Use your Facebook login and see what your friends are reading and sharing.
The SecDev Group's Documents
Collusion Collision
“Collusion and Collision: Searching for Guidance in Chinese Cyberspace” examines how companies have struggled to balance ethical and economic interests in their bid to capture the world’s largest market of internet users. The report provides an overview of the ‘Great Firewall’ of China, the past actions participation of five US technology giants (Google, Yahoo!, Microsoft, Skype and Cisco) in China’s censorship regime, and the legal and ethical obligations and commitments that are violated by censoring online content.
Category:Internet & TechnologyReads:5,142Uploaded:09 / 19 / 2011ShareAdd to collectionKoobface: Inside a Crimeware Network
Overview Between April and November 2010, the Information Warfare Monitor conducted an investigation into the operations and monetization strategies of the Koobface botnet. The researchers discovered archived copies of Koobface’s infrastructure on a well-known Koobface command and control server. The data revealed a wealth of information about the inner workings of the botnet, including information on the malware, code, and database used to maintain the botnet as well as its monetization strategies. With this data, the Information Warfare Monitor was able to gain an in-depth understanding of how Koobface worked. Koobface: Inside a Crimeware Network details Koobface’s propagation strategies, counter-security measures, and business model. The report contributes to the cybercrime literature by shedding light on the malware ecosystem that enables and sustains cybercriminal activity, and by demonstrating that it is possible to leverage the mistakes made by cybercriminals in order to better understand the scope of their operations.
Category:Internet & TechnologyReads:1,135Uploaded:11 / 12 / 2010ShareAdd to collectionSHADOWS IN THE CLOUD: Investigating Cyber Espionage 2.0
Shadows in the Cloud documents a complex ecosystem of cyber espionage that systematically compromised government, business, academic, and other computer network systems in India, the Offices of the Dalai Lama, the United Nations, and several other countries. The report also contains an analysis of data which were stolen from politically sensitive targets, and recovered during the course of the investigation. These include documents from the Offices of the Dalai Lama, and agencies of the Indian national security establishment. Data containing sensitive information on citizens of numerous third party countries, as well as personal, financial, and business information, were also exfiltrated and recovered during the course of the investigation. The report analyzes the malware ecosystem employed by the Shadows’ attackers, which leveraged multiple redundant cloud computing, social networking platforms, and free web hosting services in order to maintain persistent control while operating core servers located in the People’s Republic of China (PRC). Although the identity and motivation of the attackers remain unknown, the report is able to determine the location (Chengdu, PRC) as well as some of the associations of the attackers through circumstantial evidence. The investigation is the product of an eight month, collaborative activity between the Information Warfare Monitor (Citizen Lab and SecDev) and the Shadowserver Foundation. The investigation employed a fusion methodology, combining technical interrogation techniques, data analysis, and field research, to track and uncover the Shadow cyber espionage network.
Category:Internet & TechnologyReads:132,815Uploaded:04 / 05 / 2010ShareAdd to collectionkneber_spearphishing_crimeware-1
An analysis of spear-phishing attacks targeting the US information security community.
Category:Internet & TechnologyReads:2,758Uploaded:03 / 19 / 2010ShareAdd to collectionSecDev-Palantir government conference - final agenda
Final agenda for the SecDev-Palantir government conference 9 November 2009, Ottawa, Canada.
Category:Government DocsReads:3,802Uploaded:11 / 07 / 2009ShareAdd to collectionBullets Blogs New Media Warfighter
The explosive growth of new media within the Global Information Environment (GIE) presents sustained challenges and opportunities for the U.S. military. In recent years, adversaries - armed with new media capabilities and an information-led warfighting strategy - have proven themselves capable of challenging the most powerful militaries in the world. The current and future geo-strategic environment requires preparation for a battlespace in which symbolic informational wins may precipitate strategic effects equivalent to, or greater than, lethal operations. In order to address these new media challenges, the U.S. Army War College (USAWC), Center for Strategic Leadership in partnership with the SecDev Group hosted a workshop entitled "Bullets and Blogs: New Media and the Warfighter." This workshop brought together leading practitioners from the Department of Defense, Department of State, Intelligence Community, and experts from academia. This report is a synthesis of workshop discussions in terms of key takeaways addressing what is required to "win" in today's operational environment, where cyberspace and new media capabilities are significant components of the battlespace.
Category:Books - Non-fictionReads:6,587Uploaded:10 / 27 / 2009ShareAdd to collectionShifting Fire: Information Effects in Counterinsurgency and Stability Operations
About the Workshop The “Information Operations and Winning the Peace” workshop, held at the U.S. Army War College (USAWC), Carlisle Barracks, Pennsylvania, was a collaboration between the War College’s Center for Strategic Leadership (CSL) and the Advanced Network Research Group, University of Cambridge (UK). It brought together, over a three-day period (29 November to 1 December), an audience of some 60 leaders and practitioners representing the military, national security, intelligence and in
Category:ResearchReads:7,620Uploaded:04 / 04 / 2009ShareAdd to collectionTracking GhostNet: Investigating a Cyber Espionage Network
This report documents the GhostNet - a suspected cyber espionage network of over 1,295 infected computers in 103 countries, 30% of which are high-value targets, including ministries of foreign affairs, embassies, international organizations, news media, and NGOs. The capabilities of GhostNet are far-reaching. The report reveals that Tibetan computer systems were compromised giving attackers access to potentially sensitive information, including documents from the private office of the Dalai Lama. The report presents evidence showing that numerous computer systems were compromised in ways that circumstantially point to China as the culprit. But the report is careful not to draw conclusions about the exact motivation or the identity of the attacker(s), or how to accurately characterize this network of infections as a whole. The report argues that attribution can be obscured. The report concludes that who is in control of GhostNet is less important than the opportunity for generating strategic intelligence that it represents. The report underscores the growing capabilities of computer network exploitation, the ease by which cyberspace can be used as a vector for new do-it-yourself form of signals intelligence. It ends with warning to policy makers that information security requires serious attention.
Category:School WorkReads:388,727Uploaded:03 / 28 / 2009ShareAdd to collectionBreaching Trust: An analysis of surveillance and security practices on China’s TOM-Skype platform
The report reveals troubling security and privacy breaches affecting TOM-Skype—the Chinese version of the popular voice and text chat software Skype, marketed by the domestic Chinese company TOM Online. TOM-Skype routinely collects, logs and captures millions of records that include personal information and contact details for any text chat and/or voice calls placed to TOM-Skype users, including those from the Skype platform. These findings raise key questions. To what extent do TOM Online and Skype cooperate with the Chinese government in monitoring the communications of activists and dissidents as well as ordinary citizens? On what legal basis is TOM-Skype capturing and logging this volume and detail of personal user data and communication, and who has access to it?
Category:Internet & TechnologyReads:12,136Uploaded:03 / 27 / 2009ShareAdd to collection
1
