Presentation is loading. Please wait.

Presentation is loading. Please wait.

Jacky Altal. T O C  Hackers Terminology  Cyber attacks in 2012 (so far…)  Nations Conflict  Cyber Motives  Characteristics of CyberCrime  DEMO –

Similar presentations


Presentation on theme: "Jacky Altal. T O C  Hackers Terminology  Cyber attacks in 2012 (so far…)  Nations Conflict  Cyber Motives  Characteristics of CyberCrime  DEMO –"— Presentation transcript:

1 Jacky Altal

2 T O C  Hackers Terminology  Cyber attacks in 2012 (so far…)  Nations Conflict  Cyber Motives  Characteristics of CyberCrime  DEMO – Client Side Attacks

3  The Hacker Terminology Layer I  The best of the best  Ability to find Vulnerabilities  Ability to write exploit code and tools to override security measures Layer II  IT Savvy  Ability to write scripts  Understand vulnerability and how they work Layer III  Script Kiddie  Ability to download tools from the internet  Don’t have knowledge or willing to understand technology

4 Cyber Attacks  Cyber attacks accompany physical attac ks (Stuxnet)  Cyber attacks are increasing in volume, sophistication, and coordination  Cyber attacks are attracted to high-value targets (Sony, stratfort, Special Forces, CIA, FBI etc.)

5 Cyber Attacks

6

7

8

9

10

11

12 Physical Conflicts and Cyber Att acks  The Pakistan/India Conflict  The Israel/(Palestinian, Turkish) Conflict  The Former Republic of Yugoslavia (FRY)/NATO Conflict in Kosovo  The U.S. – China Surveillance Plane Incident  The Turkish/France Conflict

13 Cyber Threats Against users, system administrators, hardware and software manufacturers. Against documentation which includes confidential user information for hardware and software, administrative procedures, and policy documents, supplies that include paper and even printer cartridges  A cyber threats is an intended or unintended illegal activity, an unavoidable or inadvertent event that has the potential or could lead to unpredictable, unintended, and adverse consequences on a cyberspace resource. 

14  Most cyber attacks can be put in one of the following categories: Natural or Inadvertent attack – including things like accidents originating from natural disaster like fire, floods, windstorms, and they usually occur very quickly without warning, and are beyond human capacity, often causing serious damage Human blunders, errors, and omissions – including things like unintentional human actions Intentional Threats like illegal or criminal acts from either insiders or outsiders, recreational hackers, and criminal

15  Types of e-attacks: Penetration Attack Type -involves breaking into a system using known security vulnerabilities to gain access to any cyberspace resource – ○ There is steady growth of these attacks – see the CERT Denial of Service Attacks – they affect the system through diminishing the system’s ability to function, capable of bringing a system down without destroying its resources.

16  Motives of E-attacks Revenge Joke/Hoax/Prank The Hacker's Ethics Terrorism Political and Military Espionage Business ( Competition) Espionage Hate (national origin, gender, and race) Personal gain/Fame/Fun/Notoriety Ignorance

17  Potential Cyber Attacks Unauthorized Intrusions Defacements Domain Name Server Attacks Distributed Denial of Service Attacks Computer Worms – Zeus, Stuxnet Routing Operations Critical Infrastructures Compound Attacks

18  Critical Infrastructures Critical infrastructures include gas, power, water, b anking and finance, transportation, communications All dependent to some degree on information systems Insider threat - specialized skills Network attack – default passwords, unprotected device, un updated system.

19  Topography of Attacks One-to-One One-to-Many Many-to-One Many-to-Many  Analysis of the motives and reasons why such attacks occur.  Study the most current security threats.

20  Vulnerability Types  Computer based Poor passwords Lack of appropriate protection/or improperly configured protection  Network based Unprotected or unnecessary open entry points  Personnel based Temporary/staff firings Disgruntled personnel Lack of training  Facility based Servers in unprotected areas Inadequate security policies

21  DEMO – Client Side Attack

22  The dark net / dark side of the internet

23

24

25

26

27 How to handle cyber threat  System-Aware Cyber Security Architecture Addresses supply chain and insider threats Embedded into the system to be protected Includes physical systems as well as information systems  Requires system engineering support tools for evaluating architectures factors  To facilitate reusability requires establishment of candidate Design Pattern Templates and initiation of a design library Security Design System Impact Analyses

28 THANKS FOR LISTENNING


Download ppt "Jacky Altal. T O C  Hackers Terminology  Cyber attacks in 2012 (so far…)  Nations Conflict  Cyber Motives  Characteristics of CyberCrime  DEMO –"

Similar presentations


Ads by Google