Unas reflexiones sobre la ciberguerra (Spanish)

SIMO Network 2012
I Foro Profesional TIC de ATI
Los nuevos enfoques de la gestión de la Seguridad
Madrid, 26 de septiembre de 2012
© Copyright 2012, iTTi, Innovation & Technology Trends Institute / Instituto de Tendencias en Tecnologías e Innovación.
Unas reflexiones sobre la
CIBERGUERRA
Miguel GARCÍA-MENÉNDEZ | iTTi
Manolo PALAO | iTTi

info@ittrendsinstitute.org
iTTi | Instituto de Tendencias en Tecnologías e Innovación
Un FORO para la INVESTIGACIÓN y la REFLEXIÓN
[I]nformación
[F]ormación
[O]pinión
[R]ecomendación

3
SIMO 2012 ATI Ciberguerra -iTTi-
© Copyright 2012, iTTi, Innovation & Technology Trends Institute / Instituto de Tendencias en Tecnologías e Innovación. 3SET 2012

4
Una presentación a nivel de divulgación
Fuente:http://teacherweb.craven.k12.nc.us/TPE/kindergarten/images/2A90C21B963545C1B3634CB0EE89A110.jpg

55
Agenda

6
1. Se habla mucho de Ciberguerra.
La Ciberguerra está de moda
2. La ‘moda’ atrae –proporcionalmente- más titulares que la ‘realidad’.
La atracción /gravitación depende de muchos intereses (todo es ‘relativo’)
3. Debería interesar más la Ciberpaz
4. Ciberguerra y Ciberpaz se están tratando de forma incompleta.
Faltan –al menos- gobernanza y divulgación.
Faltan conceptos claros, magnitudes y métricas
5. Falta de consenso. Negacionistas vs objetivistas
6. Algunas referencias importantes
7. SEGURINFO España 2012
Unas reflexiones sobre la CIBERGUERRA
Fuente:
http://dy6g3i6a1660s.cloudfront.net/MeIr3omw
3O31hhBWDqGFqgJYAmc/mt-89/were-
inspired-christopher-shannons-floral-
menswear-makeup.jpg

77
Unasreflexionessobrela
CIBERGUERRA

8
Fuente: http://www.victorioylucchino.com/
Fuente: http://www.victorioylucchino.com/
La Ciberguerra está de moda
Se habla mucho de Ciberguerra

9
Fuente: https://www.google.es/search?q=ropa+de+trabajo&hl=en&client=firefox-a&rls=org.mozilla:es-ES:official&channel=fflb&prmd=imvns&tbm=isch&tbo=u&source=univ&sa=X&ei=kVhKUPu6FdS2hAe4-4CwCA&sqi=2&ved=0CMQBELAE&biw=1280&bih=661
La ‘moda’ atrae –proporcionalmente- más
titulares que la ‘realidad’
La atracción /gravitación depende de muchos
intereses (todo es ‘relativo’)

10
Fuente:http://www.google.es/imgres?hl=en&client=firefox-a&hs=s5b&sa=X&rls=org.mozilla:es-
ES:official&channel=np&biw=1429&bih=738&tbm=isch&prmd=imvns&tbnid=RhZpxbM9oA094M:&imgrefurl=http://w
ww.strangecosmos.com/content/item/153075.html&docid=ADQVCeVzWgarSM&imgurl=http://www.strangecosmos.c
om/images/content/153075.jpg&w=700&h=458&ei=JP5KUIyUJsbB0QXk0IGwDw&zoom=1&iact=hc&vpx=314&vpy=288
&dur=80&hovh=181&hovw=278&tx=138&ty=86&sig=109245388514343874860&page=1&tbnh=105&tbnw=160&start
=0&ndsp=28&ved=1t:429,r:8,s:0,i:98

11
Fuente:http://www.google.es/imgres?hl=en&client=firefox-a&hs=s5b&sa=X&rls=org.mozilla:es-
ES:official&channel=np&biw=1429&bih=738&tbm=isch&prmd=imvns&tbnid=vDj36CA4SaojQM:&imgrefurl=
http://miafene.hu/category/vilag/&docid=6-0nswoE3uAZuM&imgurl=http://miafene.hu/wp-
content/2009/09/chinese-army-trianing-for-national-day-parade-60th-anniversary-01-
560x373.jpg&w=560&h=373&ei=JP5KUIyUJsbB0QXk0IGwDw&zoom=1&iact=hc&vpx=197&vpy=330&dur=
644&hovh=183&hovw=275&tx=145&ty=135&sig=109245388514343874860&page=2&tbnh=164&tbnw=228
&start=28&ndsp=20&ved=1t:429,r:0,s:28,i:163
http://4.bp.blogspot.com/__pHoqjgxkwI/SHwwWPEtiVI/AAAAAAAAA2Y/NAfd2BOQQIM/s400/103-0387_IMG_2.JPG

12
Fuente: http://www.google.es/imgres?start=204&hl=en&client=firefox-a&rls=org.mozilla:es-ES:official&channel=np&biw=1429&bih=738&tbm=isch&tbnid=gQPsbIBy0qo-
tM:&imgrefurl=http://canadianchefscongress.com/site/2010/06/&docid=bW-aDivlKQL0hM&imgurl=http://canadianchefscongress.com/site/wp-
content/uploads/IMG_7565.jpg&w=640&h=426&ei=TwJLUPaQKK-
20QX69YHQDg&zoom=1&iact=rc&dur=543&sig=109245388514343874860&page=10&tbnh=167&tbnw=223&ndsp=23&ved=1t:429,r:0,s:204,i:83&tx=151&ty=77

13
Fuente: http://www.wacs2000.org/images/news/uae/WACS_Global_Chefs_Challenge/edgechefs1.jpg
Fuente:http://ifc.dpz.es/recursos/publicaciones/31/78/06medina.pdf

14
Fuente:http://passporttoeat.files.wordpress.com/2011/10/img_9970.jpg
Fuente:http://www.daviddarling.info/images/heart_transplant_surgery.jpg

15
Fuente: https://www.google.com/calendar/render?tab=mc
Fuente:http://2.bp.blogspot.com/-SDCtTSmkDYY/TcHSoG9Wv_I/AAAAAAAACGo/Z-F9X_N-Tfo/s1600/wildfox-couture-cobrasnake-shoot-with-atlanta-de-cadanet-taylor.jpg

16
Fuente:http://www.google.es/imgres?hl=en&client=firefox-a&rls=org.mozilla:es-
ES:official&channel=fflb&biw=1280&bih=661&tbm=isch&tbnid=CZInmKgEnWgaZM:&imgrefurl=http://es.123rf.com/photo_5629032_unico-permanente-rastreo-de-
punta-roja-9-mm-parabellum-cartucho-
aislado.html&docid=oO_2sg8pCW9RGM&imgurl=http://us.123rf.com/400wm/400/400/slavapolo/slavapolo0910/slavapolo091000007/5629032-unico-permanente-
rastreo-de-punta-roja-9-mm-parabellum-cartucho-
aislado.jpg&w=262&h=400&ei=A1ZKULjjC8a00QXr6ID4Ag&zoom=1&iact=hc&vpx=1065&vpy=187&dur=451&hovh=153&hovw=107&tx=150&ty=153&sig=10924538
8514343874860&page=4&tbnh=153&tbnw=107&start=57&ndsp=22&ved=1t:429,r:10,s:57,i:287
Si vis pacem,
para bellum
Debería interesar más la Ciberpaz

17
Fuente: http://en.wikipedia.org/wiki/War
guerra (war) [10+ condiciones]
(1) organized, (2) armed, and, often, a (3) prolonged conflict that is
carried on between states, nations, or other parties typified by (4)
extreme aggression, (5) social disruption, and usually (6) high mortality.
War should be understood as an (7) actual, (8) intentional and (9)
widespread (10) armed conflict between political communities, and
therefore is defined as a form of political violence.
The set of techniques used by a group to carry out war is known as
warfare.
An absence of war (and other violence) is usually called peace.
Ciberguerra y Ciberpaz se están
tratando de forma incompleta
Conflicto
1 organizado
2 armado
3 prolongado
4 extremo
5 perturbación
6 mortandad
7 real
8 intencionado
9 amplio
10 político

18
Fuente: http://en.wikipedia.org/wiki/War#Types_of_warfare
Conflicts in the following list are currently causing at
least 1,000 violent deaths per year, a categorization
used by the Uppsala Conflict Data Program[57] and
recognized by the United Nations.

19
Ciberguerra y Guerra
B
Guerra
Ciberguerra
B
A
A
Guerra
Ciberguerra

20
Cyberwar: un enfoque tridimensional simplificado
Motivación
Ámbito
Duración
guerra mundial
guerra ofensiva
guerra defensiva (1)
batallas (2)
codicia – crimen organizado
codicia – sicarios / autónomos
vandalismo – odio – ideología – sabotaje
curiosidad – ego (script kids, hackers)
larga duración
permanente
continua
alta frecuencia
ocasional
estados – países – organizaciones - bloques
masivo (regional, nacional)
infraestructuras críticas
sectores industriales / regiones
personas - empresas – organismos (3) (4)
Copyright©2012byManuelPalao,MiguelGarcía-Menéndez,eiTTi
(*) http://brazil.kaspersky.com/sobre-a-kaspersky/centro-de-imprensa/blog-da-kaspersky/MaaS

21
Fuente: http://securityaffairs.co/wordpress/8765/intelligence/state-sponsored-attack-or-not-thats-the-question.html?goback=.gde_1870711_member_165007262
Fuente:
http://www.lemonde.fr/spor
t/article/2012/09/18/le-sri-
lanka-accueille-la-4e-edition-
de-la-coupe-du-monde-de-twenty20_1761945_3242.ht
ml#xtor=EPR-32280274-
[NL_Sport]-20120918-[titres_principaux]

22
Cyberwar: un enfoque ampliado de 5 dimensiones
Motivación
Duración
Interiorización
Ciberdependencia
Copyright©2012byManuelPalao,MiguelGarcía-Menéndez,eiTTi
Fortaleza/PoderTecnológico vs. Inercia/Exceso de confianza
De la GUERRA ELECTRÓNICA a la CIBERGUERRA
La TECNIFICACIÓN como AMENAZA
National Cyber Strength = f(cyberoffensiveness,
cyberdependency,
cyberdefensiveness)
Concienciación
Formación
Imputabilidad
Madurez cívica
National Accountability
Ámbito
A
M
B

23
Like for the cyber-weapon definition, we have
to focus on three elements 1. context, 2. aim
and 3. losing party (subject/object) to
recognise if we are in front of a cyber-warfare
or a cyber-terrorism (even state-sponsored)
attack.
http://www.linkedin.com/groupAnswers?view
QuestionAndAnswers=&discussionID=1668838
32&gid=1836487&commentID=96507872&trk
=view_disc&ut=21C_4C4DGLZBo1
Stefano Mele •

24
“… as a doctrinal matter, the Pentagon has
formally recognized cyberspace as a new
domain in warfare . . . [which] has become
just as critical to military operations as
land, sea, air, and space.“
William J. Lynn, U.S. Deputy Secretary of Defense
http://securityaffairs.co/wordpress/8765/intelligence/state-sponsored-attack-or-not-thats-the-
question.html?goback=.gde_1870711_member_165007262
tierra
¿ciberespacio?
aire
mar
espacio
Falta de consenso
LTC Greg Conti, Assistant Professor, USMA-WestPoint

25
‘Negacionistas’ [Naysayers]
Fuente: http://cyberarms.wordpress.com/2010/10/23/putting-the-cyber-in-cyber-warfare/
“… you can’t kill with Denial of
Service attacks.
… you can’t shut down the power
grid through the internet.”
‘CYBERWAR NAYSAYER’
About 20,900 results
https://www.google.es/#hl=en&output=search&sclient=psy-
ab&q=cyberwar+naysayer&oq=cyberwar+naysayer&gs_l=hp.12...10149.20162.1.22458.17.17.0.0.0.0.319.3119.0j12j4j1.17.0...0.0...1c.WR7dfo
ieoUs&psj=1&fp=1&biw=1024&bih=431&bav=on.2,or.r_gc.r_pw.r_cp.r_qf.&cad=b

26
Cyber war threat exaggerated claims security expert
http://www.bbc.com/news/technology-12473809
Bruce Schneier claims that emotive rhetoric around the term does not match the reality.
He warned that using sensational phrases such as "cyber armageddon" only inflames the
situation.
Mr Schneier, who is chief security officer for BT, is due to address the RSA security
conference in San Francisco this week.
His point of view was backed by Howard Schmidt, cyber security co-ordinator for the
White House.

27
cyber-war-still-not-a-thing
http://reason.com/blog/2011/10/21/cyber-war-still-not-a-thing
Despite what your congressman may tell you, cyber war might never
happen, says a researcher in the Department of War Studies at King’s
College London.
Thomas Rid, also a fellow at Johns Hopkins’ School for Advanced
International Studies, writes that “Cyber War Will Not Take Place”, an
assessment that contrasts with those of many elected U.S. officials. Rid
claims that no online attack to date constitutes cyber war and that it’s
“highly unlikely that cyber war will occur in the future.”
Fuente:
http://www.beweddingplanner.com/inspirational-elie-
saab-prices.html/haute-couture-elie-saab-prices

28
http://reason.com/archives/2011/07/25/the-cybersecurity-industrial-c/singlepage
The Cybersecurity-Industrial Complex. The feds erect a
bureaucracy to combat a questionable threat.
A rough … consensus has emerged that the United States is facing a grave and immediate
threat that can only be addressed by more public spending and tighter controls on
private network security practices.
But there is little clear, publicly verified evidence that cyber attacks are a serious threat.
What we are witnessing may be a different sort of danger: the rise of a Cybersecurity -
-industrial complex, much like the military-industrial complex of the Cold War, that not
only produces expensive weapons to combat the alleged menace but whips up demand
for its services by wildly exaggerating our vulnerability.
‘The New Industrial State’
(1967), John Kenneth Galbraith
http://en.wikipedia.org/wiki/File:John_Kenneth_
Galbraith.jpg

29
Andrea Zapparoli Manzoni (20120926, CYBER
SECURITY Forum Initiative -
CSFI http://www.linkedin.com/groupAnswers?vie
wQuestionAndAnswers=&discussionID=1668838
32&gid=1836487&commentID=96645448&trk=vi
ew_disc&ut=0WJneMXcjW-Bo1
[acerca de unos ataques DDoS a la Banca de
EEUU]
- this is definitely not cyber war (simply because
such a thing doesn't exist, like the Unicorn)

30
Analistas, Auditores y ‘Objetivistas’
SEGURINFO,
Madrid,
20121121
“Unfortunately too many published
assessmentshave favored
sensationalism over careful analysis”
“… few single foreseeable cyber-
related events have the capacity to
propagate onwards and become a full-
scale ―global shock”.
“A critical feature of any worthwhile
analysis is discipline in the use of
language”.
“Cyber espionage is not ―a few clicks
away from cyberwar, it is spying which
is not normally thought of as ―war”.

31
“By the same token a short-term
attack by hacktivists is not cyberwar
either”.
“A pure cyberwar, that is one fought
solely with cyber-weapons, is
unlikely”.
“On the other hand in nearly all future
wars as well as the skirmishes that
precede them policymakers must
expect the use of cyberweaponry”.
“… the Internet was designed from the
start to be robust so that failures in
one part are routed around…”

32
“In terms of cyber attacks the one
overwhelming characteristic is that
most of the time it will be impossible
for victims to ascertain the identity of
the attacker – the problem of
attribution.
This means that a defense doctrine
based on deterrence will not work.
The most immediately effective action
that governments can take is to
improve the security standards of their
own critical information systems.

33
The report addressed web/email attacks. The techniques used bypass both
signature and heuristic security means.
I. Web
225% increase in web infections in last 6 months. 643/week now.
Attacks vary by industry:
Healthcare - 100% increase Financial Services - spike in April/May - from Latvia
Technology - high volume - stable trend - target is Intellectual Property
Energy/Utility - 60% increase - target is smart grid
II. Email
56% increase in malicious email in last 6 months
Two methods used: malicious links in email and email attachments. Links are
growing faster.
"Throw away*" domains are being used more - those used 1-10 times and discarded.
This is to circumvent filters and black lists by domain. (*also known as Limited Use
Domains/Crafted Domains)
Attachments: increase in variance by type of attachment. Target vulnerabilities in
serving applications. (Example: pdf/Abode)
Michael S Hines
mshines@purdue.edu
<083b01cd98d7$34dfdf90$9e9f9eb0$@purdue.edu>
"FireEye Advanced Threat Report - First Half 2012"
Thesis of the report: Advanced attacks bypass
traditional security like Firewalls, Intrusion
Prevention, and Anti-virus.

34
III. Files
Filter and limit by type. Examine inbound for malicious content.
Examine outbound for proprietary information.
Many attacks are trying to obtain data more now.
Files are being extracted using the HTTP (port:80) protocol - which is usually more
open.
IV. Some protective moves you can make.
#1. User education regarding risks in email (links and attachments) and web sites
(links).
#2. Defense in depth - key - protecting not only the front door, but internal networks
for the proper access controls (users/data paths)
#3. Secure coding best practices (never trust user input - audit/examine/test/validate).
(Example: a web site that queries a database: if the user enters a "*" and no check is
made and the "*" is passed to SQL, the request is to return all rows in the table - a very
easy exploit - and most likely not what you want to happen).
Michael S Hines
mshines@purdue.edu
<083b01cd98d7$34dfdf90$9e9f9eb0$@purdue.edu>

35
“We have met the enemy and he is us”
Fuente: Walt Kelly .
http://wiki.answers.com/Q/What_is_the_origin_of_the_phrase_'I_have_found_the
_enemy_and_it_is_us'#ixzz264CPrYv4
Fuentehttp://2.bp.blogspot.com/_JnCUXFEdVus/TObNm8kA-
fI/AAAAAAAABuw/CR3NldAsfBQ/s1600/6a00d8341ca4d953ef013481cb7b9e970c-800wi.jpg
Fuente:
http://dy6g3i6a1660s.cloudfront.n
et/MeIr3omw3O31hhBWDqGFqgJ
YAmc/mt-89/were-inspired-
christopher-shannons-floral-
menswear-makeup.jpg

36
Algunas referencias importantes

37

38

39

40

41

42

43

44

45

46

47

48

49
" ... to define a common language for describing IA work
and work components, in order to provide commercial
certification providers and training vendors with targeted
information to enhance their learning offerings.”
Fuente: IT Security EBK: A Competency and Functional Framework for IT
Security Workforce Development Section 1. Introduction. http://www.us-
cert.gov/ITSecurityEBK/EBK2008.pdf
information
assurance
Fuente: http://ris.fashion.telegraph.co.uk/RichImageService.svc/imagecontent/1/TMG7843655/p/milan_versace_gett_1662788a.jpg

50
Fuente: iTTi

51
Fuente: www.SegurInfo.org

Unas reflexiones sobre la ciberguerra (Spanish)

Recommandé

Recommandé

Contenu connexe

En vedette

En vedette (11)

Similaire à Unas reflexiones sobre la ciberguerra (Spanish)

Similaire à Unas reflexiones sobre la ciberguerra (Spanish) (20)

Plus de iTTi Innovation & Technology Trends Institute

Plus de iTTi Innovation & Technology Trends Institute (17)

Dernier

Dernier (20)