the knowledge of the victim Viruses, bomb, Trojan, Virus creation tools & kit malware generating http://vx.netlux.org/lib/static/vdat/creatrs1.htm tools (scary!!!) http://vx.netlux.org/vx.php?id=tidx (195) Worms e.g. Nugache worm sophisticated botnets, or Conficker, Storm networks of hacked computers Hackers’s support sites Numerous websites Espionage software Netstumbler WLAN monitor program Kismet is a passive Sniffer for seeking out (scanner, Sniffer) for radio net works Windows Automated defacement tools Denial of service attacks, Tribal Flood Network It can spoof the source IP IP Spoofing for the agents, and can generate multiple types of attack (including UDP flood, TCP SYN flood, ICMP echo request flood, and ICMP directed broadcast). TFN2K is a more sophisticated version www.bezaspeaks.com Beza Belayneh 15
Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and Present Danger to the Corporate World of the original TFN Electronic Civil Denial-of-service attacks. Disobedience (ECD). Combination of hacking and activism Social Engineering http://sectools.org/ so many tools 100 Examples- Illustrations on some of the tools. www.bezaspeaks.com Beza Belayneh 16
Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and Present Danger to the Corporate World Information Warfare Technologies (Weapons) Matrix Each threat has specific tools available online in various forms. Some are free and some are for sale. Some are just enter IP address and click, the attack is done by third party. Tunneling Scavenging www.bezaspeaks.com Beza Belayneh 17
Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and Present Danger to the Corporate World www.bezaspeaks.com Beza Belayneh 18
Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and Present Danger to the Corporate World Source: Technolytics.com www.bezaspeaks.com Beza Belayneh 19
Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and Present Danger to the Corporate World Beza Belayneh – is a well known qualified and experienced information security and cyber security expert. He had carried out extensive research on cyber warfare and presented his papers around the world…. He is Chief Information Security Officer at the Centre for Information Security and South African Centre for Information Security. Visit www.bezaspeaks.com for customized research and presentation. www.bezaspeaks.com Beza Belayneh 20

Recommandé

American Bar Association guidelines on Cyber Security standards
American Bar Association guidelines on Cyber Security standardsAmerican Bar Association guidelines on Cyber Security standards
American Bar Association guidelines on Cyber Security standardsDavid Sweigert
 
Cybercrime
CybercrimeCybercrime
CybercrimeVasiliki Zioga
 
Mobile malware and enterprise security v 1.2_0
Mobile malware and enterprise security v 1.2_0Mobile malware and enterprise security v 1.2_0
Mobile malware and enterprise security v 1.2_0Javier Gonzalez
 
Cyber savvy (2)
Cyber savvy (2)Cyber savvy (2)
Cyber savvy (2)naveen p
 
Delusions of-safety-cyber-savvy-ceo
Delusions of-safety-cyber-savvy-ceoDelusions of-safety-cyber-savvy-ceo
Delusions of-safety-cyber-savvy-ceoJoão Rufino de Sales
 
Etude PwC/CIO/CSO sur la sécurité de l'information (2014)
Etude PwC/CIO/CSO sur la sécurité de l'information (2014)Etude PwC/CIO/CSO sur la sécurité de l'information (2014)
Etude PwC/CIO/CSO sur la sécurité de l'information (2014)PwC France
 
Digital danger zone tackling cyber security
Digital danger zone tackling cyber securityDigital danger zone tackling cyber security
Digital danger zone tackling cyber securityJohn Kingsley
 
Cyber Crime Statistics and Trends in COVID-19 Pandemic and Post Pandemic
Cyber Crime Statistics and Trends in COVID-19 Pandemic and Post PandemicCyber Crime Statistics and Trends in COVID-19 Pandemic and Post Pandemic
Cyber Crime Statistics and Trends in COVID-19 Pandemic and Post PandemicUmang Singh
 

Recommandé

American Bar Association guidelines on Cyber Security standards
American Bar Association guidelines on Cyber Security standardsAmerican Bar Association guidelines on Cyber Security standards
American Bar Association guidelines on Cyber Security standardsDavid Sweigert
 
Cybercrime
CybercrimeCybercrime
CybercrimeVasiliki Zioga
 
Mobile malware and enterprise security v 1.2_0
Mobile malware and enterprise security v 1.2_0Mobile malware and enterprise security v 1.2_0
Mobile malware and enterprise security v 1.2_0Javier Gonzalez
 
Cyber savvy (2)
Cyber savvy (2)Cyber savvy (2)
Cyber savvy (2)naveen p
 
Delusions of-safety-cyber-savvy-ceo
Delusions of-safety-cyber-savvy-ceoDelusions of-safety-cyber-savvy-ceo
Delusions of-safety-cyber-savvy-ceoJoão Rufino de Sales
 
Etude PwC/CIO/CSO sur la sécurité de l'information (2014)
Etude PwC/CIO/CSO sur la sécurité de l'information (2014)Etude PwC/CIO/CSO sur la sécurité de l'information (2014)
Etude PwC/CIO/CSO sur la sécurité de l'information (2014)PwC France
 
Digital danger zone tackling cyber security
Digital danger zone tackling cyber securityDigital danger zone tackling cyber security
Digital danger zone tackling cyber securityJohn Kingsley
 
Cyber Crime Statistics and Trends in COVID-19 Pandemic and Post Pandemic
Cyber Crime Statistics and Trends in COVID-19 Pandemic and Post PandemicCyber Crime Statistics and Trends in COVID-19 Pandemic and Post Pandemic
Cyber Crime Statistics and Trends in COVID-19 Pandemic and Post PandemicUmang Singh
 
Why computers will never be safe
Why computers will never be safeWhy computers will never be safe
Why computers will never be safeCAST
 
wp-cyber-threats-to-the-mining-industry
wp-cyber-threats-to-the-mining-industrywp-cyber-threats-to-the-mining-industry
wp-cyber-threats-to-the-mining-industryNumaan Huq
 
Supersized Security Threats – Can You Stop 2016 from Repeating?
Supersized Security Threats – Can You Stop 2016 from Repeating?Supersized Security Threats – Can You Stop 2016 from Repeating?
Supersized Security Threats – Can You Stop 2016 from Repeating?Valerie Lanzone
 
idg_secops-solutions
idg_secops-solutionsidg_secops-solutions
idg_secops-solutionsJonny Nässlander
 
2009 10 21 Rajgoel Trends In Financial Crimes
2009 10 21 Rajgoel Trends In Financial Crimes2009 10 21 Rajgoel Trends In Financial Crimes
2009 10 21 Rajgoel Trends In Financial CrimesRaj Goel
 
Hacking Municipal Government Best Practices for Protection of Sensitive Loc...
Hacking Municipal Government Best Practices for Protection of Sensitive Loc...Hacking Municipal Government Best Practices for Protection of Sensitive Loc...
Hacking Municipal Government Best Practices for Protection of Sensitive Loc...Ben Griffith
 
Cyber war
Cyber warCyber war
Cyber warPraveen
 
Final cyber risk report 24 feb
Final cyber risk report 24 febFinal cyber risk report 24 feb
Final cyber risk report 24 febmharbpavia
 
Honeypots in Cyberwar
Honeypots in CyberwarHoneypots in Cyberwar
Honeypots in CyberwarMehdi Poustchi Amin
 
220715_Cybersecurity: What's at stake?
220715_Cybersecurity: What's at stake?220715_Cybersecurity: What's at stake?
220715_Cybersecurity: What's at stake?Spire Research and Consulting
 
6 Cybersecurity Trends to Watch in 2019
6 Cybersecurity Trends to Watch in 20196 Cybersecurity Trends to Watch in 2019
6 Cybersecurity Trends to Watch in 2019BluePayProcessing
 
CII Whitepaper India Cyber Risk & Resilience Review 2018
CII Whitepaper India Cyber Risk & Resilience Review 2018CII Whitepaper India Cyber Risk & Resilience Review 2018
CII Whitepaper India Cyber Risk & Resilience Review 2018Confederation of Indian Industry
 
114-116
114-116114-116
114-116IKERIONWU FREDRICK
 
Need for Improved Critical Industrial Infrastructure Protection
Need for Improved Critical Industrial Infrastructure ProtectionNeed for Improved Critical Industrial Infrastructure Protection
Need for Improved Critical Industrial Infrastructure ProtectionWilliam McBorrough
 
IMC 618 - Public Relations Campaign
IMC 618 - Public Relations CampaignIMC 618 - Public Relations Campaign
IMC 618 - Public Relations CampaignStephanie Holman
 
2015 Global Threat Intelligence Report Executive Summary | NTT i3
2015 Global Threat Intelligence Report Executive Summary | NTT i32015 Global Threat Intelligence Report Executive Summary | NTT i3
2015 Global Threat Intelligence Report Executive Summary | NTT i3NTT Innovation Institute Inc.
 
Cosmin Vilcu - Sonicwal - prezentare - Cyber Security Trends 2020
Cosmin Vilcu - Sonicwal - prezentare - Cyber Security Trends 2020Cosmin Vilcu - Sonicwal - prezentare - Cyber Security Trends 2020
Cosmin Vilcu - Sonicwal - prezentare - Cyber Security Trends 2020Business Days
 
Cyber Warfare -
Cyber Warfare -Cyber Warfare -
Cyber Warfare -ideaflashed
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorismSavigya Singh
 
White Paper :- Spear-phishing, watering hole and drive-by attacks :- The New ...
White Paper :- Spear-phishing, watering hole and drive-by attacks :- The New ...White Paper :- Spear-phishing, watering hole and drive-by attacks :- The New ...
White Paper :- Spear-phishing, watering hole and drive-by attacks :- The New ...Invincea, Inc.
 
Online security – an assessment of the new
Online security – an assessment of the newOnline security – an assessment of the new
Online security – an assessment of the newsunnyjoshi88
 
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docxalinainglis
 

Contenu connexe

Tendances

Why computers will never be safe
Why computers will never be safeWhy computers will never be safe
Why computers will never be safeCAST
 
wp-cyber-threats-to-the-mining-industry
wp-cyber-threats-to-the-mining-industrywp-cyber-threats-to-the-mining-industry
wp-cyber-threats-to-the-mining-industryNumaan Huq
 
Supersized Security Threats – Can You Stop 2016 from Repeating?
Supersized Security Threats – Can You Stop 2016 from Repeating?Supersized Security Threats – Can You Stop 2016 from Repeating?
Supersized Security Threats – Can You Stop 2016 from Repeating?Valerie Lanzone
 
2009 10 21 Rajgoel Trends In Financial Crimes
2009 10 21 Rajgoel Trends In Financial Crimes2009 10 21 Rajgoel Trends In Financial Crimes
2009 10 21 Rajgoel Trends In Financial CrimesRaj Goel
 
Hacking Municipal Government Best Practices for Protection of Sensitive Loc...
Hacking Municipal Government Best Practices for Protection of Sensitive Loc...Hacking Municipal Government Best Practices for Protection of Sensitive Loc...
Hacking Municipal Government Best Practices for Protection of Sensitive Loc...Ben Griffith
 
Final cyber risk report 24 feb
Final cyber risk report 24 febFinal cyber risk report 24 feb
Final cyber risk report 24 febmharbpavia
 
6 Cybersecurity Trends to Watch in 2019
6 Cybersecurity Trends to Watch in 20196 Cybersecurity Trends to Watch in 2019
6 Cybersecurity Trends to Watch in 2019BluePayProcessing
 
Need for Improved Critical Industrial Infrastructure Protection
Need for Improved Critical Industrial Infrastructure ProtectionNeed for Improved Critical Industrial Infrastructure Protection
Need for Improved Critical Industrial Infrastructure ProtectionWilliam McBorrough
 
IMC 618 - Public Relations Campaign
IMC 618 - Public Relations CampaignIMC 618 - Public Relations Campaign
IMC 618 - Public Relations CampaignStephanie Holman
 
2015 Global Threat Intelligence Report Executive Summary | NTT i3
2015 Global Threat Intelligence Report Executive Summary | NTT i32015 Global Threat Intelligence Report Executive Summary | NTT i3
2015 Global Threat Intelligence Report Executive Summary | NTT i3NTT Innovation Institute Inc.
 
Cosmin Vilcu - Sonicwal - prezentare - Cyber Security Trends 2020
Cosmin Vilcu - Sonicwal - prezentare - Cyber Security Trends 2020Cosmin Vilcu - Sonicwal - prezentare - Cyber Security Trends 2020
Cosmin Vilcu - Sonicwal - prezentare - Cyber Security Trends 2020Business Days
 

Tendances (19)

Why computers will never be safe
Why computers will never be safeWhy computers will never be safe
Why computers will never be safe
 
wp-cyber-threats-to-the-mining-industry
wp-cyber-threats-to-the-mining-industrywp-cyber-threats-to-the-mining-industry
wp-cyber-threats-to-the-mining-industry
 
Supersized Security Threats – Can You Stop 2016 from Repeating?
Supersized Security Threats – Can You Stop 2016 from Repeating?Supersized Security Threats – Can You Stop 2016 from Repeating?
Supersized Security Threats – Can You Stop 2016 from Repeating?
 
idg_secops-solutions
idg_secops-solutionsidg_secops-solutions
idg_secops-solutions
 
2009 10 21 Rajgoel Trends In Financial Crimes
2009 10 21 Rajgoel Trends In Financial Crimes2009 10 21 Rajgoel Trends In Financial Crimes
2009 10 21 Rajgoel Trends In Financial Crimes
 
Hacking Municipal Government Best Practices for Protection of Sensitive Loc...
Hacking Municipal Government Best Practices for Protection of Sensitive Loc...Hacking Municipal Government Best Practices for Protection of Sensitive Loc...
Hacking Municipal Government Best Practices for Protection of Sensitive Loc...
 
Cyber war
Cyber warCyber war
Cyber war
 
Final cyber risk report 24 feb
Final cyber risk report 24 febFinal cyber risk report 24 feb
Final cyber risk report 24 feb
 
Honeypots in Cyberwar
Honeypots in CyberwarHoneypots in Cyberwar
Honeypots in Cyberwar
 
220715_Cybersecurity: What's at stake?
220715_Cybersecurity: What's at stake?220715_Cybersecurity: What's at stake?
220715_Cybersecurity: What's at stake?
 
6 Cybersecurity Trends to Watch in 2019
6 Cybersecurity Trends to Watch in 20196 Cybersecurity Trends to Watch in 2019
6 Cybersecurity Trends to Watch in 2019
 
CII Whitepaper India Cyber Risk & Resilience Review 2018
CII Whitepaper India Cyber Risk & Resilience Review 2018CII Whitepaper India Cyber Risk & Resilience Review 2018
CII Whitepaper India Cyber Risk & Resilience Review 2018
 
114-116
114-116114-116
114-116
 
Need for Improved Critical Industrial Infrastructure Protection
Need for Improved Critical Industrial Infrastructure ProtectionNeed for Improved Critical Industrial Infrastructure Protection
Need for Improved Critical Industrial Infrastructure Protection
 
IMC 618 - Public Relations Campaign
IMC 618 - Public Relations CampaignIMC 618 - Public Relations Campaign
IMC 618 - Public Relations Campaign
 
2015 Global Threat Intelligence Report Executive Summary | NTT i3
2015 Global Threat Intelligence Report Executive Summary | NTT i32015 Global Threat Intelligence Report Executive Summary | NTT i3
2015 Global Threat Intelligence Report Executive Summary | NTT i3
 
Cosmin Vilcu - Sonicwal - prezentare - Cyber Security Trends 2020
Cosmin Vilcu - Sonicwal - prezentare - Cyber Security Trends 2020Cosmin Vilcu - Sonicwal - prezentare - Cyber Security Trends 2020
Cosmin Vilcu - Sonicwal - prezentare - Cyber Security Trends 2020
 
Cyber Warfare -
Cyber Warfare -Cyber Warfare -
Cyber Warfare -
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorism
 

Similaire à Beza belayneh information_warfare_brief

White Paper :- Spear-phishing, watering hole and drive-by attacks :- The New ...
White Paper :- Spear-phishing, watering hole and drive-by attacks :- The New ...White Paper :- Spear-phishing, watering hole and drive-by attacks :- The New ...
White Paper :- Spear-phishing, watering hole and drive-by attacks :- The New ...Invincea, Inc.
 
Online security – an assessment of the new
Online security – an assessment of the newOnline security – an assessment of the new
Online security – an assessment of the newsunnyjoshi88
 
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docxalinainglis
 
Internet of things, New Challenges in Cyber Crime
Internet of things, New Challenges in Cyber CrimeInternet of things, New Challenges in Cyber Crime
Internet of things, New Challenges in Cyber CrimeMurray Security Services
 
Updated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools TacticsUpdated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools TacticsBen Graybar
 
Security in e-commerce
Security in e-commerceSecurity in e-commerce
Security in e-commerceSensePost
 
Running head CYBERSECURITY IN FINANCIAL DOMAIN .docx
Running head CYBERSECURITY IN FINANCIAL DOMAIN .docxRunning head CYBERSECURITY IN FINANCIAL DOMAIN .docx
Running head CYBERSECURITY IN FINANCIAL DOMAIN .docxhealdkathaleen
 
Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112Erik Ginalick
 
5 network-security-threats
5 network-security-threats5 network-security-threats
5 network-security-threatsReadWrite
 
Axxera End Point Security Protection
Axxera End Point Security ProtectionAxxera End Point Security Protection
Axxera End Point Security ProtectionShawn Crimson
 
HE Mag_New Cyber Threats_ITSource
HE Mag_New Cyber Threats_ITSourceHE Mag_New Cyber Threats_ITSource
HE Mag_New Cyber Threats_ITSourceBrian Arellanes
 
December ISSA Meeting Executive Security Presentation
December ISSA Meeting Executive Security PresentationDecember ISSA Meeting Executive Security Presentation
December ISSA Meeting Executive Security Presentationwhmillerjr
 
Network security threats ahmed s. gifel
Network security threats ahmed s. gifelNetwork security threats ahmed s. gifel
Network security threats ahmed s. gifelAhmed Tememe
 
Cyber security and current trends
Cyber security and current trendsCyber security and current trends
Cyber security and current trendsShreedeep Rayamajhi
 
The Real Threat of CyberattacksEmmanuel .docx
The Real Threat of CyberattacksEmmanuel .docxThe Real Threat of CyberattacksEmmanuel .docx
The Real Threat of CyberattacksEmmanuel .docxhelen23456789
 
Cybersecurity | Risk. Impact. Innovations.
Cybersecurity | Risk. Impact. Innovations.Cybersecurity | Risk. Impact. Innovations.
Cybersecurity | Risk. Impact. Innovations.Vertex Holdings
 
Clinton- Cyber IRT Balto 10_2012
Clinton- Cyber IRT Balto 10_2012Clinton- Cyber IRT Balto 10_2012
Clinton- Cyber IRT Balto 10_2012Don Grauel
 
Cyber Security – Indian Perspective.pptx
Cyber Security – Indian Perspective.pptxCyber Security – Indian Perspective.pptx
Cyber Security – Indian Perspective.pptxSharifulShishir
 
Scared About Supply Chain Cybersecurity? 5 Reasons You Aren't Scared Enough
Scared About Supply Chain Cybersecurity? 5 Reasons You Aren't Scared EnoughScared About Supply Chain Cybersecurity? 5 Reasons You Aren't Scared Enough
Scared About Supply Chain Cybersecurity? 5 Reasons You Aren't Scared EnoughXeneta
 

Similaire à Beza belayneh information_warfare_brief (20)

White Paper :- Spear-phishing, watering hole and drive-by attacks :- The New ...
White Paper :- Spear-phishing, watering hole and drive-by attacks :- The New ...White Paper :- Spear-phishing, watering hole and drive-by attacks :- The New ...
White Paper :- Spear-phishing, watering hole and drive-by attacks :- The New ...
 
Online security – an assessment of the new
Online security – an assessment of the newOnline security – an assessment of the new
Online security – an assessment of the new
 
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
 
Internet of things, New Challenges in Cyber Crime
Internet of things, New Challenges in Cyber CrimeInternet of things, New Challenges in Cyber Crime
Internet of things, New Challenges in Cyber Crime
 
Updated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools TacticsUpdated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools Tactics
 
Security in e-commerce
Security in e-commerceSecurity in e-commerce
Security in e-commerce
 
Running head CYBERSECURITY IN FINANCIAL DOMAIN .docx
Running head CYBERSECURITY IN FINANCIAL DOMAIN .docxRunning head CYBERSECURITY IN FINANCIAL DOMAIN .docx
Running head CYBERSECURITY IN FINANCIAL DOMAIN .docx
 
Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112
 
5 network-security-threats
5 network-security-threats5 network-security-threats
5 network-security-threats
 
Axxera End Point Security Protection
Axxera End Point Security ProtectionAxxera End Point Security Protection
Axxera End Point Security Protection
 
28658043 cyber-terrorism
28658043 cyber-terrorism28658043 cyber-terrorism
28658043 cyber-terrorism
 
HE Mag_New Cyber Threats_ITSource
HE Mag_New Cyber Threats_ITSourceHE Mag_New Cyber Threats_ITSource
HE Mag_New Cyber Threats_ITSource
 
December ISSA Meeting Executive Security Presentation
December ISSA Meeting Executive Security PresentationDecember ISSA Meeting Executive Security Presentation
December ISSA Meeting Executive Security Presentation
 
Network security threats ahmed s. gifel
Network security threats ahmed s. gifelNetwork security threats ahmed s. gifel
Network security threats ahmed s. gifel
 
Cyber security and current trends
Cyber security and current trendsCyber security and current trends
Cyber security and current trends
 
The Real Threat of CyberattacksEmmanuel .docx
The Real Threat of CyberattacksEmmanuel .docxThe Real Threat of CyberattacksEmmanuel .docx
The Real Threat of CyberattacksEmmanuel .docx
 
Cybersecurity | Risk. Impact. Innovations.
Cybersecurity | Risk. Impact. Innovations.Cybersecurity | Risk. Impact. Innovations.
Cybersecurity | Risk. Impact. Innovations.
 
Clinton- Cyber IRT Balto 10_2012
Clinton- Cyber IRT Balto 10_2012Clinton- Cyber IRT Balto 10_2012
Clinton- Cyber IRT Balto 10_2012
 
Cyber Security – Indian Perspective.pptx
Cyber Security – Indian Perspective.pptxCyber Security – Indian Perspective.pptx
Cyber Security – Indian Perspective.pptx
 
Scared About Supply Chain Cybersecurity? 5 Reasons You Aren't Scared Enough
Scared About Supply Chain Cybersecurity? 5 Reasons You Aren't Scared EnoughScared About Supply Chain Cybersecurity? 5 Reasons You Aren't Scared Enough
Scared About Supply Chain Cybersecurity? 5 Reasons You Aren't Scared Enough
 

Beza belayneh information_warfare_brief

  • 1. Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and Present Danger to the Corporate World Opening Thank you for the questions and I am pleased to provide you detailed answers below. As you may know, issues of information security are changing with death defying speed and what was a solution yesterday may not be valid and what was a threat yesterday now changed today as a full blown attack. I would take cognisance of current information security threats and trends in my responses, remarks and overall presentation. This would help the audience to see the very current picture of the issue at hand. Very crucial fact that is often times ignored is that the ultimate objective of any information security measure is to protect human safety. Networks are under relentless attack, secure systems are breached, Information is stolen, and information is bought and sold. Just 5 days ago, researchers at the Internet Storm Center, an early warning system for Internet threats that is operated by the SANS Institute revealed that medical devices, MRI machines, infected with Conficker worm. This clearly brought the issue of information warfare attack to the level of a direct threat to human life. This is in addition to the recently reported security breach of the US power grid. The battle for information dominance is raging. Hackers attempt to break secured networks every 36 seconds. 250 new viruses are created every month. Over a trillion Rand lost as a result of various attacks and breaches that amount to be called information warfare. Many skeptics are starting to believe that we are at war. I am presenting not as a prophet of doom, but clearly providing the high risks presented by information warfare attacks. Today the world where the name of the game is deception is a world that businesses and managers ignore at their peril. Let me start by asking why should businesses be interested in information warfare? The reason is simple, because information warfare is interested in business. The presentation will show clearly series of current trends, weapons and experiences of numerous organisations that lost so much business and money. Simply put. Information warfare consists of those actions intended to protect, exploit, corrupt, deny, or destroy Information or information resources in order to achieve a significant advantage, objective, or victory over a Competitor. Before the responses, I would list few highly publicized and notable cases where information warfare attacks had taken place and critical systems were compromised for the past 12 months. To date, the best practices for information security in the private sector have focused on defence. Tremendous efforts have gone into developing and marketing defensive network tools – so much so that the market space is cluttered with www.bezaspeaks.com Beza Belayneh 1
  • 2. Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and Present Danger to the Corporate World An array of “solutions” which become difficult to distinguish. Capabilities for active countermeasures have, for the most part, been considered outside of the appropriate scope of response for commercial enterprises. For a complete defense, offense must be considered. The concept of warfare comes in. Warfare in Business After all numerous business books are cluttered with concepts like flanking strategy, first –strike advantage, price wars, competitors’ intelligence, guerrilla marketing, killer application and so on. The similarity between military and business is growing each day. Both involve adversaries with various assets, motives and competing goals. It is for this reason, information warfare has become a serious issue in the corporate world and is regarded as an emerging threat by numerous authorise in the information security field including the annual Georgia Tech Information Security Centre. Georgia Tech declared information warfare (Cyber warfare) as one of the emerging threats for 2009 in its annual Emerging Cyber Threats Report for 2009. www.bezaspeaks.com Beza Belayneh 2
  • 3. Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and Present Danger to the Corporate World Background Serious and Notable information warfare related attacks and breaches • Conficker worm hits hospital devices April 30th, 2009 By Elise Ackerman A computer worm that has alarmed security experts around the world has crawled into hundreds of medical devices at dozens of hospitals in the United States and other countries, according to technologists monitoring the threat. The worm, known as "Conficker," has not harmed any patients, they say, but it poses a potential threat to hospital operations."A few weeks ago, we discovered medical devices, MRI machines, infected with Conficker," said Marcus Sachs, director of the Internet Storm Center, an early warning system for Internet threats that is operated by the SANS Institute…(http://www.physorg.com/news160331005.html) • Chinese Hacktivists Waging People's Information Warfare Against CNN "We continue to import their junk with the lead paint on them and the poisoned pet food and export, you know, jobs to places where you can pay workers a dollar a month to turn out the stuff that we're buying from Wal-Mart." Speaking about the U.S. trade deficit with China on “The Situation Room”, Cafferty did not realize that his statement would provoke what amount to be unprecedented information warfare attack on CNN website by Chinese hackers. • Information warfare attack on Israeli Businesses - When Israeli tanks roll into Gaza, Pro-Palestinian hackers shut down approximately 700 Israeli web domains. A range of different Web sites were targeted by the group, including Web sites of banks, medical centers, car manufacturers and pension funds. Well-known companies and organizations, including Bank Hapoalim, the Rambam Medical Center, Bank Otsar Ha-Hayal, BMW Israel, Subaru Israel and Citroen Israel, real estate company Tarbut-Hadiur and the Jump fashion Web site all found their Web sites shut down and replaced by the message: Hacked by Team-Evil Arab hackers u KILL Palestine people we KILL Israel servers. www.bezaspeaks.com Beza Belayneh 3
  • 4. Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and Present Danger to the Corporate World • Major corporations’ websites in New Zealand were attacked Turkish hackers broke into the New Zealand based registrar Domainz.net (which belongs to MelbourneIT) and redirected some of their customers' high profile web sites to a third party server with a defaced page. Companies which had their New Zealand web sites defaced include Microsoft, HSBC, Coca-Cola, F-secure, Bitdefender, Sony and Xerox. Mirror sites are at http://www.zone- h.org/news/id/4708 • Information warfare attacks on Danish sites Danish artist Kurt Westergaard never anticipated his drawings will cause unprecedented information warfare attack on numerous Danish websites. Internet hackers have attacked a website run by Denmark's Free Press Society selling prints of a controversial cartoon of the Prophet Mohammed, the group's director • Information Warfare Monitor uncovered cyber espionage network Researchers (Univ. of Toronto & SecDev Group) uncovered a suspected cyber espionage network of over 1,295 infected hosts in 103 countries. The researchers says the system — called GhostNet — sent e-mails that introduced malware into host computers, which in turn fed information back to servers located on the Chinese mainland. "The GhostNet system directs infected computers to download a Trojan (horse) known as ghOst RAT that allows attackers to gain complete, real-time control. • Verizon: Organized Crime Caused Spike in Data Breaches Apr 16, 2009 3:18 pm A new study from Verizon Business claims that organized crime is responsible for a large increase in the number of breached corporate electronic records, which totaled roughly 285 million last year. According to the study, which Verizon Business compiled using data from the 90 confirmed corporate network breaches it recorded last year, roughly 93% of all records breached came from the financial sector. The company also says that nine out every 10 of these breaches involved "groups identified by law enforcement as engaged in organized crime." www.bezaspeaks.com Beza Belayneh 4
  • 5. Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and Present Danger to the Corporate World • Report: Spies hacked into U.S. electricity grid Spies from other countries have hacked into the United States' electricity grid, leaving traces of their activity and raising concerns over the security of the U.S. energy infrastructure to cyberattacks. The Wall Street Journal on Wednesday published a report saying that spies sought ways to navigate and control the power grid as well as the water and sewage infrastructure. It's part of a rising number of intrusions, the article said, quoting former and current national security officials. • Greece arrests man suspected of selling Dassault data Fri Jan 25, 2008 10:59am EST ATHENS (Reuters) - Greek police said on Friday they had arrested a man suspected of selling corporate secrets from France's Dassault Group, including data on weapons systems. This 58-year-old mathematician is responsible for causing damages in excess of $361 million to the company and he has sold this corporate data, including information on weapons systems, to about 250 buyers through the Internet," the official said. Police suspect the man of selling the data to buyers in Germany, Italy, France, South Africa, Brazil, as well as countries in Asia and the Balkans. "He is one of the world's best hackers, using the nickname ASTRA..," the official said. Dassault Group and its subsidiaries are a major player in civil aviation and the military sector. • Trojan.SilentBanker compromises online banking accounts April 24, 2009 - 5:30pm Trojan captures specific screen images, records keystrokes, steals all your confidential financial information and then sends it to a remote attacker. Recently certain computer security experts began paying attention to a Trojan that targets online bank accounts. This Trojan can cause extreme harm to customers’ finances, computer and their life. This Trojan is called Trojan.SilentBanker. Its computer attacks are executed in a very clever manner. It hides and waits on a hard drive without a user’s knowledge. Trojan.SilentBanker activates itself as soon as a user logs into his/her online banking account. www.bezaspeaks.com Beza Belayneh 5
  • 6. Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and Present Danger to the Corporate World It steals usernames and passwords and uses them to change account details, then it takes such steps that makes user’s money be actually transferred to the bank account of the malware mastermind. It is important for all internet banking users to minimize many of the risks involved by working in their online bank accounts from their own computer. It is also extremely important to be aware that any e-mails that customers receive which ask them to update their banking details is probably false, even if it looks like original. All these warnings are not about only Trojan.SilentBanker, which is just one of many Trojans designed to steal your information and money. • Computer Spies Breach Fighter-Jet Project Computer spies have broken into the Pentagon's $300 billion Joint Strike Fighter project -- the Defense Department's costliest weapons program ever -- according to current and former government officials familiar with the attacks. Similar incidents have also breached the Air Force's air-traffic-control system in recent months, these people say. In the case of the fighter-jet program, the intruders were able to copy and siphon off several terabytes of data related to design and electronics systems, officials say, potentially making it easier to defend against the craft. The latest intrusions provide new evidence that a battle is heating up between the U.S. and potential adversaries over the data networks that tie the world together. The revelations follow a recent Wall Street Journal report that computers used to control the U.S. electrical-distribution system, as well as other infrastructure, have also been infiltrated by spies abroad. www.bezaspeaks.com Beza Belayneh 6
  • 7. Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and Present Danger to the Corporate World 1. Beza’s Presentation Based on the above facts the presentation will cover the following issues Clearly explain to the audience that all these things happening around the world can happen to any organizations and what they must do to protect themselves. • What information warfare is and is not • Definition of information warfare from commerce point of view • Importance of information warfare awareness • Indications and examples of information warfare’s expansion to the commercial domain from military issue • Means of waging information warfare • Availability of current information warfare and attack tools freely online o Http bombers o Website defacing tools o Malware development kit • Highlight the need for corporate leaders to know about information warfare • The need for information security managers to develop a strategy that is offensive and defensive. Defensive may include how to develop framework for an information attack. • How to develop Information Warfare Risk Analysis Model – a system to be used by business organizations to help them protect against current and future risks. The presentation will highlight in detail why organizations must take information warfare threats seriously. Information warfare is almost antithesis of security. One is offensive, the other defensive. One tends to be proactive, the other reactive. In any organisation, the two are entwined but require totally different approaches. Organsiations wish to keep their own information advantage, and to deprive their competitors’. The use and abuse of information will be a critical factor in most organisations’ performance today and in the coming years. Information is not only a target but also a weapon. The presentation is all about this fact. www.bezaspeaks.com Beza Belayneh 7
  • 8. Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and Present Danger to the Corporate World 2. Why is it important? In today's electronic age, the threat of cyber attacks is real and enormous. For any organisation with information-based assets, the deadliest weapons can come in the form of a keyboard, mouse, or personal computer. With hacking attacks and computer-based crimes increasing both in frequency and degree of seriousness, it's clear that information warfare is real and companies must protect themselves in order to survive. But how do you not get caught in the crossfire of these attacks and how do you prepare when the electronic future is uncertain? How would you prepare when you do not know the enemy and where the attack is coming from? How would you prepare when your organisations’ IT managers reaffirm that they are well protected? Future corporate information security strategy will be profoundly affected by the ongoing, rapid evolution of cyberspace — the global information infrastructure — and in particular by the growing dependence of the corporate world on potentially vulnerable elements of this information infrastructure. Understanding and knowing the trends that reveal the spreading of information warfare into civilian and commercial arena helps organisations and security practitioners to develop strategies for effective information security management. This presentation would give vivid evidences of the clear and present danger companies are exposed to and how best they can protect their information asset. The following key areas that will demonstrate the importance of the presentation will be covered: 1. Targets of information warfare or similar cyber conflicts are business establishments a. Many politically motivated attacks made business and commercial sites the prime targets. i. For Gaza attacks, many Israeli businesses were attacked b. Many information warfare attacks are not longer done by hobbyist for not for profit purposes or by advanced hackers but by predefined and freely available attack tools assisted no experienced individuals for profit purposes. 2. As it is revealed in the GhostNet computer breaches, the potential for attackers to disrupt vital networks and systems in critical infrastructure areas such as banking and power is growing daily. This calls for increased awareness of the dangers on business 3. The presentation also is important as it reveals how organisations can use information as weapon in addition to defending it as a target. The traditional defense tactic is no longer valid in today’s world. Organisations must have a strategic offensive plan with effective deployment of information warfare tools. 4. The above examples show that most of the information warfare attacks were committed with tools that are available freely online. These will help organisations to acquire these tools and test their systems if they can stand imminent breaches. www.bezaspeaks.com Beza Belayneh 8
  • 9. Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and Present Danger to the Corporate World 5. The presentation will clearly illustrate acts that constitute information warfare by offering a clear definition 6. The presentation will clearly illustrate how the concept of information warfare is becoming a societal issue that has expanded to non-military areas. Many available literatures are more concerned with the military aspect of warfare than the corporate world. The presentation will highlight key trends that signal the expansion of information warfare (use and abuse of information) into the commercial space. 7. As the metaphor “warfare” gives this subject a military bias, the presentation will illustrate its implication to the corporate world with various business examples. This shift into the commercial world presents a growing threat to information managers who are responsible for protecting organisational information assets. The presentation will also demonstrate that the target of politically motivated computer crime is not limited to government networks: Commercial interests are equally attractive targets. Moreover, most corporate executives are not aware of the threat posed to their organisations by individuals and groups with political agendas. Here are a few questions that executives should consider: Is your organisation a potential target of online protest? How do you determine if you are a target? What would you do if online protesters disrupted your website for a day? For a week? What would you do if protesters attacked your customers or investors? How would you react to negative media reports? What if there was no disruption, but the attackers made press statements to the contrary? How should you protect your network? Do you understand the threats and impacts in order to balance costs and risks? Who would you contact? Law enforcement? Would you contact law enforcement if your network is attacked? www.bezaspeaks.com Beza Belayneh 9
  • 10. Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and Present Danger to the Corporate World 3. What are the trends and challenges around information warfare? Trends of information warfare. • Information warfare is fast moving in terms of technical possibilities. • As seen on the above cases and real life examples, the prime targets of information attacks are becoming civilian targets and the private sector. • Computer related security incidents are widespread • Numerous attacks and breaches are becoming state sponsored or at least state supported. The example of GhostNet in China shows that the government distanced itself from the espionage attack • It is difficult to know where attacks are coming from. Though many researchers suspect China, there is no conclusive evidence that other countries like USA or Russia are not part of the network. • Evidence shows that many countries already built information warfare capabilities and units to defend their commercial interests which are different from the traditional warfare where protection is mainly provided to military targets. Research shows countries with information warfare capabilities have increased from 20 in 2006 to more than 140 in 2008 • Many information warfare attacking tools are becoming freely and easily available. These tools for example. The Mpack and IcePack exploit packages are designed for non-technical users. They group exploits together into one easy install package and using this package, non-technical users can run exploits on the browsers of unsuspecting visitors. Ultimately this grants non-technical attackers the ability to infect visitors to their sites without having to know how exactly it happens. • Information warfare is used by organisations and countries as a strategy against competitor to deny access to data, destroy or disrupt data, steal data and manipulate data. • Information warfare in some sort is used against individuals and small business that are considered as the first level of cyberspace. • "Rogue" states and criminal organisations have stepped up their capabilities to launch crippling online attacks e.g. (Russian Business Network (RBN) thought is offline these days considered as creator of the most effective and popular DOS (Denial of Service) attack tool Mpack. www.bezaspeaks.com Beza Belayneh 10
  • 11. Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and Present Danger to the Corporate World Challenges a. A significant challenge associated with information warfare is that its governing legal principles are unclear. Where does it legally fit into the international and domestic environments, internal and external relations, state, corporate and business governance? Analysts and strategists gathered at the Cyber Warfare 2009 conference in London last January were grappling with some thorny problems associated with the cyber-aggression threat. One that proved particularly vexing was the matter of exactly what constitutes cyberwarfare under international law. There's no global agreement on the definitions of cyberwarfare or information warfare, so how does a nation conform to the rule of law if it's compelled to respond to a cyberattack? b. Everybody in the world owns information warfare weapons. The need to establish global norms about what is acceptable behavior in cyberspace is complicated by the fact that the weapons are not just in the hands of nation- states. They're essentially in everybody's hands. This makes it very hard and sometimes impossible to know the attacker and the driving motivation. c. .Laws of war does not apply to information warfare. Laws of war would forbid targeting purely civilian infrastructure, but most attackers don't limit themselves by the Geneva Conventions at it shows on the above examples. d..A challenge is paused by information warfare targets due to the fact that it's nearly impossible to identify all of the potential targets and sophisticated tools they acquire freely online. e.. Mindset. Many IT and security managers do not think there is a threat of attack from competitors. Many IT organizations will tell you either the threats are too far fetched or that they're adequately protected. This kind of complacency is a major challenge. In one assignment, we were able to secure a critical password from a system that is regarded exceptionally secured. As it is illustrated in the above example, hackers penetrated a crucial website in New Zealand using a commonly known vulnerability – SQL injection. Pentagon and other highly secured systems were recently compromised. • Organisaitons are stuck with the old culture of securing physical perimeter. For example North American businesses spent more than $17.5 billion in security alarms for their buildings, but only $6.2 billion on information security measures. www.bezaspeaks.com Beza Belayneh 11
  • 12. Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and Present Danger to the Corporate World d..The balance between developing and producing commercially viable software and secure software. Huge number of software solutions deployed to improve productivity, process and defend critical information assets are infested with vulnerabilities. This presents a challenge to security experts and system administrators. e.. A lack of information sharing among nations means some countries have become a safe haven for cyber criminals. The sophistication of some attacks shows that the attackers had sufficient time and technology. In some cases, efforts to convince some countries (Ukraine, Russia, China) to follow up and close certain servers lead to a “dead-end”. Fsecure, Finland based Antivirus developer, recently pointed finger on Ukraine hackers as the creator of Conficker worm. Research showed that the attacking system made an effort to avoid infecting systems in a Ukrainian domain or using a Ukrainian keyboard layout.. This suggests that the creators of the malware may live in that part of the world and may be exempting their home country to avoid attracting attention from local authorities. f.. unlike the early internet days of show-off hackers and amateur vandals, today’s virus writers are all about making money. Typically, today’s malware attempts to sniff out personal details that could provide its author with access to the victim’s bank account or online auction account – or simply holds and individual or company’s data to ransom. g. More than 250 new viruses released monthly h. Growing insider threat. Once it’s been said “We have been watching the front door while the thieves were coming in the employee entrance.” This is to illustrate the growing insiders’ threat. 37% of employees surveyed at this year’s Infosecurity Europe event said that they are keeping their options open to be insiders if given the right The surveyed employees had access to the following company assets: • 83% had access to customer databases • 72% has access to business plans • 53% had access to accounting systems • 51% had access to HR databases • 31% had access to IT admin passwords www.bezaspeaks.com Beza Belayneh 12
  • 13. Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and Present Danger to the Corporate World The incentives that they required in order to hand over sensitive data: • 63% required at least 1 million pounds to convert to insiders • 10% would become insiders if their mortgage was paid off • 5% are willing to participate in exchange for a holiday • Another 5% would do it if they are offered a new job • 4% would participate if their credit card debt is covered i. Occasionally, vulnerability is publicised before a patch is available. In some cases vulnerabilities received more publicity than the already available patches. www.bezaspeaks.com Beza Belayneh 13
  • 14. Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and Present Danger to the Corporate World And what are the current technologies be used around information warfare? The types of attacks and method of attacks (technologies) will be described 1. The main types of attacks • Vandalism • Financial Fraud DECEPTION • Denial of service applies to all these attacks • Theft of transaction information Methods, Techniques, Technologies (From Attackers’ point of view) Note: some of the tools may have current versions of the attack tools but the older versions are still usable in most instances. The malware and malicious scripts in circulation today are mostly based on techniques and example code from tutorials which were published nearly a decade ago. These get adapted incrementally as Microsoft or other vendors release their system security patches A great many technologies and tools used to attack computers and networks could fall on these categories: • Malicious Codes • Network Scanning Tools • Password Cracking Tools • Denial of Service Tools • Cryptography Tools Note: For further analysis information warfare technologies and weapons matrix is presented below Attack Methods Technologies Description Password cracking Cain & Abel http://www.oxid.it/cain.html 1. delete or change Brute data relating to Passfinder orders, pricing or Crack product description There are companies available who give 2. copy data for use by password cracking service (We used some) competitor for (www.password-crackers.com/crack.html) fraudulent purposes http://www.passwordportal.net IP Spoofing "Spoofing" is a process by which the IP address of your machine is made to appear different from what it really is Spoofing attacks Forge from address so the www.bezaspeaks.com Beza Belayneh 14
  • 15. Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and Present Danger to the Corporate World Web spoofing (phishing) message appears to have originated from trusted source http bomber http bomber With its very simple user interface, Bomber appears to allow a user to target specific web sites either by its URL or IP address. The attack tool claims to generate numerous HTTP GET and POST requests. Ping attack Sending large amounts of AtTacK PiNG 1.0 pings of large sizes at an IP address. Sql Injectors sqlninja People’s information Massive SQL injection attacks warfare Distributed Denial of Ping O, Death machines can be crashed attack (DDOS) by sending IP packets that exceed the maximum legal length (65535 octets) Malware attack Mpack IcePack Spyware Surveillance : Keylogger Lite Record all activities of Keyloggers Free Keylogger keyboard without the knowledge of the victim Viruses, bomb, Trojan, Virus creation tools & kit malware generating http://vx.netlux.org/lib/static/vdat/creatrs1.htm tools (scary!!!) http://vx.netlux.org/vx.php?id=tidx (195) Worms e.g. Nugache worm sophisticated botnets, or Conficker, Storm networks of hacked computers Hackers’s support sites Numerous websites Espionage software Netstumbler WLAN monitor program Kismet is a passive Sniffer for seeking out (scanner, Sniffer) for radio net works Windows Automated defacement tools Denial of service attacks, Tribal Flood Network It can spoof the source IP IP Spoofing for the agents, and can generate multiple types of attack (including UDP flood, TCP SYN flood, ICMP echo request flood, and ICMP directed broadcast). TFN2K is a more sophisticated version www.bezaspeaks.com Beza Belayneh 15
  • 16. Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and Present Danger to the Corporate World of the original TFN Electronic Civil Denial-of-service attacks. Disobedience (ECD). Combination of hacking and activism Social Engineering http://sectools.org/ so many tools 100 Examples- Illustrations on some of the tools. www.bezaspeaks.com Beza Belayneh 16
  • 17. Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and Present Danger to the Corporate World Information Warfare Technologies (Weapons) Matrix Each threat has specific tools available online in various forms. Some are free and some are for sale. Some are just enter IP address and click, the attack is done by third party. Tunneling Scavenging www.bezaspeaks.com Beza Belayneh 17
  • 18. Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and Present Danger to the Corporate World www.bezaspeaks.com Beza Belayneh 18
  • 19. Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and Present Danger to the Corporate World Source: Technolytics.com www.bezaspeaks.com Beza Belayneh 19
  • 20. Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and Present Danger to the Corporate World Beza Belayneh – is a well known qualified and experienced information security and cyber security expert. He had carried out extensive research on cyber warfare and presented his papers around the world…. He is Chief Information Security Officer at the Centre for Information Security and South African Centre for Information Security. Visit www.bezaspeaks.com for customized research and presentation. www.bezaspeaks.com Beza Belayneh 20