High Quality
Open the downloaded document, and select print from the file menu (PDF reader required).
Final Report 2.0
PSTP08-0107eSec Combating RobotNetworks and Their Controllers:
A STUDY FOR THE PUBLIC SECURITY AND TECHNICAL PROGRAM (PSTP)
UNCLASSIFIED
06 May 2010
Combating Robot Networksand Their Controllers
i
Version Control
Version Date Notes
0.1 01 Mar 2010Initial Classified draft for review byDND, DRDC, PSC and RCMP1.0 25 March 2010 Final QA1.1 26 March 2010 Final Draft Report Approved1.226 April -05 May2010Reviewed by DRDC, RCMP, CSEC,PSC, CCIRC, CSIS, DND, IC, TBSet.al.2.0 06 May 2010Redaction (56 pages) anddeclassification.
Combating Robot Networksand Their Controllers
ii
Executive Summary
RelevancyThis report is written as a comprehensive reference ‘how to’ Combat Robot Networks and AdvancedPersistent Threats on a national scale. It should serve as an excellent resource to anyone involved in cyber security and high-tech crime. It is of particular relevancy for police, intelligence & threat analysts, securityarchitects, and policy makers. The chapters guide the reader through a deep-dive study into:
•
advanced Botnet tradecraft and Advanced Persistent Threats (APT);
•
quantitative evidence of ongoing attacks, the threat agents and prevailing uses of Botnets tosupport criminal activity against Canadian interests;
•
a discussion of the legal and privacy concerns related to information collection on Botnet activityand the issues related to proactive defence measures against Botnets;
•
effective architectural solutions to mitigate the risks posed by Botnets;
•
strategic business transformation roadmap for police, intelligence, defence and public safetyagencies; and
•
advanced tools and techniques that can be used by Law Enforcement Agencies (LEA) to monitor Botnet activity and to gather evidence and actively pursue criminal activity using Botnets.Cyber Crime is big business
“Cyber crime is now the most significant challenge facing law enforcement organizations in Canada”
werethe headlines of a nationwide survey, commissioned by the Canadian Association of Police Boards (CAPB)in 2008. The mischievous, thrill seeking hackers of the 1980’s has given way to a sophisticated breed of cyber criminal who has the resources and technical capability to conduct large scale criminal activity over the Internet. Today, the tool of choice for these criminals is the robot network or botnet where home andoffice computers are hijacked, often without the knowledge of their owners, and programmed to serve abotnet controller for illegal purposes such as: espionage, fraud, identity theft, bulk email or spam anddistributed denial of service attacks.Botnets are a global phenomenon and Canada is no exception. Whether the domestic issue is terrorism,organized crime or integrity of government, botnets play an increasingly important role. This report,therefore, is intended to inform the overall Public Security Technical Program initiative which focuses onCritical Infrastructure Protection, Surveillance, Intelligence, and Interdiction, and Emergency Managementand Systems Integration.The cyberthreat This report represents a departure from traditional cyber security studies that have relied on interviews tocanvas opinions about the cyberthreat. This report is informed by actual data, in addition to a case study of botnet activity during Vancouver’s 2010 Olympic Games. Cyber intelligence estimates for this study are
Add a Comment