YOU’RE ON LINKEDIN? WATCH OUT!

1

•160 million members

•People looking for jobs or to advance their careers

•now valued at over $12 billion

2

• In June 2012: Hackers breached LinkedIn’s security and stole 6.5 million user passwords

• LinkedIn Faces $5 Million Lawsuit After Password Breach

3

• Security experts criticized LinkedIn for not having a chief security officer.

• LinkedIn was found to have minimal password protection

• protecting consumer data is an ongoing effort, not a one-time fix.

4

• The problems created by the theft of 6.5 million passwords at LinkedInillustrate some of the reasons why businesses need to pay special attention toinformation system security.

5

I N T E R A C T I V E S E S S I O N : O R G A N I Z AT I O N S

STUXNET AND THE CHANGING FACE OF

CYBERWARFARE

6

STUXNET• July 2010

• targeting Iran’s nuclear facilities

• Iran’s President Mahmoud Ahmadinejad publicly acknowledged thatmalicious software had infected the Iranian nuclear facilities and disruptedthe nuclear program by disabling the facilities' centrifuges.

• first visible example of industrial cyberwarfare

• is the most sophisticated cyberweapon ever deployed

7

Windows-based worm had a “dual warhead.”

• One part was designed to lay dormant for long periods, then speedup Iran’s nuclear centrifuges so that they spun wildly out of control.

• Another secretly recorded what normal operations at the nuclearplant looked like and then played those recordings back to plantoperators so it would appear that the centrifuges were operatingnormally when they were actually tearing themselves apart.

8

• Stuxnet only became active when it encountered a specific configuration of controllers, running a set of processes limited to centrifuge plants.

• Over 60 percent of Stuxet-infected computers are in Iran.

• Kaspersky Labs: the worm was launched with nationstate support (probably from Israel and the United States).

• Stuxnet wiped out about one-fifth of Iran’s nuclear centrifuges.

• The damage was irreparable and is believed to have delayed Iran’s ability to make nuclear arms by as much as five years.

• And Stuxnet is not the only cyberweapon currently at work.

• The Flame virus, released about five years ago, has been infecting computers in Iran, Lebanon, Sudan, Saudi Arabia, Egypt, Syria, and Israel.

• The Duqu worm, discovered in September 2011

9

10

CA S E S T U DY Q U E S T I O N S

• Is cyberwarfare a serious problem? Why or why not?

• Assess the management, organization, and technology factors that have created this problem.

• What makes Stuxnet different from other cyberwarfare attacks? How serious a threat is this technology?

• What solutions for have been proposed for this problem? Do you think they will be effective? Why or why not?

11

I N T E R A C T I V E S E S S I O N : T E C H N O L O G Y

12

13

14

15

16

CA S E S T U DY Q U E S T I O N S

• What technology issues led to the security breach at MWEB?o selfservice management system that MWEB Business uses to provide and manage business accounts that

have not yet been migrated to the MWEB network.

• What is the possible business impact of this security breach for bothMWEB and its customers?

o MWEB: Loss of customer confidence, customer:Loss of important data and financial loss

• If you were an MWEB customer, would you consider MWEB’sresponse to the security breach to be acceptable? Why or why not?

o Yes, MWEB responded quickly to the hacking incident.

• What should MWEB do in the future to avoid similar incidents?o Use of technology that tested and secure

17

CASE STUDY

Information Security Threats and Policies in Europe

18

• The IT sector is one of the key drivers of the European economy.

• 87% access to mobile phones.

• In 2009, the European broadband market was the largest in the world.

19

• In 2007, Estonia suffered a massive cyber attack that affected the government, the banking system, media, and other services. (DDoS)o The cyber attack on Estonia started in late April 2007 and lasted for almost 3

weeks.

• Arsys, an important Spanish domain registration company, was also targeted by international hackers.ohackers had stolen codes that were then used to insert links to external servers

containing malicious codes in the Web pages of some of its clients.

• In 2009, an estimated 10 million computers were infected with the Conflicker worldwide.o In the UK Ministry of Defense, German army

• More recently, a sophisticated malwareo STUXNET: was detected in Germany, Norway, China, Iran, India, Indonesia, and

other countries.

20

• As of 2001, EU member states had independent groups of experts that were responsible for responding to incidents in information security. (lacked coordination)

• in 2004 the European Commission established the (ENISA) with the goal of coordinating (ENISA’s main objectives: secure Europe’s information infrastructure, promote security standards, and educate)

• ENISA organized the first pan-European CriticalInformation Infrastructure Protection (CIIP)

• The European Commission has recently launched the Digital Agenda for Europe. The goal of this initiative is to define the key role that information and communication technologies will play in 2020, Another goal is that broadband speeds of 30Mbps be available to all European citizens by 2020.

21

CASE STUDY QUESTIONS

1. What is a botnet?

2. Describe some of the main points of the Digital Agenda for Europe.

3. Explain how a cyber attack can be carried out.

4. Describe some of the weaknesses exploited by malware.

22