Upload
joey-hernandez
View
1.069
Download
1
Embed Size (px)
DESCRIPTION
Recently, the the view of Cyberspace as an Ecosystem has become a subject of increasing interest to professionals in multiple ICT disciplines. Much of the interest has been stimulated by the growing problems within the environment, and the emergence and/or reemergence of viruses, malware and growth in Advanced Persistent Threats worldwide. The Miasmatic Theory originated in the 19th century and based on the belief that "diseases" were caused by the presence of a poisoned fog/mist in the ecosystem, which contained infected matter (miasmata). The Miasmatic position was that the spread of diseases were the product of environmental factors including contaminated water, air, soil and overall poor hygienic conditions. Key to the theory is that infections were not passed between individuals but rather affect individuals who resided within the particular location. Second, infected & contaminated space was identifiable. The creation of Top Level Domains such as .RU for Russian and .CN for Chinese domains as well as geolocated IP addressing for countries has created a similar environment for locales. These locales require direction and coordination to provide leadership on establishing norms, policy institution, technical support and monitoring and assessing health trends. Protecting the cyberspace ecosystem is a shared responsibility and required to provide a collective defense against the miasmatic threat. Joey Hernandez CISM, CISSP
Citation preview
Miasmatic Threat Level
Joey Hernandez CISM, [email protected]
Miasmatic Theory
• Miasm– Greek meaning “Pollution” or “Taint”
• Early Miasmatic Theory belief– Diseases:
• Transmitted through Air, Water, Soil, & other sources in THE ECOSYSTEM that surround us
– The understanding that particular MIASM pollutes the encompassed LOCAL ECOSYSTEM producing a diseased state
Miasmatic Theory Continued
• Required Actions – For Long Term Resolution• Classify Diseases – To determine those caused
by outside influence• Discovered:– External conditions required removal (Malaria.. Remove the
Mosquitos)
– Underlying Root MIASM must be removed (Malaria.. What
about the stagnant water, and Cleanliness?)
• All MIASMATIC Layers must be addressed
Grasping The Miasma ConceptUnderstanding Cholera To Malware
Urbanization had initially led to overcrowding in poor housing conditions and resulted in outbreaks of Cholera, tuberculosis, and typhoid fever, to name a few. Implementation of preventive measures was based on the “Miasma theory” according to which poisonous vapor or mist filled with particles from decomposed matter and emissions of organic decomposition from the earth, identifiable by its foul smell, then thought to be the source of most illnesses. This was the basis of the “Sanitary Movement” which addressed sewage disposal, water treatment, food safety programs and public education about hygienic practices, resulting in the decline of the aforementioned diseases. During the cholera epidemic in London in the 1850s, John Snow traced the origin of and stopped the epidemic by removing the handle of the Broad Street pump, identifying the source of the epidemic to be a contaminated water supply. Local health boards began to develop and implement water treatment and other sanitary requirements in major cities such as New York in 1866, which subsequently led to implementation of water treatment systems and mandatory pasteurization of milk. Similarly, in 1892, Max von Pettenkofer, one of the pioneers of public health and advocate of the Miasma theory, prevented an outbreak in Munich by starting treatment of the wastewater system.
“We Have To Treat The Cyber Miasmatic Root”
Citation: Schlipköter U, Flahault A. Communicable diseases: achievements and challenges for public health. Public Health Reviews 2010;32:90-119.
Cyber Miasma
• Diseased Locales – “The ECOSYSTEM”– Top Level Domains– Countries
• Infection– Prioritize LOCALES• Develop Methods For
– External Condition Mitigation– Removal of Root Causes
Selection CriteriaFor Miasmatic Rating
MiasmaRating
Domains Hosting
Malware
Malware Detected
Countries With
Greatest Risk
Spam Production
Trended Malware
Countries Hosting
Most Malware
Miasmatic RatingNation Ranking
United States of America 1
China 2
Russia 3
France 4
Germany 5
Brazil 6
Italy 7
Great Britain 8
Korea 9
India 10
• Higher ranking = Higher Risk• USA/China/Russia
– The Known - Knowns
• Although Relevant– The Skew For Consideration
Is The IP Distribution– Population Utilizing/Access
To The Internet– Attribution
• France India – The Unknowns?
Thought Provoking Solutions
• Create Global Policies With Local Implications• ITU, ENISA, ICANN, UN etc
– Disable Capabilities• Economic Sanctions
– Just as travel is limited during outbreaks….• So Should Bank & Credit Card Companies Limit Spending In
“Infected” Countries – Economic Impact Will Open Eyes!
• Change The View From Infectious To Miasmatic With A Focus On Efforts To Sanitize The Environment– Hold The Country Accountable Not The User!
References
• Sophos Security Threat 2013• Microsoft Intelligence Report 2012• McAfee Malware Report • SRI Whitepapers – Exploit Reports• Kaspersky Lab – Risk Reports• WHO.INT