Presentation is loading. Please wait.

Presentation is loading. Please wait.

Director, IO Institute Association of Old Crows

Similar presentations

Presentation on theme: "Director, IO Institute Association of Old Crows"— Presentation transcript:

1 Director, IO Institute Association of Old Crows
…and then Man created Cyber Joel Harding Director, IO Institute Association of Old Crows Good afternoon. My name is Joel Harding. I’m the Director of the IO Institute, a Special Interest Group of the AOC. The presentation today looks at topics that most of us are familiar with but from a different perspective. The purpose of this briefing is to make you think about these issues in a new way. A word of warning in advance. This briefing steps on the toes of many of our most sacred cows, it is sacrilegious and might even be considered too violent by some. Admin notes: [Length of presentation is 37 minutes rushed, 42 minutes paced, up to 58 minutes with Q&A, keeping control of the briefing. Most of the slides are self-building, they are animated and self-progressing. Most slides self-transition at less than 30 seconds.]

2 Agenda …and then Man created Cyber New Social Media
Cyberw… no, I can’t say it What to do? Cooperation/Treaties in Cyberspace Here is what I will be talking about today.

3 …and then Man created Cyber
A new way of looking at our developing world I would like to introduce you to a totally different and purposefully simplistic way of looking at everything around us. I don’t plan to say much about these slides, just keep in mind this is about another part of the spectrum – that of visible light. Now, imagine a prism working in reverse.

4 In the beginning there was…

5 Earth S

6 The Heavens S

7 …and the Sea S

8 …and then Man got busy S

9 Man found Information S

10 He gathered Intelligence

11 He learned to fly in the Air

12 Radio used the Electromagnetic Spectrum which begat Electronic Warfare

13 …and then Man created Cyber

14 A full spectrum… Waiting for us to put it all together
Space Sea EMS Air Information Intel Land Cyber S

15 …and Man struggled to put it all together
<insert various awkward attempts showing Land, Air, Sea, Space, EW, IO, Cyber and how they all work together> This is how all the different efforts to write IO doctrine and policy seem to work together. Perhaps you’ll see a familiar process up there, chances are you don’t.

16 Look at all those pretty colors…
Now think back to what I said about visible light and a reverse prism. Frequency units – Hertz 1 Hz = 1 c1

17 …and somehow it all worked.
…in the meantime Space Sea EMS …and somehow it all worked. Together. Air Information Remember that prism I mentioned? Just think of all the colors going into it – what comes out? In the world of IO that is how doctrine and policy work – or rather – don’t work. Joint IO doctrine is markedly different from Army IO doctrine which is worlds apart from Navy IO which is different from USAF. But when it comes to ‘doing’ IO, it works and it works well. Very well, as a matter of fact. Intel Land Cyber

18 Let’s talk about Cyberw.. No, I can’t say it.

19 “Sample Nuclear Launch While Under Cyber Attack”
Let’s first talk about a war on your senses. We are inundated with messages we receive through our computers and our smart phones. We watch videos, we look at pictures, we read Tweets, s, and even occasionally talk on our smart phones. Every news report we watch has a built in bias, however. It all depends on the reporter and the media to police up their own and create a feeling of objectivity. This is a perfect example. Does anyone remember when this photograph was first released? The Iranians had doctored the original to show four missiles firing where only three had actually fired. Now this.. Think about this for a second. Can you ever really ever again trust a photograph? [yes, this is a doctored photo, used here just to lighten a serious moment] Source:

20 Original Photo and Doctored

21 New Social Media Twitter TweetDeck S
What you are seeing here is a rapidly developing new way to communicate with a global audience, tools used to analyze this new social media and ways to get a message into denied areas like China and Iran S

22 Remember this one? It sure got a lot of press coverage!
“Cyber War” In Estonia, 2007 Remember this one? It sure got a lot of press coverage! Here was the first case of a full-scale all-out cyberwar against a country, which was moderately successful. It took about three days but Estonia, who is incredibly technologically advanced, managed to move most of their critical websites to servers in the United States. After this war, which they blamed on Russia, they established a Center of Excellence for Cyber Defense, which played a strong role in the next case.

23 Another Recent “Cyberwar” Example: Georgia
In August 2008 there was the first verified case of a Cyberwar accompanying a conventional war, Georgia vs. Russia. There was an organized effort to prep the battlespace, synchronize the attacks, provide useful tools and provide target lists to patriotic hackers. This five day war, both on the ground and in cyberspace, was not a huge war, but again, Russia was involved. Not officially, of course.

24 Google vs. China Round 1 12 Jan Google announces detected a sophisticated cyber attack on its computers, aimed at accounts of Chinese human rights activists 19 Feb Probable source of the attacks on Google: Shanghai Jiaotong University  Lanxiang Vocational School In January of 2010, Google disclosed that certain Gmail accounts had been hacked, someone had physically penetrated their system and they put the blame squarely on the Chinese government by threatening to withdraw from China. Coincidentally, the Iranian Cyber Army began attacking Chinese Government web sites. The tools used by supposed Chinese hackers used an exploit named Aurora, which had been previously identified but never patched. After Google became public about their penetrations, 30 other corporations, including Adobe and Lockheed Martin confessed they were also hacked in China.

25 New Players Botnets for hire Hackers for hire Patriotic hackers
Cyber jihadists Other hacktivists AKA Proxies As you have seen, there have been no country on country, or State on State, Cyberwars. Up here you see the guilty parties. Botnets, on hundreds of thousand compromised computers, can be rented for a modest price, ala Estonia. Skilled hackers are available for money. In the Georgia vs. Russia war, patriotic hackers did the lion’s share of the work. We are also seeing Cyber Jihadists and other hacktivists as well as the curious and others, drawn like a moth to fire. We have not seen any country publicly state that they have waged cyberwar. In conversations with senior DoD officials it has been stated that this will probably never happen. The US leads the world in publicly disclosing its ability to fight wars in Cyberspace, with the formation of the US Cyber Command and multiple Service Cyber Commands. Just last month South Korea stood up its own Cyber Command and Israel is actively seeking skilled attackers and defenders. Estimates range from five to 180 active state-sponsored cyber programs at the unclassified level. Chances are, however, none will ever officially admit to attacking anyone in cyberspace.

26 Attacks by Proxy Iranian Cyber Army Turkish Hacker Group
These are a few of the representatives of patriotic hacker groups. At least one of these groups is widely cited for being behind the attacks on Estonia in I’d like to point out the screen shot on the top right, that is a screenshot taken after they hacked my website for Russian Business Network (RBN) Shkupi Hacker Group Kosava Hacker Group Pro-Serbian Hacker Group

27 Kneber Botnet/ZeuS Feb 18th, 2010 Netwitness, of Herndon, VA
75,000+ Computers infected w/Zeus/Zbot Toolkit 2,500 Corporations, 200 Countries Uses ZeuS Trojan – old exploit, Targets MS Windows Kneber was able to grab 68,000 login credentials over a 4-week period According to Netwitness, the attacks were successful in stealing credentials from social networking websites - Facebook, Yahoo and hi5 were all hit, as well as other networks like MetroFlog and Sonico. Kneber is targeting login credentials for online social networks, accounts, and online financial services. The top sites with stolen login credentials, according to Netwitness' report are Facebook, Yahoo, hi5, metroflog, sonico and netlog. How Effective is it? Netwitness reports that Kneber was able to grab 68,000 login credentials over a 4-week period.

28 Flash/Thumb Drives Nov 2008 - Thumb Drives banned
Feb Ban lifted Agent.btz virus - ‘phone home’ …and don’t forget Stuxnet Agent.btz spreads by copying itself from thumb drive to computer and back again. Once on a PC, “it automatically downloads code from another location. And that code could be pretty much anything,” iDefense computer security expert Ryan Olson said at the time. Read More

29 Corporate vs. Government
Microsoft, Researchers Team Up And Tear Down Major Spamming Botnet Feb 2010 Operation b49 vs. Waledac botnet Is this vigilantism? Is the Gov’t unwilling or unable? Is this tacit approval?

30 Botnets Bots use cell phones, too.
A botnet on a mobile phone may look different from one on a PC Renting out a network of "owned" phones may be viable in the near future. Trend Micro reported that the Sexy View SMS malware on the Symbian mobile OS can contact a CnC server to retrieve new SMS spam templates. Regardless of the form bots might take, we probably won't be able to eradicate the threat; we can only learn to better manage bot infestations. But in the meantime, let's clean up as many PCs as we can.

31 Stuxnet USB install plus worm 4 zero-day exploits
Payload upsets sensitive centrifuges? Future? Beyond proof of concept Patches close vulnerability

32 Anonymous Anti-anti Wikileaks HBGary Federal Westboro Baptist Church
Bank of America

33 What to do? Generalized Spectrum of Cyber Conflict
Extradition and International Cooperation US National Policy Response US Criminal Prosecution and US National Policy Response US Criminal Prosecution Generalized Spectrum of Cyber Conflict Cyber-Attack from Inside US Cyber-Attack from Outside US Law Enforcement Response Law Enforcement Response with DOD DOD with Law Enforcement Response Cyber-crime Hacktivism Cyber-Espionage Cyber-Terrorism Cyberwar Here we have the various stages building from Cybercrime all the way up to Cyberwar. Next we must acknowledge that some cyber attacks on the US come from within the country. This build shows who has the lead in that situation. This shows the most logical response. In the top right all the elements of national power may be used. My thanks to the US Air Command and Staff College Air University for this slide. US AIR COMMAND AND STAFF COLLEGE AIR UNIVERSITY 33

34 Let’s talk about Cyberspace for a moment. Do we need a treaty to inspect their weapons like we do nukes? The answer, some believe, is yes. The Russians will not sign the treaty as long as we insist on virtual inspections of weapons. Recall, please, that the Russians, for the last ten years have publicly stated that they might use nuclear weapons to respond to a cyber attack.

35 General V. Sherstyuk, PhD
29 October 2009 speech at Moscow State University We should avoid new increase in race of cyber arms and limit usage of these technologies for hostile matters. Usage of cyber warfare for political matters and by state actors against other countries is the primary topic of the current agenda. Cyber crimes and cyber terrorism are already well discussed within various international forums. But currently information warfare used more and more in struggles between state actors on tactical and strategic levels. The ability of cyber warfare to make impact will significantly increase. The first progress on the field of cyber warfare regulation was made by Shanghai Cooperation Organization. According to international norms of humanitarian law, you can’t injure and kill disgracefully. We have to behave according to spirit of knights, including information warfare. You can not embed malicious technologies in hardware that you create. This picture was taken in 2009 when the Russians invited me to speak at their conference about Cyberwarfare. General Sherstyuk spoke at length about information security, as if the Russians only defend against others. I do, however, agree with what he says on this slide, and the negotiations are ongoing as we speak.

36 Follow on efforts US NATO India MoD
Submission to Group of Governmental Experts Information and Communication Technologies (ICT) State and Non-State Actors Incl: criminals, terrorists, proxies Target citizens, commerce, critical infrastructure & governments Compromise, steal, change or destroy info Calls for cooperative efforts NATO Considering environmental law India MoD Considering modeling space treaties

37 My question to you Is a treaty in cyberspace possible or practical?
Is it necessary?

38 Questions? Joel Harding (翻译此页 ) Director, IO Institute

Download ppt "Director, IO Institute Association of Old Crows"

Similar presentations

Ads by Google