Introduction and Preparing for Attacks

Download Report

Transcript Introduction and Preparing for Attacks

Introduction and Preparing for
Attacks
Information Warfare - 1
1
Purpose of the Course
This course is concerned with strategy and
tactics as applied to the defense of
information. The focus of the course is
defending computer networks and hosts
against attack, including both recognition
and response to attacks.
Information Warfare - 1
2
Texts
• Know Your Enemy, Honeynet Project
(Enemy)
• The Art of War, Sun Tzu (Griffith
Translation), or use text from Internet:
http://classics.mit.edu/Tzu/artwar.1b.txt
(Sun)
Information Warfare - 1
3
Grading
• 20% (each) two graded homeworks
• 60% Final Paper
(Topic related to Information Warfare,
Submit paragraph-length proposal by 3/21)
• Joint work to understand allowed
• Work for submission is to be individual
unless otherwise approved
Information Warfare - 1
4
Preparing for Conflict
Sun Tzu said: The art of war is of vital
importance to the State. It is a matter of life
and death, a road either to safety or to ruin.
Hence it is a subject of inquiry which can on
no account be neglected.
• Why information warfare?
Information Warfare - 1
5
Information Warfare
“Information warfare is the offensive and defensive
use of information and information systems to
deny, exploit, corrupt, or destroy, an adversary's
information, information-based processes,
information systems, and computer-based
networks while protecting one's own. Such actions
are designed to achieve advantages over military
or business adversaries.”
Dr. Ivan Goldberg
Information Warfare - 1
6
Why look at Information Warfare?
• Most intruder activity is not information warfare
– Cyber-vandalism
– Cyber-crime
• Advanced intruders are becoming more
commercial
– Financial targets
– Hack-for-hire
– Hack-for-sales (e.g., spamming)
Information Warfare - 1
7
Why look at Information Warfare - 2
• Advanced intruders are becoming more strategic
– Deniability
– Stealthy communication / exploit
– Attack through intermediates
• Defense needs to be more strategic
– Avoid time-consumptive response where possible
– Avoid damage/costs
– Avoid ceding the advantage to the intruder
Information Warfare - 1
8
Information Warfare is NOT New
• In one form or another IW as old as
war
• Every great military writer discusses
• Old idea with new name
Information Warfare - 1
9
As Old As War Itself
• Sun Tzu (4th Century B.C.)
• Machiavelli (15th Century)
• Jomini (19th Century)
• Toffler (20th Century)
Information Warfare - 1
10
The Theory: Models
• C2 / Counter C2
Plan
Misdirect
Observe
Act
Conceal
Evaluate
Command and
Control
Destruction
Deception
Information Warfare - 1
Psychological
Warfare
Confuse
• Five Pillars
Security
Frustrate
11
What is the Value of IW?
• Degrades the enemy’s ability to wage war
• Enhances your ability to wage war
• Provides operational control
• Allows for superior intelligence and
situational awareness
Information Warfare - 1
12
The Pillars - Security
• Intelligence gathering
• The more you know the better your strategy
• Protection of critical information
• Even seemingly innocent information can have value to
the enemy
• Information Superiority a prime goal
Information Warfare - 1
13
The Pillars - Deception
•Concealing intent of attack
•Concealing extent of attack
•Concealing methods of attack
•Concealing methods of defense
•Concealing objects of attack
Information Warfare - 1
14
Deception
“All warfare is based on deception. Hence, when
able to attack, we must seem unable; when using
our forces, we must seem inactive; when we are
near, we must make the enemy believe we are far
away; when far away, we must make him believe
we are near.” (Sun Tzu)
Information Warfare - 1
15
The Pillars - Destruction
• Elimination of communications
• Computer Network Attack
• Destruction of Information
Infrastructure
• Goal is to create chaos
• Destruction almost always limited
Information Warfare - 1
16
The Pillars – Psychological
Warfare
• PsyOps is perception management
• Not always propaganda
• Not always deceptive
• Not always used against the enemy
• Examples: Persian Gulf and Bosnia
Information Warfare - 1
17
The Pillars – Command and
Control
• No army can win without it
• C2 provides direction and focus to
armies
• Good C2 essential to morale and belief
in leaders
• Always a major target
Information Warfare - 1
18
Sun Tzu’s Aspects of Conflict
•
•
•
•
•
Moral Law
Heaven
Earth
Commander
Method and Discipline
Information Warfare - 1
19
Moral Law
• Tau
• Morale or Purpose
• Attractiveness or Charisma of Leaders or of
Purpose
Information Warfare - 1
20
Heaven
•
•
•
•
Times and Seasons
Occasion
Weather
Pacing and Scheduling of attack
Information Warfare - 1
21
Earth
• The battlefield
• The network
–
–
–
–
Services
Defenses
Users/Clients
Defenders/Administrators
Information Warfare - 1
22
Commander
•
•
•
•
•
Personality
Skills
Preparation
Motivation
Reward
Information Warfare - 1
23
Method and Discipline
•
•
•
•
•
•
Tools
Procedures / Strategy
Care in application / Reserves
Preparation
Assessment
Follow-up
Information Warfare - 1
24
Circumstances
• Attack-aiding circumstances
– Defender inattention
– Window of vulnerability
– Instability
• Attack-inhibiting circumstances
– Instability
– Defender focus
– Distraction
Information Warfare - 1
25
Examples of Information Warfare
•
•
•
•
Zapatista Information Strike
India/Pakistan Kashmir Cyber Conflict
Some marketing pitches
Copyright infringement legal maneuvers
Information Warfare - 1
26
Facing the Enemy
“Hold out baits to entice the enemy. Feign disorder
and crush him. If he is secure at all points, be
prepared for him. If he is in superior strength,
avoid him. If you opponent is of choleric temper,
seek to irritate him. Pretend to be weak, that he
may grow arrogant. If he is taking his ease, give
him no rest. If his forces are united, separate
them. Attack him where he is unprepared, appear
where you are not expected. These military
devices, leading to victory, must not be divulged
beforehand.”
Information Warfare - 1
27
The Rest of the Course
•
•
•
•
•
•
Strategy
Technology implementation
Insider threat
Attackers and defenders
Physical and Cyber attacks
Future
Information Warfare - 1
28