Computer terrorism

The threat gets worse before it gets better

FB-13 Vladyslav Sadokhin

Introduction in Cyber terrorism
 Definition: Cyber terrorism refers to the use of digital tools,
technologies, and networks to conduct acts of terrorism. These
acts may include attacks on computer systems, networks, and
critical infrastructure.

 Key Characteristics:

Intent: Motivated by political, ideological, or religious objectives.

Means: Utilizes advanced technology and cyber tools for attacks.

Impact: Aims to create fear, disrupt services, and potentially cause

physical harm.
Much cyber activity in 2015: here are some headlines

 US And China Seek Arms Deal For Cyberspace

 Active Word-press Malware Compromises Thousands Of Websites
 Huge Hack Of US Government Data Affected 21.5 Million
 Cyber Attack On U.S. Power Grid Could Cost $1 Trillion
 Silk Road Mastermind (Ross Ulbricht) Gets Life Prison Sentence
 Homeland Security Moves To Prevent Attack On Power Grid
 Zeus Malware Gang Take-down
 Hacker: 'Hundreds Of Thousands' Of Vehicles Are At Risk Of Attack
 China Acknowledges That It Has Units For War On Computer Networks
 Ransomware Porn App Takes Photos Of Users And Holds Phone Hostage
 White House Shoots Down Petition To Pardon Edward Snowden
 Heartbleed Is Far From Dead. 200,000+ Vulnerable Devices
 United (Airlines) Should Thank, Not Ban, Researcher Who Pointed Out A Major Security Flaw
Big data thefts in the US in 2014-15

 Anthem
 Target
 Sony
 Neiman Marcus
 JPMorgan Chase
 Experian
 eBay
 Home Depot
 Department of Defense

 SCORE: about 100 million records

 There are many actors; from lone wolves to nation
states, with a wide range of objectives

Relative Impact
12
Principal Objectives Systems control WMD
Theft Sabotage/espionage
10 Blackmail
Recruitment Surveillance
Intimidation
8 Terror
Money laundering
Disruption
6 US
Vandalism China
Russia
4 N Korea
Show prowess
UK
2 Iran
Israel
Actors Others
0
Hackers Lone Terrorist Organized Intel Org Nation
Wolves Orgs Crime State
In a recent foresight study, global experts projected the
killing potential of lone wolves, including through the
use of cyber weapons

Number Killed in
a SIMAD Attack

When a SIMAD Might

Kill 100,000 or more

www.lonewolfthreat.com
At the other end of the spectrum of actors, much
activity by nation states

US Cyber Command
Plan and conduct activities to defend specified
DoD information networks

Conduct military cyberspace operations to ensure

US/Allied freedom of action in cyberspace and
deny the same to our adversaries.

Assemble cyberspace resources and synchronize

war-fighting to defend the information security
environment
Nation State Actors

 Well Known Activities

 US (NSA)  Office of Personnel Mgmt
 China data breech
 Russia  Stuxnet
 Attack on SONY to prevent
 N Korea “The Interview”
 UK  MI 6 “cupcake caper”
 Iran  “Red October” data theft
 Israel malware in Word and Excel
 DDoS in Estonia, Georgia, and
 Many others Ukraine
 Cyber attacks on large banks
Social media are important to cyber terror activities
and communications

 Manifestos (many terrorists write them)

 Plans and Confessions (for various reasons Lone Wolves tell
plans and confess their crimes)
 Recruitment, funding (Al Qaeda and ISIS are expert, use
horror as a magnet)
 Cyber bullying (15% of all high school students last year)
 Encryption (now available to all)
 DIY Instructions (How to make a bomb in your Mom’s kitchen)
 Clandestine market places
Some new hacks: Dyre Wolf and a porn honeypot

 Dyre Wolf discovered by IBM Cyber Security

 Target: people in specific companies using email attachments
 The malware activates when the user logs onto a bank website
 A fake screen says the bank’s site is temporarily down and offers
instructions to call a phone number.
 A live “operator” answers with the name of the bank
 Users typically share their wire transfer details to withdraw funds
 The thieves then move the money to another bank to avoid detection

 On request for a download of a fake porno site to a smart phone

 Ransomware takes unauthorized photo of user
 Threatens a report to FBI, locks the phone
 Demands a “fine” of $500

Quoted from: http://www-01.ibm.com/common/ssi/cgi-bin/ssialias?subtype=WH&infotype=SA&htmlfid=SEW03073USEN&attachment=SEW03073USEN.PDF

Clandestine market places: the Silk Road was
shutdown

 Dark web’s Amazon: unregulated bazaar anything bought

and sold, narcotics
 In three years 1,5 million purchases; called billion dollar
marketplace
 Ross Ulbricht convicted of seven crimes including narcotics
and conspiracy
 Sentenced to life

http://www.wired.com/2015/02/silk-road-ross-ulbricht-verdict/
Vandalism is growing: malware is now publically
available

 Hacking
 Viruses
 Trojan horses
 Denial of service
 Back doors Purchasing contraband
 Impersonation

 Of particular concern:
 Insertion of false information
 3.6 million PC’s are said to be infected in the U.S. alone
New technologies provide new cyber crime targets

 Big targets (financial system, agriculture, electricity grid,

frauds)

 Hacking automated autos, trucks, aircraft control, robots

 Consumer products: AI dolls and Internet of Things

 Spy devices, tiny cameras

 Facial recognition
Use of cyber space for pre detection of terrorist attacks

 Sting and honeypot operations

 Receiving information from informants
 Online surveillance: chat rooms, postings, email
 Tracking associates of known terrorists (including photos)
 Tracking purchases of poisons and bomb-making chemical
 Automated screening and synthesis of big data bases
 Third-party reporting of unusual behavior
 Psychological screening
Cyber foresight: some cyber attacks will qualify as
weapons of mass destruction (WMD)

 Consider attacks on:

 control systems (e.g. Stuxnet) create risks for transport systems,
public services (e.g. water, electricity, pipelines, industry,
sanitation, agriculture)

 algorithms create risks for financial systems, funds transfer,

equities markets, payment systems (e.g. social security)

 data bases result in lack of trust, social chaos, anarchy

 communications result in loss of command and control,

diminished trust in news reporting, and government authority
http://www.cse.wustl.edu/~jain/cse571-14/ftp/cyber_espionage/#summary
 Cyber foresight: the evolving scene

 Potential will be recognized for:

 massive disruptions from non state actors
 threat of cyber lone wolves and SIMAD
 new cyber crime targets and anti-crime weapons

 New measures for dealing with cyber crime will be devised

 technical, military, and legal solutions
 automated screening and synthesis of big data bases to identify terrorists and possible
attacks against people, data, or infrastructure. http://www.cnn.com/2015/02/24/politics/russia
n-cyber-criminal-reward/
 rewards for capture of cyber criminals (e.g. $3 m by FBI)
 International bilateral or multilateral agreements about cyber war
http://www.cse.wustl.edu/~jain/cse571-14/ftp/cyber_espionage/#summary
http://www.nytimes.com/2015/09/20/world/asia/us-and-china-seek-arms-deal-for-cyberspace.html?_r=0

 The race between cyber offense and defense will intensify