Presentation is loading. Please wait.

Presentation is loading. Please wait.

Computer Security Fundamentals

Published byAgatha Johns Modified over 9 years ago

Similar presentations

Presentation on theme: "Computer Security Fundamentals"— Presentation transcript:

1 Computer Security Fundamentals
by Chuck Easttom Chapter 12 Cyber Terrorism and Information Warfare

2 Chapter 12 Objectives Explain cyber terrorism
Understand information warfare Understand plausible cyber terrorism scenarios Appreciate the dangers posed by cyber terrorism Explain what cyber terrorism is and how it has been used in some actual cases. Understand the basics of information warfare. Have a working knowledge of some plausible cyber terrorism scenarios. Have an appreciation for the dangers posed by cyber terrorism. © 2012 Pearson, Inc Chapter 12 Cyber Terrorism and Information Warfare

3 Introduction Cyber Terrorism
Simply, the use of computers to launch a terrorist attack. Like other forms of terrorism, only the milieu of the attack has changed. Cyber Terrorism, according to the definition of the FBI: Premeditated, politically motivated attack against information, computer systems, computer programs, and data that results in violence against noncombatant targets by subnational groups or clandestine agents. Typically, loss of life in a cyber attack would be less than in a bombing attack. © 2012 Pearson, Inc Chapter 12 Cyber Terrorism and Information Warfare

4 Introduction (cont.) Cyber Terrorism Significant economic damage
Disruptions to communications Disruptions in supply lines General degradation of the national infrastructure All possible via the Internet All these could lead to significant deaths: train wrecks, hospital deaths, loss of air traffic control resulting in plane crashes, and so forth. © 2012 Pearson, Inc Chapter 12 Cyber Terrorism and Information Warfare

5 Introduction (cont.) Cyber Terrorism
MyDoom virus may have been an example. Our nation can expect to be the target of serious cyber terrorism. How serious is this threat? Cyber Terrorism Some experts believe that the MyDoom virus (Chapter 4) was an example of domestic economic terrorism; just a tip of the iceberg. Sometime in the near future, our nation can expect to be the target of a serious cyber terrorism attack. © 2012 Pearson, Inc Chapter 12 Cyber Terrorism and Information Warfare

6 Economic Attacks Cyber attacks cause economic damage:
Lost files and records Destroyed data Stolen credit cards Money stolen from accounts Time the IT staff spends cleaning up These cyber attacks are not necessarily terrorist attacks. We have gone over them in past chapters on fraud. The focus of this chapter is the concerted and deliberate attack against a particular target for the exclusive purpose of causing direct damage. © 2012 Pearson, Inc Chapter 12 Cyber Terrorism and Information Warfare

7 Economic Attacks (cont.)
Any organization wanting to do harm could set up a group with Computer security experts Programming experts Networking experts © 2012 Pearson, Inc Chapter 12 Cyber Terrorism and Information Warfare

8 Economic Attacks (cont.)
Team 1 sets up fake e-commerce sites for a few days: Harvest credit card numbers, bank account numbers, and so forth All numbers posted to the Web anonymously on a predetermined date For maximum damage, Team 1 could poison the DNS server to redirect to the bogus sites. © 2012 Pearson, Inc Chapter 12 Cyber Terrorism and Information Warfare

9 Economic Attacks (cont.)
Team 2 creates a Trojan Showing business tips or slogans, popular download with business people Deletes key system files on a certain date © 2012 Pearson, Inc Chapter 12 Cyber Terrorism and Information Warfare

10 Economic Attacks (cont.)
Team 3 creates a virus. A DDoS on key financial Web sites, all to take place on the same predetermined date. Teams 4 and 5 footprint major bank systems. Team 6 prepares to flood the Internet with false stock tips. What if all these attacks happened on the same predetermined day? This could cause more damage to our nation than most traditional (bombing) attacks have ever done. Imagine not one group with six teams, but five groups with six teams, with each group having a trigger date 2 weeks later than the last. © 2012 Pearson, Inc Chapter 12 Cyber Terrorism and Information Warfare

11 Economic Attacks (cont.)
The biological weapons expert community has been solicited by terrorists. How long will it be before terrorists seek out the security/hacking community? These groups may already have been formed. We just don’t know it. © 2012 Pearson, Inc Chapter 12 Cyber Terrorism and Information Warfare

12 Military Operations Attacks
Attempts to hack into the ultra-secure DoD, CIA, or NSA systems would be met with immediate arrest. A successful attack on less secure systems could also put our country at risk. Lower-level security systems that protect the logistics programs These agencies are well protected. But how about lower levels, which can be used by hackers in reconnaissance to glean info for social engineering? © 2012 Pearson, Inc Chapter 12 Cyber Terrorism and Information Warfare

13 Military Operations Attacks (cont.)
One hack finds that C-141s are routed to a certain base. Another hack reveals food for 5,000 is delivered to that base. The final hack shows two brigades have had leaves canceled. Social engineering puts information together to reveal size and time of a deployment. C-141s are troop transport planes. © 2012 Pearson, Inc Chapter 12 Cyber Terrorism and Information Warfare

14 Military Operations Attacks (cont.)
Variations on a theme Hacker changes the date and destination of the food and weapons delivery. Brigades are now at risk. Without food and ammunition © 2012 Pearson, Inc Chapter 12 Cyber Terrorism and Information Warfare

15 Military Operations Attacks (cont.)
Illustrates the need for high security on all military systems. There are clearly no “low-priority” security systems. Cliff Stoll’s hackers got into U.S. government subcontractors’ systems and used information stored there to gain higher and higher access. They eventually got military secrets that led to the loss of many American lives. © 2012 Pearson, Inc Chapter 12 Cyber Terrorism and Information Warfare

16 General Attacks Unfocused attacks with no specific target
Sheer volume of these attacks causes significant economic damage. IT personnel drop normal projects to combat general attacks. E-commerce is virtually unusable. A continued series of attacks could cause enough fear in individuals and companies that they would resort to antiquated means to communicate other than the Internet. © 2012 Pearson, Inc Chapter 12 Cyber Terrorism and Information Warfare

17 Information Warfare Any attempt to manipulate information in pursuit of a military or political goal: Use computers to gather information. Use computers to disseminate propaganda. © 2012 Pearson, Inc Chapter 12 Cyber Terrorism and Information Warfare

18 Information Warfare (cont.)
Propaganda: Any group could use what appears to be an Internet news Web site. Many people believe and repeat what they see on the Internet. Propaganda is defined as “Information, ideas, opinions, or images, often only giving one part of an argument, which are broadcast, published, or in some other way spread with the intention of influencing people's opinions.” *Cambridge Dictionaries Online © 2012 Pearson, Inc Chapter 12 Cyber Terrorism and Information Warfare

19 Information Warfare (cont.)
Information Control Since World War ll, part of political and military conflicts Tokyo Rose Radio Free Europe Language manipulation Innocent civilians killed = collateral damage Starting a war = preemptive action Propaganda Since World War ll, part of political and military conflicts Tokyo Rose in the Orient by the Japanese Radio Free Europe (RFE) in the cold war by the Allies Language manipulation Innocent civilians killed in a bombing = collateral damage Starting a war = preemptive action During World War II, a young Japanese-American woman gained notoriety as “Tokyo Rose” for her broadcasts of Japanese propaganda beamed over Radio Tokyo to American troops in the South Pacific. © 2012 Pearson, Inc Chapter 12 Cyber Terrorism and Information Warfare

20 Information Warfare (cont.)
Information Control The Internet is an inexpensive vehicle for swaying public opinion Web sites Postings to discussion groups and bulletin boards Public opinion quickly gains momentum Closely related to propaganda © 2012 Pearson, Inc Chapter 12 Cyber Terrorism and Information Warfare

21 Information Warfare (cont.)
Disinformation Locate false information behind relatively secure systems, but not secure enough to keep out enemy. The work the enemy has to do to acquire the disinformation will convince them of its value. * © 2012 Pearson, Inc Chapter 12 Cyber Terrorism and Information Warfare

22 Actual Cases Many influential people do not believe in cyber warfare.
These events appear to contradict them: The People’s Liberation Army [China] has formulated an official cyber warfare doctrine. The actual events that are mentioned here are not in the text. They are taken from a report on Cyber Warfare by the Institute for Security Technology Studies, 2004, written in response to a grant from the Department of Homeland Security. You may use them as you see fit. “Within the framework of an integrated national plan, the People’s Liberation Army (PLA) [China] has formulated an official cyber warfare doctrine, implemented appropriate training for its officers, and conducted cyber warfare simulations and military exercises.” © 2012 Pearson, Inc Chapter 12 Cyber Terrorism and Information Warfare

23 Actual Cases (cont.) In Tehran [Iran], the armed forces and technical universities joined to create independent cyber R & D centers and train personnel in IT skills. Tehran seeks to buy IT technical assistance and training from Russia and India. In Tehran [Iran], “(T)he armed forces and technical universities have joined in an effort to create independent cyber R & D centers and train personnel in IT skills; and second, Tehran actively seeks to buy IT and military related technical assistance and training from both Russia and India. … Iran is leveraging its resources in the non-conventional weapons and IT sector as a ‘force multiplier’.”* © 2012 Pearson, Inc Chapter 12 Cyber Terrorism and Information Warfare

24 Actual Cases (cont.) Russia’s armed forces have developed a robust cyber warfare doctrine. Moscow also has a track record of offensive hacking into Chechen Web sites. Available evidence is inadequate to predict whether Russia’s intelligence services or armed forces would attack U.S. networks. “Russia’s armed forces, collaborating with experts in the IT sector and academic community, have developed a robust cyber warfare doctrine… “Information weaponry,” i.e., weapons based on programming code, receives paramount attention in official cyber warfare doctrine. Moscow also has a track record of offensive hacking into Chechen Web sites.” “Although we assess it likely that Moscow will continue to scout U.S. military and private sector networks and Web sites, available evidence is inadequate to predict whether Russia’s intelligence services or armed forces would attack U.S. networks.”* © 2012 Pearson, Inc Chapter 12 Cyber Terrorism and Information Warfare

25 Future Trends Positive Trends Cyberterrorism Preparedness Act of 2002
$350,000,000 over 5 years for improving network security Cybersecurity Research and Education Act of 2002 $50,000,000 over 4years for training IT specialists in IT security Do you think that’s enough money? © 2012 Pearson, Inc Chapter 12 Cyber Terrorism and Information Warfare

26 Future Trends (cont.) Negative Trends Rand report on cyber terrorism
Possible attacks on chemical plants, water supplies, or power supplies resulting in massive casualties, rather than simply economic damage. Rand report on cyber terrorism © 2012 Pearson, Inc Chapter 12 Cyber Terrorism and Information Warfare

27 Defense Against Cyber Terrorism
Recommendations for preparing for and protecting against cyber terrorism include A Manhattan Project-level program Research and academic programs dedicated to security Computer crime treated more seriously © 2012 Pearson, Inc Chapter 12 Cyber Terrorism and Information Warfare

28 Defense Against Cyber Terrorism (cont.)
Every police department must have access to computer crime specialists. Security professionals must have a forum to report and discuss emergencies. © 2012 Pearson, Inc Chapter 12 Cyber Terrorism and Information Warfare

29 Summary There are various forms of cyber terrorist attacks across all industries. Many experts believe it is a credible threat. How could your computer systems be used against you and your company? © 2012 Pearson, Inc Chapter 12 Cyber Terrorism and Information Warfare

Download ppt "Computer Security Fundamentals"

Similar presentations

James D. Brown Chief Engineer and Senior Fellow Information Resource Management L-3 Communications.

James D. Brown Chief Engineer and Senior Fellow Information Resource Management L-3 Communications.
Introduction and Overview of Digital Crime and Digital Terrorism

Introduction and Overview of Digital Crime and Digital Terrorism
Chapter 2 Digital Terrorism.

Chapter 2 Digital Terrorism.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,

Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,
Computer Security Fundamentals by Chuck Easttom Chapter 3 Cyber Stalking, Fraud, and Abuse.

Computer Security Fundamentals by Chuck Easttom Chapter 3 Cyber Stalking, Fraud, and Abuse.
ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.

ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.
Information Warfare and Internet Resources. Andrianova Maria Igorevna Saratov State University, Sociology Department, 4 year student.

Information Warfare and Internet Resources. Andrianova Maria Igorevna Saratov State University, Sociology Department, 4 year student.
DoD and Cyber-Terrorism Eric Fritch CPSC 620. What is cyber-terrorism? The premeditated, politically motivated attack against information, computer systems,

DoD and Cyber-Terrorism Eric Fritch CPSC 620. What is cyber-terrorism? "The premeditated, politically motivated attack against information, computer systems,
Computer Threats I can understand computer threats and how to protect myself from these threats.

Computer Threats I can understand computer threats and how to protect myself from these threats.
Addressing Terrorist Use of the Internet, Cyber Crime and Other Threats: National Expert Workshop Forging a Comprehensive Approach to Cyber Security Richard.

Addressing Terrorist Use of the Internet, Cyber Crime and Other Threats: National Expert Workshop Forging a Comprehensive Approach to Cyber Security Richard.
Cyberterrorism: The Bloodless War? Pat Mcgregor Chief Information Security Architect Intel Corporation 3 October 2001.

Cyberterrorism: The Bloodless War? Pat Mcgregor Chief Information Security Architect Intel Corporation 3 October 2001.
Cyber Capabilities Example IT 298 / Bohman January 6 th, 2014.

Cyber Capabilities Example IT 298 / Bohman January 6 th, 2014.
Network Security of The United States of America By: Jeffery T. Pelletier.

Network Security of The United States of America By: Jeffery T. Pelletier.
Safe Information By Eli Salazar. The Government The Internet A strategic way to communicate top secret plans. The government used Internet for its safety.

Safe Information By Eli Salazar. The Government The Internet A strategic way to communicate top secret plans. The government used Internet for its safety.
Copyright © 2002 Pearson Education, Inc. Slide 5-1 PERTEMUAN 8.

Copyright © 2002 Pearson Education, Inc. Slide 5-1 PERTEMUAN 8.
INFORMATION WARFARE Written by: Larry Druffel Presented by: Frank Dang TCOM 614 Introduction to Telecommunication University of Redlands.

INFORMATION WARFARE Written by: Larry Druffel Presented by: Frank Dang TCOM 614 Introduction to Telecommunication University of Redlands.
Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services

Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services
Information System Security and the US Military Ben Mascolo – ISC 300.

Information System Security and the US Military Ben Mascolo – ISC 300.
Computer Security Fundamentals by Chuck Easttom Chapter 5 Malware.

Computer Security Fundamentals by Chuck Easttom Chapter 5 Malware.
CJ © 2011 Cengage Learning Chapter 17 Cyber Crime and The Future of Criminal Justice.

CJ © 2011 Cengage Learning Chapter 17 Cyber Crime and The Future of Criminal Justice.

Similar presentations

Ads by Google