Upload
others
View
2
Download
0
Embed Size (px)
Citation preview
The Cyber Space is a global system of interconnected computer networks that use the standard Internet Protocol Suite (TCP/IP) to serve billions of users worldwide.The Cyber Space (Internet) can´t whether be owned, sold nor destroyed by someone.
What is the Cyber Space?
… our information society in figures ….
• Internet users in the world: ~ 4,9 Billion (est. pop. of 7,8 bill.)• Broadband subscriptions in the world: ~ 4,0 billion
• There are 5,9 bill. Mobile phones in the world, already ~ 4,3 Bill. of it are with Internet• 750 million Mobile phones in the EU
• 107 trillion emails per year
(~ 90 % are spam!)
• ~ 2,3 bill. user of Facebook
• ~ 1 bill. user of Instagramm
• ~ 500 mio user of Twitter
trojan malware
polymorphism
file infectorexploiting
high
1980 1985 1990 1995 2000
self replicating code
macro virus
backdoors
snifferpacket manipulation
worms
bot nets
denial of service
mobile malware
rootkit/stealth malware
platform independent malware
2010
longrider attacks
DNS spoofing
autonomous bot networks
Construction Kits
2015
fast flux
MPACK
law
XSS
SQL inj.
Decreased understanding of
system architecture
2020
drive by infection
0-day exp.
???
Increasing complexity of successful attacks
IP to HomeIP to MobilityIP to Industry
IP to armed ForcesIP to anything/everybody
Increasing degree of crosslinking (progressive integration of IP-based systems)
Danger
The Threat
StuxnetKedi RAT
WannaDecrypt0r
What are we dealing with?
• 1. Cyber crime – such as identity theft/fraud. In essence this consists of conducting cyber attacks against individuals or private institutions for financial gain.
• 2. Cyber espionage – This is operations conducted for the purposes of information gathering. Targets can include government departments or private sector industries.
• 3. Cyber disinformation/black propaganda - is false information. It istypically used to vilify, embarrass or misrepresent someone/the enemy.
• 4. Cyber terrorism – Defining terrorism itself is difficult and controversial. Defining cyber terrorism is all the more so.
• 5. Cyber warfare – These are military operations by state or non-state actors conducted in cyberspace; for instance an attack on critical infrastructure carried out to achieve political/military aims.
Every state/society can be a target
POLITICAL
MOTIVATION
ECONOMICAL
MOTIVATION
PERSONAL
MOTIVATION
IDEOLOGICAL
MOTIVATION
STATE-SPONSORED CYBERCRIME FAME, RECOGNITION HACKTIVISM
APT
Case Studies (1) – Cyber Terrorism
April 27th, 2007: Cyber attacks against Estonia
Impact: Estonian parliament, banks, ministries, newspapers and broadcasters could not work anymore, telephony from fixed line and mobile failed
Affected: Estonia – Society, Economy, Politics, etc.
Cause: 107 % cell phone coverage, 97 % electronic banking, internet connectivity in all schools and universities, and widely used e-voting and e-governement as evidence of the extent of Estonia’s national networking capacity. Estimated Loss (worldbank): 8 bn Euro in two weeks (!)
First huge DoS-Attack against a country
Case Studies (2) – Attacks against Infrastructure
Aug 14th, 2003: Power failure in the US and Canada
Impact: Public transport broke down; water supply as well as telephony from fixed line and mobile failed, - NO electricity
Affected: ~ 50 Mio people in NY, Detroit, Ottawa, Toronto
Cause: 21 power plants have been closed because Computer-controlled decoupling failed, based on SCADA Systems. SCADA is based on COM/DCOM for Windows
Aug 11th, 2003: First notice of the Blaster-worm, spread on computers running Windows operating systems and using vulnerabilities in the COM/DCOM – switch
Defenders have to protect against all possible channels of attack.
The attackers only have to find one weak point to attack at a time and place of their choice, and that everything even anonymous.
Case Study (3) – Cyber Crime: Ransomware
May, 2017: Thousands of companies worldwide have been
blackmailed
Impact: The Ransomware called WannaDecrypt0r 2.0 encrypts
the data on the attacked computers and makes them
and the network unusable. The user/company has to pay
€ 275 ($ 300) in the internet currency Bitcoin within two
days. If no payment is made after seven days, the data
will be forever encrypted and unusable. The blackmail
letter was written in 28 languages (also Fin) , -
infections in 152 countries.
The biggest blackmail campaign ever