6. Evolving Maturities…
Maturity and Capabilities
• Brazil
• Canada
• Italy
• Sweden
• Netherlands
• Finland
• Japan
• Australia
• Pakistan
• Saudi
Arabia
• UAE
• South Africa
• India
• South
Korea
• North Korea
• Germany
• Turkey
• Taiwan
• Estonia
• Iran
• France
• UK
• Israel
• USA
• China
• Russia
7. National CISRT
Oman (also OIC CERT)
Malaysia (Impact)
Iran
UAE
Qatar
Saudi Arabia
Bahrain
Kuwait
Turkey
Egypt
Pakistan
India
Cyprus 7
8. 1980s 1990s 2000s 2010s1960s-70s
Hardware
Software
Networking
Cyber
Evolution
Timeline
Mainframe
Private/limited
Limited
Internet
PCs Mobile DevicesDistributed Computing
Everything networked
Timesharing Productivity
Everything as a Service
Cloud
Simple
Viruses & Worms
Social Engineering
APT
Widespread
Viruses & Worms
Local Area Networks
Social Networksemail
eCommerce
BotnetsTrojan Horses
It just got more complicated…
Internet of Things
State Sponsored
Market places
10. They always get through
Firewalls IDS
IPS
Anti-Virus
Content
Hackers
Cybercrime
Cyber terrorism
Now What?Cyber espionage
Cyber war
DLP
11. It’s different
• Support Jihad
• Hack for Money funding
• Disrupt Critical Infrastructure
• Cyber weapons Development
• Experience, Training, Recruiting
• Online alliances
12. Powerful cyber attack:
propaganda
• Old fashioned
• Media
• Some faked in English papers
• Abu Ghraib photos
• On-going Videos
• Real political damage
20. Shamoon Aug 12
• Holiday gift
• Targets
– Saudi Aramco, 32K machines
– Ragas, 2 weeks downtime
• Major Disruption
• Could have been a lot worse
• After effects of response
persist
21. Warfare
• Attack
– Israeli stock exchange
– El airlines
– several banks
– posting of stolen Israeli credit cards
• Retaliation
– posting personal information 100 of
• Saudis
• Egyptians
• Syrians
22. Mahdi Attack Jul 12
• Data-stealing Trojan
• social engineering
• Records
– Keystrokes
– Screen shots
– Audio
– Steal text &
image files
23. Drone Loss
• key logger virus infected American Predator & Reaper
• Sep 2013- Iranian officials completed decoding the
surveillance data & software extracted from CIA Drone
“… the CIA's "lost" stealth drone to an intact landing
inside hostile territory by exploiting a navigational
weakness long-known to the US military, …”
Iran Hijacked US Drone, Says Iranian Engineer: [HSEC-1.10; Date: 15-Dec-2011; Source:
http://www.csmonitor.com/World/Middle-East/2011/1215/Exclusive-Iran-hijacked-US-drone-says-Iranian-engineer DHS Open Source Enterprise Daily Cyber Report, 16-Dec-
2011, Unclassified.
27. Iran 4th Largest Cyber Army
• Thecnological envelope, protect
critical infrastructure
• Stop and foil attacks
• Separate communications network
• Attack capability
• Cyber Commander short Dead
28. Syrian Electronic Army
• Turkey May 2013 –coordinated with
Anonymous, attacked Prime
Minister’s official website, access to
staff email, passwords, & phone
numbers.
• Marjor attack against USA
organizations
• Head 19 years old
30. Syria & Palestine & Israel
• Israel subject to major attack
• Under the radar
• Israel Carmel Tunnel Security
Camera CCTV System, 8 hours
shudown of road
• Haifa water infrastructure