Presentation is loading. Please wait.

Presentation is loading. Please wait.

National Defence University, www.mpkk.fi professor Hannu H. Kari Page 1/45 Attacking Internet … Hannu H. Kari professor, research director National Defence.

Similar presentations


Presentation on theme: "National Defence University, www.mpkk.fi professor Hannu H. Kari Page 1/45 Attacking Internet … Hannu H. Kari professor, research director National Defence."— Presentation transcript:

1 National Defence University, professor Hannu H. Kari Page 1/45 Attacking Internet … Hannu H. Kari professor, research director National Defence University

2 National Defence University, professor Hannu H. Kari Page 2/45 Solution alternatives Technical solutions Policies Legislations

3 National Defence University, professor Hannu H. Kari Page 3/45 History

4 National Defence University, professor Hannu H. Kari Page 4/45 Technology enhancements (www.daimler.co.uk) (decorateyourgarage.com) (www.macarthurcoal.com.au) ~100+ years

5 National Defence University, professor Hannu H. Kari Page 5/45 Technology enhancements (www.route79.com)(www2.jsonline.com) (www.openfire.us) (www.eia.doe.gov) (www.pennways.com) (en.wikipedia.org)

6 National Defence University, professor Hannu H. Kari Page 6/45 Technology enhancements The same thing has happened in Internet in 10…15 years!

7 National Defence University, professor Hannu H. Kari Page 7/45 Doomsday’s prophecy

8 National Defence University, professor Hannu H. Kari Page 8/45 Prediction : Future does not look very good! V. 2003: Increase of garbage –The dramatic increase of viruses and junk mail V. 2004: Deterioration of network infrastructure –Attacks on infrastructure has increased V. 2005: Manipulation of content –Systematic manipulation of content in Internet V. 2006: Internet collapses –People and companies do not tolerate any more the load of garbage –We don’t trust on the content on the net –Malicious attacks on the network infrastructure deteriorate the usability of Internet  Internet will cease to be place to make business  We go years back before the time of computer networks

9 National Defence University, professor Hannu H. Kari Page 9/45 Internet collapses? What I meant by ”Internet collapses by 2006?” –Not a sudden and total breakdown, but more and more problems, e.g.: –viruses, junk mail, DoS attacks, network criminals, forged mails/WWW- pages, utilization of vulnerabilities of commercial programs/operating systems, phishing attacks more and more ”protection money” –firewalls, virusprotection SW updates, operating system updates, junk- mail filters, backup routes/systems, training unreliability of the network –works, doesn’t work, works,...  If your business depends on Internet, you must be prepared Risk for major problems is imminent

10 National Defence University, professor Hannu H. Kari Page 10/45 Holmlund: Verkkohyökkäys voi uhata rahaliikennettä { : MPK 187:n avajaiset} YETTS: yhteiskunnan elintärkeät toiminnot tulee turvata kaikissa tilanteissa Myyrmanni, Jokela & Kauhajoki: * syrjäytyminen sisäisen turvallisuutemme suurin uhka * monia ei-toivottuja kehitystrendejä Tarkoituksellisin verkkohyökkäyksin saatetaan heikentää valtion päätöksentekojärjestelmien tai esimerkiksi rahaliikenteen toimivuutta Ikävät tapahtumat tulevat eteemme aina jossain määrin yllätyksenä * varautumisesta ja riskianalyyseista huolimatta.  Asymmetrinen maailma, asymmetriset arvot ja motiivit  Kaikki uhkat eivät välttämättä tule ulkoa

11 National Defence University, professor Hannu H. Kari Page 11/45 Scenario ”20xx”

12 National Defence University, professor Hannu H. Kari Page 12/45 Scenario “3/2011” Election in a small EU country a country famous on ICT usage, including electronic voting During the election days, a massive DDoS attack is launched against the election system  Electronic voting system is unavailable for several hours  As a back up alternative, people will use ”traditional paper voting system”  No harm done????

13 National Defence University, professor Hannu H. Kari Page 13/45 Scenario “3/2011” Report for the Council of Europe: Internet voting in the March 2007 Parliamentary Elections in Estonia –Internet attacks, such as DDoS (Distributed Denial of Service) attacks, could have hampered the ability to run the e-voting application. An extension of the e- voting period could potentially make it more difficult to launch such attacks.... But will anyone really seriously think electronic voting as a viable alternative for paper voting after this??? NO! We have lost the game permanently

14 National Defence University, professor Hannu H. Kari Page 14/45 Threats

15 National Defence University, professor Hannu H. Kari Page 15/45 Main threats of Internet 1. We loose our confidence 2. Internet does not work 3. We loose data/money with Internet

16 National Defence University, professor Hannu H. Kari Page 16/45 Who and Why? WHY Motivations: 1.Social behavior 2.Vandalism 3.Money 4.Ideology 5.Military strategic interests WHO Amateurs are just tip of the iceberg Hackers: Fun, can-I-do-it?, show-up,... (1, 2) The real problem: Professionals Mafia, organized crime (3) Industrial espionage, competitors (3) Cyber terrorists (2, 4) Terrorist-countries (4, 5) Military (5 )

17 National Defence University, professor Hannu H. Kari Page 17/45 Internet problems

18 National Defence University, professor Hannu H. Kari Page 18/45 Security problems in Internet, samples October 2002, Scientific American ”9 out of 13 root DNS –servers were crippled by DDoS attack” November 2004, Damages caused by worms/viruses, Mikko Hyppönen/F-Secure Slammer: Intranet of nuclear power plant in Ohio down Bank of America ATM network down Blaster: Electric power network down in NY, USA Several SCADA systems down Sasser: All train traffic halted in Australia Two hospitals in Sweden infected January 2005, FBI/Tsunami ”Net criminals used fake web pages of American Red Cross to get credit card data” September 2006, Scientific American ”Attack on DNS (Domain Name System) allows cybercriminal to hijack ordinary netbanking sessions” January 2007, ”Almost 1 Million € stolen from a Scandinavian bank by a Russian hacker with a trojan distributed with spam mail” ”The biggest so far..” January 2005, BBC News ”Internet gambling hit hard by the attacks. Extortionists are targeting net-based betting firms and threatening to cripple their websites with deluges of data unless a ransom is paid.” May 2007, IT-Viikko ”Attacks on Estonian governmental and commercial net sites”

19 National Defence University, professor Hannu H. Kari Page 19/45 Security problems in Internet, samples DDoS attacks Design flaws DoS, DDoS attacks Criminal intentions Viruses, worms, mallware Criminal intentions DNS attacks Design flaws DoS, DDoS attacks Design flaws Phishing Users’ stupidity Scams Users’ stupidity

20 National Defence University, professor Hannu H. Kari Page 20/45 Why Internet is so buggy?

21 National Defence University, professor Hannu H. Kari Page 21/45 Internet design criterion Primary goals –Multiplexing of channel –Various network archtectures –Administrative boundaries –Packet switching –Gateways (routers) between networks Secondary goals –Robustness (loss of routers and links) –Multiple services (reliable or realtime data) –Usage of various networks –Distributed management –Cost efficient implementation –Simple attachement to network –Resource usage monitoring Based on David D. Clark: ”The Design Philosophy of the DARPA Internet Protocols”

22 National Defence University, professor Hannu H. Kari Page 22/45 Implicit Internet design criterion Silent assumptions –Benevolence –Openness –Low level of dynamicity –No mobility –Limited computation capacity –High cost of crypto algorithms –Limited bandwidth ASSUMPTIONS NOT VALID ANY MORE !!! STILL VALID, IN SOME CASES !!!

23 National Defence University, professor Hannu H. Kari Page 23/45 Modern problems Today we have –Internal problems –Eavesdropping –Packet manipulation –Privacy problems –Viruses –Network criminals –...

24 National Defence University, professor Hannu H. Kari Page 24/45 Internet design flaws Original design principles: The enemy is out there! –”Everybody can send anything to anybody” –Security measures are introduced afterwards The new design principles: The enemy is among us! –We must be prepared to pay for security/reliability in form of computation power, bandwidth, energy, etc. –Strong security as the fundamental building block –Legal sanctions against malevolent entities  Every packet must have an owner!

25 National Defence University, professor Hannu H. Kari Page 25/45 Solution alternatives

26 National Defence University, professor Hannu H. Kari Page 26/45 Four security domains 2. End-to-end secured communication (Data integrity and confidentiality) 3. Content integrity/authenticity/timelyness (information sharing) 1. Reliable operation of the critical network infrastructure PGP, S/MIME Restricted caller groups IPsec, TLS PLA, MPLS, Physical protection 4. Virtual communities (Knowledge sharing)

27 National Defence University, professor Hannu H. Kari Page 27/45 Four security domains 2. End-to-end secured communication (Data integrity and confidentiality) 3. Content integrity/authenticity/timelyness (information sharing) 1. Reliable operation of the critical network infrastructure PGP, S/MIME Restricted caller groups IPsec, TLS Partial solutions: MPLS, Physical protection 4. Virtual communities (Knowledge sharing) GOOD “BRAND” MANAGEMENT IS MOST IMPORTANT

28 National Defence University, professor Hannu H. Kari Page 28/45 Weakest point: Infrastructure Info-bulimia –Flooding, DoS/DDos, Smurf, Sync,... Info-anemia –Link breakage, data corruption, rerouting packet, router attacks, DNS-attacks,...  We don’t get vital information in time  We can’t make decisions or we do decisions with incomplete information  Reliably operating network is a MUST

29 National Defence University, professor Hannu H. Kari Page 29/45 Society and warfighting

30 National Defence University, professor Hannu H. Kari Page 30/45 (R)evolution of War Evolution of societies and their relations with war ? AGRARIAN SOCIETY INDUSTRIALIZED SOCIETY INFORMATION SOCIETY The war is fought for/with/against the most valuable assets of the society VALUE SOCIETY ?

31 National Defence University, professor Hannu H. Kari Page 31/45 The dilemma is that the military have to cope with all the different types of conflict at the same time some of which they are not suited to do. Definition of War and Enemy? Rhizomethic War “WAR” and “ENEMY” in the future?

32 National Defence University, professor Hannu H. Kari Page 32/45 unmanned weapon ? Managing Military Transformation and Future Soldier

33 National Defence University, professor Hannu H. Kari Page 33/45 4 Warfighting strata

34 National Defence University, professor Hannu H. Kari Page 34/45 4 Strata: Physical PHYSICAL GROUND AIR SEASPACE

35 National Defence University, professor Hannu H. Kari Page 35/45 4 Strata: Cyber-space PHYSICAL GROUND AIR SEA SPACE CYBER-SPACE ”INTERNET”

36 National Defence University, professor Hannu H. Kari Page 36/45 4 Strata: Mental PHYSICAL GROUND AIR SEA SPACE CYBER-SPACE ”INTERNET” MENTAL VALUES ATTITUDES BRAND TRUST BELIEVES OPINIONS

37 National Defence University, professor Hannu H. Kari Page 37/45 4 Strata: Time PHYSICAL GROUND AIR SEA SPACE CYBER-SPACE ”INTERNET” MENTAL VALUES ATTITUDES BRAND BELIEVES OPINIONS TIME YESTERDAY NOW TOMORROW 2030

38 National Defence University, professor Hannu H. Kari Page 38/45 OODA-loop

39 National Defence University, professor Hannu H. Kari Page 39/45 Decision making based on OODA- loop OODA-loop by Colonel John Boyd –Model for human decision making Right information delivered to right place at right time

40 National Defence University, professor Hannu H. Kari Page 40/45 OODA-loop WE Others To disturb and slow down To protect and speed up

41 National Defence University, professor Hannu H. Kari Page 41/45 Internal decision making External world Wrong info Old info Missing info Info bulimia Compromized source of info Tender points Attacking decision making process

42 National Defence University, professor Hannu H. Kari Page 42/45 War of values Cultural Traditions ORIENT- phase Genetic Heritage New information Previous experience Analysis & Synthesis OBSERVE- phase DECIDE- phase VALUES

43 National Defence University, professor Hannu H. Kari Page 43/45 Systems of Systems

44 National Defence University, professor Hannu H. Kari Page 44/45 CAP

45 National Defence University, professor Hannu H. Kari Page 45/45 Management of Information Availability (saatavuus) Consistency (eheys/ajankohtaisuus) Privacy (yksityisyys) C&A -P C&P -A A&P -C Pick two out of three (C,A,P) => 3rd is unmanageable

46 National Defence University, professor Hannu H. Kari Page 46/45 NATIONAL DEFENCE UNIVERSITY ”Do the work that has a meaning” Thank you for your Questions? attention!


Download ppt "National Defence University, www.mpkk.fi professor Hannu H. Kari Page 1/45 Attacking Internet … Hannu H. Kari professor, research director National Defence."

Similar presentations


Ads by Google