Presentation is loading. Please wait.

Presentation is loading. Please wait.

When Keyboards are drawn - Urban Information Warfare Ofer Shezaf, Xiom February 2003 www..com.

Similar presentations


Presentation on theme: "When Keyboards are drawn - Urban Information Warfare Ofer Shezaf, Xiom February 2003 www..com."— Presentation transcript:

1

2 When Keyboards are drawn - Urban Information Warfare Ofer Shezaf, Xiom February 2003

3 2 Definition Information Warfare (my definition) The use of digital technologies to damage the critical infrastructure of a state So, Damage – destruction, demolition, devastation. Critical infrastructure - no more Web sites breaking State - no more photo sending analyzers. But, yes, still digital technologies – but not too much. And, yes, politics – but not today.

4 3 Presentation Headlines How is information warfare different? Information Warfare Targets Attacker capabilities The infrastructure organization model Network model Administration networks exposures Operational networks exposures Model Case Studies So, What can we do?

5 4 Introduction to IW How is information warfare different from your every day Attack?

6 5 Targets Who? Infrastructure Companies, including power, water and communication. Financial institutions. Government & Army. What? Destruction of equipments Destruction of control systems How? Time bombs.

7 6 Attacker Capabilities Financial resources Technical expertise Intelligence Legal flexibility Section: Introduction to IW

8 7 Financial & Technical Resources Hundreds, thousands… of man-years per project. Duplication of any system at target. Ability to actively seek vulnerabilities, especially in lesser known systems. Usage of custom attack code per target. Security by obscurity is no longer an option

9 8 Intelligence & legal issues Human intelligence …. Spies Best of bread social engineering: pay, blackmail, steal. Operate spies to access internal systems. Signal intelligence … Communication interception A global sniffer: clear text password. Intelligence about systems and topology. Legal immunity to attacker. License to crack

10 9 Presentation Headlines How is information warfare different? Attacker capabilities Information Warfare Targets The infrastructure organization model Network model Administration networks exposures Operational networks exposures Model Case Studies So, What can we do?

11 10 Exposures in Infrastructure Networks The common design of networks in infrastructure organization creates similar Vulnerabilities.

12 11 Basic Network Topology External Networks Administrative Network Operational Networks

13 12 Cracking the administrative network Administrative Network Internet 1 Business Partners ? 2 Sockets in public offices 3 Access to a large number of people 4

14 13 Cracking the Operational network Operational Networks Admin. Network Operations Design 1 Remote Signaling 2 Monitoring 3 Application Security Problem 4 Direct connections to Operational network 5 No Internal Security 6

15 14 Presentation Headlines Introduction to information warfare Attacker capabilities Information Warfare Targets The infrastructure organization model Network model Administration networks exposures Operational networks exposures Model Case Studies So, What can we do?

16 15 Examples Is it all for real?

17 16 Model Case Studies Shutting down communication switches, thus preventing phone services. Destroying power generators. Derailing trains. Exploding refineries and other chemical plants. Crashing air-planes.

18 17 Solutions So, What can I do to avoid such disasters?

19 18 Solutions Use layered security. Deploy stronger intra-organization security mechanisms. Strengthen complementary security mechanisms such as physical security and employees assurance. Allocate independent security resources to operational networks. Strive for world peace.


Download ppt "When Keyboards are drawn - Urban Information Warfare Ofer Shezaf, Xiom February 2003 www..com."

Similar presentations


Ads by Google