ise331 snowden attack
play

ISE331: Snowden Attack 1 Ou Outline of f Topics Covered Snowdens - PowerPoint PPT Presentation

Jan 10, 2023 •24 likes •264 views

ISE331: Snowden Attack 1 Ou Outline of f Topics Covered Snowdens background and how he got to the position of being able to leak confidential information from the CIA How Snowden planned and performed the attack The method used

  1. ISE331: Snowden Attack 1

  2. Ou Outline of f Topics Covered ● Snowden’s background and how he got to the position of being able to leak confidential information from the CIA ● How Snowden planned and performed the attack ● The method used to release the confidential information and what happened to Snowden afterwards ● What post-leakage effects were present in the United States and in other parts of the world such as the European Union 2

  3. Wh Who is s Edward Snowden? ● Born June 21st, 1983 ● High school dropout ● Enlisted in the army in 2004. ● In 2005, he Working as a security officer at the University of Maryland’s Center of Advanced Language Study which is sponsored by the NSA 3

  4. Th The t e transition on f from om h high s school ool d drop opou out t to t o the C e CIA ● Snowden despite no formative teaching managed to get a job with the Central Intelligence Agency (CIA) in the department of global communications ● The CIA was impressed with his skills and he was sent to a CIA “secret” school for technology specialists in march of 2007 ● After some rigorous learning he was brought abroad to work in Switzerland to investigate their banking system 4

  5. Sn Snowden’s Ti Time in Switzerland ● During this time Snowden saw first hand what the effects of the war on terrorism in the United States was having abroad ● He considered whistleblowing at this point but held off knowing at this point Obama would be the next president ● Unfortunately, Snowden’s hopes of Obama changing the way intelligence was being gathered never came true 5

  6. Mo Motivations ● Snowden said to the Washington Post “It was more of a slow realization that presidents could openly lie to secure the office and then break public promises without consequence” ● Snowden was also at odds with the CIA in general. During his time in Switzerland he witnessed some terrible things the CIA would do to acquire sources 6

  7. Sn Snowden’s Fir irst NSA Job ob 2010 - Snowden transferred from the CIA to NSA ● ● Technical expert for Dell located in Japan ● Helped Dell of Japan secure their networks ● After Japan, was placed back in Hawaii, again for Dell ● After Hawaii, Snowden was placed in Virginia for a short period ● Snowden had climbed up in the chain of command during this time 7

  8. Th The e Fin inal l Straw ● After many years in security, Snowden wanted to expose the methods that the government was using ● Last government job as an Infrastructure Analyst at Booz Allen Hamilton ● March 12th, 2013, Snowden releases the information ● In response to his release, James Clapper states that the NSA does “not wittingly” collect information on millions of Americans 8

  9. Ac Accessing g th the data ● An original report stated that Snowden asked fellow staff members for their logins as it was “required” for his position ● Later contradicted by General Keith Alexander, stating that Snowden had “fabricated digital keys” to gain access ● A third party security firm, Venafi, determined the most probable method of access 9

  10. Ve Venafi and the Investigation of the Attack ● Not much info released to public ● We do know that: Snowden had a Common Access Card (CAC) ○ Snowden used Secure Shell (SSH) keys in his work as a systems administrator ○ Snowden had access to NSA servers using a thin client or basic terminal ○ ● Cyber security company Venafi wrote article on how Snowden may have breached NSA At least partially revealed correct from declassified documents ○ 10

  11. Ph Phase ses s of the Intrusio sion Kill Kill Chain in 11

  12. Re Reconnaissance ● Snowden used methods of access provided by NSA to find out what information was being stored and where ● Snowden used social engineering to persuade some of his colleagues to give up their credentials Systems Admin ○ Keylogger ○ 12

  13. In Infiltration ● Snowden got access to and made his own fabricated administrative SSH keys to gain access to information ● NSA completely failed at keeping their systems secure and monitoring for this type of activity ○ Time difference Too many privileged access users (least privilege) ○ ○ Access to both NSAnet and British GCWiki ● Several week venture of downloading data while keeping appearances 13

  14. Ex Exfilt iltratio ion ● NSA failed to make use of Insider Threat Management software ● Snowden used Command and Control servers to encrypt his data transfer sessions to other networks which kept the transfer hidden from the NSA ● Had plausible excuse for having flash drives and such ● Snowden also altered system log files to camouflage his actions 14

  15. In Information Ob Obtained ● Snowden found out about hundreds of secret NSA activities and agendas ● Major leaks include: NSA collected telephone records of millions of Verizon customers ○ NSA Prism program accessed and collected data through back doors into Google and ○ Facebook NSA EvilOlive program collected and stored large quantities of Americans' internet ○ metadata NSA scoops up personal data mined from smartphone apps such as Angry Birds ○ NSA strategy document revealed the agency's goal to acquire data from "anyone, ○ anytime, anywhere" 15

  16. In Information Obtained Continued US government spies on at least 38 foreign embassies and missions ● NSA siphons billions of foreign cell phone location records into its database ● NSA infected more than 50,000 computer networks worldwide with malware designed to ● steal sensitive information ● Working with Canadian intelligence, NSA spied on foreign diplomats at G8 and G20 summits in Toronto in 2010 Widespread spying revealed in Italy, NSA spied on Italian citizens including diplomats and ● political leaders 16

  17. Ho How was the information released to the public? ● Made contact with Guardian journalist Glenn Greenwald in 2012, promising unprecedented scoop ● Greenwald dismissed him at first, Snowden then contacts documentary filmmaker Laura Poitras who brings the three together ● Within months of their meeting, documents were published by popular media outlets worldwide The Guardian (Britain), ○ Der Spiegel (Germany), ○ The Washington Post, The New York Times (U.S.) ○ ● Communicated with journalists through encrypted email and using the persona “Verax” Verax in Latin stands for “truth teller” ○ 17

  18. Esc Escape and Seekin ing Asylu lum A few weeks before the first leaked ● documents were published, Snowden took a leave of absence from the NSA and flew to Hong Kong Snowden then boarded a flight to Moscow, was not stopped by Hong Kong ● authorities Several countries offered Snowden asylum, could not get out of Moscow ● Snowden granted temporary asylum in Russia ● Snowden's asylum, which expired in 2017, was extended until 2020 ● 18

  19. Pu Public Opinion ● Terms used to describe Snowden: hero, whistleblower, dissident, patriot, traitor ● Huffington Post poll shows: 38% Support Snowden ○ 33% Disapprove of Snowden ○ 29 % Unsure ○ ● Differing opinion on Snowden seems to be most significant when looking at younger and older generations ● Sparked global debate on privacy and consent by bringing the US’s illegal mass surveillance to light ● Leaks led to distrust of the United States by not only Americans but by other targeted nations 19

  20. Re Resulting Lawsuits ● The Electronic Frontier Foundation filed a formal lawsuit based on information from leaks ● Ongoing case known as Jewel vs. NSA ● ACLU (American Civil Liberties Union) filed lawsuit against James Clapper, Director of National Intelligence Alleged NSA’s phone record program was unconstitutional ○ Ruled that NSA’s phone recordings were legal ○ 20

  21. Wh What have been the long term rm effects? s? ● Americans became more critical of government and stopped being as compliant ● Escalated tensions between users and private tech companies Google, Facebook, YouTube, Apple, Microsoft, etc. ○ ● People support NSA surveillance 50/50 say it is acceptable in certain circumstances or unacceptable in all ○ circumstances ● Section 215 of Patriot Act also brought into question 21

  22. Sou Sources https://www.wired.com/2014/08/edward-snowden/ https://www.washingtonpost.com/world/national-security/investigators-looking-at-how-snowden-gained-access-at- nsa/2013/06/10/83b4841a-d209-11e2-8cbe-1bcbee06f8f8_story.html?noredirect=on&utm_term=.5777c3eab301 https://abcnews.go.com/US/americas-top-spy-james-clapper-made-mistake-lie/story?id=37003608 https://www.darkreading.com/attacks-breaches/how-did-snowden-do-it/d/d-id/1140877 https://www.venafi.com/blog/deciphering-how-edward-snowden-breached-the-nsa http://investigations.nbcnews.com/_news/2013/08/26/20197183-how-snowden-did-it https://www.venafi.com/blog/venafi-analysis-of-snowden-nsa-breach-confirmed-2-years-later https://www.nytimes.com/2017/06/16/us/politics/nsa-data-edward-snowden.html https://www.businessinsider.com/snowden-leaks-timeline-2016-9 https://www.huffpost.com/entry/edward-snowden-poll_n_3542931 22

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Philip Snowden: more Methodism than Marxism Philip Snowden was a leading figure in the

Philip Snowden: more Methodism than Marxism Philip Snowden was a leading figure in the

Philip Snowden: more Methodism than Marxism Philip Snowden was a leading figure in the ILP, that is, in the dominant soft left of the emerging labour representation movement and then of the Labour Party, alongside Keir Hardie

201 views • 4 slides
Countering Cryptographic Subversion Post-Snowden Cryptography Workshop Brussels 8/12/2015 Kenny

Countering Cryptographic Subversion Post-Snowden Cryptography Workshop Brussels 8/12/2015 Kenny

Countering Cryptographic Subversion Post-Snowden Cryptography Workshop Brussels 8/12/2015 Kenny Paterson Information Security Group @kennyog ; www.isg.rhul.ac.uk/~kp The post-Snowden adversary Since the Snowden revelations beginning in

481 views • 27 slides
CSE392/ISE331 Web Security Goals & Workings of the Web Nick Nikiforakis

CSE392/ISE331 Web Security Goals & Workings of the Web Nick Nikiforakis

CSE392/ISE331 Web Security Goals & Workings of the Web Nick Nikiforakis nick@cs.stonybrook.edu Goals of Web Security Safely browse the Web A malicious website cannot steal information from or modify legitimate sites or otherwise

1.27k views • 53 slides
CSE392/ISE331 Attacks against the client-side of web applications Nick Nikiforakis

CSE392/ISE331 Attacks against the client-side of web applications Nick Nikiforakis

CSE392/ISE331 Attacks against the client-side of web applications Nick Nikiforakis nick@cs.stonybrook.edu Despite the same origin policy Many things can go wrong at the client-side of a web application Popular attacks Cross-site

266 views • 15 slides
Post-Snowden Elliptic Curve Cryptography Patrick Longa Microsoft Research Joppe Bos NXP

Post-Snowden Elliptic Curve Cryptography Patrick Longa Microsoft Research Joppe Bos NXP

Post-Snowden Elliptic Curve Cryptography Patrick Longa Microsoft Research Joppe Bos NXP Semiconductors Craig Costello Microsoft Research Michael Naehrig Microsoft Research June 2013 the Snowden leaks the NSA had written the

671 views • 13 slides
Attack on Traffic Systems These attack examples have happened in the past. We will take an

Attack on Traffic Systems These attack examples have happened in the past. We will take an

From start to finish how a cyber attack would be performed on traffic system, we will go over first day >> exploitation of the device >> the real-world aftermath. Mission Secure, Inc. Attack on Traffic Systems These attack examples

556 views • 18 slides
1 PART ONE: THE NSA / SNOWDEN REVELATIONS Who is the

1 PART ONE: THE NSA / SNOWDEN REVELATIONS Who is the

1 PART ONE: THE NSA / SNOWDEN REVELATIONS Who is the Internet? Who is the Internet? 2.5 billion Internet connected North America and Europe >

585 views • 56 slides
Lessons from the Snowden Affair @haroonmeer September 2014 What this talk is not IT

Lessons from the Snowden Affair @haroonmeer September 2014 What this talk is not IT

Lessons from the Snowden Affair @haroonmeer September 2014 What this talk is not IT DOESNT MATTER BUGSY CRISSCROSS A-PLUS GUMFISH LFS-2 BULLRUN DYNAMO CROSSBEAM ACRIDMINI GURKHASSWORD LHR BULLSEYE EBSR CROSSEYEDSLOTH

1.58k views • 73 slides
Unlimited Artistic Director & Choreographer Mark Smith The Dancers Anthony Snowden Daniel

Unlimited Artistic Director & Choreographer Mark Smith The Dancers Anthony Snowden Daniel

Unlimited Artistic Director & Choreographer Mark Smith The Dancers Anthony Snowden Daniel Stanbury Denny Haywood Kevin Jewell Joseph Fletcher DMD Deaf Men Dancing are developing something innovative and exciting in their work Dan

462 views • 16 slides
Towards A Clean Slate Digital Sovereignty in the Post Snowden Era Alexander von Gernler

Towards A Clean Slate Digital Sovereignty in the Post Snowden Era Alexander von Gernler

Towards A Clean Slate Digital Sovereignty in the Post Snowden Era Alexander von Gernler <gernler@genua.de> Munich Internet Research Retreat Raitenhaslach, November 24/25, 2016 Personal Digital Sovereignty Disclaimer The views presented

258 views • 12 slides
Blaise 5 in a Production Environment Authors: Paul Segal, Mangal Subramanian, Ray Snowden,

Blaise 5 in a Production Environment Authors: Paul Segal, Mangal Subramanian, Ray Snowden,

Blaise 5 in a Production Environment Authors: Paul Segal, Mangal Subramanian, Ray Snowden, Richard Frey, Mike Florcyzk Presentation Overview Blaise 5 Server and Client Options. Blaise 5 API Use Case. Stress Testing Blaise 5

442 views • 16 slides
Towards a Fully Encrypted Internet CS244 | Zakir Durumeric 2013 Snowden Revelations Explicit

Towards a Fully Encrypted Internet CS244 | Zakir Durumeric 2013 Snowden Revelations Explicit

Towards a Fully Encrypted Internet CS244 | Zakir Durumeric 2013 Snowden Revelations Explicit evidence that intelligence agencies are globally wiretapping Internet backbone connections Massive collection of web tra ffi c, emails, instant

512 views • 50 slides
ATTACK: Learning the Distributions of Adversarial Examples for an Improved Black-Box Attack on

ATTACK: Learning the Distributions of Adversarial Examples for an Improved Black-Box Attack on

ATTACK: Learning the Distributions of Adversarial Examples for an Improved Black-Box Attack on Deep Neural Networks Yandong Li* 1 Lijun Li* 1 Liqiang Wang 1 Tong Zhang 2 Boqing Gong 3 *Equal Contribution 1 University of Central Florida 2 Hong

440 views • 11 slides
Detecting a Biological Attack The attack will not be obvious; it may take hours or days to know.

Detecting a Biological Attack The attack will not be obvious; it may take hours or days to know.

Detecting a Biological Attack The attack will not be obvious; it may take hours or days to know. Current biological diagnostics are very effective at identifying agents, but theyre slow. We already have an infrastruc- ture in place to

233 views • 8 slides
PRICE OF PRIVACY IN THE CLOUD, OR THE ECONOMIC CONSEQUENCES OF MR SNOWDEN PROFESSOR SIMON

PRICE OF PRIVACY IN THE CLOUD, OR THE ECONOMIC CONSEQUENCES OF MR SNOWDEN PROFESSOR SIMON

[click to select this box and delete] Title slide option 1 Choose one title slide and delete the others. PRICE OF PRIVACY IN THE CLOUD, OR THE ECONOMIC CONSEQUENCES OF MR SNOWDEN PROFESSOR SIMON WILKIE 18 OCTOBER 2019 LEAD IN HEADING

617 views • 36 slides
ss 8 Class Cl CSC 495/583 Topics of Software Security PLT, GOT & Return-to-plt Attack

ss 8 Class Cl CSC 495/583 Topics of Software Security PLT, GOT & Return-to-plt Attack

ss 8 Class Cl CSC 495/583 Topics of Software Security PLT, GOT & Return-to-plt Attack & GOT Overwrite Attack Dr. Si Chen (schen@wcupa.edu) Review Page 2 ret2libc Attack Page 3 libc C standard library Provides

662 views • 36 slides
Resist and Keep Safe Online: From Digital Harassment to Harm Reduction Hosted by: Progressive

Resist and Keep Safe Online: From Digital Harassment to Harm Reduction Hosted by: Progressive

Resist and Keep Safe Online: From Digital Harassment to Harm Reduction Hosted by: Progressive Technology Project & May First / People Link How to Ask a Question Please hold all questions until after presentations are done. Click Here Type

663 views • 38 slides
Tor By: Michael C. Robinson What is Tor? A web anonymizer. Started by the U.S. Navy.

Tor By: Michael C. Robinson What is Tor? A web anonymizer. Started by the U.S. Navy.

Tor By: Michael C. Robinson What is Tor? A web anonymizer. Started by the U.S. Navy. Open source and free software. From http://www.torproject.org From http://www.torproject.org From http://www.torproject.org The Chinese Firewall

698 views • 13 slides
Building an Electronic Clinical Data Infrastructure to Improve Patient Outcomes July 2, 2012

Building an Electronic Clinical Data Infrastructure to Improve Patient Outcomes July 2, 2012

Building an Electronic Clinical Data Infrastructure to Improve Patient Outcomes July 2, 2012 PCORI Methodology Committee - Electronic Data Workshop Erin Holve, PhD, MPH, MPP The EDM Forum is supported by the Agency for Healthcare

619 views • 17 slides
IMPROVING FELONY CASEFLOW National Center for State Courts Judicial Branch of Arizona in

IMPROVING FELONY CASEFLOW National Center for State Courts Judicial Branch of Arizona in

IMPROVING FELONY CASEFLOW National Center for State Courts Judicial Branch of Arizona in Maricopa County National Association for Presiding Judges and Court Executive Officers December 4, 2018 Phoenix, Arizona Making the Pretrial Process

642 views • 42 slides
Gregory W. Wornell Dept. Electrical Engineering and Computer Science Massachusetts Institute of

Gregory W. Wornell Dept. Electrical Engineering and Computer Science Massachusetts Institute of

Gregory W. Wornell Dept. Electrical Engineering and Computer Science Massachusetts Institute of Technology June 16, 2010 WITHITS Session International Symposium on Information Theory How can radio-control of torpedoes be made jam-resistant?

432 views • 11 slides
Freenet Project: Leap over Censorship The technical part of the solution for freedom of the press

Freenet Project: Leap over Censorship The technical part of the solution for freedom of the press

Freenet Project: Leap over Censorship The technical part of the solution for freedom of the press in the internet Arne Babenhauserheide | 25. September 2014 www.freenetproject.org Freenet Project Outline Why? 1 About 2 3 Applications

701 views • 56 slides
Tor and (un)provable privacy Roger Dingledine The Tor Project https://torproject.org/ 1

Tor and (un)provable privacy Roger Dingledine The Tor Project https://torproject.org/ 1

Tor and (un)provable privacy Roger Dingledine The Tor Project https://torproject.org/ 1 Today's plan 0) Crash course on Tor 1) Anonymity attacks 2) Blocking-resistance 2 What is Tor? Online anonymity 1) open source software, 2)

663 views • 52 slides
Applied Information Theory Daniel Bosk Department of Information and Communication Systems, Mid

Applied Information Theory Daniel Bosk Department of Information and Communication Systems, Mid

Introduction Shannon entropy Applications References Applied Information Theory Daniel Bosk Department of Information and Communication Systems, Mid Sweden University, Sundsvall. 14th March 2019 1 Introduction Shannon entropy

775 views • 59 slides

More recommend