is cyberterrorism the new normal?
TRANSCRIPT
IS CYBERTERRORISMTHE NEW NORMAL?
Brought to you by:
Click this icon to tweet information from each slide
could all be cited as evidence that “progression, innovation, and escalation” will be the new name of the game in advanced threats.
IS CYBERTERRORISM THE NEW NORMAL?
ADVANCED THREATS
Progression
INNOVATION
ESCALATION
Stuxnet, Flame, Red October, and now Inception–Cloud Atlas
RED OCTOBER: THE SWISS ARMY KNIFE OF ESPIONAGE
targeted at diplomatic, governmental, and scientific research organizations worldwide
Termed an advanced cyberespionage campaign
Operated undetected for up to five years prior to discovery, transmitting information ranging from diplomatic secrets to personal information, including data captured from mobile devices.
RED OCTOBER: THE SWISS ARMY KNIFE OF ESPIONAGE
domain registrars and hosting companies shut down as many as 60 domains used by the virus creators to receive information. The attackers themselves shut down their end of the operation as well.
AFTER BEING REVEALED,
Primary vectors used to install the malware were emails containing attached documents that exploited vulnerabilities in Microsoft Word and Excel.
allowing them to craft highly advanced infections that were tailored to unique configurations of infected machines. Researchers broke those 1,000 modules down into ten categories.
Highly customizable exploits
RED OCTOBER OPERATORS HAD MORE THAN 1,000 MODULES AT THEIR DISPOSAL,
RECON
PASSWORDE-M
AILUSB DRIVE
KEYBOARDPERSISTENCESPREADIN
GM
OBIL
EEX
FILTR
ATIONUSB INFECTION
THE HUNT FOR RED OCTOBER’s Baby:Inception-Cloud Atlas
scale to Red October, Inception-Cloud Atlas was created in late May, 2014 and started operating in June.
the malware targeted executives and high-ranking people in finance, engineering, and petroleum industries, as well as diplomats, politicians, and military servicemen.
Inception–Cloud Atlas let hackers record phone calls in MP4 and extract them onto anonymous CloudMe accounts.
standard, which is an improvement to the cryptographically challenged RC4 algorithm used by Red October.
Used the Advanced Encryption
On Android devices, A malware attack similar IN
Like Red October,
THE HUNT FOR RED OCTOBER’s Baby:Inception-Cloud Atlas
organizations but spread to nearby countries including Ukraine and Uzbekistan, and then moved into Europe. (Germany, France, Belgium)
The virus began by targeting RUSSIAN
as any other kind of advanced arms proliferation. New weaponry has been used successfully once; now all the ambitious up-and-comers will be scrambling to follow suit.
The New Arms Race for Commoditized
Cyberattack landscape is following the same pattern
Malware Products
0100111101101110001000000100000101101110011001000111001001101111011010010110010000100000011001000110010101110110011010010110001101100101011100110010000001001001011011100110001101100101011100000111010001101001011011110110111011100010100000001001001101000011011011000110111101110101011001000010000001000001011101000110110001100001011100110010000001101100011001010111010000100000011010000110000101100011011010110110010101110010011100110010000001110010011001010110001101101111011100100110010000100000011100000110100001101111011011100110010100100000011000110110000101101100011011000111001100100000011010010110111000100000010011010101000000110100001000000110000101101110011001000010000001100101011110000111010001110010011000010110001101110100001000000111010001101000011001010110110100100000011011110110111001110100011011110010000001100001011011100110111101101110011110010110110101101111011101010111001100100000010000110110110001101111011101010110010001001101011001010010000001100001011000110110001101101111011101010110111001110100011100110010111000100000
Brought to you by: