Cyber Warfare
-
Upload
new-horizons-computer-learning-centers-5pe -
Category
Technology
-
view
132 -
download
4
Transcript of Cyber Warfare
Cyber Warfare and Big Data
George Pauwels
• CISSP
• CEH
• CHFI
• Security+
• A+
• Linux+
• Network+
• CCNP – S
• CISCO – SCYBER
• CCNA – S
• CCNA – RS
What is Hacking?
“The Tao that can be spoken is not the eternal TaoThe name that can be named is not the eternal name
The nameless is the origin of Heaven and EarthThe named is the mother of myriad things”
Lau Tsu - Tao Te Ching
CEHCertified Ethical Hacker != Hacking
Hacker Process• Reconnaissance
• Scanning
• Gaining Access
• Maintaining Access
• Achieving our Goal
• Covering tracks
CyberWarfare
Who Are the Players?
• China
• Germany
• India
• Iran
• South Korea
• Netherlands
• Russia
• United States
• Syria
• North Korea
China• AKA: Unit 61398, Comment Crew, Putter Panda, Axiom
• Targets in the United States attributed to Chinese sponsored hacking organizations include:
• The aerospace engineering program• Space shuttle design• High performance computers• Nuclear weapon design• Cruise missile data• Semiconductors• Details of US arms sales to Taiwan
• Despite the evidence China still maintains that they are not a threat but more the victim of cyber terrorism
Germany
• National Cyber Defense Centre
• The original number of member of the team was 60
• Shortly after Snowden release the details of the NSA’s cyber surveillance the decided more money and staff would be an excellent idea.
Russia• AKA: APT28
• One of the worlds leaders in cyber warfare
• Attacks usually target sites in eastern Europe and the United States
• Attacks include NATO and the White House
Iran• Ajax Security Team/Flying Kitten/Tarh Andishan
• Responsible for Operation Saffron Rose – a phishing and spoofing attack on OWA and VPN pagers targeting the US defense industry.
North Korea• Bureau 121/Pyongyang
• Reportedly the North Korea cyber warfare division hosts 6000 troops
• Was at least partly to mostly responsible for the Sony attack.
• Was seriously outgunned by Anonymous
United States• Tailored Access Operations/NSA
• Stuxnet
• Collects telephone data on its citizens
• Over 54,000 Global Network Exploitations carried out since 2013
Germany
• National Cyber Defense Centre
• The original number of member of the team was 60
• Shortly after Snowden release the details of the NSA’s cyber surveillance the decided more money and staff would be an excellent idea.
United States• Tailored Access Operations/NSA
• Stuxnet
• Collects telephone data on its citizens
• Over 54,000 Global Network Exploitations carried out since 2013
The IoT
Electronic article surveillance
Automobiles
Pacemaker/Heart Monitors/Insulin Pumps
ATM
Smart Meters
If it runs on software it is hackable
Countermeasures
Risk Mitigation
• Risk Mitigation
• Risk Transfer
• Risk Acceptance
• Risk Avoidance
Risk Avoidance?