Cyber Weapon Knowledge on Line

8/17/2019 Cyber Weapon Knowledge on Line

1/32

Preparingfor aCyberAttack

By Kevin G.Coleman

Countdown to eDay!


2/32

Introduction

The world has awakened to a new threat.

China, Russia and North Korea's test of a

cyber weapon, Iran's cyber weapon

ambitions, the renewed defense industry’s

emphasis on the use of computers as aweapon hae all combined to accelerate the

rate of deelopment of what I’e called !the

most destructie weapon on the planet."

The proliferation of cyber weapons hase#ploded and estimates su$$est that oer

%& of countries will hae at least a basic

leel cyber weapon by the end of (&&).

http://images.google.com/imgres?imgurl=http://www.chinese-flag.org/chinese-flag-640.jpg&imgrefurl=http://www.chinese-flag.org/&h=511&w=640&sz=43&hl=en&start=9&sig2=EWFNvH2LCxIcyNbWm_Rhsw&um=1&tbnid=lKPD5rJv4TsFEM:&tbnh=109&tbnw=137&ei=TU6mSNn_BoyWebW68H8&prev=/images?q=China+flag&um=1&hl=en&rlz=1G1GGLQ_ENUS243


3/32

The China *yndrome


4/32

+ it of -istory

Back in 1998 when I was Chief Strategist of

Netscape, I became aware of an international

movement that was designed to create software

that could be used for criminal activit as well as

disrupt Internet activit! "hat was when I began toresearch what we are now calling cber warfare!

I testified on cber crime, espionage and securit

before a #oint Congressional Caucus! $t one pointin m live demo, Chris %odd asked me, &%oes our

%efense %epartment know about ou'(


5/32

Cyber arfare / Cyber Terrorism

Cyber arfare and Terrorism is one of the0fteen modalities of 1nRestricted arfare21R3 also called asymmetric warfare.

– Cyber arfare / Terrorism

• !The premeditated use of disruptie

actiities, or the threat thereof, a$ainst

computers and4or networks, with the

intention to cause harm or further

social, ideolo$ical, reli$ious, political or

similar ob5ecties. 6r to intimidate any

person in furtherance of such

ob5ecties."Source: U.S. Army Cyber Operations and Cyber Terrorism


6/32

Counterfeit-ardware

• 7ebruary (&&) 8 1.*. Customs and order9rotection +ssistant Commissioner for the6:ce of International Trade ;an aldwinand ;irector8uropean Commission Ta# and Customs;irectorate, today announced the resultsof 6peration Infrastructure, which tookplace last Noember and ;ecember.

• The 6peration resulted in the sei?ure ofmore than @A&,&&& counterfeit inte$ratedcircuits and computer networkcomponents bearin$ more than B&dierent trademarks.

6


7/32

Counterfeit-ardware

7ebruary (&&)

The 7eds hae con0scated more than D%E

million of counterfeit Cisco networkin$

$ear. The announcement is in a pro$ress

report on a two8year8old inesti$ation,

code named 6peration Cisco Raider. In

most cases the fake $ear was made in

China and imported into the 1nited *tates

where unethical resellers passed it o as

le$it.


8/32

Impact of a Cyberar

• 6f those who do perform what we consider !daily"actiities online, more than half say they $o onlineeery day or seeral times a week to perform thoseactiities.

• There are about F@ billion emails are sent per day thatwill not $o throu$h.

• Gillions of =oI9 calls per day will not $o throu$h.

• 6er (&& million


9/32

Impact of a Cyberar

• *ome )) of online user say the Internet plays a rolein their daily routines.

• *ome B& of Internet users who $et the news online

say they lo$ on daily.

• *ome (E of the online weather bu$s will checkweather daily.

• *ome (& of online sports fans check sports scoresdaily.


10/32

+ Recent 9oll

Source: A collaborative efort between DeenseTech.Org and theTechnolytics Institte with nearly !"### res$ondents to the $oll.

How prepared is the U.S. for acyber attack?


11/32

Impact of a Cyberar


12/32

Impact of a Cyberar

illion 1.*. Retail eCommerce *ales

That’sDB(Emillion a

day.


13/32

Cyber Gedia arfare

6ne can only ima$ine the psycholo$ical impact on the iewers that witnessedthis prank. The T= channel CT( said that they receied frantic phone calls

from iewers who thou$ht a nuclear war had started. httpH44www.youtube.com4watchJG?aN(#)LcG


14/32

Think +bout This

• hat if the Internet went awayH – 7or a day

– + week

– + month

• No eGails

• No lackerrys

• No eCommerce

Virtual business services of all sortsaccounting payroll and even sales

would co!e to a halt as would !anyco! anies.


15/32

The worst thin$ to do8

There is no doubt today that =oI9 istakin$ oer the telecom market, andeery month increases penetration intobusiness, $oernment and theconsumer sectors.

– +lmost two8thirds of lar$e or$ani?ations in

North +merica will be usin$ =oI9 productsand serices by year end.

–

*mall usiness =oI9 adoption will $row to @million by (&M&. Reenues are pro5ected to

reach D( billion.

– Consumer =oI9 adoption will drie wholesale=oI9 reenues to D@.) billion by (&M&. ou are puttin$ all

your e$$s in one

basket.


16/32

Cyber eapons9roliferation

The cost to deelop this new class of weapon

is within reach of any country, any e#tremist

$roup, any criminal or$ani?ation and tens8of8

millions of indiiduals The raw materials

needed to construct cyber weapons are notrestricted and are widely aailable. e now

hae a weapon that can strike at the speed of

li$ht, it can be launched from anywhere in the

world, and it can tar$et anywhere in the world.

This brie0n$ will proide an understandin$ of

the current state of cyber weapons, current

defenses and a uniue look at what the future

cyber warfare scenario mi$ht encompass.


17/32

our Cyber +ttack IO Test

If I can $ie you three pieces of intelli$ence you didnot hae before, would you a$ree this brie0n$

proided alue

M. hat does >97C and T>;s stand for

(. -ow many of you address CRN> in you contin$ency

plans

@. hy should your or$ani?ations hae supply8chain

inte$rated into the security pro$ram


18/32

Godern eapons>conomics

"#.$ to "% billi

"&' to "#%' !i

hat does a stealth bomber cost

hat does a stealth 0$hter cost

"# to "% !illiohat does an cruise missile cost

"('' to "$'''hat does a cyber weapon cost


19/32

MF

7ind the eapons7acility

)uclear *eapons +acility Cyber *eapons +acility

here’s the Cyber eapons 7acility


20/32

Cyber eapons9roliferation


21/32

Cyber +rms ;ealers

RN and their support units proide scripts and

e#ecutables to make cyber weapons

undetectable by antiirus software. >ery time

a copy of the cyber weapon is $enerated, it

looks dierent to the anti8irus en$ines and itoften $oes undetected. The modulari?ation of

deliery platform and malicious instructions is a

$rowin$ desi$n in cyber weapons. RN’s cyber

weapons are ery popular and powerful. In Pune

(&&%, one was used by a sin$le person to

attack and compromise oer M&,&&& websites in

a sin$le assault.

,id you know -) leases use/capacity on their #$' !illion n


22/32

((

Cyber eapons>olution

L o w

H i g h

Basic

Research

Applied

Research

Early

Adopters

Rapid

Advancement

Significant Threat

199) 1998 *++* *++) *++8 *+1* *+1

asic *eapons

Advanced *eapons


23/32

Interestin$ Ouote

N+T6's cyber defense chief has warned that

computer8based terrorism poses the same

threat to national security as a missile attack.

-e went on to say that !Cyber war can become

a ery eectie $lobal problem because it islow8risk, low8cost, hi$hly eectie and easily

$lobally deployable. It is almost an ideal

weapon that nobody can i$nore.!

1sin$ this as a framework, we can put into

conte#t the eolin$ architecture for cyber

weapons.


24/32

Cyber eapons ;esi$n

Cyber *eapon Architecture

+ missile is comprised of three basic

elements. The 0rst is a deliery ehicle

2rocket en$ine3, followed by a nai$ationssystem 2tells it how to $et to the tar$et3

and 0nally the payload 2the component that

causes harm3. +s it turns out, the same

three elements now appear in the desi$n ofcyber weapons.


25/32

Cyber eapons ;esi$n

Cyber *eapon 0 ,elivery Vehicle

There are numerous methods of delierin$ cyber

weapons to their tar$ets. >mails with malicious

code embedded or attached is one mechanism

of deliery. +nother deliery ehicle is web sites

that can hae malicious links and downloads.

-ackin$ is a manually deliery ehicle that

allows a cyber soldier to place the malicious

payload on a tar$et computer, system ornetwork. Counterfeit hardware, software and

electronic components can also be used as

deliery ehicles for cyber weapons.


26/32

Cyber eapons ;esi$n


Pust as a nai$ation system $uides a missile, it

allows the malicious payload to reach a speci0c

point inside a computer, system or network.

*ystem ulnerabilities are the primary nai$ationsystems used in cyber weapons. =ulnerabilities

in software and computer system con0$urations

proide entry points for the payload of a cyber

weapon. These security e#posures in operatin$

systems or other software or applications allow

for e#ploitation and compromise. >#ploitation of

these ulnerabilities may allow unauthori?ed

remote access and control oer the system.


27/32

Cyber eapons ;esi$n


The payload of a missile is sometimes called a

warhead and is packed with some type of

e#plosie. In a cyber weapon the payload could

be a pro$ram that copies information o of thecomputer and sends it to an e#ternal source. It

can also be a pro$ram that be$ins to ease or alter

information stored on the system. 7inally, it can

allow remote access so that the computer can be

controlled or directed oer the internet. + !bot"

2a component of a botnet3 is a $reat e#ample of a

payload that allows remote use of the computer

by an unauthori?ed indiidual or or$ani?ation.


28/32

Cyber eapons ;esi$n

Cyber *eapon 0 Architecture

This three element architecture demonstrates

how adanced and sophisticated cyber

weapons are becomin$. The architecture

creates reusability and recon0$uration of allthree components. +s one software or system

ulnerability is discoered, reported and

patched, that component can be remoed and

replaced while the other two components arestill iable. This not only creates Qe#ibility but

also si$ni0cantly increase the productiity of

the cyber weapons deelopers.


29/32

Conclusion

6ur nation is increasin$ly ulnerable tocyber attacks that could hae catastrophic

eects on critical infrastructure as well as

seerely dama$e the country’s economy.

hether the attack is focused on stealin$our business and technolo$y secrets,

disruptin$ our 0nancial systems or worse,

the threat is real. Countries, terrorists and

e#tremists around the world aredeelopin$ and implementin$ cyber

warfare doctrine, strate$ies and weapons.


30/32

Conclusion

The Cold ar may be oer, but the cyber

arms race has 5ust be$un. The threat is

eminent. e must rapidly deelop

oensie and defensie cyber weapons

capabilities as well as the military doctrineand re$eulations necessary to $oern their

use. In the cyber arms race we cannot

0nish anyplace but 0rst.


31/32

@M

O1>*TI6N*

?

?

??

??

?

??

?

??

?

??

?

? ?

?

?

?

?

?

??

?

?

?

?

?

?

?

? ?

?

?

?

?

?

?


32/32

io$raphy

Kein ye *py Ga$a?ine and

authors the Cyber arfare lo$ for

;efenTech or$

The Technolytics InstituteB&M% ashin$ton Road

Gail *top S@B)

GcGurray, 9+ ME@M%

9 BM(8)M)8%AEA

7 BM(8(FM8MMF@

I www.technolytics.com

>k$colmantechnolytics.com

Documents

Cyber Weapon Knowledge on Line