Presentation is loading. Please wait.

Presentation is loading. Please wait.

Assessing Actions Along the Spectrum of Cyberspace Operations

Published byAudra Bryan Modified over 9 years ago

Similar presentations

Presentation on theme: "Assessing Actions Along the Spectrum of Cyberspace Operations"— Presentation transcript:

1 Assessing Actions Along the Spectrum of Cyberspace Operations
Unclassified Assessing Actions Along the Spectrum of Cyberspace Operations Presented by USCYBERCOM/JA This presentation does not necessarily reflect the position of the US Government. Unclassified

2 Spectrum of Cyber Operations
Unclassified Spectrum of Cyber Operations Access Operations Digital intelligence (e.g., stealthy implant) Cyber Disruption Cyber Attack Use of force Physical damage or destruction Physical injury or death Interrupt the flow of information or function of information systems Change, delete, manipulate data, (e.g., changing a word in a document); Modify software to cause system glitches, (e.g., causing a reboot or causing a file to close); Disrupting communications, or command and control (e.g. blocking s, web forums, telephone communication) Very stealthy Less stealthy Unclassified

3 Spectrum of Cyber Operations
Unclassified Spectrum of Cyber Operations With that background, we will discuss several real world and exercise examples of cyber operations to determine where they fall on the spectrum of cyber operations Access Operations Digital intelligence (e.g., stealthy implant) Cyber Disruption Cyber Attack Use of force Physical damage or destruction Physical injury or death Interrupt the flow of information or function of information systems without physical damage or injury Very stealthy Less stealthy Unclassified

4 Spectrum of Cyber Operations
Unclassified Spectrum of Cyber Operations Cyber Attack Physical damage to property or injury to persons Access Operations Digital intelligence (e.g., stealthy implant) Cyber Disruption Interrupt the flow of information or function of information systems Operation Buckshot Yankee Implant Code embedded in flash drive Downloaded when inserted into computer (Ran code to enable exfiltration) Very stealthy Less stealthy Unclassified

5 Spectrum of Cyber Operations
Unclassified Spectrum of Cyber Operations Cyber Attack Physical damage to property or injury to persons Access Operations Digital intelligence (e.g., stealthy implant) Cyber Disruption Interrupt the flow of information or function of information systems Change Data with No Physical Damage to Gain Access Erase admin logs Cause reboot to upload or activate program Install program Very stealthy Less stealthy Unclassified

6 Spectrum of Cyber Operations
Unclassified Spectrum of Cyber Operations Cyber Attack Physical damage to property or injury to persons Access Operations Digital intelligence (e.g., stealthy implant) Cyber Disruption Interrupt the flow of information or function of information systems Cyber Shock Wave—Move One Malware downloaded to cell phones during basketball game Designed to spread to linked computers Botnet ready to order Very stealthy Less stealthy Unclassified

7 Spectrum of Cyber Operations
Unclassified Spectrum of Cyber Operations Cyber Attack Physical damage to property or injury to persons Access Operations Digital intelligence (e.g., stealthy implant) Cyber Disruption Interrupt the flow of information or function of information systems Small scale Denial of Service against Non-Government Adversary Block adversary publication of a magazine or pamphlets (e.g. Inspire) Block communications Block access to website Very stealthy Less stealthy Unclassified t

8 Spectrum of Cyber Operations
Unclassified Spectrum of Cyber Operations Cyber Attack Physical damage to property or injury to persons Access Operations Digital intelligence (e.g., stealthy implant) Cyber Disruption Interrupt the flow of information or function of information systems Delete or Change Data of Non-Govermental Adversary (with no physical damage or injury to persons) Delete web documents or files from computer Change information in articles or propaganda Manipulate information to render instructions ineffective Change location of tactical rendezvous Very stealthy Less stealthy Unclassified t

9 Spectrum of Cyber Operations
Unclassified Spectrum of Cyber Operations Cyber Attack Physical damage to property or injury to persons Access Operations Digital intelligence (e.g., stealthy implant) Cyber Disruption Interrupt the flow of information or function of information systems Operation Aurora Access to systems of Google and more than 20 other companies, including web security, defense industry Google attributed to China Politburo officials and assisting organizations Actions lasted several months Data stolen Security codes modified Very stealthy Less stealthy Unclassified

10 Spectrum of Cyber Operations
Unclassified Spectrum of Cyber Operations Cyber Attack Physical damage to property or injury to persons Cyber Disruption Interrupt the flow of information or function of information systems Access Operations Digital intelligence (e.g., stealthy implant) U.S. and South Korea 2009 27 Government and commercial sites hit with a denial of service Estimated over 50K+ computers in botnet sending requests Targeted NY Stock Exchange, NASDAQ, Yahoo financial, Dept of Transportation, Treasury, FTC, White House, Secret Service DDOS lasted from hours to a few days Very stealthy Less stealthy Unclassified

11 Spectrum of Cyber Operations
Unclassified Spectrum of Cyber Operations Cyber Attack Physical damage to property or injury to persons Cyber Disruption Interrupt the flow of information or function of information systems Access Operations Digital intelligence (e.g., stealthy implant) Estonia 2007 Intermittent DDOS against government and businesses over the course of a month Botnets used; actions transited over 170 countries Online banking down for most of the month Government unable to send s for days at a time Data changed on websites including defacement and propaganda Primarily economic impact and degraded communications Very stealthy Less stealthy Unclassified

12 Spectrum of Cyber Operations
Unclassified Spectrum of Cyber Operations Cyber Attack Physical damage to property or injury to persons Cyber Disruption Interrupt the flow of information or function of information systems Access Operations Digital intelligence (e.g., stealthy implant) Estonia 2007 NOTE: Estonia and NATO stated these actions did not constitute a use of force We may consider actions less than Estonia as less than a use of force Many cyber disruption actions fall below this threshold (Month long DDOS against banking, government web-sites, communication) Very stealthy Less stealthy Unclassified

13 Spectrum of Cyber Operations
Unclassified Spectrum of Cyber Operations Cyber Attack Physical damage to property or injury to persons Access Operations Digital intelligence (e.g., stealthy implant) Cyber Disruption Interrupt the flow of information or function of information systems Cyber Shock Wave—Move 2 Botnet spread through malware-generated s Civilian SCADA outage with no physical damage 40 Million lost electricity in Eastern U.S. for hours to days 60 Million lost cell phone access for days Wall Street down for 1 week Very stealthy Less stealthy Unclassified

14 Spectrum of Cyber Operations
Unclassified Spectrum of Cyber Operations Cyber Attack Physical damage to property or injury to persons Access Operations Digital intelligence (e.g., stealthy implant) Cyber Disruption Interrupt the flow of information or function of information systems Cyber Storm SCADA outage with no physical damage Affects Government and critical infrastructure Air Traffic Control lost for limited period Loss of government communications for days D.C. Metro shut down for days Gray area: may be viewed as attack depending on severity Very stealthy Less stealthy Unclassified

15 Spectrum of Cyber Operations
Unclassified Spectrum of Cyber Operations Cyber Attack Physical damage to property or injury to persons Cyber Disruption Interrupt the flow of information or function of information systems Access Operations Digital intelligence (e.g., stealthy implant) Stuxnet Precision-Effect Code infiltrated Iran’s nuclear facilities for uranium enrichment Cyber code altered rotation speed of centrifuges Over 1000 centrifuges damaged Very stealthy Less stealthy Unclassified

16 Spectrum of Cyber Operations
Unclassified Spectrum of Cyber Operations Cyber Attack Physical damage to property or injury to persons Access Operations Digital intelligence (e.g., stealthy implant) Cyber Disruption Interrupt the flow of information or function of information systems Deleting or Manipulating Data (causing physical damage and injury) Alter subway data to cause trains to collide Altering flight paths causing planes to collide Altering or deleting information in medical and pharmaceutical records causing serious illness and death when patients treated Very stealthy Less stealthy Unclassified

17 Spectrum of Cyber Operations
Unclassified Spectrum of Cyber Operations Cyber Attack Physical damage to property or injury to persons Cyber Disruption Interrupt the flow of information or function of information systems Access Operations Digital intelligence (e.g., stealthy implant) Cyber Attack During Conflict Damage command and control systems Cause in-flight failure on military aircraft Cause detonation at military fuel depot Very stealthy Less stealthy Unclassified

18 Spectrum of Cyber Operations
Unclassified Spectrum of Cyber Operations Ping, Map or Probe Buckshot Yankee CSW Move One Implant malware Create botnet Degrade Service or access to info Delete or change adversary data with no phys. damage or injury US/ROK DDOS with minor impact Estonia Govt & Banking down for most of a month Cyber Shock Wave SCADA outage with no physical damage Primarily private systems Cyber Storm SCADA outage with no physical damage Effected Govt & critical systems Change Data Causes injury or damage Stuxnet Damage centri-fuges Erase logs Install code Attack in conflict Destroy C2, fuel, planes, ships China & Google Cyber Disruption Interrupt the flow of information or function of information systems without physical damage or injury Cyber Attack Physical damage to property or injury to persons Access Operations Digital intelligence (e.g., stealthy implant) Very stealthy Less stealthy Unclassified

Download ppt "Assessing Actions Along the Spectrum of Cyberspace Operations"

Similar presentations

(Distributed) Denial of Service Nick Feamster CS 4251 Spring 2008.

(Distributed) Denial of Service Nick Feamster CS 4251 Spring 2008.
K-State IT Security Training Ken Stafford CIO and Vice Provost for IT Services Harvard Townsend Chief Information Security Officer

K-State IT Security Training Ken Stafford CIO and Vice Provost for IT Services Harvard Townsend Chief Information Security Officer
Cyberspace - A Global Battlespace? Joel Ebrahimi Solutions Architect Bivio Networks, Inc.

Cyberspace - A Global Battlespace? Joel Ebrahimi Solutions Architect Bivio Networks, Inc.
© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.

© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.
Cyber Conflict Research Rain Ottis 5.05.2015 UNCLASSIFIED.

Cyber Conflict Research Rain Ottis UNCLASSIFIED.
Revision from last week  Assumptions are potential failure points in a project. They need to be monitored and managed. At the start of the project they.

Revision from last week  Assumptions are potential failure points in a project. They need to be monitored and managed. At the start of the project they.
DoD and Cyber-Terrorism Eric Fritch CPSC 620. What is cyber-terrorism? The premeditated, politically motivated attack against information, computer systems,

DoD and Cyber-Terrorism Eric Fritch CPSC 620. What is cyber-terrorism? "The premeditated, politically motivated attack against information, computer systems,
Viruses,Hacking and Backups By Grace Mackay 8K Viruses Hacking and Hackers Backups.

Viruses,Hacking and Backups By Grace Mackay 8K Viruses Hacking and Hackers Backups.
CYBERSPACE A Global War-fighting Domain Every minute of every day, Airmen in the United States Air Force are flying and fighting in cyberspace.

CYBERSPACE A Global War-fighting Domain Every minute of every day, Airmen in the United States Air Force are flying and fighting in cyberspace.
Rob Gaston 04/04/2013 CIS 150. Cyber Warfare  U.S. government security expert Richard A. Clarke, Cyber War (May 2010): cyber warfare is actions by.

Rob Gaston 04/04/2013 CIS 150. Cyber Warfare  U.S. government security expert Richard A. Clarke, Cyber War (May 2010): "cyber warfare" is "actions by.
Computer Security Fundamentals

Computer Security Fundamentals
Australia and Cyber Warfare by Ian Dudgeon A presentation to the AIIA Queensland Branch 14 June 2011.

Australia and Cyber Warfare by Ian Dudgeon A presentation to the AIIA Queensland Branch 14 June 2011.
A Cyber Security Company June 16, 2009 Cyber Security: Current Events and White House Cyberspace Policy Review.

A Cyber Security Company June 16, 2009 Cyber Security: Current Events and White House Cyberspace Policy Review.
South Carolina Cyber.

South Carolina Cyber.
AVG- Protecting those who are vulnerable.  Free Anti-Virus Software ◦ J.R. Smith President of AVG oversees a lineup of antivirus products used by 110.

AVG- Protecting those who are vulnerable.  Free Anti-Virus Software ◦ J.R. Smith President of AVG oversees a lineup of antivirus products used by 110.
Emerging Trends: Cyber Threats Bryan Sheppard Cyber Security Defense Center.

Emerging Trends: Cyber Threats Bryan Sheppard Cyber Security Defense Center.
Mod H-1 Examples of Computer Crimes. Mod H-2 Stuxnet.

Mod H-1 Examples of Computer Crimes. Mod H-2 Stuxnet.
Welcome to New Hire Orientation Information Security

Welcome to New Hire Orientation Information Security
Wars Games By: Chris Hill. What is a Cyberwar? Cyberwar is a type of warfare that is all electronic attach instead of a physical attack which involves.

Wars Games By: Chris Hill. What is a Cyberwar? Cyberwar is a type of warfare that is all electronic attach instead of a physical attack which involves.
Network Security of The United States of America By: Jeffery T. Pelletier.

Network Security of The United States of America By: Jeffery T. Pelletier.

Similar presentations

Ads by Google