Cybersecurity 27.11. 2018 Jakub Drmola Part 2: Non-state actors Cybeterrorism Image result for isis online •What is terrorism? • •extortion? •using threats and fear to get stuff? •logic of terrorism • •attackers •audience •victims •Typical features • •violence, damage, fear •goal and representation •publicity •repeatability, campaign •symbolism, spectacle • •Challenges • •poor understanding among media and politicians •getting better only very slowly •rare overlap of politics and IT • • •Cyberterrorism is… • •massive differences of opinion: •“terrorists on the internet” •recruitment, guides, propaganda, communication, planning •physical attacks on data infrastructure • • • • •History • •first ideas towards the end of the Cold War •quick growth in 90s (+ Y2K) •explosion (figurative) after 9/11 • • • • • • •Cases? • •Queensland “cyberterror”, 2000 •StuxNet, 2010 •Lodz, 2008 •Anonymous and LulzSec? •Estonia 2007 and Georgia 2008? • •Siberian pipeline and mafia boss • •Reality • •imagined and unfulfilled concept •“nothing is happening” •not really true, things are happening all the time, but it is not cyberterrorism • • •why? •required combination of skills, motivation, resources •its too hard to match effectiveness of real terrorism •Future of cyberterrorism • • • •Would we recognize it? What should it look like? • •Hacktivism • •Hacktivism • •disrupting networks, misusing systems •support ideology, political goal, etc. • • •political activism adapted to the internet in 21st century • • • • • • • • • • •Brief history • •roots towards the end of Cold War •hacktivism started from hackers •not from political activism • •going all the way back to the counterculture •universities, corporations • •Present? • •rise since 2008 •major force since 2010 •covers all strains of politics and ideologies • • •Anonymous iconic •reality is much muddier • • • • • •Anonymous •who are they? •where they came from? •why? •what do they want? •why the mask? • • • •Videos •Scientology Tom Cruise video •https://www.youtube.com/watch?v=UFBZ_uAbxS0 • •Chanology declaration •http://www.youtube.com/watch?v=JCbKv9yiLiQ • •11/11/11 •http://www.youtube.com/watch?v=bUm5seVCpf4 • •We are Legion trailer •http://www.youtube.com/watch?v=gn9-80ObGA8 • •We are Legion excerpt •https://youtu.be/3SsLGPaYjvM?t=23m5s • • • • • • • • • • • • • •http://pastebin.com/HZtH523f •Pulling out all the stops •Sony •Arab spring •AntiSec •Vigilantism •against ultra-right, children porn •Stratfor •MegaUpload, ACTA •arrests •Syria, DPRK, Ukraine • • •can be for anything •nationalistic •anarchistic •religious •vigilantism •ecological • •dominant form is hybrid leftwing anarchism (Anonymous) •The spectrum of hacktivism • •compared to other threats, hacktivism is not especially dangerous •attacks are usually short •and more importantly – public! • •hacktivism can also act as „immunization“ •How dangerous is it? • •not hierarchical •„adhocracy“ • •loose network structure •often even individual or separate groups in conflict with one another (see th3j35t3r) •Structure and organization • •concept of „ops“ • •target selection is based on reactions and opportunities •therefore at least partially predictable • • •Targets • •DDoS •botnets or LOIC and its derivatives (deniable?) • •defacement • •dox • •communication and propaganda •twitter, youtube, facebook, blogs, IRC •Tools and Methods • • • • • • • • • • • • • • http://a2.files.maxim.com/image/upload/c_fit,cs_srgb,dpr_1.0,q_80,w_620/MTM5NDQ5MTA3NDE5NzY3OTcx.jp g •depends on three main pillars •people •who perform the attacks •tools •to perform the attacks with •causes •what are the attacks for • • •new cybermilitias and patriotic hackers? • •Future? Image result for cyberberkut Related image Image result for ruh8 Image result for surkov leaks Image result for surkov leaks map