Embed Size (px)
Citation preview
Internet Vulnerabilities & Criminal Activity
Internet Vulnerabilities & Criminal Activity
Cyber Terrorism and Cyber Warfare
November 14, 2011
Cyber Terrorism and Cyber Warfare
November 14, 2011
Terrorism - FBITerrorism - FBI
“The unlawful use of force and violence against persons or property to intimidate or coerce a government, the civilian population, or any
segment thereof, in furtherance of political or social objectives.”
“The unlawful use of force and violence against persons or property to intimidate or coerce a government, the civilian population, or any
segment thereof, in furtherance of political or social objectives.”
Terrorism - DODTerrorism - DOD
“The unlawful use of, or threatened use, of force or violence against individuals or
property, to coerce and intimidate governments or societies, often to achieve
political, religious or ideological objectives”
“The unlawful use of, or threatened use, of force or violence against individuals or
property, to coerce and intimidate governments or societies, often to achieve
political, religious or ideological objectives”
Terrorism - DOSTerrorism - DOS
“Premeditated, politically motivated violence perpetrated against
noncombatant targets by sub national groups or clandestine agents”
“Premeditated, politically motivated violence perpetrated against
noncombatant targets by sub national groups or clandestine agents”
FBI - Terrorism DescriptionsFBI - Terrorism Descriptions
Domestic or Foreign “Depending on the origin, base, and objectives of the
terrorist organization.” Terrorist Activities
Incident “A violent act or an act dangerous to human life, in violation of the
criminal laws of the United States, or of any state, to intimidate or coerce a government, the civilian population, or any segment thereof, in furtherance of political or social objectives.”
Prevention “A documented instance in which a violent act by a known or
suspected terrorist group or individual with the means and a proven propensity for violence is successfully interdicted through investigative activity.”
Domestic or Foreign “Depending on the origin, base, and objectives of the
terrorist organization.” Terrorist Activities
Incident “A violent act or an act dangerous to human life, in violation of the
criminal laws of the United States, or of any state, to intimidate or coerce a government, the civilian population, or any segment thereof, in furtherance of political or social objectives.”
Prevention “A documented instance in which a violent act by a known or
suspected terrorist group or individual with the means and a proven propensity for violence is successfully interdicted through investigative activity.”
More on TerrorismMore on Terrorism
Political in nature Smaller weaker group vs. larger group No legitimate means of protest Violence against civilians Symbolic targets Designed to provoke response Aimed at larger audience
Political in nature Smaller weaker group vs. larger group No legitimate means of protest Violence against civilians Symbolic targets Designed to provoke response Aimed at larger audience
What Makes a Terrorist?What Makes a Terrorist?
A disaffected individual
An enabling group
A legitimizing ideology
A disaffected individual
An enabling group
A legitimizing ideology
Terrorist GoalsTerrorist Goals
Leadership
Long-term goals
Political change
Leadership
Long-term goals
Political change
Followers
Short-term goals
Revenge
Renown
Reaction
Followers
Short-term goals
Revenge
Renown
Reaction
Terrorism MatrixTerrorism Matrix
People (or groups)
Locations (of perpetrators, facilitators, victims)
Methods/modes of action
Tools
Targets
Affiliations
Motivations
People (or groups)
Locations (of perpetrators, facilitators, victims)
Methods/modes of action
Tools
Targets
Affiliations
Motivations
Terrorism Matrix ITerrorism Matrix I
Cyber TerrorismCyber Terrorism
"The premeditated, politically motivated attack against information, computer systems, computer
programs, and data which result in violence against noncombatant targets by sub-national
groups or clandestine agents”
FBI
"The premeditated, politically motivated attack against information, computer systems, computer
programs, and data which result in violence against noncombatant targets by sub-national
groups or clandestine agents”
FBI
Is Cyber Terrorism Really Terrorism?
Is Cyber Terrorism Really Terrorism?
Terrorist Matrix IITerrorist Matrix II
Worst Cyber Terrorism Attack to Date
Worst Cyber Terrorism Attack to Date
September 11, 2001September 11, 2001
Cyber Terrorism - DynamicsCyber Terrorism - Dynamics
Three types of attacks Physical
Conventional Weapons Syntactic
Malware Semantic
More subtle approach Errors & unpredictable results Attack user’s confidence in the system
Three types of attacks Physical
Conventional Weapons Syntactic
Malware Semantic
More subtle approach Errors & unpredictable results Attack user’s confidence in the system
Cyber Terrorism - StepsCyber Terrorism - Steps
Reconnaissance Gain detailed information about target Social engineering, dumpster diving
Scanning Determine targets computer software & network
organization
Gaining access Take over the target Stolen passwords, network vulnerabilities
Reconnaissance Gain detailed information about target Social engineering, dumpster diving
Scanning Determine targets computer software & network
organization
Gaining access Take over the target Stolen passwords, network vulnerabilities
Cyber Terrorism - Steps cont.Cyber Terrorism - Steps cont.
Maintaining access Allow further access Rootkits and backdoors
Covering tracks Maintain control Gather further intelligence
Maintaining access Allow further access Rootkits and backdoors
Covering tracks Maintain control Gather further intelligence
Cyber Terrorism - Potential EffectsCyber Terrorism - Potential Effects
Targets Water supplies Electrical power supplies Emergency services Telecommunications systems Transportation systems Banking & financial systems Government
Targets Water supplies Electrical power supplies Emergency services Telecommunications systems Transportation systems Banking & financial systems Government
Countering Cyber TerrorismCountering Cyber Terrorism
Raise security levels in the private sectors Communication & coordination systems in the
private sector Communication & coordination systems in
government Establish emergency response plans Promote research & development Add & revise legislation Promote international cooperation
Raise security levels in the private sectors Communication & coordination systems in the
private sector Communication & coordination systems in
government Establish emergency response plans Promote research & development Add & revise legislation Promote international cooperation
How Terrorist Use the InternetHow Terrorist Use the Internet
Propaganda
Recruitment
Information storage
Communications
Funding
Propaganda
Recruitment
Information storage
Communications
Funding
Terrorist Web SitesTerrorist Web Sites
Google MapsGoogle Maps
CyberwarfareCyberwarfare
“The use of computers and the Internet in conducting warfare in
cyberspace”
“The use of computers and the Internet in conducting warfare in
cyberspace”
Attack Target Category Target Sub-Category Attacker*
Siberian Pipeline Explosion
Resources Physical Damage United States
Kosovo War Resources Disruption United States
Moonlight Maze Data Espionage (Intelligence)
Russia
Hainan Spy Plane Resources Disruption China
Titan Rain (China) Data Espionage (Intelligence)
China
Estonia Resources Disruption Russia
Israel vs. Syrian Missile Defense
Resources Disruption Israel
South Ossetia War (Georgia)
Resources Disruption Russia
Israel vs. Hamas Resources Disruption Israel & Hamas
GhostNet Data Espionage (Intelligence)
China
North Korea Resources Disruption North Korea
Operation Aurora Data Espionage (Intellectual Property)
China
Stuxnet Worm (Iran) Resources Physical Damage Israel (U. S.)
Cyberwarfare QuestionsCyberwarfare Questions
Will we know who did it? Can retaliators hold assets at risk? Can they do so repeatedly? Can cyberattacks disarm cyberattackers? Will third parties stay out of the way? Might retaliation send the wrong message? Can states set thresholds for response? Can escalation be avoided?
Will we know who did it? Can retaliators hold assets at risk? Can they do so repeatedly? Can cyberattacks disarm cyberattackers? Will third parties stay out of the way? Might retaliation send the wrong message? Can states set thresholds for response? Can escalation be avoided?
Most likely use of cyber terrorism, and cyber warfare
Most likely use of cyber terrorism, and cyber warfare
In tandem with a physical attack.In tandem with a physical attack.
