cyber warfare and cyber terrorism
DESCRIPTION
Introduction to Cyber Warfare and Cyber TerrorismTRANSCRIPT
. .
.
(2006) Cyber Terrorism = Cyberspace + Terrorism Terrorism in Cyberspace (2006) United States Armed Forces. (2008) U.S. Center for Strategic and International Studies
(2008) Cyber Crime = Cyberspace + Crime Crime in Cyberspace (2008) U.S. Center for Strategic and International Studies
(2008) Cyber Warfare = Cyberspace + War War in Cyberspace (2008) U.S. Center for Strategic and International Studies
Cyberspace William Gibson 1984 Cyberspace (non-physical terrain) website, e-mail, chat, shop online, virtual baby, virtual reality, cyber-banking, Web Shopping Card, Virtual Debit Card Internet Cyberspace Critical infrastructure
17 2007 2007
Cyber (Cyber warrior) Cyberspace Cyber Warfare Information Security Hacking Espionage or spying Computer forensics
24th U.S. Air Force (against China/N. Korea)the first elements of a cyberspace command operations center in San Antonio
U.S. Air Force Cyber Command South Korea Cyber Warfare Command Centre (against China/N. Korea) Australian Cyber Warfare Center in Canberra (against China/N. Korea)
North
Korea Cyber Warfare Unit (against US/S. Korea) Cyber Warfare Unit (against US/S. Korea)
China
Virus and worm attacks e-mail attachments, Web browser scripts, Vulnerability exploit engines.
Denial of service attacks overloading
Web defacements Spread disinformation Propaganda disrupt information flows.
Unauthorized intrusions into systems theft of confidential and/or proprietary information modification and/or corruption of data launching attacks on other systems
Twitter.com
.. 2009
"Iranian Cyber Army " Baidu.com Chinese search engine 12 .. 2553 2010) www.baidu.com (12 Jan
"This site has been hacked by Iranian Cyber Army " "In reaction to the US authorities' intervention in Iran's
internal affairs. This is a warning, "
On
13 Jan 2010 http://www.diabetes.ir/ http://www.mousavian.ir/ http://pankration.gov.ir/ http://room98.ir/ http://www.iribu.ir/ http://www.irib.ac.ir
chinese honker team[H.U.C] Im very sorry for this Testing! Because of this morning your Iranian Cyber Army Maybe you havent konw this thing!, This morning your Iranian Cyber Army intrusion our baidu.com So im very unfortunate for you Please tell your so-called Iranian Cyber Army Dont intrusion chinese website about The United States authorities to intervene the internal affairs of Irans response This is a warning! lKhack by toutian from Honker Union For China.
The screenshot was signed by a member from Honker Union for China, which is not the same as Honker Union of China. Lin Lin, leader of a Chinese hacker group Eviloctal Security Team, told the Global Times that the attack on Baidu did not involve the use of the best technology and imposed no risk to the company's server. Lin expressed concern that someone might have attacked Baidu just for fun. "I don't think it is Iranian hackers that attacked Baidu," he said. "I find no reason why Iranian hackers want to attack Baidu."
China And USA
Code
Red version 2 worm
Spread of the Code Red version 2 worm (World Wide Web Attack for 1 day)
www.mcdonalds.com.cn
"(We) protest that official McDonald's website lists Taiwan as a country, Taiwan is an indispensable part of China. Any illusion that separates Taiwan from China or hampers the unification between the straits will be eliminated!! We have only one China."
Statistic
of Website defacement attacking
K.
N. Srijith, "Analysis of Defacement of Indian Web Sites", 2002
Statistic
of Domain attacking
K.
N. Srijith, "Analysis of Defacement of Indian Web Sites", 2002
Statistic
of Domain in India attacking
K.
N. Srijith, "Analysis of Defacement of Indian Web Sites", 2002
"Security Operation Center" SOC CAT 2550 CAT Cyfence IT Security Information Security Management System : ISMS) ISO 27001 CAT
" " (Encryption)
(Symmetric key algorithms) (Secret key) 2 (Block Algorithms) (1 64 ) (Stream Algorithms) (Secret key) 2 (Block Algorithms) (1 64 ) (Stream Algorithms) (Asymmetric key algorithms) (Public keys Algorithms) (Public keys) (Private keys)
DES Triple-DES Blowfish IDEA RC4 AES (Rijndael) One-time Pads
RSA DSS MD
(Digital Signature Standard)
(Message Digest)
MD2, MD4, MD5 SHA, SHA-1 SHA-256, SHA-384, SHA-512
"Steganography" (Concealed Writing) . .1499 Johannes T. (Cryptography) Steganography
Steganography Analysis
Steganography
Detection Steganography Analysis
and Research Center
Steganography Analyzer Artifact Scanner
(StegAlyzerAS) Steganography Analyzer Signature Scanner
(StegAlyzerSS) Steganography Analyzer Real-Time Scanner
(StegAlyzerRTS)
scenarios no.1 - 7:00 p.m., Shanghai (Typical Digital Steganography) An employee of an electronic equipment factory uploads a music file to an online file-sharing site. Hidden in the MP3 file (Michael Jackson's album Thriller) are schematics of a new mobile phone that will carry the brand of a large American company. Once the employee's Taiwanese collaborators download the file, they start manufacturing counterfeit mobile phones essentially identical to the originaleven before the American company can get its version into stores. scenarios no.2 - 3:30 p.m., somewhere in Afghanistan (Typical Digital Steganography) A terrorist hunted by the U.S. Federal Bureau of Investigation posts an excerpt from the motion picture High School Musical Three: Senior Year on Facebook. Inside are hidden instructions for a bomb attack on a commuter rail line in southern Europe. Later that day, terrorists based in Athens follow the instructions to plan a rush hour attack that kills hundreds of people. scenarios no.3 - 4:00 a.m., Malibu, Calif. (VoIP steganography) VoIP steganography) A very famous actor (VFA) has a brief conversation with a well-known director (WKD) over Skype, an application that lets them make free voice calls over the Internet. They discuss the medical problems of VFA's cat in great detail. When the conversation is over, WKD's computer has a sleazy new additionin a folder on his desktop, there is a picture of a nude teenager, along with her mobile number and the date and time at which WKD will meet her at VFA's pool party for a photo session.
Voice
Over Internet Protocol Data Over Internet Protocol VoIP TCP/IP IP Network Internet TCP/IP VoIP TCP/IP PSTN
Public
Switched Telephone Network , , , TOT,TA,TT&T PSTN
system) SIP phone (
(VOIP phone
SIP) IP PBX VOIP Gateway (PSTN) 1.
SIP
based phone 2. based phone
phone
2 SoftwareHardware
SIP Phone IP PBX register IP PBX IP PBX VOIP Gateway VOIP ( VOIP service provider)
Gateway (PSTN) (IP network) 2 1. (PSTN) ( VOIP ) 2. ( VOIP ) (PSTN) VOIP
Digital Terrorism and Digital Crime
Information
sharing:
Online message boards Chat room Coordinate
attacks Spread propaganda Raise founds Recruit Steganography hide messages in files
New York Times (al-Qaeda) (Steganography) (Encode) USENET 11 . .2001 (Cryptography and Steganography. 2002 presentation of an overview of steganography, by Elonka Dunin, with discussion of whether Al Qaeda might have used steganography to plan the September 11, 2001 attacks.)
Facebook Myspace Hi5
~350,000,000 registered users ~130,000,000 registered users ~ 80,000,000 registered
users Twitter
~ 75,000,000 registered users
31 ..
35 " (Facebook) 565 2
Social Network Analysis & Data Mining
USA Today
reported that the NSA has been collecting the phone records of millions of Americans. The agency is apparently using "data mining" techniques to scour these records for connections between terrorists. According to an intelligence official interviewed by USA Today, NSA is analyzing this data using "social network analysis.
SNA
is a technique to map and study the relationships between people or groups.
I2 Analysts Notebook
Data
mining is the process of extracting/analyzing patterns from a large amount of data to produce an useful information.
Data
mining is becoming an increasingly important tool to transform these data into information. It is commonly used in a wide range of profiling practices, such as marketing, surveillance, fraud detection and scientific discovery.
Classification - Arranges the data into predefined groups. For example an email program might attempt to classify an email as legitimate or spam. Common algorithms include Decision Tree Learning, Nearest neighbor, naive Bayesian classification and Neural network. Clustering - Is like classification but the groups are not predefined, so the algorithm will try to group similar items together. Association rule learning (Link Analysis) - Searches for relationships between variables. For example a supermarket might gather data on customer purchasing habits. Using association rule learning, the supermarket can determine which products are frequently bought together and use this information for marketing purposes. This is sometimes referred to as market basket analysis
Lech J. Janczewski and Andrew M. Colarik. 2008. Cyber Warfare and Cyber Terrorism. IGI Global. London. 565 p.
For information technology specialists and information security specialists who want a first hand briefing on developments related to cyber warfare and cyber terrorism attacks.
Thank you for your attention