Information Warfare FORE - PowerPoint Presentation

Slide1

Information Warfare

FORE

SEC

Academy

Security Essentials

(II

)

Information Warfare Tools

Perception

management/social engineering

Malicious code

Virus Blitz

Predictable response

Could a Company be

Destroyed?

February

2002, following the attack, Cloud

Nine’s management

assessed the cost of attempting to improve

the ISP’s

security, and realized that they could not afford

the extra

investment required, and the loss of income while

the work

was carried out, said

Miszti

. They were forced to

close, and

sold their assets to fellow ISP

ZetNet

shortly after

the attack

.

http

://

zdnet.com.com/2100-1105-837412.html

In 2002 ISPs themselves were vulnerable to DDOS attacks

Could the Presidency be

Affected?

Republican Web

site hit by hacker, taken

off-line

By MARC L. SONGINI

(November 07, 2000) A hacker crept into the Republican

National Committee's Web site early this morning and

planted a rambling tirade against Texas Gov. George W.

Bush, forcing the site to be temporarily taken off-line

on the

day when voters are casting their ballots in the

presidential election

.

How

close was that election

?

What if it was well done?

Could Anyone be Killed?

“almost anyone with a little technical savvy could break into the system and shut down radar at major air hubs around the nation.”

http://abcnews.go.com/sections/us/DailyNews/faa_computers001016.html

Please take a minutes to read and consider the notes page

Could Currency be

Destabilized

?

A band of 50 terrorists with $10 million or less

could buy the training, computers and other

tools needed to launch a

cyberattack

against a

major bank or investments firm . even

through secure phone lines, says Michael

Erbschloe

, a computer security consultant with

Computer Economics

.

http://

www.usatoday.com/money/finance/2001-10-29-network-russian-hacker.htm

Please take a minute to read the notes page.

Could a City be Destroyed?

The Russian Federal Security Service (FSB)

department in Voronezh Region completed a hacking

investigation, on October 18, against a programmer at a

rocket plant who allegedly used

malicious code to gain

unauthorized access to online systems and

communications

with

other space industry companies

.

Think about satellite with nuclear propulsion!

Y2K Fever

Large

investment in

corrections

in the

USA

What

about patching mission critical

systems

?

In the end, low impact, the reality perception gap The

rush to y2k certify was a

predictable

response

Y2K Fixes a Year Later

Many

organizations did not have

programming

staff to accomplish Y2K

fixes

They used contractors that used off

shore

contractors

NIPC published an article warning about malicious code . try finding it now!

Terrorism and Economic

Warfare

(The business of terrorism)

Information Warfare Theory

Asymmetry

Indications and Warning

Players and roles

Measures of effectiveness

Cycle time

Code Red Worm July 2001

#Probes

#Unique

SRC

IP

07/13

611

27

07/14

36273

1076

07/15

215020

3498

07/16

316828

6137

07/17

316359

7189

07/18

294345

8247

07/19

288975

34352*

As of

1200 EDT

Ken Eichman cas.org