Upload
44con
View
280
Download
2
Tags:
Embed Size (px)
DESCRIPTION
What do the Grand Ayatollah Seyyed Ali Hosseini Khamenei, Kim Jong-un, Julius Caesar, Abraham Lincoln, Napoleon Bonaparte and Adolph Hitler have to do with network security? Come and discover the mistakes these dictators made and what they can teach us about network security and how to apply them to our companies and coworkers.
Citation preview
Security Lessons from Dictators
#44Con September 12 th 2013
About me
Jerry GamblinSecurity SpecialistMissouri House Of Representatives
Contact Information:[email protected] @jgamblinwww.jerrygamblin.com
About this talk
History does not repeat itself, but it does rhyme.
- Mark Twain
Security Lessons from Dictators
Insider Threats
Et tu, Brute?
GaiusJuliusCaesarDictator Perpetuo of The Roman Empire
Marcus Junius Brutus49 BC: Fought with Pompey to Greece during the civil war against Caesar.
48 BC: Pardoned by Caesar.
46 BC: Made governor of Gaul.
45 BC: Made Praetor.
44 BC: Murdered Caesar
How does your company defend against insider threats?
Insider Threats
You can not detect and defend from insider threats from behind your keyboard.
Insider Threats
Insider threats are not a technical issue alone.
Insider Threats
People who steal your unprotected information are not hackers.
Edward Snowden2004: Enlisted in the United States Army as a Special Forces recruit.
2005: Security Guard for the National Security Agency
2007: Network Administrator for the State Department
2011: Worked for NSA in Japan.
2012: Contractor for Booze Allen Hamilton.
2013: Leaked NSA surveillance programs to the press.
Could you have identified and stopped Edward Snowden on your network?
Incident Response
Executing of the Duke of Enghien.
Napoleon BonaparteEmperor of France
Louis AntoineDuke of Enghien• Only son of Louis Henri de Bourbon.
• Given the title Duke of Enghien at birth.
• Military school at Commodore de Vinieux.
• Fought in the French Revolutionary Wars against France.
• Married Charlotte de Rohan.
• Arrested for allegedly being part of the Cadoudal–Pichegru conspiracy
Incident Response
C'est pire qu'un crime, c'est une faute
How does your incident response plan look in real life?
How can security professionals handle investigations better?
Hacking Back
Suspending habeas corpus.
Abraham Lincoln 16th President of the United States of America
Hacking Back
You are engaged in repressing an insurrection against the laws of the United States. If at any point on or in the vicinity of any military line which is now or which shall be used between the city of Philadelphia and the city of Washington you find [resistance] which renders it necessary to suspend the writ of habeas corpus for the public safety, you personally or through the officer in command at the point where resistance occurs are authorized to suspend that writ.
Lincoln to General Winfield Scott on April 27, 1861
Article 1. Section 9.of the United States Constitution
The privilege of the writ of habeas corpus shall not be suspended (by congress), unless when in cases of rebellion or invasion the public safety may require it.
Ex parte Merryman
Such is the case now before me, and I can only say that if the authority which the constitution has confided to the judiciary can be usurped by the President the people of the United States are no longer living under a government of laws.
Jon HuntsmanCommission onTheft of American Intellectual Property
Without damaging the intruder’s own network, companies that experience cyber theft ought to be able to retrieve their electronic files or prevent the exploitation of their stolen information.
We'd politely remind them there's a federal criminal statute barring that.
Justice Department's Computer Crime and Intellectual Property Section.
What do you think the future of hacking back (active defense) is?
Advanced Tools Over Proven Techniques
Next Generation Everything!!!!!
I am getting ready to use Adolf Hitler and WWII to make a point about network security. I am not trying to be flippant or disrespectful in the slightest and I understand the extreme cost of war.
Adolf HitlerFührer of Germany
WunderwaffeSturmgewehr 44 - The first assault rifle
Horten Ho 229 - A turbojet flying wing stealth jet fighter/bomber
Flettner Fl 265 - The world's earliest known airworthy synchropter
Schwerer Gustav - An 800mm railway gun
V2 - First human-made object to achieve sub-orbital spaceflight
It has been argued that Germany lost WWII by picking advanced tools over proven techniques…
… just like IT security.
Highly Trained Staff Everyone has a CISSP!
Patch Management System
Next Generation Firewall
Shiny SIEM
New Security Policy Guidelines
No End User Training Unless mandated
End Users Have Admin Rights.
No Auditing of Web Apps.
No one actually checks logs.
Shadow IT has taken over.
Why do security professionals have such a hard time getting the basics right?
Poor Security Awareness Training
USB Drives Don’t Grown In The Desert
Grand Ayatollah SeyedAli Hosseini KhameneiSupreme Leader of Iran
Nuclear Program of Iran
• 1957: The United States and Iran sign a civil nuclear co-operation agreement as part of the U.S. Atoms for Peace program.
• 1968: Iran signs the Nuclear Non-Proliferation Treaty and ratifies it.
• 1979: Iran's Islamic revolution puts a freeze on the existing nuclear program.
• 1982: Iranian officials announced that they planned to build a reactor powered by their own uranium at the Isfahan Nuclear Technology Centre.
• 1995: Iran signs an $800 million contract with the Russian Ministry of Atomic Energy in Busheh.
• 2002: The United States accuses Iran of attempting to make nuclear weapons.
• 2004: Iran removes seals placed upon uranium centrifuges by the International Atomic Energy Agency and resumes construction of the centrifuges at Natanz.
Iranian Nuclear Scientist Killed• Masoud Alimohammadi
• January 12, 2010
• Majid Shahriari
• November 29, 2010
• Fereydoon Abbasi
• November 29, 2010
• Darioush Rezaeinejad
• July 23, 2011
• Mostafa Ahmadi-Roshan
• January 11, 2012
Stuxnet• Computer worm discovered in June 2010
• Written by the US and Israel to attack Iran's nuclear facilities
• Stuxnet infects PLCs by subverting the Step-7 software application that is used to reprogram these devices.
• It is initially spread using USB flash drives.
Bruce Schneier
I personally believe that training users in security is generally a waste of time, and that the money can be spent better elsewhere.
What are your thoughts on security awareness programs?
Misplaced Priorities
Kim Jong-un• First Secretary of the Workers' Party of
Korea
• First Chairman of the National Defense Commission of North Korea
• Commander of the Korean People's Army
North Korean Nuclear ProgramPhase I (1956–80) Start of North Korea’s domestic plutonium production program.
Phase II (1980–94) Growth of North Korea’s domestic plutonium production program.
Phase III (1994–2002) covers the period of the "nuclear freeze".
Phase IV (2002–present) Renewed nuclear activities and tests.
What does your priority list look like for your security program?
Questions?
Contact Info
Jerry GamblinSecurity SpecialistMissouri House Of Representatives
Contact Information:[email protected] @jgamblinwww.jerrygamblin.com
Thank You
Richard Clarke
“If you spend more on printer ink than on IT security, you will be hacked. What's more, you deserve to be hacked."