Cyber Warfare Case Study: Estonia

Document Sample
Cyber Warfare Case Study: Estonia Powered By Docstoc
					  Jill Wiebke
April 5, 2012
• Cyber warfare “is a combination of computer
  network attack and defense and special technical
  operations” (IEEE)
• 8 Principles:
 Lack of physical limitations   Identity & privileges
 Kinetic effects                Dual use
 Stealth                        Infrastructure control
 Mutability & inconsistency     Information as
                                operational environment
• Malicious cyber activity: crime, espionage,
  terrorism, attacks, warfare
• Classifications are made by intentions of
  perpetrator and effect of the act
• Definition of cyber attack is inconsistent
• Baltic territory
• Capital: Tallinn
• Independence in 1918
• Forced into the USSR in 1940
• Regained freedom in 1991,
  Russian troops left in 1994
• Joined UN in 2001, and NATO
  and EU in 2004
• Known as an “e-society,”
  paperless government,
  electronic voting, etc.
• Who: That’s the real question, isn’t it?
• What: Distributed denial of service (DDoS) attacks on
  government, banks, corporate websites; website
  defacement
• When: April 27, 2009 – May 18, 2007
• Where: Estonia
• Why: Another good question…
• How: Well-known attack types, but “unparalleled in
  size;” hundreds of thousands of attack computers
• April 27: Estonian government websites shut down from
  traffic, defaced
• April 30: Estonia began blocking Web addresses ending in
  .ru
  Increased attack sophistication; targets now included media
  websites attacked by botnets
• 1 million computers were unwittingly employed to deploy
  botnets in US, China, Vietnam, Egypt, Peru
• May 1: Estonian ISPs under attack
• May 9: Russian victory in WWII – new wave of attacks at
  Russian midnight
• May 10: Banks are attacked
• Estonia had just decided to relocate a Soviet WWII memorial
• Large, well-organized, well-targeted attacks – not spontaneous
  – began hours after the memorial was relocated
• Malicious traffic indicated political motivation and Russian
  language background
• Instructions for attacking websites were posted in Russian
  language forums including when, what, and how to attack
• Did not accuse Russian government (not enough evidence), but
  attacks are believed to have originated in Moscow
• IP addresses of attackers belong to Russian presidential
  administration
• Russian officials denied any involvement; IPs could have been
  spoofed
• One person has been convicted – student in Estonia
  organized a DDoS attack on the website of an
  Estonian political party
• NATO enhanced its “cyber-war capabilities”
• Created a “cyber defense research center in
  Tallinn in 2008”
• Cyber Command – Full Operating Capability on
  Oct 31, 2010
• Georgia
  • DDOS attacks coincided with Russian invasion in August 2008
• Stuxnet
  • Worm that targets industrial control systems
  • Infected Iranian nuclear facilities
• Titan Rain
  • Suspected Chinese attacks on the US since 2003
  • “Nearly disrupted power on the West Coast”
  • Security breaches at defense contracting companies
• Attribution
  • Nation-state actors
  • Non-state actors
  • “Hired guns”
  • Trails end at an ISP
• New territory – no rules/standards
  • Legal territory issues
  • International laws do not exist yet
  • Crime of Aggression definition
• Impacts
• The US heavily relies on cyber networks, so a
  cyber attack could be highly detrimental
  • Physical impacts
    •   Disable water purification systems
    •   Turn of electricity
    •   Misrouting planes/trains
    •   Opening dams
    •   Melting nuclear reactors
  • Communication network impacts
    • Stock market manipulations
    • Wireless Internet access outages
• Cyber attacks are increasing in threats, frequency,
  and intensity
• Targets range from government entities, banks,
  corporations, to private businesses
• We are the “cyber warriors” and “network ninjas”
  that will be dealing with the effects of cyber
  warfare
•   https://www.cia.gov/library/publications/the-world-factbook/geos/en.html
•   http://www.state.gov/r/pa/ei/bgn/5377.htm
•   http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=5634434
•   http://www.stratcom.mil/factsheets/cyber_command/
•   https://docs.google.com/a/utulsa.edu/file/d/0B7yq33Gize8yNjEzNDkxM
    GMtOWMyNS00ZDJhLTg4MDUtZDUwODQ2YjQwOTIw/edit?pli=1
•   http://www.industrialdefender.com/general_downloads/news_industry/200
    8.04.29_cyber_attacks_p1.pdf
•   http://www.getgogator.com/News/Content/Articles/Malware/The%20Evolu
    tion%20of%20Cyber%20Warfare.pdf
•   msl1.mit.edu/furdlog/docs/washpost/2007-05-
    19_washpost_estonia_cyberattacked.pdf
•   http://www.msnbc.msn.com/id/31801246/ns/technology_and_science-
    security/t/look-estonias-cyber-attack/#.T3Mt7NmGWW9
•   ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6029360&tag=1
•   http://www.law.duke.edu/journals/dltr/articles/2010dltr003.html

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:120
posted:7/5/2012
language:English
pages:13