Cyber Security and Threats

1. Global Cyber Threats
Professor John Walker CFIP MFSoc CRISC CISM ITPC CITP SIRM FBCS FRSA
© Red-Spike

2. Introduction to the Global Threat
1) Thousands of IT systems are compromised every day, some attacks are based on political
motives, but most commonly to steal money or commercial secrets.
2) The magnitude and tempo of the attacks pose a real threat to Britain's economic security.
3) National Critical Assets are targeted and exposed.
4) Global economic stability is exposed.
5) Internet root-servers under daily attack.
6) High dependencies on computing, infrastructures and a live-by-wire lifestyle.
7) CyberWar, CyberConflict is here!

3. Examples of Compromise
Attendance to an incident requires the First Responder to keep an Open Mind:
2) The magnitude and tempo of the attacks pose a real threat to Globalised economic security.
3) National Critical Assets are targeted and exposed.
4) Inter-nation economic stability is impacted.
5) Internet root-servers under daily attack.
6) High dependencies on computing, infrastructures and a live-by-wire lifestyle.
7) CyberWar, CyberConflict is here!
8) Dependency on Technology increases the potentials of attack or compromise

4. Threat Scale & Position
HIGH RISK
MEDIUM RISK
Hi-Tech, Media, Retail, Industrial Manufacturing etc.
LOW RISK
Non-Profit, Local & SME’s
Governments, Defence,
Banking, Oil & Gas, SCADA,
& Critical Infrastructure.

5. Hackers

6. Non-Disclosure – 911 - Impact
Event on 9/9/2011 [911]
saw 5 Million people impacted by
traffic chaos, flight cancellations
and two Nuclear Reactors being
Closed down – all caused by
one single employee!

7. Hacktivists Threat
5th November, 2012 = DDoS
Pose a High Threat, and are very Motivated

8. Serious-Organised-Crime
Serious-and-Organised Crime Ganges are highly organised, and very successful – consider
Some of the top targets:
 The Public
 Home [WiFi in particular]
 Companies
 Governments
 Banks
 Oil-&-Gas

9. The ‘Chinese’ Threat
"Whether it be the intrusions of
hackers, a major explosion at the
World Trade Centre, or a
bombing attack by bin Laden, all
of these greatly exceed the
frequency bandwidths
understood by the American
military...“
Qiao Liang and Wang Xiangsui
Titan Rain - 2008

10. The Internet
Cyber-Jihad use the Internet to a very effective extent to support their missions.

11. The Statistics
High availability of
information on the
Internet, and the GhostNet
– and its on the rise

12. The ‘Cyber-Terror’ Threat - 1
Cyber-Jihad
vs.
Cyber-Terrorism

13. The ‘Cyber-Terror’ Tools
Cyber-Jihadist Tools and Capabilities:

14. The ‘Cyber-Terror’ Tools - 3
DDoS a speciality:
Copyright SBLTD 2012

15. The ‘AET’
The AET was once considered Hype – but they have been seen in the wild, and with some
success::
McAfee Firewall
Paloalto
Sourefire
Checkpoint
Juniper

16. The ‘Cyber-Terror’ Tools - 5
Security is accommodated – in some cases to a higher level than most organisations:

17. The ‘Impact’ of Tools - 6
By leveraging free Attack Tools supplied with Linux Speciality Distributions, targeting a LAN based
Windows 8 System, a number of attacks were performed against a Firewalled System – the impact
was a fully compromised systems, broken, and very infected with Malicious Payload – and this from a
GUI environment, with a free, publically available set of tools.

18. The Infamous Teams

19. The Impact
Cyber-Jihadist impact and payload can arrive in many forms:
Attacks on Critical Infrastructure
Promised – and have occurred! - example

20. The ‘Myth’

21. The Response to the Threat
About 80% of known attacks would be defeated by embedding basic information security
Practices and learning from the First Responder Engagements.
Let us consider the opportunities, options, and what you have in place:
?
How many of the aforementioned areas are you covered against?