<<  Arhitecture de paris Assa Evolution AssaBalt AS  >>
Ask a Scientist, 2010-2011 7.00 pm @ Acoustic Caf
Ask a Scientist, 2010-2011 7.00 pm @ Acoustic Caf
Congratulations
Congratulations
Computer Security and Cyberwarfare
Computer Security and Cyberwarfare
Messages
Messages
Definition of Cyberwarfare
Definition of Cyberwarfare
Related Terms and Issues
Related Terms and Issues
Related Issues
Related Issues
Malware Terminology
Malware Terminology
Relationship to Traditional Warfare
Relationship to Traditional Warfare
Thematic Issues
Thematic Issues
Technological Approaches for Cyberattacks
Technological Approaches for Cyberattacks
Infrastructure Subject to Attack
Infrastructure Subject to Attack
Scope of Cyberspace
Scope of Cyberspace
Cyberspace (2)
Cyberspace (2)
Cyberspace (3)
Cyberspace (3)
Why Is Everything Connected
Why Is Everything Connected
Four Examples of Possible Cyberwar Activity
Four Examples of Possible Cyberwar Activity
1. Titan Rain (2003-on)
1. Titan Rain (2003-on)
2) Syria (Sept
2) Syria (Sept
3) Estonia (April 2007)
3) Estonia (April 2007)
4) Stuxnet Worm
4) Stuxnet Worm
4) Stuxnet Worm (cont
4) Stuxnet Worm (cont
Political Issues
Political Issues
Difficulties in Defense
Difficulties in Defense
Difficulties in Defense for USA
Difficulties in Defense for USA
What To Do
What To Do
Disincentives to Cyberwar
Disincentives to Cyberwar
Moderating Effects on Cyberwar
Moderating Effects on Cyberwar
Cyber Treaties
Cyber Treaties
References / More Information
References / More Information
Questions / Discussion
Questions / Discussion

: Ask a Scientist. : . : Ask a Scientist.ppt. zip-: 929 .

Ask a Scientist

Ask a Scientist.ppt
1 Ask a Scientist, 2010-2011 7.00 pm @ Acoustic Caf

Ask a Scientist, 2010-2011 7.00 pm @ Acoustic Caf

(except for Januarys Ask a Scientist for Kids) Tuesday, October 26 Paul Wagner (UWEC Computer Science) ?"Computer Security and Cyberwarfare" Tuesday, November 23 ?Steve Weiss, M.D. (Luther Hospital) Power Issues in the Doctor-Patient Relationship [December no talk] Saturday, January 22 Ask a Scientist for Kids (Eau Claire Childrens Museum, 2-4 pm) Tuesday, February 22 Winnifred Bryant (UWEC Biology) Environmental EstrogensPotential Risks to Human Health Tuesday, March 29 Bev Pierson (Memorial High School) Astrobiology: the new science of life in the universe Tuesday, April 26 Paul Thomas (UWEC Physics and Astronomy) Hot News from Space

2 Congratulations

Congratulations

Dr. Paul Thomas Recipient of the UW Systems 2010 Regents Teaching Excellence Award For career achievements in teaching Only two individual recipients per year in UW System

3 Computer Security and Cyberwarfare

Computer Security and Cyberwarfare

Dr. Paul Wagner wagnerpj@uwec.edu

4 Messages

Messages

Cyberwar is an important evolutionary idea that has the potential for significant effect on all USA and world citizens Cyberattacks at the level of cyberwar have already occurred, and are occurring with increasing frequency and effect Cyberwar may be used as a political lever for increased governmental controls on cyberspace

5 Definition of Cyberwarfare

Definition of Cyberwarfare

Actions by a nation-state to penetrate another nation's computers or networks for the purposes of causing damage or disruption Richard A. Clarke, Cyber War a new domain in warfare William J. Lynn, U.S. Deputy Secretary of Defense

6 Related Terms and Issues

Related Terms and Issues

Cyber-terrorism parallel definition, different actor actions by terrorists to penetrate another nation's computers or networks for the purposes of causing damage or disruption Cyber-spying / cyber-espionage actions by parties outside of a country or organization to penetrate another nation's computers or networks for the purposes of stealing information Increasingly difficult to distinguish countries and organizations Countries may be (increasing evidence that they are) using 3rd parties (organized crime, other organizations) to do their work

7 Related Issues

Related Issues

Is the term cyberwar appropriate? Nature of warfare has changed WW II => Vietnam => Iraq / Afghanistan Does the term overstate or mis-state the issue? We probably havent seen true cyberwar yet Where is the line between war and espionage, war and terrorism, or war and crime (e.g. theft)?

8 Malware Terminology

Malware Terminology

Worms software that spreads on own with harmful consequences Virus malware attached to other software (e.g. email attachment) Trojan Horse software that appears to be positive but have harmful effects Logic bomb software planted to activate at a later date/time with harmful consequences

9 Relationship to Traditional Warfare

Relationship to Traditional Warfare

Cyberwar could be additional domain in traditional warfare Used as initial stage to reduce command and control facilities, harm national infrastructure, spread propaganda, reduce confidence in government Could be a standalone approach to warfare Potential for significant harm to foreign country in the information age

10 Thematic Issues

Thematic Issues

Convenience vs. Security Security and Privacy Evolution of Cyberattacks At the beginning: Status More recently: Financial gain Now: Political gain

11 Technological Approaches for Cyberattacks

Technological Approaches for Cyberattacks

Three Major Approaches 1) Break in, steal information From computer systems or networks 2) Directly affect functionality of computers or related equipment through use of worms, viruses, logic bombs and/or other malware 3) Denial of Service (DoS) flood of messages to computer systems that overwhelms them and renders them non-functional

12 Infrastructure Subject to Attack

Infrastructure Subject to Attack

Businesses Military command and control system Transportation systems Air Rail Power grid Manufacturing facilities Communication systems

13 Scope of Cyberspace

Scope of Cyberspace

Cyberspace starts with the internet Internet = network of networks

14 Cyberspace (2)

Cyberspace (2)

Beyond every computer system thats connected by wire, cyberspace also includes: Isolated networks (private, corporate, military) Laptop and other personal PCs connected some of the time (wireless, modems) Industrial control machinery, including programmable logic controllers (PLCs) Industrial robots (connected to PLCs or directly to computers) Home control equipment (home appliances and their control units) Mobile devices (smart phones, PDAs, ) USB and other storage devices

15 Cyberspace (3)

Cyberspace (3)

16 Why Is Everything Connected

Why Is Everything Connected

Convenience Connect to others through email, world-wide web, social media Internet service provider can remotely-diagnose problems on your computer Appliance company can remotely diagnose problems with equipment in your home City can read your water meter You can turn on your oven/lights from work Systems can interact

17 Four Examples of Possible Cyberwar Activity

Four Examples of Possible Cyberwar Activity

Titan Rain (2003-on) Syria (2007) Estonia (2007) Stuxnet Worm (2009-2010)

18 1. Titan Rain (2003-on)

1. Titan Rain (2003-on)

Coordinated attacks on US military and industrial computer systems Access gained to computer systems and networks including Lockheed Martin, Sandia National Laboratories, and NASA Purpose and identity of attackers remains unclear, though origin appears to be Chinese military Though could be through Chinese military

19 2) Syria (Sept

2) Syria (Sept

2007)

Israeli aerial bombing of facility in Syria, alleged nuclear facility being constructed by North Koreans Syrian air defense networks saw no planes; later found Russian-built radar system screens manipulated to show nothing Exact cause not known, but options all point to manipulation of software controlling radar system

20 3) Estonia (April 2007)

3) Estonia (April 2007)

Sometimes referred to as Web War 1 Followed Estonia relocating the Bronze Soldier of Talinn, a Russian monument Sophisticated and large set of denial of service (DoS) attacks on Estonian parliament, banks, ministries, newspapers, other web sites Severe effect on above institutions for approximately three weeks

21 4) Stuxnet Worm

4) Stuxnet Worm

Very complex Windows-specific computer worm that infects computers and connected industrial control equipment (PLCs) First known worm to attack industrial infrastructure Spreads through USB thumb drives as well as network connections Utilizes four zero-day exploits Uses stolen valid security certificates

22 4) Stuxnet Worm (cont

4) Stuxnet Worm (cont

Initial high rate of infection in Iran, specifically found at nuclear facilities May be government (Israel, US, UK?) attempt to damage Iranian nuclear facilities Unclear if delay or damage actually occurred Worm has spread to many other countries (including large infection of Chinese systems)

23 Political Issues

Political Issues

Is the threat of cyberwar overstated? Several experts say yes, including Marc Rotenberg (Electronic Privacy Information Center) and Bruce Schneier (Chief Technology Officer, BT Counterpane) Issues: Much hyperbole, sexy news Little distinction by many between cyberwarfare and cyberspying; threats today are more from cyber-espionage Used to generate additional funding for U.S. cyberdefense efforts Used to justify efforts to give U.S. government more control over Internet (e.g. control over encryption)

24 Difficulties in Defense

Difficulties in Defense

Many entry points to internet, most networks Difficult to trace attacks Many from robot networks (botnets) of compromised PCs Internet created for convenience, not security Internet technology does not support easy defense Unknown capabilities of other nations, groups So, little deterrence exists Security is a process, not a product Bruce Schneier Defenders have to defend against many possible attacks, but attackers only have to find one hole

25 Difficulties in Defense for USA

Difficulties in Defense for USA

Internet created in USA in an environment of intellectual freedom, mostly under private (not government) control Efforts to change e.g. Kill Switch bill (2010) in Congress giving government power to take over parts of internet in national emergency Other countries can more easily mount defense (e.g. fewer entry points, government can already control networks) US military cyber-capabilities are significantly focused on offense, not defense

26 What To Do

What To Do

Suggestions: 1) Enact limited government regulation of internet, cyberspace Need international cooperation as well as national efforts 2) Increase resources for cyber-defense (government, private) 3) Isolate critical infrastructure (e.g. power grid) from the internet Source: Richard A. Clarke, Cyber War 4) Investigate cyber-treaties

27 Disincentives to Cyberwar

Disincentives to Cyberwar

Potential for retribution Harming the internet tends to harm everyone Difficult to contain scope of cyberattacks Non-cyber interests are connected E.g. China owns significant portion of U.S. financial structure

28 Moderating Effects on Cyberwar

Moderating Effects on Cyberwar

Diversity of systems and networks Many networks, multiple operating systems Increasing efforts on intrusion detection and prevention Early detection may help reduce scope of effects, though malware can spread quickly

29 Cyber Treaties

Cyber Treaties

Benefits Set ground rules for national cyber behavior Attempt to avoid collateral damage to citizens Issues Enforceability Use of cyber treaties to limit speech Current Russian proposal attempts to prohibit any government from using internet to interfere with any other government (e.g. promote, encourage or assist in dissent)

30 References / More Information

References / More Information

Cyber War The Next Threat to National Security by Richard A. Clarke (2010) NPR Morning Edition Two-Part Series http://www.npr.org/templates/story/story.php?storyId=130023318 http://www.npr.org/templates/story/story.php?storyId=130052701 The Online Threat, article by Seymour Hersch http://www.newyorker.com/reporting/2010/11/01/101101fa_fact_hersh?currentPage=all Wikipedia Cyberwarfare http://en.wikipedia.org/wiki/Cyberwarfare Wikipedia Cyberterrorism http://en.wikipedia.org/wiki/Cyber_terrorism

31 Questions / Discussion

Questions / Discussion

Dr. Paul Wagner Email: wagnerpj@uwec.edu http://www.cs.uwec.edu/~wagnerpj

Ask a Scientist
http://900igr.net/prezentacija/bez_uroka/ask-a-scientist-249011.html
c

1
900igr.net > > > Ask a Scientist