2. Introduction to the Global Threat
1) Thousands of IT systems are compromised every day, some attacks are based on political
motives, but most commonly to steal money or commercial secrets.
2) The magnitude and tempo of the attacks pose a real threat to Britain's economic security.
3) National Critical Assets are targeted and exposed.
4) Global economic stability is exposed.
5) Internet root-servers under daily attack.
6) High dependencies on computing, infrastructures and a live-by-wire lifestyle.
7) CyberWar, CyberConflict is here!
3. Examples of Compromise
Attendance to an incident requires the First Responder to keep an Open Mind:
2) The magnitude and tempo of the attacks pose a real threat to Globalised economic security.
3) National Critical Assets are targeted and exposed.
4) Inter-nation economic stability is impacted.
5) Internet root-servers under daily attack.
6) High dependencies on computing, infrastructures and a live-by-wire lifestyle.
7) CyberWar, CyberConflict is here!
8) Dependency on Technology increases the potentials of attack or compromise
4. Threat Scale & Position
HIGH RISK
MEDIUM RISK
Hi-Tech, Media, Retail, Industrial Manufacturing etc.
LOW RISK
Non-Profit, Local & SME’s
Governments, Defence,
Banking, Oil & Gas, SCADA,
& Critical Infrastructure.
6. Non-Disclosure – 911 - Impact
Event on 9/9/2011 [911]
saw 5 Million people impacted by
traffic chaos, flight cancellations
and two Nuclear Reactors being
Closed down – all caused by
one single employee!
8. Serious-Organised-Crime
Serious-and-Organised Crime Ganges are highly organised, and very successful – consider
Some of the top targets:
The Public
Home [WiFi in particular]
Companies
Governments
Banks
Oil-&-Gas
9. The ‘Chinese’ Threat
"Whether it be the intrusions of
hackers, a major explosion at the
World Trade Centre, or a
bombing attack by bin Laden, all
of these greatly exceed the
frequency bandwidths
understood by the American
military...“
Qiao Liang and Wang Xiangsui
Titan Rain - 2008
15. The ‘AET’
The AET was once considered Hype – but they have been seen in the wild, and with some
success::
McAfee Firewall
Paloalto
Sourefire
Checkpoint
Juniper
16. The ‘Cyber-Terror’ Tools - 5
Security is accommodated – in some cases to a higher level than most organisations:
17. The ‘Impact’ of Tools - 6
By leveraging free Attack Tools supplied with Linux Speciality Distributions, targeting a LAN based
Windows 8 System, a number of attacks were performed against a Firewalled System – the impact
was a fully compromised systems, broken, and very infected with Malicious Payload – and this from a
GUI environment, with a free, publically available set of tools.
21. The Response to the Threat
About 80% of known attacks would be defeated by embedding basic information security
Practices and learning from the First Responder Engagements.
Let us consider the opportunities, options, and what you have in place:
?
How many of the aforementioned areas are you covered against?