1 / 31

“Ask a Scientist”, 2010-2011 7.00 pm @ Acoustic Café

“Ask a Scientist”, 2010-2011 7.00 pm @ Acoustic Café. ( except for January’s  “Ask a Scientist for Kids ”)  Tuesday , October 26 Paul Wagner  (UWEC Computer Science)  
"Computer Security and Cyberwarfare " Tuesday , November 23  
Steve Weiss, M.D. (Luther Hospital)

thomascuevas
Download Presentation

“Ask a Scientist”, 2010-2011 7.00 pm @ Acoustic Café

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. “Ask a Scientist”, 2010-20117.00 pm @ Acoustic Café (except for January’s  “Ask a Scientist for Kids”)  Tuesday, October 26 Paul Wagner (UWEC Computer Science) 
"Computer Security and Cyberwarfare" Tuesday, November 23 
Steve Weiss, M.D. (Luther Hospital) “Power Issues in the Doctor-Patient Relationship” [December – no talk] Saturday, January 22 “Ask a Scientist for Kids” (Eau Claire Childrens’ Museum, 2-4 pm)  Tuesday, February 22 Winnifred Bryant (UWEC Biology) “Environmental Estrogens—Potential Risks to Human Health” Tuesday, March 29 Bev Pierson (Memorial High School) “Astrobiology: the new science of life in the universe” Tuesday, April 26 Paul Thomas (UWEC Physics and Astronomy) “Hot News from Space”

  2. Congratulations! • Dr. Paul Thomas • Recipient of the UW System’s 2010 Regents Teaching Excellence Award • For career achievements in teaching • Only two individual recipients per year in UW System

  3. Computer Security and Cyberwarfare Dr. Paul Wagner wagnerpj@uwec.edu

  4. Messages • Cyberwar is an important evolutionary idea that has the potential for significant effect on all USA and world citizens • Cyberattacks at the level of cyberwar have already occurred, and are occurring with increasing frequency and effect • Cyberwar may be used as a political lever for increased governmental controls on cyberspace

  5. Definition of Cyberwarfare • “Actions by a nation-state to penetrate another nation's computers or networks for the purposes of causing damage or disruption” – Richard A. Clarke, “Cyber War” • “… a new domain in warfare” – William J. Lynn, U.S. Deputy Secretary of Defense

  6. Related Terms and Issues • Cyber-terrorism – parallel definition, different actor • actions by terrorists to penetrate another nation's computers or networks for the purposes of causing damage or disruption • Cyber-spying / cyber-espionage • actions by parties outside of a country or organization to penetrate another nation's computers or networks for the purposes of stealing information • Increasingly difficult to distinguish countries and organizations • Countries may be (increasing evidence that they are) using 3rd parties (organized crime, other organizations) to do their work

  7. Related Issues • Is the term “cyberwar” appropriate? • Nature of warfare has changed • WW II => Vietnam => Iraq / Afghanistan • Does the term overstate or mis-state the issue? • We probably haven’t seen true cyberwar yet • Where is the line between war and espionage, war and terrorism, or war and crime (e.g. theft)?

  8. Malware Terminology • Worms – software that spreads on own with harmful consequences • Virus – malware attached to other software (e.g. email attachment) • Trojan Horse – software that appears to be positive but have harmful effects • Logic bomb – software planted to activate at a later date/time with harmful consequences

  9. Relationship to Traditional Warfare • Cyberwar could be additional domain in traditional warfare • Used as initial stage to reduce command and control facilities, harm national infrastructure, spread propaganda, reduce confidence in government • Could be a standalone approach to warfare • Potential for significant harm to foreign country in the information age

  10. Thematic Issues • Convenience vs. Security • Security and Privacy • Evolution of Cyberattacks • At the beginning: Status • More recently: Financial gain • Now: Political gain

  11. Technological Approaches for Cyberattacks • Three Major Approaches • 1) Break in, steal information • From computer systems or networks • 2) Directly affect functionality of computers or related equipment through use of worms, viruses, logic bombs and/or other malware • 3) Denial of Service (DoS) – flood of messages to computer systems that overwhelms them and renders them non-functional

  12. Infrastructure Subject to Attack • Businesses • Military command and control system • Transportation systems • Air • Rail • Power grid • Manufacturing facilities • Communication systems • …

  13. Scope of Cyberspace • Cyberspace starts with the internet… • Internet = network of networks

  14. Cyberspace (2) • Beyond every computer system that’s connected by wire, cyberspace also includes: • Isolated networks (private, corporate, military) • Laptop and other personal PCs connected some of the time (wireless, modems) • Industrial control machinery, including programmable logic controllers (PLCs) • Industrial robots (connected to PLCs or directly to computers) • Home control equipment (home appliances and their control units) • Mobile devices (smart phones, PDAs, …) • USB and other storage devices

  15. Cyberspace (3)

  16. Why Is Everything Connected? • Convenience • Connect to others through email, world-wide web, social media • Internet service provider can remotely-diagnose problems on your computer • Appliance company can remotely diagnose problems with equipment in your home • City can read your water meter • You can turn on your oven/lights from work • Systems can interact

  17. Four Examples of PossibleCyberwar Activity • Titan Rain (2003-on) • Syria (2007) • Estonia (2007) • Stuxnet Worm (2009-2010)

  18. 1. Titan Rain (2003-on) • Coordinated attacks on US military and industrial computer systems • Access gained to computer systems and networks including Lockheed Martin, Sandia National Laboratories, and NASA • Purpose and identity of attackers remains unclear, though origin appears to be Chinese military • Though could be “through” Chinese military

  19. 2) Syria (Sept. 2007) • Israeli aerial bombing of facility in Syria, alleged nuclear facility being constructed by North Koreans • Syrian air defense networks saw no planes; later found Russian-built radar system screens manipulated to show nothing • Exact cause not known, but options all point to manipulation of software controlling radar system

  20. 3) Estonia (April 2007) • Sometimes referred to as “Web War 1” • Followed Estonia relocating the Bronze Soldier of Talinn, a Russian monument • Sophisticated and large set of denial of service (DoS) attacks on Estonian parliament, banks, ministries, newspapers, other web sites • Severe effect on above institutions for approximately three weeks

  21. 4) Stuxnet Worm • Very complex Windows-specific computer worm that infects computers and connected industrial control equipment (PLCs) • First known worm to attack industrial infrastructure • Spreads through USB thumb drives as well as network connections • Utilizes four “zero-day” exploits • Uses stolen valid security certificates

  22. 4) Stuxnet Worm (cont.) • Initial high rate of infection in Iran, specifically found at nuclear facilities • May be government (Israel, US, UK?) attempt to damage Iranian nuclear facilities • Unclear if delay or damage actually occurred • Worm has spread to many other countries (including large infection of Chinese systems)

  23. Political Issues • Is the threat of cyberwar overstated? • Several experts say yes, including Marc Rotenberg (Electronic Privacy Information Center) and Bruce Schneier (Chief Technology Officer, BT Counterpane) • Issues: • Much hyperbole, “sexy” news • Little distinction by many between cyberwarfare and cyberspying; threats today are more from cyber-espionage • Used to generate additional funding for U.S. cyberdefense efforts • Used to justify efforts to give U.S. government more control over Internet (e.g. control over encryption)

  24. Difficulties in Defense • Many entry points to internet, most networks • Difficult to trace attacks • Many from robot networks (botnets) of compromised PCs • Internet created for convenience, not security • Internet technology does not support easy defense • Unknown capabilities of other nations, groups • So, little deterrence exists • “Security is a process, not a product” – Bruce Schneier • Defenders have to defend against many possible attacks, but attackers only have to find one hole

  25. Difficulties in Defense for USA • Internet created in USA in an environment of intellectual freedom, mostly under private (not government) control • Efforts to change – e.g. “Kill Switch” bill (2010) in Congress giving government power to take over parts of internet in national emergency • Other countries can more easily mount defense (e.g. fewer entry points, government can already control networks) • US military cyber-capabilities are significantly focused on offense, not defense

  26. What To Do? • Suggestions: • 1) Enact limited government regulation of internet, cyberspace • Need international cooperation as well as national efforts • 2) Increase resources for cyber-defense (government, private) • 3) Isolate critical infrastructure (e.g. power grid) from the internet • Source: Richard A. Clarke, “Cyber War” • 4) Investigate cyber-treaties

  27. Disincentives to Cyberwar • Potential for retribution • Harming the internet tends to harm everyone • Difficult to contain scope of cyberattacks • Non-cyber interests are connected • E.g. China owns significant portion of U.S. financial structure

  28. Moderating Effects on Cyberwar • Diversity of systems and networks • Many networks, multiple operating systems • Increasing efforts on intrusion detection and prevention • Early detection may help reduce scope of effects, though malware can spread quickly

  29. Cyber Treaties? • Benefits • Set ground rules for national cyber behavior • Attempt to avoid collateral damage to citizens • Issues • Enforceability • Use of cyber treaties to limit speech • Current Russian proposal attempts to prohibit any government from using internet to interfere with any other government (e.g. promote, encourage or assist in dissent)

  30. References / More Information • “Cyber War – The Next Threat to National Security” by Richard A. Clarke (2010) • NPR Morning Edition Two-Part Series • http://www.npr.org/templates/story/story.php?storyId=130023318 • http://www.npr.org/templates/story/story.php?storyId=130052701 • “The Online Threat”, article by Seymour Hersch • http://www.newyorker.com/reporting/2010/11/01/101101fa_fact_hersh?currentPage=all • Wikipedia – Cyberwarfare • http://en.wikipedia.org/wiki/Cyberwarfare • Wikipedia – Cyberterrorism • http://en.wikipedia.org/wiki/Cyber_terrorism

  31. Questions / Discussion Dr. Paul Wagner Email: wagnerpj@uwec.edu http://www.cs.uwec.edu/~wagnerpj

More Related