Information Security - Cyber Warfare by sa30230

VIEWS: 164 PAGES: 20

									Information Security
  It’s everyone’s responsibility!



                  VSI
          Vonachen Services Inc.
                                   ™
Information Security
Goals of this presentation
1. Awareness of the reality Cyber Warfare
2. Awareness of the impact of Cyber
   Warfare
3. Awareness of the individual and corporate
   responsibility of Information Security:
   focus on free software downloads
Reality of Cyber Warfare!
     Recent examples of Cyber Warfare!




Image from www.securitypronews.com/insiderreports/insider/spn-49-20050518IstheUSReadyForCyberWarfare.html
 Reality of Cyber Warfare!
                              "The aim is to develop a major command
                                that stands alongside Air Force Space
                                Command and Air Combat Command
                                as the provider of forces that the
                                President, combatant commanders
                                and the American people can rely on
                                for preserving the freedom of access
                                and commerce, in air, space and now
8th Air Force to become         cyberspace," Secretary Wynne said.
new cyber command
by Staff Sgt. C. Todd Lopez
Air Force Print News
11/3/2006
  Reality of Cyber Warfare!
                                 Chinese Cyberwar Alert!
                                 The Air Force has been tracking
                                   aggressive cyber incursions by
                                   computer technicians in China,
                                   primarily focused toward
                                   gathering information on military
                                   network infrastructure and
                                   American trade secrets, the Air
                                   Force's cyber warfare
                                   commander said this week.
DefenseTech.org, June 15, 2007
Reality of Cyber Warfare!
               WASHINGTON - The Homeland Security
                Department, the lead U.S. agency for
                fighting cyber threats, suffered more
                than 800 hacker break-ins, virus
                outbreaks and other computer security
                problems over two years, senior officials
                acknowledged to Congress.

“DHS acknowledges own computer break-ins” by Ted Bridis, Associated Press,
June 20, 2007
http://news.yahoo.com/s/ap/20070620/ap_on_go_ca_st_pe/dhs_computer_security
Reality of Cyber Warfare!
FBI: Operation Bot Roast finds over 1 million botnet
  victims
The Department of Justice and FBI today said
  ongoing investigations have identified over 1
  million botnet crime victims.



NetworkWorld, Submitted by Layer 8, 06/13/2007,
http://www.networkworld.com/community/?q=node/16193   Image by Hackaday.com
Reality of Cyber Warfare!
Most owners of the compromised computers are
  unknowing and unwitting victims. They have
  unintentionally allowed unauthorized access and use of
  their computers as a vehicle to facilitate other crimes,
  such as identity theft, denial of service attacks,
  phishing, click fraud, and the mass distribution of spam
  and spyware.


 NetworkWorld, Submitted by Layer 8, 06/13/2007,
 http://www.networkworld.com/community/?q=node/16193   Image by Hackaday.com
Reality of Cyber Warfare!
Because of their widely distributed
 capabilities, botnets are a growing threat
 to national security, the national
 information infrastructure, and the
 economy, the FBI said.

 NetworkWorld, Submitted by Layer 8, 06/13/2007,
 http://www.networkworld.com/community/?q=node/16193   Image by Hackaday.com
Impact of Cyber Warfare!
DDoS Cyber Attack Cripples the Nation of
 Estonia!

The Nation of Estonia had to ask NATO for assistance.
“‘Estonia has built its future on having a high-tech government and economy,
and it’s basically been brought to its knees,’ says Howard Schmidt, a former
White House Cybersecurity adviser and former chief security officer at eBay
and Microsoft.”

 Larry Greenemeier, Informationweek.com, May 28, 2007
                                                            Image by Hackaday.com
Impact of Cyber Warfare!
“A distributed denial-of-service, or DDoS,
  attack occurs when hundreds or thousands
  of compromised computers are enlisted.”
I.E. The BOTNETS the FBI report was talking
  about!


Robert Vamosi, “Cyberattacks in Estonia – what it really means” CNET
News.com, May 29, 2007                                     Image by Hackaday.com
Impact of Cyber Warfare!
“The SANS Internet Storm Center received a
  report indicating that purchase prices of
  BOTnets have been falling recently, due in
  part to groups from Russia willing to sell
  them for as little as 25 cents per bot.”


Lenny Zeltser. “BOTNET MARKET” Information Security, May 2007.
                                                      Image by Hackaday.com
The Terms
“A ‘BOT' is a type of [program] which allows an attacker to gain
   complete control over the affected computer. Computers that
   are infected with a ‘BOT' are generally referred to as
   'zombies‘. There are literally [millions] of computers on the
   Internet which are infected with some type of ‘BOT' and don't
   even realize it. Attackers are able to access lists of 'zombie'
   PC's and activate them to help execute” cyber warfare
   attacks.
A ‘BOTNET’ is simply an army of two or more ‘zombies’ .
http://netsecurity.about.com/od/frequentlyaskedquestions/qt/pr_bot.htm

 Image: defensetech.org
The Scenario: Stage 1
A Nation State (i.e. China, Russia, North
  Korea) or Borderless State (i.e. Al Qaeda,
  Hamas, Fatah, etc…) amasses a multi
  million botnet army, and most of the
  zombies are right here in America and may
  include your computer.


                             Image by ddanchev.blogspot.com/
The Scenario: Stage 2
They unleash the botnet army on U.S.
 government and financial systems causing
 panic and economic disaster just prior to a
 conventional military strike, and your
 computer helped!



                             Image by ddanchev.blogspot.com/
 Our Responsibility

 We are all Cyber Warriors!
 It is every individuals responsibility to not
    become an unwitting victim in a Cyber War!
 VSI has a responsibility to protect its IT
    resources from being used in a Cyber War!
                                 VSI
Image: defensetech.org   Vonachen Services Inc.
                                                  ™
Our Responsibility
The Secondary Danger of Free Computer
 Downloads: BOT infections!
There is a secondary danger of using free computer software (i.e. weather bug,
google toolbar, music downloads, etc. . .) that computer users often over look.
Criminals know that the fastest way to gain access to millions of computers is
to hack the server of a free software site. After hacking the site the criminals
load software that every computer downloads as part of its normal update (i.e.
like downloading the latest weather forecast) and installs on your computer.




                                                     Image by ddanchev.blogspot.com/
Our Responsibility
Some of you may remember the WWII slogan “loose
  lips sink ships!” Well, this is the information age,
  and you are responsible for your computers. You
  wouldn’t want your computer to take part in
  shutting down our nation’s national defense
  system would you?
In-Secure Computers Make an In-Secure Nation!
                     Do your part!
         Image from www.securitypronews.com/insiderreports/insider/spn-49-20050518IstheUSReadyForCyberWarfare.html
Information Security!
n   Cyber Threats are real and increasing
n   Individuals have a responsibility to not
    become a zombie in a botnet!
n   VSI employees have a responsibility to not
    let their VSI system become a zombie
n   VSI IT has a responsibility to protect
    company resources
n   The future. . . ‘licensed’ internet use?
Information Security
Mick Dobra
Network Administrator
Vonachen Services Inc.
www.vonachenservices.com
mick.dobra@vonachenservices.com




                               VSI
                       Vonachen Services Inc.
                                                ™

								
To top