Scared About Supply Chain Cybersecurity? 5 Reasons You Aren't Scared Enough
Beza belayneh information_warfare_brief
1. Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and
Present Danger to the Corporate World
Opening
Thank you for the questions and I am pleased to provide you detailed answers
below. As you may know, issues of information security are changing with death
defying speed and what was a solution yesterday may not be valid and what was
a threat yesterday now changed today as a full blown attack.
I would take cognisance of current information security threats and trends in my
responses, remarks and overall presentation. This would help the audience to
see the very current picture of the issue at hand.
Very crucial fact that is often times ignored is that the ultimate objective of any
information security measure is to protect human safety. Networks are under
relentless attack, secure systems are breached, Information is stolen, and
information is bought and sold.
Just 5 days ago, researchers at the Internet Storm Center, an early warning
system for Internet threats that is operated by the SANS Institute revealed that
medical devices, MRI machines, infected with Conficker worm.
This clearly brought the issue of information warfare attack to the level of a direct threat
to human life. This is in addition to the recently reported security breach of the US
power grid.
The battle for information dominance is raging. Hackers attempt to break secured
networks every 36 seconds. 250 new viruses are created every month. Over a trillion
Rand lost as a result of various attacks and breaches that amount to be called
information warfare. Many skeptics are starting to believe that we are at war. I am
presenting not as a prophet of doom, but clearly providing the high risks presented by
information warfare attacks. Today the world where the name of the game is deception
is a world that businesses and managers ignore at their peril.
Let me start by asking why should businesses be interested in information warfare? The
reason is simple, because information warfare is interested in business. The
presentation will show clearly series of current trends, weapons and experiences of
numerous organisations that lost so much business and money.
Simply put. Information warfare consists of those actions intended to protect, exploit,
corrupt, deny, or destroy Information or information resources in order to achieve a
significant advantage, objective, or victory over a Competitor.
Before the responses, I would list few highly publicized and notable cases where
information warfare attacks had taken place and critical systems were compromised for
the past 12 months. To date, the best practices for information security in the private
sector have focused on defence. Tremendous efforts have gone into developing and
marketing defensive network tools – so much so that the market space is cluttered with
www.bezaspeaks.com Beza Belayneh 1
2. Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and
Present Danger to the Corporate World
An array of “solutions” which become difficult to distinguish. Capabilities for active
countermeasures have, for the most part, been considered outside of the appropriate
scope of response for commercial enterprises. For a complete defense, offense must be
considered. The concept of warfare comes in.
Warfare in Business
After all numerous business books are cluttered with concepts like flanking strategy, first
–strike advantage, price wars, competitors’ intelligence, guerrilla marketing, killer
application and so on. The similarity between military and business is growing each day.
Both involve adversaries with various assets, motives and competing goals.
It is for this reason, information warfare has become a serious issue in the corporate
world and is regarded as an emerging threat by numerous authorise in the information
security field including the annual Georgia Tech Information Security Centre. Georgia
Tech declared information warfare (Cyber warfare) as one of the emerging threats for
2009 in its annual Emerging Cyber Threats Report for 2009.
www.bezaspeaks.com Beza Belayneh 2
3. Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and
Present Danger to the Corporate World
Background
Serious and Notable information warfare related attacks and breaches
• Conficker worm hits hospital devices
April 30th, 2009 By Elise Ackerman
A computer worm that has alarmed security experts around the world has
crawled into hundreds of medical devices at dozens of hospitals in the United
States and other countries, according to technologists monitoring the threat.
The worm, known as "Conficker," has not harmed any patients, they say, but it
poses a potential threat to hospital operations."A few weeks ago, we discovered
medical devices, MRI machines, infected with Conficker," said Marcus Sachs,
director of the Internet Storm Center, an early warning system for Internet threats
that is operated by the SANS
Institute…(http://www.physorg.com/news160331005.html)
• Chinese Hacktivists Waging People's Information Warfare Against
CNN
"We continue to import their junk with the lead paint on them and the poisoned
pet food and export, you know, jobs to places where you can pay workers a
dollar a month to turn out the stuff that we're buying from Wal-Mart."
Speaking about the U.S. trade deficit with China on “The Situation Room”,
Cafferty did not realize that his statement would provoke what amount to be
unprecedented information warfare attack on CNN website by Chinese hackers.
• Information warfare attack on Israeli Businesses -
When Israeli tanks roll into Gaza, Pro-Palestinian hackers shut down
approximately 700 Israeli web domains. A range of different Web sites were
targeted by the group, including Web sites of banks, medical centers, car
manufacturers and pension funds. Well-known companies and organizations,
including Bank Hapoalim, the Rambam Medical Center, Bank Otsar Ha-Hayal,
BMW Israel, Subaru Israel and Citroen Israel, real estate company Tarbut-Hadiur
and the Jump fashion Web site all found their Web sites shut down and replaced
by the message: Hacked by Team-Evil Arab hackers u KILL Palestine people
we KILL Israel servers.
www.bezaspeaks.com Beza Belayneh 3
4. Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and
Present Danger to the Corporate World
• Major corporations’ websites in New Zealand were attacked
Turkish hackers broke into the New Zealand based registrar Domainz.net (which
belongs to MelbourneIT) and redirected some of their customers' high profile web
sites to a third party server with a defaced page. Companies which had their New
Zealand web sites defaced include Microsoft, HSBC, Coca-Cola, F-secure,
Bitdefender, Sony and Xerox. Mirror sites are at http://www.zone-
h.org/news/id/4708
• Information warfare attacks on Danish sites
Danish artist Kurt Westergaard never anticipated his drawings will cause
unprecedented information warfare attack on numerous Danish websites.
Internet hackers have attacked a website run by Denmark's Free Press Society
selling prints of a controversial cartoon of the Prophet Mohammed, the group's
director
• Information Warfare Monitor uncovered cyber espionage network
Researchers (Univ. of Toronto & SecDev Group) uncovered a suspected cyber
espionage network of over 1,295 infected hosts in 103 countries. The
researchers says the system — called GhostNet — sent e-mails that introduced
malware into host computers, which in turn fed information back to servers
located on the Chinese mainland. "The GhostNet system directs infected
computers to download a Trojan (horse) known as ghOst RAT that allows
attackers to gain complete, real-time control.
• Verizon: Organized Crime Caused Spike in Data Breaches
Apr 16, 2009 3:18 pm
A new study from Verizon Business claims that organized crime is responsible
for a large increase in the number of breached corporate electronic records,
which totaled roughly 285 million last year.
According to the study, which Verizon Business compiled using data from the 90
confirmed corporate network breaches it recorded last year, roughly 93% of all
records breached came from the financial sector. The company also says that
nine out every 10 of these breaches involved "groups identified by law
enforcement as engaged in organized crime."
www.bezaspeaks.com Beza Belayneh 4
5. Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and
Present Danger to the Corporate World
• Report: Spies hacked into U.S. electricity grid
Spies from other countries have hacked into the United States' electricity
grid, leaving traces of their activity and raising concerns over the security
of the U.S. energy infrastructure to cyberattacks.
The Wall Street Journal on Wednesday published a report saying that
spies sought ways to navigate and control the power grid as well as the
water and sewage infrastructure. It's part of a rising number of intrusions,
the article said, quoting former and current national security officials.
• Greece arrests man suspected of selling Dassault data
Fri Jan 25, 2008 10:59am EST
ATHENS (Reuters) - Greek police said on Friday they had arrested a man
suspected of selling corporate secrets from France's Dassault Group,
including data on weapons systems.
This 58-year-old mathematician is responsible for causing damages in excess of $361
million to the company and he has sold this corporate data, including information on
weapons systems, to about 250 buyers through the Internet," the official said.
Police suspect the man of selling the data to buyers in Germany, Italy, France, South
Africa, Brazil, as well as countries in Asia and the Balkans.
"He is one of the world's best hackers, using the nickname ASTRA..," the official said.
Dassault Group and its subsidiaries are a major player in civil aviation and the military
sector.
• Trojan.SilentBanker compromises online banking accounts
April 24, 2009 - 5:30pm
Trojan captures specific screen images, records keystrokes, steals all your
confidential financial information and then sends it to a remote attacker. Recently
certain computer security experts began paying attention to a Trojan that targets
online bank accounts. This Trojan can cause extreme harm to customers’
finances, computer and their life.
This Trojan is called Trojan.SilentBanker. Its computer attacks are executed in a
very clever manner. It hides and waits on a hard drive without a user’s
knowledge. Trojan.SilentBanker activates itself as soon as a user logs into
his/her online banking account.
www.bezaspeaks.com Beza Belayneh 5
6. Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and
Present Danger to the Corporate World
It steals usernames and passwords and uses them to change account details,
then it takes such steps that makes user’s money be actually transferred to the
bank account of the malware mastermind.
It is important for all internet banking users to minimize many of the risks involved
by working in their online bank accounts from their own computer. It is also
extremely important to be aware that any e-mails that customers receive which
ask them to update their banking details is probably false, even if it looks like
original. All these warnings are not about only Trojan.SilentBanker, which is just
one of many Trojans designed to steal your information and money.
• Computer Spies Breach Fighter-Jet Project
Computer spies have broken into the Pentagon's $300 billion Joint Strike Fighter
project -- the Defense Department's costliest weapons program ever -- according
to current and former government officials familiar with the attacks.
Similar incidents have also breached the Air Force's air-traffic-control system in
recent months, these people say. In the case of the fighter-jet program, the
intruders were able to copy and siphon off several terabytes of data related to
design and electronics systems, officials say, potentially making it easier to
defend against the craft.
The latest intrusions provide new evidence that a battle is heating up between
the U.S. and potential adversaries over the data networks that tie the world
together. The revelations follow a recent Wall Street Journal report that
computers used to control the U.S. electrical-distribution system, as well as other
infrastructure, have also been infiltrated by spies abroad.
www.bezaspeaks.com Beza Belayneh 6
7. Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and
Present Danger to the Corporate World
1. Beza’s Presentation
Based on the above facts the presentation will cover the following issues
Clearly explain to the audience that all these things happening around the world
can happen to any organizations and what they must do to protect themselves.
• What information warfare is and is not
• Definition of information warfare from commerce point of view
• Importance of information warfare awareness
• Indications and examples of information warfare’s expansion to the
commercial domain from military issue
• Means of waging information warfare
• Availability of current information warfare and attack tools freely online
o Http bombers
o Website defacing tools
o Malware development kit
• Highlight the need for corporate leaders to know about information warfare
• The need for information security managers to develop a strategy that is
offensive and defensive. Defensive may include how to develop framework
for an information attack.
• How to develop Information Warfare Risk Analysis Model – a system to be
used by business organizations to help them protect against current and
future risks.
The presentation will highlight in detail why organizations must take information warfare
threats seriously.
Information warfare is almost antithesis of security. One is offensive, the other
defensive. One tends to be proactive, the other reactive. In any organisation, the
two are entwined but require totally different approaches.
Organsiations wish to keep their own information advantage, and to deprive their
competitors’. The use and abuse of information will be a critical factor in most
organisations’ performance today and in the coming years. Information is not only a
target but also a weapon. The presentation is all about this fact.
www.bezaspeaks.com Beza Belayneh 7
8. Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and
Present Danger to the Corporate World
2. Why is it important?
In today's electronic age, the threat of cyber attacks is real and enormous. For any
organisation with information-based assets, the deadliest weapons can come in the form
of a keyboard, mouse, or personal computer. With hacking attacks and computer-based
crimes increasing both in frequency and degree of seriousness, it's clear that information
warfare is real and companies must protect themselves in order to survive. But how do
you not get caught in the crossfire of these attacks and how do you prepare when the
electronic future is uncertain? How would you prepare when you do not know the
enemy and where the attack is coming from? How would you prepare when your
organisations’ IT managers reaffirm that they are well protected?
Future corporate information security strategy will be profoundly affected by the ongoing,
rapid evolution of cyberspace — the global information infrastructure — and in particular
by the growing dependence of the corporate world on potentially vulnerable elements of
this information infrastructure.
Understanding and knowing the trends that reveal the spreading of information warfare
into civilian and commercial arena helps organisations and security practitioners to
develop strategies for effective information security management.
This presentation would give vivid evidences of the clear and present danger companies
are exposed to and how best they can protect their information asset.
The following key areas that will demonstrate the importance of the presentation will be
covered:
1. Targets of information warfare or similar cyber conflicts are business establishments
a. Many politically motivated attacks made business and commercial sites
the prime targets.
i. For Gaza attacks, many Israeli businesses were attacked
b. Many information warfare attacks are not longer done by hobbyist for not
for profit purposes or by advanced hackers but by predefined and freely
available attack tools assisted no experienced individuals for profit
purposes.
2. As it is revealed in the GhostNet computer breaches, the potential for attackers
to disrupt vital networks and systems in critical infrastructure areas such as
banking and power is growing daily. This calls for increased awareness of the
dangers on business
3. The presentation also is important as it reveals how organisations can use
information as weapon in addition to defending it as a target. The traditional
defense tactic is no longer valid in today’s world. Organisations must have a
strategic offensive plan with effective deployment of information warfare tools.
4. The above examples show that most of the information warfare attacks were
committed with tools that are available freely online. These will help
organisations to acquire these tools and test their systems if they can stand
imminent breaches.
www.bezaspeaks.com Beza Belayneh 8
9. Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and
Present Danger to the Corporate World
5. The presentation will clearly illustrate acts that constitute information warfare by
offering a clear definition
6. The presentation will clearly illustrate how the concept of information warfare is
becoming a societal issue that has expanded to non-military areas. Many
available literatures are more concerned with the military aspect of warfare than
the corporate world. The presentation will highlight key trends that signal the
expansion of information warfare (use and abuse of information) into the
commercial space.
7. As the metaphor “warfare” gives this subject a military bias, the presentation will
illustrate its implication to the corporate world with various business examples.
This shift into the commercial world presents a growing threat to information
managers who are responsible for protecting organisational information assets.
The presentation will also demonstrate that the target of politically motivated computer
crime is not limited to government networks: Commercial interests are equally attractive
targets. Moreover, most corporate executives are not aware of the threat posed to their
organisations by individuals and groups with political agendas.
Here are a few questions that executives should consider:
Is your organisation a potential target of online protest? How do you determine if you
are a target?
What would you do if online protesters disrupted your website for a
day? For a week?
What would you do if protesters attacked your customers or investors?
How would you react to negative media reports?
What if there was no disruption, but the attackers made press
statements to the contrary?
How should you protect your network? Do you understand the threats
and impacts in order to balance costs and risks?
Who would you contact? Law enforcement? Would you contact law enforcement if
your network is attacked?
www.bezaspeaks.com Beza Belayneh 9
10. Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and
Present Danger to the Corporate World
3. What are the trends and challenges around
information warfare?
Trends of information warfare.
• Information warfare is fast moving in terms of technical possibilities.
• As seen on the above cases and real life examples, the prime targets of
information attacks are becoming civilian targets and the private sector.
• Computer related security incidents are widespread
• Numerous attacks and breaches are becoming state sponsored or at least
state supported. The example of GhostNet in China shows that the
government distanced itself from the espionage attack
• It is difficult to know where attacks are coming from. Though many
researchers suspect China, there is no conclusive evidence that other
countries like USA or Russia are not part of the network.
• Evidence shows that many countries already built information warfare
capabilities and units to defend their commercial interests which are different
from the traditional warfare where protection is mainly provided to military
targets. Research shows countries with information warfare capabilities have
increased from 20 in 2006 to more than 140 in 2008
• Many information warfare attacking tools are becoming freely and easily
available. These tools for example. The Mpack and IcePack exploit
packages are designed for non-technical users. They group exploits together
into one easy install package and using this package, non-technical users
can run exploits on the browsers of unsuspecting visitors. Ultimately this
grants non-technical attackers the ability to infect visitors to their sites without
having to know how exactly it happens.
• Information warfare is used by organisations and countries as a strategy
against competitor to deny access to data, destroy or disrupt data, steal data
and manipulate data.
• Information warfare in some sort is used against individuals and small
business that are considered as the first level of cyberspace.
• "Rogue" states and criminal organisations have stepped up their capabilities
to launch crippling online attacks e.g. (Russian Business Network (RBN)
thought is offline these days considered as creator of the most effective and
popular DOS (Denial of Service) attack tool Mpack.
www.bezaspeaks.com Beza Belayneh 10
11. Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and
Present Danger to the Corporate World
Challenges
a. A significant challenge associated with information warfare is that its
governing legal principles are unclear. Where does it legally fit into the
international and domestic environments, internal and external relations,
state, corporate and business governance?
Analysts and strategists gathered at the Cyber Warfare 2009 conference in
London last January were grappling with some thorny problems associated
with the cyber-aggression threat. One that proved particularly vexing was the
matter of exactly what constitutes cyberwarfare under international law.
There's no global agreement on the definitions of cyberwarfare or information
warfare, so how does a nation conform to the rule of law if it's compelled to
respond to a cyberattack?
b. Everybody in the world owns information warfare weapons. The need
to establish global norms about what is acceptable behavior in cyberspace is
complicated by the fact that the weapons are not just in the hands of nation-
states. They're essentially in everybody's hands. This makes it very hard and
sometimes impossible to know the attacker and the driving motivation.
c. .Laws of war does not apply to information warfare. Laws of war would
forbid targeting purely civilian infrastructure, but most attackers don't limit
themselves by the Geneva Conventions at it shows on the above examples.
d..A challenge is paused by information warfare targets due to the fact that
it's nearly impossible to identify all of the potential targets and sophisticated
tools they acquire freely online.
e.. Mindset. Many IT and security managers do not think there is a threat of
attack from competitors. Many IT organizations will tell you either the threats
are too far fetched or that they're adequately protected. This kind of
complacency is a major challenge. In one assignment, we were able to
secure a critical password from a system that is regarded exceptionally
secured. As it is illustrated in the above example, hackers penetrated a
crucial website in New Zealand using a commonly known vulnerability – SQL
injection. Pentagon and other highly secured systems were recently
compromised.
• Organisaitons are stuck with the old culture of securing physical
perimeter. For example North American businesses spent more than
$17.5 billion in security alarms for their buildings, but only $6.2 billion
on information security measures.
www.bezaspeaks.com Beza Belayneh 11
12. Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and
Present Danger to the Corporate World
d..The balance between developing and producing commercially viable
software and secure software. Huge number of software solutions
deployed to improve productivity, process and defend critical information
assets are infested with vulnerabilities. This presents a challenge to security
experts and system administrators.
e.. A lack of information sharing among nations means some countries
have become a safe haven for cyber criminals. The sophistication of some
attacks shows that the attackers had sufficient time and technology. In some
cases, efforts to convince some countries (Ukraine, Russia, China) to follow
up and close certain servers lead to a “dead-end”.
Fsecure, Finland based Antivirus developer, recently pointed finger on Ukraine
hackers as the creator of Conficker worm. Research showed that the attacking
system made an effort to avoid infecting systems in a Ukrainian domain or using
a Ukrainian keyboard layout.. This suggests that the creators of the malware may
live in that part of the world and may be exempting their home country to avoid
attracting attention from local authorities.
f.. unlike the early internet days of show-off hackers and amateur vandals,
today’s virus writers are all about making money. Typically, today’s malware
attempts to sniff out personal details that could provide its author with access to
the victim’s bank account or online auction account – or simply holds and
individual or company’s data to ransom.
g. More than 250 new viruses released monthly
h. Growing insider threat. Once it’s been said “We have been watching
the front door while the thieves were coming in the employee entrance.”
This is to illustrate the growing insiders’ threat.
37% of employees surveyed at this year’s Infosecurity Europe event said
that they are keeping their options open to be insiders if given the right
The surveyed employees had access to the following company assets:
• 83% had access to customer databases
• 72% has access to business plans
• 53% had access to accounting systems
• 51% had access to HR databases
• 31% had access to IT admin passwords
www.bezaspeaks.com Beza Belayneh 12
13. Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and
Present Danger to the Corporate World
The incentives that they required in order to hand over sensitive data:
• 63% required at least 1 million pounds to convert to insiders
• 10% would become insiders if their mortgage was paid off
• 5% are willing to participate in exchange for a holiday
• Another 5% would do it if they are offered a new job
• 4% would participate if their credit card debt is covered
i. Occasionally, vulnerability is publicised before a patch is available. In
some cases vulnerabilities received more publicity than the already
available patches.
www.bezaspeaks.com Beza Belayneh 13
14. Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and
Present Danger to the Corporate World
And what are the current technologies be used around
information warfare?
The types of attacks and method of attacks (technologies) will be described
1. The main types of attacks
• Vandalism
• Financial Fraud DECEPTION
• Denial of service applies to all these attacks
• Theft of transaction information
Methods, Techniques, Technologies (From Attackers’ point of view)
Note: some of the tools may have current versions of the attack tools but the older
versions are still usable in most instances. The malware and malicious scripts in
circulation today are mostly based on techniques and example code from tutorials
which were published nearly a decade ago. These get adapted incrementally as
Microsoft or other vendors release their system security patches
A great many technologies and tools used to attack computers and networks
could fall on these categories:
• Malicious Codes
• Network Scanning Tools
• Password Cracking Tools
• Denial of Service Tools
• Cryptography Tools
Note: For further analysis information warfare technologies and
weapons matrix is presented below
Attack Methods Technologies Description
Password cracking Cain & Abel http://www.oxid.it/cain.html 1. delete or change
Brute data relating to
Passfinder orders, pricing or
Crack product description
There are companies available who give 2. copy data for use by
password cracking service (We used some) competitor for
(www.password-crackers.com/crack.html) fraudulent purposes
http://www.passwordportal.net
IP Spoofing "Spoofing" is a process by
which the IP address of
your machine is made to
appear different from what
it really is
Spoofing attacks Forge from address so the
www.bezaspeaks.com Beza Belayneh 14
15. Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and
Present Danger to the Corporate World
Web spoofing (phishing) message appears to have
originated from trusted
source
http bomber http bomber With its very simple user
interface, Bomber appears
to allow a user to target
specific web sites either by
its URL or IP
address. The attack tool
claims to generate
numerous HTTP GET and
POST requests.
Ping attack Sending large amounts of
AtTacK PiNG 1.0 pings of large sizes at an
IP address.
Sql Injectors sqlninja
People’s information Massive SQL injection attacks
warfare
Distributed Denial of Ping O, Death machines can be crashed
attack (DDOS) by sending IP packets that
exceed the maximum legal
length (65535 octets)
Malware attack Mpack
IcePack
Spyware Surveillance : Keylogger Lite Record all activities of
Keyloggers Free Keylogger keyboard without the
knowledge of the victim
Viruses, bomb, Trojan, Virus creation tools & kit
malware generating http://vx.netlux.org/lib/static/vdat/creatrs1.htm
tools (scary!!!) http://vx.netlux.org/vx.php?id=tidx (195)
Worms e.g. Nugache worm sophisticated botnets, or
Conficker, Storm networks of hacked
computers
Hackers’s support sites Numerous websites
Espionage software Netstumbler WLAN monitor program
Kismet is a passive Sniffer for seeking out (scanner, Sniffer) for
radio net works Windows
Automated defacement
tools
Denial of service attacks, Tribal Flood Network It can spoof the source IP
IP Spoofing for the agents, and can
generate multiple types of
attack (including UDP
flood, TCP SYN flood,
ICMP echo request flood,
and ICMP directed
broadcast). TFN2K is a
more sophisticated version
www.bezaspeaks.com Beza Belayneh 15
16. Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and
Present Danger to the Corporate World
of the original TFN
Electronic Civil Denial-of-service attacks.
Disobedience (ECD).
Combination of hacking
and activism
Social Engineering
http://sectools.org/ so many tools 100
Examples- Illustrations on some of the tools.
www.bezaspeaks.com Beza Belayneh 16
17. Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and
Present Danger to the Corporate World
Information Warfare Technologies (Weapons) Matrix
Each threat has specific tools available online in various forms. Some are free and some
are for sale. Some are just enter IP address and click, the attack is done by third party.
Tunneling
Scavenging
www.bezaspeaks.com Beza Belayneh 17
18. Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and
Present Danger to the Corporate World
www.bezaspeaks.com Beza Belayneh 18
19. Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and
Present Danger to the Corporate World
Source: Technolytics.com
www.bezaspeaks.com Beza Belayneh 19
20. Mr. Beza Belayneh – Centre for Information Security – Information Warfare – Clear and
Present Danger to the Corporate World
Beza Belayneh – is a well known qualified and experienced information
security and cyber security expert.
He had carried out extensive research on cyber warfare and presented his
papers around the world….
He is Chief Information Security Officer at the Centre for Information Security and
South African Centre for Information Security.
Visit www.bezaspeaks.com for customized research and presentation.
www.bezaspeaks.com Beza Belayneh 20