By Blake Eifling - PowerPoint PPT Presentation

1 / 7
About This Presentation
Title:

By Blake Eifling

Description:

Comments/Quotes How do we know that it's not retaliation for an attack on Russian computers that originated from US military networks? I'm not sure it matters. – PowerPoint PPT presentation

Number of Views:59
Avg rating:3.0/5.0
Slides: 8
Provided by: west147
Learn more at: http://wiki.western.edu
Category:
Tags: blake | eifling

less

Transcript and Presenter's Notes

Title: By Blake Eifling


1
By Blake Eifling
  • Cyber-Attack On Department Of Defense

2
Overview
  • Washington has reported that there has been a
    widespread attack on Defense Department computers
    that may have started in Russia. Military experts
    could not say whether the attacks were in direct
    relation to the Russian government or carried out
    by individual computer hackers.
  • Although the military computers are often
    attacked by outside hackers with viruses and
    worms, this attack by the agent.btz worm was
    taken very seriously.
  • In response to the attack, the U.S. Strategic
    Command has raised the security level while
    defense officials have ban the use of flash
    drives on military networks. The attacking
    program has been removed from a number of
    networks but officials have not yet cleansed the
    entire network.
  • The Department of Defense would not describe the
    extent of the damage but did say that they are
    unclear on how the computers were infected. The
    agent.btz virus had been circulating
    nongovernmental computers for months prior to the
    attack on the DOD.

3
agent.btz Worm
  • Agent.btz is in the category of Malware (
    Malicious Software )
  • Agent.btz is not a new virus
  • Origin of virus is unclear
  • Worm virus Virus that self-replicates to other
    programs and systems.
  • Agent.btz has the ability to spread through
    shared drives and networks.
  • ..when a clean computer attempts to map a drive
    letter to a shared network resource that has
    Agent.atz on it and the corresponding autorun.inf
    file, it will (by default) open autorun.inf file
    and follow its instruction to load the malware.
    Once infected, it will do the same with other
    removable drives connected to it or other
    computers in the network that attempt to map a
    drive letter to its shared drive infected with
    Agent.atz hence, the replication. (Threat
    Expert)
  • http//www.napera.com/blog/?p202

4
Security Theater
  • Security theater consists of security
    countermeasures intended to provide the feeling
    of improved security while doing little or
    nothing to actually improve security.
  • This term is important in understanding some of
    the actions that have taken place within the DOD.
  • All flash drives were ban not only from the
    pentagon and DOD but in combat zones to prevent
    the spreading of the agent.btz worm.
  • This is theater because these actions only give
    the illusion of security and does nothing to
    prevent the spread of the virus since the virus
    can also be spread though networks.

5
Device Fears
  • With the resent attack on the DOD, flash drives
    have been banned from use within the Pentagon and
    other defenses offices.
  • Also in 1998 with the release of the toy Furby,
    the NSA banned the toy from NSA offices for fear
    that the toy would be able to listen and repeat
    classified information.
  • With these devices and toys many have fears that
    they might be coded with some sorts of malware.
  • Because of its ability to repeat what it hears,
    Security Agency officials were worried "that
    people would take them home and they'd start
    talking classified,'
  • Both devices contain thousands if not more lines
    of code and are produced by large manufacturers
    and even other countries.
  • How do you know that any device is safe against
    such viruses?
  • So is banning these drives and toys really fixing
    and/or preventing the problem?

6
Comments/Quotes
  • How do we know that it's not retaliation for an
    attack on Russian computers that originated from
    US military networks?
  • I'm not sure it matters. Whether US military
    computers were choosing to load and execute
    foreign code as a result of a foreign first
    strike, or a foreign counter-attack, we still
    have the situation that US military computers are
    loading and executing untrusted code, and
    apparently unsandboxed, so that it ended up
    mattering. No matter why the military computers
    were attacked, the fact that the attack worked
    proves incompetence.
  • This is taking place during the transition
    between Administrations, so someone at the DoD
    hierarchy wants to make a show about how they are
    "protecting America" when everyone in the
    commercial sector dealt with the agent.btz trojan
    quietly months ago.
  • I wouldn't put it past the MIC to exaggerate
    the risk of electronic attacks in order to
    manipulate the public. it certainly wouldn't be
    the first time the public was mislead about our
    nation's defense in order to funnel tax dollars
    into unnecessary defense projects.

7
Discussion Questions
  • Is there any way to prevent the spread of such
    viruses like the agent.btz?
  • Will you have more reservations about what kind
    of flash drive you purchase?
Write a Comment
User Comments (0)
About PowerShow.com