SlideShare une entreprise Scribd logo
1  sur  4
Télécharger pour lire hors ligne
CREATING THE LEADERS OF THE DIGITAL ECONOMY
Lars Hilse – Digital Strategy Consultants
Eichstrasse 10 B | 25767 Bunsoh | Germany
+1 (949) 208 4181 | +49 (0)4835 9513027 | +44 (0)845 5089559
WWW.LARSHILSE.COM
//WHY THERE WILL BE A CYBER-9/11. SOON
Published on July 29
th
, 2014 //
1//EXECUTIVE SUMMARY
To orchestrate and execute a major cyber terrorism attack, you need to circumvent four major
obstacles:
• Anonymous communication, so that you cannot be interrupted during the planning
• Finding the right specialists with a low ethical standard (or short on cash)
• Transferring assets to pay these specialists untraceably across borders
• Vulnerable infrastructure you can exploit for such attacks.
I have privately funded over two years of research worth over USD $125.000, revealing not
only financial crimes with damages in excess of USD $2+ trillion p. a.
During the research I have come to the conclusion that the aforementioned obstacles can all be
circumvented today, and that vulnerabilities in both in civilian and military infrastructure can
be exploited.
While terrorists of the past had to sacrifice their lives or liberty to create major incidents,
today they don’t even have to leave the comfort or their own home.
Furthermore, these vulnerabilities don’t have to be exploited for classic, terrorist motives.
They can also be used for anonymous extortion of corporations/governments, because attacks
can be targeted in an exceptional fashion.
2//WHY A CYBER 9/11 IS IMMINENT
On July 29th, 2014 Israel became victim to a cyber attack, in which Chinese hackers exploited
their “Iron Dome” missile system, which protects the State of Israel from the rocket attacks
originating from territories of their surrounding adversaries.
This was the most recent example of exploits in network-connected infrastructure, outlining
the massive vulnerabilities even in newer systems being deployed, preceded by the “Stuxnet”
virus, which was probably the first publicly known incident in which a piece of software was
CREATING THE LEADERS OF THE DIGITAL ECONOMY
Lars Hilse – Digital Strategy Consultants
Eichstrasse 10 B | 25767 Bunsoh | Germany
+1 (949) 208 4181 | +49 (0)4835 9513027 | +44 (0)845 5089559
WWW.LARSHILSE.COM
used to destroy/alter a piece of network-connected infrastructure.
Two main factors, which create a majority of the aforementioned vulnerabilities, are
• The ever increasing demand for network connected infrastructure, and
• The decreasing quality in software, or it’s so called End-of-Life
When combined with the negligence towards technological advancement of governments
attempting to create policy to reduce such risks, the potential devastation becomes
incomprehensible.
3//INCREASING USAGE OF NETWORK CONNECTED
INFRASTRUCTURE
The exponential increase in network-connected infrastructure is due to two main factors:
• Convenience and cost reduction in operational systems
• Monitoring the operation decentralized/without human assets being on location
This exponential increase, while bringing economic benefits along with them, create gaping
holes in any organization’s infrastructure because their deployment is - more often than not -
run on a tight budget, and/or are not sufficiently supervised during installation.
Furthermore, a lot of the operators of such systems are insufficiently trained to understand the
background of the system they are handling.
This leads to a combination of critical factors, making anything from a traffic light to a power
plant very vulnerable.
CREATING THE LEADERS OF THE DIGITAL ECONOMY
Lars Hilse – Digital Strategy Consultants
Eichstrasse 10 B | 25767 Bunsoh | Germany
+1 (949) 208 4181 | +49 (0)4835 9513027 | +44 (0)845 5089559
WWW.LARSHILSE.COM
4//DECREASING SOFTWARE-QUALITY & END-OF-LIFE
After Microsoft released Windows XP, it became clear that a majority of the focus on security
had been sacrificed for the benefit of such things as “Windows XP Media Center Edition” and
other gadgets built into operating systems.
This diversion was the start to the creation of more consumer-focused operating systems with
gaping security vulnerabilities, which can be exploited in any number of ways.
Further, Windows XP was the last operating system capable of running a majority of the
software, which in turn controlled the connected SCADAs, PLCs, and other network connected
infrastructure interfaces of the world.
XP’s end-of-life/end-of-support in early 2014 has increased the threat of exploitation of such
systems significantly, as a majority of companies operating XP cannot/will not afford the
continued maintenance offered through Microsoft at additional costs.
The end-of-life-problem also applies for software written to control the interfaces between the
operating system and the controller.
The controllers are a difficulty by themselves because their average lifespan significantly
exceeds that of the software running it, or the operating systems, which support them.
In addition to this, the lifecycles of the operating systems have also shortened.
Besides many other factors, it’s the lack of imagination and negligence towards such threats
that elevates them significantly.
5//VULNERABILITIY PROLIFERATION OF NETWORK CONNECTED
INFRASTRUCTURE
For over 2 years I have been investigating the “Deep Web” and Bitcoin, exploiting terrorists
using these channels to communicate and transfer funds anonymously.
While the extent of these communications isn’t that far spread (yet), I recently discovered the
standard passwords and other vulnerabilities of SCADAs and other systems controlling
network-connected infrastructure.
CREATING THE LEADERS OF THE DIGITAL ECONOMY
Lars Hilse – Digital Strategy Consultants
Eichstrasse 10 B | 25767 Bunsoh | Germany
+1 (949) 208 4181 | +49 (0)4835 9513027 | +44 (0)845 5089559
WWW.LARSHILSE.COM
Exploiting these vulnerabilities can have significant consequences, because an ever-increasing
amount of everyday infrastructure is controlled remotely through the Internet.
Most of these systems are protected more of less sufficiently from the “outside world”, but
once these protection methods have been circumvented, the systems controlling anything
from a traffic light to a power plant, are freely accessible.
6//CONCLUSION
For over two years I have been researching the “Deep Web” and Bitcoin, revealing a lot of
startling crimes being committed therein and financed through Bitcoin.
What makes these two elements of the Internet so attractive to criminals and terrorists is the
fact that it provides
• Almost absolute anonymity in communication through Email and other services
• Untraceable money transfer across borders, even in large sums, with ways to obscure
transactions
Russia recently put out over USD $110.000 for anyone that can make usage of the Deep Web
through TOR traceable.
Looking at the criminal complaint filed against Ross Ulbricht makes it evident, that his
apprehension in context to allegedly running Silk Road, the Deep Web’s number one site for
drug trade (USD $1.2B transactions within 2 years), was only possible because he made
mistakes in the founding stages of his endeavor.
Resulting thereof, it is safe to assume that had these mistakes been avoided, the Silk Road
would still be in operation.
When these to major elements are combined with the fact that the world has tens of thousands
vulnerabilities for criminal elements to exploit, the next step of assembling a team of
specialists is just a matter time.

Contenu connexe

Similaire à Why there will be a Cyber-9/11. Soon (Cyber security, cybercrime, terrorism)

UPDATED - Analysis of exposed ICS / SCADA and IoT systems in Europe
UPDATED - Analysis of exposed ICS / SCADA and IoT systems in EuropeUPDATED - Analysis of exposed ICS / SCADA and IoT systems in Europe
UPDATED - Analysis of exposed ICS / SCADA and IoT systems in EuropeFrancesco Faenzi
 
Cloud Forensics: Drawbacks in Current Methodologies and Proposed Solution
Cloud Forensics: Drawbacks in Current Methodologies and Proposed SolutionCloud Forensics: Drawbacks in Current Methodologies and Proposed Solution
Cloud Forensics: Drawbacks in Current Methodologies and Proposed SolutionIJERA Editor
 
2016 payment threats trends report
2016 payment threats trends report2016 payment threats trends report
2016 payment threats trends reportIan Beckett
 
Ot ics cyberattaques dans les organisations industrielles
Ot ics cyberattaques dans les organisations industrielles Ot ics cyberattaques dans les organisations industrielles
Ot ics cyberattaques dans les organisations industrielles Cisco Canada
 
SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS
SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMSSECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS
SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMSMarco Lisi
 
cybersecurity essay.docx
cybersecurity essay.docxcybersecurity essay.docx
cybersecurity essay.docxssuser719d6b
 
International Cyber Security 2012
International Cyber Security 2012International Cyber Security 2012
International Cyber Security 2012Sharmin Ahammad
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityBryCunal
 
Government-ForeScout-Solution-Brief
Government-ForeScout-Solution-BriefGovernment-ForeScout-Solution-Brief
Government-ForeScout-Solution-BriefJonathan Reyes
 
Trustless Computing Initiative
Trustless Computing InitiativeTrustless Computing Initiative
Trustless Computing InitiativeTRUSTLESS.AI
 
Analysis of exposed ICS//SCADA/IoT systems in Europe
Analysis of exposed ICS//SCADA/IoT systems in EuropeAnalysis of exposed ICS//SCADA/IoT systems in Europe
Analysis of exposed ICS//SCADA/IoT systems in EuropeFrancesco Faenzi
 
Inria - Cybersecurity: current challenges and Inria’s research directions
Inria - Cybersecurity: current challenges and Inria’s research directionsInria - Cybersecurity: current challenges and Inria’s research directions
Inria - Cybersecurity: current challenges and Inria’s research directionsInria
 
Security in Large, Strategic and Complex Systems: Challenges and Solutions_Li...
Security in Large, Strategic and Complex Systems: Challenges and Solutions_Li...Security in Large, Strategic and Complex Systems: Challenges and Solutions_Li...
Security in Large, Strategic and Complex Systems: Challenges and Solutions_Li...Marco Lisi
 
DRIVE | high tech industry? think again! (part 2)
DRIVE | high tech industry? think again! (part 2)DRIVE | high tech industry? think again! (part 2)
DRIVE | high tech industry? think again! (part 2)CLICKNL
 
Advanced Persistent Threat in ICS/SCADA/IOT world: a case study
Advanced Persistent Threat in ICS/SCADA/IOT world: a case studyAdvanced Persistent Threat in ICS/SCADA/IOT world: a case study
Advanced Persistent Threat in ICS/SCADA/IOT world: a case studyFrancesco Faenzi
 
Open Source Insight: Amazon Servers Exposed Open Source & the Public Sector...
Open Source Insight:  Amazon Servers Exposed  Open Source & the Public Sector...Open Source Insight:  Amazon Servers Exposed  Open Source & the Public Sector...
Open Source Insight: Amazon Servers Exposed Open Source & the Public Sector...Black Duck by Synopsys
 
Strengthening Critical Infrastructure Security.pdf
Strengthening Critical Infrastructure Security.pdfStrengthening Critical Infrastructure Security.pdf
Strengthening Critical Infrastructure Security.pdfssuserc1c354
 
Darktrace white paper_ics_final
Darktrace white paper_ics_finalDarktrace white paper_ics_final
Darktrace white paper_ics_finalCMR WORLD TECH
 

Similaire à Why there will be a Cyber-9/11. Soon (Cyber security, cybercrime, terrorism) (20)

UPDATED - Analysis of exposed ICS / SCADA and IoT systems in Europe
UPDATED - Analysis of exposed ICS / SCADA and IoT systems in EuropeUPDATED - Analysis of exposed ICS / SCADA and IoT systems in Europe
UPDATED - Analysis of exposed ICS / SCADA and IoT systems in Europe
 
Cloud Forensics: Drawbacks in Current Methodologies and Proposed Solution
Cloud Forensics: Drawbacks in Current Methodologies and Proposed SolutionCloud Forensics: Drawbacks in Current Methodologies and Proposed Solution
Cloud Forensics: Drawbacks in Current Methodologies and Proposed Solution
 
2016 payment threats trends report
2016 payment threats trends report2016 payment threats trends report
2016 payment threats trends report
 
Cyber security colombo meetup
Cyber security colombo meetupCyber security colombo meetup
Cyber security colombo meetup
 
Ot ics cyberattaques dans les organisations industrielles
Ot ics cyberattaques dans les organisations industrielles Ot ics cyberattaques dans les organisations industrielles
Ot ics cyberattaques dans les organisations industrielles
 
SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS
SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMSSECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS
SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS
 
cybersecurity essay.docx
cybersecurity essay.docxcybersecurity essay.docx
cybersecurity essay.docx
 
International Cyber Security 2012
International Cyber Security 2012International Cyber Security 2012
International Cyber Security 2012
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Government-ForeScout-Solution-Brief
Government-ForeScout-Solution-BriefGovernment-ForeScout-Solution-Brief
Government-ForeScout-Solution-Brief
 
Trustless Computing Initiative
Trustless Computing InitiativeTrustless Computing Initiative
Trustless Computing Initiative
 
Analysis of exposed ICS//SCADA/IoT systems in Europe
Analysis of exposed ICS//SCADA/IoT systems in EuropeAnalysis of exposed ICS//SCADA/IoT systems in Europe
Analysis of exposed ICS//SCADA/IoT systems in Europe
 
Inria - Cybersecurity: current challenges and Inria’s research directions
Inria - Cybersecurity: current challenges and Inria’s research directionsInria - Cybersecurity: current challenges and Inria’s research directions
Inria - Cybersecurity: current challenges and Inria’s research directions
 
Security in Large, Strategic and Complex Systems: Challenges and Solutions_Li...
Security in Large, Strategic and Complex Systems: Challenges and Solutions_Li...Security in Large, Strategic and Complex Systems: Challenges and Solutions_Li...
Security in Large, Strategic and Complex Systems: Challenges and Solutions_Li...
 
DRIVE | high tech industry? think again! (part 2)
DRIVE | high tech industry? think again! (part 2)DRIVE | high tech industry? think again! (part 2)
DRIVE | high tech industry? think again! (part 2)
 
Advanced Persistent Threat in ICS/SCADA/IOT world: a case study
Advanced Persistent Threat in ICS/SCADA/IOT world: a case studyAdvanced Persistent Threat in ICS/SCADA/IOT world: a case study
Advanced Persistent Threat in ICS/SCADA/IOT world: a case study
 
Open Source Insight: Amazon Servers Exposed Open Source & the Public Sector...
Open Source Insight:  Amazon Servers Exposed  Open Source & the Public Sector...Open Source Insight:  Amazon Servers Exposed  Open Source & the Public Sector...
Open Source Insight: Amazon Servers Exposed Open Source & the Public Sector...
 
Strengthening Critical Infrastructure Security.pdf
Strengthening Critical Infrastructure Security.pdfStrengthening Critical Infrastructure Security.pdf
Strengthening Critical Infrastructure Security.pdf
 
SCADA White Paper March2012
SCADA White Paper March2012SCADA White Paper March2012
SCADA White Paper March2012
 
Darktrace white paper_ics_final
Darktrace white paper_ics_finalDarktrace white paper_ics_final
Darktrace white paper_ics_final
 

Dernier

SPONSORED CONTENT - MyGovWatch - RFP Cliches Debunked: What Government Buyers...
SPONSORED CONTENT - MyGovWatch - RFP Cliches Debunked: What Government Buyers...SPONSORED CONTENT - MyGovWatch - RFP Cliches Debunked: What Government Buyers...
SPONSORED CONTENT - MyGovWatch - RFP Cliches Debunked: What Government Buyers...JSchaus & Associates
 
O Conselho Estadual de Cultura e o Incentivo à Cultura no RS: relato de expe...
O Conselho Estadual de Cultura e o Incentivo à Cultura no RS:  relato de expe...O Conselho Estadual de Cultura e o Incentivo à Cultura no RS:  relato de expe...
O Conselho Estadual de Cultura e o Incentivo à Cultura no RS: relato de expe...Alvaro Santi
 
PPT Item # 5-6 218 Canyon Drive replat prop.
PPT Item # 5-6 218 Canyon Drive replat prop.PPT Item # 5-6 218 Canyon Drive replat prop.
PPT Item # 5-6 218 Canyon Drive replat prop.ahcitycouncil
 
Living life to the full: How can we make our longer lives healthier, happier ...
Living life to the full: How can we make our longer lives healthier, happier ...Living life to the full: How can we make our longer lives healthier, happier ...
Living life to the full: How can we make our longer lives healthier, happier ...ResolutionFoundation
 
DB9_BTR_Webinar_Slidedeck_20230320 (1).pptx
DB9_BTR_Webinar_Slidedeck_20230320 (1).pptxDB9_BTR_Webinar_Slidedeck_20230320 (1).pptx
DB9_BTR_Webinar_Slidedeck_20230320 (1).pptxNAP Global Network
 
Best charity ideas parents give their children’s
Best charity ideas parents give their children’sBest charity ideas parents give their children’s
Best charity ideas parents give their children’sSERUDS INDIA
 
Item # 4 - Appointment of new PW Director
Item # 4 - Appointment of new PW DirectorItem # 4 - Appointment of new PW Director
Item # 4 - Appointment of new PW Directorahcitycouncil
 
2024: The FAR, Federal Acquisition Regulations - Part 17
2024: The FAR, Federal Acquisition Regulations - Part 172024: The FAR, Federal Acquisition Regulations - Part 17
2024: The FAR, Federal Acquisition Regulations - Part 17JSchaus & Associates
 
Yes!? We can end TB - World Tuberculosis Day 2024.
Yes!? We can end TB - World Tuberculosis Day 2024.Yes!? We can end TB - World Tuberculosis Day 2024.
Yes!? We can end TB - World Tuberculosis Day 2024.Christina Parmionova
 
The Federal Perspective on Coverage of Medications to Treat Obesity: Consider...
The Federal Perspective on Coverage of Medications to Treat Obesity: Consider...The Federal Perspective on Coverage of Medications to Treat Obesity: Consider...
The Federal Perspective on Coverage of Medications to Treat Obesity: Consider...Congressional Budget Office
 
india sanitation coalition Swachata Abhiyan ​.pdf
india sanitation coalition Swachata Abhiyan ​.pdfindia sanitation coalition Swachata Abhiyan ​.pdf
india sanitation coalition Swachata Abhiyan ​.pdfcoalitionindiasanita
 
Item # 1a - March 18, 2024 Special CCM Minutes
Item # 1a - March 18, 2024 Special CCM MinutesItem # 1a - March 18, 2024 Special CCM Minutes
Item # 1a - March 18, 2024 Special CCM Minutesahcitycouncil
 
Water and peace go hand-in hand. World Water Day 2024
Water and peace go hand-in hand. World Water Day 2024Water and peace go hand-in hand. World Water Day 2024
Water and peace go hand-in hand. World Water Day 2024Christina Parmionova
 
National Women's Month Celebration for PENRO Quezon
National Women's Month Celebration for PENRO QuezonNational Women's Month Celebration for PENRO Quezon
National Women's Month Celebration for PENRO QuezonAryaCapale
 
Parents give a charity ideas for children
Parents give a charity ideas for childrenParents give a charity ideas for children
Parents give a charity ideas for childrenSERUDS INDIA
 
OECD Webinar - ESG to deliver well-being in resource-rich regions: the role o...
OECD Webinar - ESG to deliver well-being in resource-rich regions: the role o...OECD Webinar - ESG to deliver well-being in resource-rich regions: the role o...
OECD Webinar - ESG to deliver well-being in resource-rich regions: the role o...OECDregions
 
Water can create peace or spark conflict.
Water can create peace or spark conflict.Water can create peace or spark conflict.
Water can create peace or spark conflict.Christina Parmionova
 
Children who live with Grandparents are really lucky
Children who live with Grandparents are really luckyChildren who live with Grandparents are really lucky
Children who live with Grandparents are really luckySERUDS INDIA
 
Leveraging Water for Peace - World Water Day 2024
Leveraging Water for Peace - World Water Day 2024Leveraging Water for Peace - World Water Day 2024
Leveraging Water for Peace - World Water Day 2024Christina Parmionova
 

Dernier (20)

SPONSORED CONTENT - MyGovWatch - RFP Cliches Debunked: What Government Buyers...
SPONSORED CONTENT - MyGovWatch - RFP Cliches Debunked: What Government Buyers...SPONSORED CONTENT - MyGovWatch - RFP Cliches Debunked: What Government Buyers...
SPONSORED CONTENT - MyGovWatch - RFP Cliches Debunked: What Government Buyers...
 
O Conselho Estadual de Cultura e o Incentivo à Cultura no RS: relato de expe...
O Conselho Estadual de Cultura e o Incentivo à Cultura no RS:  relato de expe...O Conselho Estadual de Cultura e o Incentivo à Cultura no RS:  relato de expe...
O Conselho Estadual de Cultura e o Incentivo à Cultura no RS: relato de expe...
 
PPT Item # 5-6 218 Canyon Drive replat prop.
PPT Item # 5-6 218 Canyon Drive replat prop.PPT Item # 5-6 218 Canyon Drive replat prop.
PPT Item # 5-6 218 Canyon Drive replat prop.
 
Living life to the full: How can we make our longer lives healthier, happier ...
Living life to the full: How can we make our longer lives healthier, happier ...Living life to the full: How can we make our longer lives healthier, happier ...
Living life to the full: How can we make our longer lives healthier, happier ...
 
DB9_BTR_Webinar_Slidedeck_20230320 (1).pptx
DB9_BTR_Webinar_Slidedeck_20230320 (1).pptxDB9_BTR_Webinar_Slidedeck_20230320 (1).pptx
DB9_BTR_Webinar_Slidedeck_20230320 (1).pptx
 
Best charity ideas parents give their children’s
Best charity ideas parents give their children’sBest charity ideas parents give their children’s
Best charity ideas parents give their children’s
 
Item # 4 - Appointment of new PW Director
Item # 4 - Appointment of new PW DirectorItem # 4 - Appointment of new PW Director
Item # 4 - Appointment of new PW Director
 
2024: The FAR, Federal Acquisition Regulations - Part 17
2024: The FAR, Federal Acquisition Regulations - Part 172024: The FAR, Federal Acquisition Regulations - Part 17
2024: The FAR, Federal Acquisition Regulations - Part 17
 
Yes!? We can end TB - World Tuberculosis Day 2024.
Yes!? We can end TB - World Tuberculosis Day 2024.Yes!? We can end TB - World Tuberculosis Day 2024.
Yes!? We can end TB - World Tuberculosis Day 2024.
 
The Federal Perspective on Coverage of Medications to Treat Obesity: Consider...
The Federal Perspective on Coverage of Medications to Treat Obesity: Consider...The Federal Perspective on Coverage of Medications to Treat Obesity: Consider...
The Federal Perspective on Coverage of Medications to Treat Obesity: Consider...
 
india sanitation coalition Swachata Abhiyan ​.pdf
india sanitation coalition Swachata Abhiyan ​.pdfindia sanitation coalition Swachata Abhiyan ​.pdf
india sanitation coalition Swachata Abhiyan ​.pdf
 
Item # 1a - March 18, 2024 Special CCM Minutes
Item # 1a - March 18, 2024 Special CCM MinutesItem # 1a - March 18, 2024 Special CCM Minutes
Item # 1a - March 18, 2024 Special CCM Minutes
 
Water and peace go hand-in hand. World Water Day 2024
Water and peace go hand-in hand. World Water Day 2024Water and peace go hand-in hand. World Water Day 2024
Water and peace go hand-in hand. World Water Day 2024
 
National Women's Month Celebration for PENRO Quezon
National Women's Month Celebration for PENRO QuezonNational Women's Month Celebration for PENRO Quezon
National Women's Month Celebration for PENRO Quezon
 
Parents give a charity ideas for children
Parents give a charity ideas for childrenParents give a charity ideas for children
Parents give a charity ideas for children
 
OECD Webinar - ESG to deliver well-being in resource-rich regions: the role o...
OECD Webinar - ESG to deliver well-being in resource-rich regions: the role o...OECD Webinar - ESG to deliver well-being in resource-rich regions: the role o...
OECD Webinar - ESG to deliver well-being in resource-rich regions: the role o...
 
Water can create peace or spark conflict.
Water can create peace or spark conflict.Water can create peace or spark conflict.
Water can create peace or spark conflict.
 
Children who live with Grandparents are really lucky
Children who live with Grandparents are really luckyChildren who live with Grandparents are really lucky
Children who live with Grandparents are really lucky
 
Leveraging Water for Peace - World Water Day 2024
Leveraging Water for Peace - World Water Day 2024Leveraging Water for Peace - World Water Day 2024
Leveraging Water for Peace - World Water Day 2024
 
How to Save a Place: Become an Advocate.
How to Save a Place: Become an Advocate.How to Save a Place: Become an Advocate.
How to Save a Place: Become an Advocate.
 

Why there will be a Cyber-9/11. Soon (Cyber security, cybercrime, terrorism)

  • 1. CREATING THE LEADERS OF THE DIGITAL ECONOMY Lars Hilse – Digital Strategy Consultants Eichstrasse 10 B | 25767 Bunsoh | Germany +1 (949) 208 4181 | +49 (0)4835 9513027 | +44 (0)845 5089559 WWW.LARSHILSE.COM //WHY THERE WILL BE A CYBER-9/11. SOON Published on July 29 th , 2014 // 1//EXECUTIVE SUMMARY To orchestrate and execute a major cyber terrorism attack, you need to circumvent four major obstacles: • Anonymous communication, so that you cannot be interrupted during the planning • Finding the right specialists with a low ethical standard (or short on cash) • Transferring assets to pay these specialists untraceably across borders • Vulnerable infrastructure you can exploit for such attacks. I have privately funded over two years of research worth over USD $125.000, revealing not only financial crimes with damages in excess of USD $2+ trillion p. a. During the research I have come to the conclusion that the aforementioned obstacles can all be circumvented today, and that vulnerabilities in both in civilian and military infrastructure can be exploited. While terrorists of the past had to sacrifice their lives or liberty to create major incidents, today they don’t even have to leave the comfort or their own home. Furthermore, these vulnerabilities don’t have to be exploited for classic, terrorist motives. They can also be used for anonymous extortion of corporations/governments, because attacks can be targeted in an exceptional fashion. 2//WHY A CYBER 9/11 IS IMMINENT On July 29th, 2014 Israel became victim to a cyber attack, in which Chinese hackers exploited their “Iron Dome” missile system, which protects the State of Israel from the rocket attacks originating from territories of their surrounding adversaries. This was the most recent example of exploits in network-connected infrastructure, outlining the massive vulnerabilities even in newer systems being deployed, preceded by the “Stuxnet” virus, which was probably the first publicly known incident in which a piece of software was
  • 2. CREATING THE LEADERS OF THE DIGITAL ECONOMY Lars Hilse – Digital Strategy Consultants Eichstrasse 10 B | 25767 Bunsoh | Germany +1 (949) 208 4181 | +49 (0)4835 9513027 | +44 (0)845 5089559 WWW.LARSHILSE.COM used to destroy/alter a piece of network-connected infrastructure. Two main factors, which create a majority of the aforementioned vulnerabilities, are • The ever increasing demand for network connected infrastructure, and • The decreasing quality in software, or it’s so called End-of-Life When combined with the negligence towards technological advancement of governments attempting to create policy to reduce such risks, the potential devastation becomes incomprehensible. 3//INCREASING USAGE OF NETWORK CONNECTED INFRASTRUCTURE The exponential increase in network-connected infrastructure is due to two main factors: • Convenience and cost reduction in operational systems • Monitoring the operation decentralized/without human assets being on location This exponential increase, while bringing economic benefits along with them, create gaping holes in any organization’s infrastructure because their deployment is - more often than not - run on a tight budget, and/or are not sufficiently supervised during installation. Furthermore, a lot of the operators of such systems are insufficiently trained to understand the background of the system they are handling. This leads to a combination of critical factors, making anything from a traffic light to a power plant very vulnerable.
  • 3. CREATING THE LEADERS OF THE DIGITAL ECONOMY Lars Hilse – Digital Strategy Consultants Eichstrasse 10 B | 25767 Bunsoh | Germany +1 (949) 208 4181 | +49 (0)4835 9513027 | +44 (0)845 5089559 WWW.LARSHILSE.COM 4//DECREASING SOFTWARE-QUALITY & END-OF-LIFE After Microsoft released Windows XP, it became clear that a majority of the focus on security had been sacrificed for the benefit of such things as “Windows XP Media Center Edition” and other gadgets built into operating systems. This diversion was the start to the creation of more consumer-focused operating systems with gaping security vulnerabilities, which can be exploited in any number of ways. Further, Windows XP was the last operating system capable of running a majority of the software, which in turn controlled the connected SCADAs, PLCs, and other network connected infrastructure interfaces of the world. XP’s end-of-life/end-of-support in early 2014 has increased the threat of exploitation of such systems significantly, as a majority of companies operating XP cannot/will not afford the continued maintenance offered through Microsoft at additional costs. The end-of-life-problem also applies for software written to control the interfaces between the operating system and the controller. The controllers are a difficulty by themselves because their average lifespan significantly exceeds that of the software running it, or the operating systems, which support them. In addition to this, the lifecycles of the operating systems have also shortened. Besides many other factors, it’s the lack of imagination and negligence towards such threats that elevates them significantly. 5//VULNERABILITIY PROLIFERATION OF NETWORK CONNECTED INFRASTRUCTURE For over 2 years I have been investigating the “Deep Web” and Bitcoin, exploiting terrorists using these channels to communicate and transfer funds anonymously. While the extent of these communications isn’t that far spread (yet), I recently discovered the standard passwords and other vulnerabilities of SCADAs and other systems controlling network-connected infrastructure.
  • 4. CREATING THE LEADERS OF THE DIGITAL ECONOMY Lars Hilse – Digital Strategy Consultants Eichstrasse 10 B | 25767 Bunsoh | Germany +1 (949) 208 4181 | +49 (0)4835 9513027 | +44 (0)845 5089559 WWW.LARSHILSE.COM Exploiting these vulnerabilities can have significant consequences, because an ever-increasing amount of everyday infrastructure is controlled remotely through the Internet. Most of these systems are protected more of less sufficiently from the “outside world”, but once these protection methods have been circumvented, the systems controlling anything from a traffic light to a power plant, are freely accessible. 6//CONCLUSION For over two years I have been researching the “Deep Web” and Bitcoin, revealing a lot of startling crimes being committed therein and financed through Bitcoin. What makes these two elements of the Internet so attractive to criminals and terrorists is the fact that it provides • Almost absolute anonymity in communication through Email and other services • Untraceable money transfer across borders, even in large sums, with ways to obscure transactions Russia recently put out over USD $110.000 for anyone that can make usage of the Deep Web through TOR traceable. Looking at the criminal complaint filed against Ross Ulbricht makes it evident, that his apprehension in context to allegedly running Silk Road, the Deep Web’s number one site for drug trade (USD $1.2B transactions within 2 years), was only possible because he made mistakes in the founding stages of his endeavor. Resulting thereof, it is safe to assume that had these mistakes been avoided, the Silk Road would still be in operation. When these to major elements are combined with the fact that the world has tens of thousands vulnerabilities for criminal elements to exploit, the next step of assembling a team of specialists is just a matter time.