Cyber Primer

Recommendations

Info

Integrating cyber operations Annex 4A – Case studies Case study 1 – State versus state offensive cyber operations These attacks have been used as part of covert operations to influence or undermine the political will of a third party to change their policies. Turkey Azerbaijan Turkmenistan Ashgabat Tajikistan Dushanbe Syria Iraq Baghdad Tehran Natanz Iran Kabul Afghanistan Saudi Arabia Riyadh Kuwait Kuwait Bahrain Qatar Doha Pakistan Alleged use of cyber to influence national policies ‘I can’t help but think that some watershed has been passed, that Stuxnet of September 2010 will be remembered rather in the way we do the aerial bombings of civilian centres by Zeppelin airships – not as particularly strategically significant at the time but as a harbinger of what is still to come.’ Dr David Betz, Kings of War, 28 September 2010 Centrifuge control room Aerial bombings of civilian centres by Zeppelin airship 76 Cyber Primer (2nd Edition)
Integrating cyber operations Cyber weapon used to realise physical effects Who What How Against whom Why When Unknown. Intelligence collection, denial of service attack against Siemens SCADA (supervisory control and data acquisition) systems – Flame, Stuxnet and others. Media reports that W32 Stuxnet is a highly sophisticated worm designed to exploit vulnerabilities in the Siemens WinCC SCADA systems. It was probably manually inserted in the original target local area network. It used zero day exploitation scripts and genuine Internet security certificates to avoid detection and only attacked specified Iranian targets. Iranian centrifuges at the Natanz uranium refinery plant. Several additional networks were also unintentionally infected. Reportedly an effort to delay Iranian production of nuclear weapons. An original version of what became Stuxnet appeared on 20 November 2008, but the most sophisticated version used against Iran was first detected on 17 July 2010. Impact Media reports that approximately 100,000 hosts were infected globally (although most of these infections caused no damage) and that approximately 984 centrifuges were damaged at Natanz. Media also reports that Iran established the Cyber Passive Defence Organisation and developed a cyber defence programme, as a direct result of Stuxnet. Allegedly, Iranian hacktivists retaliated by attacking the United States banking structure and other targets. More information Symantec technical report is at: http://www.symantec.com/content/en/us/ enterprise/media/security_response/whitepapers/w32_stuxnet_dossier.pdf Cyber Primer (2nd Edition) 77
Page 1 and 2:
Cyber Primer Second Edition Develop
Page 3 and 4:
Cyber Primer The Cyber Primer (2nd
Page 5 and 6:
Preface ‘The Government will ensu
Page 7 and 8:
Contents Preface . . . . . . . . .
Page 9 and 10:
“In the information age almost al
Page 11 and 12:
Fundamentals of cyber Chapter 1 - F
Page 13 and 14:
Fundamentals of cyber • are ready
Page 15 and 16:
Fundamentals of cyber cyber and cyb
Page 17 and 18:
Fundamentals of cyber • details o
Page 19 and 20:
Mainstreaming, competencies, unders
Page 21 and 22:
Fundamentals of cyber 1.27. Cyber b
Page 23 and 24:
1A.5. Armed attack. Armed attack is
Page 25 and 26:
Fundamentals of cyber Notes Cyber P
Page 27 and 28:
“In the “We information reserve
Page 29 and 30:
Cyber threats Chapter 2 - Cyber thr
Page 31 and 32:
Cyber threats 2.5. Cyber attacks ca
Page 33 and 34: Cyber threats 2.9. Terrorists. Terr
Page 35 and 36: Cyber threats b. Payload. Payload i
Page 37 and 38: Cyber threats The process of attrib
Page 39 and 40: Phishing Spear phishing Whaling Fak
Page 41 and 42: Cyber threats Malware types Viruses
Page 43 and 44: Cyber threats and/or securely. Such
Page 45 and 46: How Against whom Why Theft of perso
Page 47 and 48: Cyber threats Using Twitter to mani
Page 49 and 50: Cyber threats Cyber attacks against
Page 51 and 52: Cyber threats State use of cyber op
Page 53 and 54: Cyber threats Case study 6 - The im
Page 55 and 56: Cyber threats Impact of malware on
Page 57 and 58: Cyber threats Social engineering ag
Page 59 and 60: “In the information age almost al
Page 61 and 62: Chapter 3 - Cyber functions Cyber f
Page 63 and 64: Cyber functions levels, they protec
Page 65 and 66: Cyber functions • command and con
Page 67 and 68: Cyber functions 3.16. Indicators an
Page 69 and 70: Cyber functions Maritime Land Air a
Page 71 and 72: Cyber functions 3.27. Electromagnet
Page 73 and 74: “In the information “It is impo
Page 75 and 76: Integrating cyber operations Chapte
Page 77 and 78: Integrating cyber operations Cyber
Page 79 and 80: Integrating cyber operations archit
Page 81 and 82: Integrating cyber operations physic
Page 83: Integrating cyber operations NATO a
Page 87 and 88: Integrating cyber operations Israel
Page 89 and 90: Integrating cyber operations Cyber
Page 91 and 92: Lexicon Lexicon Part 1 - Acronyms a
Page 93 and 94: Part 2 - Additional terms and defin
Page 95 and 96: Lexicon information operations Info
Page 97 and 98: Lexicon TEMPEST TEMPEST refers to t
Page 99 and 100: Lexicon Cyber Security Information
show all

Cyber Primer

Create successful ePaper yourself

Delete template?

Save as template?