Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cyber Warfare Case Study: Estonia

Published byJanis Neal Modified over 8 years ago

Similar presentations

Presentation on theme: "Cyber Warfare Case Study: Estonia"— Presentation transcript:

1 Cyber Warfare Case Study: Estonia
Jill Wiebke April 5, 2012

2 What is Cyber Warfare? Cyber warfare “is a combination of computer network attack and defense and special technical operations” (IEEE) 8 Principles: Lack of physical limitations Identity & privileges Kinetic effects Dual use Stealth Infrastructure control Mutability & inconsistency Information as operational environment Lack of physical limitations: the effectiveness of the attack has nothing to do with where in the world it originates Kinetic effects: an act of cyber warfare must have kinetic effects (electricity, water, change minds of decision-makers) – otherwise it is meaningless Stealth: hiding in cyberspace is/may be easier than in reality; hide evidence in data streams Mutability & inconsistency: cyberspace is imperfect, inconsistent, things may not happen the same way twice; unreliable – a step in an attack may not always work, or attacks not expected to succeed do Identity & privileges: everything is controlled by people (cyberspace is artificial, created by humans); goal of most attacks is to steal identity and privs of the entity that has the ability to perform the action the attacker wants to perform Dual use: attackers and defenders use same tools (vulnerability scanners, packet captures, etc.) Infrastructure control: whoever controls the part of cyberspace used by the opponent also control the opponent Information as operational environment: communication connections, network maps, etc. is the operational environment (as opposed to terrain, weather, etc. for kinetic warfare)

3 Things to Consider… Malicious cyber activity: crime, espionage, terrorism, attacks, warfare Classifications are made by intentions of perpetrator and effect of the act Definition of cyber attack is inconsistent “Easy” to change levels during an attack – difficult to determine the severity of the attack before it has ended Some say cyber attacks are a combo of cyber terrorism and cyber warfare, some say it should be its own cyber malicious event

4 Case Study: Estonia Baltic territory Capital: Tallinn
Independence in 1918 Forced into the USSR in 1940 Regained freedom in 1991, Russian troops left in 1994 Joined UN in 2001, and NATO and EU in 2004 Known as an “e-society,” paperless government, electronic voting, etc.

5 Attacks on Estonia Who: That’s the real question, isn’t it?
What: Distributed denial of service (DDoS) attacks on government, banks, corporate websites; website defacement When: April 27, 2009 – May 18, 2007 Where: Estonia Why: Another good question… How: Well-known attack types, but “unparalleled in size;” hundreds of thousands of attack computers Rain Ottis, Cooperative Cyber Defence Centre of Excellence, Tallinn, Estonia

6 Attack Progression April 27: Estonian government websites shut down from traffic, defaced April 30: Estonia began blocking Web addresses ending in .ru Increased attack sophistication; targets now included media websites attacked by botnets 1 million computers were unwittingly employed to deploy botnets in US, China, Vietnam, Egypt, Peru May 1: Estonian ISPs under attack May 9: Russian victory in WWII – new wave of attacks at Russian midnight May 10: Banks are attacked

7 Details Estonia had just decided to relocate a Soviet WWII memorial
Large, well-organized, well-targeted attacks – not spontaneous – began hours after the memorial was relocated Malicious traffic indicated political motivation and Russian language background Instructions for attacking websites were posted in Russian language forums including when, what, and how to attack Did not accuse Russian government (not enough evidence), but attacks are believed to have originated in Moscow IP addresses of attackers belong to Russian presidential administration Russian officials denied any involvement; IPs could have been spoofed

8 Effects of the Attacks One person has been convicted – student in Estonia organized a DDoS attack on the website of an Estonian political party NATO enhanced its “cyber-war capabilities” Created a “cyber defense research center in Tallinn in 2008” Cyber Command – Full Operating Capability on Oct 31, 2010

9 Other Cyber Attack Examples
Georgia DDOS attacks coincided with Russian invasion in August 2008 Stuxnet Worm that targets industrial control systems Infected Iranian nuclear facilities Titan Rain Suspected Chinese attacks on the US since 2003 “Nearly disrupted power on the West Coast” Security breaches at defense contracting companies (Duke article) Mention Anonymous

10 Magnitude of Cyber Warfare
Attribution Nation-state actors Non-state actors “Hired guns” Trails end at an ISP New territory – no rules/standards Legal territory issues International laws do not exist yet Crime of Aggression definition Impacts Non-state actors: individuals or groups like Anonymous, learn online Independent companies for hire to conduct cyber attacks -> large copyright holders (Sony & Universal) hire independent companies to direct cyber attacks (DDOS) against people using file sharing software that is suspected to be sharing their copyrighted material. Could be done also be governments ISP trail: attacker may be ISP subscriber, or attack may have been routed through the ISP International laws: Territory: No geographic limitations, packets sent from point A to point B may not take the same route; example: during Georgian attacks, many Georgian websites moved to US servers. The server was in the US, but the “cyberspace” belonged to Georgia

11 Glimpse at Cyber Warfare Future
The US heavily relies on cyber networks, so a cyber attack could be highly detrimental Physical impacts Disable water purification systems Turn of electricity Misrouting planes/trains Opening dams Melting nuclear reactors Communication network impacts Stock market manipulations Wireless Internet access outages Duke article

12 Why SAs Should Care Cyber attacks are increasing in threats, frequency, and intensity Targets range from government entities, banks, corporations, to private businesses We are the “cyber warriors” and “network ninjas” that will be dealing with the effects of cyber warfare

13 References msl1.mit.edu/furdlog/docs/washpost/ _washpost_estonia_cyberattacked.pdf ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber= &tag=1

Download ppt "Cyber Warfare Case Study: Estonia"

Similar presentations

Cyber Crime and Technology

Cyber Crime and Technology
James D. Brown Chief Engineer and Senior Fellow Information Resource Management L-3 Communications.

James D. Brown Chief Engineer and Senior Fellow Information Resource Management L-3 Communications.
DoS Attacks ..by Aleksei Zaitsenkov.

DoS Attacks ..by Aleksei Zaitsenkov.
Cyberspace - A Global Battlespace? Joel Ebrahimi Solutions Architect Bivio Networks, Inc.

Cyberspace - A Global Battlespace? Joel Ebrahimi Solutions Architect Bivio Networks, Inc.
© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.

© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.
Classification The Threat Environment Joyce Corell, NCSC Assistant Director for Supply Chain National Defense Industrial Association Global Supply Chain.

Classification The Threat Environment Joyce Corell, NCSC Assistant Director for Supply Chain National Defense Industrial Association Global Supply Chain.
 Someone who exercises playful ingenuity  Misusers of the internet who try to obtain or corrupt information; people who try to prevent it.

 Someone who exercises playful ingenuity  Misusers of the internet who try to obtain or corrupt information; people who try to prevent it.
Cyber Conflict Research Rain Ottis 5.05.2015 UNCLASSIFIED.

Cyber Conflict Research Rain Ottis UNCLASSIFIED.
The shadow war: What policymakers need to know about cybersecurity Eric Miller Vice President, Policy, Innovation, and Competitiveness Canadian Council.

The shadow war: What policymakers need to know about cybersecurity Eric Miller Vice President, Policy, Innovation, and Competitiveness Canadian Council.
DoD and Cyber-Terrorism Eric Fritch CPSC 620. What is cyber-terrorism? The premeditated, politically motivated attack against information, computer systems,

DoD and Cyber-Terrorism Eric Fritch CPSC 620. What is cyber-terrorism? "The premeditated, politically motivated attack against information, computer systems,
PEOPLE’S REPUBLIC OF HACKING By: Lani N, Ashley R, Michael R, Gregory R.

PEOPLE’S REPUBLIC OF HACKING By: Lani N, Ashley R, Michael R, Gregory R.
CYBERSPACE A Global War-fighting Domain Every minute of every day, Airmen in the United States Air Force are flying and fighting in cyberspace.

CYBERSPACE A Global War-fighting Domain Every minute of every day, Airmen in the United States Air Force are flying and fighting in cyberspace.
Information Security Overview in the Israeli E-Government April 2010 Ministry of Finance – Accountant General E-government Division.

Information Security Overview in the Israeli E-Government April 2010 Ministry of Finance – Accountant General E-government Division.
Rob Gaston 04/04/2013 CIS 150. Cyber Warfare  U.S. government security expert Richard A. Clarke, Cyber War (May 2010): cyber warfare is actions by.

Rob Gaston 04/04/2013 CIS 150. Cyber Warfare  U.S. government security expert Richard A. Clarke, Cyber War (May 2010): "cyber warfare" is "actions by.
Assessing Actions Along the Spectrum of Cyberspace Operations

Assessing Actions Along the Spectrum of Cyberspace Operations
Lecture Materials for the John Wiley & Sons book: Cyber Security: Managing Networks, Conducting Tests, and Investigating Intrusions May 16, 2015 DRAFT1.

Lecture Materials for the John Wiley & Sons book: Cyber Security: Managing Networks, Conducting Tests, and Investigating Intrusions May 16, 2015 DRAFT1.
Cyber-Warfare Analyzed by: Josh Burleson Brian Epp Chrissy Miller Martin Vanis “Cyber attacks…is not in any way comparable to weapons of mass destruction.

Cyber-Warfare Analyzed by: Josh Burleson Brian Epp Chrissy Miller Martin Vanis “Cyber attacks…is not in any way comparable to weapons of mass destruction.
HALDEBIQUE Geoffroy ROYER Johan  Crime motivated attacks  Hacktivism  Cyber Warfare.

HALDEBIQUE Geoffroy ROYER Johan  Crime motivated attacks  Hacktivism  Cyber Warfare.
The Cyber Dimension of Warfare Col (Ret) Vasili Gogoladze, Georgia, Col (Ret) Vasili Gogoladze, Georgia, Former Director of GSCIA of Georgia Russian Aggression.

The Cyber Dimension of Warfare Col (Ret) Vasili Gogoladze, Georgia, Col (Ret) Vasili Gogoladze, Georgia, Former Director of GSCIA of Georgia Russian Aggression.
McGraw-Hill/Irwin Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. Extended Learning Module H Computer Crime and Digital Forensics.

McGraw-Hill/Irwin Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. Extended Learning Module H Computer Crime and Digital Forensics.

Similar presentations

Ads by Google