A perspective for counter strategy against cybercrime and cyber espionage
1. Gohsuke Takama / , Meta Associates, 2011 9
http://www.slideshare.net/gohsuket
2. about…
✴ Gohsuke Takama
✴ Meta Associates (http://www.meta-associates.com/)
✴founder & president, connector, analyst, planner
✴ local organizer of security conferences: BlackHat Japan, PacSec
✴ liaison of security businesses: Patch Advisor, SecWest
✴ organizer of tech entrepreneur / startup support events
✴ independent tech journalist for over 10 years
✴ for security news: http://blog.f-secure.jp/ http://scan.netsecurity.ne.jp/
✴ Privacy International (London, UK http://www.privacyinternational.org/)
✴advisory board member
✴ Computer Professionals for Social Responsibility (http://cpsr.org/)
✴Japan chapter founding supporter
3. "what happened in the last 2 years"
• OperationAurora, ShadyRAT, ...
• Stuxnet
• (MENA) *new
• Wikileaks *new
• Sony PSN
• Anonymous *new
• Indira Gandhi
38. "perspective for counter strategy"
set basic security measures:
✴ prevention, detection, response
✴
✴
✴ : 100%
✴ :
✴ (APT )
✴ PET (Privacy Enhancing Technology )
✴ PIA (Privacy Impact Assessment )
39. "perspective for counter strategy"
be creative:
✴
✴ soft power
•
• PR deflective PR
✴ social intelligence
( )
✴ counter social engineering
•
•
40. "perspective for counter strategy"
be creative: Learn Attack Technique
•
•
• = CTF (Capture The Flag)
•
• DEFCON CTF
CTF
•
41. "perspective for counter strategy"
be creative: Soft Power
• Soft Power = 1990 Joseph Nye
• Hard Power
•
• http://en.wikipedia.org/wiki/Soft_power
• /
•
•
46. references
• CEOs - the new corporate fraudstersds http://www.iol.co.za/
sundayindependent/ceos-the-new-corporate-fraudstersds-1.1144649
• PwC Survey Says: Telecoms Are Overconfident About Security http://
www.readwriteweb.com/cloud/2011/09/pwc-survey-says-telecoms-are-o.php
• Cyber attack led to IGI shutdown http://www.indianexpress.com/news/
cyber-attack-led-to-igi-shutdown/851365/
• Anonymous announces global plans http://www.digitaltrends.com/
computing/video-anonymous-announces-global-plans/
• ANONYMOUS - OPERATION PAYBACK - Sony Press Release http://
www.youtube.com/watch?v=2Tm7UKo4IBc
• Operation Payback - Anonymous Message About ACTA Laws, Internet
Censorship and Copyright http://www.youtube.com/watch?
v=kZNDV4hGUGw
• Anonymous: Message to Scientology http://www.youtube.com/watch?
v=JCbKv9yiLiQ
• Anonymous http://www.atmarkit.co.jp/
fsecurity/special/161dknight/dknight01.html
47. references
• 28 Nation States With Cyber Warfare Capabilities http://
jeffreycarr.blogspot.com/2011/09/27-nation-states-with-cyber-warfare.html
• Far East
Research http://scan.netsecurity.ne.jp/archives/52017036.html
• CVE-2011-0611 : Adobe Flash Player SWF Memory Corruption Vulnerability
http://www.youtube.com/watch?v=DP_rRf468_Y
• MYBIOS. Is BIOS infection a reality? http://www.securelist.com/en/analysis/
204792193/MYBIOS_Is_BIOS_infection_a_reality
• McAfee Virtual Criminology Report 2007 http://us.mcafee.com/en-us/local/
html/identity_theft/NAVirtualCriminologyReport07.pdf
• Google Zeitgeist http://blog.f-secure.jp/
archives/50630539.html
• "The Tragedies in Oslo and on Utøya island" Speech held by King Harald V
http://www.kongehuset.no/c27262/nyhet/vis.html?tid=92959
48. references
• -- DEFCON CTF
http://scan.netsecurity.ne.jp/archives/52002536.html
• PET
http://www.soumu.go.jp/denshijiti/pdf/
jyumin_p_s3.pdf
• PIA
http://www.soumu.go.jp/denshijiti/pdf/jyumin_p_s2.pdf
• http://
jp.reuters.com/article/topNews/idJPJAPAN-21406320110527
• GIE
http://d.hatena.ne.jp/ukky3/20110829/1314685819
• Diginotar Black.Spook
http://blog.f-secure.jp/archives/50626009.html
49. references
• Computer virus hits US Predator and Reaper drone fleet http://
arstechnica.com/business/news/2011/10/exclusive-computer-virus-hits-
drone-fleet.ars
• F-Secure: Possible Governmental Backdoor found, MD5 hashes ("case
R2D2") http://www.f-secure.com/weblog/archives/00002249.html
• State-sponsored spies collaborate with crimeware gang | The Unholy APT-
botnet union http://www.theregister.co.uk/2011/09/13/
apt_botnet_symbiosis/
• NISC 10 7 http://www.nisc.go.jp/
conference/seisaku/index.html#seisaku27