Role of I S Professional in Tackling Terrorism

Dr. Vishnu Kanhere, CAPhD (Management Studies), FCA, FCMA, FIV, FLS (London)

CGEIT, CISA, CISM, CRISC, CFE (USA)ISO 9001 QMS & FSMS 22000 Lead Auditor IRCA (UK)

Chartered Accountant, KCPL

Terror : An explosion the world over !

Computers are everywhere !

So are Criminals & Terrorists

Gunda Raj

terrorism

TerrorismTerrorismTerrorismTerrorism

Cyber warfare

Indonesia

The World overThe World overThe World overThe World over

Indonesia

The OutfitsThe OutfitsThe OutfitsThe Outfits

Definition of Terrorism

• Terrorism – Latin for “Fear”

• “The Unlawful Use of Force AgainstPersons or Property to Intimidate or CoercePersons or Property to Intimidate or Coercea Government, the Civilian Population, orSegment Thereof, in the Furtherance ofPolitical or Social Objectives.”(Source FBI)

• Propagated & practiced by Non State Actors

What is Terrorism?

• Ideology• Thought Indoctrination• Band of People• Band of People• Guns & Weapons• Resources, Funding & Money• Training• Destructive Acts• Agenda & Nefarious Objectives

Manifestation of Terror

• Terrorist Strikes• Sudden, Unusual• Full of Surprises• Full of Surprises• Highly Effective, Precise – Penetration,• But not Persistent or Predictable• Affects & negates human rights, right to

life & freedom & freedom of speech

Each Attack Is Different

• Target• Method• Duration• Duration• Depth/Scale• Player• Dimention• Attack Signature

The Methodology of Terror

It is very difficult to develop a pattern or apredictable signature or methodology of terror/modus operandi•No rules •No fear of law •No fear of law •No ethics/morality•They are on zero loss •They are ready to die •They are not afraid of death •Death is not a deterrent to them

The “New” TerrorismWho will be the next terrorist?

New Terrorism

• Religion based– Self legitimacy– Sense of superiority– Sacred mission – ultimate reward– Sacred mission – ultimate reward

• More violence– Number of deaths per year growing, so is

the impact

• General terror– Creates feeling of vulnerability

New Terrorism

• Transnational• State of the Art

– Communications– Logistics– Logistics– Tools & methods

• Modern Society more vulnerable– Dependency on systems – Communication, energy, transport– Short lead time in interconnected world

Eternal vigilance is the price of liberty

• Vigilance at all points of time, at allplaces on an online basis

• You can’t wait for information to mature• You can’t wait for information to matureinto actionable information

• Non-layered beauracracy which isdelegated the powers to address issueson the spot

Where is Terrorism Going?

The CYBER The CYBER World

Where we harbor 5 myths

(In the digital world)… … Myth # 1

• “Our People are our Biggest Asset”

• as observed in the Digital world –- people can be big liabilities also

Who is Trusted? – an Insider

Trusted insider could be a ‘Terrorist’ –

(In the digital world)… … Myth # 2

Trusted insider could be a ‘Terrorist’ –

(In the digital world)… … Myth # 3• “Information systems are transparent, ethical

and fair”

• as observed in the Digital world –- “systems can be opaque, unethical and unfair also”

(In the digital world)… … Myth # 4• “systems are smart, intelligent”

• as observed in the Digital world –- systems can be dumb – they lack commonsense

(In the digital world)… … Myth # 5• “people can take the right decisions under pressure

”

• as observed in the Digital world –- they more often do not

Cyberspace 2014 - 15

• Growing Opportunities for Crime• ♦ 3 billion Internet users were likely by May 2015.• ♦ 759 million Web sites accessible on Internet• ♦ 3 billion Google searches/month• ♦ 12% of all global trade now happens online• ♦ USD 100 billion from global cyber-crime• ♦ USD 100 billion from global cyber-crime• ♦ 2014-5• – 204 billion emails per day• – 5,424 Malicious Websites per day• – Phishing Rate: 1 in 1053 emails• – Virus Rate: 1 in 164 emails• – SPAM Rate: 64%

Life Cycle of Terror & Information Systems

• Information Systems – tool & target or a defense?• Information Gathering• Indoctrination & On-boarding• Planning• Training & Drills• Training & Drills• Logistics, Communication & Interaction• Execution• Exploitation• Follow-up – Demands• Response

Terrorist Units and Cells:A Functional Approach

Funding Training Intelligence Logistics Operations

Sources: Recruitment Supplied Equipment One man team

Crime Instructors Gathered Supplies Multiple operators

Harvesting Sites Internet/other Other MultilateralHarvesting Sites Internet/other Other essentials

Multilateral

Processing Equipment Blogs / chat Sourcing Collaborative

Management Information Conglomerate

Involved states

Politics

Government Response to Terrorism:A Functional Approach

Funding Training Intelligence Logistics Operations

Sources: Recruitment Supplied Equipment One man team

Federal Instructors Gathered Supplies Multiple operators

State Sites Internet/other Other MultilateralState Sites Internet/other Other essentials

Multilateral

Local taxes Equipment Blogs / chat Sourcing Collaborative

Management Information Conglomerate

Contributing states

Politics

Fraud Triangle Terror Triangle

Opportunity Opportunity

CorruptionCorruptionCorruptionCorruption

Incentive / Pressure

Rationalisation/ Attitude

Radicalisation / Religious fervor

Low level crime Low level crime Low level crime Low level crime Social unrestSocial unrestSocial unrestSocial unrest

Fraud Terrorism• Behaviour pattern/

signature• Physical leg to stand on

• Behaviour Pattern

• Physical leg/local link to execute

• Financial Footprint• Cyber Footprint

to execute• Financial Footprint• Cyber Footprint

Bribery HawalaCorruption

Mobilization & ConversionFinances

Alert

Money LaunderingLogistics

Local Support

Finances

Resources

People (local)

AML

SCADA – Supervisory Control & Data Acquisition Systems

• SCADA – Centralised Computer, RTUs, PLCs.

• Water, Waste Control, Food, Pharma, Nuclear, Oil Refinery, Power …

• SCADA Systems – 34 vulnerabilities reported,•• Remotely exploitable, remote execution

• Stuxnet Worm 2010 – Iran Nuke project: warning shot

Cybercrime in the Cloud

• Cloud computing – a ticking time bomb.

• The cloud – critical mass for attacks.

• Bigger the cloud greater the success.

• The collection of bots – Crimeware-as-a-Service (CaaS).

Cybercrime in the Cloud

• public pipes – increased risks

• almost impossible to control data location.

• Cybercrimes hard to trace • Cybercrimes hard to trace

• less likely to be reported

• Harvesting botnets via common cloud applications

• Comprehensive security strategy – “Unified Threat

Management”?

More Dangerous

• Spy drone• Thermal cameras to steal PINS• Wireless & Bluetooth Hack• Remote access to Car, Train, Aircraft• Power / nuclear / water / sewage plant• Wireless attack on insulin pump,

pacemaker• Anything is possible

Cyber war

• Propaganda warfare• Defacing of websites• Hacking of sensitive information• Knocking out networks, communications• Power stations, refineries, water, sewage• Power stations, refineries, water, sewage• Public Transport & lighting – utilities• E-government services• Financial markets, banking system• Industrial & engineering complexes• Military and Strategic weapons & installations

Role of IS Auditors

Strategic level

Execution/operational

– Security objectives Policies. Alignment with business objectives/ protection of nation & people

– Implement controls technical, financial &

Execution/operational level

Ground level

Future Course

others, best Practices, Procedures

– Monitoring, Profiling, Response & Follow up

– Early Warning System taking the war in enemy camp

The Way Forward

IS Professionals need to�Secure own Systems�Secure Contiguous areas/networks�Contribute to National Security & Safety�Contribute to National Security & Safety�Create awareness and help secure

vulnerable systems�Capacity building and training among the

security / police & judiciary�Think out of the box, contribute to a common

cause

The Way Forward

IS Professionals need to�Adoption of best practices & standards�Securing weakest links in IS lifecycle

�Software Dev., Acq.,& Use�Software Dev., Acq.,& Use

� volunteer cyber force – monitor the net�Network, connect & help�Think out of the box, contribute to a common

cause: Information security a way of life

The Way Forward – some tools

• Develop an early warning system – based on Key Terrorism Signatures ,(KTS)Cyber signals – Cyber footprints

• Financial signals – financial footprints –fraud/AML-–fraud/AML-

• Neural Networks• Alerts• Key Terrorism Indicators (KTI)

Thinking Outside the Box

They ARE!!

Methodology of protection:

• e-surveillance – internet, other networks• Cyber cops –• Mapping linkages• Communication forensics• Communication forensics

– Telephone network – GPS– Sat phone– VOIP– Wifi networks

• Early warning systems• Cyber response and counter measures

Case studies

• Wi-fi compromised:

Case studies

• Response to missed call:

Case studies

• Shared email ids:

Case studies

• Car hack:

The Future?

Questions, Comments?

THANK YOU

Contact Details:

Dr. Vishnu Kanhere

vkanhere@gmail.com