Professional Documents
Culture Documents
Cyber Terrorism
Cyber Terrorism
18 December, 2002
Terms
18 December, 2002
The Cyber Threat According to the United Nations
18 December, 2002
Terrorism & the Internet
18 December, 2002
Netwar, Technology & Terrorism
18 December, 2002
Terrorists & Information Technology
18 December, 2002
Middle East Terrorists & Netwar
18 December, 2002
Middle East Terrorists & Netwar
18 December, 2002
Middle East Terrorists & Netwar
18 December, 2002
Middle East Terrorists & Netwar
18 December, 2002
Middle East Terrorists & Netwar
18 December, 2002
Current Palestinian/Israeli Conflict
18 December, 2002
Post 9-11 Cyber Attacks
18 December, 2002
PRO-U.S. HACKERS
18 December, 2002
PRO-U.S. HACKERS
18 December, 2002
PRO-U.S. HACKERS
•The official web site of the Presidential Palace of
Afghanistan was affected by a DoS attack that rendered it
inaccessible.
•The Usenet newsgroup soc.religion.islam was email
bombed by hackers and subsequently crashed.
•A group calling itself the Dispatchers has taken up the
task of striking out against Palestinian and Afghani web
sites. Their first known defacement, was the Iranian
Ministry of the Interior.
18 December, 2002
PRO-U.S. HACKERS
18 December, 2002
PRO-U.S. HACKERS
18 December, 2002
ANTI-U.S. HACKERS
18 December, 2002
ANTI-U.S. HACKERS
18 December, 2002
ANTI-U.S. HACKERS
18 December, 2002
ANTI-U.S. HACKERS
18 December, 2002
ANTI-U.S. HACKERS
18 December, 2002
ANTI-U.S. HACKERS
18 December, 2002
The Threat is not Traditional
18 December, 2002
The Threat is Rising
18 December, 2002
It Is Happening
18 December, 2002
The Threat Is Real
18 December, 2002
Governments are Attacking Governments
18 December, 2002
The 3rd World Is Active
18 December, 2002
Militaries Worldwide Are Active
18 December, 2002
Cyber-Spying Is Occurring
18 December, 2002
Private Industry Is A Major Target
18 December, 2002
Attacks Are On The Rise
18 December, 2002
Attacks Are Easier
18 December, 2002
Attacks are More Frequent
18 December, 2002
Attacks Are Doubling Every Year
18 December, 2002
Common Types of Cyber Crimes
18 December, 2002
Motivations for Cyber Attack
• Vandalism
• Anger (Insiders)
• Political
• Curiosity
• Notoriety
• Malice
• Personal Gain
18 December, 2002
Assets That Need Protection
18 December, 2002
Potential Cyber Security Risks
18 December, 2002
Potential Cyber Security Risks
18 December, 2002
Cyber Vulnerabilities
18 December, 2002
Cyber Vulnerabilities
18 December, 2002
Cyber Vulnerabilities
• Insider attacks!
• Software bugs
• Human errors and mis-configurations
• Enabled/unused services
• Susceptibility to denial of service attacks …in network
services and architecture, operating systems, applications
18 December, 2002
The “Hacker” or “Cyber-terrorist” Attack
Five Common Attack Methods
18 December, 2002
Network Packet Sniffers
18 December, 2002
IP Spoofing
18 December, 2002
Password Attacks
18 December, 2002
Denial-of-Service Attacks
18 December, 2002
Distributed Denial of Service (DDoS)
18 December, 2002
Application Layer Attacks
18 December, 2002
Where Attacks Come From
18 December, 2002
Types of Attacks
18 December, 2002
Computer Crime 1997-2002
18 December, 2002
Estimated Dollar Loss (2002)
18 December, 2002
The Cyber Security Process
18 December, 2002
Security Costs Are A Factor
18 December, 2002
Four Phases of Cyber Security
RECOVERY MITIGATION
Cyber
Threat
RESPONSE PREPAREDNESS
18 December, 2002
Contingency Planning
18 December, 2002
Business Process Evaluation
18 December, 2002
Response Team
18 December, 2002
Best Practice #1
General Management
18 December, 2002
Best Practice #2
Policy
18 December, 2002
Best Practice #3
Risk Management
18 December, 2002
Best Practice #4
Security Architecture & Design
18 December, 2002
Best Practice #5
User Issues: Accountability and Training
18 December, 2002
Best Practice #6
User Issues: Adequate Expertise
18 December, 2002
Best Practice #7
System & Network Management: Access Control
18 December, 2002
Best Practice #8
System & Network Management: Software Integrity
Regularly verify
the integrity of
installed software.
18 December, 2002
Best Practice #9
System & Network Management: Secure Asset Configuration
18 December, 2002
Best Practice #10
System & Network Management: Backups
18 December, 2002
Best Practice #11
Authentication & Authorization: Users
18 December, 2002
Best Practice #13
Monitor & Audit
18 December, 2002
Best Practice #14
Physical Security
18 December, 2002
Best Practice #15
Continuity Planning & Disaster Recovery
18 December, 2002
The Cyber-Threat (REMEMBER)
18 December, 2002
18 December, 2002