SlideShare uma empresa Scribd logo

Why there will be a Cyber-9/11. Soon (Cyber security, cybercrime, terrorism)

Lars Hilse Global Thought Leader in #CyberSecurity, #CyberTerrorism, #CyberDefence, #CyberCrime
Lars Hilse Global Thought Leader in #CyberSecurity, #CyberTerrorism, #CyberDefence, #CyberCrime

In correlation between decreasing software quality standards and increased demand for convenience, resulting in ever increasing deployment of network connected infrastructure, the risk of exploitation increases exponentially. This paper outlines the coherent intertwinement between aforementioned factors and factors like cybercrime, and cyber terrorism become a much neglected problem. Cyber security must become an essential part of such things as the upcoming smart grid.

Governo e ONGs
1 de 4
Baixar para ler offline
CREATING THE LEADERS OF THE DIGITAL ECONOMY Lars Hilse – Digital Strategy Consultants Eichstrasse 10 B | 25767 Bunsoh | Germany +1 (949) 208 4181 | +49 (0)4835 9513027 | +44 (0)845 5089559 WWW.LARSHILSE.COM //WHY THERE WILL BE A CYBER-9/11. SOON Published on July 29 th , 2014 // 1//EXECUTIVE SUMMARY To orchestrate and execute a major cyber terrorism attack, you need to circumvent four major obstacles: • Anonymous communication, so that you cannot be interrupted during the planning • Finding the right specialists with a low ethical standard (or short on cash) • Transferring assets to pay these specialists untraceably across borders • Vulnerable infrastructure you can exploit for such attacks. I have privately funded over two years of research worth over USD $125.000, revealing not only financial crimes with damages in excess of USD $2+ trillion p. a. During the research I have come to the conclusion that the aforementioned obstacles can all be circumvented today, and that vulnerabilities in both in civilian and military infrastructure can be exploited. While terrorists of the past had to sacrifice their lives or liberty to create major incidents, today they don’t even have to leave the comfort or their own home. Furthermore, these vulnerabilities don’t have to be exploited for classic, terrorist motives. They can also be used for anonymous extortion of corporations/governments, because attacks can be targeted in an exceptional fashion. 2//WHY A CYBER 9/11 IS IMMINENT On July 29th, 2014 Israel became victim to a cyber attack, in which Chinese hackers exploited their “Iron Dome” missile system, which protects the State of Israel from the rocket attacks originating from territories of their surrounding adversaries. This was the most recent example of exploits in network-connected infrastructure, outlining the massive vulnerabilities even in newer systems being deployed, preceded by the “Stuxnet” virus, which was probably the first publicly known incident in which a piece of software was
CREATING THE LEADERS OF THE DIGITAL ECONOMY Lars Hilse – Digital Strategy Consultants Eichstrasse 10 B | 25767 Bunsoh | Germany +1 (949) 208 4181 | +49 (0)4835 9513027 | +44 (0)845 5089559 WWW.LARSHILSE.COM used to destroy/alter a piece of network-connected infrastructure. Two main factors, which create a majority of the aforementioned vulnerabilities, are • The ever increasing demand for network connected infrastructure, and • The decreasing quality in software, or it’s so called End-of-Life When combined with the negligence towards technological advancement of governments attempting to create policy to reduce such risks, the potential devastation becomes incomprehensible. 3//INCREASING USAGE OF NETWORK CONNECTED INFRASTRUCTURE The exponential increase in network-connected infrastructure is due to two main factors: • Convenience and cost reduction in operational systems • Monitoring the operation decentralized/without human assets being on location This exponential increase, while bringing economic benefits along with them, create gaping holes in any organization’s infrastructure because their deployment is - more often than not - run on a tight budget, and/or are not sufficiently supervised during installation. Furthermore, a lot of the operators of such systems are insufficiently trained to understand the background of the system they are handling. This leads to a combination of critical factors, making anything from a traffic light to a power plant very vulnerable.
CREATING THE LEADERS OF THE DIGITAL ECONOMY Lars Hilse – Digital Strategy Consultants Eichstrasse 10 B | 25767 Bunsoh | Germany +1 (949) 208 4181 | +49 (0)4835 9513027 | +44 (0)845 5089559 WWW.LARSHILSE.COM 4//DECREASING SOFTWARE-QUALITY & END-OF-LIFE After Microsoft released Windows XP, it became clear that a majority of the focus on security had been sacrificed for the benefit of such things as “Windows XP Media Center Edition” and other gadgets built into operating systems. This diversion was the start to the creation of more consumer-focused operating systems with gaping security vulnerabilities, which can be exploited in any number of ways. Further, Windows XP was the last operating system capable of running a majority of the software, which in turn controlled the connected SCADAs, PLCs, and other network connected infrastructure interfaces of the world. XP’s end-of-life/end-of-support in early 2014 has increased the threat of exploitation of such systems significantly, as a majority of companies operating XP cannot/will not afford the continued maintenance offered through Microsoft at additional costs. The end-of-life-problem also applies for software written to control the interfaces between the operating system and the controller. The controllers are a difficulty by themselves because their average lifespan significantly exceeds that of the software running it, or the operating systems, which support them. In addition to this, the lifecycles of the operating systems have also shortened. Besides many other factors, it’s the lack of imagination and negligence towards such threats that elevates them significantly. 5//VULNERABILITIY PROLIFERATION OF NETWORK CONNECTED INFRASTRUCTURE For over 2 years I have been investigating the “Deep Web” and Bitcoin, exploiting terrorists using these channels to communicate and transfer funds anonymously. While the extent of these communications isn’t that far spread (yet), I recently discovered the standard passwords and other vulnerabilities of SCADAs and other systems controlling network-connected infrastructure.
CREATING THE LEADERS OF THE DIGITAL ECONOMY Lars Hilse – Digital Strategy Consultants Eichstrasse 10 B | 25767 Bunsoh | Germany +1 (949) 208 4181 | +49 (0)4835 9513027 | +44 (0)845 5089559 WWW.LARSHILSE.COM Exploiting these vulnerabilities can have significant consequences, because an ever-increasing amount of everyday infrastructure is controlled remotely through the Internet. Most of these systems are protected more of less sufficiently from the “outside world”, but once these protection methods have been circumvented, the systems controlling anything from a traffic light to a power plant, are freely accessible. 6//CONCLUSION For over two years I have been researching the “Deep Web” and Bitcoin, revealing a lot of startling crimes being committed therein and financed through Bitcoin. What makes these two elements of the Internet so attractive to criminals and terrorists is the fact that it provides • Almost absolute anonymity in communication through Email and other services • Untraceable money transfer across borders, even in large sums, with ways to obscure transactions Russia recently put out over USD $110.000 for anyone that can make usage of the Deep Web through TOR traceable. Looking at the criminal complaint filed against Ross Ulbricht makes it evident, that his apprehension in context to allegedly running Silk Road, the Deep Web’s number one site for drug trade (USD $1.2B transactions within 2 years), was only possible because he made mistakes in the founding stages of his endeavor. Resulting thereof, it is safe to assume that had these mistakes been avoided, the Silk Road would still be in operation. When these to major elements are combined with the fact that the world has tens of thousands vulnerabilities for criminal elements to exploit, the next step of assembling a team of specialists is just a matter time.

Recomendados

Information Security – Review Of 2008 And 2009 97 2003
Information Security – Review Of 2008 And 2009 97 2003Information Security – Review Of 2008 And 2009 97 2003
Information Security – Review Of 2008 And 2009 97 2003Graeme Payne
 
Meletis Belsis - THE MULTIMEDIA APPROACH: AN EXTRA LAYER OF DEFENCE IN THE EN...
Meletis Belsis - THE MULTIMEDIA APPROACH: AN EXTRA LAYER OF DEFENCE IN THE EN...Meletis Belsis - THE MULTIMEDIA APPROACH: AN EXTRA LAYER OF DEFENCE IN THE EN...
Meletis Belsis - THE MULTIMEDIA APPROACH: AN EXTRA LAYER OF DEFENCE IN THE EN...Meletis Belsis MPhil/MRes/BSc
 
Cyber Security at CTX15, London
Cyber Security at CTX15, LondonCyber Security at CTX15, London
Cyber Security at CTX15, LondonJohn Palfreyman
 
Digital Strategy
Digital StrategyDigital Strategy
Digital StrategyLars Hilse Global Thought Leader in #CyberSecurity, #CyberTerrorism, #CyberDefence, #CyberCrime
 
Digital toolbox 2014
Digital toolbox 2014Digital toolbox 2014
Digital toolbox 2014mswilsonri
 
ISIS Cyber Terrorism Analysis
ISIS Cyber Terrorism AnalysisISIS Cyber Terrorism Analysis
ISIS Cyber Terrorism AnalysisLars Hilse Global Thought Leader in #CyberSecurity, #CyberTerrorism, #CyberDefence, #CyberCrime
 
Reference Article1st published in May 2015doi 10.1049etr.docx
Reference Article1st published in May 2015doi 10.1049etr.docxReference Article1st published in May 2015doi 10.1049etr.docx
Reference Article1st published in May 2015doi 10.1049etr.docxlorent8
 
TLC220_2014_S1_ResearchEssay_DinesR_31510992_Monday_1030am
TLC220_2014_S1_ResearchEssay_DinesR_31510992_Monday_1030amTLC220_2014_S1_ResearchEssay_DinesR_31510992_Monday_1030am
TLC220_2014_S1_ResearchEssay_DinesR_31510992_Monday_1030amRod Dines
 

Recomendados

Information Security – Review Of 2008 And 2009 97 2003
Information Security – Review Of 2008 And 2009 97 2003Information Security – Review Of 2008 And 2009 97 2003
Information Security – Review Of 2008 And 2009 97 2003Graeme Payne
 
Meletis Belsis - THE MULTIMEDIA APPROACH: AN EXTRA LAYER OF DEFENCE IN THE EN...
Meletis Belsis - THE MULTIMEDIA APPROACH: AN EXTRA LAYER OF DEFENCE IN THE EN...Meletis Belsis - THE MULTIMEDIA APPROACH: AN EXTRA LAYER OF DEFENCE IN THE EN...
Meletis Belsis - THE MULTIMEDIA APPROACH: AN EXTRA LAYER OF DEFENCE IN THE EN...Meletis Belsis MPhil/MRes/BSc
 
Cyber Security at CTX15, London
Cyber Security at CTX15, LondonCyber Security at CTX15, London
Cyber Security at CTX15, LondonJohn Palfreyman
 
Digital Strategy
Digital StrategyDigital Strategy
Digital StrategyLars Hilse Global Thought Leader in #CyberSecurity, #CyberTerrorism, #CyberDefence, #CyberCrime
 
Digital toolbox 2014
Digital toolbox 2014Digital toolbox 2014
Digital toolbox 2014mswilsonri
 
ISIS Cyber Terrorism Analysis
ISIS Cyber Terrorism AnalysisISIS Cyber Terrorism Analysis
ISIS Cyber Terrorism AnalysisLars Hilse Global Thought Leader in #CyberSecurity, #CyberTerrorism, #CyberDefence, #CyberCrime
 
Reference Article1st published in May 2015doi 10.1049etr.docx
Reference Article1st published in May 2015doi 10.1049etr.docxReference Article1st published in May 2015doi 10.1049etr.docx
Reference Article1st published in May 2015doi 10.1049etr.docxlorent8
 
TLC220_2014_S1_ResearchEssay_DinesR_31510992_Monday_1030am
TLC220_2014_S1_ResearchEssay_DinesR_31510992_Monday_1030amTLC220_2014_S1_ResearchEssay_DinesR_31510992_Monday_1030am
TLC220_2014_S1_ResearchEssay_DinesR_31510992_Monday_1030amRod Dines
 
UPDATED - Analysis of exposed ICS / SCADA and IoT systems in Europe
UPDATED - Analysis of exposed ICS / SCADA and IoT systems in EuropeUPDATED - Analysis of exposed ICS / SCADA and IoT systems in Europe
UPDATED - Analysis of exposed ICS / SCADA and IoT systems in EuropeFrancesco Faenzi
 
Cloud Forensics: Drawbacks in Current Methodologies and Proposed Solution
Cloud Forensics: Drawbacks in Current Methodologies and Proposed SolutionCloud Forensics: Drawbacks in Current Methodologies and Proposed Solution
Cloud Forensics: Drawbacks in Current Methodologies and Proposed SolutionIJERA Editor
 
2016 payment threats trends report
2016 payment threats trends report2016 payment threats trends report
2016 payment threats trends reportIan Beckett
 
Cyber security colombo meetup
Cyber security colombo meetupCyber security colombo meetup
Cyber security colombo meetupEguardian Global Services
 
Ot ics cyberattaques dans les organisations industrielles
Ot ics cyberattaques dans les organisations industrielles Ot ics cyberattaques dans les organisations industrielles
Ot ics cyberattaques dans les organisations industrielles Cisco Canada
 
SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS
SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMSSECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS
SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMSMarco Lisi
 
cybersecurity essay.docx
cybersecurity essay.docxcybersecurity essay.docx
cybersecurity essay.docxssuser719d6b
 
Trends in Cybersecurity - DNUG Stammtisch Wien
Trends in Cybersecurity - DNUG Stammtisch Wien Trends in Cybersecurity - DNUG Stammtisch Wien
Trends in Cybersecurity - DNUG Stammtisch Wien DNUG e.V.
 
International Cyber Security 2012
International Cyber Security 2012International Cyber Security 2012
International Cyber Security 2012Sharmin Ahammad
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityBryCunal
 
Government-ForeScout-Solution-Brief
Government-ForeScout-Solution-BriefGovernment-ForeScout-Solution-Brief
Government-ForeScout-Solution-BriefJonathan Reyes
 
Trustless Computing Initiative
Trustless Computing InitiativeTrustless Computing Initiative
Trustless Computing InitiativeTRUSTLESS.AI
 
Analysis of exposed ICS//SCADA/IoT systems in Europe
Analysis of exposed ICS//SCADA/IoT systems in EuropeAnalysis of exposed ICS//SCADA/IoT systems in Europe
Analysis of exposed ICS//SCADA/IoT systems in EuropeFrancesco Faenzi
 
Inria - Cybersecurity: current challenges and Inria’s research directions
Inria - Cybersecurity: current challenges and Inria’s research directionsInria - Cybersecurity: current challenges and Inria’s research directions
Inria - Cybersecurity: current challenges and Inria’s research directionsInria
 
Security in Large, Strategic and Complex Systems: Challenges and Solutions_Li...
Security in Large, Strategic and Complex Systems: Challenges and Solutions_Li...Security in Large, Strategic and Complex Systems: Challenges and Solutions_Li...
Security in Large, Strategic and Complex Systems: Challenges and Solutions_Li...Marco Lisi
 
DRIVE | high tech industry? think again! (part 2)
DRIVE | high tech industry? think again! (part 2)DRIVE | high tech industry? think again! (part 2)
DRIVE | high tech industry? think again! (part 2)CLICKNL
 
Advanced Persistent Threat in ICS/SCADA/IOT world: a case study
Advanced Persistent Threat in ICS/SCADA/IOT world: a case studyAdvanced Persistent Threat in ICS/SCADA/IOT world: a case study
Advanced Persistent Threat in ICS/SCADA/IOT world: a case studyFrancesco Faenzi
 
Open Source Insight: Amazon Servers Exposed Open Source & the Public Sector...
Open Source Insight: Amazon Servers Exposed Open Source & the Public Sector...Open Source Insight: Amazon Servers Exposed Open Source & the Public Sector...
Open Source Insight: Amazon Servers Exposed Open Source & the Public Sector...Black Duck by Synopsys
 
Strengthening Critical Infrastructure Security.pdf
Strengthening Critical Infrastructure Security.pdfStrengthening Critical Infrastructure Security.pdf
Strengthening Critical Infrastructure Security.pdfssuserc1c354
 
SCADA White Paper March2012
SCADA White Paper March2012SCADA White Paper March2012
SCADA White Paper March2012James Collinge, CISSP
 
Human-AI Collaboration for Virtual Capacity in Emergency Operation Centers (E...
Human-AI Collaboration for Virtual Capacity in Emergency Operation Centers (E...Human-AI Collaboration for Virtual Capacity in Emergency Operation Centers (E...
Human-AI Collaboration for Virtual Capacity in Emergency Operation Centers (E...Hemant Purohit
 
CBO’s Recent Appeals for New Research on Health-Related Topics
CBO’s Recent Appeals for New Research on Health-Related TopicsCBO’s Recent Appeals for New Research on Health-Related Topics
CBO’s Recent Appeals for New Research on Health-Related TopicsCongressional Budget Office
 

Mais conteúdo relacionado

Semelhante a Why there will be a Cyber-9/11. Soon (Cyber security, cybercrime, terrorism)

UPDATED - Analysis of exposed ICS / SCADA and IoT systems in Europe
UPDATED - Analysis of exposed ICS / SCADA and IoT systems in EuropeUPDATED - Analysis of exposed ICS / SCADA and IoT systems in Europe
UPDATED - Analysis of exposed ICS / SCADA and IoT systems in EuropeFrancesco Faenzi
 
Cloud Forensics: Drawbacks in Current Methodologies and Proposed Solution
Cloud Forensics: Drawbacks in Current Methodologies and Proposed SolutionCloud Forensics: Drawbacks in Current Methodologies and Proposed Solution
Cloud Forensics: Drawbacks in Current Methodologies and Proposed SolutionIJERA Editor
 
2016 payment threats trends report
2016 payment threats trends report2016 payment threats trends report
2016 payment threats trends reportIan Beckett
 
Ot ics cyberattaques dans les organisations industrielles
Ot ics cyberattaques dans les organisations industrielles Ot ics cyberattaques dans les organisations industrielles
Ot ics cyberattaques dans les organisations industrielles Cisco Canada
 
SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS
SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMSSECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS
SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMSMarco Lisi
 
cybersecurity essay.docx
cybersecurity essay.docxcybersecurity essay.docx
cybersecurity essay.docxssuser719d6b
 
Trends in Cybersecurity - DNUG Stammtisch Wien
Trends in Cybersecurity - DNUG Stammtisch Wien Trends in Cybersecurity - DNUG Stammtisch Wien
Trends in Cybersecurity - DNUG Stammtisch Wien DNUG e.V.
 
International Cyber Security 2012
International Cyber Security 2012International Cyber Security 2012
International Cyber Security 2012Sharmin Ahammad
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityBryCunal
 
Government-ForeScout-Solution-Brief
Government-ForeScout-Solution-BriefGovernment-ForeScout-Solution-Brief
Government-ForeScout-Solution-BriefJonathan Reyes
 
Trustless Computing Initiative
Trustless Computing InitiativeTrustless Computing Initiative
Trustless Computing InitiativeTRUSTLESS.AI
 
Analysis of exposed ICS//SCADA/IoT systems in Europe
Analysis of exposed ICS//SCADA/IoT systems in EuropeAnalysis of exposed ICS//SCADA/IoT systems in Europe
Analysis of exposed ICS//SCADA/IoT systems in EuropeFrancesco Faenzi
 
Inria - Cybersecurity: current challenges and Inria’s research directions
Inria - Cybersecurity: current challenges and Inria’s research directionsInria - Cybersecurity: current challenges and Inria’s research directions
Inria - Cybersecurity: current challenges and Inria’s research directionsInria
 
Security in Large, Strategic and Complex Systems: Challenges and Solutions_Li...
Security in Large, Strategic and Complex Systems: Challenges and Solutions_Li...Security in Large, Strategic and Complex Systems: Challenges and Solutions_Li...
Security in Large, Strategic and Complex Systems: Challenges and Solutions_Li...Marco Lisi
 
DRIVE | high tech industry? think again! (part 2)
DRIVE | high tech industry? think again! (part 2)DRIVE | high tech industry? think again! (part 2)
DRIVE | high tech industry? think again! (part 2)CLICKNL
 
Advanced Persistent Threat in ICS/SCADA/IOT world: a case study
Advanced Persistent Threat in ICS/SCADA/IOT world: a case studyAdvanced Persistent Threat in ICS/SCADA/IOT world: a case study
Advanced Persistent Threat in ICS/SCADA/IOT world: a case studyFrancesco Faenzi
 
Open Source Insight: Amazon Servers Exposed Open Source & the Public Sector...
Open Source Insight: Amazon Servers Exposed Open Source & the Public Sector...Open Source Insight: Amazon Servers Exposed Open Source & the Public Sector...
Open Source Insight: Amazon Servers Exposed Open Source & the Public Sector...Black Duck by Synopsys
 
Strengthening Critical Infrastructure Security.pdf
Strengthening Critical Infrastructure Security.pdfStrengthening Critical Infrastructure Security.pdf
Strengthening Critical Infrastructure Security.pdfssuserc1c354
 

Semelhante a Why there will be a Cyber-9/11. Soon (Cyber security, cybercrime, terrorism) (20)

UPDATED - Analysis of exposed ICS / SCADA and IoT systems in Europe
UPDATED - Analysis of exposed ICS / SCADA and IoT systems in EuropeUPDATED - Analysis of exposed ICS / SCADA and IoT systems in Europe
UPDATED - Analysis of exposed ICS / SCADA and IoT systems in Europe
 
Cloud Forensics: Drawbacks in Current Methodologies and Proposed Solution
Cloud Forensics: Drawbacks in Current Methodologies and Proposed SolutionCloud Forensics: Drawbacks in Current Methodologies and Proposed Solution
Cloud Forensics: Drawbacks in Current Methodologies and Proposed Solution
 
2016 payment threats trends report
2016 payment threats trends report2016 payment threats trends report
2016 payment threats trends report
 
Cyber security colombo meetup
Cyber security colombo meetupCyber security colombo meetup
Cyber security colombo meetup
 
Ot ics cyberattaques dans les organisations industrielles
Ot ics cyberattaques dans les organisations industrielles Ot ics cyberattaques dans les organisations industrielles
Ot ics cyberattaques dans les organisations industrielles
 
SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS
SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMSSECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS
SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS
 
cybersecurity essay.docx
cybersecurity essay.docxcybersecurity essay.docx
cybersecurity essay.docx
 
Trends in Cybersecurity - DNUG Stammtisch Wien
Trends in Cybersecurity - DNUG Stammtisch Wien Trends in Cybersecurity - DNUG Stammtisch Wien
Trends in Cybersecurity - DNUG Stammtisch Wien
 
International Cyber Security 2012
International Cyber Security 2012International Cyber Security 2012
International Cyber Security 2012
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Government-ForeScout-Solution-Brief
Government-ForeScout-Solution-BriefGovernment-ForeScout-Solution-Brief
Government-ForeScout-Solution-Brief
 
Trustless Computing Initiative
Trustless Computing InitiativeTrustless Computing Initiative
Trustless Computing Initiative
 
Analysis of exposed ICS//SCADA/IoT systems in Europe
Analysis of exposed ICS//SCADA/IoT systems in EuropeAnalysis of exposed ICS//SCADA/IoT systems in Europe
Analysis of exposed ICS//SCADA/IoT systems in Europe
 
Inria - Cybersecurity: current challenges and Inria’s research directions
Inria - Cybersecurity: current challenges and Inria’s research directionsInria - Cybersecurity: current challenges and Inria’s research directions
Inria - Cybersecurity: current challenges and Inria’s research directions
 
Security in Large, Strategic and Complex Systems: Challenges and Solutions_Li...
Security in Large, Strategic and Complex Systems: Challenges and Solutions_Li...Security in Large, Strategic and Complex Systems: Challenges and Solutions_Li...
Security in Large, Strategic and Complex Systems: Challenges and Solutions_Li...
 
DRIVE | high tech industry? think again! (part 2)
DRIVE | high tech industry? think again! (part 2)DRIVE | high tech industry? think again! (part 2)
DRIVE | high tech industry? think again! (part 2)
 
Advanced Persistent Threat in ICS/SCADA/IOT world: a case study
Advanced Persistent Threat in ICS/SCADA/IOT world: a case studyAdvanced Persistent Threat in ICS/SCADA/IOT world: a case study
Advanced Persistent Threat in ICS/SCADA/IOT world: a case study
 
Open Source Insight: Amazon Servers Exposed Open Source & the Public Sector...
Open Source Insight: Amazon Servers Exposed Open Source & the Public Sector...Open Source Insight: Amazon Servers Exposed Open Source & the Public Sector...
Open Source Insight: Amazon Servers Exposed Open Source & the Public Sector...
 
Strengthening Critical Infrastructure Security.pdf
Strengthening Critical Infrastructure Security.pdfStrengthening Critical Infrastructure Security.pdf
Strengthening Critical Infrastructure Security.pdf
 
SCADA White Paper March2012
SCADA White Paper March2012SCADA White Paper March2012
SCADA White Paper March2012
 

Último

Human-AI Collaboration for Virtual Capacity in Emergency Operation Centers (E...
Human-AI Collaboration for Virtual Capacity in Emergency Operation Centers (E...Human-AI Collaboration for Virtual Capacity in Emergency Operation Centers (E...
Human-AI Collaboration for Virtual Capacity in Emergency Operation Centers (E...Hemant Purohit
 
CBO’s Recent Appeals for New Research on Health-Related Topics
CBO’s Recent Appeals for New Research on Health-Related TopicsCBO’s Recent Appeals for New Research on Health-Related Topics
CBO’s Recent Appeals for New Research on Health-Related TopicsCongressional Budget Office
 
(DIVYA) Call Girls Wakad ( 7001035870 ) HI-Fi Pune Escorts Service
(DIVYA) Call Girls Wakad ( 7001035870 ) HI-Fi Pune Escorts Service(DIVYA) Call Girls Wakad ( 7001035870 ) HI-Fi Pune Escorts Service
(DIVYA) Call Girls Wakad ( 7001035870 ) HI-Fi Pune Escorts Serviceranjana rawat
 
Top Rated Pune Call Girls Hadapsar ⟟ 6297143586 ⟟ Call Me For Genuine Sex Se...
Top Rated Pune Call Girls Hadapsar ⟟ 6297143586 ⟟ Call Me For Genuine Sex Se...Top Rated Pune Call Girls Hadapsar ⟟ 6297143586 ⟟ Call Me For Genuine Sex Se...
Top Rated Pune Call Girls Hadapsar ⟟ 6297143586 ⟟ Call Me For Genuine Sex Se...Call Girls in Nagpur High Profile
 
Call Girls Nanded City Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Nanded City Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Nanded City Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Nanded City Call Me 7737669865 Budget Friendly No Advance Bookingroncy bisnoi
 
Booking open Available Pune Call Girls Shukrawar Peth 6297143586 Call Hot In...
Booking open Available Pune Call Girls Shukrawar Peth 6297143586 Call Hot In...Booking open Available Pune Call Girls Shukrawar Peth 6297143586 Call Hot In...
Booking open Available Pune Call Girls Shukrawar Peth 6297143586 Call Hot In...tanu pandey
 
2024: The FAR, Federal Acquisition Regulations - Part 29
2024: The FAR, Federal Acquisition Regulations - Part 292024: The FAR, Federal Acquisition Regulations - Part 29
2024: The FAR, Federal Acquisition Regulations - Part 29JSchaus & Associates
 
Call On 6297143586 Viman Nagar Call Girls In All Pune 24/7 Provide Call With...
Call On 6297143586 Viman Nagar Call Girls In All Pune 24/7 Provide Call With...Call On 6297143586 Viman Nagar Call Girls In All Pune 24/7 Provide Call With...
Call On 6297143586 Viman Nagar Call Girls In All Pune 24/7 Provide Call With...tanu pandey
 
Item # 4 - 231 Encino Ave (Significance Only).pdf
Item # 4 - 231 Encino Ave (Significance Only).pdfItem # 4 - 231 Encino Ave (Significance Only).pdf
Item # 4 - 231 Encino Ave (Significance Only).pdfahcitycouncil
 
(NEHA) Bhosari Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(NEHA) Bhosari Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts(NEHA) Bhosari Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(NEHA) Bhosari Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escortsranjana rawat
 
PPT Item # 4 - 231 Encino Ave (Significance Only)
PPT Item # 4 - 231 Encino Ave (Significance Only)PPT Item # 4 - 231 Encino Ave (Significance Only)
PPT Item # 4 - 231 Encino Ave (Significance Only)ahcitycouncil
 
The Most Attractive Pune Call Girls Handewadi Road 8250192130 Will You Miss T...
The Most Attractive Pune Call Girls Handewadi Road 8250192130 Will You Miss T...The Most Attractive Pune Call Girls Handewadi Road 8250192130 Will You Miss T...
The Most Attractive Pune Call Girls Handewadi Road 8250192130 Will You Miss T...ranjana rawat
 
Call Girls Chakan Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Chakan Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Chakan Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Chakan Call Me 7737669865 Budget Friendly No Advance Bookingroncy bisnoi
 
2024: The FAR, Federal Acquisition Regulations - Part 28
2024: The FAR, Federal Acquisition Regulations - Part 282024: The FAR, Federal Acquisition Regulations - Part 28
2024: The FAR, Federal Acquisition Regulations - Part 28JSchaus & Associates
 
2024 Zoom Reinstein Legacy Asbestos Webinar
2024 Zoom Reinstein Legacy Asbestos Webinar2024 Zoom Reinstein Legacy Asbestos Webinar
2024 Zoom Reinstein Legacy Asbestos WebinarLinda Reinstein
 
EDUROOT SME_ Performance upto March-2024.pptx
EDUROOT SME_ Performance upto March-2024.pptxEDUROOT SME_ Performance upto March-2024.pptx
EDUROOT SME_ Performance upto March-2024.pptxaaryamanorathofficia
 
The U.S. Budget and Economic Outlook (Presentation)
The U.S. Budget and Economic Outlook (Presentation)The U.S. Budget and Economic Outlook (Presentation)
The U.S. Budget and Economic Outlook (Presentation)Congressional Budget Office
 

Último (20)

Human-AI Collaboration for Virtual Capacity in Emergency Operation Centers (E...
Human-AI Collaboration for Virtual Capacity in Emergency Operation Centers (E...Human-AI Collaboration for Virtual Capacity in Emergency Operation Centers (E...
Human-AI Collaboration for Virtual Capacity in Emergency Operation Centers (E...
 
CBO’s Recent Appeals for New Research on Health-Related Topics
CBO’s Recent Appeals for New Research on Health-Related TopicsCBO’s Recent Appeals for New Research on Health-Related Topics
CBO’s Recent Appeals for New Research on Health-Related Topics
 
(DIVYA) Call Girls Wakad ( 7001035870 ) HI-Fi Pune Escorts Service
(DIVYA) Call Girls Wakad ( 7001035870 ) HI-Fi Pune Escorts Service(DIVYA) Call Girls Wakad ( 7001035870 ) HI-Fi Pune Escorts Service
(DIVYA) Call Girls Wakad ( 7001035870 ) HI-Fi Pune Escorts Service
 
Top Rated Pune Call Girls Hadapsar ⟟ 6297143586 ⟟ Call Me For Genuine Sex Se...
Top Rated Pune Call Girls Hadapsar ⟟ 6297143586 ⟟ Call Me For Genuine Sex Se...Top Rated Pune Call Girls Hadapsar ⟟ 6297143586 ⟟ Call Me For Genuine Sex Se...
Top Rated Pune Call Girls Hadapsar ⟟ 6297143586 ⟟ Call Me For Genuine Sex Se...
 
Rohini Sector 37 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 37 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 37 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 37 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
 
Call Girls Nanded City Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Nanded City Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Nanded City Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Nanded City Call Me 7737669865 Budget Friendly No Advance Booking
 
Booking open Available Pune Call Girls Shukrawar Peth 6297143586 Call Hot In...
Booking open Available Pune Call Girls Shukrawar Peth 6297143586 Call Hot In...Booking open Available Pune Call Girls Shukrawar Peth 6297143586 Call Hot In...
Booking open Available Pune Call Girls Shukrawar Peth 6297143586 Call Hot In...
 
2024: The FAR, Federal Acquisition Regulations - Part 29
2024: The FAR, Federal Acquisition Regulations - Part 292024: The FAR, Federal Acquisition Regulations - Part 29
2024: The FAR, Federal Acquisition Regulations - Part 29
 
Call On 6297143586 Viman Nagar Call Girls In All Pune 24/7 Provide Call With...
Call On 6297143586 Viman Nagar Call Girls In All Pune 24/7 Provide Call With...Call On 6297143586 Viman Nagar Call Girls In All Pune 24/7 Provide Call With...
Call On 6297143586 Viman Nagar Call Girls In All Pune 24/7 Provide Call With...
 
Item # 4 - 231 Encino Ave (Significance Only).pdf
Item # 4 - 231 Encino Ave (Significance Only).pdfItem # 4 - 231 Encino Ave (Significance Only).pdf
Item # 4 - 231 Encino Ave (Significance Only).pdf
 
Call Girls In Rohini ꧁❤ 🔝 9953056974🔝❤꧂ Escort ServiCe
Call Girls In Rohini ꧁❤ 🔝 9953056974🔝❤꧂ Escort ServiCeCall Girls In Rohini ꧁❤ 🔝 9953056974🔝❤꧂ Escort ServiCe
Call Girls In Rohini ꧁❤ 🔝 9953056974🔝❤꧂ Escort ServiCe
 
(NEHA) Bhosari Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(NEHA) Bhosari Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts(NEHA) Bhosari Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(NEHA) Bhosari Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
 
PPT Item # 4 - 231 Encino Ave (Significance Only)
PPT Item # 4 - 231 Encino Ave (Significance Only)PPT Item # 4 - 231 Encino Ave (Significance Only)
PPT Item # 4 - 231 Encino Ave (Significance Only)
 
The Most Attractive Pune Call Girls Handewadi Road 8250192130 Will You Miss T...
The Most Attractive Pune Call Girls Handewadi Road 8250192130 Will You Miss T...The Most Attractive Pune Call Girls Handewadi Road 8250192130 Will You Miss T...
The Most Attractive Pune Call Girls Handewadi Road 8250192130 Will You Miss T...
 
Call Girls Chakan Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Chakan Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Chakan Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Chakan Call Me 7737669865 Budget Friendly No Advance Booking
 
2024: The FAR, Federal Acquisition Regulations - Part 28
2024: The FAR, Federal Acquisition Regulations - Part 282024: The FAR, Federal Acquisition Regulations - Part 28
2024: The FAR, Federal Acquisition Regulations - Part 28
 
Call Girls Service Connaught Place @9999965857 Delhi 🫦 No Advance VVIP 🍎 SER...
Call Girls Service Connaught Place @9999965857 Delhi 🫦 No Advance VVIP 🍎 SER...Call Girls Service Connaught Place @9999965857 Delhi 🫦 No Advance VVIP 🍎 SER...
Call Girls Service Connaught Place @9999965857 Delhi 🫦 No Advance VVIP 🍎 SER...
 
2024 Zoom Reinstein Legacy Asbestos Webinar
2024 Zoom Reinstein Legacy Asbestos Webinar2024 Zoom Reinstein Legacy Asbestos Webinar
2024 Zoom Reinstein Legacy Asbestos Webinar
 
EDUROOT SME_ Performance upto March-2024.pptx
EDUROOT SME_ Performance upto March-2024.pptxEDUROOT SME_ Performance upto March-2024.pptx
EDUROOT SME_ Performance upto March-2024.pptx
 
The U.S. Budget and Economic Outlook (Presentation)
The U.S. Budget and Economic Outlook (Presentation)The U.S. Budget and Economic Outlook (Presentation)
The U.S. Budget and Economic Outlook (Presentation)
 

Why there will be a Cyber-9/11. Soon (Cyber security, cybercrime, terrorism)

  • 1. CREATING THE LEADERS OF THE DIGITAL ECONOMY Lars Hilse – Digital Strategy Consultants Eichstrasse 10 B | 25767 Bunsoh | Germany +1 (949) 208 4181 | +49 (0)4835 9513027 | +44 (0)845 5089559 WWW.LARSHILSE.COM //WHY THERE WILL BE A CYBER-9/11. SOON Published on July 29 th , 2014 // 1//EXECUTIVE SUMMARY To orchestrate and execute a major cyber terrorism attack, you need to circumvent four major obstacles: • Anonymous communication, so that you cannot be interrupted during the planning • Finding the right specialists with a low ethical standard (or short on cash) • Transferring assets to pay these specialists untraceably across borders • Vulnerable infrastructure you can exploit for such attacks. I have privately funded over two years of research worth over USD $125.000, revealing not only financial crimes with damages in excess of USD $2+ trillion p. a. During the research I have come to the conclusion that the aforementioned obstacles can all be circumvented today, and that vulnerabilities in both in civilian and military infrastructure can be exploited. While terrorists of the past had to sacrifice their lives or liberty to create major incidents, today they don’t even have to leave the comfort or their own home. Furthermore, these vulnerabilities don’t have to be exploited for classic, terrorist motives. They can also be used for anonymous extortion of corporations/governments, because attacks can be targeted in an exceptional fashion. 2//WHY A CYBER 9/11 IS IMMINENT On July 29th, 2014 Israel became victim to a cyber attack, in which Chinese hackers exploited their “Iron Dome” missile system, which protects the State of Israel from the rocket attacks originating from territories of their surrounding adversaries. This was the most recent example of exploits in network-connected infrastructure, outlining the massive vulnerabilities even in newer systems being deployed, preceded by the “Stuxnet” virus, which was probably the first publicly known incident in which a piece of software was
  • 2. CREATING THE LEADERS OF THE DIGITAL ECONOMY Lars Hilse – Digital Strategy Consultants Eichstrasse 10 B | 25767 Bunsoh | Germany +1 (949) 208 4181 | +49 (0)4835 9513027 | +44 (0)845 5089559 WWW.LARSHILSE.COM used to destroy/alter a piece of network-connected infrastructure. Two main factors, which create a majority of the aforementioned vulnerabilities, are • The ever increasing demand for network connected infrastructure, and • The decreasing quality in software, or it’s so called End-of-Life When combined with the negligence towards technological advancement of governments attempting to create policy to reduce such risks, the potential devastation becomes incomprehensible. 3//INCREASING USAGE OF NETWORK CONNECTED INFRASTRUCTURE The exponential increase in network-connected infrastructure is due to two main factors: • Convenience and cost reduction in operational systems • Monitoring the operation decentralized/without human assets being on location This exponential increase, while bringing economic benefits along with them, create gaping holes in any organization’s infrastructure because their deployment is - more often than not - run on a tight budget, and/or are not sufficiently supervised during installation. Furthermore, a lot of the operators of such systems are insufficiently trained to understand the background of the system they are handling. This leads to a combination of critical factors, making anything from a traffic light to a power plant very vulnerable.
  • 3. CREATING THE LEADERS OF THE DIGITAL ECONOMY Lars Hilse – Digital Strategy Consultants Eichstrasse 10 B | 25767 Bunsoh | Germany +1 (949) 208 4181 | +49 (0)4835 9513027 | +44 (0)845 5089559 WWW.LARSHILSE.COM 4//DECREASING SOFTWARE-QUALITY & END-OF-LIFE After Microsoft released Windows XP, it became clear that a majority of the focus on security had been sacrificed for the benefit of such things as “Windows XP Media Center Edition” and other gadgets built into operating systems. This diversion was the start to the creation of more consumer-focused operating systems with gaping security vulnerabilities, which can be exploited in any number of ways. Further, Windows XP was the last operating system capable of running a majority of the software, which in turn controlled the connected SCADAs, PLCs, and other network connected infrastructure interfaces of the world. XP’s end-of-life/end-of-support in early 2014 has increased the threat of exploitation of such systems significantly, as a majority of companies operating XP cannot/will not afford the continued maintenance offered through Microsoft at additional costs. The end-of-life-problem also applies for software written to control the interfaces between the operating system and the controller. The controllers are a difficulty by themselves because their average lifespan significantly exceeds that of the software running it, or the operating systems, which support them. In addition to this, the lifecycles of the operating systems have also shortened. Besides many other factors, it’s the lack of imagination and negligence towards such threats that elevates them significantly. 5//VULNERABILITIY PROLIFERATION OF NETWORK CONNECTED INFRASTRUCTURE For over 2 years I have been investigating the “Deep Web” and Bitcoin, exploiting terrorists using these channels to communicate and transfer funds anonymously. While the extent of these communications isn’t that far spread (yet), I recently discovered the standard passwords and other vulnerabilities of SCADAs and other systems controlling network-connected infrastructure.
  • 4. CREATING THE LEADERS OF THE DIGITAL ECONOMY Lars Hilse – Digital Strategy Consultants Eichstrasse 10 B | 25767 Bunsoh | Germany +1 (949) 208 4181 | +49 (0)4835 9513027 | +44 (0)845 5089559 WWW.LARSHILSE.COM Exploiting these vulnerabilities can have significant consequences, because an ever-increasing amount of everyday infrastructure is controlled remotely through the Internet. Most of these systems are protected more of less sufficiently from the “outside world”, but once these protection methods have been circumvented, the systems controlling anything from a traffic light to a power plant, are freely accessible. 6//CONCLUSION For over two years I have been researching the “Deep Web” and Bitcoin, revealing a lot of startling crimes being committed therein and financed through Bitcoin. What makes these two elements of the Internet so attractive to criminals and terrorists is the fact that it provides • Almost absolute anonymity in communication through Email and other services • Untraceable money transfer across borders, even in large sums, with ways to obscure transactions Russia recently put out over USD $110.000 for anyone that can make usage of the Deep Web through TOR traceable. Looking at the criminal complaint filed against Ross Ulbricht makes it evident, that his apprehension in context to allegedly running Silk Road, the Deep Web’s number one site for drug trade (USD $1.2B transactions within 2 years), was only possible because he made mistakes in the founding stages of his endeavor. Resulting thereof, it is safe to assume that had these mistakes been avoided, the Silk Road would still be in operation. When these to major elements are combined with the fact that the world has tens of thousands vulnerabilities for criminal elements to exploit, the next step of assembling a team of specialists is just a matter time.