1 / 13

Cyber Warfare Case Study: Estonia

Cyber Warfare Case Study: Estonia. Jill Wiebke April 5, 2012. What is Cyber Warfare?. Cyber warfare “is a combination of computer network attack and defense and special technical operations” (IEEE)

pakuna
Download Presentation

Cyber Warfare Case Study: Estonia

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Cyber WarfareCase Study: Estonia Jill Wiebke April 5, 2012

  2. What is Cyber Warfare? • Cyber warfare “is a combination of computer network attack and defense and special technical operations” (IEEE) • 8 Principles:Lack of physical limitations Identity & privilegesKinetic effects Dual useStealth Infrastructure controlMutability & inconsistency Information as operational environment

  3. Things to Consider… • Malicious cyber activity: crime, espionage, terrorism, attacks, warfare • Classifications are made by intentions of perpetrator and effect of the act • Definition of cyber attack is inconsistent

  4. Case Study: Estonia • Baltic territory • Capital: Tallinn • Independence in 1918 • Forced into the USSR in 1940 • Regained freedom in 1991, Russian troops left in 1994 • Joined UN in 2001, and NATO and EU in 2004 • Known as an “e-society,” paperless government, electronic voting, etc.

  5. Attacks on Estonia • Who: That’s the real question, isn’t it? • What: Distributed denial of service (DDoS) attacks on government, banks, corporate websites; website defacement • When: April 27, 2009 – May 18, 2007 • Where: Estonia • Why: Another good question… • How: Well-known attack types, but “unparalleled in size;” hundreds of thousands of attack computers

  6. Attack Progression • April 27: Estonian government websites shut down from traffic, defaced • April 30: Estonia began blocking Web addresses ending in .ruIncreased attack sophistication; targets now included media websites attacked by botnets • 1 million computers were unwittingly employed to deploy botnets in US, China, Vietnam, Egypt, Peru • May 1: Estonian ISPs under attack • May 9: Russian victory in WWII – new wave of attacks at Russian midnight • May 10: Banks are attacked

  7. Details • Estonia had just decided to relocate a Soviet WWII memorial • Large, well-organized, well-targeted attacks – not spontaneous – began hours after the memorial was relocated • Malicious traffic indicated political motivation and Russian language background • Instructions for attacking websites were posted in Russian language forums including when, what, and how to attack • Did not accuse Russian government (not enough evidence), but attacks are believed to have originated in Moscow • IP addresses of attackers belong to Russian presidential administration • Russian officials denied any involvement; IPs could have been spoofed

  8. Effects of the Attacks • One person has been convicted – student in Estonia organized a DDoS attack on the website of an Estonian political party • NATO enhanced its “cyber-war capabilities” • Created a “cyber defense research center in Tallinn in 2008” • Cyber Command – Full Operating Capability on Oct 31, 2010

  9. Other Cyber Attack Examples • Georgia • DDOS attacks coincided with Russian invasion in August 2008 • Stuxnet • Worm that targets industrial control systems • Infected Iranian nuclear facilities • Titan Rain • Suspected Chinese attacks on the US since 2003 • “Nearly disrupted power on the West Coast” • Security breaches at defense contracting companies

  10. Magnitude of Cyber Warfare • Attribution • Nation-state actors • Non-state actors • “Hired guns” • Trails end at an ISP • New territory – no rules/standards • Legal territory issues • International laws do not exist yet • Crime of Aggression definition • Impacts

  11. Glimpse at Cyber Warfare Future • The US heavily relies on cyber networks, so a cyber attack could be highly detrimental • Physical impacts • Disable water purification systems • Turn of electricity • Misrouting planes/trains • Opening dams • Melting nuclear reactors • Communication network impacts • Stock market manipulations • Wireless Internet access outages

  12. Why SAs Should Care • Cyber attacks are increasing in threats, frequency, and intensity • Targets range from government entities, banks, corporations, to private businesses • We are the “cyber warriors” and “network ninjas” that will be dealing with the effects of cyber warfare

  13. References • https://www.cia.gov/library/publications/the-world-factbook/geos/en.html • http://www.state.gov/r/pa/ei/bgn/5377.htm • http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=5634434 • http://www.stratcom.mil/factsheets/cyber_command/ • https://docs.google.com/a/utulsa.edu/file/d/0B7yq33Gize8yNjEzNDkxMGMtOWMyNS00ZDJhLTg4MDUtZDUwODQ2YjQwOTIw/edit?pli=1 • http://www.industrialdefender.com/general_downloads/news_industry/2008.04.29_cyber_attacks_p1.pdf • http://www.getgogator.com/News/Content/Articles/Malware/The%20Evolution%20of%20Cyber%20Warfare.pdf • msl1.mit.edu/furdlog/docs/washpost/2007-05-19_washpost_estonia_cyberattacked.pdf • http://www.msnbc.msn.com/id/31801246/ns/technology_and_science-security/t/look-estonias-cyber-attack/#.T3Mt7NmGWW9 • ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6029360&tag=1 • http://www.law.duke.edu/journals/dltr/articles/2010dltr003.html

More Related