CYB 6040 Wilmington University Week 2 OSINT & SCADA Systems Powerpoint Week 2 Assignment: OSINT & SCADA Systems PowerPoint (TEAM) Download DHS National I
CYB 6040 Wilmington University Week 2 OSINT & SCADA Systems Powerpoint Week 2 Assignment: OSINT & SCADA Systems PowerPoint (TEAM)
Download DHS National Infrastructure Protection Plan & see page 19 (29/188) for 12 sectors at: Link
READ Executive Summary. CIKR = Critical Infrastructure & Key Resources
Choose ONE of 12 National Critical Infrastructure Sectors (NCIS) defined by DHS that uses SCADA systems (they all do) and document the 5 top SPECIFIC threats to that sector. See the CIS Interrelationships Figure uploaded previously to get an idea of the cyber and SCADA inter-dependencies. We are expanding our target vector space from SCADA networks (Assignment W1) to much large game, National Critical Infrastructure. (Assignment W2)
Use: Link to clarify NCIS interrelationships.
Provide a brief description of the threat, parties involved, and reason why the threat is one of the top five. Include any maps,diagrams, charts, etc. that would enhance the readers understanding of group, target, and/or attack. USE the RN equation format *** shown in the Week 1 individual assignment to present your case. In addition, Pick 3 OSINT sources that you used to develop your case. This would diminish confirmation bias in sources. Ideally, every threat team reviewed would have 1 or more OSINT source.
This assignment should be a minimum 25-40 slides, BUT 50 slides would be better (including references in APA format to do justice).
Philosophy note: Don’t stick to the minimums. Students who think minimum performance generally settle for minimum salaries at job time. Think bigger. Get out of your comfort zone. A little extra goes a long way. Students in this class use their final team preparation as a point of differentiation on their resumes. It always starts a “warm conversation with recruiters.” That is what you want – show your talent is better than others in the game. You are a Dragon / Dragoness and your training is much better! You can negotiate for more when the time comes and it will be worth your effort. The “others” will be sucking their thumbs as they watch you get the job First!
All,
Please proceed as follows:
1. NCIS Sector
Kolawole Oyekanmi (XO) will select the NCIS Sector for the project.
2. NCIS Sector Top 5 Threats
Kolawole Oyekanmi (XO) will determine what the top 5 threats are in order from the highest to lowest threat.
3. NCIS Sector Threat Group Member Assignment
Kolawole Oyekanmi (XO) will inform Panagou, Imassi, Muller, and Nguyen which particular threat to research.
4. NCIS Sector Threat Research
Each group member prepares the following for their assigned threat:
NCIS Sector Threat:
A. Threat Description
B. Parties Involved
C. Why is it a top 5 threat to the chosen NCIS Sector?
1. Vulnerabilities
2. Impact
3. Countermeasures
D. R/N Equation (based upon the vulnerabilities/impact/countermeasures)
E. Include at least one figure (map, chart, etc.)
F. One OSINT used in your research (Three OSINT for the top threat)
G. List of References
The information does not have to be in any particular format. Just make sure that everything is included that is listed in number 4 above.
24-29
THREAT 4
Group Member.
Description
Parties Involved
Reason why top 5
Vulnerabilities
Impact
Countermeasures
At least 1 figure (map, chart, etc)
R/N Equation for threat SLIDE TOPIC
1
2
3-5
Includes
TITLE PAGE
AGENDA OF TOPICS
NCIS SECTOR
Assigned to
Otto (TL)
Otto (TL)
Oyekanmi (XO)
Description
Figures
6-11
THREAT 1
Group Member George PANAGOU
Description
Parties Involved
Reason why top 5
Vulnerabilities
Impact
Countermeasures
At least 1 figure (map, chart, etc)
R/N Equation for threat
12-17
THREAT 2
Group Member. – Billy NGUYEN
Description
Parties Involved
Reason why top 5
Vulnerabilities
Impact
Countermeasures
At least 1 figure (map, chart, etc)
R/N Equation for threat
18-23
THREAT 3
Group Member. Kattie OTTO
Description
Parties Involved
Reason why top 5
Vulnerabilities
Impact
Countermeasures
At least 1 figure (map, chart, etc)
R/N Equation for threat
24-29
THREAT 4
Group Member. Abdellah IMASSI
Description
Parties Involved
Reason why top 5
Vulnerabilities
Impact
Countermeasures
At least 1 figure (map, chart, etc)
R/N Equation for threat
30-35
THREAT 5
Group Member Raymond MILLER
Description
Parties Involved
Reason why top 5
Vulnerabilities
Impact
Countermeasures
At least 1 figure (map, chart, etc)
R/N Equation for threat
37-38
39=40
OSINT 1
OSINT 2
Otto (TL)
Otto (TL)
41-42
43-45
OSINT 3
REFERENCES
Otto (TL)
Otto (TL) / ALL group members
* Each member sends references to Otto (TL)
TASK
DETAILS
PPT Creation
PPT Prof. Review
PPT Revision
PPT Submission
ASSIGNED TO
Otto (TL)
Design & consolidate info. for
PPT
Receive/Input NCIS Sector
Receive/Input Threats from
group members
Send PPT to Prof. for review
(prior to final submission)
Revisions for final submission
Final Submission for grade
Oyekanmi (XO)
ALL group members
Otto (TL)
Otto (TL) / group members
Otto (TL)
CIS Shared Threats
Infrastructure Interdependencies
Transportation
Oil
Natural
Gas
Electric
Power
Water
Telecom
Peerenboom, Fisher, and Whitfield, 2001
http://www.ari.vt.edu/workshop/Whitfield-presentation.ppt
HIDING FROM THE INTERNET
OSINT Sources & Privacy
Randall K Nichols, Professor of Practice, Director
Unmanned Aircraft Systems (UAS) – Cybersecurity, KSU
Professor Emeritus – Cybersecurity, Utica College
Adjunct Professor Wilmington University
TOPICS
STRATEGY TO RECLAIM YOUR PRIVACY
?
?
?
?
?
?
?
?
?
?
?
SELF PRE-ASSESSMENT
SELF-BACKGROUND CHECK
PREPARATION
ONLINE PROTECTION
CREDIT CARD COMPANIES
ANONYMOUS PURCHASES
ANONYMOUS TELEPHONES
PERSONAL DATA REMOVAL
SOCIAL NETWORKS
HOUSE OR BOAT OR VACATION BIG PURCHASE
DISINFORMATION
Self Pre-Assessment
Identify standard information available about you within
search engines
More than the standard Google search Make a list of
descriptives in quotes
name zip code
name professor
name variation business address
Alternative Search engines
Google, Bing, Yandex, Exalead, Google Groups, Google
news, Google Images, Bing Images, Baidu (Chinese),
Qwant (Social networks), Duck go (Anonymous search)
Self Pre-Assessment
Use Duck Duck Go (duckduckgo.com) for those who do
not trust Google
Use Firefox or Safari browser not Chrome or IE5
All in one tool by Michael Bazzell:
Inteltechniques.com/osint/user.html
Make notes on your searches
Date, Result, Engine, Description, Follow-up
Self Pre-Assessment
Ancestry Records
? are a major vulnerability to your privacy
Full Name, DOB, Parents Names, Childrens Names,
Siblings Names, City Of Current Residence, City Of
Birth all clues to online passwords and accounts
Ancestry, Family search, Mocavo, Roots Web, Geneanet,
My Heritage, One Great family, World Records, My
Trees, Find My Past
Again keep notes of results for data removal process
Self Pre-Assessment
Search on your EMAIL addresses associated with your
name(s)
Search on your User Names tool Knowem.com (user
names database)
Search on your location or location based services
(social networks use the location of the upload and
embedded GPS)
Use Echosec application to zoom in on location to query
social network posts (app.echosec.net)
Self Background Check
Public Websites, People Directories, Telephone & Address Directories
Search on name, address, telephone number, and user name,
potentially children’s names
People Directories:
Spokeo, Pipl, Yasni, Thatsthem, Zabasearch, Intelius, Zoominf,
Infospace, PeepDB, Radaris,WebMII, Genie, Peekyou
Telephone Directories:
411.com, whitepages, yellowpages, addresses, Infospace, SuperPages,
411.org, Searchbug, Genie, Detective, Reverse Genie, PhoneTracer,
PrivacyStar, Truecaller, Peekyou, Whocalld, Thatsthem,
NumberGuru, MrNumber, 10 Digits
Social Networks:
Facebook, Twitter, LinkedIn, Google+, Tumbler
Find FB User number; search on every like! Places, photos, videos,
apps-used, friends, events, stories-by, groups, relatives
Preparation
Before you start removing personal data from internet, you must
evaluate how your information became accessible to the public.
Stop Giving Out Your Information!
Reward Cards & Loyalty Programs
Send Utility Bills not to your home. Anonymous Mail receipt
Open Credit Cards in Alternative Name it will be associated with
your address
****Everybody collects and sells your information , So let them BUT
Use Anonymous Information & Disinformation
? Fake Address and Telephone Number
? Government 10 > 987-65-4320 to 4329 (used in SSA ads and not
assigned to a human)
? Create two anonymous email addresses. Never give them your real
one.
? Create a permanent completely anonymous mail forwarding
account
Self Background Check
Custom Facebook Search Tool all-in-one
Http://inteltechniques.com/osint/facebook.html
Use your FB user name and number in above.
Private Databases:
Annual Credit reports (free) Check quarterly and correct
Equifax
Experian
Transunion
LexisNexis (legal & personal)
Westlaw / Clear / Thompson Reuters ( detailed personal content) Frauds
or ID theft in your name
Acxiom (fraud detection and returned merchandise)
Sterling (employment related)
Core Logic (real estate & mortgage)
Self Background Check
Sage Stream ( Consumer credit & denials of credit of most forms)
Insurance Service Office ( loss history)
Tenant Data (rental histories)
Experian rent Bureau ( rental history and profiles)
Chex Systems (ID Theft & financial fraud, check fraud)
TeleCheck (check irregularities report)
Retail equation (return product to store or online, your on it)
Medical Information Bureau (medical insurability and new coverage)
Milliman Intelliscript ( prescription drug history)
National Consumer Telecom and Utilities Exchange (fraud,
delinquencies involving utilities and related services)
Social Security Administration (SS & Representative payee reports)
Preparation
Not Sharing My Info (notsharingmy.info)
33 Mail (33mail.com)
Blur (abine.com/index.html not free)
Anonymous Telephone Number
Google Voice (google.com/voice) VOIP and forward voicemail to an
Anonymous email account
Never associate anything with your personal number or real address
Drivers License (DL)
In order to complete data removal, companies may ask for your DL.
Legally you need only give your name, address and DOB.
1)
Create a good digital image of your DL using your phone.
2)
Use PAINT to brush out any other information and save.
Preparation
Prepare a Basic Opt-out Form
Date: Submission date
Company: official name that owns the database
Request: I request to have my name removed from your public &
private databases. Here is the information you asked me to include in
my request.
Name: Full name as it appears on the online database ( include
misspellings)
Mailing Address: all that you want removed
SSN: only if absolutely required (most do not)
DOB: required
Direct URLs of personal information: specific to your case
Drivers License. Use redacted image saved from PAINT
Facsimile (fax) Service. Outdated but if required use GotFreeFax.com
Preparation
Online Protection:
? Antivirus programs (two) Super Antispyware, Windows Defender
Malware Bytes
? System Updates (regularly)
? Glary Utilities (use the check disk and daily maintenance)
? Ccleaner with wipe = 7 followed by Directory Snoop (DS) to purge
everything wiped
? Spybot or Malwarebytes but not both
? Firefox with extensions Ghostery, Panic, Disconnect, Noscript,
Adblock Plus, no internet history retained or suggested
? Activate Google Opt-out with advertising cookie opt-out plug-in
? Activate MS custom ads based on internet history
? Use a VPN service every time you connect through Internet. [ traffic
is encrypted and originating IP address not associated with you] PIA
is recommended at $40/year.
? Consider using the TAILs (TOR) live operating system and boot it up
from CDROM. No traces, crypto, no session data, encrypts files, mail
and messages
? Consider using a Virtual Machine with Virtual Box or professional
setup
Credit Companies
Under Fair Credit reporting Act (FCRA) companies may offer
services that you did not request
Action: Opt-out for 5 years
Heavy Duty Actions:
Fraud Alert (90-days)
Credit Freeze better and cheaper than LifeLock or Identity Guard
Easy and reversible locks the data at the big 3 until you unfreeze
it. -> prevents any new accounts in your name by any institution (
does not affect current accounts or credit score)
Action close old unused accounts on your credit report
In case of a Breach notification, NEVER give more information to
protect the same data
Credit companies share big time your home address. Action: Use PO
Box or a Commercial Mail receiving Agency ( CMRA)
Credit Companies
Hotels
Hotels share big-time. Use the Alternative Name Credit Card (which
is legal because your charging to your own real account) and no
picture ID ( it in the car). Make reservations under the alternative
name card.
Safety. Not trackable / stalkable by social engineering
Legalities on using a Alternative name on a Credit Card:
? Never use it with LEO
? Never use it to open a new credit line
? Never associate any social security number with your alternative
name
? Never use it generate income unless you are a DBA or company or
legal entity
? Never receive government benefits or community benefits under
the alternative name
? Only use to protect your privacy in scenarios where a credit card
is needed.
Credit Companies
Alternative Credit Card Options
?
?
?
?
Prepaid Credit Cards
Amex Customizable gift-card options
Vanilla Visa / MasterCard
Virtual (temporary Credit cards)
Anonymous Purchases
Rule: Never associate your real name to your address or purchases, if
you do not want that association to be public!
Amazon (create a new account with
)
?
Name: Alias, or former resident, or landlord
?
Email address: Forwarding email address like
amazon@privacy.33mail.com
?
Credit Card: Use alternative CC with number, expiration date
and security code or Blur account (masked) with Boston HQ
address
?
Address: PO Box, or real as long as shipping information is alias
Credit Companies
Anonymous Purchases (Continued)
Use Amazon Gift Cards up to $2000
Do NOT use Kindle or E-Book Readers They share with everyone
including LEO, civil litigation attorneys, and Amazon servicers for
targeted advertising.
Do NOT use E-Bay or PayPal. They leak data like a sieve and are
insecure
Internet Services
Best in terms of privacy, information sharing & full credit check
? EarthLink, Charter, Comcast, Cox, CenturyLink
Worst in terms of privacy, information sharing & full credit check
Dish net, ATT, Verizon, Frontier
Anonymous Telephones
Cellular telephones track every thing we do, our health, our habits,
contacts our locations, and send data to outside companies beyond our
control.
If your publicly known number is your cellular telephone number, you
have created a link (IMEI #) to your cellular account.
IPhone Strategy
Partial strategies:
Buy a used Device and do a factory restore
Consider T-Mobile Hidden Plan
Install Burner creates semi-anonymous, disposable phone numbers
Install Google Hangout Dialer app allows free calls from your device
Install Line2 permits a 2nd phone line on VOIP
NEVER backup anything to Cloud.
Do not share contacts. Highly restrict them and delete old.
Use dynamic VOIP methods for communication
Consider Mini Card Cell Phones for calls and texts only
Encrypted Communications
Apps like Google Voice, & Whatsapp encrypt data in storage only and
protect from public viewing but providers see everything
3 Apps where providers encrypt end-to-end, LEO can not read the
communications
Signal Private Messenger ) (whispersystems.org) free, supports both
voice calls and text messaging, easy, uses your phones Wi-Fi or data
connection. Use Google Voice for verification. Contacts with signal
will be accessible. Uses Challenge Response 2 words to prevent
MIM attack
Silent Phone (silentcircle.com) paid service unlimited encrypted voice
& text w/ 2 levels of service to other silent phone users via Silent
Circle server
Wickr (wickr.com) free, desktop, mobile, no personal information,
send texts, voice, pictures, videos, voice messages & attachments.
Deletes messages from both sender & receiver. Vulnerable to screen
shots
Personal Data Removal
Send out Removal Letters to EVERYONE, every service, every
program, every advertiser, every provider, EVERYONE
Format:
?
?
?
?
?
?
?
?
?
?
Service: Name & address
Website: the website of the service (usually specified)
Removal Link: direct link to remove your data , if available
Privacy Policy: Quote their own detailed instructions
Email address: email of employee of service responsible for
removal
Requirements: copy of Id or written request
Date: date of request
Duration of request: for ever!
Response: response received
Verify: you confirm removal
Social networks
GET OFF THEM!!
Privacy is not their priority & they lie about using your content
LIKEs violate your privacy and trigger all kinds of tracking
Twitter: Use Twit wipe. (twitwipe.com) to remove all messages
Google: Delete components first Google Photos, Google +, YouTube,
Google contacts, then delete Google account
FB: Delete my account (only partially does the job. They keep images)
Instagram: Delete permanent
MySpace: Delete account
Linkedin: Account closure, Delete, and make sure confirmed
?
Use Exiftool to remove meta-data from all photos.
Delete HP & other photo sharing sites
Your house on Google maps find it, report a problem, Cite
Privacy Concerns and request it be blurred Other reasons: Photo
identifies home of police officer targeted by violent criminals, Home
schooling, identifies physical security vulnerabilities.
Life Purchases
Plan on Buying a Home, Boat or Vacation Package?
?
Chance to change the game
?
Purchase an official LLC from a registered agent in New Mexico
Never associated with your real name, but you own the business
?
?
Purchase your new house using the LLC as the owner. The LLC
can also purchase vehicles and other property
?
Never associate your name or real telephone number with the
house you live in. Personal mail should be addressed to a PO Box.
Utilities and services should be in the name of the LLC.
Disinformation
Object: To make the Internet think you are Dead, Homeless or in
Hiding.
Name Disinformation
Address Disinformation
Telephone Disinformation
Name Disinformation
Focus on many different names to be associated with your real
address and real telephone number to make it difficult to identify the
true owner of each.
? Stop all real name associations with magazines, trade publications,
house repair, newspapers, surveys, political mailings
? Make a name that is nowhere close to your own not even the
starting or ending syllables.
? Use cultural differences to reduce profiling. Become French or
German or take a name that is very common in another culture or
whatever
? Never use a name variation of someone you know (even slightly)
Disinformation
Remember Absolutely Everyone is Profiling you for some reason: to sell
you something, to disagree with your religion or politics, to set you up
for something in the future, to scam you, to check you out as a date
The First Amendment and every State Privacy Law protects you, so lets
gum up the works of the profilers who dont respect them .. And have a
little fun a long the way
.
Address Disinformation
?
?
?
?
?
?
Use Google search to find new construction in a town in another
county at least 50 miles from your real address
Look for a cookie cutter brand new neighborhood
Use Zillow.com to locate the highest number visible on a chosen
street. Increase the address by 25 digits
Search on Google to confirm that this address does not exist
Document the new address and use it for disinformation
If advanced checking is in place, then use an emergency shelter or
temporary address
Disinformation
Address Disinformation Continued GPS Location Spoof / Emulation
Rule: Never use a false number that associates with a real person or
organization
?
?
?
?
?
?
?
?
?
Locate a number that is fun to give out but not an 800 or 900 variety
Kris Kringle: 951-262-3062
Dial-a-Prayer: 214-985-2703
Dial-a-Murder Mystery in TX: 210-408-1120
OR Capture the number of the surveyor, scam artist, trick salesman and
use it back on them
Use a NON-working Number: Choose your AC, say KS at 785, then
785-980-0000 through 785-980-9999 all announce non-working number
OR use a constant Busy signal number: ()(-661-0001 through 909-6610090.
I personally like Dial a-Ghost at 000-000-0000 ?
Resources
Privacy & OSINT
Bazzell, M. (2016) Hiding from the Internet: Eliminating Personal Online
Information,3rd ed, ISBN: 978-1522914907
Bazzell, M (2016) Open Source Techniques: Resources for Searching and
Analyzing Online Information, 5th ed. ISBN: 978-1530508907
Bazzell, M & Carroll, J. (The Complete Privacy & Security Desk Reference,
Volume I: Digital, ISBN: 9781522778905
Luna, J.J (2012) How to be Invisible: Protect your Home, Your Children, Your
Assets, and Your Life, Thomas Dunne Books, ISBN:1250010454
Nichols, R. K. (2019) Unmanned Aircraft Systems in Cyber Domain:
Protecting USA Advanced Air Assets, 2nd Ed. Manhattan, KS: NPP Press.
Available as Fee e-book from https://www.newprairiepress.org/ebooks/27
Attack Tools
Clark, B. (2013) Red Team Field Manual, ISBN 1494295504
Defense Tools
White, A. & Clark, B. (2017) Blue team Field Manual Version 1.0, ISBN: 9781541016361
KANSAS STATE UNIVERSITY POLYTECHNIC
Salina, Kansas
HIDING FROM THE INTERNET
Randall K Nichols Professor of Practice, Director
profrknichols@wilmu.edu
Spring 2020 2018 CYB 6040 Blocks 1 & 2
National Infrastructure
Protection Plan
Partnering to enhance protection and resiliency
2009
Preface
Risk in the 21st century results from a complex mix of manmade and naturally occurring threats and hazards, including terrorist attacks, accidents,
natural disasters, and other emergencies. Within this context, our critical
infrastructure and key resources (CIKR) may be directly exposed to the events
themselves or indirectly exposed as a result of the dependencies and interdependencies among CIKR.
Michael Chertoff
Within the CIKR protection mission area, national priorities must include
preventing catastrophic loss of life and managing cascading, disruptive impacts
on the U.S. and global economies across multiple threat scenarios. Achieving
this goal requires a strategy that appropriately balances resiliencya traditional American strength in adverse timeswith focused, risk-informed
prevention, protection, and preparedness activities so that we can manage and
reduce the most serious risks that we face.
These concepts represent the pillars of our National Infrastructure Protection Plan (NIPP) and its 18 supporting Sector-Specific Plans (SSPs). The plans are carried out in practice by an integrated network of
Federal departments and agencies, State and local government agencies, pr…
Purchase answer to see full
attachment
