When Keyboards are drawn - Urban Information Warfare Ofer Shezaf, Xiom February 2003 www..com
2 Definition Information Warfare (my definition) The use of digital technologies to damage the critical infrastructure of a state So, Damage – destruction, demolition, devastation. Critical infrastructure - no more Web sites breaking State - no more photo sending analyzers. But, yes, still digital technologies – but not too much. And, yes, politics – but not today.
www..com 3 Presentation Headlines How is information warfare different? Information Warfare Targets Attacker capabilities The infrastructure organization model Network model Administration networks exposures Operational networks exposures Model Case Studies So, What can we do?
www..com 4 Introduction to IW How is information warfare different from your every day Attack?
www..com 5 Targets Who? Infrastructure Companies, including power, water and communication. Financial institutions. Government & Army. What? Destruction of equipments Destruction of control systems How? Time bombs.
www..com 7 Financial & Technical Resources Hundreds, thousands… of man-years per project. Duplication of any system at target. Ability to actively seek vulnerabilities, especially in lesser known systems. Usage of custom attack code per target. Security by obscurity is no longer an option
www..com 8 Intelligence & legal issues Human intelligence …. Spies Best of bread social engineering: pay, blackmail, steal. Operate spies to access internal systems. Signal intelligence … Communication interception A global sniffer: clear text password. Intelligence about systems and topology. Legal immunity to attacker. License to crack
www..com 9 Presentation Headlines How is information warfare different? Attacker capabilities Information Warfare Targets The infrastructure organization model Network model Administration networks exposures Operational networks exposures Model Case Studies So, What can we do?
www..com 10 Exposures in Infrastructure Networks The common design of networks in infrastructure organization creates similar Vulnerabilities.
www..com 12 Cracking the administrative network Administrative Network Internet 1 Business Partners ? 2 Sockets in public offices 3 Access to a large number of people 4
www..com 13 Cracking the Operational network Operational Networks Admin. Network Operations Design 1 Remote Signaling 2 Monitoring 3 Application Security Problem 4 Direct connections to Operational network 5 No Internal Security 6
www..com 14 Presentation Headlines Introduction to information warfare Attacker capabilities Information Warfare Targets The infrastructure organization model Network model Administration networks exposures Operational networks exposures Model Case Studies So, What can we do?
www..com 16 Model Case Studies Shutting down communication switches, thus preventing phone services. Destroying power generators. Derailing trains. Exploding refineries and other chemical plants. Crashing air-planes.
www..com 17 Solutions So, What can I do to avoid such disasters?
www..com 18 Solutions Use layered security. Deploy stronger intra-organization security mechanisms. Strengthen complementary security mechanisms such as physical security and employees assurance. Allocate independent security resources to operational networks. Strive for world peace.