RE: CRIME Great presentation!!

From: Jeff Bryner (jeff@private)
Date: Tue Nov 19 2002 - 00:39:52 PST

  • Next message: Andrew Plato: "RE: CRIME JOB: Technical Writer- Security"

    I didn't see anyone else pipe up; so I'll take a shot at a recap, but don't
    expect Shakespeare!
    
    Speaker:Tom Donahue
    Topic: A global perspective on Cyber Threats
    His Background
    --MIT EE degree Phd and Masters, UVA Physics degree
    --17 years with the CIA
    --Edited the President's daily brief
    --3 years in cyber security
    
    Overview
    --Looks at his job as explaining the chess game
    --Conveys to his customers (i.e. the Whitehouse) the layout and rules of the
    board
    --#1 Threat to cyber security is the physical threat against key data
    centers and people
    --#1 growth area for cyber security is organized crime
    --Least important is the individual black hat hacker (except for supplying
    tools)
    
    Key Players
    --Russia
    	-Long history of capabilities and use (embassy monitoring, etc)
    	-Friends now?
    	-Hotspots for credit card theft, identity theft
    --China
    	-Movement to 'asymmetric warfare'
    	-Taiwan is the key pawn
    	-Will gain capabilities in 5-10 years (manufacturing, design of key
    technologies moving there)
    --Others
    	-Japan is not a cyber threat
    	-Iraq has had an active computer intrusion program since early 90s
    --Organized crime
    	-Entertainment and/or money are key people motivators
    	-Organized crime knows this
    	-OC is everywhere money is to be made
    	-Large amounts of money=large amounts of security, small money=small
    security and more opportunity
    --Hackers
    	-Most hacker attacks staged in the US
    	-Most attacks per capita internet user are from Kuwait and Iran
    	-Hackers main contribution is in tool generation, revision
    --Terrorists
    	-Using cyber security in organization (encryption, anonymizers, etc)
    	-Focus of attacks is on the physical, not the cyber
    	-Sympathizers however may participate via cyber attacks
    	-Focus on efforts to become insiders to gain access (access is everything!)
    
    Predictions
    --Supply chain attacks will increase
    	-evil chips, code, etc
    	-OK to outsource manufacturing, but design is a worry
    --In for a long period of pain re:cyber attacks
    	-relatively low cost of entry
    	-increasingly everything is connected, vulnerable
    
    Parting words
    --Protect your physical perimeter
    --Beware insiders!
    
    
    That's about as good as I can do this late at night!
    
    <disclaimer>
    I make no claims as to the accuracy of my recap, if someone remembers
    differently please feel free to correct me.
    </disclaimer>
    
    Take care,
    
    Jeff.
    
    -----Original Message-----
    From: owner-crime@private [mailto:owner-crime@private]On Behalf Of
    Michael Rasmussen
    Sent: Thursday, November 14, 2002 4:03 PM
    To: crime@private
    Subject: RE: CRIME Great presentation!!
    
    
    Please do recap for those of us who had to <gasp> work </gasp> today.
    
    4 fires out, uncounted more to deal with.
    
    
    --
      Michael Rasmussen - Network Engineer, Columbia Management
      voice:  971-925-6723  cell:  503-807-1447  rasmussm@private
      < mailto:rasmussm@private <mailto:rasmussm@private> >
    http://www.columbiafunds.com <http://www.columbiafunds.com/>
    



    This archive was generated by hypermail 2b30 : Tue Nov 19 2002 - 03:23:00 PST