Surviving Cyber War
-
Upload
richard-stiennon -
Category
Technology
-
view
4.908 -
download
0
description
Transcript of Surviving Cyber War
![Page 1: Surviving Cyber War](https://reader033.fdocuments.us/reader033/viewer/2022061115/54628c6db4af9f711c8b4815/html5/thumbnails/1.jpg)
Fortinet Confidential
Surviving Cyber War
Richard StiennonChief Research AnalystIT-Harvest
Blog: ThreatChaos.com twitter.com/stiennon
![Page 2: Surviving Cyber War](https://reader033.fdocuments.us/reader033/viewer/2022061115/54628c6db4af9f711c8b4815/html5/thumbnails/2.jpg)
Fortinet Confidential
Prelude: February 24, 2008
![Page 3: Surviving Cyber War](https://reader033.fdocuments.us/reader033/viewer/2022061115/54628c6db4af9f711c8b4815/html5/thumbnails/3.jpg)
Fortinet Confidential
No more YouTube
![Page 4: Surviving Cyber War](https://reader033.fdocuments.us/reader033/viewer/2022061115/54628c6db4af9f711c8b4815/html5/thumbnails/4.jpg)
Fortinet Confidential
No more Pakistan
![Page 5: Surviving Cyber War](https://reader033.fdocuments.us/reader033/viewer/2022061115/54628c6db4af9f711c8b4815/html5/thumbnails/5.jpg)
Fortinet Confidential
Threat hierarchy is a time line!
• Information Warfare• CyberCrime• Hactivism• Vandalism• Experimentation
![Page 6: Surviving Cyber War](https://reader033.fdocuments.us/reader033/viewer/2022061115/54628c6db4af9f711c8b4815/html5/thumbnails/6.jpg)
Fortinet Confidential
Rumblings
April 1, 2001
Navy EP-3
ChineseF-8
![Page 7: Surviving Cyber War](https://reader033.fdocuments.us/reader033/viewer/2022061115/54628c6db4af9f711c8b4815/html5/thumbnails/7.jpg)
Fortinet Confidential
The Five Levels of Cyber Defense Conditions• Cyber DefCon 1. Travel warnings. Governments issue warnings
about protecting data when traveling to foreign nations.• Cyber DefCon 2. Nation states probe each other’s network’s for
vulnerabilities.• Cyber Defcon 3. Wide spread information theft with intent to mine
industrial as well as military and geo-political secret information.• Cyber DefCon 4. Targeted attacks against a nation’s military and
government installations. Loss of critical data, collateral damage. • Cyber DefCon 5. Nation to nation attacks are malicious with intent
to destroy communication infrastructure and disable business processes including financial markets.
![Page 8: Surviving Cyber War](https://reader033.fdocuments.us/reader033/viewer/2022061115/54628c6db4af9f711c8b4815/html5/thumbnails/8.jpg)
Fortinet Confidential
Custom Trojans, tools of the tradeMichael Haephrati shows us how.
While China…
![Page 9: Surviving Cyber War](https://reader033.fdocuments.us/reader033/viewer/2022061115/54628c6db4af9f711c8b4815/html5/thumbnails/9.jpg)
Fortinet Confidential
China takes it to the next level
• In the UK, the Home Office has warned about a spate of attacks in recent months involving e-mail Trojans. "We have never seen anything like this in terms of the industrial scale of this series of attacks," said Roger Cumming, director of NISCC
![Page 10: Surviving Cyber War](https://reader033.fdocuments.us/reader033/viewer/2022061115/54628c6db4af9f711c8b4815/html5/thumbnails/10.jpg)
Fortinet Confidential
Titan Rain
• Custom Trojans• Sandia drops its shorts, 2005• Shawn Carpenter, First US Cyber Warrior• Summer 2007 Pentagon is attacked and shut down. Source
of attack Chinese Red Army
![Page 11: Surviving Cyber War](https://reader033.fdocuments.us/reader033/viewer/2022061115/54628c6db4af9f711c8b4815/html5/thumbnails/11.jpg)
Fortinet Confidential
Multiple fronts in this info war
• German Chancellery, Summer 2007• Whitehall, UK• France• India• Australia
![Page 12: Surviving Cyber War](https://reader033.fdocuments.us/reader033/viewer/2022061115/54628c6db4af9f711c8b4815/html5/thumbnails/12.jpg)
Fortinet Confidential
Cyber war breaks out• Estonia, March 2007• Ukrain November 2007• Lithuania, June 2008• Georgia, August 2008
Nashi summer camp ‘07
![Page 13: Surviving Cyber War](https://reader033.fdocuments.us/reader033/viewer/2022061115/54628c6db4af9f711c8b4815/html5/thumbnails/13.jpg)
Fortinet Confidential
300 Lithuanian websites defaced
"All the hackers of the country have decided to unite, to counter the impudent actions of Western superpowers. We are fed up with NATO's encroachment on our motherland, we have had enough of Ukrainian politicians who have forgotten their nation and only think about their own interests. And we are fed up with Estonian government institutions that blatantly re-write history and support fascism," the message stated.
-The Baltic Course http://www.baltic-course.com
![Page 14: Surviving Cyber War](https://reader033.fdocuments.us/reader033/viewer/2022061115/54628c6db4af9f711c8b4815/html5/thumbnails/14.jpg)
Fortinet Confidential
Surviving Cyber War
• Same rules apply, only more so. • Appoint a cyber security commander • Defense in depth against multiple adversaries• Fighting the low and slow war. Your information is their
weapon. Worry about infiltration.• DDoS. Yes, it takes investment.• Surviving a meltdown. Remember modems?
![Page 15: Surviving Cyber War](https://reader033.fdocuments.us/reader033/viewer/2022061115/54628c6db4af9f711c8b4815/html5/thumbnails/15.jpg)
Fortinet Confidential
Blog: www.threatchaos.com
email: [email protected]
Twitter: twitter.com/stiennon
![Page 16: Surviving Cyber War](https://reader033.fdocuments.us/reader033/viewer/2022061115/54628c6db4af9f711c8b4815/html5/thumbnails/16.jpg)
Fortinet Confidential
DEFCON 4