Information and Cyber Warfare by liuhongmei

VIEWS: 89 PAGES: 61

									Information and Cyber Warfare
            Lesson 5
Motivating Factors in Hacking –
4 Domains outlined by Dr. Denning
 Play: hacking/cracking, phreaking
 crime: illegal acts including intellectual property
  crime and computer fraud and abuse
 individual rights: conflicts over free speech and
  privacy
 national security: foreign intelligence operations,
  war and military conflicts, terrorism, and operations
  against a nation by nonstate players
Motivation -- Play
Motivation -- Play
   From an Interview of a ―cracker‖ by Dr. Dorothy Denning:
        Hacking was the ultimate cerebral buzz for me. I would come home from another
        dull day at school, turn my computer on, and become a member of the hacker
        elite. It was a whole different world where there were no condescending adults
        and you were judged by your talent. I would first check in to the private bulletin
        boards where other people who were like me would hang out, see what the new
        was in the community, and trade some info with people across the country. Then
        I would start actually hacking. My brain would be going a million miles an hour
        and I‘d basically completely forget about my body as I would jump from one
        computer to another trying to find a path into my target. It was the rush of working
        on a puzzle coupled with the high discovery many magnitudes intensified. To go
        along with the adrenaline rush was the illicit thrill of doing something illegal. Every
        step I made could be the one that would bring the authorities crashing down on
        me. I was on the edge of technology and exploring past it, spelunking into
        electronic caves where I wasn‘t supposed to be.
Motivation -- Play
 Bored at school
 member of an elite group
 thrill (adrenaline rush)
 curiosity
 power + sense of control
    Motivation -- Crime
   Intellectual Property (figures from Denning‘s 1999 book)
        Piracy (losses exceed $20B, mostly external to US)
        Theft of trade secrets ($40-$250B)
        Biggest risk is insider
   Fraud
        telemarketing scams ($40B)
        identity theft and bank fraud (#‘s fuzzy but includes credit card theft)
        telecommunications ($5-$10B)
        Computer Fraud & Abuse
   Organized Crime
   Motivation -- Individual Rights


Rights to Privacy & Free speech
    Where do these rights come from?
    Are they universal?
Privacy, who “owns” the info about you?
    Check a company’s privacy statement
Conflicts between free speech and harmful or disturbing speech
    flaming -vs- defamation
Conflicts over censorship
    some countries restrict satellite and Internet access for national interests or
    religious reasons
    some restrict to protect groups such as children
Governments at War
   The U.S. has been the target of widespread technological and
    industrial espionage – from our allies.
   In 1997, the American Society for Industrial Security identified
    several nations that routinely conduct industrial espionage
    against the U.S.
       France
       Germany
       Israel
       China
       South Korea
   Four of these are considered Allies.
First real IW attack within 20 yrs
 From a 1996 GAO report to the DoD
    ―Defense officials and information systems security
    experts believe that over 120 foreign countries are
    developing information warfare techniques. The
    techniques enable our enemies to seize control of or
    harm sensitive Defense information systems or
    public networks, which Defense relies upon for
    communications. Terrorists or other adversaries
    now have the United States to launch untraceable
    attacks from anywhere in the world.‖
    Information Warfare

 Information Warfare is about money. It‘s about the
  acquisition of wealth and the denial of wealth to competitors.
 Information Warfare is about power. He who controls the
  information controls the money.
 Information Warfare is about fear. He who controls the
  information can instill fear in those who want to keep their
  secrets a secret.
 Information Warfare is about politics.
 Information Warfare is about survival.
           Excerpts from Information Warfare by Winn Schwartau
Information Warfare


   ―There‘s a war out there, and it‘s about who controls the
    information. It‘s all about the information.‖
             COSMO in ―Sneakers‖


   ―Information is the currency of victory on the
    battlefield.‖
             GEN Gordon Sullivan, CSA (1993)
Schwartau’s 3 classes of IW

 Class 1:   Personal Information Warfare

 Class 2:   Corporate Information Warfare

 Class 3:   Global Information Warfare
Information Warfare “weapons”
 Computer Viruses
 Worms
 Trojan Horses
 Logic Bombs
 Trap Doors
 Van Eck devices
 Chipping
 Nano machines and Microbes
 Electronic Jamming
 HERF Guns - EMP Bombs
 Penetration exploits and tools
Tool development
               From Corporate Espionage by Ira Winkler




             Tools and Knowledge

                        Other
                         Tool

                       Geniuses

Criminals                                                  Foreign
                     Developers
                                                         Intelligence
                       Hackers                            Agencies


            Information about Targets
     What is an act of war?
   Article 51 of the UN Charter
        Nothing in the present Charter shall impair the inherent right of
        individual or collective self-defense if an armed attack occurs
        against a Member of the United Nations
   Article 41
        The Security Council may decide what measures not involving
        the use of armed force are to be employed to give effect to its
        decisions, and it may call upon the Members of the United
        Nations to apply such measures. These may include complete or
        partial interruption of economic relations and of rail, sea, air,
        postal,telegraphic, radio, and other means of communication, and
        the severance of diplomatic relations.
What is a valid target?
WASHINGTON, May 23 (Reuters) - U.S. President Bill Clinton has
approved a top-secret plan to destabilize Yugoslav leader Slobodan
Milosevic, using computer hackers to attack his foreign bank accounts and a
sabotage campaign to erode his public support, Newsweek magazine reported
on Sunday. The magazine, in its May 23 edition, quoted sources as saying
Clinton issued an intelligence "finding" allowing the Central Intelligence
Agency to find "ways to get at Milosevic."

   The finding would permit the CIA to train ethnic Albanian rebels in
Kosovo in the art of sabotage, including such tricks as cutting telephone
lines, fouling gasoline reserves and pilfering food supplies, the magazine
said. The CIA also was instructed to wage a cyberwar against Milosevic,
using computer hackers to tap into the Yugoslav president's foreign bank
accounts, the magazine said.
Information Warfare
 Definition of Information Warfare:
      'Actions taken to achieve information superiority by
     affecting an adversary information, information-
     based processes, information systems, and
     computer-based networks while defending one's own
     information, information-based processes,
     information systems, and computer-based networks.'
          Joint Chiefs of Staff Instruction No. 3210.01
IW from “Cornerstones”
      Information Operations
   For to win one hundred victories in one hundred battles is not the pinnacle of skill. To
    subdue the enemy without fighting is the pinnacle of skill.             -- Sun Tzu.
   True hackers don't give up. They explore every possible way into a network, not just the
    well known ones.                                          -- The hacker Jericho.
   The most likely perpetrators of cyber attacks on critical infrastructures are terrorists and
    criminal groups rather than nation-states.
                                             -- The Gilmore Commission
   Cyberspace is the battlefield of tomorrow…Instead of confronting us head-to-head on the
    traditional battlefield, adversaries will confront the U.S. at its point of least resistance-- our
    information infrastructure. -- Sen. Fred Thompson, Chairman of the Senate Committee on
    Governmental Affairs, June 1998
   By failing to prepare, you are preparing to fail.                 -- Benjamin Franklin
    What are the types/forms of IO?
    Martin Libicki, NDU, August 1995, What is Information Warfare?

   Command-and-Control Warfare
       C2W [Command-and control-warfare] is the military strategy that
       implements Information Warfare (DoD Directive TS- 3600.1, 21
       December 1992, "Information Warfare") on the battlefield and
       integrates physical destruction. Its objective is to decapitate the
       enemy's command structure from its body of command forces.
   Intelligence-Based Warfare
       IBW occurs when intelligence is fed directly into operations (notably,
       targeting and battle damage assessment), rather than used as an
       input for overall command and control. IBW results directly in the
       application of steel to target (rather than corrupted bytes).
    IO (cont)
   Electronic Warfare
       The first two forms of IW discussed deal with attacks either on systems (C2
       warfare) or by systems (IBW). The third form is EW, or operational techniques:
       radioelectronic and cryptographic, thus war in the realm of communications. EW
       attempts to degrade the physical basis for transferring information, while
       cryptographic warfare works between bits and bytes.
   Psychological Warfare
       Psychological warfare, as used here, encompasses the use of information
       against the human mind (rather than against computer support). There are four
       categories of psychological warfare: (i) operations against the national will, (ii)
       operations against opposing commanders, (iii) operations against troops, and --
       a category much respected abroad -- (iv) cultural conflict.
IO (cont)
   Hacker Warfare
       Winn Schwartau, among others, uses the term information warfare to refer
       almost exclusively to attacks on computer networks. In contrast to
       physical combat, these attacks are specific to properties of the particular
       system because the attacks exploit known holes in the system's security
       structure. In that sense the system is complicit in its own degradation.
       Hacker warfare varies considerably. Attackers can be on site, although
       the popular imagination can place them anywhere. The intent of an attack
       can range from total paralysis to intermittent shutdown, random data
       errors, wholesale theft of information, theft of services (e.g., unpaid-for
       telephone calls), illicit systems' monitoring (and intelligence collection), the
       injection of false message traffic, and access to data for the purpose of
       blackmail. Among the popular devices are viruses, logic bombs, Trojan
       horses, and sniffers.
    IO (cont)
   Economic Information Warfare
       The marriage of information warfare and economic warfare can take two forms:
       information blockade and information imperialism.
        – The effectiveness of an information blockade presumes an era in which the well-
          being of societies will be as affected by information flows as they are today by flows
          of material supplies. Nations would strangle others' access to external data.
        – To believe in information imperialism means believing in modern day economic
          imperialism. Thus, trade is war. Nations struggle with one another to dominate
          strategic economic industries. Nations specialize in certain industries. The good
          industries command high wages and, usually, feature high growth rates. They tend
          to be knowledge- intensive. The constant exchange of information, in particular,
          early access to interesting technical questions and information resources, provides
          one an edge in coming up with interesting solutions.
       (Libicki doesn‘t directly address it but what about corporate information
       espionage?)
IO (cont)
   Cyber Warfare
       Includes information terrorism, semantic attacks, simula-warfare and Gibson-
       warfare.
         – Although terrorism is often understood as the application of random violence against
           apparently arbitrary targets, when terrorism works it does so because it is directed
           against very specific targets, often by name. Thus, Information terrorism would target
           information about a specific individual to affect their actions.
         – A system under semantic attack operates and will be perceived as operating correctly
           (otherwise the semantic attack is a failure), but it will generate answers at variance with
           reality.
         – Could fighting a simulated war prove to the enemy that it will lose?
         – Gibson-warfare from William Gibson's Neuromancer. Think conflict on the Internet,
           maybe at first only in the guise of virtual stalkers, sexual harassers, or flame wars.
           Now consider technologies capability to, in effect, launch a simulacrum into the net,
           armed with its master's wants and needs, to make reservations, acquire goods, hand
           over assets, and, with work, to negotiate terms for enforceable contracts. Now take the
           next step and allow an individual‘s online agents to conduct their own info battle. --
           TRON.
Information Warfare
   Michael Brown in ―The Revolution in Military Affairs: The
    Information Dimension‖ described several aspects of IW.
       May be aimed at the Nation or the military
       Has three distinct phases
        – Peace
        – Crisis
        – War
       Identified three types
        – Type I: Perception Management
        – Type II: Denial, Destruction, degradation, distortion
        – Type III: Exploiting enemy information flows
    Recent IW
   2007 Estonia: Russian ―patriots‖ wage campaign
   2009 DOS on Georgia:
     In July 2009, it appeared to the Georgian government that it was being attacked by a presumed ally —
    the U.S., or at least from a civilian computer in U.S. territory. In August, cybersecurity experts observed a
    second, much larger wave of DDoS attacks against Georgian government Web sites. In response, the
    Georgian government took an unorthodox step and sought cyberrefuge in the U.S., Poland and Estonia.
    Within the U.S., Georgia located its cybercapabilities on servers at Tulip Systems (TSHost) in Atlanta,
    Ga., and at Google in California. When Estonia experienced a cyberattack in 2007, it essentially defended
    in place; Georgia, on the other hand, maneuvered. It elegantly relocated strategic IP-based
    cybercapabilities to other defensive points on the Internet, thereby ensuring continued war-time
    communications with Georgian citizens and forces. By doing so, the Georgian government partially
    defeated the botnet cyberattack by flowing a portion of its strategic C2 through the U.S. and other allies.

       Ref: http://www.armedforcesjournal.com/2009/01/3801084
Protecting the National
Infrastructures
 What are they?


 Systems so critical to the United States that their
  loss or damage would have serious impact on
  the functioning and operation of the nation.
Critical Infrastructures (original)
    Information & Communication

    Electrical Power Systems

    Gas & Oil Production, Storage & Transportation

    Banking & Finance

    Transportation

    Water Supply Systems

    Emergency Services

    Government Services
Protecting the National Infrastructures

 What are they?
 Who might attack?
   Criminals (drug cartels)
   terrorists
   crackers
   governments
PSYOPS and
Perception Management
 Perception Management:
    information operations that aim to affect the
    perceptions of others in order to influence their
    emotions, reasoning, decisions, and ultimately
    actions.
 PSYOPS (psychological operations)
    aim to influence behavior by affecting the human
    psyche through fear, desire, logic, and other mental
    factors.
Perception Management
   Any medium can be exploited
      face-to-face communications, print, telecommunications,
      broadcast, and computer networks.
 PM often taken to mean media manipulation (for good
  or bad).
 NOT just a military function, also seen in
      Politics
      Advertising
      everyday relationships
  SOFTWAR (Chuck de Caro)
 ―The hostile use of global television to shape
  another nation‘s will by changing its vision of
  reality.‖
 Global television offers parties a ―cheap, accurate,
  real-time, politico-military intelligence service that
  simultaneously acts as an extremely potent
  instrument to affect adversely and directly the US
  domestic body politic.‖
    Softwar (example)
   Haiti
       ―A … Haitian dictator, using global TV as the ‗Poor Man‘s I&W‘ … judged the
       likely US reaction in the wake of revulsion at the video-tape of Rangers being
       killed and mutilated in Somalia. He optimized his political-military moves to
       forestall US intervention by having a handful of rabble assemble on a pier, mug
       angrily-on-cue for global TV while waving English-language placards. He thus
       turned away a US warship -- on a UN mission -- with nothing more than the
       video of an alleged mob that generated the perception of imminent bloodshed
       projected and amplified by TV. The perception was worsened by video
       coverage of the warship sailing away.‖                                   -- Chuck
       de Caro ―Softwar‖
   Somalia
  Softwar (example)
 L.A. rioting - skipping ignition pulse
    ―In 1965, the Watts area of Los Angeles was a tinder-box, with an
    ‗ignition temperature‘ set by local conditions of poverty, crime,
    racism and escalating tensions between the populace and the
    police. All that was needed was a localized ignition pulse; a spark
    that ironically came when the police arrested an intoxicated black
    motorist. Once ignited, the riot spread in the classic manner,
    outward from the center by word-of-mouth to the edges of Watts.
    By contrast, the 1992 Los Angeles upheaval, broadcast as-it-
    happened on global real-time TV sent an ignition pulse that set off
    simultaneous fires wherever the same ignition conditions existed,
    without a localized spark. The result was a ‗hopping phenomenon,‘
    generating riots in San Francisco, Seattle, Atlanta and then even to
    Toronto, Canada.‖                    -- Chuck de Caro, ―Softwar‖
     The nature of TV
   ―Television, by its nature, is an effective, insidious and dangerous
    medium for delivery of propaganda… television is a ‗cool‘ medium that
    defines events by the viewer‘s perception of images and sound, rather
    than of reality. ―
   ―Perception can be further distorted by various aspects of telegenics:
    lighting, sun angle, ‗star‘ quality, voice quality, …‖
   An example
       ―The Nixon-Kennedy debate during the 1960 Presidential election is one example.
       The transcripts show a fairly even contest; those listening on radio felt strongly that
       Nixon had won. To the millions watching television, however, Kennedy‘s natural
       camera appeal was enhanced by makeup and a dark suit and contrasted with a
       perspiring Nixon with a five-o‘clock shadow, leaving the perception that Kennedy
       had won decisively.‖
What can we trust on TV?
 1st down line in football coverage


 Forrest Gump


 Wag the Dog
What’s in a name?
 Pro-choice -vs- Pro-life


 Florida Election
     Fair -vs- Timely (or legal)
The incubator story
 During the invasion, Iraqi soldiers entered
  multiple Kuwaiti hospitals, removed babies from
  incubators, shipped the incubators back to Iraq,
  and left the babies on the floor.
 Story repeated often, several witnesses came
  forward.
The incubator story



The players

    Nayirah
    President Bush
    Congressmen
    Citizens for a Free Kuwait
    Congressional Human Rights Caucus
    Hill & Knowlton
     The Testimony
   Nayirah's full name was being kept confidential to prevent Iraqi
    reprisals against her family in occupied Kuwait. Sobbing, she
    described what she had seen with her own eyes in a hospital in Kuwait
    City. Her written testimony was passed out in a media kit prepared by
    Citizens for a Free Kuwait.
   "I volunteered at the al-Addan hospital," Nayirah said. "While I was
    there, I saw the Iraqi soldiers come into the hospital with guns, and go
    into the room where . . . babies were in incubators. They took the
    babies out of the incubators, took the incubators, and left the babies on
    the cold floor to die.‖

   -- John R. MacArthur, Second Front: Censorship and Propaganda in the Gulf War
    Lying to Congress?
 "The Human Rights Caucus is not a committee of
    congress, and therefore it is unencumbered by the
    legal accouterments that would make a witness
    hesitate before he or she lied . . . Lying under oath
    in front of a congressional committee is a crime;
    lying from under the cover of anonymity to a caucus
    is merely public relations.
   -- John R. MacArthur, Second Front: Censorship and Propaganda in the Gulf War
    The story continues
 Hill & Knowlton had the baby incubator story repeated before
  the United Nations Security Council chamber in an
  audiovisual presentation on November 27.
 The presentation was loaded with anonymous charges of
  Iraqi brutality and the reiteration of the baby incubator story.
  A Kuwaiti dentist, claiming to be a surgeon and using a false
  name, testified that under his supervision 120 newborn
  babies were buried in the second week of the invasion.
President Bush
 the baby incubator story was repeated six times
  by George Bush in various political speeches,
  including a speech to the troops near Dhahran:
     "It turns your stomach when you listen to the tales of
    those that have escaped the brutality of Saddam the
    invader. Mass hangings. Babies pulled from
    incubators and scattered like firewood across the
    floor."
    Was it True?
 January 17, 1991 article by Alexander Cockburn in the Los Angeles
  Times openly challenged the incubator myth.
 According to London Amnesty International spokesman Sean Styles,
  "we spoke to well over a dozen doctors of different nationalities who had
  been in Kuwait at the time and they couldn't stand the story up, and it
  became quite clear to us that credible medical opinion was that this
  didn't happen."
 Amnesty International backed down from their original story in the
  seventh paragraph of a press release, stating that they had found
     "no reliable evidence that Iraqi forces had caused the deaths of
     babies by removing them or ordering their removal from incubators."
    Was it True?
 After the war, Middle East Watch was shown death certificates for 30
  Kuwaiti babies who were all buried on August 24, 1990. Of those 30
  babies, 19 had died before the Iraqi invasion began, and 11 died
  during the occupation. None of the 30 were ever shown to have been
  removed from incubators. All of the witnesses backed off from their
  original claims of having supervised or participated in the burial of
  babies.
 Andrew Whitley, executive director of Middle East Watch, and part of a
  two-man investigation in Kuwait, was quoted as having said:
      "Soon after we arrived in Kuwait, two weeks after the liberation it became apparent that
      the story was a complete hoax. We were able to go 'round the hospitals to count the
      incubators and find that - possibly with one or two that had been misplaced - that none
      were missing. So none of the incubators were removed in the first place. Moreover, it
      seemed quite clear that there weren't any deaths which had been deliberately the cause
      of the Iraqis having gone in and stolen equipment."
  What was the effect?
 The final decision to go to war was made on January
  12, 1991 in a Senate vote of 52 to 47 (a margin of 3).
  Before passing this resolution, six pro-war senators
  specifically brought forth the baby incubator
  allegations in their speeches supporting the
  resolution.
    OPERATION DESERT STORM:OUTRIGHT DISINFORMATION SCHEME by David Fingrut

 Without this story, would there have been a war?
Hill & Knowlton
 100+ individuals worked on the campaign
 $11M in fees
 They present themselves as an international PR
  firm
 Interesting background considering their Integrity
  statement
Hill & Knowlton
Washington State suit against
tobacco industry
 The defendants are American Tobacco; Brown &
  Williamson Tobacco Corp., Lorillard Tobacco
  Co., Philip Morris, R.J. Reynolds Tobacco Co.,
  United State Tobacco Co., B.A.T. Industries
  P.L.C. and related organizations, including Hill &
  Knowlton, The Council for Tobacco Research-
  USA Inc., Smokeless Tobacco Council and the
  Tobacco Institute.
     Tobacco PR
   Legendary PR figures John Hill, Ivy Lee and Edward Bernays (now
    revered within the industry as the "father of public relations") all worked
    on PR for tobacco, pioneering techniques that today remain the PR
    industry's stock in trade: third-party advocacy, subliminal message
    reinforcement, junk science, phony front groups, advocacy advertising,
    and buying favorable news reporting with advertising dollars.
   To persuade women cigarette smoking could help them stay beautiful,
    Bernays developed a campaign based on the slogan, "Reach for a
    Lucky Instead of a Sweet." The campaign played on women's worries
    about their weight and increased Lucky sales threefold in just 12
    months. (The message, "cigarettes keep you thin," reverberates today in
    the brand name Virginia Slims.)
    Tobacco and PR Crisis
 IN 1952, READER'S Digest ran an influential article titled
  "Cancer by the Carton." A 1953 report by Dr. Ernst L.
  Wynder heralded to the scientific community a definitive link
  between cigarette smoking and cancer.
 For help, the tobacco industry turned to John Hill, the
  founder of the PR megafirm, Hill & Knowlton. Hill designed a
  brilliant and expensive campaign the tobacco industry is still
  using today in its fight to save itself from public rejection and
  governmental action.
     Hill’s campaign
   At Hill‘s suggestion, the industry created a group called the Tobacco Institute Research
    Committee (TIRC), and ran a full-page ad, titled "A Frank Statement to Cigarette
    Smokers," in more than 400 newspapers. The ad acknowledged tobacco companies
    had a "special responsibility" to the public, and promised to sponsor "independent
    research" aimed at "learning the facts about smoking and health.‖

   The TIRC maintained a library with cross-indexed medical and scientific papers from
    2,500 medical journals, as well as press clippings, government reports and other
    documents. TIRC employees culled this library for scientific data with inconclusive or
    contrary results regarding tobacco and the harm to human health. These were compiled
    into a carefully selected 18-page booklet, titled "A Scientific Perspective on the Cigarette
    Controversy," which was mailed to over 200,000 people, including doctors, members of
    Congress and the news media.
    Tobacco PR (cont.)
   In 1963 the TIRC changed its name to the Council for Tobacco
    Research. In addition to this "scientific" council, Hill & Knowlton helped
    set up a separate PR and lobbying organization, the Tobacco Institute.
   Philip Morris is fighting back through a California PR firm called the
    Dolphin Group. Dolphin CEO Lee Stitzenberger used a half-million
    dollars from Philip Morris to set up a front group called "Californians for
    Statewide Smoking Restrictions." Using this deceptive name, members
    gathered signatures to put a referendum on the California ballot in
    November 1994, which the Dolphin Group promoted with billboards
    reading, "Yes on 188--Tough Statewide Smoking Restrictions--The Right
    Choice." In reality, Proposition 188 was a pro-tobacco referendum
    which, if passed, would have undermined 270 existing local anti-smoking
    ordinances in California cities, as well as the state's new statewide
    smoke-free workplace law.
Tobacco Advertising
Tobacco Advertising
Tobacco Advertising
The Marlboro Man
Image is important...
To sum it all up...




                      -- http://www.desert.net/tw/11-22-95/cover.htm
Summary
 What is the Importance and Significance of this
  material?

 How does this topic fit into the subject of ―Voice
  and Data Security‖?

								
To top