Hackers and Hacking a brief overview 5-26-2016
-
Upload
gohsuke-takama -
Category
Internet
-
view
263 -
download
1
Transcript of Hackers and Hacking a brief overview 5-26-2016
Hackers & Hacking a brief overview
http://www.slideshare.net/gohsuket
Gohsuke Takama / 高間 剛典, Meta Associates, May 2016
about me…
✴Gohsuke Takama (https://www.linkedin.com/in/gohsuketakama)✴Meta Associates (http://www.meta-associates.com/)
✴ founder & president, connector, analyst, planner✴co-organizer of security conferences: BlackHat Japan, PacSec ✴ liaison of international security businesses: Patch Advisor, SecWest✴coordinator on network security testing & simulation exercises for corps:
Internet Services,Telecom, Infrastructure, Manufacturing, etc✴ lectures: CodeGate 2008, Japan Federation of Bar Association, etc✴ international research for Ministry of Internal Affairs & Communication,
Telecom corps, Infrastructure corps and others: ✴visited DHS, NIST, NERC, EPRI, Stanford Research, Sandia Lab, Bell
Lab, ISAC Council, John Arquilla (Naval Postgraduate School), Richard Clarke, John Tritak, Paul Kurtz (Good Harbor Consulting)
✴organizer of tech entrepreneur/startup support events✴ independent tech journalist for over 10 years ✴ security news: http://blog.f-secure.jp/ http://scan.netsecurity.ne.jp/
✴Privacy International (London, UK http://www.privacyinternational.org/) ✴advisory board member
what is hacker?
what is hacker? Definition
Gohsuke Takamahttps://en.wikipedia.org/wiki/Hacker
what is hacker? Hackers in 1980's
Gohsuke Takama
https://www.youtube.com/watch?v=-t0aHIXuFrchttps://en.wikipedia.org/wiki/Hackers:_Heroes_of_the_Computer_Revolution
what is hacker? Hackers in 1980's
Gohsuke Takamahttps://en.wikipedia.org/wiki/The_Hackers_Conference
what is hacker? Hackers in 1980's
Gohsuke Takamahttps://en.wikipedia.org/wiki/Hackers:_Heroes_of_the_Computer_Revolution
what is hacker? "Information wants to be free"
Gohsuke Takamahttps://en.wikipedia.org/wiki/Information_wants_to_be_free
what is hacker? "Free Software"
Gohsuke Takamahttps://en.wikipedia.org/wiki/Free_software
http://www.gnu.org/philosophy/free-sw.en.html
what is hacker? "Copyleft"
Gohsuke Takamahttps://www.gnu.org/licenses/copyleft.en.html
what is hacker? Free Software Foundation
Gohsuke Takamahttp://www.fsf.org/
what is hacker? Cypherpunks
Gohsuke Takamahttps://www.cypherpunks.to/faq/cyphernomicron/chapter3.html
http://www.wired.com/1993/02/crypto-rebels/
what is hacker? Hackers vs Cracker
Hacker (expert), any of several types of persons
vs Cracker = Criminal hacker
what is hacker? Lifehacker...?
Gohsuke Takamahttp://lifehacker.com/
what is hacker? Makers
Gohsuke Takamahttp://makerfaire.com/
what is hacker? Makers
Gohsuke Takamahttp://makezine.com/make-45/
who are hackers?
who are hackers? what Color?
• Black Hat
• offender, bad guys, outlaws, criminal intent
• White Hat
• defender, security personnel, work under laws
• Grey Hat
• marginal
• "The World isn't just Black and White"
who are hackers? how about Hacktivists?
Gohsuke Takamahttps://en.wikipedia.org/wiki/Anonymous_(group)
https://www.youtube.com/watch?v=_kJtvFUMELM
who are hackers? Nation State backed Hackers
Gohsuke Takama http://www.theguardian.com/world/2013/oct/24/nsa-surveillance-world-leaders-calls
http://www.telegraph.co.uk/news/worldnews/europe/germany/10407972/NSA-denies-Barack-Obama-was-informed-of-Angela-Merkel-phone-tapping.htmlhttp://www.spiegel.de/international/germany/cover-story-how-nsa-spied-on-merkel-cell-phone-from-berlin-embassy-a-930205.html
who are hackers? Nation State backed Hackers
Gohsuke Takama
http://www.theguardian.com/world/interactive/2013/jun/07/obama-cyber-directive-full-text
who are hackers? Nation State backed Hackers
Gohsuke Takama
http://www.theregister.co.uk/2015/04/10/china_great_cannon/http://blog.erratasec.com/2015/04/pin-pointing-chinas-attack-against.html#.VSvS4Rya1wd
who are hackers? it's Complicated
• Technologists: technical curiosity
• Idealists: technical freedom
• Criminals: money
• Hacktivists: ideology
• Nation State: political power
• Patriot Hackers: nationalism
• Hackers for Hire: just business
who are hackers? Motivation
Money
Political Power
Curiosity
Ideology
Dual Use Technology: - designed function- malfunction- legitimate use- criminal use
Criminals
Technologist Hacker
Nation StateIntelligence
ExtremistHacktivist
Patriot HackerHackers for Hire
Idealist Hacker
who are hackers? Hackers for Hire
Gohsuke Takama
http://www.hackingteam.it/https://en.wikipedia.org/wiki/Hacking_Team
who are hackers? Hackers for Hire
Gohsuke Takama
http://www.finfisher.com/FinFisher/en/index.phphttp://wikileaks.org/spyfiles/files/0/289_GAMMA-201110-FinSpy.pdf
Gohsuke Takama
http://internet.gawker.com/investigators-think-this-uk-isis-defector-is-behind-the-1679699893
who are hackers? Patriot Hacker
http://en.wikipedia.org/wiki/TeaMp0isoN
Gohsuke Takama
http://www.washingtonpost.com/world/foreign-fighters-flow-to-syria/2015/01/27/7fa56b70-a631-11e4-a7c2-03d37af98440_graphic.html
who are hackers? Patriot Hacker
how hackers are recognized?
how hackers are recognized? in books
• Hackers: Heroes of the Computer Revolution, 1984
• Cuckoo's Egg, 1989
• Cyberpunk, 1991
• Takedown, 1996
• Crypto, 2001
• Hacker Cracker, 2002
how hackers are recognized? in movies
• WarGames, 1983• Brainstorm, 1983• Sneakers, 1992• Hackers, 1995• Pirates in Silicon Valley, 1999 (TV special)• Takedown, 2000• V for Vendetta, 2005• The Girl with the Dragon Tattoo, 2009, 2011• We are Legion, 2012• Fifth Estate, 2013• Citizenfour, 2014• Mr. Robot, 2015 (TV series)
how hackers are recognized? in movies
Gohsuke Takamahttps://www.youtube.com/watch?v=Ug4fRXGyIak
http://www.hulu.com/mr-robot
what is "hacking"?
what is "hacking"? Bug, Vulnerability, Exploit
• Bug?
• mistakes
• Vulnerability?
• mistakes that have special weakness
• Exploit?
• program codes that exploit vulnerabilities
• Von Neumann machine
https://en.wikipedia.org/wiki/Von_Neumann_architecture
what is "hacking"? Von Neumann machine
https://en.wikipedia.org/wiki/Von_Neumann_architecture
"know your enemy: hacking techniques"
• phishing
• targeted phishing
• trojan (malware)
• spyware
• ransomeware
• key logger
• 0day expoit
• rootkit
• botnet DDoS
• botnet SPAM
• content altering
• website spoofing
• XSS
• XSRF
• code injection
• IP hijacking
• sniffer
• rogue WiFi AP
• shadow IoT
• attacks on SCADA
Targeted Attacks & Phishings Primary Targets1次ターゲット
Spoofed Websites改変/偽装されたウェブサイト
Cyber Espionage, Cyber Criminal Orgサイバースパイ、サイバー犯罪組織
Higher Targets高次ターゲット
Major Corps 基幹企業
Financial Sector 金融機関
Gov / Military 政府/軍事機関
Attacks攻撃
DDoS gets larger
Gohsuke Takama
http://www.techworld.com/news/security/worlds-largest-ddos-attack-reached-400gbps-says-arbor-networks-3595715/http://krebsonsecurity.com/2014/02/the-new-normal-200-400-gbps-ddos-attacks/
malware attacks on SCADA
Gohsuke Takama
http://www.reuters.com/article/us-ukraine-cybersecurity-exclusive-idUSKCN0V51H1http://www.wired.com/2016/01/everything-we-know-about-ukraines-power-plant-hack/
infrastructure attack: SCADA
Supervisory Control And Data Acquisition
infrastructure attack: SCADA "Stuxnet" attack on Iran's nuclear plant
"whom targeted, why"
http://www.hackmageddon.com/category/security/cyber-attacks-timeline/
Money
Power
Curiosity
Ideology
Dual Technology: - designed function- malfunction- legitimate use- criminal use
OrganizedCriminals
Technologist Hacker
Nation StateCommand
ExtremistHacktivist
who are hackers? Motivation
APT
HacktivismTheftFraud
Ransom
InfrastructureDisruption
Lulz
DDoS
Surveillance
4 Content
3 OS/Application
2 Device
1 Physical
5 Operation
6 Custom (Habit)
7 Psychological
Tangibles
Intangibles
Human Factor
cognition
behavior
rules
data
software
"a security layer model "
hardware
environment
"attacks vs. counter measures "
Psychological APT, espionage, phishing, social engineering ?
Customspyware, spoofing,
phishing spam, XSS, XSRF, ID spoof/theft, pharming
accustomed best practice, awareness, CIRT, PKI, digital signature, IDM
Operation DoS, spam, ransomware, sabotage-ware
security policy, audit, routing, filtering, CIRT
Content sniffing, spyware, spam, alteration
encryption, filtering, digital signature, host
IDS, content-scan
OS/ Application
DoS, vuln exploit, 0day, rootkit, botnet
Firewall, network IDS, IPS, anti-virus, OS/app patch
Device direct access, tampering, alteration
perimeter guard, anti- tampering, hard seal
Physical lock pick, break in, vandalism
surveillance, perimeter alarm, armed guard
Attacks Counter Measures
about…
✴ Gohsuke Takama / 高間剛典, Meta Associates http://www.meta-associates.com/✴代表, ITセキュリティ・データプライバシー・コンサルタント
✴ Privacy International, London, UK アドバイザリー役員 http://www.privacyinternational.org/
✴国際プロジェクトコーディネート, 国際調査研究✴ セキュリティ国際会議/セミナーの日本側制作運営: Black Hat Japan, PacSec
✴ 海外専門家招聘によるセキュリティ監査運営 (ネット企業, エネルギーインフラ企業, 等)
✴ 緊急事態シミュレーション・テーブルトップ演習等の企画・実施運営 (電機メーカー等)
✴ 国際調査訪問: DHS, NIST, NERC, EPRI, Stanford Research, Sandia研, Bell研, ISAC Council, John Arquilla(NPS米海軍大学院), Richard Clarke, John Tritak, Paul Kurtz (Good Harbor Consulting)
✴ 調査報告書: 総務省「電子政府・電子自治体のプライバシーに関する調査研究報告書」「住民のプライバシーの保護に関する新しい考え方と電子自治体におけるそのシステム的な担保の仕組みについての研究会報告書」, エネルギーインフラ企業, テレコム企業, 他
✴ 海外セキュリティ企業の日本窓口: Patch Advisor(セキュリティ監査), SecWest (セミナー)
✴ ITセキュリティ, データプライバシーに関する戦略分析・ディレクション(電機メーカー等)
✴ レクチャー: CodeGate2008 (韓国), 日本弁護士連合会人権シンポジウム (2002, 2010), 他✴ セキュリティメディアでの執筆: http://blog.f-secure.jp/ http://scan.netsecurity.ne.jp/
Gohsuke Takama