Some Imperative Rising Movements in the Inspirations and Targets of Cyberattackers Max Kilger, Ph.D. Profiler The Honeyn.

Uploaded on:
Category: Medical / Health
Creating financial, political and social force of hacking gatherings ... of the Internet to advance a specific political, exploratory or social reason ...
Slide 1

Some Important Emerging Shifts in the Motivations and Objectives of Cyberattackers Max Kilger, Ph.D. Profiler The Honeynet Project October 2009 Milan,Italy

Slide 2

Overview Why do we think about profiling? Why take a more hypothetical way to deal with this issue? An extremely concise review Motivational profiles Community level investigation Geo-political and monetary impacts Emerging dangers: Civilian digital warrior Developing financial, political and social force of hacking gatherings Loose coupling of virtual and rough criminal movement The potential pandora\'s crate of the creating scene Some last musings

Slide 3

Objectives of Profiling and Social Analysis Primary employments of profiling and social examination: Profiling of people recognizable proof and conceivable trepidation Collection and investigation of information into models that permit better hypothetical comprehension of dark cap group Assist in anticipating thought processes and practices in particular assaults by gatherings/people Produce a superior comprehension of rising dangers What are they? What structure may they take? Who are the potential targets? Where will they originate from? How would we start to fabricate pre-emptive safeguards against them?

Slide 4

Profiling Myths and Realities A Profile Alone is not Enough… Don\'t anticipate that a profile will specifically recognize the offender(s) A profile does do three key things: A channel in which to bring into center vital subtle elements of the wrongdoing and lessen those points of interest which are not liable to be significant – an instrument that advises the agent where to look and what to search for Provides a rich fabric of interlocking subtle elements that permit the examiner to search for corresponds that construct the pathway to finding the guilty party Sometimes gives the "impetus" that together with other data leads in the long run straightforwardly to the offender(s)

Slide 5

A Very Brief Retrospective

Slide 6

Magic History Status Tech Humor Derog Elements of the Community in the Simpler Past

Slide 7

Dimensions of the Social Structure of the Hacking Community Note: Jargon File section might be coded into various topical classes

Slide 8

Griefing Identity Coercion Deception Emergent Complex Elements

Slide 9


Slide 10

Motivations A play off the old FBI counter-insight term MICE MEECES Money Ego Entertainment Cause Entry to social gathering Status

Slide 11

Motivations: Money Now the most widely recognized help for blackhats Individuals roused by cash frequently are discovered totally inside gatherings that share this inspiration There are various "monetary forms" being used operating at a profit cap group – stolen charge cards and ledgers, root responsibility for machines, misuses, virtual resources, "mystery" information Financial asset for composed wrongdoing/fear based oppressor subsidizing - speedy turnover of stolen Mastercard numbers, ledgers and trade out remote nations and consequent discount

Slide 12

Motivations: Ego Both dark cap and white cap groups share this normal and intense inspiration Derived from the fulfillment that originates from beating specialized snags and making code that is exquisite and imaginative Idea of dominance over the machine – inspiring it to do what you need, regularly regardless of various security impediments

Slide 13

Motivations: Entertainment This inspiration regularly originates from the results of an endeavor Getting a gadget to accomplish something unordinary or novel Bluejack bluetooth gadgets like telephones and motivate them to call porn lines here and there this includes human measurements Sometimes the amusement esteem originates from the activities of people/associations that are straightforwardly connected with the abused box/gadget

Slide 14

Motivations: Cause A rising and advancing inspiration in the white cap/dark cap group Most basic occasion of this inspiration - hacktivism - the utilization of the Internet to advance a specific political, experimental or social cause Original seed – "data ought to be free"

Slide 15

Motivations: Cause Examples of hacktivism Bronc Buster and Zyklon cripple Chinese firewalls to permit Chinese Internet clients access to illegal sites Jam Echelon Day (JED), hacktivists overwhelmed net with messages with installed target words to surge intel net sniffers Electronic Disturbance Theater surges Republican National Committee and traditionalist sites to match with RNC tradition RIAA site wiped off the Internet Stay tuned for the unique instance of the non military personnel digital warrior

Slide 16

Motivations: Entrance to a Social Group Black cap/white cap bunches have a tendency to be status homogeneous in nature This suggests there is a sure level of ability important for affectation into the gathering Elegant code/adventures would one say one are technique for picking up acknowledgment into the gathering - composing new and creative code and sharing it as an exhibit of the level of mastery important to be considered for participation in the social gathering

Slide 17

Motivations: Status A capable inspiration inside both the white cap and dark cap groups Much of the conduct inside these groups is impacted by the status position of people both inside neighborhood bunch and in addition worldwide gathering chains of importance Community as meritocracy

Slide 18

Profiling Example IRC talk here we see individuals from a gathering trading zones of aptitude - you ought to assess these utilizing responses of other gathering individuals as approval focuses 20:49:30 quark: am I the special case who utilizes C++ instead of C? 20:49:32 prophet: heh 20:49:34 shaverboy: yah 20:49:42 prophet: u a winshit coder? 20:49:42 shaverboy: by and by i don\'t care for c++ 20:49:42 burgerking: outties 20:49:49 burgerking: ".k *" 20:49:52 quark: lol, yes, i\'m a winshit coder 20:49:52 burgerking: .clients 20:49:59 shaverboy: i can do all that i need in C and on the off chance that i require object situated stuff, I can utilize LISP, Java or Python

Slide 19

Profiling Example Status has essential impact in the social structure of the PC programmer group and this next portion permits the profiler to recognize the status positions of in any event a portion of the individuals from the gathering: 15:35:28 Slash: checkov i am not certain what sort of code it is 15:35:46 cigquake: on the grounds that you don\'t know poop about what is going on 15:35:50 burgerking: better believe it quark im only an amature :P 15:36:09 quark: lol, I\'m a long way from ace, I simply appreciate doing it 15:36:17 checkov: Slash: well make sense of it 15:36:36 burgerking: Slash the general purpose of me hassling you is so you will get off your rear end and attempt learn.. since you depend on others 15:36:46 burgerking: and that is not what your assume to do to learn 15:37:01 Slash: i am learning i never learnd why !/canister/pass workes!!! 16:34:04 burgerking: Ok well here is a straightforward clarification the code your misusing has a gathering level of 2.. which is your current the client is level3 which implies

Slide 20

Profiling Example Here we get a decent piece of information about their point of view on the blackhat-whitehat continuum 16:44:56 Shortkid: i used to be dim yet it isn\'t so much that cool 16:44:59 burgerking: Trashcan im not from the south island ;) 16:45:01 shaverboy: dark cap eh? 16:45:15 burgerking: lol how are you a dark cap? 16:45:15 shaverboy: so you\'re really attempting to be malevolent? that is fine by me 16:45:32 Shortkid: lets say i need to be a dark cap 16:45:37 shaverboy: alright

Slide 21

Profiling Example Here\'s the cash shot for those people in law implementation or knowledge - a dental specialist\'s appt on a particular date and time in a town in Maine… 21:59:30 quark: Maine here 22:00:22 shaverboy: checkov i\'m in VT, just got 2 feet of snow on x-mas day 22:00:24 shaverboy: i adore maine 22:00:25 quark: lol 22:00:30 checkov: i detest snow 22:00:36 checkov: I lived in fl for 15yrs 22:02:32 quark: so no doubt, I woke up at 6:30 am to get prepared for what I believed was an orthodontist apointment... turns out it was at 3:40 toward the evening 22:02:38 quark: I could have rested in excessively :(

Slide 22

Community Level Analysis

Slide 23

Status Processes and Community Gatherings Very solid accentuation on one\'s status position in the group sets off various other social procedures with comparable energy Status clashes inside the group happen much of the time and frequently with impressive enmity Status procedures are grinding away in the endeavors of people to join particular nearby informal organizations Individual individuals from the dark cap group tend to shape social gatherings based upon status homogeneity Status forms regularly result in influence procedures being activated - confirm by the abnormal state of harsh practices found in the group inside neighborhood interpersonal organizations and past Lack of verbal and non-verbal correspondence signs due to the utilization of visit rooms/email as significant type of correspondence frequently prompts struggle

Slide 24

Status Processes and Community Gatherings Hacker "traditions" are a critical auxiliary/utilitarian segment of the group Allows vis-à-vis correspondence where status chains of command can be all the more effectively worked out and imparted between gatherings/people Also gives a technique by which status pecking orders can be conveyed crosswise over gatherings, accordingly delivering a more steady group with a bigger feeling of between gathering solidarity Gives the group the chance to formally go on the standards and estimations of that group

Slide 31

Geo-Political and Economic Analysis

Slide 32

Geo-Political and Economic Influences There\'s more at work than simply small scale level impacts… there are large scale level powers at work too The dispersion of these inspirations is needy upon the geo-political and monetary environment inside a nation or district

Slide 33

Romanian Blackhat Community Historical foundation (pre 1989) Romania amid it\'s Communist administration a middle for the advancement of PC tech and programming for Eastern Bl

View more...