Download - BlackHat Japan 08 Geers Cyber Warfare Slides
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
1/94
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
2/94
Real World vs Cyberspace Whats the difference? Now integral part of every pol/mil conflict
Propaganda, espionage, reconnaissance,even warfare
The Internets amplifying power
Victories in cyberspace can becomevictories on the ground
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
3/94
Cyber Warfare Nuclear, Chemical, Biological Digital? Revolution in Military Affairs (RMA)
IP-enabled personnel, munitions, sensors,logistics Before, during, after fighting
I&W, D&D, e-mail campaigns, blog poisoning Assassination of computer geeks?
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
4/94
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
5/94
S1 The Internet is Vulnerable Imperfect design
Hackers can read, delete, modify
information on or traveling betweencomputers Common Vulnerabilities and Exposures (CVE)
database grows daily Difficult to guard all holes into your network
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
6/94
S2 High Return on Investment Common attack objectives
Research & Development data
Sensitive communications Limited only by the imagination
The elegance of computer hacking
Less expensive Less risk
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
7/94
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
8/94
S3 Inadequacy of Cyber Defense Still an immature discipline Traditional skills inadequate
New skills highly marketable Investigations slowed by international nature
of Internet
Cultural, linguistic, legal, political barriers No help for state-sponsored operations
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
9/94
http://www.cyberpol.ru/
Information Security in Russia
Information Protection LawsAnthology
C. Crime Units
Library
SORM
Understanding C. Crime
Computer Criminals
Forum
Send an E-mail
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
10/94
:
" " : Altay
"" : Mordoviya
: Tatarstan
"" : Chuvashiya
:
"" : Altay
"" : Krasnoyarsk
"" : Primorskiy
"" : Stavropol'
:
"" : Arkhangel'sk
" " : Vladimir
: Voronezh
" " : Kirov
"" : Kostroma
"" : Lipetsk "" : Nizhniy
" " : Novgorod
"" : Orenburg
"" : Samara
" " : Tambov
" " : Tula
" " : Ul'yanovsk "" : Chita
:
"" - : Khanty-Mansi
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
11/94
, Kenneth Geers!
.
: - ?
: . 89 E-mail - Interpol.
: ?
: . .
: - ?
: . , FBI (USA).
: ?
: ( ) .
. .
, ...
International Correspondence
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
12/94
Foreign Relations Law (U.S.)
It is universally recognized, as acorollary of state sovereignty,that officials in one state may notexercise their functions in theterritory of another state withoutthe latter's consent.
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
13/94
S4 Plausible Deniability
Maze-like architecture of Internet Investigations often find only hacked box
Smart hackers route attacks through ... Poor diplomatic relations No law enforcement cooperation
The problem of the last hop, retaliation
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
14/94
S5 Non-State Actors Nation-states like to control international conflict Transnational subcultures spontaneously
coalesce online, influence political agendas Report to no chain-of-command Globalization, Net aid in following, shaping events
Challenge for national security leadership: Could it spin delicate diplomacy out of control?
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
15/94
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
16/94
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
17/94
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
18/94
www.youtube.com
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
19/94
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
20/94
OpenNet
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
21/94
Internal Security First The East German dilemma Computers to the Rescue
Processing power, databases,automated analysis,decryption, speech recognition,
transcription, ArtificialIntelligence, neural networks
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
22/94
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
23/94
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
24/94
Cyber Warfare Tactics
1. Espionage2. Propaganda3. Denial-of-Service (DoS)4. Data modification
5. Infrastructure manipulation
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
25/94
T1 Espionage Second oldest profession, v 2.0
Elegance of remote intelligence collection Old vulnerability, new advantage?
Convergence, speed, practical crypto, steg, OSINT Danger not in data theft, but giving to handler
Old methods: Brush passes, car tosses, dead drops
New methods virtually the same Targeted collection: how would you fare?
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
26/94
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
27/94
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
28/94
The New Espionage Universal media and intelligence gathering
Binoculars, satellites, mass media, NMAP ?
Territorial sovereignty not violated Metadata and reading between the lines Picture taking, not physical invasion right? If indefensible, normally not espionage!
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
29/94
T2 Propaganda Easy, cheap, quick, safe, powerful
Audience is the world Drop behind enemy lines
Does not need to be true Recruitment, fund raising, hacktivism
Censored information replaced in seconds
Tech expanding rapidly (multimedia, Skype, etc) Appearance of technical prowess
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
30/94
Zone-H Stats
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
31/94
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
32/94
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
33/94
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
34/94
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
35/94
T3 Denial-of-Service (DoS) Simple strategy
Deny computer resource to legitimate users Most common: flood target with bogus data so it
cannot respond to real requests for services/info Other DoS attacks
Physical destruction of hardware
Electromagnetic interference designed to destroyunshielded electronics via current or voltage surges
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
36/94
T4 Data Modification Extremely dangerous
Legitimate users (human or machine) may makeimportant decisions based on maliciously altered
information Website defacement Electronic graffiti can carry propaganda or
disinformation
Holy Grail Weapons, Command and Control (C2) systems
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
37/94
T5 Infrastructure Manipulation
Critical infrastructures connecting to Net SCADA security may not be robust
Electricity especially important Infrastructure in private hands Seized hard drives: Microstran, Autocad, etc White House briefed on certain 0-days
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
38/94
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
39/94
Case Study #1
Russia and Chechnya: 1994
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
40/94
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
41/94
Push and Pull
World Wide Web Real-time, unedited news from the war front Net aids in following and shaping current events
Average Net user More information than heads of state ten years
ago
Increasingly important role in internationalconflicts
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
42/94
Examples
Most effective info not pro-Chechen but anti-Russian Digital images of bloody corpses, POWs Real photos and fake photos used Kremlin occasionally caught off-guard
War funds bank account in Sacramento, CA As tech progressed, streaming videos
Ambushes on Russian military convoys
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
43/94
Government Reaction 1999: PM Vladimir Putin:
we surrendered this terrain some time ago ...
but now we are entering the game again. Introduction of centralized military censorship
regarding the war in the North Caucasus
Sought Western help to shut down kavkaz.org
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
44/94
Case Study #2
NATO and Kosovo: 1999
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
45/94
1999: first major NATO military
engagement First Cyber war!
;)
Kosovo
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
46/94
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
47/94
Black Hand 2.0
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
48/94
Hacker Achievements NATO war website down, email down
Line saturation caused by hackers in Belgrade White House website defaced
Secret Service investigation Virus-infected email
25 strains detected Owned U.S. Navy computer
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
49/94
Case Study #3
Middle EastCyber War: 2000
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
50/94
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
51/94
www.hizbulla.org : October 25, 2000
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
52/94
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
53/94
www.wizel.com
www.pna.net
downloads
www.wizel.com
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
54/94
Pro-Palestinian Counterattack Immediate, much more diverse Key difference: economic targets
Bank of Israel, e-commerce, Tel AvivStock Exchange At least 19 countries: AIPAC, AT&T
During 2006 Gaza fighting 700 Israeli Internet domains shut down
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
55/94
Resistance portalYou will attack
these IPs:
andBank of IsraelTel Aviv Stock Exchange
Prime Ministers Officewww.wizel.com
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
56/94
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
57/94
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
58/94
www.ummah.com/unity
Due to complaints, moved and renamed: http://defend.unity-news.com http://members.tripod.com/irsa2003 http://members.tripod.com/irsa2004
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
59/94
Case Study #4
Sino-AmericanPatriotic Hacker War: 2001
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
60/94
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
61/94
Downed EP-3 on Hainan Island
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
62/94
Critical Infrastructure Attack FBI investigated a Honker Union of China
(HUC), 17-day hack of a California electricpower grid test network Widely dismissed as media hype
2007: CIA informed industry leaders that atangible hacker threat to critical infrastructureis no longer theoretical
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
63/94
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
64/94
Case Study #5
Estonia: 2007
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
65/94
The North Atlantic TreatyWashington DC, 4 April 1949
Article 5: The Parties agree that an armed attackagainst one or more of them in Europe or North
America shall be considered an attack against themall ... each of them ... will assist the Party or Partiesso attacked by taking forthwith ... such action as itdeems necessary, including the use of armed force,
to restore and maintain the security of the NorthAtlantic area.
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
66/94
Red Square, 1945
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
67/94
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
68/94
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
69/94
Tallinn, Estonia
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
70/94
Ethnic Composition of Estonia
0.811,035Finn
1.216,134Belarusian
2.128,158Ukrainian
25.6344,280Russian
68.6921,062Estonian% of totalPopulationEthnicity
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
71/94
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
72/94
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
73/94
Relocation: April 26, 2007
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
74/94
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
75/94
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
76/94
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
77/94
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
78/94
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
79/94
- ! -
.
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
80/94
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
81/94
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
82/94
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
83/94
NATO: Dawn of Cyber 1999 Washington Summit (new Strategic Concept)
No mention of cyber 2002 Prague Summit:
strengthen ... to defend against cyber attacks
2004 Istanbul Summit: No mention of cyber
2006 Riga Summit:
protect information systems ... against cyber attacks develop a NATO Network Enabled Capability
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
84/94
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
85/94
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
86/94
Centre of Excellence, Tallinn
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
87/94
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
88/94
Strategic Thoughts Nation-states lose some control over conflict Geopolitical analysis required
Cyber conflict mirrors fighting on ground Attribution and the false flag
Concept: Peoples War Is national security at risk?
As with WMD, defense strategies unclear As with terrorism, success in media hype
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
89/94
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
90/94
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
91/94
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
92/94
The Future is Unknown
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
93/94
But It Begins Today
-
8/8/2019 BlackHat Japan 08 Geers Cyber Warfare Slides
94/94
Cyberspaceand the
Changing Nature of WarfareKenneth Geers