Documente Academic
Documente Profesional
Documente Cultură
The US information infrastructureincluding telecommunications and computer networks and systems, and the data that reside on them is critical to virtually every aspect of modern life. Therefore, threats to our IT infrastructure are an important focus of the Intelligence Community. As government, private sector, and personal activities continue to move to networked operations, as our digital systems add ever more capabilities, as wireless systems become even more ubiquitous, and as the design, manufacture, and service of information technology has moved overseas, our vulnerabilities will continue to grow. J. Michael McConnell Director of National Intelligence Testimony to the Senate Armed Services Committee, Feb 08
Overview
The
Rise of Cloud Computing The (Continued) Rise of Internet Threats How Security Will Evolve in the Cloud The Differences with Cyber Intel and IT Security Roles of Cyber Intelligence Network Analysis and Data Sharing Future of Cyber Intelligence
Computing means Internet (Cloud) based development and use of computer technology It is a style of computing where IT-related capabilities are provided as a service
Users to access technology-enabled services "in the cloud Often with no knowledge of, expertise with, or control over the technology infrastructure that supports them.
September 11 Internet Inaccessibility[3] Estonian DDoS Attacks[4] DNS Attacks[5] Georgian Attacks from Russia[6]
General
Bottom
line things that impact you and your business dont end at your gateway anymore
used to be just dumb pipes Now, providers push security into the cloud for their customers[7]
Intelligence is:
Understanding global architectures and associated threats Determining how those threats and vulnerabilities can impact a business, a government, or a military organization Assessing risks, courses of action, and other factors which are dependent on the global network Correlating global events with business risks
Cyber
Administration of rewalls, IDS/IPS, etc. Patching and system hardening SEM or SIM Analysis
Operations
Offensive and defensive cyber operations Intelligence, Surveillance, and Reconnaissance of cyberspace
Government
Protection of critical infrastructure Continuity of government planning Trusted Internet Connection and similar initiatives Intelligence Optimization
Private
Sector
Protection of business interests, critical information Partnerships with other government to share data to reduce risks
some global data is unavailable to private sector (as well as government) organizations Movement in government and private sectors to share data
FS-ISAC, MS-ISAC creating initiatives Federal agencies organizing signicant data sharing capabilities as directed by the President
updated, fused, and meaningful global architecture and threat data Shared data between those with similar interests (defense, information operations, etc.) Intelligence services provided by service providers Tools for analyzing and visualizing huge and disparate network data sets in development
References
[1] Richards, Jonathan Thousands of cyber attacks each day on key utilities London Times, 23 Aug 08 ( http://www.timesonline.co.uk/tol/news/uk/crime/article4592677.ece) [2] Brodkin, Jon, Government-sponsored cyberattacks on the rise, McAfee says NetworkWorld, 29 Nov 07 ( http://www.networkworld.com/news/2007/112907-governmentcyberattacks.html) [3] Verton, Dan, Digital Destruction Was Worst Imaginable Computerworld Security, Mar 4, 2002 ( http://www.computerworld.com/managementtopics/management/ recovery/story/0,10801,68762,00.html ) [4] Anderson, Nate, Massive DDoS attacks target Estonia; Russia accused ARS Technica, May 14 2007 ( http://arstechnica.com/news.ars/post/20070514-massive-ddos-attackstarget-estonia-russia-accused.html)
References (Contd)
[5] McMillan, Robert Hackers Slow Internet Root Servers with Attack PC World, Feb 6, 2007 ( http://www.pcworld.com/article/128806/ hackers_slow_internet_root_servers_with_attack.html) [6] Hruska, Joel. Georgia cyberattacks lead to questions about risk to US ARS Technica, 18 August 2008. ( http://arstechnica.com/news.ars/post/20080818-georgiacyberattacks-lead-to-questions-about-risk-to-us.html) [7] Jackson, Joab Ed Amoroso | The big picture of network security Government Computing News, July 7 2008 ( http://www.gcn.com/print/27_16/46577-1.html