on cyber peace
play

On Cyber-Peace Towards an International Strategy of Cyber-Security - PowerPoint PPT Presentation

Jan 21, 2023 •258 likes •539 views

On Cyber-Peace Towards an International Strategy of Cyber-Security Stefan Schumacher Magdeburger Institut f ur Sicherheitsforschung DeepSec In Depth Security Conference Stefan Schumacher (MIS) On Cyber-Peace DeepSec 1 / 19 Uber Mich

  1. On Cyber-Peace Towards an International Strategy of Cyber-Security Stefan Schumacher Magdeburger Institut f¨ ur Sicherheitsforschung DeepSec In Depth Security Conference Stefan Schumacher (MIS) On Cyber-Peace DeepSec 1 / 19

  2. ¨ Uber Mich NetBSD-Developer, Hacker for almost 20 years consultant for IT-Security with focus on Social Engineering, Security Awareness and Counter Intelligence ( www.Kaishakunin.com ) Co-Founder and Managing Director of Magdeburger Institut f¨ ur Sicherheitsforschung www.sicherheitsforschung-magdeburg.de Co-Editor of Magdeburger Journal zur Sicherheitsforschung studied educational science and psychology Stefan Schumacher (MIS) On Cyber-Peace DeepSec 2 / 19

  3. Danger I am not going to present a plan or algorithm to make ≫ the internet ≪ secure, but just some thoughts on IT security from a more global point of view. strategic level, according to Carl von Clausewitz Stefan Schumacher (MIS) On Cyber-Peace DeepSec 3 / 19

  4. On Cyber War DeepSec 2010: Cyberwar on the Horizon? Cybercrime/-war hype in the media on cyber (in-)security and cyber war good: awareness on security is on a high level (at least for some) bad: not anyone involved in the discussion knows what he’s talking about ugly: some journalists, politicians, lobbyist groups (DRM etc.) Stefan Schumacher (MIS) On Cyber-Peace DeepSec 4 / 19

  5. Current Development in IT-Security IT is emerging to many new fields IT security is also emerging to new fields but many are not aware of IT security problems Electrical and Mechanical Engineers have a complete different concept of security static rules published by the organization for standardization (DIN) Stefan Schumacher (MIS) On Cyber-Peace DeepSec 5 / 19

  6. Current Development in IT-Security IT is emerging to many new fields IT security is also emerging to new fields but many are not aware of IT security problems Electrical and Mechanical Engineers have a complete different concept of security static rules published by the organization for standardization (DIN) Stefan Schumacher (MIS) On Cyber-Peace DeepSec 5 / 19

  7. the pestilence of modern days ... Networking/Internet is emerging to new fields IPv6 enables each coffee maker and fridge to be online smart living roles out more and more IT use your smart phone to control your heating at home and instruct your fridge to order more beer online ... once again: it security is expensive and not that sexy, so it is (mostly) ignored Cassandra is calling ... Stefan Schumacher (MIS) On Cyber-Peace DeepSec 6 / 19

  8. the pestilence of modern days ... Networking/Internet is emerging to new fields IPv6 enables each coffee maker and fridge to be online smart living roles out more and more IT use your smart phone to control your heating at home and instruct your fridge to order more beer online ... once again: it security is expensive and not that sexy, so it is (mostly) ignored Cassandra is calling ... Stefan Schumacher (MIS) On Cyber-Peace DeepSec 6 / 19

  9. Stuxnet attacked Programmable Logic Controllers (PLC) on Industrial Control Systems included the first (created | known) PLC rootkit Industrial Control Systems are mainly developed/operated by Electrical Engineers � different concept of ≫ security ≪ further malicious software might attack other PLCs/ICSs a car has been hacked by a manipulated MP3 CD Stefan Schumacher (MIS) On Cyber-Peace DeepSec 7 / 19

  10. Attacks - the complete picture Stefan Schumacher (MIS) On Cyber-Peace DeepSec 8 / 19

  11. Zombies, Botnets and dDoS botnets containing of thousands or even millions of zombies used by eg. cyber crime groups to extort companies like banks botnets are usually created by automated scanning of large nets and automated exploiting of detected vulnerabilities most exploits are already known and patches are available - but not installed many average users are still not aware of it security if they are aware, they are lacking skills to secure/harden their systems according to Microsoft, ca. 40% of exploits use vulnerabilities, where security patches have been available for more than 12 month Stefan Schumacher (MIS) On Cyber-Peace DeepSec 9 / 19

  12. Zombies, Botnets and dDoS botnets containing of thousands or even millions of zombies used by eg. cyber crime groups to extort companies like banks botnets are usually created by automated scanning of large nets and automated exploiting of detected vulnerabilities most exploits are already known and patches are available - but not installed many average users are still not aware of it security if they are aware, they are lacking skills to secure/harden their systems according to Microsoft, ca. 40% of exploits use vulnerabilities, where security patches have been available for more than 12 month Stefan Schumacher (MIS) On Cyber-Peace DeepSec 9 / 19

  13. The Future of Social Engineering a technique to circumvent security mechanisms by misusing human behavior ≫ Hacking People ≪ misuse of fundamental human psychology Why should I crack /etc/master.passwd , if I can talk a user into revealing his password? Stefan Schumacher (MIS) On Cyber-Peace DeepSec 10 / 19

  14. The Future of Social Engineering a technique to circumvent security mechanisms by misusing human behavior ≫ Hacking People ≪ misuse of fundamental human psychology Why should I crack /etc/master.passwd , if I can talk a user into revealing his password? automatic social engineering enhanced spear phishing to collect passwords or install malware (trojans etc.) Stefan Schumacher (MIS) On Cyber-Peace DeepSec 10 / 19

  15. The Future of Social Engineering a technique to circumvent security mechanisms by misusing human behavior ≫ Hacking People ≪ misuse of fundamental human psychology Why should I crack /etc/master.passwd , if I can talk a user into revealing his password? automatic social engineering enhanced spear phishing to collect passwords or install malware (trojans etc.) Stefan Schumacher (MIS) On Cyber-Peace DeepSec 10 / 19

  16. IT security is multi factorial IT security is not just a technological problem technological dimension – psychological dimension – social dimension – political dimension – legal dimension IT security has to extend its limitations to technology cooperation with psychology, social science, educational science, didactics, adult education, law, politics Stefan Schumacher (MIS) On Cyber-Peace DeepSec 11 / 19

  17. the human factors ... human factors research - a branch of (industrial/engineering) psychology man machine interaction, cognitive load of cockpits, electronic assistants in cars security awareness and capacity building How do I motivate people to get interested in IT security? (huge problem) How do I train and educate people in IT security matters? (install patches etc.) Want to prevent Social Engineering? � social problem � social solution � psychology So there is a lot to do, let’s get it on :-) Stefan Schumacher (MIS) On Cyber-Peace DeepSec 12 / 19

  18. the human factors ... human factors research - a branch of (industrial/engineering) psychology man machine interaction, cognitive load of cockpits, electronic assistants in cars security awareness and capacity building How do I motivate people to get interested in IT security? (huge problem) How do I train and educate people in IT security matters? (install patches etc.) Want to prevent Social Engineering? � social problem � social solution � psychology So there is a lot to do, let’s get it on :-) Stefan Schumacher (MIS) On Cyber-Peace DeepSec 12 / 19

  19. Manufacturers of Software have to deal with security problems develop and roll out patches etc. get in contact with security researchers, (white hat) hackers be aware of security matters Stefan Schumacher (MIS) On Cyber-Peace DeepSec 13 / 19

  20. Politics and Law limited to Germany product liability by the manufacturer user liability by the user users in Germany are normally not responsible/liable for the technical security of their Computers but they are responsible/liable for the security of eg. their car this should be changed the manufacturer of software should also be responsible and liable for their products Stefan Schumacher (MIS) On Cyber-Peace DeepSec 14 / 19

  21. Politics security policy is an essence of every government (police, firefighters, hospitals, armed forces ...) the internet is being discussed by politicians (mostly in a very strange way) talk to them, educate them, don’t vote for them, found a political party ;-) if the manufacturers of software don’t care about security, the government could force them ... Stefan Schumacher (MIS) On Cyber-Peace DeepSec 15 / 19

  22. nations unite ... governments and countries should cooperate in fighting cyber crime get aware of cyber crime exchange knowledge and technology shut down cyber crime gangs Stefan Schumacher (MIS) On Cyber-Peace DeepSec 16 / 19

  23. solving solvable problems some ideas according to Microsoft, ca. 40% of exploits use vulnerabilities, where security patches have been available for more than 12 month Microsoft evolved and implemented a cyber security strategy (good) the users did not evolve (bad) Psychology: Awareness, Training, Education Politics: make users liable for security problems Media: Awarenes, cover the topic (in a serious way!) Social Science: Knowledge Management in Organizations Stefan Schumacher (MIS) On Cyber-Peace DeepSec 17 / 19

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

I like to start off these talks by asking the audience: What does peace mean to you? Peace

I like to start off these talks by asking the audience: What does peace mean to you? Peace

I like to start off these talks by asking the audience: What does peace mean to you? Peace is a concept that defies a simple definition. I am willing to guess that thousands of ideas about peace just surfaced in our heads. . This is the

667 views • 33 slides
PEACE OF MIND PEACE OF MIND Peace of Mind is a is a nine-month therapeutic intervention in

PEACE OF MIND PEACE OF MIND Peace of Mind is a is a nine-month therapeutic intervention in

PEACE OF MIND PEACE OF MIND Peace of Mind is a is a nine-month therapeutic intervention in which Metiv therapists provide a space and time for IDF veterans to process their combat experiences in a supportive environment, including a week

193 views • 15 slides
(Peace and Blessings be upon Them all) 03/02/19 Sayyiduna Lut (Peace be upon Him)

(Peace and Blessings be upon Them all) 03/02/19 Sayyiduna Lut (Peace be upon Him)

#SundayGathering with Shaykh Omar Khan A glimpse from the lives of the Prophets of Allah (Peace and Blessings be upon Them all) 03/02/19 Sayyiduna Lut (Peace be upon Him) www.SundayGathering.co.uk /AlMuhammadiyya | www.Al-Muhammadiyya.com

434 views • 14 slides
Module 1: Womens Visions of Peace A Part of the Women Making Airwaves for Peace: A Workshop

Module 1: Womens Visions of Peace A Part of the Women Making Airwaves for Peace: A Workshop

Module 1: Womens Visions of Peace A Part of the Women Making Airwaves for Peace: A Workshop on Engendered Peace Journalism Duration : T wo hours Introduction: Peace does not have a singular definition, because it does have many facets,

56 views • 4 slides
Gang Peace to Street Peace Rev . Rodney E. Dailey, Founder of these 2 programs & Author of

Gang Peace to Street Peace Rev . Rodney E. Dailey, Founder of these 2 programs & Author of

Gang Peace to Street Peace Rev . Rodney E. Dailey, Founder of these 2 programs & Author of Gang Peace to Street Peace The Untold Story 1 CONFIDENTIAL: NO PART OF THIS DOCUMENT MAY BE REPRODUCED, TRANSMITTED, TRANSCRIBED, STORED IN A

242 views • 20 slides
Know Jesus, know peace. No Jesus, no peace. Luke 2:13-14 Suddenly a great company of the

Know Jesus, know peace. No Jesus, no peace. Luke 2:13-14 Suddenly a great company of the

Know Jesus, know peace. No Jesus, no peace. Luke 2:13-14 Suddenly a great company of the heavenly host appeared with the angel, praising God & saying, Glory to God in the highest heaven, and on earth peace to those on whom his favor

623 views • 24 slides
(Peace and Blessings be upon Them all) 24/02/19 Sayyiduna Yunus (Peace be upon Him)

(Peace and Blessings be upon Them all) 24/02/19 Sayyiduna Yunus (Peace be upon Him)

#SundayGathering with Shaykh Omar Khan A glimpse from the lives of the Prophets of Allah (Peace and Blessings be upon Them all) 24/02/19 Sayyiduna Yunus (Peace be upon Him) www.SundayGathering.co.uk /AlMuhammadiyya | www.Al-Muhammadiyya.com

347 views • 16 slides
(Peace and Blessings be upon Them all) 17/02/19 Sayyiduna Ayyub (Peace be upon Him)

(Peace and Blessings be upon Them all) 17/02/19 Sayyiduna Ayyub (Peace be upon Him)

#SundayGathering with Shaykh Omar Khan A glimpse from the lives of the Prophets of Allah (Peace and Blessings be upon Them all) 17/02/19 Sayyiduna Ayyub (Peace be upon Him) www.SundayGathering.co.uk /AlMuhammadiyya | www.Al-Muhammadiyya.com

318 views • 14 slides
(Peace and Blessings be upon Them all) 13/01/19 Sayyiduna Adam (Peace be upon Him)

(Peace and Blessings be upon Them all) 13/01/19 Sayyiduna Adam (Peace be upon Him)

#SundayGathering with Shaykh Omar Khan A glimpse from the lives of the Prophets of Allah (Peace and Blessings be upon Them all) 13/01/19 Sayyiduna Adam (Peace be upon Him) www.SundayGathering.co.uk /AlMuhammadiyya | www.Al-Muhammadiyya.com

438 views • 28 slides
GLOBAL PEACE INDEX2018 The Institute for Economics & Peace 4 3.6BN 18M Digital Reach

GLOBAL PEACE INDEX2018 The Institute for Economics & Peace 4 3.6BN 18M Digital Reach

MEASURING PEACE IN A COMPLEX WORLD GLOBAL PEACE INDEX2018 The Institute for Economics & Peace 4 3.6BN 18M Digital Reach International Offices Global Media Reach Research used extensively by organisations including Ranked as one of

322 views • 31 slides
NSF Activities in Cyber Trust NSF Activities in Cyber Trust NSF Activities in Cyber Trust For

NSF Activities in Cyber Trust NSF Activities in Cyber Trust NSF Activities in Cyber Trust For

NSF Activities in Cyber Trust NSF Activities in Cyber Trust NSF Activities in Cyber Trust For ACM CCS I ndustry/ Govt Track Oct. 26, 2004 Carl Landwehr ( clandweh@nsf.gov ) Cyber Trust Coordinator National Science Foundation What s the

439 views • 17 slides
Malachi 3:1-4 Peace Peace Malachi 3:1 See, I am sending my messenger to prepare the way

Malachi 3:1-4 Peace Peace Malachi 3:1 See, I am sending my messenger to prepare the way

Malachi 3:1-4 Peace Peace Malachi 3:1 See, I am sending my messenger to prepare the way before me, and the Lord whom you seek will suddenly come to his temple. Peace Peace Malachi 3:1 The messenger of the covenant in whom you

897 views • 60 slides
PEACE AND HARMONY Above all, clothe yourselves with love, which binds us all together in perfect

PEACE AND HARMONY Above all, clothe yourselves with love, which binds us all together in perfect

For a child is born to us, a son is given to us. The government will rest on his shoulders. And he will be called: Wonderful Counselor, Mighty God, Everlasting Father, Prince of Peace. His government and its peace will never end. He will rule with

623 views • 20 slides
(Peace and Blessings be upon Them all) 27/01/19 Sayyiduna Ibrahim (Peace be upon Him)

(Peace and Blessings be upon Them all) 27/01/19 Sayyiduna Ibrahim (Peace be upon Him)

#SundayGathering with Shaykh Omar Khan A glimpse from the lives of the Prophets of Allah (Peace and Blessings be upon Them all) 27/01/19 Sayyiduna Ibrahim (Peace be upon Him) www.SundayGathering.co.uk /AlMuhammadiyya |

638 views • 39 slides
Malaviya Centre for Peace Research (MCPR) UNESCO chair for peace & Intercultural

Malaviya Centre for Peace Research (MCPR) UNESCO chair for peace & Intercultural

Teaching Peace : An innovative idea whose time has come Malaviya Centre for Peace Research (MCPR) UNESCO chair for peace & Intercultural understanding (912) Banaras Hindu University www.mcpr-bhu.org Nearly 50 Centres /programs on

480 views • 14 slides
Information warfare The term information warfare refers to peace time activities

Information warfare The term information warfare refers to peace time activities

Information warfare The term information warfare refers to peace time activities psychological operations (psyop) cyber war/net war In wartime the term is Command, Control, Communications, Intelligence, Sensors Warfare(C3ISW)

287 views • 13 slides
Antibiotic stewardship and Clostridium difficile infection Sarah Doernberg, MD, MAS Associate

Antibiotic stewardship and Clostridium difficile infection Sarah Doernberg, MD, MAS Associate

Antibiotic stewardship and Clostridium difficile infection Sarah Doernberg, MD, MAS Associate Professor, Division of Infectious Diseases Medical Director of Adult Antimicrobial Stewardship Disclosures Consultant: Genentech, Actelion 1 |

456 views • 45 slides
1 & 2 Samuel Series Lesson #276 August 18, 2020 Dean Bible Ministries

1 & 2 Samuel Series Lesson #276 August 18, 2020 Dean Bible Ministries

1 & 2 Samuel Series Lesson #276 August 18, 2020 Dean Bible Ministries www.deanbibleministries.org Dr. Robert L. Dean, Jr. T HE R IGHTEOUS M ESSIAH 2 S AMUEL 23:17 1A God blesses David and he unites and expands the kingdom. 2 Sam.

748 views • 39 slides
MATTHEW 24 And as He was sitting on the Mount of Olives, the disciples came to Him privately,

MATTHEW 24 And as He was sitting on the Mount of Olives, the disciples came to Him privately,

MATTHEW 24 And as He was sitting on the Mount of Olives, the disciples came to Him privately, saying, Tell us, when will these things be, and what will be the sign of Your coming, and of the end of the age? Matthew 24:3 Several Warning

285 views • 25 slides
New World Empires 1. Three American Empires in Comparison: Aztec, Incan, Spanish T

New World Empires 1. Three American Empires in Comparison: Aztec, Incan, Spanish T

New World Empires 1. Three American Empires in Comparison: Aztec, Incan, Spanish T enochtitln (Mexico City), the capital of the Aztec Empire, was built on a huge island Agriculture on the outskirts of T enochtitln The Incan fortress

244 views • 22 slides
MAPPING STANDARDS MAPPING STANDARDS PRINCIPLES AND PROPOSALS PRINCIPLES AND PROPOSALS FOR

MAPPING STANDARDS MAPPING STANDARDS PRINCIPLES AND PROPOSALS PRINCIPLES AND PROPOSALS FOR

MAPPING STANDARDS MAPPING STANDARDS PRINCIPLES AND PROPOSALS PRINCIPLES AND PROPOSALS FOR DISASTER MANAGEMENT FOR DISASTER MANAGEMENT Prof. Dr. Tem enoujka Bandrova Prof. Dr. Tem enoujka Bandrova University of Architecture, Civil Engineering

530 views • 36 slides
5: Tyranny and Madness I Barrett on Caligula The Roman senate soon came to regret that they

5: Tyranny and Madness I Barrett on Caligula The Roman senate soon came to regret that they

5: Tyranny and Madness I Barrett on Caligula The Roman senate soon came to regret that they had so enthusiastically handed over supreme power to a personable but totally inexperienced young man. Fewer than fifteen years later they went

660 views • 11 slides
Lists and Tuples Ali Taheri Sharif University of Technology Spring 2019 Outline 1. List Basics

Lists and Tuples Ali Taheri Sharif University of Technology Spring 2019 Outline 1. List Basics

Fu Fundamentals of Pr Programming (Py Python) Lists and Tuples Ali Taheri Sharif University of Technology Spring 2019 Outline 1. List Basics 2. List Operations 3. Lists are Mutable 4. Iterating over Lists 5. List Methods 6. Matrices

375 views • 16 slides
Practical Bioinformatics Mark Voorhies 4/28/2017 Mark Voorhies Practical Bioinformatics

Practical Bioinformatics Mark Voorhies 4/28/2017 Mark Voorhies Practical Bioinformatics

Practical Bioinformatics Mark Voorhies 4/28/2017 Mark Voorhies Practical Bioinformatics Pearson distances Pearson similarity N i ( x i x offset )( y i y offset ) s ( x , y ) = N N i ( x i x offset ) 2 i ( y i

502 views • 28 slides

More recommend