Deibert, Ron. The hidden geopolitics of cyberspace. September 27, 2010
From Driscollwiki
Deibert, Ron. The hidden geopolitics of cyberspace. September 27, 2010.
- Director, the Citizen Lab
- Univ of Toronto
- r.deibert@utoronto.ca
- New directions in public diplomacy, public lecture series
- Michael K Hawes, Fulbright Canada and Fulbright Visiting Chair
"Cyberspace ... carved up, colonized, militarized"
- "Diplomacy ... keeping cyberspace open"
Ghost, shadows
- Tracking GhostNet: Investigating a Cyber Espionage Network
- Shadows in the cloud: Investigating cyber espionage 2.0
Cyber espionage
Victims: governments, industry
- Large multi-national orgs
Compromise tends to be social engineering
- Emails to people within orgs
- Microsoft Office, Adobe PDF exploits
Vulnerability
- If an ally is compromised, even "secure" institutions are weakened
Fusion methodology
Collaborations:
- Infowar Monitor
- OpenNet Initiative
Technical interrogation
- Network probes, reconnaissance, software-based test
- Multi-disciplinary analysis, advanced data fusion, visualization, analysis
- Field research, underaken by local experts in situ, interviewsm and tests
Guided by
- Canadian law
- Research Ethics office at U of Toronto
- No "break ins"
Transformations of signals intelligence
- Once only superpowers could engage (Cold war)
- "Sigint"
- "Cyber-collection platform": very low cost
- DIY sigint
Gh0st RAT Beta 3.6
No cost, localized
- Once a machine is compromised, the attacker can insert the ghost rat client
- Able to use remote admin, control
- Activate webcam, audio capture, etc.
- http://xanalysis.blogspot.com/search/label/Gh0st%20Rat
Botnets
- Available for rent
- 24/7 tech support
- Used for DDOS attacks
"Consensual privacy invasion"
- Social networking participation
- Visiting certain websites may enable compromises
- One strategy is to compromise sites of interest to your targets
Ecosystem of "cybercrime", "malware"
- Production of malware "exceeding" bonware?
- Looking primarily at 0day exploits
- Measurement is confusing
- Misleading?
- How does one assess the problem of a botnet?
- Infiltration or efficacy?
Internet + governments
First Phase: Cyber commons (1990s)
- Hands off liberal regulation
- Telecom development policies
- Dot-com boom
Second phase: Cyber borders (2000)
- Documented in Access denied
- Many govts intercept and filter access to certain resources
Third phase: Cyber arms race (2010s)
- Documented in forthcoming Access controlled, MIT Press
- Beyond filtering
- Interventions home + abroad
Legal and normative measures
- Cultivating a climate of fear, self censorship
Informal requests
- Contacting ISPs
Outsourcing, downloading
- Pressure on private companies who
Just in time Blocking
- Jamming at critical moments
- During elections, demonstrations
- Kirgistan, Burma, Iran
Computer Network Attacks
- A component of military action
Patriotic Hacking
- Cultivating a climate in which unlawful activities are tolerated/encouraged in the service of state goals
Militarization of cyberspace
- U.S. Cyber Command
- General Keith Alexander, NSA
- "Institutional innovation"
- Other states wish to adapt, follow US model
Impact is in all areas of net
- Physical, code, regulation, theory/ideas
Is cyberspace "ungovernable"? Immune to regulation?
D argues that, in fact, it is "overregulated"
- Dark nets
- Private sector
- Civic networks
- Individual
- Governments, armed forces, intelligence
Online gray/black markets
- Porn, spam, click fraud, phishing
"The perfect storm"
- Arguments for "policing"
- Belief that anonymity should be abolished
- New wiretap legislation would require service providers to build in law enforcement backdoor
- Fear, insecurity leads to individual "disconnection"
Jump offs
Q&A
Patriotic hacking
- Government actors "seeding" in forums
- Inspiring action
