Documentation of Presentation

PRESENTATION
T HE SLIDES OF MY PRESENTATION WITH NOTES SHOWING WHAT WAS SAID DURING EACH .

SLIDE 1

For my project, I decided to write a research project on cyberwarfare and

its threat to world security and the future of the human race. Cyberwarfare
is the use of computers to attack other computer systems and networks in a
politically motivated conflict, like a war. It includes things like information
theft, hijacking computer systems and attacking and defacing websites.
I decided on this topic because Im interested in international affairs and
politics and it relates strongly to computer science, the course I want to
read at university next year.

SLIDE 2

Initially, my title focused purely on electronic and cyber-attacks between

America and China, but my supervisor suggested that it was too narrow and
would be difficult to research, which in hindsight, I think was totally right.
Before this, other ideas for subject areas for titles included the Anonymous
hacktivist group, lobbying in American politics, the legalisation of cannabis
and whether classical music is elitist or not.
Extended Project 2014 | Maurice Yap 6946

Documentation of Presentation

SLIDE 3

SLIDE 4

My aim was to produce a report on what danger cyber-attacks pose, the

future of cyberwarfare and its effect on society now and in the future.

During research, I used over 90 sources, almost all of which were internet
based. Most of them were by British and American media articles, so had a
strong pro-western foreign policy bias which I needed to consider.

I wanted to find out to what extent it is taking place, whos doing it, how
they are doing it and why they are doing it.

Because cyberwarfare is a very recent topic, it was difficult to find good

quality sources with lots of information about it, but instead, information
was very scattered, hence the large number of sources.
A couple of sources were news articles written very soon after the event
they are reporting. This meant that some sources seemed to contradict
others because of the emergence of information at a later date.

Extended Project 2014 | Maurice Yap 6946

Documentation of Presentation

SLIDE 5

SLIDE 6

There are four main types of cyberwarfare.

Generally, only governments have cyberwarfare capabilities. The most

active countries include America, Israel, Russia, Iran and China. They use it
mainly to covertly gain intelligence for their respective national interests.

Strategic warfare is using cyber-attacks to disrupt life in an enemy country

by, for example, crashing power grids or hijacking transport systems.
Cyber-espionage is forcing access into computer networks to get access to
secret information.
Cyber-disruption is sabotaging information systems, like corrupting data or
defacing and taking down websites.
Cyber-terrorism is using the internet and other computer systems to spread
fear and destruction to achieve political aims.

During a war, cyber-attacks could be used in preparation for a ground

invasion because it would weaken the countrys army and population
beforehand, giving the attacker an advantage (explain electric grid,
communication, C4I, water, gas etc.). Attacks on the internet could spread
disinformation or prevent its flow.
Cyber-attacks can also cause mass economic damage, for example, taking
down internet access or certain websites in a country which depends on it
for business transactions would cost its economy lots of money.
Extended Project 2014 | Maurice Yap 6946

Documentation of Presentation

SLIDE 7

SLIDE 8

Most common application of cyberwarfare is information warfare and

information control.
The propaganda war is the fight for representation of a conflict. Cyberattacks can be used to prevent a side getting their view across and to spread
propaganda online to gain public support. Social networks like Facebook
and Twitter have been widely used for this purpose by Islamist terrorists
and the Islamic State to gain support.
Online censorship is another part of information warfare. It is the
restriction of the flow of information on the internet for various purposes
through technical filters, legislation, removing search results or threatening
citizens with prosecution if they view certain content, so they effectively
censor themselves. Its done for political reasons in many countries like
China, Iran, Turkey and North Korea. In the UK, filtering is used to prevent
digital piracy, which is illegal downloading, and to stop access to grossly
indecent content.

Hacktivism is social or political activism using illegal cyber-attack methods,

like hacking websites or overloading their servers to take them down using
a technique called DDoS attacking.
The most famous hacktivist group is called Anonymous, who frequently
take down websites of organisations whose activities they see as immoral.
They had a large campaign during this years world cup in Brazil, where
they took down or defaced over 140 websites of world cup sponsors. They
were protesting against the fact that the Brazilian government had spent a
massive amount of money on the World Cup, but not much had been spent
on poor sections of Brazils population.
In the ongoing Syrian Civil War, the Syrian Electronic Army, which
supports President Assads government, have carried out several cyberExtended Project 2014 | Maurice Yap 6946

Documentation of Presentation
attacks, one of which was where they hacked into three of the BBCs Twitter
accounts and posted to all their followers. They also managed to wipe $140
billion off the Dow Jones stock exchange index by posting this tweet [point
to top left image].

SLIDE 9

In the war between Georgia and Russia in 2008, cyber-attacks against both
sides took place. Many Georgian government websites were taken down
and this slide show comparing the Georgian president to Hitler were placed
on his website.

Intelligence gathering takes place not only against governments, but also
against industrial companies. Its done by governments and criminal
organisations to gather data that they use to their own advantage. Major
companies spend lots of money on defending and securing their computer
systems and data stores from outside attacks.
China is well-known for a lot of alleged hacking. The BBC reported that
their military had a unit dedicated to illegally stealing information from
foreign companies and governments. They suspected that it was based in
this building in Shanghai, but their camera crew were arrested when they
tried to film it.

Extended Project 2014 | Maurice Yap 6946

Documentation of Presentation

SLIDE 10

Only a few governments have established cyberwarfare policies. America,

for example, has set up a Cyber Command that is in charge of all its military
activities in cyberspace. The UKs GCHQ has a similar department, and is
in the process of setting up a specialist unit of the reserves to defend the UK
against cyber-attacks. The NATO alliance has discussed cyberwarfare at its
more recent annual summits and has a Cyber Defence Centre in Estonia for
training and research. North Korea is suspected of having some
cyberwarfare capabilities, but it isnt a threat taken seriously by America or
its allies. Iran isnt as technically advanced as Western states or China, but
in 2012, it successfully used a virus attack against two of Saudi Arabias oil
companies. China is very secretive about its military and capabilities, but it
is known that it has a very cohesive cyberwarfare training system and has
developed policies regarding its use in war.

SLIDE 11

Using computers to do crime is attractive to criminals. Much safer than

traditional violent crime. More difficult to trace. Not much law enforcement
against them as they operate across international borders.
Target skilled graduates and computer experts. Recruitment offer, dont
know its from a criminal group.
Increasingly, cybercrime services black market. Terrorist groups who need
such skills are now able to purchase them. Dangerous to society
One of the ways criminals do this is though Trojan viruses which are
Spyware ID theft, passwords (explain), botnets (spam, criminal activities,
click fraud)
Koobface virus private messages and wall posts/tweets on Twitter and
Facebook.
Extended Project 2014 | Maurice Yap 6946

Documentation of Presentation

SLIDE 12

SLIDE 13

The most sophisticated computer virus that has ever been discovered.
Contained over 20 zero-days. Created by America and Israel to attack Irans
Natanz nuclear enrichment facility. Political objective stop Iran from
developing nuclear weapons because its foreign policy is the destruction of
the state of Israel, so Israel sees it as a threat. Spread around the whole
world including Europe and China. Specific target of the controllers of
machines inside Natanz, through engineers laptop. It attacked the uranium
enrichment centrifuges by changing the speed of rotors in these black rotor
tubes to physically crack and break them. It also contained a reality blocker
engineers tricked into think okay, stopped digital safety systems like
valves working. Stuxnet delayed the Iranian nuclear programme by several
months.

Stuxnet was found to have had the ability to do things like turn off oil
pipelines, overload electric grids and blow up nuclear power stations. It
targets SCADA systems which are controllers used to remotely operate
electric substations, water systems and power stations. SCADA systems
which are in some way connected to the internet are to some extent,
vulnerable to sophisticated attacks. This picture shows a test in Idaho
where an electrical generator suffers a simulated cyber-attack. As well as
these, transport systems like railway point controls, air traffic control and
digital road signs have the ability to be hijacked by computer worms. One
of the most exposed things to cyber-attacks are financial systems, including
stock exchanges, bank clearing systems and payrolls which are connected
directly to the internet. An attack on these could cause massive economic
damage.
Extended Project 2014 | Maurice Yap 6946

Documentation of Presentation

SLIDE 14

Governments and industry sharing information. Both sides dont want to

do it for reasons of confidentiality.
Regulation to protect national security annoying for businesses. Costs,
red tape, effect on profits, hinders profits and subsequently R&D.
Secretive government lack of public discussion/policy and policy BUT too
open, risks a global cyber-arms race, info released that government would
have preferred other countries not to know.
Ambiguity legally. Not war. Retaliation? No international legal framework
like the Geneva Convention.

SLIDE 15

At the moment, information warfare is the most common application of

cyberwarfare.
Still in earlier stages of development. Still developing policy on it. It will
become necessary for further policy to be decided soon.
Technology will improve/advance/develop in the future, as will the
methods and techniques used by cybercriminals.
Social infrastructure is not very vulnerable at the moment because not
much is connected to the WWW (at least in the UK). Inevitably, it will
become more connected in the future. SCADA systems are more
convenient, more efficient and cheaper to run.

Extended Project 2014 | Maurice Yap 6946

Documentation of Presentation

SLIDE 16

SLIDE 17

After writing report, reached a couple of conclusive points.

Censorship is very dangerous to governments. It will inevitably become less
effective in the future because technology to get round it will become much
easier to use, more advanced, more widely available. Governments will be
forced to reduce censorship because this advance in technology is
unstoppable and when more people find out censored information, the
angrier they will get at the censoring state.
Internet means information more freely available. People will become more
able to view all sides of a conflict through different sources. More informed,
more balance view, less polarised public opinion.

Extended Project 2014 | Maurice Yap 6946

Documentation of Presentation

SLIDE 18

SLIDE 19

SLIDE 20

10

Extended Project 2014 | Maurice Yap 6946

Documentation of Presentation

IMAGE SOURCES

11

Slide 2:

Anonymous logo KEPHIR. 2012. Anonymous emblem. [Online]. [Accessed 23 September 2014]. Available from: http://commons.wikimedia.org/wiki/File:Anonymous_emblem.svg
United States Capitol with company logos graphic CIVIL LIBERTIES DEFENSE CENTER, 2008. Fighting Corporate Control. [Online]. Available at: http://cldc.org/dissentdemocracy/patriot-act-government-repression/fighting-corporate-control [Accessed 23 September 2014].
Unrolled cannabis joint WINTOUR, P., 2011. Liberal Democrats want inquiry into decriminalising drug possession. [Online]. Available at:
http://www.theguardian.com/politics/2011/aug/04/liberal-democrats-decriminalising-drug-possession [Accessed 23 September 2014].
Orchestra photograph CLASSIC FM, 2012. Survey shows under-25s want to explore classical music. [Online]. Available at: http://www.classicfm.com/music-news/latest-news/survey-under-25classical-music [Accessed 23 September 2014].

Slide 4:

Confront and Conceal book cover photo RANDOM HOUSE, 2013. Confront and Conceal. [Online]. Available at: http://www.randomhouse.com/book/202541/confront-and-conceal-by-davide-sanger [Accessed 23 September 2014].
BBC News logo LOGOPEDIA, 2013. BBC News (channel). [Online]. Available at: http://logos.wikia.com/wiki/BBC_News_(Channel) [Accessed 23 September 2014].
Washington Post Edward Snowden front page NGUYEN, V., 2013. The Washington Post Sold: Top Front Pages of the Last Decade. [Online]. Available at:
http://parade.condenast.com/61347/viannguyen/the-washington-post-sold-top-front-pages-of-the-last-decade [Accessed 23 September 2014].
The Economist logo THE ECONOMIST, 2010. War in the fifth domain [Online]. Available at: http://www.economist.com/node/16478792 [Accessed 23 September 2014].
Information Warfare Monitor report covers (x2) INFORMATION WARFARE MONITOR, 2011. Research. [Online]. Available at: http://www.infowar-monitor.net/research [Accessed 23
September 2014].
New Statesman front page VOXEUROP, 2012. Todays front pages. [Online]. Available at: http://www.voxeurop.eu/en/content/todays-front-pages/2217171-todays-front-pages [Accessed 23
September 2014].
New York Times logo GTECH, 2014. The New York Times Says You Cant Beat the Ease of the AirRam. [Online]. Available at: http://blog.greytechnology.com/the-new-york-times-says-youcant-beat-the-ease-of-the-airram [Accessed 23 September 2014].
The Guardian logo HARVISON, A., 2014. Lovereading survey features on Guardians Book Blog. [Online]. Available at: http://www.palamedes.co.uk/lovereading-home-library-guardian
[Accessed 23 September 2014].
Truthloader logo ITN PRODUCTIONS, 2014. ITN Productions. [Online]. Available at: http://itnproductions.co.uk [Accessed 23 September 2014].
The Daily Telegraph logo STREAMUK, 2011. The Daily Telegraph and Cisco choose StreamUK. [Online]. Available at: http://www.streamuk.com/the-daily-telegraph-and-cisco-choose-streamuk
[Accessed 23 September 2014].

Slide 8:

President Saakashvilis website defacement (Hitler comparisons) DANCHEV, D., 2008. Coordinated Russia vs Georgia cyber attack in progress. [Online]. Available at:
http://www.zdnet.com/blog/security/coordinated-russia-vs-georgia-cyber-attack-in-progress/1670 [Accessed 18 March 2014].
Associated Press tweet screenshot FOSTER, P., 2013. 'Bogus' AP tweet about explosion at the White House wipes billions off US markets. [Online]. Available at:
http://www.telegraph.co.uk/finance/markets/10013768/Bogus-AP-tweet-about-explosion-at-the-White-House-wipes-billions-off-US-markets.html [Accessed 24 September 2014].
BBC Weather twitter feed screenshot PALMER, A., 2013. BBC Twitter accounts hacked by Syrian Electronic Army, supporters of dictator President Assad. [Online].
http://www.mirror.co.uk/news/uk-news/bbc-twitter-accounts-hacked-syrian-1777005 [Accessed 24 September 2014].

Slide 9:

Unit 61398s alleged base photograph REUTERS, 2014. Chinese hackers repeatedly attacked U.S. computers of firms involved in movement of American troops and equipment, Senate probe
reveals. [Online]. Available at: http://www.dailymail.co.uk/news/article-2759753/Chinese-hacked-U-S-military-contractors-Senate-probe-finds.html [Accessed 24 September 2014].

Slide 11:

Koobface wall post example screenshot UWANG, 2011. New Koobface Campaign Spreading on Facebook. [Online]. Available at:
http://community.websense.com/blogs/securitylabs/archive/2011/01/14/new-koobface-campaign-spreading-on-facebook.aspx [Accessed 24 September 2014].

Slide 12:

Natanz facility photograph STEELE, J., 2008. Israel asked US for green light to bomb nuclear sites in Iran. [Online]. Available at:
http://www.theguardian.com/world/2008/sep/25/iran.israelandthepalestinians1 [Accessed 24 September 2014].
Sample of Stuxnets computer code (cropped and digitally altered video snapshot) TED - LANGER,R. 2011. Ralph Langner: Cracking Stuxnet, a 21st-century cyber weapon. [Online].
[Accessed 13 March 2014]. Available from: http://www.youtube.com/watch?v=CS01Hmjv1pQ
Nuclear centrifuge and rotor tube photograph BROAD, W. J., 2008. A Tantalizing Look at Irans Nuclear Program. [Online]. Available at:
http://www.nytimes.com/2008/04/29/science/29nuke.html [Accessed 24 September 2014].
Siemens Simatic photograph ULLI1105. 2007. Siemens Simatic S7-300. [Online]. [Accessed 17 September, 2014]. Available from: http://commons.wikimedia.org/wiki/File:S7300.JPG

Slide 13:

Video still of Aurora test ZETTER, K., 2007. Simulated Cyberattack Shows Hackers Blasting Away at the Power Grid. [Online]. Available from: http://www.wired.com/2007/09/simulated-cyber
[Accessed 25 September 2014].
Air traffic control tower photograph DANKO, M., 2011. Air Traffic Controllers Sleeping on Duty: A Simple Solution? [Online]. Available from:
http://www.aviationlawmonitor.com/articles/air-traffic-control-1 [Accessed 25 September 2014].

Extended Project 2014 | Maurice Yap 6946