The Broader Picture n Laws Governing Hacking and
The Broader Picture n Laws Governing Hacking and Other Computer Crimes n Consumer Privacy n Employee Workplace Monitoring n Government Surveillance n Cyberwar and Cyberterror n Hardening the Internet Against Attack 1
Figure 12 -5: Cyberwar and Cyberterror n Threats ¡ Attacking the IT infrastructure ¡ Using computers to attack the physical infrastructure (electrical power, sewage, etc. ) ¡ Using the Internet to coordinate attacks 2
Figure 12 -5: Cyberwar and Cyberterror n Cyberwar ¡ Conducted by governments ¡ Direct damage ¡ Disrupting command control ¡ Intelligence gathering ¡ Propaganda ¡ Industrial espionage ¡ Integrating cyberwar into war-fighting doctrines 3
Figure 12 -5: Cyberwar and Cyberterror n Cyberterrorism ¡ By semi-organized or organized groups ¡ Psychological focus ¡ n Indirect economic impacts (for example, losses because of reduced travel after September 11, 2001, terrorist attacks) n Goals are publicity and recruitment Indiscriminate damage 4
Figure 12 -5: Cyberwar and Cyberterror n Cyberterrorism ¡ Hacktivism—politically motivated attacks by unorganized or loosely organized groups ¡ Who is a terrorist? Spectrum from activism to full cyberterror 5
The Broader Picture n Laws Governing Hacking and Other Computer Crimes n Consumer Privacy n Employee Workplace Monitoring n Government Surveillance n Cyberwar and Cyberterror n Hardening the Internet Against Attack 6
Figure 12 -5: Cyberwar and Cyberterror n Building a National and International Response Strategy ¡ ¡ National governments n Coordinated responses n Intelligence gathering n Research and training n Economic incentives Private enterprise n Importance of hardening individual firms n Requiring hardening to meet responsibilities 7
Figure 12 -5: Cyberwar and Cyberterror n Hardening the Internet ¡ Hardening the telecommunications infrastructure with decentralization and other methods ¡ International cooperation is needed because of worldwide attackers ¡ Hardening the underlying telecommunications system ¡ Adding security to dialogs with VPNs 8
Figure 12 -5: Cyberwar and Cyberterror n Hardening the Internet ¡ Hardening Internet protocols n IETF is making progress by adding confidentiality, authentication, and other protections to core Internet protocols n Generally not using digital certificates in a public key infrastructure for strong authentication 9
Figure 12 -5: Cyberwar and Cyberterror n Hardening the Internet ¡ Making the Internet forensic n ISPs might be forced to collect and retain data for long periods of time n ISPs might be forced to do egress filtering to stop attacks at the source n The cost to ISPs would be high 10
- Slides: 10