Electronic And Information Warfare - ראשי

Electronic and InformationWarfareSecurity Engineering Chapter 19Presented by Jad Silbak.Seminar Instructor: Professor Orr Dunkelman.

Electronic and Information Warfare To understand Information Warfare (i-war),let us first define and understand ElectronicWarfare (i-war). Why should we care? If you are interested in computer security, e-warmay have great lessons for you. Private companies use some of electronic warfaretools.

What is E-warWhat is electronic warfare? What do we value most in e-war? Computer securityElectronic warfareImportanceConfidentialityDenial of Service (jamming, physical attack)IntegrityDeceptionAvailabilityExploitation (eavesdropping)

Control of the electromagneticspectrum Electronic attack Jamming enemy communications. Disrupting enemy equipment using high-power microwaves. Electronic protection Designing systems resistant to jamming. Hardening equipment to resist high-power microwave attack. Destruction of enemy jammers using anti-radiation missiles. Electronic support Supplies the necessary intelligence and threat recognition, toallow effective attack and protection.

Electronic ceComintElectronicIntelligenceElintWe are interested in thecommunications among people.Non-communications signals intelligence,such as radars.Who is transmitting?Where they are located?The time and duration of transmission?Elinet can be used to detect ships andaircraft by their radar and otherelectromagnetic radiation, missile firingsignalsIf the transmission is encrypted or /wiki/Signals intelligence

Communications Systems Military communications were dominatedby physical dispatch until about 1860. Marathon story of Philippides. About 156 years into the future things pideshttp://www.telcomhistory.org/timeline.shtml

Communications SystemsSituational awareness and the means todirect forces, are critical in warfare. Possible threats Communication between the army and thepolitical leadership can be compromised, orthe link might be disrupted. For agents in the field location security isimportant. Control and telemetry communications, suchas signals sent from an aircraft to a missile ithas just launched, must be protected againstjamming and modification.

Communications Systems Effective defense needs: Content secrecy Authenticity Resistance to traffic analysis and radiodirection finding. Resistance to various kinds of jamming.

Signals Intelligence Techniques Before communications can be attacked, theenemy’s network must be mapped. Radio Direction Finding (RDF) Triangulating the signal of interest. Time difference of arrival. Traffic analysis. Snowball search. De-anonymization.

Traffic Analysis Looking at the number of messages bysource and destination, can give veryvaluable information: Imminent attacks Unit movements. Traffic analysis is even more interestingwhen sifting through traffic on publicnetworks.

Traffic Analysis De-anonymization More than 81% of Tor clients can be identifiedwith traffic analysis attack. The NSA can do more . way er-information-research-indicates/

Traffic Analysis Traffic analysis can used to identify amalicious or suspicious packets within thetraffic. Snowball search.

Snowball search

Traffic Analysis Content generally has to be selected inreal time. Not even the NSA can afford to store all thedata on the Internet and the phone networks. The most difficult and expensive part is trafficselection rather than collection. Is encryption the solution?

Cryptography VS Traffic Analysis Cryptography can make communicationsmore vulnerable. If you just encipher all the traffic you considerto be important, you have thereby marked itfor collection by the enemy. And even if your cryptosecurity were perfect,you’ve just helped the enemy map yournetwork, which means he can collect all theunencrypted traffic that you share with thirdparties.

Cryptography VS Traffic Analysis Possible solution Every one should encrypt all their traffic, thushiding traffic could be much easier, masking the channel by sending dummy traffic. Intelligence agencies have been trying toprevent the widespread use ofcryptography, even if it’s freely available toindividuals.https://en.wikipedia.org/wiki/Export of cryptography from the United States

FBI–Apple encryption disputeFBI announced that it was unable tounlock the county-owned phone itrecovered in the 2015 San Bernardinoattack. Going dark. https://www.youtube.com/watch?v %93Apple encryption dispute#FBI withdrawal of request

Attack on Communications SystemsIn tactical situations, the goal is often todetect and destroy nodes, or to jam thetraffic. Jamming can involve not just noiseinsertion but active deception. In World War 2, the Allies used Germanspeakers as bogus controllers to sendGerman night-fighters confusing instructions.

Attack on Communications Systems Generally requires a combination oftechniques .Owen Lewis sums it up Soviet doctrine, anattack on a military communicationsinfrastructure would involve destroying one third of it physically, denying effective use of a second third throughtechniques such as jamming, trojans or deception, and then allowing the adversary to disable theremaining third by attempting to pass all his trafficover a third of his installed capacity.

Protection Techniques forCommunications Systems What do we need for an effectiveProtection of the communicationsystems? Authenticity and confidentiality, can be achieved in a relatively straightforward wayby encryption and authentication protocols. We want to prevent traffic analysis, directionfinding, jamming and physical destruction. Not as easy.

Protection Techniques forCommunications Systems What can we do to prevent directionfinding, jamming and physical destruction?AttackProtectionPhysical Destruction redundant dedicated lines or optical fibersDirection FindingJamminghighly directional transmission links, such as optical linksusing infrared lasers or microwave links using highlydirectional antennas and extremely high frequencies;low-probability-of-intercept (LPI), low-probability-ofposition-fix (LPPF) and anti-jam radio techniques.

Spread Spectrum Communications A number of LPI/LPPF/antijam techniquesgo under the generic name of spreadspectrum communications such as: Frequency Hopping. Direct Sequence Spread Spectrum (DSSS). Burst Transmission.

Frequency HoppingThey hop rapidly from one frequency toanother, with the sequence of frequenciesdetermined by a pseudorandom sequenceknown to the authorized principals. Famously invented, over dinner in1940 byactress Hedy Lamarr and screenwriterGeorge Antheil. https://www.youtube.com/watch?v Z0gu2QhV1dc

Burst Communications Meteor burst communications (MBC), also referred toas meteor scatter communications, is a radiopropagation mode that exploits the ionized trails ofmeteors during atmospheric entry to establish briefcommunications paths between radio stations up to2,250 kilometres (1,400 mi) apart.This relies on the billionsof micrometeorites that strikethe Earth’s atmosphere eachdayhttps://en.wikipedia.org/wiki/Meteor burst communications

Radars Search radar A simple radar designs for search applicationsmay have a rotating antenna that emits asequence of pulses and detects echos. Doppler radar Measures the velocity of the target by thechange in frequency in the return signal.https://www.youtube.com/watch?v d5T1vPmA-l4https://en.wikipedia.org/wiki/Radar

Jamming Techniques World War 2 The earliest countermeasure to be widelyused against radars was chaff.Chaff, as in small aluminiumstrips (or wires) cut to one-halfof the target radar's wavelength.When hit by the radar, suchlengths of metal resonate andre-radiate the signal.https://en.wikipedia.org/wiki/Chaff (countermeasure)

Jamming Techniques Toward the end of World War 2, alliedaircraft were dropping 2000 tons of chaffa day to degrade German air defenses.A Lancaster dropping chaff (the crescentshaped white cloud on the left of the picture)over Essen during a thousand-bomber raid.https://en.wikipedia.org/wiki/Chaff (countermeasure)The effect of chaff on the display of a Giant Würzburg radar.The effect of jamming appears in the left "jagged" half of thecircular ring, contrasting with the normal "smooth"(unjammed) display on the right half of the circle, with a realtarget at the 3 o'clock position – on the jammed left side thereal target "blip" would have been indistinguishable from thejamming.

Directed Energy WeaponsIn the late 1930s, there was panic in Britainand America on rumors that the Nazis haddeveloped a high-power radio beam thatwould burn out vehicle ignition systems.British scientists studied the problem andconcluded that this was infeasible . They were correct — given the relativelylow-powered radio transmitters, and thesimple but robust vehicle electronics, of the1930s.

Electromagnetic pulse (EMP)Things started to change with the arrival of theatomic bomb. Detonation of a nuclear devicecreates large currents giving rise to anelectromagnetic pulse (EMP). Within a few tens of miles of the explosion, theradio frequency energy may induce currents largeenough to damage most electronic equipmentthat has not been hardened. The effects of a blast outside the earth’s atmosphereare believed to be much worse (never been a test). It is reckoned that most electronic equipment inNorthern Europe could be burned out by a onemegaton blast. For this reason, critical militarysystems are carefully shielded.

EMPEMP (from a single nuclear explosion)would do colossal economic damage,while killing few people directly. This gives a blackmail weapon tocountries such as Iran and North Koreawith nuclear ambitions but primitivetechnology otherwise.

What is I-war? NO it is not what you think.

Information Warfare / Cyber warfare Information Warfare extends the electronicwarfare doctrine of controlling theelectromagnetic spectrum to control allinformation relevant to the conflict, byadding hacking techniques, and alsoincorporates propaganda and newsmanagement.This means the end result is to damagecritical infrastructures and computersystems linked together within the confinesof cyberspace.

Information Warfare –I warIn April 2007, the government of Estonia hadangered Russia by moving an old Soviet warmemorial, and shortly afterwards the country wassubjected to a number of distributed denial-ofservice attacks that appeared to originate fromRussia. Estonia’s computer emergency response teamtackled the problem with cool professionalism,but their national leadership didn’t. Their panickyreaction got world headlines, they even thoughtof invoking the NATO treaty and calling for U.S.military help against Russia.

Stuxnet (2010) Unlike most malware, Stuxnet does littleharm to computers and networks that donot meet specific configurationrequirements.

In April 2016, the company Black Cube employees Ron Weiner and DavidGeclowicz were arrested in Bucharest on suspicions of spying, phishing andcyber harassing the chief prosecutor of the Romanian NationalAnticorruption Directorate, Laura Codruța Kövesi and people close to her.The company denies any wrong doing saying that they were working undercontract from the highest political powers in Bucharest and that "all of BlackCube’s employees follow local law to the letter, and the allegations againstthem are unfounded and untrue". The Romanian government and RomanianPolice denied the existence of any such edia.org/wiki/Black Cube

SummaryElectronic warfare is an important pillar in anymodern strategy of warfare. Electronic warfare and its extension in the formof (Information warfare) will continue to grow inprominence with the increased reliance onelectronics both in the military and the privatesector. In order to fully see the ‘broad pic’ in the vastsubject of computer security, aspiring ‘securitypeople’ will have to understand the principals ofe-war ranging from the technical level up throughthe tactical level to matters of planning andstrategy.

Electronic warfare is an important pillar in any modern strategy of warfare. Electronic warfare and its extension in the form of (Information warfare) will continue to grow in prominence with the increased reliance on electronics both in the military and the private sector. In order to fully see the 'broad pic' in the vast