Transcript Cyberterrorism - Marshall University

In every institution, information is blood.
Bradley H. Patterson, Jr. (1921-).
The Ring of Power: The White House
Staff and Its Expanding Role in
Government, 7, 3, 1988
Under today’s technological conditions, the “all
conquering stratagems” of Sun Tzu more than two
millennia ago – “vanquishing the enemy without
fighting” and subduing the enemy by “soft strike” or
“soft destruction” – could finally be truly realized.
Quote from the Chinese Army
Newspaper, Jiefangjun Bao, from a
summary of speeches delivered in
May 1996.
"A Glimpse of Cyberwarfare" U.S. News & World Report (03/13/00) Vol. 128, No. 10, P. 32; (Strobel,
Warren P.): Various governments around the world are using the Internet to suppress dissent,
harass their enemies, obtain trade secrets, and even prepare for war. Although computer security
experts admit that some of the worst-case scenarios have yet to happen, such as rogue
governments using computers to wreak havoc on financial systems, they warn that more than 12
countries, including China, Iraq, Iran, and Russia already possess fairly sophisticated informationwarfare know-how. For example, China is currently debating whether to devote a fourth branch of
its military solely to information warfare, and the Pentagon will consolidate its offensive
cyberwarfare programs at the U.S. Space Command in Colorado later this year. Experts say
cyberwars pose great ethical and legal dilemmas, as there is no clear separation point between
military sites and those devoted to civilian infrastructure, as in physical wars. Military analysts
admit that the U.S. may be the biggest loser if cyberwarfare becomes an accepted form of battle,
as it is the country most tightly strung together by computer networks. Because of the widespread
damage that cyberwarfare could lead to, some countries such as Russia have proposed treaties on
the matter, similar to arms control agreements. However, experts say verifying such an agreement
would be nearly impossible given the nature of computer networks. Electronic spying could also
become as problematic as cyberwarfare, as many government agencies are rich with detailed,
classified information that is extremely valuable to an enemy. Security professionals say not only
can information be taken from a computer, but an unfriendly entity could also place bogus
information into a computer, causing military leaders to make decisions about troop locations or
battlefield conditions based on fictional data. Most military analysts contend that the computer has
made the world an even more dangerous place. *
From http://www.umsl.edu/~sauter/ecommerce/news.html
CYBERSECURITY
&
NETWORK VULNERABILITY
Dale H. Shao, Ph.D.
Marshall University
Overview
 Network Events
Occurring Since 1993
 Key Societal Changes
 Network Players
 Cybersecurity
Breaches
 Types of Attackers
 Network Intrusion
Techniques
 Cybersecurity Counter
Measures
 Summary
Network Events Occurring Since 1993
 Internet – the network of networks. Allows access
to networks around the world.
 Intranets - uses Internet technologies to create an
internal network.
 Extranets – allows limited access the corporate
intranets from the Internet.
 Push Technology
 E-commerce
 Supply Chain Management & ERP
Key Societal Changes




Knowledge-based income
Personal computers
Availability of online
hacking tools with
instructions
Networked society
– Mobility
– Productivity
– System vulnerability
 ERP
 Network
standardization
 Increasing
sophisticated terrorists
 Cyber-terrorism - the
use of network-based
technologies to cause
harm to data and/or
information from its
original form
Network Players
Hackers
Lone Criminals
Malicious Insiders
Industrial
Espionage
 Press
 Organized Crime
 Police




 Terrorists
 National
Intelligence
Organizations (NSA
and CERT – see
Morris Worm)
 Infowarriors
Cybersecurity Breaches


NSA monitors fifty-three thousand communications signals in the
U.S. every day. Then, acres and acres of supercomputers with
eavesdropping and code breaking capabilities automatically look
for meaningful information amongst the hurricane of data that
enters Fort Meade, Maryland. The NSA can listen for and detect
key words in phone conversations. NSA computers will trigger
alarms and in seconds a platoon of experts will be dissecting the
recorded conversation. According to the Washington Post,
"[e]very day, collection systems at the National Security Agency
intercept and store 1.7 billion e-mails, phone calls and other
types of communications. The NSA sorts a fraction of those into
70 separate databases."[23] (From wikipedia.com).
ECHELON is a code word for an automated global interception
system operated by the intelligence agencies of the US, UK,
Canada, Australia, and New Zealand, and lead by the NSA. Some
sources claim ECHELON sifts through 90 percent of the Internet’s
traffic.
Cybersecurity Breaches – con’t




Computer Security Institute (CSI) - based on responses
from 643 computer security practitioners in U.S. corporations,
government agencies, financial institutions, medical
institutions and universities. Ninety percent of survey
respondents detected cyber attacks, 273 organizations report
$265,589,940 in financial losses, including denial of service
attacks, Web-site vandalism, financial fraud, sabotage of data
or networks, and theft of proprietary information.
FBI - 95 percent of all attacks by hackers go unreported
Kevin Poulson (1992)– convicted for stealing and trafficking
telephone access codes for the Soviet Union and wiretapping
conversations of Pacific Bell officials who were investigating
him.
Sunday Times in Britain (1999) - hackers attempting to
blackmail several bank’s security , they claim they can disrupt
bank operations and have lists of private clientele information
they will publish.
Cybersecurity Breaches – con’t




A survey by Global Integrity, a computer security company
showed that more than twenty-five of the world’s largest banks
were hacked into in 1999.
British authorities (2000), with the assistance of the FBI, arrested
two eighteen-year-old British citizens who had stolen over twentysix thousand credit card accounts using the Internet.
(2000) A leak of early design information cost a medium-sized
producer of consumer electronic goods $35 million in anticipated
sales when a competitor obtained the information and used it to
introduce its own version of the product much sooner.
Identity theft – the forging of someone’s identity for the
purpose of fraud. 2003: 10 million victims. 2012 12.6 million
experienced identity theft. 12.6 Million Individuals from the US Fell
Victim to Identity Fraud in 2012. 2004 $46 billion stolen through
identity theft. 2012 $21 billion stolen.
Network Intrusion Techniques




Van Eck Devices – a crt computer monitor is actually a
miniature transmitter broadcasting all of its information into
the air. A Van Eck receiving device can “read” a screen up to
around one half of a city block away.
High Energy Radio Frequency (HERF) Gun – shoots a high
power radio signal at an electronic target and puts it out of
commission. Designed to overload electronic circuitry.
ElectroMagnetic Pulse Transformer (EMP/T) Bomb – so strong
any computer in its path will likely be rendered useless
forever. Electronic circuitry will be melted beyond repair and
all magnetically stored data will be completely erased.
Hacking – illegally intruding in to a computer network. A
hacker is someone interested in operating systems, software,
security, and the Internet generally.
Network Intrusion Techniques – con’t





Data-Driven Attacks – an attack that relies upon hidden or
encapsulated data, which may be designed to flow through a
firewall undetected.
Social Engineering – tricking an unwary system personnel into
revealing passwords or other information about their network.
Spoofing – any procedure that involves impersonating another
user or host to gain unauthorized access to the target.
Hijacking – terminal hijacking, where an attacker seizes
control of another user’s session.
Back Door – a hidden program, left behind by an intruder or a
disgruntled employee that allows them future access to a
victim host, a.k.a., trap door.
Network Intrusion Techniques – con’t








Crack – software (or any technique) used to circumvent system
security.
DoS – Denial of Service – results when a user maliciously renders an
Internet information server inoperable, thereby denying computer
service to legitimate users.
Flood, Floods, Flooder – tool or tools that overflow the connection
queue of a TCP/IP enabled system, thereby causing denial of service.
Logic Bomb – any program or code—generally malicious—that causes
a system to lock up or fail.
Cyberslacking – misuse of company resources.
Cookie – a small file that contains information about you and your
Web activities, which a Web site places on your computer.
Anonymous Web browsing (AWB) – hides your identity from the Web
sites you visit.
About 2,000 government agencies have databases with information
on people. Whenever you are in contact with government agency,
you leave behind information about yourself.
Network Intrusion Techniques – con’t





Computer sabotage costs about $10 billion per year. In
general, employee misconduct is more costly than assaults
from outside. Omega Engineering Corp. suffered losses of $10
million when a terminated network manager detonated a
software time bomb. (www.asaecenter.org)
Sniffer – program that surreptitiously captures datagrams
across a network. Can be used to steal usernames and
passwords.
Time Bomb – any program that waits for a specified amount
of time or event to disable a machine or otherwise cause that
machine to fail.
Traffic Analysis – the study of patterns in communication
rather than the content of the communication. Can be very
revealing, primarily in determining relationships between
individuals and hosts.
Trojan (Trojan Horse) – an application or code that,
unbeknownst to the user, performs surreptitious and
unauthorized tasks. Those task can compromise system
security.
Identity Theft by Age of Victims
Cybersecurity Counter Measures
 Make cybersecurity a company wide philosophy
 Purchase Internet insurance
 Do not allow anyone access to your system who has
not been invited or who has not been verified using
several different technologies and photograph all
individuals who ask for access to your system
 Guards should know their job is secure, even if they
prevent a high level official from the firm from
entering an installation without the proper
identification and authorization
 Sensitive information should be destroyed before
being thrown out
Cybersecurity Counter Measures – Con’t
 If an individual does not use their account within a
specific period of time, they should be automatically
logged off
 Always change all default settings dealing with
passwords and usernames when setting up a
system
 Do not use obvious passwords
 Change passwords relatively often
 Use 128-bit encrypted browsers
 Make sure your email software is up-to-date
 Encrypt all files sent through email
Cybersecurity Counter Measures – Con’t
 Make sure your web browser is up-to-date
 Use the best security hardware and software that is
available and read and follow the recommendations
that are included with the software to prevent
unauthorized access to your system
 Thoroughly train and certify you security personnel
Summary
 It would not be surprising if a catastrophic
terrorist event occurred in the near future
 Businesses must protect themselves from
the preceding as much as possible by using
practical measures to defend against these
unlawful intrusions