SlideShare uma empresa Scribd logo

Francesca Bosco, Le nuove sfide della cyber security

Andrea Rossetti
Andrea Rossetti

The document discusses cybersecurity threats and issues. It notes that many nations and non-state actors now have sophisticated cyber capabilities, and that cyber attacks are becoming more advanced, targeted, and potentially damaging. The document warns that nations are increasingly dependent on digital networks and systems, so major cyber attacks could significantly disrupt economies and undermine confidence in digital systems and services.

1 de 60
Baixar para ler offline
Le nuove sfide della cybersecurity: Internet for peace...o for war? Ms. Francesca Bosco Project Officer Interregional Crime and Justice Research Institute (UNICRI) 01 Aprile 2011 Università degli Studi di Milano Bicocca
Yesterday news…30/03/2011
Yesterday news…30/03/2011 tbc
Technological expected trends up to 2030
Vulnerability:root causes • A highly interconnected system of general purpose computers, not designed with security in mind – vulnerable software provides “launch pads” for easy propagation of attacks – erosion of the traditional perimeter (access systems and data “anytime, anywhere”) • Shift from“attacks against networks” to “attacks against (web) applications” and “attacks against users and data” • Insufficient security awareness of (some) application developers and end users
Example: How Vulnerable are UN Systems ? -which system? – publicly accessible websites – central internal applications (IMIS, email, etc.) – end user systems (desktops, laptops, BB, etc.) -which threat? – denial of service – “defacement” – abuse / threat to third parties – “APT” type attacks
State of Play UN systems are frequently attacked – defacements (political, “commercial”) – abuse of web sites to disseminate “malware” – abuse of email systems to send spam/fraudulent email – forging of UN email addresses to commit fraud Several known examples of “APT” type attacks – very credible email messages – attachments deemed safe by Anti-Virus software – successful compromise of a single computer leads to further compromises on internal networks
Current situation:general • All systems are “compromisable”; perfect security is unattainable • Objective is to continue safe operation in a compromised environment, to have systems that are defensible, rather than perfectly secure • Cybersecurity is an adversarial science
Evolution of the threat landscape  Mobile threats – voracious malware targeting mobile devices and the proliferation of mobile banking.  (More) Web 2.0 malware – Attackers leveraging Social Networks.  Attackers exploiting the erosion of network boundaries after the adoption of cloud computing.  Highly-motivated attackers with strong logistic or financial support.
VIDEO Predicting 2011...
Top 5 security threats for 2011 1) Traditional malware Traditional malware will remain the primary mechanism of distributing software to computers on the internet. Recent numbers indicate roughly 55,000 new malware pieces identified every day, which continues the exponential growth pattern into 2010. This trend will only continue. 2) Shift to advanced persistent threat (APT) Attacks will be more advanced, targeted at a specific institution with a goal to acquire specific data. Often described as Advanced Persistent Threat (APT), these attacks are designed to infiltrate an organisation, hop the firewall and acquire a target. Once the software gets behind the firewall, it hops around the organisation investigating and gathering information about the internal system. It then uses this information to gain privileged access to critical information (e.g., transactions processing, customer lists or HR records) and begins stealing sensitive data. Without proper monitoring in place, it can be weeks or months before an organisation detects that it is under attack. 3) Focus on finance, hospitality and retail Financial services, hospitality and retail industries will face an increased number of threats. As data from the 2010 data breach report issued by the Verizon RISK team and the U.S. Secret Service shows, these three industries combined currently represent 71% of all data breaches. 4) Mobile devices increase vulnerabilities Seven out of ten companies still don’t have explicit policies outlining which devices can be logged on to the network or on working in public places. As more people work and access information remotely, the threat levels from existing vulnerabilities will increase and new ones will appear. 5) Hactivism as a new type of threat The most visible example of hactivism were the recent attacks by Anonymous, a group that targeted MasterCard, Visa and PayPal after those companies cut off financial services to WikiLeaks. We may see more of these types of attack by groups representing political and environmental organisations.
What is Cyber Security? Cyber security refers to measures for protecting computer systems, networks, and information systems from disruption or unauthorized access, use, disclosure, modification, or destruction. The basic objectives of Cyber Security are to ensure the Confidentiality, Integrity, and Availability of data.
What is Cyber Security? Confidentiality has been defined by the International Organization for Standardization (ISO) as "ensuring that information is accessible only to those authorized to have access" and is one of the cornerstones of information security. Confidentiality is one of the design goals for many cryptosystems, made possible in practice by the techniques of modern cryptography. Integrity of the information implies that the data in question has not been tampered with through accidental or malicious activity. Source integrity also plays into this - ensuring that any piece of data actually came from the source claimed and not a "man-in-the-middle" or third party. Availability means that the information, the computing systems used to process the information, and the security controls used to protect the information are all available and functioning correctly when the information is needed = timely, reliable access to data and information services for authorized users.
Information security incidents • Information Security Incident: – an attempted or successful unauthorized access, use, disclosure, modification or destruction of information; – interference with the operation of ICT resources; or – violation of explicit or implied acceptable usage policy (as defined in ST/SGB/2004/15) • Classification by common observable elements: § - Agent (internal/external)- Action § - Asset - Attribute • does not include “motive” or “attributable source”
Cybersecurity as a Balancing Act Investigative readiness vs. Privacy Availability vs. Security Regulation vs. Innovation Enterprise vs. Protection How can we make the Internet and our “Cyber -Assets” safer without sacrificing simplicity, privacy or availability?
Why do we need to talk about it? Government agencies constantly face cyber attacks Businesses are losing revenue to cybercriminals Users are being targeted for their Personal Identifiable Information (PII) Cybersecurity is a global issue, which can only be solved with global solutions  Need for increased cooperation and coordination at the global level  International community must work together to ensure a coordinated response.
HOW MANY CYBER- DO YOU KNOW?
Information technology...for war? • Military history scholars argue that warfare has shifted towards a Fourth Generation of Warfare • Technology not only enables asymmetry in power relations, but can also be used to overcome it, undermining the enemy from within • Information Age, military operations have been impacted and transformed. Likewise no civil society sector has remained immune from the information revolution. The ―national information infrastructure- (NII) is defined as the set of information systems and networks on which a nation depends to function • In net-wars the confrontation takes place between “states and non- state actors, non-state actors that use states as arenas, or states that use non-state actors as their proxies”
What’s cyberwar The United Nations Institute of Training and Research defines cyberwar as: ―The deliberate use of information warfare by a state, using weapons such as electro-magnetic pulse waves, viruses, worms, Trojan horses, etc., which target the electronic devices and networks of an enemy state- Richard Clarke, a U.S. government security expert, defines cyberwar as: ―Actions by a nation-state to penetrate another nation’s computers or networks for the purposes of causing damage or disruption.
Cyber Warfare & Cyber Terrorism Cyber Warfare and Terrorism is one of the fifteen modalities of UnRestricted Warfare (URW) also called asymmetric warfare. Cyber Warfare & Terrorism “The premeditated use of disruptive activities, or the threat thereof, against computers and/or networks, with the intention to cause harm or further social, ideological, religious, political or similar objectives. Or to intimidate any person in furtherance of such objectives.” Source: U.S. Army Cyber Operations and Cyber Terrorism Handbook 1.02
Cyberterrorism Cyberterrorism is a phrase used to describe the use of Internet based attacks in terrorist activities, including acts of deliberate, large-scale disruption of computer networks, especially of personal computers attached to the Internet, by the means of tools such as computer viruses. Cyber terrorism is generally understood as the crossing over of terrorism and cyberspace. This leads to unlawful attacks and threats of attacks against computer, networks and the info stored therein.
What’s cyberterrorism Controversial term !!!!! First we need to clarify: Terrorist use of the Internet v Cyber Terrorism
Focus THE INTERNET: AN ATTRACTIVE ARENA FOR TERRORIST PUBLICITY The internet is an ‘informational weapon’ for terrorists, as it provides: Easy access A decentralised structure Little or no regulation, censorship, or other forms of government control Potentially huge audiences spread throughout the world Anonymity of communication Fast flow of information Inexpensive development and maintenance of web presence A multimedia environment (the ability to combine text, graphics, audio, video, and allow users to download films, songs, books, posters etc) The ability to shape coverage in the traditional mass media Source: “www.terror.net: How Modern Terrorism Uses the Internet” by Prof. Gabriel Weimann
Focus TERRORIST PURPOSES IN USING THE INTERNET Data Mining (using the internet to collect intelligence) Training Fundraising Networking Recruitment and Radicalisation The internet is an important source for discovering and grooming potential jihadists Publicity
Focus MAIN AREAS OF CYBER PRESENCE Mass media Official ‘jihadist’ websites A well-designed and well-maintained Web site gives a group an aura of legitimacy and increasingly attracts attention from the mass media in and of itself Unofficial websites Forums and blogs Distributor sites Video sites Youtube and liveleak
Focus OBJECTIVES OF ONLINE TERRORIST PUBLICITY 1. To wage psychological warfare (through terror) and advance a cause Terrorist use internet publicity to: • amplify panic • spread fear • facilitate economic loss (eg. scaring away investment and tourism) • make populations loose faith in their governments' ability to protect them • trigger government and popular overreaction to specific incidents and the overall threat of terrorism
Focus OBJECTIVES OF ONLINE PUBLICITY 2. To gain sympathy and support of their cause The Internet has significantly increased the opportunities for terrorists to secure publicity for their ideological causes and spread propaganda. The Internet has become a virtual library of terrorist material, granting easy access to everything from political, ideological and theological literature, via fatwas and khutbas, to videos of assaults and attacks, and even video games.
When does a computer attack become an act of terrorism or of war? Information warfare, in information technology, is that series of actions aimed at exploiting, corrupting, wasting or destroying the information or information resources of the enemy in order to achieve a significant advantage, using the same weapon.
Modern Weapons Economics What does a stealth bomber cost? $1.5 to $2 billion What does a stealth fighter cost? $80 to $120 million What does a cruise missile cost? $1 to $2 million What does a cyber weapon cost? $300 to $50,000
Interesting Quote NATO's cyber defense chief has warned that computer-based terrorism poses the same threat to national security as a missile attack. He went on to say that “Cyber war can become a very effective global problem because it is low-risk, low-cost, highly effective and easily globally deployable. It is almost an ideal weapon that nobody can ignore.“ Using this as a framework, we can put into context the evolving architecture for cyber weapons.
How to build a cyber weapon: Cyber Weapons Design-1 Cyber Weapon – Delivery Vehicle There are numerous methods of delivering cyber weapons to their targets. Emails with malicious code embedded or attached is one mechanism of delivery. Another delivery vehicle is web sites that can have malicious links and downloads. Hacking is a manually delivery vehicle that allows a cyber soldier to place the malicious payload on a target computer, system or network. Counterfeit hardware, software and electronic components can also be used as delivery vehicles for cyber weapons.
Cyber Weapons Design-2 Cyber Weapon – Delivery Vehicle Just as a navigation system guides a missile, it allows the malicious payload to reach a specific point inside a computer, system or network. System vulnerabilities are the primary navigation systems used in cyber weapons. Vulnerabilities in software and computer system configurations provide entry points for the payload of a cyber weapon. These security exposures in operating systems or other software or applications allow for exploitation and compromise. Exploitation of these vulnerabilities may allow unauthorized remote access and control over the system.
Cyber Weapons Design-3 Cyber Weapon – Delivery Vehicle The payload of a missile is sometimes called a warhead and is packed with some type of explosive. In a cyber weapon the payload could be a program that copies information off of the computer and sends it to an external source. It can also be a program that begins to ease or alter information stored on the system. Finally, it can allow remote access so that the computer can be controlled or directed over the internet. A “bot” (a component of a botnet) is a great example of a payload that allows remote use of the computer by an unauthorized individual or organization.
Cyber Weapons Design-4 Cyber Weapon – Architecture This three element architecture demonstrates how advanced and sophisticated cyber weapons are becoming. The architecture creates reusability and reconfiguration of all three components. As one software or system vulnerability is discovered, reported and patched, that component can be removed and replaced while the other two components are still viable. This not only creates flexibility but also significantly increase the productivity of the cyber weapons developers.
Recent events discussed on the media • Cyber Attack on Estonia [April 2007] – sometimes referred to as “Web War 1” – sophisticated and large set of denial of service (DoS) attacks on Estonian parliament, banks, ministries, newspapers, other web sites – severe effect on above institutions for approximately three weeks • Cyber Attack against Georgia [August 2008] – denial of service against gov’t web sites – concurrent with armed conflict • Advanced Persistent Threat (APT) [December 2009] – (a.k.a. “Google war”) – “deep infiltration” of several technology providers • Stuxnet [June 2010] – technically highly sophisticated “malware” that appears to target Iranian nuclear facilities
Estonia depended largely on the Nearly every bank in the United The U.S. is internet because of the country's States runs its operations on an increasingly "paperless government" and web- internal network that connects to dependent on "... based banking. If these services are the Internet the unimpeded made slower, we of course lose Sandeep Junnarkar and secure flow CNET News, 2002 of technology.“ economically Mihkel Tammet, head of CIA Report IT security at the Hackers are intensifying Cyber Threats and Estonian defence ministry, 2007 the US Economy, their efforts to 2007 compromise social- networking sites using unsecure Web 2.0 With global attacks on data networks Jon Swartz increasing at an alarming rate, in a more USA TODAY, 2008 organized and sophisticated manner, and ….repercussions go beyond the loss of often originating from state-sponsored personal data, security experts say. As sources, there is precious little time to lose. more consumers are victimized, it could Tim Bennett, president of the undercut their confidence in legitimate Cyber Security Industry Alliance, 2008 websites Billy Hoffman, manager of Hewlett-Packard Security Labs Several nations, including China and Russia, “have the technical capabilities to target and disrupt elements of the U.S. information infrastructure and for intelligence …regarding counter-terrorism must be pursued collection.” “Information sharing with our allies and Mike McConnell, Director of National Intelligence partners to support counter-terrorist operations during the Senate Intelligence Committee overseas”; The National Security Strategy of the United Kingdom - Security in an interdependent world
“Cyber War” In Estonia, 2007
Stuxnet Iran was prime target of SCADA worm July 23 2010 http://www.computerworld.com/s/article/9179618/Iran_was_prime_target_of_SCADA_worm The First Cyber Attack Specifically Targeting Control Systems According to antivirus company Symantec Corp., Stuxnet looks for industrial control systems and then changes the code in them to allow the attackers to usurp controls of industrial equipment such as sensors, actuators, pumps, and valves without the operators knowing. “Stuxnet searches for industrial control systems, often generically (but incorrectly) known as SCADA systems, and if it finds these systems on the compromised computer, it attempts to steal code and design projects,” Symantec explained. “It may also take advantage of the programming software interface to also upload its own code to the Programmable Logic Controllers (PLC), which are ‘mini-computers’, in an industrial control system that is typically monitored by SCADA systems.” Very complex Windows-specific computer worm that infects computers and connected industrial control equipment (PLCs)  First known worm to attack industrial infrastructure Spreads through USB thumb drives as well as network connections Utilizes four “zero-day” exploits Uses stolen valid security certificates Initial high rate of infection in Iran, specifically found at nuclear facilities  May be government (Israel, US, UK?) attempt to damage Iranian nuclear facilities  Unclear if delay or damage actually occurred Worm has spread to many other countries (including large infection of Chinese systems)
Focus SCADA: Why do I care? SCADA systems are essentially the arteries of national infrastructure, the behind-the- scenes devices that make our day to day life convenient and safe. Any disruption could lead to major inconvenience, or even loss of life… The dangers inherent in obscure or rustic SCADA architectures are very real, and no vendor or governmental body responsible for NCIs can afford to let a lack of communication be an excuse for passivity…
VIDEO Suki
Focus SCADA • Supervisory Control And Data Acquisition NCI • National Critical Infrastructure Other terms: • ICS – Industrial Control Systems • PCS – Process Control System - Also known as Distributed Control System (DCS) SCADA Generations and Evolution: 1. Monolithic – Mainframe computing, limited to no connectivity. 2. Distributed – Proprietary networking technology led to increased efficiency and redundancy due to real-time information sharing and specialization of tasks. 3. Networked – Transition to modern, °open° networking standards such as IP (Internet Protocol) and the deployment of “thin clients” and web applications to facilitate operations.
Focus NCI Examples Modern NCIs can be resumed as:  Food  Agricultural and processing industry  Food safety  Food distribution  Water  Drinking water treatment  Wastewater management  Transportation  Air  Land (rail, roads)  Marine
Focus NCI Examples Modern NCIs can be resumed as:  Safety  Chemical, biological, radiological and nuclear safety  Hazardous materials  Emergency services (police, fire, amublance, etc)  Manufacturing  Chemical industry  Defense industrial base
Cybersecurity: What we’re doing wrong 1) We tend to seek a “centralized” solution to what is a very multi-dimensional problem with hidden interdependencies. 2) Opacity – We are not enforcing enough transparency nor regulating the disclosure of data breaches. 3) We aren’t moving away from a purely technical view towards a global shared approach with Political Vision, Strategy, Policies and Standards.
Cybersecurity: What we’re doing right 1) Public – Private Partnerships 2) Developing technical solutions. 3) Information exchange and awareness raising at various levels.
Why cybersecurity partnership matters • Public and private sectors need to share more information--more parties must be included and new platforms used. • They must pay more attention to defending against attacks that threaten critical IT infrastructure and even damage physical facilities • Much of the activity revolves around information sharing in key industries. • Their collaboration must be ratcheted up to the next level--real-time identification and response as threats occur and, more to the point, "moving security practices from a reactionary posture to one that's proactive and pre-emptive"
Example Critical Infrastucture Protection in the US (1996-2010)
Example Critical Infrastucture Protection in Italy (2010) • Information security is an integral part of the e-government 2010 plan • 2010-A Technical group was established, under the Presidency of the Council of Ministers, to “foster coordination at the national and international level with regard to critical infrastuctures and its protection from cyberattacks” • June 2009-Centro nazionale anticrimine informatico per la protezione delle infrastrutture critiche (CNAIPIC) • In 2007, the Bank of Italy approved a set of guidelines to ensure continuity for the main financial actors, in case of cyberattack.
Creating a culture of security Despite our best efforts over the years, we need a new, comprehensive doctrine and perspective to face the innovative threats.
1.Towards a new Policy Framework Recognise the Internet as a key infrastructure in addressing mainstream policy challenges (e.g. ageing, health, environment, globalisation…) Reaffirm fundamental principles (e.g. privacy, security, policies to promote broadband access on fair terms and competitive prices…) Recognise the Internet as an agent of change and foster an enabling environment so that it can make positive contributions
2. Building Confidence The Internet reflects the real world – shapes it and is shaped by it – and has a dark side. Confidence and trust in the Internet and about its vulnerability to events, both accidental and malicious. Issues:  Multilateral efforts to ensure the security and integrity of the Internet have been limited  We need to embed privacy protection in the design of applications and devices (social networking sites; profiling and advertising; geolocation; sensors and RFID)  We need to identify and enforce the rights and obligations to protect digital identity  Security Considerations: (i) technical – diffusion of traffic rather than optimisation of traffic for DoS; security of connection (SSL) vs. authentication of content; use of virtual machines (ii) social -- Co-operation to protect availability, integrity, confidentiality (security)  Protect and inform consumers, redress and enforcement of consumer protection measures, including across jurisdictional borders  Rising concerns regarding “cybersecurity”.
3.Public-Private Partnerships (PPP) To emphasize: Both the private sector and the public sector have crucial roles to play. The private sector leads, the government enables. It is important that both agree and are aware of their respective roles.
International cooperation The European Convention on cybercrime • The Council’s of Europe Convention on Cybercrime was opened for signatures on the 23rd of November 2001. • In January 2003, an additional Protocol was adopted, concerning the criminalization of acts of racism and xenophobia committed through computer systems. This protocol has not been signed by several states and has not yet entered into force. • At the present time, 46 States among Member and non-Member States of the Council of Europe signed the Convention • Italian ratification: 2008
Why Council of Europe Convention on cybercrime?  The only multilateral treaty dealing with cybercrime matters already implemented in many countries while others are taking into consideration to become Party  A guideline for drafting the legislation on cybercrime  Provides important tools for law enforcement to investigate cybercrime  Ensure adequate protection of human rights and liberties according to the relevant international documents  Flexible mechanisms to avoid conflicts with national legislations and proceedings CC provides for countries:  Coherent national approach to legislation on cybercrime  Harmonisation of criminal law provisions on cybercrime with those of other countries  Legal and institutional basis for international LE and judicial cooperation with other parties  Participation in the Consultations of the Parties  The treaty as a platform facilitating public-private cooperation Source:COE Convention provides global standards and a framework for an effective fast international cooperation October, 2008
Legal What needs to be done next • Develop international law to accommodate cyber warfare offensive and defensive activities, thus making it operative for the cyber age. • In that regard, elaborate on the UN Charter in the direction of topical interpretations: Define Article 2 armed attack and Article 51 limits of self-defense, define the concept of cyber weapon, define operational modes for Chapter VII action in case of cyber attack, develop and analyze scenarios of cyber war and cyber terrorism with a view to their legal consequences. • Drawing upon NATO’s Strasbourg/Kehl Summit Declaration, and previous NATO work in analyzing gaps in the international legal framework with respect to collective response, develop proposed amendments to NATO Treaty definitions of armed attack and territorial integrity and clarification of collective responses to accommodate collective cyber activities, self defence actions, and communication requirements. • Encourage the ratification of the Council of Europe Convention on Cybercrime (“Convention”) and internal implementation by signatory states, and, where this does not obtain, encourage the harmonization of cybercrime laws (substantively and procedurally) around the globe consistent with the Convention and the cybercrime laws enacted in developed nations.
What needs to be done next Technical • Develop enterprise level security metrics so security progress can be measured • Enable time-critical system availability and resiliency across distributed systems. • Improve the ability to track and trace cyber communications to enable source identification (accountability) and use of digital assets by technical means • Improve transparency of network operations to enable visibility of activities, knowledge of status of operations, and identification of issues as a diagnostic tool to enhance security. • Develop digital identification mechanisms to protect and advance the interconnection of devices, information, and networks. • Address the security challenges of mobile/wireless systems. The widespread and exponential deployment of such devices and systems presents security challenges in and of themselves and the risks they present to interconnected systems and devices.
It’s a Collective Effort: Example Shared datasets Red Teaming System stress tests Shared common problem to tackle … Academia ecosystem Industry Government New models of engagement Sustained investment models Lightweight submission and reporting …
“The pursuit of peace and progress cannot end in a few years in either victory or defeat. The pursuit of peace and progress, with its trials and its errors, its successes and its setbacks, can never be relaxed and never abandoned.” Dag Hammarskjold, UN Secretary-General, 1953 - 1961 58
Q&A Only by joining forces and bringing together our strategic capabilities will we be able to address current and emerging cyberthreats !
Ms. Francesca Bosco Project officer on Cybercrime Emerging Crimes Unit E-mail: bosco@UNICRI.it Thank you www.unicri.it for your attention. http://www.unicri.it/wwd/cyber_crime/index.php

Recomendados

Event: George Washington University -- National Security Threat Convergence: ...
Event: George Washington University -- National Security Threat Convergence: ...Event: George Washington University -- National Security Threat Convergence: ...
Event: George Washington University -- National Security Threat Convergence: ...
Chuck Brooks
 
CYBER AWARENESS
CYBER AWARENESSCYBER AWARENESS
CYBER AWARENESS
EDUJIE DOMINIC IGHODALO
 
Brooks18
Brooks18Brooks18
Brooks18
Chuck Brooks
 
Cyber Security Intelligence
Cyber Security IntelligenceCyber Security Intelligence
Cyber Security Intelligence
ijtsrd
 
C018131821
C018131821C018131821
C018131821
IOSR Journals
 
Cyber War ( World War 3 )
Cyber War ( World War 3 )Cyber War ( World War 3 )
Cyber War ( World War 3 )
Sameer Paradia
 
Shubhrat.presentationfor cybercrime.ppt
Shubhrat.presentationfor cybercrime.pptShubhrat.presentationfor cybercrime.ppt
Shubhrat.presentationfor cybercrime.ppt
Shubhrat Mishra
 
The Evolving Landscape on Information Security
The Evolving Landscape on Information SecurityThe Evolving Landscape on Information Security
The Evolving Landscape on Information Security
Simoun Ung
 

Recomendados

Event: George Washington University -- National Security Threat Convergence: ...
Event: George Washington University -- National Security Threat Convergence: ...Event: George Washington University -- National Security Threat Convergence: ...
Event: George Washington University -- National Security Threat Convergence: ...
Chuck Brooks
 
CYBER AWARENESS
CYBER AWARENESSCYBER AWARENESS
CYBER AWARENESS
EDUJIE DOMINIC IGHODALO
 
Brooks18
Brooks18Brooks18
Brooks18
Chuck Brooks
 
Cyber Security Intelligence
Cyber Security IntelligenceCyber Security Intelligence
Cyber Security Intelligence
ijtsrd
 
C018131821
C018131821C018131821
C018131821
IOSR Journals
 
Cyber War ( World War 3 )
Cyber War ( World War 3 )Cyber War ( World War 3 )
Cyber War ( World War 3 )
Sameer Paradia
 
Shubhrat.presentationfor cybercrime.ppt
Shubhrat.presentationfor cybercrime.pptShubhrat.presentationfor cybercrime.ppt
Shubhrat.presentationfor cybercrime.ppt
Shubhrat Mishra
 
The Evolving Landscape on Information Security
The Evolving Landscape on Information SecurityThe Evolving Landscape on Information Security
The Evolving Landscape on Information Security
Simoun Ung
 
Cyber Security, Cyber Warfare
Cyber Security, Cyber WarfareCyber Security, Cyber Warfare
Cyber Security, Cyber Warfare
Amit Anand
 
Session 3.2 Zahri Hj Yunos
Session 3.2 Zahri Hj YunosSession 3.2 Zahri Hj Yunos
Session 3.2 Zahri Hj Yunos
Commonwealth Telecommunications Organisation
 
Network Security and Privacy in Medium Scale Businesses in Nigeria
Network Security and Privacy in Medium Scale Businesses in NigeriaNetwork Security and Privacy in Medium Scale Businesses in Nigeria
Network Security and Privacy in Medium Scale Businesses in Nigeria
INFOGAIN PUBLICATION
 
Cyberwarfare
CyberwarfareCyberwarfare
Cyberwarfare
shifahirani
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorism
shaympariyar
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorism
Abdul Rehman
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorism
Hiren Selani
 
THESIS-2(2)
THESIS-2(2)THESIS-2(2)
THESIS-2(2)
Elsayed Muhammad
 
Institutional Cybersecurity from Military Perspective
Institutional Cybersecurity from Military PerspectiveInstitutional Cybersecurity from Military Perspective
Institutional Cybersecurity from Military Perspective
Government
 
Cyber Terrorism Presentation
Cyber Terrorism PresentationCyber Terrorism Presentation
Cyber Terrorism Presentation
merlyna
 
Dell Technologies Cyber Security playbook
Dell Technologies Cyber Security playbookDell Technologies Cyber Security playbook
Dell Technologies Cyber Security playbook
Margarete McGrath
 
28658043 cyber-terrorism
28658043 cyber-terrorism28658043 cyber-terrorism
28658043 cyber-terrorism
Dharani Adusumalli
 
The National Cyber Security Strategy: Success Through Cooperation
The National Cyber Security Strategy: Success Through CooperationThe National Cyber Security Strategy: Success Through Cooperation
The National Cyber Security Strategy: Success Through Cooperation
Mark Johnson
 
Cyber Terrorism
Cyber TerrorismCyber Terrorism
Cyber Terrorism
Sai praveen Seva
 
Computers as weapons of war
Computers as weapons of warComputers as weapons of war
Computers as weapons of war
Mark Johnson
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorism
Abhay Vijay
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorism
Balvant Biradar
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorism
Maria Parra
 
Cyber warfare Threat to Cyber Security by Prashant Mali
Cyber warfare Threat to Cyber Security by Prashant MaliCyber warfare Threat to Cyber Security by Prashant Mali
Cyber warfare Threat to Cyber Security by Prashant Mali
Adv Prashant Mali
 
document on cyber terrorism
document on cyber terrorismdocument on cyber terrorism
document on cyber terrorism
Kirti Temani
 
Journal of Computer and System Sciences 80 (2014) 973–993Con
Journal of Computer and System Sciences 80 (2014) 973–993ConJournal of Computer and System Sciences 80 (2014) 973–993Con
Journal of Computer and System Sciences 80 (2014) 973–993Con
karenahmanny4c
 
Journal of Computer and System Sciences 80 (2014) 973–993Con.docx
Journal of Computer and System Sciences 80 (2014) 973–993Con.docxJournal of Computer and System Sciences 80 (2014) 973–993Con.docx
Journal of Computer and System Sciences 80 (2014) 973–993Con.docx
croysierkathey
 

Mais conteúdo relacionado

Mais procurados

Network Security and Privacy in Medium Scale Businesses in Nigeria
Network Security and Privacy in Medium Scale Businesses in NigeriaNetwork Security and Privacy in Medium Scale Businesses in Nigeria
Network Security and Privacy in Medium Scale Businesses in Nigeria
INFOGAIN PUBLICATION
 
Institutional Cybersecurity from Military Perspective
Institutional Cybersecurity from Military PerspectiveInstitutional Cybersecurity from Military Perspective
Institutional Cybersecurity from Military Perspective
Government
 
Cyber Terrorism
Cyber TerrorismCyber Terrorism
Cyber Terrorism
Sai praveen Seva
 
Computers as weapons of war
Computers as weapons of warComputers as weapons of war
Computers as weapons of war
Mark Johnson
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorism
Balvant Biradar
 
document on cyber terrorism
document on cyber terrorismdocument on cyber terrorism
document on cyber terrorism
Kirti Temani
 

Mais procurados (20)

Cyber Security, Cyber Warfare
Cyber Security, Cyber WarfareCyber Security, Cyber Warfare
Cyber Security, Cyber Warfare
 
Session 3.2 Zahri Hj Yunos
Session 3.2 Zahri Hj YunosSession 3.2 Zahri Hj Yunos
Session 3.2 Zahri Hj Yunos
 
Network Security and Privacy in Medium Scale Businesses in Nigeria
Network Security and Privacy in Medium Scale Businesses in NigeriaNetwork Security and Privacy in Medium Scale Businesses in Nigeria
Network Security and Privacy in Medium Scale Businesses in Nigeria
 
Cyberwarfare
CyberwarfareCyberwarfare
Cyberwarfare
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorism
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorism
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorism
 
THESIS-2(2)
THESIS-2(2)THESIS-2(2)
THESIS-2(2)
 
Institutional Cybersecurity from Military Perspective
Institutional Cybersecurity from Military PerspectiveInstitutional Cybersecurity from Military Perspective
Institutional Cybersecurity from Military Perspective
 
Cyber Terrorism Presentation
Cyber Terrorism PresentationCyber Terrorism Presentation
Cyber Terrorism Presentation
 
Dell Technologies Cyber Security playbook
Dell Technologies Cyber Security playbookDell Technologies Cyber Security playbook
Dell Technologies Cyber Security playbook
 
28658043 cyber-terrorism
28658043 cyber-terrorism28658043 cyber-terrorism
28658043 cyber-terrorism
 
The National Cyber Security Strategy: Success Through Cooperation
The National Cyber Security Strategy: Success Through CooperationThe National Cyber Security Strategy: Success Through Cooperation
The National Cyber Security Strategy: Success Through Cooperation
 
Cyber Terrorism
Cyber TerrorismCyber Terrorism
Cyber Terrorism
 
Computers as weapons of war
Computers as weapons of warComputers as weapons of war
Computers as weapons of war
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorism
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorism
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorism
 
Cyber warfare Threat to Cyber Security by Prashant Mali
Cyber warfare Threat to Cyber Security by Prashant MaliCyber warfare Threat to Cyber Security by Prashant Mali
Cyber warfare Threat to Cyber Security by Prashant Mali
 
document on cyber terrorism
document on cyber terrorismdocument on cyber terrorism
document on cyber terrorism
 

Semelhante a Francesca Bosco, Le nuove sfide della cyber security

Journal of Computer and System Sciences 80 (2014) 973–993Con
Journal of Computer and System Sciences 80 (2014) 973–993ConJournal of Computer and System Sciences 80 (2014) 973–993Con
Journal of Computer and System Sciences 80 (2014) 973–993Con
karenahmanny4c
 
Journal of Computer and System Sciences 80 (2014) 973–993Con.docx
Journal of Computer and System Sciences 80 (2014) 973–993Con.docxJournal of Computer and System Sciences 80 (2014) 973–993Con.docx
Journal of Computer and System Sciences 80 (2014) 973–993Con.docx
croysierkathey
 
Running head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docx
Running head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docxRunning head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docx
Running head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docx
glendar3
 
Running head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docx
Running head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docxRunning head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docx
Running head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docx
todd581
 
cyber security guidelines.pdf
cyber security guidelines.pdfcyber security guidelines.pdf
cyber security guidelines.pdf
VarinSingh1
 
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
alinainglis
 

Semelhante a Francesca Bosco, Le nuove sfide della cyber security (20)

Journal of Computer and System Sciences 80 (2014) 973–993Con
Journal of Computer and System Sciences 80 (2014) 973–993ConJournal of Computer and System Sciences 80 (2014) 973–993Con
Journal of Computer and System Sciences 80 (2014) 973–993Con
 
Journal of Computer and System Sciences 80 (2014) 973–993Con.docx
Journal of Computer and System Sciences 80 (2014) 973–993Con.docxJournal of Computer and System Sciences 80 (2014) 973–993Con.docx
Journal of Computer and System Sciences 80 (2014) 973–993Con.docx
 
Module 1- Introduction to Cybercrime.pptx
Module 1- Introduction to Cybercrime.pptxModule 1- Introduction to Cybercrime.pptx
Module 1- Introduction to Cybercrime.pptx
 
Cyber Security Cooperation
Cyber Security CooperationCyber Security Cooperation
Cyber Security Cooperation
 
Running head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docx
Running head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docxRunning head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docx
Running head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docx
 
Running head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docx
Running head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docxRunning head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docx
Running head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docx
 
cyber security guidelines.pdf
cyber security guidelines.pdfcyber security guidelines.pdf
cyber security guidelines.pdf
 
Cyber Security in 2018
Cyber Security in 2018Cyber Security in 2018
Cyber Security in 2018
 
Safeguarding the Digital Realm: Understanding CyberAttacks and Their Vital Co...
Safeguarding the Digital Realm: Understanding CyberAttacks and Their Vital Co...Safeguarding the Digital Realm: Understanding CyberAttacks and Their Vital Co...
Safeguarding the Digital Realm: Understanding CyberAttacks and Their Vital Co...
 
Cyber(in)security: systemic risks and responses
Cyber(in)security: systemic risks and responsesCyber(in)security: systemic risks and responses
Cyber(in)security: systemic risks and responses
 
Systemic cybersecurity risk
Systemic cybersecurity riskSystemic cybersecurity risk
Systemic cybersecurity risk
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorism
 
Safeguarding the Digital Realm Understanding CyberAttacks and Their Vital Cou...
Safeguarding the Digital Realm Understanding CyberAttacks and Their Vital Cou...Safeguarding the Digital Realm Understanding CyberAttacks and Their Vital Cou...
Safeguarding the Digital Realm Understanding CyberAttacks and Their Vital Cou...
 
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
 
Zero Trust.pptx
Zero Trust.pptxZero Trust.pptx
Zero Trust.pptx
 
Cyber Warfare - Jamie Reece Moore
Cyber Warfare - Jamie Reece MooreCyber Warfare - Jamie Reece Moore
Cyber Warfare - Jamie Reece Moore
 
Cyber Influence Operations
Cyber Influence OperationsCyber Influence Operations
Cyber Influence Operations
 
Microsoft Digital Defense Executive Summary-2022
Microsoft Digital Defense Executive Summary-2022Microsoft Digital Defense Executive Summary-2022
Microsoft Digital Defense Executive Summary-2022
 
Cyberterrorism
CyberterrorismCyberterrorism
Cyberterrorism
 
Cyber security by Gaurav Singh
Cyber security by Gaurav SinghCyber security by Gaurav Singh
Cyber security by Gaurav Singh
 

Mais de Andrea Rossetti

Rossetti-Silvi, Ontologia sociale del documento giuridico
Rossetti-Silvi, Ontologia sociale del documento giuridicoRossetti-Silvi, Ontologia sociale del documento giuridico
Rossetti-Silvi, Ontologia sociale del documento giuridico
Andrea Rossetti
 
Marco Mancarella, eVoting. Dalle esperienze sud-americane a quella salentina
Marco Mancarella, eVoting. Dalle esperienze sud-americane a quella salentinaMarco Mancarella, eVoting. Dalle esperienze sud-americane a quella salentina
Marco Mancarella, eVoting. Dalle esperienze sud-americane a quella salentina
Andrea Rossetti
 
Giuseppe Vaciago, Cybercrime, Digital Investigation e Digital Forensics
Giuseppe Vaciago, Cybercrime, Digital Investigation e Digital ForensicsGiuseppe Vaciago, Cybercrime, Digital Investigation e Digital Forensics
Giuseppe Vaciago, Cybercrime, Digital Investigation e Digital Forensics
Andrea Rossetti
 
Marco Vergani, E-commerce: shopping online e tutela del consumatore
Marco Vergani, E-commerce: shopping online e tutela del consumatore Marco Vergani, E-commerce: shopping online e tutela del consumatore
Marco Vergani, E-commerce: shopping online e tutela del consumatore
Andrea Rossetti
 
Stefano Ricci, Privacy & Cloud Computing
Stefano Ricci, Privacy & Cloud ComputingStefano Ricci, Privacy & Cloud Computing
Stefano Ricci, Privacy & Cloud Computing
Andrea Rossetti
 
Giuseppe Vaciago, Privacy e cloud computing nelle investigazioni digitali
Giuseppe Vaciago, Privacy e cloud computing nelle investigazioni digitaliGiuseppe Vaciago, Privacy e cloud computing nelle investigazioni digitali
Giuseppe Vaciago, Privacy e cloud computing nelle investigazioni digitali
Andrea Rossetti
 
Simone Aliprandi, Open source, open content, open data nell'ordinamento itali...
Simone Aliprandi, Open source, open content, open data nell'ordinamento itali...Simone Aliprandi, Open source, open content, open data nell'ordinamento itali...
Simone Aliprandi, Open source, open content, open data nell'ordinamento itali...
Andrea Rossetti
 
Dal checco Dezzani, Digital Evidence Digital Forensics
Dal checco Dezzani, Digital Evidence Digital ForensicsDal checco Dezzani, Digital Evidence Digital Forensics
Dal checco Dezzani, Digital Evidence Digital Forensics
Andrea Rossetti
 
Davide Gabrini, Cloud computing e cloud investigation
Davide Gabrini, Cloud computing e cloud investigationDavide Gabrini, Cloud computing e cloud investigation
Davide Gabrini, Cloud computing e cloud investigation
Andrea Rossetti
 
Sveva Avveduto, Gli italiani nella rete. Un popolo di "naviganti" nella soci...
Sveva Avveduto, Gli italiani nella rete. Un popolo di "naviganti" nella soci...Sveva Avveduto, Gli italiani nella rete. Un popolo di "naviganti" nella soci...
Sveva Avveduto, Gli italiani nella rete. Un popolo di "naviganti" nella soci...
Andrea Rossetti
 
Gianluigi Viscusi, Libertà e pluralismo dei valori II
Gianluigi Viscusi, Libertà e pluralismo dei valori IIGianluigi Viscusi, Libertà e pluralismo dei valori II
Gianluigi Viscusi, Libertà e pluralismo dei valori II
Andrea Rossetti
 
Gianluigi Viscusi, Libertà e pluralismo dei valori I
Gianluigi Viscusi, Libertà e pluralismo dei valori IGianluigi Viscusi, Libertà e pluralismo dei valori I
Gianluigi Viscusi, Libertà e pluralismo dei valori I
Andrea Rossetti
 
Giuseppe Vaciago, Digital Forensics: aspetti tecnici e profili processuali
Giuseppe Vaciago, Digital Forensics: aspetti tecnici e profili processualiGiuseppe Vaciago, Digital Forensics: aspetti tecnici e profili processuali
Giuseppe Vaciago, Digital Forensics: aspetti tecnici e profili processuali
Andrea Rossetti
 
Carlo Prisco, Profili giuridici della corrispondenza elettronica
Carlo Prisco, Profili giuridici della corrispondenza elettronicaCarlo Prisco, Profili giuridici della corrispondenza elettronica
Carlo Prisco, Profili giuridici della corrispondenza elettronica
Andrea Rossetti
 

Mais de Andrea Rossetti (20)

2015-06 Monica Palmirani, L'informazione giuridica nella società della conos...
2015-06 Monica Palmirani, L'informazione giuridica nella società della conos...2015-06 Monica Palmirani, L'informazione giuridica nella società della conos...
2015-06 Monica Palmirani, L'informazione giuridica nella società della conos...
 
2015 06 Stefano Ricci, Trattamento dati personali per finalità di informazio...
2015 06 Stefano Ricci, Trattamento dati personali per finalità di informazio...2015 06 Stefano Ricci, Trattamento dati personali per finalità di informazio...
2015 06 Stefano Ricci, Trattamento dati personali per finalità di informazio...
 
2015-06 Roberto Boselli, Dal dato non strutturato alle ontologie
2015-06 Roberto Boselli, Dal dato non strutturato alle ontologie2015-06 Roberto Boselli, Dal dato non strutturato alle ontologie
2015-06 Roberto Boselli, Dal dato non strutturato alle ontologie
 
Marco Vergani, E-commerce
Marco Vergani, E-commerceMarco Vergani, E-commerce
Marco Vergani, E-commerce
 
Rossetti-Silvi, Ontologia sociale del documento giuridico
Rossetti-Silvi, Ontologia sociale del documento giuridicoRossetti-Silvi, Ontologia sociale del documento giuridico
Rossetti-Silvi, Ontologia sociale del documento giuridico
 
Marco Mancarella, eVoting. Dalle esperienze sud-americane a quella salentina
Marco Mancarella, eVoting. Dalle esperienze sud-americane a quella salentinaMarco Mancarella, eVoting. Dalle esperienze sud-americane a quella salentina
Marco Mancarella, eVoting. Dalle esperienze sud-americane a quella salentina
 
Giuseppe Vaciago, Cybercrime, Digital Investigation e Digital Forensics
Giuseppe Vaciago, Cybercrime, Digital Investigation e Digital ForensicsGiuseppe Vaciago, Cybercrime, Digital Investigation e Digital Forensics
Giuseppe Vaciago, Cybercrime, Digital Investigation e Digital Forensics
 
Marco Vergani, E-commerce: shopping online e tutela del consumatore
Marco Vergani, E-commerce: shopping online e tutela del consumatore Marco Vergani, E-commerce: shopping online e tutela del consumatore
Marco Vergani, E-commerce: shopping online e tutela del consumatore
 
Stefano Ricci, Privacy & Cloud Computing
Stefano Ricci, Privacy & Cloud ComputingStefano Ricci, Privacy & Cloud Computing
Stefano Ricci, Privacy & Cloud Computing
 
Giuseppe Vaciago, Privacy e cloud computing nelle investigazioni digitali
Giuseppe Vaciago, Privacy e cloud computing nelle investigazioni digitaliGiuseppe Vaciago, Privacy e cloud computing nelle investigazioni digitali
Giuseppe Vaciago, Privacy e cloud computing nelle investigazioni digitali
 
Simone Aliprandi, Open source, open content, open data nell'ordinamento itali...
Simone Aliprandi, Open source, open content, open data nell'ordinamento itali...Simone Aliprandi, Open source, open content, open data nell'ordinamento itali...
Simone Aliprandi, Open source, open content, open data nell'ordinamento itali...
 
Dal checco Dezzani, Digital Evidence Digital Forensics
Dal checco Dezzani, Digital Evidence Digital ForensicsDal checco Dezzani, Digital Evidence Digital Forensics
Dal checco Dezzani, Digital Evidence Digital Forensics
 
Davide Gabrini, Cloud computing e cloud investigation
Davide Gabrini, Cloud computing e cloud investigationDavide Gabrini, Cloud computing e cloud investigation
Davide Gabrini, Cloud computing e cloud investigation
 
Alessio Pennasilico, Cybercrime e cybersecurity
Alessio Pennasilico, Cybercrime e cybersecurityAlessio Pennasilico, Cybercrime e cybersecurity
Alessio Pennasilico, Cybercrime e cybersecurity
 
Francesca Bosco, Cybercrime e cybersecurity. Profili internazionali
Francesca Bosco, Cybercrime e cybersecurity. Profili internazionaliFrancesca Bosco, Cybercrime e cybersecurity. Profili internazionali
Francesca Bosco, Cybercrime e cybersecurity. Profili internazionali
 
Sveva Avveduto, Gli italiani nella rete. Un popolo di "naviganti" nella soci...
Sveva Avveduto, Gli italiani nella rete. Un popolo di "naviganti" nella soci...Sveva Avveduto, Gli italiani nella rete. Un popolo di "naviganti" nella soci...
Sveva Avveduto, Gli italiani nella rete. Un popolo di "naviganti" nella soci...
 
Gianluigi Viscusi, Libertà e pluralismo dei valori II
Gianluigi Viscusi, Libertà e pluralismo dei valori IIGianluigi Viscusi, Libertà e pluralismo dei valori II
Gianluigi Viscusi, Libertà e pluralismo dei valori II
 
Gianluigi Viscusi, Libertà e pluralismo dei valori I
Gianluigi Viscusi, Libertà e pluralismo dei valori IGianluigi Viscusi, Libertà e pluralismo dei valori I
Gianluigi Viscusi, Libertà e pluralismo dei valori I
 
Giuseppe Vaciago, Digital Forensics: aspetti tecnici e profili processuali
Giuseppe Vaciago, Digital Forensics: aspetti tecnici e profili processualiGiuseppe Vaciago, Digital Forensics: aspetti tecnici e profili processuali
Giuseppe Vaciago, Digital Forensics: aspetti tecnici e profili processuali
 
Carlo Prisco, Profili giuridici della corrispondenza elettronica
Carlo Prisco, Profili giuridici della corrispondenza elettronicaCarlo Prisco, Profili giuridici della corrispondenza elettronica
Carlo Prisco, Profili giuridici della corrispondenza elettronica
 

Francesca Bosco, Le nuove sfide della cyber security

  • 1. Le nuove sfide della cybersecurity: Internet for peace...o for war? Ms. Francesca Bosco Project Officer Interregional Crime and Justice Research Institute (UNICRI) 01 Aprile 2011 Università degli Studi di Milano Bicocca
  • 5. Vulnerability:root causes • A highly interconnected system of general purpose computers, not designed with security in mind – vulnerable software provides “launch pads” for easy propagation of attacks – erosion of the traditional perimeter (access systems and data “anytime, anywhere”) • Shift from“attacks against networks” to “attacks against (web) applications” and “attacks against users and data” • Insufficient security awareness of (some) application developers and end users
  • 6. Example: How Vulnerable are UN Systems ? -which system? – publicly accessible websites – central internal applications (IMIS, email, etc.) – end user systems (desktops, laptops, BB, etc.) -which threat? – denial of service – “defacement” – abuse / threat to third parties – “APT” type attacks
  • 7. State of Play UN systems are frequently attacked – defacements (political, “commercial”) – abuse of web sites to disseminate “malware” – abuse of email systems to send spam/fraudulent email – forging of UN email addresses to commit fraud Several known examples of “APT” type attacks – very credible email messages – attachments deemed safe by Anti-Virus software – successful compromise of a single computer leads to further compromises on internal networks
  • 8. Current situation:general • All systems are “compromisable”; perfect security is unattainable • Objective is to continue safe operation in a compromised environment, to have systems that are defensible, rather than perfectly secure • Cybersecurity is an adversarial science
  • 9. Evolution of the threat landscape  Mobile threats – voracious malware targeting mobile devices and the proliferation of mobile banking.  (More) Web 2.0 malware – Attackers leveraging Social Networks.  Attackers exploiting the erosion of network boundaries after the adoption of cloud computing.  Highly-motivated attackers with strong logistic or financial support.
  • 11. Top 5 security threats for 2011 1) Traditional malware Traditional malware will remain the primary mechanism of distributing software to computers on the internet. Recent numbers indicate roughly 55,000 new malware pieces identified every day, which continues the exponential growth pattern into 2010. This trend will only continue. 2) Shift to advanced persistent threat (APT) Attacks will be more advanced, targeted at a specific institution with a goal to acquire specific data. Often described as Advanced Persistent Threat (APT), these attacks are designed to infiltrate an organisation, hop the firewall and acquire a target. Once the software gets behind the firewall, it hops around the organisation investigating and gathering information about the internal system. It then uses this information to gain privileged access to critical information (e.g., transactions processing, customer lists or HR records) and begins stealing sensitive data. Without proper monitoring in place, it can be weeks or months before an organisation detects that it is under attack. 3) Focus on finance, hospitality and retail Financial services, hospitality and retail industries will face an increased number of threats. As data from the 2010 data breach report issued by the Verizon RISK team and the U.S. Secret Service shows, these three industries combined currently represent 71% of all data breaches. 4) Mobile devices increase vulnerabilities Seven out of ten companies still don’t have explicit policies outlining which devices can be logged on to the network or on working in public places. As more people work and access information remotely, the threat levels from existing vulnerabilities will increase and new ones will appear. 5) Hactivism as a new type of threat The most visible example of hactivism were the recent attacks by Anonymous, a group that targeted MasterCard, Visa and PayPal after those companies cut off financial services to WikiLeaks. We may see more of these types of attack by groups representing political and environmental organisations.
  • 12. What is Cyber Security? Cyber security refers to measures for protecting computer systems, networks, and information systems from disruption or unauthorized access, use, disclosure, modification, or destruction. The basic objectives of Cyber Security are to ensure the Confidentiality, Integrity, and Availability of data.
  • 13. What is Cyber Security? Confidentiality has been defined by the International Organization for Standardization (ISO) as "ensuring that information is accessible only to those authorized to have access" and is one of the cornerstones of information security. Confidentiality is one of the design goals for many cryptosystems, made possible in practice by the techniques of modern cryptography. Integrity of the information implies that the data in question has not been tampered with through accidental or malicious activity. Source integrity also plays into this - ensuring that any piece of data actually came from the source claimed and not a "man-in-the-middle" or third party. Availability means that the information, the computing systems used to process the information, and the security controls used to protect the information are all available and functioning correctly when the information is needed = timely, reliable access to data and information services for authorized users.
  • 14. Information security incidents • Information Security Incident: – an attempted or successful unauthorized access, use, disclosure, modification or destruction of information; – interference with the operation of ICT resources; or – violation of explicit or implied acceptable usage policy (as defined in ST/SGB/2004/15) • Classification by common observable elements: § - Agent (internal/external)- Action § - Asset - Attribute • does not include “motive” or “attributable source”
  • 15. Cybersecurity as a Balancing Act Investigative readiness vs. Privacy Availability vs. Security Regulation vs. Innovation Enterprise vs. Protection How can we make the Internet and our “Cyber -Assets” safer without sacrificing simplicity, privacy or availability?
  • 16. Why do we need to talk about it? Government agencies constantly face cyber attacks Businesses are losing revenue to cybercriminals Users are being targeted for their Personal Identifiable Information (PII) Cybersecurity is a global issue, which can only be solved with global solutions  Need for increased cooperation and coordination at the global level  International community must work together to ensure a coordinated response.
  • 17. HOW MANY CYBER- DO YOU KNOW?
  • 18. Information technology...for war? • Military history scholars argue that warfare has shifted towards a Fourth Generation of Warfare • Technology not only enables asymmetry in power relations, but can also be used to overcome it, undermining the enemy from within • Information Age, military operations have been impacted and transformed. Likewise no civil society sector has remained immune from the information revolution. The ―national information infrastructure- (NII) is defined as the set of information systems and networks on which a nation depends to function • In net-wars the confrontation takes place between “states and non- state actors, non-state actors that use states as arenas, or states that use non-state actors as their proxies”
  • 19. What’s cyberwar The United Nations Institute of Training and Research defines cyberwar as: ―The deliberate use of information warfare by a state, using weapons such as electro-magnetic pulse waves, viruses, worms, Trojan horses, etc., which target the electronic devices and networks of an enemy state- Richard Clarke, a U.S. government security expert, defines cyberwar as: ―Actions by a nation-state to penetrate another nation’s computers or networks for the purposes of causing damage or disruption.
  • 20. Cyber Warfare & Cyber Terrorism Cyber Warfare and Terrorism is one of the fifteen modalities of UnRestricted Warfare (URW) also called asymmetric warfare. Cyber Warfare & Terrorism “The premeditated use of disruptive activities, or the threat thereof, against computers and/or networks, with the intention to cause harm or further social, ideological, religious, political or similar objectives. Or to intimidate any person in furtherance of such objectives.” Source: U.S. Army Cyber Operations and Cyber Terrorism Handbook 1.02
  • 21. Cyberterrorism Cyberterrorism is a phrase used to describe the use of Internet based attacks in terrorist activities, including acts of deliberate, large-scale disruption of computer networks, especially of personal computers attached to the Internet, by the means of tools such as computer viruses. Cyber terrorism is generally understood as the crossing over of terrorism and cyberspace. This leads to unlawful attacks and threats of attacks against computer, networks and the info stored therein.
  • 22. What’s cyberterrorism Controversial term !!!!! First we need to clarify: Terrorist use of the Internet v Cyber Terrorism
  • 23. Focus THE INTERNET: AN ATTRACTIVE ARENA FOR TERRORIST PUBLICITY The internet is an ‘informational weapon’ for terrorists, as it provides: Easy access A decentralised structure Little or no regulation, censorship, or other forms of government control Potentially huge audiences spread throughout the world Anonymity of communication Fast flow of information Inexpensive development and maintenance of web presence A multimedia environment (the ability to combine text, graphics, audio, video, and allow users to download films, songs, books, posters etc) The ability to shape coverage in the traditional mass media Source: “www.terror.net: How Modern Terrorism Uses the Internet” by Prof. Gabriel Weimann
  • 24. Focus TERRORIST PURPOSES IN USING THE INTERNET Data Mining (using the internet to collect intelligence) Training Fundraising Networking Recruitment and Radicalisation The internet is an important source for discovering and grooming potential jihadists Publicity
  • 25. Focus MAIN AREAS OF CYBER PRESENCE Mass media Official ‘jihadist’ websites A well-designed and well-maintained Web site gives a group an aura of legitimacy and increasingly attracts attention from the mass media in and of itself Unofficial websites Forums and blogs Distributor sites Video sites Youtube and liveleak
  • 26. Focus OBJECTIVES OF ONLINE TERRORIST PUBLICITY 1. To wage psychological warfare (through terror) and advance a cause Terrorist use internet publicity to: • amplify panic • spread fear • facilitate economic loss (eg. scaring away investment and tourism) • make populations loose faith in their governments' ability to protect them • trigger government and popular overreaction to specific incidents and the overall threat of terrorism
  • 27. Focus OBJECTIVES OF ONLINE PUBLICITY 2. To gain sympathy and support of their cause The Internet has significantly increased the opportunities for terrorists to secure publicity for their ideological causes and spread propaganda. The Internet has become a virtual library of terrorist material, granting easy access to everything from political, ideological and theological literature, via fatwas and khutbas, to videos of assaults and attacks, and even video games.
  • 28. When does a computer attack become an act of terrorism or of war? Information warfare, in information technology, is that series of actions aimed at exploiting, corrupting, wasting or destroying the information or information resources of the enemy in order to achieve a significant advantage, using the same weapon.
  • 29. Modern Weapons Economics What does a stealth bomber cost? $1.5 to $2 billion What does a stealth fighter cost? $80 to $120 million What does a cruise missile cost? $1 to $2 million What does a cyber weapon cost? $300 to $50,000
  • 30. Interesting Quote NATO's cyber defense chief has warned that computer-based terrorism poses the same threat to national security as a missile attack. He went on to say that “Cyber war can become a very effective global problem because it is low-risk, low-cost, highly effective and easily globally deployable. It is almost an ideal weapon that nobody can ignore.“ Using this as a framework, we can put into context the evolving architecture for cyber weapons.
  • 31. How to build a cyber weapon: Cyber Weapons Design-1 Cyber Weapon – Delivery Vehicle There are numerous methods of delivering cyber weapons to their targets. Emails with malicious code embedded or attached is one mechanism of delivery. Another delivery vehicle is web sites that can have malicious links and downloads. Hacking is a manually delivery vehicle that allows a cyber soldier to place the malicious payload on a target computer, system or network. Counterfeit hardware, software and electronic components can also be used as delivery vehicles for cyber weapons.
  • 32. Cyber Weapons Design-2 Cyber Weapon – Delivery Vehicle Just as a navigation system guides a missile, it allows the malicious payload to reach a specific point inside a computer, system or network. System vulnerabilities are the primary navigation systems used in cyber weapons. Vulnerabilities in software and computer system configurations provide entry points for the payload of a cyber weapon. These security exposures in operating systems or other software or applications allow for exploitation and compromise. Exploitation of these vulnerabilities may allow unauthorized remote access and control over the system.
  • 33. Cyber Weapons Design-3 Cyber Weapon – Delivery Vehicle The payload of a missile is sometimes called a warhead and is packed with some type of explosive. In a cyber weapon the payload could be a program that copies information off of the computer and sends it to an external source. It can also be a program that begins to ease or alter information stored on the system. Finally, it can allow remote access so that the computer can be controlled or directed over the internet. A “bot” (a component of a botnet) is a great example of a payload that allows remote use of the computer by an unauthorized individual or organization.
  • 34. Cyber Weapons Design-4 Cyber Weapon – Architecture This three element architecture demonstrates how advanced and sophisticated cyber weapons are becoming. The architecture creates reusability and reconfiguration of all three components. As one software or system vulnerability is discovered, reported and patched, that component can be removed and replaced while the other two components are still viable. This not only creates flexibility but also significantly increase the productivity of the cyber weapons developers.
  • 35. Recent events discussed on the media • Cyber Attack on Estonia [April 2007] – sometimes referred to as “Web War 1” – sophisticated and large set of denial of service (DoS) attacks on Estonian parliament, banks, ministries, newspapers, other web sites – severe effect on above institutions for approximately three weeks • Cyber Attack against Georgia [August 2008] – denial of service against gov’t web sites – concurrent with armed conflict • Advanced Persistent Threat (APT) [December 2009] – (a.k.a. “Google war”) – “deep infiltration” of several technology providers • Stuxnet [June 2010] – technically highly sophisticated “malware” that appears to target Iranian nuclear facilities
  • 36. Estonia depended largely on the Nearly every bank in the United The U.S. is internet because of the country's States runs its operations on an increasingly "paperless government" and web- internal network that connects to dependent on "... based banking. If these services are the Internet the unimpeded made slower, we of course lose Sandeep Junnarkar and secure flow CNET News, 2002 of technology.“ economically Mihkel Tammet, head of CIA Report IT security at the Hackers are intensifying Cyber Threats and Estonian defence ministry, 2007 the US Economy, their efforts to 2007 compromise social- networking sites using unsecure Web 2.0 With global attacks on data networks Jon Swartz increasing at an alarming rate, in a more USA TODAY, 2008 organized and sophisticated manner, and ….repercussions go beyond the loss of often originating from state-sponsored personal data, security experts say. As sources, there is precious little time to lose. more consumers are victimized, it could Tim Bennett, president of the undercut their confidence in legitimate Cyber Security Industry Alliance, 2008 websites Billy Hoffman, manager of Hewlett-Packard Security Labs Several nations, including China and Russia, “have the technical capabilities to target and disrupt elements of the U.S. information infrastructure and for intelligence …regarding counter-terrorism must be pursued collection.” “Information sharing with our allies and Mike McConnell, Director of National Intelligence partners to support counter-terrorist operations during the Senate Intelligence Committee overseas”; The National Security Strategy of the United Kingdom - Security in an interdependent world
  • 37. “Cyber War” In Estonia, 2007
  • 38. Stuxnet Iran was prime target of SCADA worm July 23 2010 http://www.computerworld.com/s/article/9179618/Iran_was_prime_target_of_SCADA_worm The First Cyber Attack Specifically Targeting Control Systems According to antivirus company Symantec Corp., Stuxnet looks for industrial control systems and then changes the code in them to allow the attackers to usurp controls of industrial equipment such as sensors, actuators, pumps, and valves without the operators knowing. “Stuxnet searches for industrial control systems, often generically (but incorrectly) known as SCADA systems, and if it finds these systems on the compromised computer, it attempts to steal code and design projects,” Symantec explained. “It may also take advantage of the programming software interface to also upload its own code to the Programmable Logic Controllers (PLC), which are ‘mini-computers’, in an industrial control system that is typically monitored by SCADA systems.” Very complex Windows-specific computer worm that infects computers and connected industrial control equipment (PLCs)  First known worm to attack industrial infrastructure Spreads through USB thumb drives as well as network connections Utilizes four “zero-day” exploits Uses stolen valid security certificates Initial high rate of infection in Iran, specifically found at nuclear facilities  May be government (Israel, US, UK?) attempt to damage Iranian nuclear facilities  Unclear if delay or damage actually occurred Worm has spread to many other countries (including large infection of Chinese systems)
  • 39. Focus SCADA: Why do I care? SCADA systems are essentially the arteries of national infrastructure, the behind-the- scenes devices that make our day to day life convenient and safe. Any disruption could lead to major inconvenience, or even loss of life… The dangers inherent in obscure or rustic SCADA architectures are very real, and no vendor or governmental body responsible for NCIs can afford to let a lack of communication be an excuse for passivity…
  • 41. Focus SCADA • Supervisory Control And Data Acquisition NCI • National Critical Infrastructure Other terms: • ICS – Industrial Control Systems • PCS – Process Control System - Also known as Distributed Control System (DCS) SCADA Generations and Evolution: 1. Monolithic – Mainframe computing, limited to no connectivity. 2. Distributed – Proprietary networking technology led to increased efficiency and redundancy due to real-time information sharing and specialization of tasks. 3. Networked – Transition to modern, °open° networking standards such as IP (Internet Protocol) and the deployment of “thin clients” and web applications to facilitate operations.
  • 42. Focus NCI Examples Modern NCIs can be resumed as:  Food  Agricultural and processing industry  Food safety  Food distribution  Water  Drinking water treatment  Wastewater management  Transportation  Air  Land (rail, roads)  Marine
  • 43. Focus NCI Examples Modern NCIs can be resumed as:  Safety  Chemical, biological, radiological and nuclear safety  Hazardous materials  Emergency services (police, fire, amublance, etc)  Manufacturing  Chemical industry  Defense industrial base
  • 44. Cybersecurity: What we’re doing wrong 1) We tend to seek a “centralized” solution to what is a very multi-dimensional problem with hidden interdependencies. 2) Opacity – We are not enforcing enough transparency nor regulating the disclosure of data breaches. 3) We aren’t moving away from a purely technical view towards a global shared approach with Political Vision, Strategy, Policies and Standards.
  • 45. Cybersecurity: What we’re doing right 1) Public – Private Partnerships 2) Developing technical solutions. 3) Information exchange and awareness raising at various levels.
  • 46. Why cybersecurity partnership matters • Public and private sectors need to share more information--more parties must be included and new platforms used. • They must pay more attention to defending against attacks that threaten critical IT infrastructure and even damage physical facilities • Much of the activity revolves around information sharing in key industries. • Their collaboration must be ratcheted up to the next level--real-time identification and response as threats occur and, more to the point, "moving security practices from a reactionary posture to one that's proactive and pre-emptive"
  • 48. Example Critical Infrastucture Protection in Italy (2010) • Information security is an integral part of the e-government 2010 plan • 2010-A Technical group was established, under the Presidency of the Council of Ministers, to “foster coordination at the national and international level with regard to critical infrastuctures and its protection from cyberattacks” • June 2009-Centro nazionale anticrimine informatico per la protezione delle infrastrutture critiche (CNAIPIC) • In 2007, the Bank of Italy approved a set of guidelines to ensure continuity for the main financial actors, in case of cyberattack.
  • 49. Creating a culture of security Despite our best efforts over the years, we need a new, comprehensive doctrine and perspective to face the innovative threats.
  • 50. 1.Towards a new Policy Framework Recognise the Internet as a key infrastructure in addressing mainstream policy challenges (e.g. ageing, health, environment, globalisation…) Reaffirm fundamental principles (e.g. privacy, security, policies to promote broadband access on fair terms and competitive prices…) Recognise the Internet as an agent of change and foster an enabling environment so that it can make positive contributions
  • 51. 2. Building Confidence The Internet reflects the real world – shapes it and is shaped by it – and has a dark side. Confidence and trust in the Internet and about its vulnerability to events, both accidental and malicious. Issues:  Multilateral efforts to ensure the security and integrity of the Internet have been limited  We need to embed privacy protection in the design of applications and devices (social networking sites; profiling and advertising; geolocation; sensors and RFID)  We need to identify and enforce the rights and obligations to protect digital identity  Security Considerations: (i) technical – diffusion of traffic rather than optimisation of traffic for DoS; security of connection (SSL) vs. authentication of content; use of virtual machines (ii) social -- Co-operation to protect availability, integrity, confidentiality (security)  Protect and inform consumers, redress and enforcement of consumer protection measures, including across jurisdictional borders  Rising concerns regarding “cybersecurity”.
  • 52. 3.Public-Private Partnerships (PPP) To emphasize: Both the private sector and the public sector have crucial roles to play. The private sector leads, the government enables. It is important that both agree and are aware of their respective roles.
  • 53. International cooperation The European Convention on cybercrime • The Council’s of Europe Convention on Cybercrime was opened for signatures on the 23rd of November 2001. • In January 2003, an additional Protocol was adopted, concerning the criminalization of acts of racism and xenophobia committed through computer systems. This protocol has not been signed by several states and has not yet entered into force. • At the present time, 46 States among Member and non-Member States of the Council of Europe signed the Convention • Italian ratification: 2008
  • 54. Why Council of Europe Convention on cybercrime?  The only multilateral treaty dealing with cybercrime matters already implemented in many countries while others are taking into consideration to become Party  A guideline for drafting the legislation on cybercrime  Provides important tools for law enforcement to investigate cybercrime  Ensure adequate protection of human rights and liberties according to the relevant international documents  Flexible mechanisms to avoid conflicts with national legislations and proceedings CC provides for countries:  Coherent national approach to legislation on cybercrime  Harmonisation of criminal law provisions on cybercrime with those of other countries  Legal and institutional basis for international LE and judicial cooperation with other parties  Participation in the Consultations of the Parties  The treaty as a platform facilitating public-private cooperation Source:COE Convention provides global standards and a framework for an effective fast international cooperation October, 2008
  • 55. Legal What needs to be done next • Develop international law to accommodate cyber warfare offensive and defensive activities, thus making it operative for the cyber age. • In that regard, elaborate on the UN Charter in the direction of topical interpretations: Define Article 2 armed attack and Article 51 limits of self-defense, define the concept of cyber weapon, define operational modes for Chapter VII action in case of cyber attack, develop and analyze scenarios of cyber war and cyber terrorism with a view to their legal consequences. • Drawing upon NATO’s Strasbourg/Kehl Summit Declaration, and previous NATO work in analyzing gaps in the international legal framework with respect to collective response, develop proposed amendments to NATO Treaty definitions of armed attack and territorial integrity and clarification of collective responses to accommodate collective cyber activities, self defence actions, and communication requirements. • Encourage the ratification of the Council of Europe Convention on Cybercrime (“Convention”) and internal implementation by signatory states, and, where this does not obtain, encourage the harmonization of cybercrime laws (substantively and procedurally) around the globe consistent with the Convention and the cybercrime laws enacted in developed nations.
  • 56. What needs to be done next Technical • Develop enterprise level security metrics so security progress can be measured • Enable time-critical system availability and resiliency across distributed systems. • Improve the ability to track and trace cyber communications to enable source identification (accountability) and use of digital assets by technical means • Improve transparency of network operations to enable visibility of activities, knowledge of status of operations, and identification of issues as a diagnostic tool to enhance security. • Develop digital identification mechanisms to protect and advance the interconnection of devices, information, and networks. • Address the security challenges of mobile/wireless systems. The widespread and exponential deployment of such devices and systems presents security challenges in and of themselves and the risks they present to interconnected systems and devices.
  • 57. It’s a Collective Effort: Example Shared datasets Red Teaming System stress tests Shared common problem to tackle … Academia ecosystem Industry Government New models of engagement Sustained investment models Lightweight submission and reporting …
  • 58. “The pursuit of peace and progress cannot end in a few years in either victory or defeat. The pursuit of peace and progress, with its trials and its errors, its successes and its setbacks, can never be relaxed and never abandoned.” Dag Hammarskjold, UN Secretary-General, 1953 - 1961 58
  • 59. Q&A Only by joining forces and bringing together our strategic capabilities will we be able to address current and emerging cyberthreats !
  • 60. Ms. Francesca Bosco Project officer on Cybercrime Emerging Crimes Unit E-mail: bosco@UNICRI.it Thank you www.unicri.it for your attention. http://www.unicri.it/wwd/cyber_crime/index.php