SlideShare una empresa de Scribd logo

Cyber Terror ICT Conference

Descargar como PPTX, PDF
Iftach Ian Amit
Iftach Ian Amit

Mapping connections between CyberCrime and CyberTerrorism groups. Reviewing mitigation factors on the nation-state level and international treaties and strategies that will thwart terrorism and state sponsored cyber offense.

TecnologíaNoticias y política
1 de 36
Iftach Ian Amit | November 2010 www.security-art.comAll rights reserved to Security Art ltd. 2002-2010 Cyber[Crime|Terror] Links between crime and terror on the cyber front: analysis and mitigation strategies Iftach Ian Amit VP Business Development, Security Art Board Member - CSA Israel IL-CERT Dreamer
Iftach Ian Amit | November 2010 All rights reserved to Security Art ltd. 2002-2010 2 So, I heard that crime has something to do with state? You heard right...
Iftach Ian Amit | November 2010 All rights reserved to Security Art ltd. 2002-2010 3
Iftach Ian Amit | November 2010 All rights reserved to Security Art ltd. 2002-2010 4
Iftach Ian Amit | November 2010 All rights reserved to Security Art ltd. 2002-2010 5 Hungry yet? That was just the appetizer...
All rights reserved to Security Art ltd. 2002-2010 Iftach Ian Amit | November 2010 6 CyberWar “Cyberwarfare, is the use of computers and the Internet in conducting warfare in cyberspace.” Wikipedia
All rights reserved to Security Art ltd. 2002-2010 Iftach Ian Amit | November 2010 7 It did not happen yet Being an exceptionEstoniaGeorgiaTitan RainIndiaGoogleAdobe
Iftach Ian Amit | November 2010 All rights reserved to Security Art ltd. 2002-2010 8 Many faces of how CyberWar is perceived... From McAfee’s “Virtual Criminology Report 2009” Image caption: “countries developing advanced offensive cyber capabilities”
Iftach Ian Amit | November 2010 All rights reserved to Security Art ltd. 2002-2010 9 CyberWar - Attack Highly selective targeting of military (and critical) resources In conjunction with a kinetic attack OR Massive DDOS in order to “black-out” a region, disrupt services, and/or push political agenda (propaganda)
All rights reserved to Security Art ltd. 2002-2010 Iftach Ian Amit | November 2010 10 CyberWar - Defense • Never just military • Targets will be civilian • Physical and logical protections = last survival act • Availability and Integrity of services • Can manifest in the cost of making services unavailable for most civilians
Iftach Ian Amit | November 2010 All rights reserved to Security Art ltd. 2002-2010 11 CyberCrime 11
Iftach Ian Amit | November 2010 All rights reserved to Security Art ltd. 2002-2010 12 You want money, you gotta play like the big boys do...
Iftach Ian Amit | November 2010 All rights reserved to Security Art ltd. 2002-2010 13 CyberCrime - Ammunition =≈ APT
Iftach Ian Amit | November 2010 All rights reserved to Security Art ltd. 2002-2010 14
All rights reserved to Security Art ltd. 2002-2010 Iftach Ian Amit | November 2010 15 CyberCrime - Defense• Anti [ Virus | Malware | Spyware | Rootkit | Trojan ] • Seriously? • Firewalls / IDS / IPS • Seriously? • Brought to you by the numbers 80, 443, 53... • SSL...
Iftach Ian Amit | November 2010 All rights reserved to Security Art ltd. 2002-2010 16 How do these connect? Claim: CyberCrime is being used to conduct CyberWar/Terror Proof: Let’s start with some history...
Iftach Ian Amit | November 2010 All rights reserved to Security Art ltd. 2002-2010 17 History - Revisited... Israel September 6th, 2007 Source: http://en.wikipedia.org/wiki/Operation_ Orchard Source: Der Spiegel Operation Orchard
Iftach Ian Amit | November 2010 All rights reserved to Security Art ltd. 2002-2010 18 All attacks on targets are Attributed to Hacktivists Israeli Arabic 18 Cast-Led, 2nd Lebanon war
Iftach Ian Amit | November 2010 All rights reserved to Security Art ltd. 2002-2010 19 Mid-east crime-war links ARHack Hacker/Political forum by day Cybercrime operations by night
Iftach Ian Amit | November 2010 All rights reserved to Security Art ltd. 2002-2010 20 Political post Buying/Selling cards for 1/2 their balance Selling 1600 visa cards
Iftach Ian Amit | November 2010 All rights reserved to Security Art ltd. 2002-2010 21 History - Revisited... Iran 2009 Twitter DNS hack attributed to Iranian activity. Political connections are too obvious to ignore (elections) UN Council Decisions Protests by leadership opposition in Tehran Timing was right on:
Iftach Ian Amit | November 2010 All rights reserved to Security Art ltd. 2002-2010 22
All rights reserved to Security Art ltd. 2002-2010 Iftach Ian Amit | November 2010 23 Iran-Twitter connecting dots • Twitter taken down December 18th 2009 • Attack attributed eventually to a group named “Iranian Cyber Army” • Until December 2009 there was no group known as “Iranian Cyber Army”... • BUT - “Ashiyane” (Shiite group) is from the same place as the “Iranian Cyber Army”
Iftach Ian Amit | November 2010 All rights reserved to Security Art ltd. 2002-2010 24
All rights reserved to Security Art ltd. 2002-2010 Iftach Ian Amit | November 2010 25 Iran-Twitter - Ashiyane • Ashiyane was using the same pro- Hezbolla messages that were used on the Twitter attack with their own attacks for some time... • AND the “Iranian Cyber Army” is an active group on the Ashiyane forums www.ashiyane.com/forum Let’s take a look at how Ashiyane operates...
Iftach Ian Amit | November 2010 All rights reserved to Security Art ltd. 2002-2010 26 On [Crime|Terror] training Ashiyane forums WarGames 26
All rights reserved to Security Art ltd. 2002-2010 Iftach Ian Amit | November 2010 2727 Wargames targets includes:
Iftach Ian Amit | November 2010 All rights reserved to Security Art ltd. 2002-2010 28 Back to [Crime|Terror] Links: What else happened on the 18th? Additional targets - Baidu taken down with the same MO (credentials)
Iftach Ian Amit | November 2010 All rights reserved to Security Art ltd. 2002-2010 29 Mapping Iran’s [Crime|Terror] More recently: Iranian Cyber Army expanding into the “Crime” business Along with the cybercrime “honeypot” tactics…
Iftach Ian Amit | November 2010 All rights reserved to Security Art ltd. 2002-2010 30 Ashiyane Iranian Cyber Army DDoS Botnet Herding Site Defacemen t Credit Card Theft Strategic Attacks Mapping Iran’s [Crime|Terror] Iran Iraq US $$ UK US CN Crime War
Iftach Ian Amit | November 2010 All rights reserved to Security Art ltd. 2002-2010 31 The Future (Ilustrated) CLOUDS
All rights reserved to Security Art ltd. 2002-2010 Iftach Ian Amit | November 2010 32 Deterrence Think: Article 5 for the Cyber Commons! An attack agains one or more states, shall be considered an attack against all member states, who agree, to exercise their right to assist the attacked party, including the right to use armed forces. NATO Article 5 - abridged
All rights reserved to Security Art ltd. 2002-2010 Iftach Ian Amit | November 2010 33 Attribution? • Technical - not feasible • Political - should be obvious • Defending state? • Should have the responsibility to “clean up” its portion of the Cyber Commons in order to enable a sustainable economic and civil environment.
All rights reserved to Security Art ltd. 2002-2010 Iftach Ian Amit | November 2010 34 Summary Good Bad Formal training on cybersecurity by nations Commercial development of malware still reigns Ugly Good meet Bad: money changes hands, less tracks to cover, criminal ops already creating the weapons and are linked to terrorist organizations...
All rights reserved to Security Art ltd. 2002-2010 Iftach Ian Amit | November 2010 35 Summary The Future Lack of legislation and cooperation on multi-national level is creating de-facto “safe haven” for cybercrime. <- FIx this! (see article 5 suggestions) Treaties and anti-crime activities may prove to be beneficial. <- nukes? (i.e. treaties...)
All rights reserved to Security Art ltd. 2002-2010 Iftach Ian Amit | November 2010 36 Thanks! www.security-art.com iamit@security-art.com twitter.com/iiamit blog.security-art.com

Recomendados

Diplo webinar 28 feb 2012
Diplo webinar 28 feb 2012Diplo webinar 28 feb 2012
Diplo webinar 28 feb 2012omkrishan
 
Advanced Data Exfiltration - the way Q would have done it
Advanced Data Exfiltration - the way Q would have done itAdvanced Data Exfiltration - the way Q would have done it
Advanced Data Exfiltration - the way Q would have done itIftach Ian Amit
 
Advanced Data Exfiltration
Advanced Data ExfiltrationAdvanced Data Exfiltration
Advanced Data ExfiltrationIftach Ian Amit
 
Cyber [crime|war deepsec
Cyber [crime|war deepsecCyber [crime|war deepsec
Cyber [crime|war deepsecIftach Ian Amit
 
Cyber[Crime|War] - Brucon
Cyber[Crime|War] - BruconCyber[Crime|War] - Brucon
Cyber[Crime|War] - BruconIftach Ian Amit
 
Cyber [Crime|War] - SourceBoston 2011
Cyber [Crime|War] - SourceBoston 2011Cyber [Crime|War] - SourceBoston 2011
Cyber [Crime|War] - SourceBoston 2011Iftach Ian Amit
 
Cybercrime|Cyberwar - connecting the dots
Cybercrime|Cyberwar - connecting the dotsCybercrime|Cyberwar - connecting the dots
Cybercrime|Cyberwar - connecting the dotsYoram Golandsky
 
Pushing in, leaving a present, and pulling out slowly without anyone noticing
Pushing in, leaving a present, and pulling out slowly without anyone noticingPushing in, leaving a present, and pulling out slowly without anyone noticing
Pushing in, leaving a present, and pulling out slowly without anyone noticingIftach Ian Amit
 

Recomendados

Diplo webinar 28 feb 2012
Diplo webinar 28 feb 2012Diplo webinar 28 feb 2012
Diplo webinar 28 feb 2012omkrishan
 
Advanced Data Exfiltration - the way Q would have done it
Advanced Data Exfiltration - the way Q would have done itAdvanced Data Exfiltration - the way Q would have done it
Advanced Data Exfiltration - the way Q would have done itIftach Ian Amit
 
Advanced Data Exfiltration
Advanced Data ExfiltrationAdvanced Data Exfiltration
Advanced Data ExfiltrationIftach Ian Amit
 
Cyber [crime|war deepsec
Cyber [crime|war deepsecCyber [crime|war deepsec
Cyber [crime|war deepsecIftach Ian Amit
 
Cyber[Crime|War] - Brucon
Cyber[Crime|War] - BruconCyber[Crime|War] - Brucon
Cyber[Crime|War] - BruconIftach Ian Amit
 
Cyber [Crime|War] - SourceBoston 2011
Cyber [Crime|War] - SourceBoston 2011Cyber [Crime|War] - SourceBoston 2011
Cyber [Crime|War] - SourceBoston 2011Iftach Ian Amit
 
Cybercrime|Cyberwar - connecting the dots
Cybercrime|Cyberwar - connecting the dotsCybercrime|Cyberwar - connecting the dots
Cybercrime|Cyberwar - connecting the dotsYoram Golandsky
 
Pushing in, leaving a present, and pulling out slowly without anyone noticing
Pushing in, leaving a present, and pulling out slowly without anyone noticingPushing in, leaving a present, and pulling out slowly without anyone noticing
Pushing in, leaving a present, and pulling out slowly without anyone noticingIftach Ian Amit
 
Cyber Risk Quantification - CyberTLV
Cyber Risk Quantification - CyberTLVCyber Risk Quantification - CyberTLV
Cyber Risk Quantification - CyberTLVIftach Ian Amit
 
Devsecops at Cimpress
Devsecops at CimpressDevsecops at Cimpress
Devsecops at CimpressIftach Ian Amit
 
BSidesTLV Closing Keynote
BSidesTLV Closing KeynoteBSidesTLV Closing Keynote
BSidesTLV Closing KeynoteIftach Ian Amit
 
Social Media Risk Metrics
Social Media Risk MetricsSocial Media Risk Metrics
Social Media Risk MetricsIftach Ian Amit
 
ISTS12 Keynote
ISTS12 KeynoteISTS12 Keynote
ISTS12 KeynoteIftach Ian Amit
 
From your Pocket to your Heart and Back
From your Pocket to your Heart and BackFrom your Pocket to your Heart and Back
From your Pocket to your Heart and BackIftach Ian Amit
 
Painting a Company Red and Blue
Painting a Company Red and BluePainting a Company Red and Blue
Painting a Company Red and BlueIftach Ian Amit
 
"Cyber" security - all good, no need to worry?
"Cyber" security - all good, no need to worry?"Cyber" security - all good, no need to worry?
"Cyber" security - all good, no need to worry?Iftach Ian Amit
 
Armorizing applications
Armorizing applicationsArmorizing applications
Armorizing applicationsIftach Ian Amit
 
Seeing Red In Your Future?
Seeing Red In Your Future?Seeing Red In Your Future?
Seeing Red In Your Future?Iftach Ian Amit
 
Hacking cyber-iamit
Hacking cyber-iamitHacking cyber-iamit
Hacking cyber-iamitIftach Ian Amit
 
Passwords good badugly181212-2
Passwords good badugly181212-2Passwords good badugly181212-2
Passwords good badugly181212-2Iftach Ian Amit
 
Bitcoin
BitcoinBitcoin
BitcoinIftach Ian Amit
 
Sexy defense
Sexy defenseSexy defense
Sexy defenseIftach Ian Amit
 
Cyber state
Cyber stateCyber state
Cyber stateIftach Ian Amit
 
Infecting Python Bytecode
Infecting Python BytecodeInfecting Python Bytecode
Infecting Python BytecodeIftach Ian Amit
 
Exploiting Second life
Exploiting Second lifeExploiting Second life
Exploiting Second lifeIftach Ian Amit
 
Dtmf phreaking
Dtmf phreakingDtmf phreaking
Dtmf phreakingIftach Ian Amit
 
Cheating in Computer Games
Cheating in Computer GamesCheating in Computer Games
Cheating in Computer GamesIftach Ian Amit
 
Telecommunication basics dc9723
Telecommunication basics dc9723Telecommunication basics dc9723
Telecommunication basics dc9723Iftach Ian Amit
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024The Digital Insurer
 

Más contenido relacionado

Más de Iftach Ian Amit

Cyber Risk Quantification - CyberTLV
Cyber Risk Quantification - CyberTLVCyber Risk Quantification - CyberTLV
Cyber Risk Quantification - CyberTLVIftach Ian Amit
 
BSidesTLV Closing Keynote
BSidesTLV Closing KeynoteBSidesTLV Closing Keynote
BSidesTLV Closing KeynoteIftach Ian Amit
 
Social Media Risk Metrics
Social Media Risk MetricsSocial Media Risk Metrics
Social Media Risk MetricsIftach Ian Amit
 
From your Pocket to your Heart and Back
From your Pocket to your Heart and BackFrom your Pocket to your Heart and Back
From your Pocket to your Heart and BackIftach Ian Amit
 
Painting a Company Red and Blue
Painting a Company Red and BluePainting a Company Red and Blue
Painting a Company Red and BlueIftach Ian Amit
 
"Cyber" security - all good, no need to worry?
"Cyber" security - all good, no need to worry?"Cyber" security - all good, no need to worry?
"Cyber" security - all good, no need to worry?Iftach Ian Amit
 
Seeing Red In Your Future?
Seeing Red In Your Future?Seeing Red In Your Future?
Seeing Red In Your Future?Iftach Ian Amit
 
Passwords good badugly181212-2
Passwords good badugly181212-2Passwords good badugly181212-2
Passwords good badugly181212-2Iftach Ian Amit
 
Infecting Python Bytecode
Infecting Python BytecodeInfecting Python Bytecode
Infecting Python BytecodeIftach Ian Amit
 
Cheating in Computer Games
Cheating in Computer GamesCheating in Computer Games
Cheating in Computer GamesIftach Ian Amit
 
Telecommunication basics dc9723
Telecommunication basics dc9723Telecommunication basics dc9723
Telecommunication basics dc9723Iftach Ian Amit
 

Más de Iftach Ian Amit (20)

Cyber Risk Quantification - CyberTLV
Cyber Risk Quantification - CyberTLVCyber Risk Quantification - CyberTLV
Cyber Risk Quantification - CyberTLV
 
Devsecops at Cimpress
Devsecops at CimpressDevsecops at Cimpress
Devsecops at Cimpress
 
BSidesTLV Closing Keynote
BSidesTLV Closing KeynoteBSidesTLV Closing Keynote
BSidesTLV Closing Keynote
 
Social Media Risk Metrics
Social Media Risk MetricsSocial Media Risk Metrics
Social Media Risk Metrics
 
ISTS12 Keynote
ISTS12 KeynoteISTS12 Keynote
ISTS12 Keynote
 
From your Pocket to your Heart and Back
From your Pocket to your Heart and BackFrom your Pocket to your Heart and Back
From your Pocket to your Heart and Back
 
Painting a Company Red and Blue
Painting a Company Red and BluePainting a Company Red and Blue
Painting a Company Red and Blue
 
"Cyber" security - all good, no need to worry?
"Cyber" security - all good, no need to worry?"Cyber" security - all good, no need to worry?
"Cyber" security - all good, no need to worry?
 
Armorizing applications
Armorizing applicationsArmorizing applications
Armorizing applications
 
Seeing Red In Your Future?
Seeing Red In Your Future?Seeing Red In Your Future?
Seeing Red In Your Future?
 
Hacking cyber-iamit
Hacking cyber-iamitHacking cyber-iamit
Hacking cyber-iamit
 
Passwords good badugly181212-2
Passwords good badugly181212-2Passwords good badugly181212-2
Passwords good badugly181212-2
 
Bitcoin
BitcoinBitcoin
Bitcoin
 
Sexy defense
Sexy defenseSexy defense
Sexy defense
 
Cyber state
Cyber stateCyber state
Cyber state
 
Infecting Python Bytecode
Infecting Python BytecodeInfecting Python Bytecode
Infecting Python Bytecode
 
Exploiting Second life
Exploiting Second lifeExploiting Second life
Exploiting Second life
 
Dtmf phreaking
Dtmf phreakingDtmf phreaking
Dtmf phreaking
 
Cheating in Computer Games
Cheating in Computer GamesCheating in Computer Games
Cheating in Computer Games
 
Telecommunication basics dc9723
Telecommunication basics dc9723Telecommunication basics dc9723
Telecommunication basics dc9723
 

Último

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024The Digital Insurer
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesBoston Institute of Analytics
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 

Último (20)

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 

Cyber Terror ICT Conference

  • 1. Iftach Ian Amit | November 2010 www.security-art.comAll rights reserved to Security Art ltd. 2002-2010 Cyber[Crime|Terror] Links between crime and terror on the cyber front: analysis and mitigation strategies Iftach Ian Amit VP Business Development, Security Art Board Member - CSA Israel IL-CERT Dreamer
  • 2. Iftach Ian Amit | November 2010 All rights reserved to Security Art ltd. 2002-2010 2 So, I heard that crime has something to do with state? You heard right...
  • 3. Iftach Ian Amit | November 2010 All rights reserved to Security Art ltd. 2002-2010 3
  • 4. Iftach Ian Amit | November 2010 All rights reserved to Security Art ltd. 2002-2010 4
  • 5. Iftach Ian Amit | November 2010 All rights reserved to Security Art ltd. 2002-2010 5 Hungry yet? That was just the appetizer...
  • 6. All rights reserved to Security Art ltd. 2002-2010 Iftach Ian Amit | November 2010 6 CyberWar “Cyberwarfare, is the use of computers and the Internet in conducting warfare in cyberspace.” Wikipedia
  • 7. All rights reserved to Security Art ltd. 2002-2010 Iftach Ian Amit | November 2010 7 It did not happen yet Being an exceptionEstoniaGeorgiaTitan RainIndiaGoogleAdobe
  • 8. Iftach Ian Amit | November 2010 All rights reserved to Security Art ltd. 2002-2010 8 Many faces of how CyberWar is perceived... From McAfee’s “Virtual Criminology Report 2009” Image caption: “countries developing advanced offensive cyber capabilities”
  • 9. Iftach Ian Amit | November 2010 All rights reserved to Security Art ltd. 2002-2010 9 CyberWar - Attack Highly selective targeting of military (and critical) resources In conjunction with a kinetic attack OR Massive DDOS in order to “black-out” a region, disrupt services, and/or push political agenda (propaganda)
  • 10. All rights reserved to Security Art ltd. 2002-2010 Iftach Ian Amit | November 2010 10 CyberWar - Defense • Never just military • Targets will be civilian • Physical and logical protections = last survival act • Availability and Integrity of services • Can manifest in the cost of making services unavailable for most civilians
  • 11. Iftach Ian Amit | November 2010 All rights reserved to Security Art ltd. 2002-2010 11 CyberCrime 11
  • 12. Iftach Ian Amit | November 2010 All rights reserved to Security Art ltd. 2002-2010 12 You want money, you gotta play like the big boys do...
  • 13. Iftach Ian Amit | November 2010 All rights reserved to Security Art ltd. 2002-2010 13 CyberCrime - Ammunition =≈ APT
  • 14. Iftach Ian Amit | November 2010 All rights reserved to Security Art ltd. 2002-2010 14
  • 15. All rights reserved to Security Art ltd. 2002-2010 Iftach Ian Amit | November 2010 15 CyberCrime - Defense• Anti [ Virus | Malware | Spyware | Rootkit | Trojan ] • Seriously? • Firewalls / IDS / IPS • Seriously? • Brought to you by the numbers 80, 443, 53... • SSL...
  • 16. Iftach Ian Amit | November 2010 All rights reserved to Security Art ltd. 2002-2010 16 How do these connect? Claim: CyberCrime is being used to conduct CyberWar/Terror Proof: Let’s start with some history...
  • 17. Iftach Ian Amit | November 2010 All rights reserved to Security Art ltd. 2002-2010 17 History - Revisited... Israel September 6th, 2007 Source: http://en.wikipedia.org/wiki/Operation_ Orchard Source: Der Spiegel Operation Orchard
  • 18. Iftach Ian Amit | November 2010 All rights reserved to Security Art ltd. 2002-2010 18 All attacks on targets are Attributed to Hacktivists Israeli Arabic 18 Cast-Led, 2nd Lebanon war
  • 19. Iftach Ian Amit | November 2010 All rights reserved to Security Art ltd. 2002-2010 19 Mid-east crime-war links ARHack Hacker/Political forum by day Cybercrime operations by night
  • 20. Iftach Ian Amit | November 2010 All rights reserved to Security Art ltd. 2002-2010 20 Political post Buying/Selling cards for 1/2 their balance Selling 1600 visa cards
  • 21. Iftach Ian Amit | November 2010 All rights reserved to Security Art ltd. 2002-2010 21 History - Revisited... Iran 2009 Twitter DNS hack attributed to Iranian activity. Political connections are too obvious to ignore (elections) UN Council Decisions Protests by leadership opposition in Tehran Timing was right on:
  • 22. Iftach Ian Amit | November 2010 All rights reserved to Security Art ltd. 2002-2010 22
  • 23. All rights reserved to Security Art ltd. 2002-2010 Iftach Ian Amit | November 2010 23 Iran-Twitter connecting dots • Twitter taken down December 18th 2009 • Attack attributed eventually to a group named “Iranian Cyber Army” • Until December 2009 there was no group known as “Iranian Cyber Army”... • BUT - “Ashiyane” (Shiite group) is from the same place as the “Iranian Cyber Army”
  • 24. Iftach Ian Amit | November 2010 All rights reserved to Security Art ltd. 2002-2010 24
  • 25. All rights reserved to Security Art ltd. 2002-2010 Iftach Ian Amit | November 2010 25 Iran-Twitter - Ashiyane • Ashiyane was using the same pro- Hezbolla messages that were used on the Twitter attack with their own attacks for some time... • AND the “Iranian Cyber Army” is an active group on the Ashiyane forums www.ashiyane.com/forum Let’s take a look at how Ashiyane operates...
  • 26. Iftach Ian Amit | November 2010 All rights reserved to Security Art ltd. 2002-2010 26 On [Crime|Terror] training Ashiyane forums WarGames 26
  • 27. All rights reserved to Security Art ltd. 2002-2010 Iftach Ian Amit | November 2010 2727 Wargames targets includes:
  • 28. Iftach Ian Amit | November 2010 All rights reserved to Security Art ltd. 2002-2010 28 Back to [Crime|Terror] Links: What else happened on the 18th? Additional targets - Baidu taken down with the same MO (credentials)
  • 29. Iftach Ian Amit | November 2010 All rights reserved to Security Art ltd. 2002-2010 29 Mapping Iran’s [Crime|Terror] More recently: Iranian Cyber Army expanding into the “Crime” business Along with the cybercrime “honeypot” tactics…
  • 30. Iftach Ian Amit | November 2010 All rights reserved to Security Art ltd. 2002-2010 30 Ashiyane Iranian Cyber Army DDoS Botnet Herding Site Defacemen t Credit Card Theft Strategic Attacks Mapping Iran’s [Crime|Terror] Iran Iraq US $$ UK US CN Crime War
  • 31. Iftach Ian Amit | November 2010 All rights reserved to Security Art ltd. 2002-2010 31 The Future (Ilustrated) CLOUDS
  • 32. All rights reserved to Security Art ltd. 2002-2010 Iftach Ian Amit | November 2010 32 Deterrence Think: Article 5 for the Cyber Commons! An attack agains one or more states, shall be considered an attack against all member states, who agree, to exercise their right to assist the attacked party, including the right to use armed forces. NATO Article 5 - abridged
  • 33. All rights reserved to Security Art ltd. 2002-2010 Iftach Ian Amit | November 2010 33 Attribution? • Technical - not feasible • Political - should be obvious • Defending state? • Should have the responsibility to “clean up” its portion of the Cyber Commons in order to enable a sustainable economic and civil environment.
  • 34. All rights reserved to Security Art ltd. 2002-2010 Iftach Ian Amit | November 2010 34 Summary Good Bad Formal training on cybersecurity by nations Commercial development of malware still reigns Ugly Good meet Bad: money changes hands, less tracks to cover, criminal ops already creating the weapons and are linked to terrorist organizations...
  • 35. All rights reserved to Security Art ltd. 2002-2010 Iftach Ian Amit | November 2010 35 Summary The Future Lack of legislation and cooperation on multi-national level is creating de-facto “safe haven” for cybercrime. <- FIx this! (see article 5 suggestions) Treaties and anti-crime activities may prove to be beneficial. <- nukes? (i.e. treaties...)
  • 36. All rights reserved to Security Art ltd. 2002-2010 Iftach Ian Amit | November 2010 36 Thanks! www.security-art.com iamit@security-art.com twitter.com/iiamit blog.security-art.com

Notas del editor

  1. Completely financially motivated Read: no political affiliation, unless $$$ Highly connected Transactions can be traced across organizations Hierarchical in nature Need to know basis, highly professional business units, many small profit centers
  2. Highly connected and hierarchical
  3. Highly sophisticated botnets Usually rented by the hour/day for spamming or DDOS Harvesting specific information (credit cards, financial data, personal information, emails, documents, applications, credentials, etc...)
  4. Engulfed in fog... information & dis-information all over the place. Events: Cast Led and 2nd Lebanon war kinetic and cyber links hard to find Palestinian TV station hacked for propaganda Maybe? - Syrian nuclear facility bombing in 2007 (no proof - no radar accountability of ANY aircraft in the area...)
  5. An example of an organization that wears two hats: Running “hacker” forum by day Mostly tools, techniques, targets in the US, Israel and some Nordic states Actively running cybercrime organization: Carding, password theft and trade (major provider of hacked swiss/dutch/danish FTP sites to cybercrime groups)
  6. At the Ashiyane forums, there’s an ongoing contest called “WarGames”: Sites are being targeted, participants are called to attack them - SQL injections, data theft, defacement, anything goes...
  7. Landscape highly unclear! Where does that put “developing” nations Africa? OLPC + zero enforcement of licensing = largest infected PC population in the world! Arms race is on. Government/military commissioned attacks more likely, but mainly surgical strikes No Cybergeddon for you so far (sorry CNN...) Massive connectivity is still the WMD of CyberWar (and is a commodity) No problem getting it from questionable “arms dealers” (bot herders) - just like we do now with conventional weapons....