T O C Hackers Terminology Cyber attacks in 2012 (so far…) Nations Conflict Cyber Motives Characteristics of CyberCrime DEMO – Client Side Attacks
The Hacker Terminology Layer I The best of the best Ability to find Vulnerabilities Ability to write exploit code and tools to override security measures Layer II IT Savvy Ability to write scripts Understand vulnerability and how they work Layer III Script Kiddie Ability to download tools from the internet Don’t have knowledge or willing to understand technology
Cyber Attacks Cyber attacks accompany physical attac ks (Stuxnet) Cyber attacks are increasing in volume, sophistication, and coordination Cyber attacks are attracted to high-value targets (Sony, stratfort, Special Forces, CIA, FBI etc.)
Physical Conflicts and Cyber Att acks The Pakistan/India Conflict The Israel/(Palestinian, Turkish) Conflict The Former Republic of Yugoslavia (FRY)/NATO Conflict in Kosovo The U.S. – China Surveillance Plane Incident The Turkish/France Conflict
Cyber Threats Against users, system administrators, hardware and software manufacturers. Against documentation which includes confidential user information for hardware and software, administrative procedures, and policy documents, supplies that include paper and even printer cartridges A cyber threats is an intended or unintended illegal activity, an unavoidable or inadvertent event that has the potential or could lead to unpredictable, unintended, and adverse consequences on a cyberspace resource.
Most cyber attacks can be put in one of the following categories: Natural or Inadvertent attack – including things like accidents originating from natural disaster like fire, floods, windstorms, and they usually occur very quickly without warning, and are beyond human capacity, often causing serious damage Human blunders, errors, and omissions – including things like unintentional human actions Intentional Threats like illegal or criminal acts from either insiders or outsiders, recreational hackers, and criminal
Types of e-attacks: Penetration Attack Type -involves breaking into a system using known security vulnerabilities to gain access to any cyberspace resource – ○ There is steady growth of these attacks – see the CERT Denial of Service Attacks – they affect the system through diminishing the system’s ability to function, capable of bringing a system down without destroying its resources.
Motives of E-attacks Revenge Joke/Hoax/Prank The Hacker's Ethics Terrorism Political and Military Espionage Business ( Competition) Espionage Hate (national origin, gender, and race) Personal gain/Fame/Fun/Notoriety Ignorance
Potential Cyber Attacks Unauthorized Intrusions Defacements Domain Name Server Attacks Distributed Denial of Service Attacks Computer Worms – Zeus, Stuxnet Routing Operations Critical Infrastructures Compound Attacks
Critical Infrastructures Critical infrastructures include gas, power, water, b anking and finance, transportation, communications All dependent to some degree on information systems Insider threat - specialized skills Network attack – default passwords, unprotected device, un updated system.
Topography of Attacks One-to-One One-to-Many Many-to-One Many-to-Many Analysis of the motives and reasons why such attacks occur. Study the most current security threats.
Vulnerability Types Computer based Poor passwords Lack of appropriate protection/or improperly configured protection Network based Unprotected or unnecessary open entry points Personnel based Temporary/staff firings Disgruntled personnel Lack of training Facility based Servers in unprotected areas Inadequate security policies
How to handle cyber threat System-Aware Cyber Security Architecture Addresses supply chain and insider threats Embedded into the system to be protected Includes physical systems as well as information systems Requires system engineering support tools for evaluating architectures factors To facilitate reusability requires establishment of candidate Design Pattern Templates and initiation of a design library Security Design System Impact Analyses