• Home

  • Documents

  • Dorothy Denning on infosec and physical security
1
June 2005 Network Security CIA CARRIES OUT 'WAR GAME' TO SIMULATE MASSIVE INTERNET ATTACK The CIA has carried out a three-day cyber 'war game' exercise to simulate a large-scale Internet assault against the USA. Set at a time five years in the future, the exercise, named 'Silent Horizon', aimed to test government and private sector response to Internet attacks over several months, launched by 'enemies of America' . Details have been kept secret, but it is known the exercise took place in Charlottesville, Virginia, and was run by members of the CIA's Information Operations Center, which evaluates foreign threats to US computer systems. The US Government has conducted a series of attack simulations since 11 September 2001. COMPUTER CRIME MAKING LESS IMPACT IN AUSTRALIA Computer crime and security incidents made less of an impact in Australia over the past 12 months than during the previous year, accord- ing to the Australian Computer Crime and Security Survey 2005. But the survey says that the fight against hackers and malware is far from won. More than one third of the 500 + organizations involved in the survey admitted that the confidentiality, integrity or availability of their networks had been disrupted by attack - compared with around half of the respondents in 2004. 18-YEAR-OLD PLEADS GUILTY TO ONLINE STORE ATTACKS A US teenager from Michigan has pleaded guilty to carrying out several online attacks in the latter part of 2004 against an online clothing store based in Delran and other E-businesses. Jason Salah Arabo, 18, of Southfield, Michigan, was charged with conspiracy to cause the transmis- sion of a program, information, code and com- mand, and intentionally 'to cause damage with- out authorization, to a protected computer'. It is alleged that the attacks caused widespread harm and disruption to Internet and computer services beyond the online businesses that Arabo targeted. The Internet service providers (ISPs), which hosted the targeted websites also provided services to several other businesses, which were also said to have been harmed by the attacks. FLAW IN CISCO IP PHONES FOUND A software flaw in Cisco Systems' IP phones could cause a crash - promoting the company to issue a patch. The flaw exposes the IP phone to denial-of-service attacks, and was reported by the UK's National Infrastructure Security Co-ordi- nation Centre. The Centre said the Domain Name System (DNS) protocol vulnerability, which can affect other software warranted a 'moderate risk' warning. The flaw involves Cisco IP phones running the DNS protocol, which manages the translation of domain names into IP addresses. The vulnerability is caused by an error that occurs during the decompression of DNS messages. EXTORTION INSTANCE POINTS TO FRESH THREAT The San Diego-based firm, Websense, has reported an extortion instance in which a corpo- rate customer had encrypted files containing documents, photographs and spreadsheets infected. A 'ransom note' was issued via an email address, which the attacker used subsequently to demand $200 for the digital keys to unlock the files. A small sum maybe, but this incident has attracted the attention of the FBI. It said the ploy was a new type of Internet extortion crime, unlike previous instances. 'WITTY' WORM PROBABLY AN 'INSIDE JOB' Researchers from the International Computer Science Institute believe they have discovered where the 'Witty' worm started, and that it could have been an 'inside job'. Last year the worm infected more than 12,000 servers around the world in around 75 minutes. Witty spread via a flaw in products from Internet Security Systems (ISS). Its payload corrupted information on hard drives and crashed about half the systems it got into. The researchers re-created how Witty spread based on its code and the random num- ber generator it used to select victims. The most likely origin was thought to be a server in a European ISP. UK FRAUD LAW FOR PHISHING By revamping fraud laws, the UK Government will make it an offence to launch phishing attacks. The offence can be committed either as false representation, abuse of position - such peo- ple in trusted positions using deceitful means for their own profit, and failing to disclose information. SLOVENIA BANK: EMV SMART CARD AUTHENTICATION FOR ONLINE TRANSACTIONS The Slovenian bank, Banka Koper, is introduc- ing online authentication of an account holder using a standard EMV smart card-based on the MasterCard Chip Authentication Programme (CAP). Xiring will supply the bank with more than ten thousand smart card readers. Retail cus- tomers will use the readers with their EMV bank cards for user authentication for accessing bank- ing services online. M-COMMERCE APPS ENDANGER SITES Mobile phone applications are a conduit for attacks on normally secure web sites, says securi- ty consultancy SecureTest. Hackers can penetrate mobile applications, alter code and then move in on the website. Source code for e.g. a betting application on a smartphone can be modified, which can then be act as a means of accessing the website to modify the content of the database - which may include live betting odds. NEWS Dorothy Denning on infosec and physical security Brian McKenna Y ou currently work at the US Naval Postgraduate School. Do you think there is a lot that civilian information security professionals can learn from the military? Classified information standards are much higher than is generally necessary, so there is a limit. But I have, for example, recently been working a lot in the area of deception. The military have been doing that kind of thing to protect the security of their information for a long time. We are starting to see ideas from that coming into computer security — with honey- pots, for example. I’ve written some things in that area. In general, do you think infosec profes- sionals can learn things from the physical security world? We have a different attitude in informa- tion security, which is that everything has to be perfect. When you are in the virtual environment, if someone has an attack tool and a lot of systems can be compro- mised. In the physical world you can’t go around picking all the locks in the world. So, in the physical world we accept that things cannot be full-proof. You don’t want to be locked out! But in the infosec world we haven’t taken that view. Another contrast is that locksmiths have a tradition of keeping the knowledge of how to pick lots rather secret, within their own community. In the virtual world you get all this publishing of vulnerabilities. That raises a lot of difficult issues. You’ve got to stop at some point; you cannot fix all the vulnerabilities after all. 3 In brief

Dorothy Denning on infosec and physical security

Embed Size (px)

Citation preview

Page 1: Dorothy Denning on infosec and physical security

June 2005 Network Security

CIA CARRIES OUT 'WAR GAME' TO SIMULATE MASSIVE INTERNET ATTACKThe CIA has carried out a three-day cyber 'wargame' exercise to simulate a large-scale Internetassault against the USA. Set at a time five years inthe future, the exercise, named 'Silent Horizon',aimed to test government and private sectorresponse to Internet attacks over several months,launched by 'enemies of America' . Details havebeen kept secret, but it is known the exercise tookplace in Charlottesville, Virginia, and was run bymembers of the CIA's Information OperationsCenter, which evaluates foreign threats to UScomputer systems. The US Government hasconducted a series of attack simulations since 11September 2001.

COMPUTER CRIME MAKING LESS IMPACT INAUSTRALIA Computer crime and security incidents madeless of an impact in Australia over the past 12months than during the previous year, accord-ing to the Australian Computer Crime andSecurity Survey 2005. But the survey says thatthe fight against hackers and malware is farfrom won. More than one third of the 500 +organizations involved in the survey admittedthat the confidentiality, integrity or availabilityof their networks had been disrupted by attack -compared with around half of the respondentsin 2004.

18-YEAR-OLD PLEADS GUILTY TO ONLINESTORE ATTACKSA US teenager from Michigan has pleaded guiltyto carrying out several online attacks in the latterpart of 2004 against an online clothing storebased in Delran and other E-businesses. JasonSalah Arabo, 18, of Southfield, Michigan, wascharged with conspiracy to cause the transmis-sion of a program, information, code and com-mand, and intentionally 'to cause damage with-out authorization, to a protected computer'.

It is alleged that the attacks caused widespreadharm and disruption to Internet and computerservices beyond the online businesses that Arabotargeted. The Internet service providers (ISPs),which hosted the targeted websites also providedservices to several other businesses, which werealso said to have been harmed by the attacks.

FLAW IN CISCO IP PHONES FOUNDA software flaw in Cisco Systems' IP phonescould cause a crash - promoting the company toissue a patch. The flaw exposes the IP phone todenial-of-service attacks, and was reported by theUK's National Infrastructure Security Co-ordi-nation Centre. The Centre said the DomainName System (DNS) protocol vulnerability,which can affect other software warranted a'moderate risk' warning. The flaw involves CiscoIP phones running the DNS protocol, whichmanages the translation of domain names into IPaddresses. The vulnerability is caused by an errorthat occurs during the decompression of DNSmessages.

EXTORTION INSTANCE POINTS TO FRESH THREATThe San Diego-based firm, Websense, hasreported an extortion instance in which a corpo-rate customer had encrypted files containingdocuments, photographs and spreadsheetsinfected. A 'ransom note' was issued via an emailaddress, which the attacker used subsequently todemand $200 for the digital keys to unlock thefiles. A small sum maybe, but this incident hasattracted the attention of the FBI. It said the ploywas a new type of Internet extortion crime,unlike previous instances.

'WITTY' WORM PROBABLY AN 'INSIDE JOB'Researchers from the International ComputerScience Institute believe they have discoveredwhere the 'Witty' worm started, and that it couldhave been an 'inside job'. Last year the worm

infected more than 12,000 servers around theworld in around 75 minutes. Witty spread via aflaw in products from Internet Security Systems(ISS). Its payload corrupted information on harddrives and crashed about half the systems it gotinto. The researchers re-created how Wittyspread based on its code and the random num-ber generator it used to select victims. The mostlikely origin was thought to be a server in aEuropean ISP.

UK FRAUD LAW FOR PHISHINGBy revamping fraud laws, the UK Governmentwill make it an offence to launch phishingattacks. The offence can be committed either asfalse representation, abuse of position - such peo-ple in trusted positions using deceitful means fortheir own profit, and failing to disclose information.

SLOVENIA BANK: EMV SMART CARDAUTHENTICATION FOR ONLINE TRANSACTIONSThe Slovenian bank, Banka Koper, is introduc-ing online authentication of an account holderusing a standard EMV smart card-based on theMasterCard Chip Authentication Programme(CAP). Xiring will supply the bank with morethan ten thousand smart card readers. Retail cus-tomers will use the readers with their EMV bankcards for user authentication for accessing bank-ing services online.

M-COMMERCE APPS ENDANGER SITES Mobile phone applications are a conduit forattacks on normally secure web sites, says securi-ty consultancy SecureTest. Hackers can penetratemobile applications, alter code and then move inon the website. Source code for e.g. a bettingapplication on a smartphone can be modified,which can then be act as a means of accessing thewebsite to modify the content of the database -which may include live betting odds.

NEWS

Dorothy Denning oninfosec and physicalsecurityBrian McKenna

You currently work at the US Naval

Postgraduate School. Do you think

there is a lot that civilian information

security professionals can learn from

the military?Classified information standards are

much higher than is generally necessary, sothere is a limit. But I have, for example,

recently been working a lot in the area ofdeception. The military have been doingthat kind of thing to protect the securityof their information for a long time. Weare starting to see ideas from that cominginto computer security — with honey-pots, for example. I’ve written some thingsin that area.

In general, do you think infosec profes-sionals can learn things from the physicalsecurity world?

We have a different attitude in informa-tion security, which is that everything hasto be perfect. When you are in the virtualenvironment, if someone has an attack

tool and a lot of systems can be compro-mised. In the physical world you can’t goaround picking all the locks in the world.

So, in the physical world we accept thatthings cannot be full-proof. You don’twant to be locked out! But in the infosecworld we haven’t taken that view.

Another contrast is that locksmiths havea tradition of keeping the knowledge ofhow to pick lots rather secret, within theirown community. In the virtual world youget all this publishing of vulnerabilities.That raises a lot of difficult issues. You’vegot to stop at some point; you cannot fixall the vulnerabilities after all.

3

In brief

Infosec Gateway

Infosec Gateway

Documents
Authentication for Distributed Systems · 25, Number 1, pages 39–52, January 1992. To appear in Internet Besieged: Countering Cyberspace Scofflaws, Dorothy Denning and Peter Denning

Authentication for Distributed Systems · 25, Number 1, pages 39–52, January 1992. To appear in Internet Besieged: Countering Cyberspace Scofflaws, Dorothy Denning and Peter Denning

Documents
Hacked Vehicles - InfoSec

Hacked Vehicles - InfoSec

Technology
Dorothy E. Denning VITA - Naval Postgraduate School · 2020. 2. 25. · 1 Dorothy E. Denning VITA I. BIOGRAPHICAL INFORMATION 1. Demographic Information Dorothy E. Denning Emeritus

Dorothy E. Denning VITA - Naval Postgraduate School · 2020. 2. 25. · 1 Dorothy E. Denning VITA I. BIOGRAPHICAL INFORMATION 1. Demographic Information Dorothy E. Denning Emeritus

Documents
Hiding Crimes in Cyberspace - Dvara.Net  · Web viewHiding Crimes in Cyberspace. Dorothy E. Denning and William E. Baugh, Jr. July 1999 [To appear in Information, Communication and

Hiding Crimes in Cyberspace - Dvara.Net  · Web viewHiding Crimes in Cyberspace. Dorothy E. Denning and William E. Baugh, Jr. July 1999 [To appear in Information, Communication and

Documents
Social Psychology & INFOSEC

Social Psychology & INFOSEC

Documents
The InfoSec Avengers

The InfoSec Avengers

Technology
London Infosec MVS

London Infosec MVS

Documents
2014 guestlecture-infosec

2014 guestlecture-infosec

Education
DOI:10.1145/2736281 Dorothy E. Denning Privacy and ...faculty.nps.edu/dedennin/publications/Denning... · researchers finding new zero-day will ... of $1,000, then the cost of purchas-L

DOI:10.1145/2736281 Dorothy E. Denning Privacy and ...faculty.nps.edu/dedennin/publications/Denning... · researchers finding new zero-day will ... of $1,000, then the cost of purchas-L

Documents
Cisco InfoSec Brochure

Cisco InfoSec Brochure

Documents
1 COSC 350: Codes and Ciphers Public-Key Cryptography March 26, 2002 Prof. Dorothy E. Denning

1 COSC 350: Codes and Ciphers Public-Key Cryptography March 26, 2002 Prof. Dorothy E. Denning

Documents
National INFOSEC Organisations and INFOSEC Management in Hungary

National INFOSEC Organisations and INFOSEC Management in Hungary

Documents
Dan Denning

Dan Denning

Investor Relations
Intrusion Detection - Denning

Intrusion Detection - Denning

Documents
Assessing the Computer Network Operations Threat … the Computer Network Operations Threat of Foreign Countries Dorothy E. Denning As the introduction to this book so aptly stated,

Assessing the Computer Network Operations Threat … the Computer Network Operations Threat of Foreign Countries Dorothy E. Denning As the introduction to this book so aptly stated,

Documents
Tamara “Tammy” Denning

Tamara “Tammy” Denning

Documents
InfoSec 2012 Program

InfoSec 2012 Program

Documents
PETER JAMES DENNING

PETER JAMES DENNING

Documents
FELICIES-INFOSEC 4011

FELICIES-INFOSEC 4011

Documents
Risk Assessment. InfoSec and Legal Aspects Risk assessment Laws governing InfoSec Privacy

Risk Assessment. InfoSec and Legal Aspects Risk assessment Laws governing InfoSec Privacy

Documents
62540 Denning

62540 Denning

Documents
InfoSec Policy ISO17799

InfoSec Policy ISO17799

Documents
Glossary InfoSec

Glossary InfoSec

Documents
Cyber Bombs and Broadcasts: Terrorism and Information ...faculty.nps.edu/dedennin/publications/IO and Terrorism.pdf · Information Operations and Terrorism Dorothy E. Denning August

Cyber Bombs and Broadcasts: Terrorism and Information ...faculty.nps.edu/dedennin/publications/IO and Terrorism.pdf · Information Operations and Terrorism Dorothy E. Denning August

Documents
Denning Signed (Final)

Denning Signed (Final)

Documents
Weiqi and InfoSec

Weiqi and InfoSec

Technology
A Lattice Model of Secure Information Flow By Dorothy E. Denning Presented by Drayton Benner March 22, 2000

A Lattice Model of Secure Information Flow By Dorothy E. Denning Presented by Drayton Benner March 22, 2000

Documents
The Infosec Revival

The Infosec Revival

Technology
InfoSec Updates v1.0

InfoSec Updates v1.0

Documents