Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                

Summit 2014

Download as pdf or txt
Download as pdf or txt
You are on page 1of 61

The European Centre for Information Policy

and Security (ECIPS)


Presents
Speaker Mr. Ricardo Baretzky
Cyber Terrorism & Counter Intelligence
behind it.

DO NOT COPY ! PROPERTY OF ECIPS
National Governments (Cyber Conflict)
Industrial Spies and Organized Crime Groups
Hacktivists
Hackers
Terrorists


FIVE MOST COMMON SOURCES OF CYBER
THREATS
DO NOT COPY ! PROPERTY OF ECIPS
Terrorists (groups seeking to
expand their capability in this
area)
Terrorist sympathizers/
supporter (the most likely group
to launch a cyber attack)
The Thrill seekers (a minor
threat because they are driven by
a desire to show off their skills
rather than a desire to destroy)

THE CYBER TERRORISTS
DO NOT COPY ! PROPERTY OF ECIPS
The use of the Internet
to spread their messages
began in 2002 when Imam
Samudra claimed
responsibility for the
Bali bombings via
istimata.com
DO NOT COPY ! PROPERTY OF ECIPS
IT ALL BEGAN IN 2002
A) Those who focus on Nation States
Conflict Time ?

B) Cyber Terrorists & Insurgents

New emerging threat:(Cyber crime
future state over past three years)
DO NOT COPY ! PROPERTY OF ECIPS

Asymmetric use of
the cyber domain
including kinetic


TODAY'S GOVERNMENTS ARE CONFRONTED
WITH TWO TYPES OF TERRORIST
Distributed Denial of
Service (DDoS) attack
commonly used in
attacking banking and
government sites.
DO NOT COPY ! PROPERTY OF ECIPS
WE ARE PASS THE DDoS STAGE !
TYPES OF CYBER ATTACKS KNOWN TILL NOW
1. Simple-Unstructured
2. Advanced-Structured
3. Complex-Coordinated
4. Complex-DoD level

DO NOT COPY ! PROPERTY OF ECIPS
ECIPS IDENTIFIED FOUR LEVELS OF
CYBER TERROR CAPABILITY
DO NOT COPY ! PROPERTY OF ECIPS
The capability to conduct
basic hacks against individual
systems using tools created by
someone else.
The organization possesses
little target analysis, command
and control, or learning
capability.
1) SIMPLE-UNSTRUCTURED:
DO NOT COPY ! PROPERTY OF ECIPS
The capability to conduct more
sophisticated attacks against
multiple systems or networks and
possibly, to modify or create
basic hacking tools.
The organization possesses an
elementary target analysis,
command and control, and learning
capability.
2) ADVANCED-STRUCTURED:
DO NOT COPY ! PROPERTY OF ECIPS
The capability for a coordinated
attacks capable of causing mass-
disruption against integrated,
heterogeneous defenses (including
cryptography).
Ability to create sophisticated
hacking tools. Highly capable target
analysis, command and control, and
organization learning capability.
3) COMPLEX-COORDINATED:
DO NOT COPY ! PROPERTY OF ECIPS
The capability for a
coordinated Conflict attacks
capable of causing mass-
Economical and Government
disruption and Shut down.
Military standard capability
target analysis, command and
control.
4) COMPLEX-DOD-LEVAL:
1. Banking
2. Governments
3. Tv Stations
4. Radios
5. Newspapers
DO NOT COPY ! PROPERTY OF ECIPS
and much more !
CYBER TERRORISM TARGETS
1. Are responsible for
around 80% of all
attacks against
financial Institutions
2. Over $1 billion in
global losses since
2010
DO NOT COPY ! PROPERTY OF ECIPS
THE GREEN
BUG TUNNEL
THE MONEY TREAT SEUS /SPYEYE
1. Get the Money
2. Data theft
3. Bank transfers
4. Stolen passwords
5. Swiped Identities
DO NOT COPY ! PROPERTY OF ECIPS
OBJECTIVE: To
Steal Money
ORGANIZED CRIME & TERRORIST GROUP
USING MALWARE.
The conflict space has
moved to information and
cyber space.
The traditional war game IS
LOST and the CYBER war has
gone viral.
The question is how are we
going to solve this ?
DO NOT COPY ! PROPERTY OF ECIPS
THE SHIFT: CYBER TERRORISM TO CYBER-
CONFLICT CAPABILITY.
Cyber Jihad
FACT OR ILLUSION
DO NOT COPY ! PROPERTY OF ECIPS
YOU THE AUDIENCE VOTE ?
DO NOT COPY ! PROPERTY OF ECIPS
Where is
CYBER TERRORISM
?
THE MOTIVATIONS BEHIND CYBER ATTACKS
2013?
DO NOT COPY ! PROPERTY OF ECIPS
Cyber Crime
49%
Hactivism
48%
Cyber Warfare
1%
Cyber Espionage 2 %
CYBER
TERRORISM
THE LOOMING HIDDEN FACTOR
THE FAME !
2012 - Periodic Table of
Terrorist Organizations
[infographic] using
groups designated by the
United States
Department of State.
SOUTH ASIA &
MIDDLE EAST
DO NOT COPY ! PROPERTY OF ECIPS

DO NOT COPY ! PROPERTY OF ECIPS
The Birth Place of
Al-Qaida

Returning Home

DO NOT COPY ! PROPERTY OF ECIPS
Al-Qaida & Its
Affiliates

Do you still think a
Cyber Jihad
Is a HOAX ?

Africa
Middle-East
South-America

June 4, 2013 USA Intel reports
Iranian Terror Cells Infest
South America.

DO NOT COPY ! PROPERTY OF ECIPS
FAST EMERGING TERRITORIES WITH CYBER
AND INTERNET CAPABILITY
THE CYBER
INFRA-
STRUCTURE
WHAT IS THE
PROBLEM WITH
THIS PICTURE ?
DO NOT COPY ! PROPERTY OF ECIPS
Research indicates that CYBER TERRORIST
organizations WILL be FOCUSING on FAST
Reliable NEW Emerging Internet Territories
to operate from where they have immunity
to a large extend and where there is
little focus on their activities

HUH
WHERE WILL CYBER THREAT
COME FROM ?
DO NOT COPY ! PROPERTY OF ECIPS
CYBER THREAT

1.Excellent Anonymous Internet capability and
access to rest of the world.
2.Access to Banking structure of the
US, EU, Asia and Middle East.
3.Access to partial immunity from USA and EU
4.And most important access to financing structures
that cant be detected such as the Diamond
industry.

DO NOT COPY ! PROPERTY OF ECIPS
ECIPS RESEARCH AND PREDICTIONS
INDICATES!

CYB- TER-CELLS TRENDS TOWARDS
ATTRACTIVE CYBER INFRASTRUTURES

AFRICA as destination NO 1
South America as No 2
South East Asia as No 3
Russia as NO 4
DO NOT COPY ! PROPERTY OF ECIPS
CYBER TERRORISTS OPERATIONAL
DESTINATION OPTIONS:
AFRICAN UNDER-
SEA CABLES
INTERNET 2011
DO NOT COPY ! PROPERTY OF ECIPS
INTERNET GROWTH AFRICA 2014
DO NOT COPY ! PROPERTY OF ECIPS
*Files found on White Widows
1. Whole new world of Risks
2. Better anonymity
3. Less visibility

CHANGES EVERYTHING !






DO NOT COPY ! PROPERTY OF ECIPS
THE CHANGE OF HIGH-SPEED
INTERNET
DO NOT COPY ! PROPERTY OF ECIPS
A statement by an Official of
the Military Department South
Africa said :

If our military department or
any Nuclear facility were to
be hacked today, we have no
counter measure in place and
God knows what will be the
result
AFRICA - NOT EQUIPPED TO COMBAT THIS
GROWING PROBLEM
They usually use social media
and/or free blog hosting such
as Face book or BlogSpot to
post information or ideas about
jihad.

The Internet is one of the most
effective ways for extremists
to deliver their messages and
find like-minded people.


DO NOT COPY ! PROPERTY OF ECIPS
THE ROLE OF SOCIAL MEDIA
1.61 Billion
Users on Social
Media Channels
in 2013

1/7 OF WORLD
POPULATION
DO NOT COPY ! PROPERTY OF ECIPS
SOCIAL MEDIA IN 2013
1.ALLOWS SOCIAL
MESSAGING.
2.ALLOWS GROWING CELLS
AND THREATS TO EMERGE.
3.ALLOWS GROUPING OF LIKE
MINDED POEPLE.
4.INCLUDING GROUPING OF
CYBER EXTREAMIST.

DO NOT COPY ! PROPERTY OF ECIPS
THE RISK OF AN UNCONTROLLED SOCIAL
MEDIA INTERNET PLATFORM.
CYBER TERROR IS THE NEW LANGUAGE
OF WAR!
DO NOT COPY ! PROPERTY OF ECIPS
Its a
recipe for
disaster
DO NOT COPY ! PROPERTY OF ECIPS
COMBINED WITH SOCIAL MEDIA
Stuxnet is a computer virus that
was discovered in June 2010.
Stuxnet almost ruined one-fifth of
the Iranian nuclear centrifuge by
spinning out of control while
simultaneously replaying the
recorded system values which shows
the normal functioning centrifuge
during the attack
DO NOT COPY ! PROPERTY OF ECIPS
TYPES OF THREAT ATTACKS THAT ARE USED
BY CYBER TERRORIST
Duqu is a collection of computer
Malware discovered on 1 September
2011, thought to be related to the
Stuxnet worm.
The Laboratory of Cryptography
and System Security (CrySyS Lab)
of the Budapest University of
Technology and Economics in
Hungary discovered the threat,
analyzed the malware, and wrote a
60-page report.
DO NOT COPY ! PROPERTY OF ECIPS
Duqu trojan built
by 'old school'
programmers,
DUQU
Duqu has the capacity to steal
digital certificates to help future
viruses appear as secure software.
Duqus replication methods inside
target networks remain unknown,
however due to its modular
structure, a special payload could
theoretically be used in further
cyber-physical attacks.
DO NOT COPY ! PROPERTY OF ECIPS
Duqu trojan built
by 'old school'
programmers,
DUQU HAS THE CAPACITY !
Flame is huge: It's about 20 times
larger than Stuxnet, the malware that
infected Iranian nuclear centrifuges
in 2010.
Flame - is designed to carry out
cyber espionage and steal valuable
information, including stored files,
contact data and audio conversations,

DO NOT COPY ! PROPERTY OF ECIPS
Flame malware was jointly
developed by the U.S. and
Israeli governments in
preparation for a
cybersabotage campaign
MALWARE KNOWN AS FLAME IS 20 TIMES
THE SIZE OF STUXNET
Gauss was designed to steal
sensitive information and was
discovered during the ITU
investigation into Flame.
It is believed that the
malware has been operating
since September 2011 and was
uncovered in June 2012.
DO NOT COPY ! PROPERTY OF ECIPS
GAUSS WAS DESIGNED TO STEAL SENSITIVE
INFORMATION.
DO NOT COPY ! PROPERTY OF ECIPS
ITS NOT IF, BUT WHEN IT
HAPPENS !
What is the Political
and Economical
Implications if
ignoring this threat

CYBER-TERRORISM
DO NOT COPY ! PROPERTY OF ECIPS
Last Year computer hackers hacked the
Twitter account of The Associated Press and
sent a tweet stating that there had been two
explosions at the White House and that
President Barack Obama was injured. Within
two minutes, the stock market dropped by 143
points. The Syrian Electronic Army later
claimed credit for the attack.

DO NOT COPY ! PROPERTY OF ECIPS
A GLOBAL CYBER ACCESS PROVIDES
TOOLS FOR TERRORIST !
As the world begins to wage warfare in
currency markets and programming code,
the demand has never been greater for
a new international legal framework to
rightfully penalize covert
provocateurs for manipulating economic
structures and engaging in acts of
sabotage!
DO NOT COPY ! PROPERTY OF ECIPS
THE RISKS!
What was the Figure
for 2013

WHATS DOES THE
STATISTICS SAY ?
DO NOT COPY ! PROPERTY OF ECIPS
DO NOT COPY ! PROPERTY OF ECIPS
SEPTEMBER 2013 CYBER ATTACKS
What are we missing ?
Why ?
When did we miss it ?
Who is to blame ?
Nobody
Where did we miss it
Internet AGE


THE MISSING LINK ?
DO NOT COPY ! PROPERTY OF ECIPS
Real Time information
is Knowledge

What is R-T-I ?


R-T-I ?
DO NOT COPY ! PROPERTY OF ECIPS
HOW DOES THE WORD
TRAVEL ?
DO NOT COPY ! PROPERTY OF ECIPS
How Real is the
threat

What is the word on
the street saying ?


CYBERTERRORISM
DO NOT COPY ! PROPERTY OF ECIPS
Mar 11, 2013 - White House tells China to stop
cyber attacks
Apr 23, 2013 Syrian Electronic Army (SEA)
Hacked the Associated Press
Aug. 26 2013-Chinese Internet hit by biggest
cyber attack in its history
Oct 27, 2013-Israeli tunnel hit by cyber attack



DO NOT COPY ! PROPERTY OF ECIPS
WHAT HAS CHANGED IN 2013?
Kaspersky Lab report reported-91% of
organizations worldwide suffered at
least one cyber attack in 2013

DO NOT COPY ! PROPERTY OF ECIPS
Lab report
The ICS-Cert, which monitors attacks on computer
systems that run industrial processes issued an
alert and said The government was highly
concerned about hostility against critical
infrastructure organizations,
DO NOT COPY ! PROPERTY OF ECIPS
ICS Alert
ECIPS concluded that 97% of
organizations worldwide will suffer
at least one cyber attack in 2014
ALARM !

DO NOT COPY ! PROPERTY OF ECIPS
ECIPS ASSESSMENT OF 2014?
Waiting!
Or Adapting
?
DO NOT COPY ! PROPERTY OF ECIPS
WHAT'S IS AL-QAIDA DOING?
How will Al-
Qaida Visit NY?
Are they not
already in NY,
Paris, London
Bruxelles ?
DO NOT COPY ! PROPERTY OF ECIPS
The spotlight falls on information gathering,
The lack of information from the streets, at your
fingertips, actionable in real time, with real results.
If we had Real Time Information at our finger tips, then
Benghazi would not have happened, the Arab Spring would not
have the hold of the Middle East as it does today. Iraq,
Syria, Turkey and Iran would be settled and stable, instead
of rocking all our worlds.
DO NOT COPY ! PROPERTY OF ECIPS
Terrorist Knows !
The real danger is
just around the corner
if we are not able to
create a strong
defense against cyber
attacks !
DO NOT COPY ! PROPERTY OF ECIPS
THE WARNING SIGNS ARE WRITTEN
ON THE WALLS OF OUR TIME !
Quantum Terrorist
Has arrived !
DO NOT COPY ! PROPERTY OF ECIPS
AGE OF THE
QUANTUM TERRORIST
DO NOT COPY ! PROPERTY OF ECIPS
European Centre for Information Policy and Security ( ECIPS )
Reg. No 08372076 UK

All legal rights in this regard are strictly reserved.

Distribution and dissemination of any part of this Presentation Slideshow without expressed written consent is a violation of the
Treaty of San Francisco, 1945, enforceable in all member nations.

Extradition and prosecution of violators is "at will" and enforced rigorously.

All Information in this presentation contains confidential information and is intended only for the individual/s corporations named.
If you are not the named addressee you should not disseminate, distribute or copy this slide show.
Access to this Presentation by anyone else is unauthorized .
If verification is required please email to legal@ecips.eu

All rights reserved.
2013 European Centre for Information Policy and Security ( ECIPS )

No Distribution

European Centre for Information Policy and Security (ECIPS)
In Partnership with ISI USA

DO NOT COPY ! PROPERTY OF ECIPS

You might also like