Sunday, January 12, 2014

Cyber CHEW (Crime, Hacktivism, Espionage and War)

Thursday, Jan. 16, 2014, 9am to 10:30 in the Meeting Room (behind the fireplace)

In our meeting on Cyber Privacy, Ron pointed out that Cyber Espionage was a much more serious problem. Certainly it is a serious problem, as well as Cyber Crime, Hacktivism and War.  We can argue if any of these are more important than Privacy.

This presentation by Richard Clark about his book Cyber War, covers the four-headed Cyber monster a called CHEW. We will show Richard Clark's presentation at our meeting and use it to set up our discussions.

Here are seven short YouTube videos which provides some background on the topics covered by Clark. We will show these videos only if time permits.
  1. Obama issue executive orders to improve Cyber Security
  2. Action against China
  3. Cyber Attacks by Iran
  4. Stuxnet
  5. Military Cyber Command
  6. Internet of Things
  7. Anonymous
------------------------------------------------

Update 1/15/14

Here is a link to the Economist article on Cyberwar.

Posted by at

3 comments:

  1. NormJanuary 16, 2014 at 5:56 PM

    After watching the morning videos and the informative discussions that followed I got a lot out of the Economist article on Cyberwar. I tried to do some research on "zero-day" vulnerabilities and the term seems to relate not to a particular type of vulnerability but to the start of a time span after a vulnerability is discovered up through when it is patched. To my surprise there is a market wherein a buyer, e.g. company/government, would procure a vulnerability with the intent to exploit it before the originator of the software finds and patches it. There are also "White-hat Hackers, good guys, unless they are really double or triple agents. Fascinating.

    ReplyDelete
    Replies
    1. MichaelJanuary 16, 2014 at 6:56 PM

      The Zero Day market was mentioned in the STUXNET video in the list above. Unfortunately, it was not shown at the meeting. It was very informative and I probably should have shown it.

      A zero-day vulnerability can command a premium price on the black market because it is "fresh". As soon as a zero-day vulnerability is used, the vulnerability has a limited number of days it can be used until it is closed.

      When a hacker finds a zero-day vulnerability, he can sell it on the black market or claim a reward from the vulnerable company.
      http://www.forbes.com/sites/andygreenberg/2012/03/23/shopping-for-zero-days-an-price-list-for-hackers-secret-software-exploits/

      Delete
  2. MichaelJanuary 16, 2014 at 6:59 PM

    Here is the Aurora video that Richard Clark mentioned. It shows how a Cyber Attack can blow up a power generator.

    http://www.youtube.com/watch?v=rTkXgqK1l9A

    ReplyDelete

The easiest way to comment

1) In "Comment as:", select the profile for "Name/URL" which is second from last in the list

2) Fill in your name but leave URL blank, then click continue

3) Type your comment in the comment box, then click the "Publish" button at the bottom

Subscribe to: Post Comments (Atom)