Research on Cyber Warfare

Re: Research on Cyber Warfare

streaker69, I was actually thinking about the power grid vulnerability and how it could be used in conjunction with another attack. A power outage by itself isn't too crippling, but a power outage in a large city that just suffered a physical attack as well would be enough to make people hurt themselves - mass hysteria and such.

I know using "cyber" is kind of cliche, but it seems to be the government and military's catch-all term - cyber security czar, Cyber Command, Cyber Security Act, etc. I'm open to suggestions for something that sounds better lol. "Information Warfare and the Threat of Cyber Terrorism" - maybe?

Re: Research on Cyber Warfare

So you're thinking about what happened in Georgia recently?


"Information Warfare and the Threat of Internet based Terrorism"

Personally, I'm only gonna be worried when I hear a billion phones ring at the same time. That's when we'll know the Lawnmower man has truly taken over the system. :)

Re: Research on Cyber Warfare

streaker69, Georgia was going to be an example. I'm not sure if I can narrow the title down to "Information Warfare and the Threat of Internet based Terrorism" because I might throw in something about UAVs/drones or using nanotech - then again, I might end up with enough that I don't need to mention those. Usually I gather as many sources as possible then narrow the focus of my paper just to make sure I have enough - I guess that's backwards from how people usually do it.

Now you guys see why I need help lol. A lot of the info out there is hokey, overhyped, severely skewed, or outdated. And some of the current events examples focus more on the reporter's speculation than on how the event went down. I don't want my paper to be the same crap-quality as everyone else's. Media Kool-aid is not research.

Re: Research on Cyber Warfare

This is generally a good statement that applies to a lot of things far beyond the "cyber warfare" industry!

Re: Research on Cyber Warfare

You should probably read these two threads as well.

https://forum.defcon.org/showthread....ighlight=scada

https://forum.defcon.org/showthread....ighlight=scada

Re: Research on Cyber Warfare

An in depth look at CI vulnerability to and EMP attack, I'd love to read the classified version!

The official EMP Commission homepage:
http://www.empcommission.org/

Obligatory Wiki page on EMP:
http://en.wikipedia.org/wiki/Electromagnetic_pulse

.pdf of Dr. Michael J. Frankel, executive director of the EMP Commission, recently submitted testimony to the U.S. House Homeland Security Committee concerning threats to the nation's power grid and to cyber security:
http://homeland.house.gov/SiteDocume...5419-98752.pdf

If you haven't yet go read all you can about this guy, John Boyd
http://en.wikipedia.org/wiki/John_Bo..._strategist%29
He was a total stud. His people have been applying his theories to network defense, just has they have been applied to air combat, hand to hand combat, business strategies, and nuclear war. He passed away in 2002:
http://www.arlingtoncemetery.net/jrboyd.htm
To Coram and others, including Defence Secretary Donald Rumsfeld, Boyd is "the most influential military thinker since Sun Tzu wrote The Art of War 2400 years ago".

Re: Research on Cyber Warfare

One case your going to hear about in your travels is the Australian sewer backup hack. The one where they guy tries to extort money from the utility by tinkering with valves to backup sewers Defiantly in the over hyped category since he was a trusted insider for many years and only succeeded in backing up a few swimming pools worth of crap, which is a small amount compared to what can happen purely by accident.

I think the measuring stick to use to gauge if it's actually worth the hype is "Is it worse than what mother nature can achieve". In the case of the Northeast blackouts, yeah it's gonna suck if someone can do it on demand, but we know life can go on and we can deal with it. If someone can shut down phone service to an area, well a tree falling on a substation can do that too.

In all my research for the Zombie talk this past con, the only thing I found that was of any worry was the power grid, mostly as an additional screw you to something else as you said. The biggest damage could be just to drop the hammer in winter, just as a major storm hits and cut power to a big swath of the Northeast

Re: Research on Cyber Warfare

I looked into that one a good bit when it made the news, and that again was a case where proper procedures weren't followed when an employee left.

The amount of damage that he did, you're right, was minimal, and sewage backups aren't as bad as the general populace believes them to be. Creeks and ponds recover quite nicely from them without much issue. It's only when the spill is stretched over long periods of time that the damage is more permanent.

Our biggest issue we had in the past couple of years was 100,000 gallons and it flowed into a small creek. We cleaned it up within a couple of hours and you couldn't even tell it was there. I think people just see the issue as being gross so it gets blown out of proportion.

Most of the attacks that I've found against SCADA systems have been from insiders. I did some looking into what it would take to actually inject commands directly into the data stream and I didn't really find a way to do it, and I knew the kind of data I was looking for.

I do think what is going to be a big downfall of SCADA systems is the introduction of WebHMI systems where you don't need the SCADA client installed on the machine. Nothing like opening up a browser and having the entire process at your fingertips. We purchased the license for WebHMI for our product and I did not enable it because I couldn't ensure that it's authentication method was secure enough to have it installed.

Re: Research on Cyber Warfare

streaker69, thanks - got a couple good sources out of those threads!

Dark Tangent, thanks! That was definitely stuff I hadn't found yet. I'd heard of Boyd as a military strategist (my husband is a military history and military strategy buff), but I never realized how much his theories applied to network defense. I'm glad you mentioned EMPs too. I was thinking about that but totally left it out of my research until I read your post.

renderman, thanks, I hadn't seen anything about the Australian sewer incident, I'll have to look into that one.

note: I found a lot more sources today. I still need to sift through them and make an organized list with more detailed categories, but when I do I will add it to the thread. Any more sources or suggestions you guys want to add are greatly appreciated. Even the sources I don't use for my paper can give me insight and can be posted here for the benefit of the curious. And if anyone wants to glance over the list of sources and call BS on some of them, feel free - I don't want to use it if it's bad info.

Re: Research on Cyber Warfare

I'll toot my horn, and then hide again in the bunker...

There is a whole slew of cyberwar and infowar links on C4I.org - http://www.c4i.org

Not to mention whenever someone gets the itch to mess with the SCADA networks after getting fired, if it makes it to the news, we usually have it on InfoSec News and archives of past acts over the years! - http://www.infosecnews.org

Re: Research on Cyber Warfare

EMP attacks are very interesting especially from a nationalistic & political perspective. Do you go to war over an attack that only destroys electronic infrastructure? If you are a terrorist, not only do you get notoriety, but by not taking life directly, there is less risk of a global outrage. Certainly there would be loss of life, due to the interruption of services that sustain it. We are hurt much more than say an Iran by such an attack. How do you respond to an attack like that? Do you pull the nuclear trigger?

xor

Re: Research on Cyber Warfare

_poke in the ribs_ Are you going to update C4I? The last links are from late 2007.. much like the old (but being refreshed!) book section on defcon.

Re: Research on Cyber Warfare

Why did I know that something that involved shit through a pipe, you'd have something to add

I think that's where the risk is for the most part, industries not used to thinking about network security and that kind of infrastructure. I'm reminded of DC....13 I want to say, where the Shmoo group showed an article where a trade magazine was touting the use of wireless in a nuclear plant, much to the fear of the crowd.

I know that we can't, but the real solution is the prosecution of stupidity.

Re: Research on Cyber Warfare

Of course it's my specialty, as a matter of fact, I found out today that I'm getting an award.

On the case of the end users, it isn't really stupidity but more ignorance. A sales strumpet walks in and tells management all the wonderful things that can be done with WebHMI, after all, you can get those latest production run numbers right now, at your fingertips. They eat it up and buy it, and next thing you know it's installed by a contractor much to the dismay of local IT.

The entire culture surrounding the implementation of SCADA systems needs to be changed from the ground up. IT and SCADA integrators need to work closely together to make sure that things are done properly.

I was just working with a vendor last week that their product needed access to one of the SCADA SQL databases for historical data, and they were surprised that I had the 'sa' user disabled, as that's what they normally use with their product.

...and if I hear one more contractor/employee say "why do we need all this security, we're not the FBI?", I'll be needing to dig another hole at the plant.

Re: Research on Cyber Warfare

erehwon, thanks!

xor, I honestly think that if something like that happened, the "rules" of war would have to be redefined. If it was proven to be an act of terrorism or war, I have no doubt that the US would "have" to do something. I don't know that they'd whip out the nukes - you pinch me, I annihilate you? Then again, the US has done some unreasonable stuff in the not so distant past.