Hackers & Hacking a brief overview

http://www.slideshare.net/gohsuket

Gohsuke Takama / 高間 剛典, Meta Associates, May 2016

about me…

✴Gohsuke Takama (https://www.linkedin.com/in/gohsuketakama)✴Meta Associates (http://www.meta-associates.com/)

✴ founder & president, connector, analyst, planner✴co-organizer of security conferences: BlackHat Japan, PacSec ✴ liaison of international security businesses: Patch Advisor, SecWest✴coordinator on network security testing & simulation exercises for corps:

Internet Services,Telecom, Infrastructure, Manufacturing, etc✴ lectures: CodeGate 2008, Japan Federation of Bar Association, etc✴ international research for Ministry of Internal Affairs & Communication,

Telecom corps, Infrastructure corps and others: ✴visited DHS, NIST, NERC, EPRI, Stanford Research, Sandia Lab, Bell

Lab, ISAC Council, John Arquilla (Naval Postgraduate School), Richard Clarke, John Tritak, Paul Kurtz (Good Harbor Consulting)

✴organizer of tech entrepreneur/startup support events✴ independent tech journalist for over 10 years ✴ security news: http://blog.f-secure.jp/ http://scan.netsecurity.ne.jp/

✴Privacy International (London, UK http://www.privacyinternational.org/) ✴advisory board member

what is hacker?

what is hacker? Definition

Gohsuke Takamahttps://en.wikipedia.org/wiki/Hacker

what is hacker? Hackers in 1980's

Gohsuke Takama

https://www.youtube.com/watch?v=-t0aHIXuFrchttps://en.wikipedia.org/wiki/Hackers:_Heroes_of_the_Computer_Revolution

what is hacker? Hackers in 1980's

Gohsuke Takamahttps://en.wikipedia.org/wiki/The_Hackers_Conference

what is hacker? Hackers in 1980's

Gohsuke Takamahttps://en.wikipedia.org/wiki/Hackers:_Heroes_of_the_Computer_Revolution

what is hacker? "Information wants to be free"

Gohsuke Takamahttps://en.wikipedia.org/wiki/Information_wants_to_be_free

what is hacker? "Free Software"

Gohsuke Takamahttps://en.wikipedia.org/wiki/Free_software

http://www.gnu.org/philosophy/free-sw.en.html

what is hacker? "Copyleft"

Gohsuke Takamahttps://www.gnu.org/licenses/copyleft.en.html

what is hacker? Free Software Foundation

Gohsuke Takamahttp://www.fsf.org/

what is hacker? Cypherpunks

Gohsuke Takamahttps://www.cypherpunks.to/faq/cyphernomicron/chapter3.html

http://www.wired.com/1993/02/crypto-rebels/

what is hacker? Hackers vs Cracker

Hacker (expert), any of several types of persons

vs Cracker = Criminal hacker

what is hacker? Lifehacker...?

Gohsuke Takamahttp://lifehacker.com/

what is hacker? Makers

Gohsuke Takamahttp://makerfaire.com/

what is hacker? Makers

Gohsuke Takamahttp://makezine.com/make-45/

who are hackers?

who are hackers? what Color?

• Black Hat

• offender, bad guys, outlaws, criminal intent

• White Hat

• defender, security personnel, work under laws

• Grey Hat

• marginal

• "The World isn't just Black and White"

who are hackers? how about Hacktivists?

Gohsuke Takamahttps://en.wikipedia.org/wiki/Anonymous_(group)

https://www.youtube.com/watch?v=_kJtvFUMELM

who are hackers? Nation State backed Hackers

Gohsuke Takama http://www.theguardian.com/world/2013/oct/24/nsa-surveillance-world-leaders-calls

http://www.telegraph.co.uk/news/worldnews/europe/germany/10407972/NSA-denies-Barack-Obama-was-informed-of-Angela-Merkel-phone-tapping.htmlhttp://www.spiegel.de/international/germany/cover-story-how-nsa-spied-on-merkel-cell-phone-from-berlin-embassy-a-930205.html

who are hackers? Nation State backed Hackers

Gohsuke Takama

http://www.theguardian.com/world/interactive/2013/jun/07/obama-cyber-directive-full-text

who are hackers? Nation State backed Hackers

Gohsuke Takama

http://www.theregister.co.uk/2015/04/10/china_great_cannon/http://blog.erratasec.com/2015/04/pin-pointing-chinas-attack-against.html#.VSvS4Rya1wd

who are hackers? it's Complicated

• Technologists: technical curiosity

• Idealists: technical freedom

• Criminals: money

• Hacktivists: ideology

• Nation State: political power

• Patriot Hackers: nationalism

• Hackers for Hire: just business

who are hackers? Motivation

Money

Political Power

Curiosity

Ideology

Dual Use Technology: - designed function- malfunction- legitimate use- criminal use

Criminals

Technologist Hacker

Nation StateIntelligence

ExtremistHacktivist

Patriot HackerHackers for Hire

Idealist Hacker

who are hackers? Hackers for Hire

Gohsuke Takama

http://www.hackingteam.it/https://en.wikipedia.org/wiki/Hacking_Team

who are hackers? Hackers for Hire

Gohsuke Takama

http://www.finfisher.com/FinFisher/en/index.phphttp://wikileaks.org/spyfiles/files/0/289_GAMMA-201110-FinSpy.pdf

Gohsuke Takama

http://internet.gawker.com/investigators-think-this-uk-isis-defector-is-behind-the-1679699893

who are hackers? Patriot Hacker

http://en.wikipedia.org/wiki/TeaMp0isoN

Gohsuke Takama

http://www.washingtonpost.com/world/foreign-fighters-flow-to-syria/2015/01/27/7fa56b70-a631-11e4-a7c2-03d37af98440_graphic.html

who are hackers? Patriot Hacker

how hackers are recognized?

how hackers are recognized? in books

• Hackers: Heroes of the Computer Revolution, 1984

• Cuckoo's Egg, 1989

• Cyberpunk, 1991

• Takedown, 1996

• Crypto, 2001

• Hacker Cracker, 2002

how hackers are recognized? in movies

• WarGames, 1983• Brainstorm, 1983• Sneakers, 1992• Hackers, 1995• Pirates in Silicon Valley, 1999 (TV special)• Takedown, 2000• V for Vendetta, 2005• The Girl with the Dragon Tattoo, 2009, 2011• We are Legion, 2012• Fifth Estate, 2013• Citizenfour, 2014• Mr. Robot, 2015 (TV series)

how hackers are recognized? in movies

Gohsuke Takamahttps://www.youtube.com/watch?v=Ug4fRXGyIak

http://www.hulu.com/mr-robot

what is "hacking"?

what is "hacking"? Bug, Vulnerability, Exploit

• Bug?

• mistakes

• Vulnerability?

• mistakes that have special weakness

• Exploit?

• program codes that exploit vulnerabilities

• Von Neumann machine

https://en.wikipedia.org/wiki/Von_Neumann_architecture

what is "hacking"? Von Neumann machine

https://en.wikipedia.org/wiki/Von_Neumann_architecture

"know your enemy: hacking techniques"

• phishing

• targeted phishing

• trojan (malware)

• spyware

• ransomeware

• key logger

• 0day expoit

• rootkit

• botnet DDoS

• botnet SPAM

• content altering

• website spoofing

• XSS

• XSRF

• code injection

• IP hijacking

• sniffer

• rogue WiFi AP

• shadow IoT

• attacks on SCADA

Targeted Attacks & Phishings Primary Targets1次ターゲット

Spoofed Websites改変/偽装されたウェブサイト

Cyber Espionage, Cyber Criminal Orgサイバースパイ、サイバー犯罪組織

Higher Targets高次ターゲット

Major Corps 基幹企業

Financial Sector 金融機関

Gov / Military 政府/軍事機関

Attacks攻撃

DDoS gets larger

Gohsuke Takama

http://www.techworld.com/news/security/worlds-largest-ddos-attack-reached-400gbps-says-arbor-networks-3595715/http://krebsonsecurity.com/2014/02/the-new-normal-200-400-gbps-ddos-attacks/

malware attacks on SCADA

Gohsuke Takama

http://www.reuters.com/article/us-ukraine-cybersecurity-exclusive-idUSKCN0V51H1http://www.wired.com/2016/01/everything-we-know-about-ukraines-power-plant-hack/

infrastructure attack: SCADA

Supervisory Control And Data Acquisition

infrastructure attack: SCADA "Stuxnet" attack on Iran's nuclear plant

"whom targeted, why"

http://www.hackmageddon.com/category/security/cyber-attacks-timeline/

Money

Power

Curiosity

Ideology

Dual Technology: - designed function- malfunction- legitimate use- criminal use

OrganizedCriminals

Technologist Hacker

Nation StateCommand

ExtremistHacktivist

who are hackers? Motivation

APT

HacktivismTheftFraud

Ransom

InfrastructureDisruption

Lulz

DDoS

Surveillance

4 Content

3 OS/Application

2 Device

1 Physical

5 Operation

6 Custom (Habit)

7 Psychological

Tangibles

Intangibles

Human Factor

cognition

behavior

rules

data

software

"a security layer model "

hardware

environment

"attacks vs. counter measures "

Psychological APT, espionage, phishing, social engineering ?

Customspyware, spoofing,

phishing spam, XSS, XSRF, ID spoof/theft, pharming

accustomed best practice, awareness, CIRT, PKI, digital signature, IDM

Operation DoS, spam, ransomware, sabotage-ware

security policy, audit, routing, filtering, CIRT

Content sniffing, spyware, spam, alteration

encryption, filtering, digital signature, host

IDS, content-scan

OS/ Application

DoS, vuln exploit, 0day, rootkit, botnet

Firewall, network IDS, IPS, anti-virus, OS/app patch

Device direct access, tampering, alteration

perimeter guard, anti- tampering, hard seal

Physical lock pick, break in, vandalism

surveillance, perimeter alarm, armed guard

Attacks Counter Measures

about…

✴ Gohsuke Takama / 高間剛典, Meta Associates http://www.meta-associates.com/✴代表, ITセキュリティ・データプライバシー・コンサルタント

✴ Privacy International, London, UK アドバイザリー役員 http://www.privacyinternational.org/

✴国際プロジェクトコーディネート, 国際調査研究✴ セキュリティ国際会議/セミナーの日本側制作運営: Black Hat Japan, PacSec

✴ 海外専門家招聘によるセキュリティ監査運営 (ネット企業, エネルギーインフラ企業, 等)

✴ 緊急事態シミュレーション・テーブルトップ演習等の企画・実施運営 (電機メーカー等)

✴ 国際調査訪問: DHS, NIST, NERC, EPRI, Stanford Research, Sandia研, Bell研, ISAC Council, John Arquilla(NPS米海軍大学院), Richard Clarke, John Tritak, Paul Kurtz (Good Harbor Consulting)

✴ 調査報告書: 総務省「電子政府・電子自治体のプライバシーに関する調査研究報告書」「住民のプライバシーの保護に関する新しい考え方と電子自治体におけるそのシステム的な担保の仕組みについての研究会報告書」, エネルギーインフラ企業, テレコム企業, 他

✴ 海外セキュリティ企業の日本窓口: Patch Advisor(セキュリティ監査), SecWest (セミナー)

✴ ITセキュリティ, データプライバシーに関する戦略分析・ディレクション(電機メーカー等)

✴ レクチャー: CodeGate2008 (韓国), 日本弁護士連合会人権シンポジウム (2002, 2010), 他✴ セキュリティメディアでの執筆: http://blog.f-secure.jp/ http://scan.netsecurity.ne.jp/

Gohsuke Takama