Internet Vulnerabilities & Criminal Activity

Internet Vulnerabilities & Criminal Activity

Cyber Terrorism and Cyber Warfare

November 14, 2011

Cyber Terrorism and Cyber Warfare

November 14, 2011

Terrorism - FBITerrorism - FBI

“The unlawful use of force and violence against persons or property to intimidate or coerce a government, the civilian population, or any

segment thereof, in furtherance of political or social objectives.”

“The unlawful use of force and violence against persons or property to intimidate or coerce a government, the civilian population, or any

segment thereof, in furtherance of political or social objectives.”

Terrorism - DODTerrorism - DOD

“The unlawful use of, or threatened use, of force or violence against individuals or

property, to coerce and intimidate governments or societies, often to achieve

political, religious or ideological objectives”

“The unlawful use of, or threatened use, of force or violence against individuals or

property, to coerce and intimidate governments or societies, often to achieve

political, religious or ideological objectives”

Terrorism - DOSTerrorism - DOS

“Premeditated, politically motivated violence perpetrated against

noncombatant targets by sub national groups or clandestine agents”

“Premeditated, politically motivated violence perpetrated against

noncombatant targets by sub national groups or clandestine agents”

FBI - Terrorism DescriptionsFBI - Terrorism Descriptions

Domestic or Foreign “Depending on the origin, base, and objectives of the

terrorist organization.” Terrorist Activities

Incident “A violent act or an act dangerous to human life, in violation of the

criminal laws of the United States, or of any state, to intimidate or coerce a government, the civilian population, or any segment thereof, in furtherance of political or social objectives.”

Prevention “A documented instance in which a violent act by a known or

suspected terrorist group or individual with the means and a proven propensity for violence is successfully interdicted through investigative activity.”

Domestic or Foreign “Depending on the origin, base, and objectives of the

terrorist organization.” Terrorist Activities

Incident “A violent act or an act dangerous to human life, in violation of the

criminal laws of the United States, or of any state, to intimidate or coerce a government, the civilian population, or any segment thereof, in furtherance of political or social objectives.”

Prevention “A documented instance in which a violent act by a known or

suspected terrorist group or individual with the means and a proven propensity for violence is successfully interdicted through investigative activity.”

More on TerrorismMore on Terrorism

Political in nature Smaller weaker group vs. larger group No legitimate means of protest Violence against civilians Symbolic targets Designed to provoke response Aimed at larger audience

Political in nature Smaller weaker group vs. larger group No legitimate means of protest Violence against civilians Symbolic targets Designed to provoke response Aimed at larger audience

What Makes a Terrorist?What Makes a Terrorist?

A disaffected individual

An enabling group

A legitimizing ideology

A disaffected individual

An enabling group

A legitimizing ideology

Terrorist GoalsTerrorist Goals

Leadership

Long-term goals

Political change

Leadership

Long-term goals

Political change

Followers

Short-term goals

Revenge

Renown

Reaction

Followers

Short-term goals

Revenge

Renown

Reaction

Terrorism MatrixTerrorism Matrix

People (or groups)

Locations (of perpetrators, facilitators, victims)

Methods/modes of action

Tools

Targets

Affiliations

Motivations

People (or groups)

Locations (of perpetrators, facilitators, victims)

Methods/modes of action

Tools

Targets

Affiliations

Motivations

Terrorism Matrix ITerrorism Matrix I

Cyber TerrorismCyber Terrorism

"The premeditated, politically motivated attack against information, computer systems, computer

programs, and data which result in violence against noncombatant targets by sub-national

groups or clandestine agents”

FBI

"The premeditated, politically motivated attack against information, computer systems, computer

programs, and data which result in violence against noncombatant targets by sub-national

groups or clandestine agents”

FBI

Is Cyber Terrorism Really Terrorism?

Is Cyber Terrorism Really Terrorism?

Terrorist Matrix IITerrorist Matrix II

Worst Cyber Terrorism Attack to Date

Worst Cyber Terrorism Attack to Date

September 11, 2001September 11, 2001

Cyber Terrorism - DynamicsCyber Terrorism - Dynamics

Three types of attacks Physical

Conventional Weapons Syntactic

Malware Semantic

More subtle approach Errors & unpredictable results Attack user’s confidence in the system

Three types of attacks Physical

Conventional Weapons Syntactic

Malware Semantic

More subtle approach Errors & unpredictable results Attack user’s confidence in the system

Cyber Terrorism - StepsCyber Terrorism - Steps

Reconnaissance Gain detailed information about target Social engineering, dumpster diving

Scanning Determine targets computer software & network

organization

Gaining access Take over the target Stolen passwords, network vulnerabilities

Reconnaissance Gain detailed information about target Social engineering, dumpster diving

Scanning Determine targets computer software & network

organization

Gaining access Take over the target Stolen passwords, network vulnerabilities

Cyber Terrorism - Steps cont.Cyber Terrorism - Steps cont.

Maintaining access Allow further access Rootkits and backdoors

Covering tracks Maintain control Gather further intelligence

Maintaining access Allow further access Rootkits and backdoors

Covering tracks Maintain control Gather further intelligence

Cyber Terrorism - Potential EffectsCyber Terrorism - Potential Effects

Targets Water supplies Electrical power supplies Emergency services Telecommunications systems Transportation systems Banking & financial systems Government

Targets Water supplies Electrical power supplies Emergency services Telecommunications systems Transportation systems Banking & financial systems Government

Countering Cyber TerrorismCountering Cyber Terrorism

Raise security levels in the private sectors Communication & coordination systems in the

private sector Communication & coordination systems in

government Establish emergency response plans Promote research & development Add & revise legislation Promote international cooperation

Raise security levels in the private sectors Communication & coordination systems in the

private sector Communication & coordination systems in

government Establish emergency response plans Promote research & development Add & revise legislation Promote international cooperation

How Terrorist Use the InternetHow Terrorist Use the Internet

Propaganda

Recruitment

Information storage

Communications

Funding

Propaganda

Recruitment

Information storage

Communications

Funding

Terrorist Web SitesTerrorist Web Sites

Google MapsGoogle Maps

CyberwarfareCyberwarfare

“The use of computers and the Internet in conducting warfare in

cyberspace”

“The use of computers and the Internet in conducting warfare in

cyberspace”

Attack Target Category Target Sub-Category Attacker*

Siberian Pipeline Explosion

Resources Physical Damage United States

Kosovo War Resources Disruption United States

Moonlight Maze Data Espionage (Intelligence)

Russia

Hainan Spy Plane Resources Disruption China

Titan Rain (China) Data Espionage (Intelligence)

China

Estonia Resources Disruption Russia

Israel vs. Syrian Missile Defense

Resources Disruption Israel

South Ossetia War (Georgia)

Resources Disruption Russia

Israel vs. Hamas Resources Disruption Israel & Hamas

GhostNet Data Espionage (Intelligence)

China

North Korea Resources Disruption North Korea

Operation Aurora Data Espionage (Intellectual Property)

China

Stuxnet Worm (Iran) Resources Physical Damage Israel (U. S.)

Cyberwarfare QuestionsCyberwarfare Questions

Will we know who did it? Can retaliators hold assets at risk? Can they do so repeatedly? Can cyberattacks disarm cyberattackers? Will third parties stay out of the way? Might retaliation send the wrong message? Can states set thresholds for response? Can escalation be avoided?

Will we know who did it? Can retaliators hold assets at risk? Can they do so repeatedly? Can cyberattacks disarm cyberattackers? Will third parties stay out of the way? Might retaliation send the wrong message? Can states set thresholds for response? Can escalation be avoided?

Most likely use of cyber terrorism, and cyber warfare

Most likely use of cyber terrorism, and cyber warfare

In tandem with a physical attack.In tandem with a physical attack.