HarshitAgrawal

foreign

[Music] I hope you all are doing good I am joining virtually from Boston and I really appreciate and grateful for being here thank you so much to besides team for having me and giving me this opportunity to share my work and learning so the title of this presentation is learning from Modern escalation of cyber warfare so we all know that we have witnessed a Warfare in the recent time and there was so many different things going on in the virtual petal field as well it was not only the Cyber uh the battlefield like in the ground with the guns and tanks but well before that there was a battle which was fought in the digital background so if

Volvo 3 were to come it would lead to the end of civilization there is a very famous Einstein quote on World War IV which he said that I may not know with what weapons Volvo 3 will be four but World War 4 will be fought with sticks and Stones so the 21st technology boom can give Army's a strategic Advantage for High-Tech Warfare but can technology make Wars safer that's a big question which we all need to ask our Shelf and imagine like the robotic technology themselves across desert terrain avoiding landmines uh drones with enough artificial intelligence to carry out strikes without human operations uh Next Generation uniform to monitor soldiers heart rates hydration level or provide

early warning alarms for chemical attack so if we Google internet of Battlefield things internet of things or iot you only find attacks on it imagine how much more challenging it would be in an actual Battlefield where adversaries want to attack the battlefield as opposed to an uh attacker in a home who just wants to have fun so this is about me uh right now I'm like working Essence drone security researcher for drone sake I'm a great student at Boston University and I'm chair of media and technology for I3 police cyber security HTC my primary research area includes RF security trade intelligence and iot security um below is my contact information so just in case if you have any questions

you can reach out to me I would request everyone to take a snapshot of this particular slide because there are some acronyms which we don't usually use when we are working with in the cyber security so some of them are like related to Signal intelligence some of the acronyms are related to the electronic warfare so which may we may use in the presentation because this is cyber warfare and in cyber warfare like there's so many different things which is involved so uh some of these are the acronyms I thought it would be good idea to include it here so let me start with the beginning of this particular year in the January month we have seen a lot of cyber

attacks like which was going in the uh background so it was like in general I'm in favor of a well-defined legal terms however when it comes to cyber warfare perhaps ambiguity is in the National interest so I will offer two a reasons the first is strategic and second is business you all will be song like there is no actual cyber warfare definition till now the Strategic reason is unlike their analogs in the physical domain the vast majority of cyber operations are designed to take place below the r level of armed conflict so from election interference to ransomware proxies our adversaries execute cyber enabled malicious activities to achieve both strategic and Technical ends while injecting ambiguity into the legal

analysis of victim States so if we Define cyber warfare as a very narrow set of circumstances relating to a material impact or two critical infrastructure we inherently provide our adversaries a menu of activities they do not Institute cyber warfare and thus would not authorize our using force in self-defense as a counter measure so effectively if we would be telling our adversaries that so long is their government actors do not cause the damage akin to a kinetic weapon we will restrains our response so from the moment we Define cyber warfare we would restrict our operations for responding to malicious activities such as interference in the 2016 presidential election Colonial Colonial pipelines solar winds notepadia Triton among

others on many others so it may be better to keep our adversaries casing as to our red lines and then there is a witness reason so many insurance policies have a work exclusion close debt limits coverage in the event of War so we can see like why insurance companies would do this by looking at the amount of damage Russia has wrote on urban areas in Ukraine So in theory during wall time a single insurance company could be on the hook to rebuild entire cities quickly bankrupting the insurance company so following notepadia's Zurich Insurance are leashed onto Western governments categorizing this Cyber attack is an act of War by the Russian government is justification to invoke the war exclusion close and

deny coverage for claims associated with the attack so following This multi-year legal battle some insurance providers have modified their policies to more broadly exclude cyber operations so in other words like the parameters for a payout are narrowing the more explicit the government is with its definition of cyber enabled malicious activities the more justification insurance providers have for denying coverage to business states fall victim to nation-state cyber activities so this is very big thing and do since the start of the war between Russia and Ukraine many have referred to it is like the first large-scale hybrid War so where the Warfare involves both Cyber attack and boot on the ground and this attack continued as the war evoked and were

followed by counter attacks like against Russian sites so the majority of cyber war is conducted by advanced persistent trade which we also call the APT groups doesn't save of collectives such as hacktivist hacker groups and known ransomware gangs like conti and are coming like there are so many different projects which were there and each of them has sided with either Russia or Ukraine over the past two weeks and in addition to use social media to communicate with the public many of these groups have done to the dark dark web and it's a safe space to coordinate attack against specific sites or chair channels associated with either Russia or Ukraine often in an effort to take

them down so you might might have seen like there were a lot of groups on the telegram which were very active they have decided like the anonymous groups have decided the different sites and along with that like we have also witnessed some of the different things like on the Twitter there was a lot of different things going on many companies like made their tool available to every of the different companies to Define like to move their data to Cloud so even Microsoft have published some really good reports I would recommend date to read it uh Microsoft have published two reports one in the uh March and then in June so it is covering like so many

different things from the ransomware perspective what are the different Ransom weights which were used how they were deployed and before any worst out there is an information Warfare and this is why it's very important to understand what information Warfare is before we proceed to electronic warfare or which is subset of the same so every day there is a war taking place on devices which we carry in our pocket we are more certainly at the white hot Center of information Warfare so there's been plenty written about this and I won't Retreat it but I do want to share that this mode is far more aggressive strategic and frankly successful that uh you can imagine so this new worries note

about capturing land is in previous conflict instead in the information War the territory being one is the human mind the most visible Beetle spaces are our online forums like Twitter Facebook and YouTube but the activity is increasingly spreading to Old School uh direct actions on the streets in traditional media Outlets so world war three is a gorilla information war with no division between military and civilian partition so here is how this Warfare Works uh digital components often like thought of as a troll so we pick a history to amplify uh often with a short term news hook they create a meme a video a tweet or a blog post that role use a mix of human assets and

automated personas to amplify the story the message is then pushed into the fits of sympathetic real people who will amplify it further if it goes viral or trigger a trending algorithm it will be pushed into the fits of a huge audience members of the media will cover it reaching Millions more can this program be sold with better automated review and editorial hardly if the content is dimmed false it doesn't matter because it will be taken down and if amplifier boats get shut down that really doesn't matter they are easy to replicate in the future as we convincingly predicts it it only gets worse and I would like to mention it here that a few months before I guess

three or four months before there was one report which is published by Indian government from the NSA the National Security Agency they have published like a really good report on the security for the India and they mentioned it for the India the information Warfare is the biggest trait they are not worried about any weapons China Pakistan all of the different things doesn't even matter for them but information Warfare is something which India have witnessed in the last four years and that's like a really big Challenge and this is what like they will be focusing in the next three years so this is a that is a great report we should discuss about date and then there is this photo which is called

the PNG protest so which also extend how anyone can easily edit a photo to share critical information at a time when many people in Russia like still don't know the truth of what's happening in Ukraine so in a recently passed load returns anyone who says fake information about the military with 15 years of recent time so in this particular uh campaigning like people were hiding the information in the Meta Meta details of the image and then they were sharing it with everyone on the internet so that they can know about the different things which is happening so what do you think of a world where every device you own is

come also you give instructions through your mobile phone and your coffee is ready while you get ready for your office so where cctv's cameras can like identify and stop excessive force before it turns deadly two wearing sensors which reports with real-time Health Data to alert patients to emergencies before they happen or even as drones been used to supporting the First Response there's iot has like transformational impact on our life across vertical sectors and of course like we have social credit system which expanded idea to all aspects of like like judging citizens Behavior trustworthiness uh if you are caught like jaywalking don't pay a code Bill play your music too loud on the train you could lose

certain rights such as like booking a flight or train ticket and privacy is state so there's a whole long list of task that iot is helping us with so can we say like a world without iot is like living in a stone age it may seem like a big claim for some of you but when you see the bits of iot reflected even in like the mundine task of our daily life you will agree to it so how important it is to our life and even the question is how secure you think it is because all of these devices which we are using in our daily life will be sometimes like use SN tool of attack against US during

the cyber warfare so uh here it is an image like which we can see there are this is like taken from the digital Global image but there are so many good websites applications which are available through which we can just purchase the satellite images for uh seven days before four days before for a specific specified area code like as low as 100 200 to 250 dollars so date image will be like the real time other than what we see on the Google Maps so these tags can be done very easily and this is one example from the India China border uh this is like an image from the mixer which is like again a satellite

images uh provider company and during the India China conflict like there were a lot of things which was happening in all the media Outlets were purchasing the images from this particular website so because they are providing it so iot is like a transformational impact across all of the vertical sectors and the benefits of iot are undeniable so it can like bring much of the physical world from industrial assets to commonplace devices to people into a connected ecosystem resulting in enhanced customer experience and better customer business outcomes but with all of these things like iot is simply collecting data processing information transferring data and it is wonderful in many ways but unfortunately technology has not matured yet and it is not

entirely safe so the iot involvement from manufacturer to users still have like security challenges to overcome such as the manufacture standards update management physical hardening user knowledge and awareness so these are like all of the challenges which we are all aware of and we can like easily use Sudan senses to find all of these particular devices so to take to find vulnerabilities to see like what versions many of the other persons are using so ipv is 4 is like just a door which we just know can get into it to get some of the details so if we like look at the CIA try it so it's like the main objective of the security is highlighted by various model

and known to be like confidentiality Integrity authentication authorization known repetition availability so implementing different cryptographic uh mechanisms can help us achieve this security characteristics however it is very challenging to implement this cryptographic algorithms in this devices and here is a map from Cisco so this is a Cisco trade model in which we can see like what are all the different attacks and uh how those attacks are like built on top of one another so ensuring that each device has the control to maintain data confidentiality and integrity within an organization is necessary so in addition like investigation of iot security along with data Integrity holds practical significance in the development and so this figure like illustrates the security trade map of

iot the iot is spends like nearly every organization and function Associated H devices now expose a series of vulnerabilities and exploited by all traditional actors so the most vulnerable part of this iot system with the least impact is suffered and attack is placed on the top of the pyramid like over here so sensor seat on the top is they are the most vulnerable being the most accessible part of the device and the next vulnerable part is the communication between the sensors accumulated data by the sensors the attackers can get access to these data tool sensors by getting into the network then comes the hardware extraction and firmware which is stem fluid application programming interface the API for the

interaction between the application and data lastly the least accessible part at the bottom of the pyramid is the hardware platform such as the soak in fpga which is filled programming uh programmable gate array DSE so even through the hardware platform is at the bottom of the pyramid it is one day deserves major attention because it has the highest damage impact to a system in case of an attack it can be said that Hardware is the foundation of the system in most pain causing part in the case of cyber incident so here I would like to take one example uh it has been realized state to True security of iot devices can only be achieved by securing the

underlying Hardware of these devices vectors have been reported in this ices used in weapon control system nuclear power plant and public transportation system so there is one really good research paper which was published in 2014 by one Chinese author and they claimed it using just 1450 logic gates they were able to create a big door in any kind of chipsets and that is very uh important to know because using just a 1450 logic gates if they can create a back door even through like if we in the chipsets like we have almost of thousands of billions of dollars or sorry billions of transistors and the lowest the detection ratio is like 0.006 percent right now

which I am aware of so having 1500 logic is like way below that particular detection ratio so it's like really hard for the Weaponry systems like if we are importing from some other countries how should we trust it Hardware how should we trust that there is no bigger which is being created in this particular chipsets so DARPA is doing a really good work on top of Date date for like if some country is importing some weapons from other countries so how they can check the chipsets uh even like if I take an example of India so India is importing so many different weapons from so many different countries so there is like a framework which we follow to test

the different Hardware different system different software to check for the different vulnerabilities to check whether it is having some kind of big door or node so this is like still a very big challenge right now and it is important when we think of a cyber warfare so there uh here we can see like a glimpse of all the radio wave spectrum how does it looks like in uh how what are the different devices which we basically use in our day daily life so here the spectrum is visible from three kilohertz to six gigahertz so we can see like Wi-Fi cell phone so these are like all the different frequency band on which these devices are allocated so

mainly uh FCC do this allocations in USA and then again we have ntia so we can see like FM radio at 100 megahertz GPS and spawn environment at like 900 megahertz uh ADHD signal at 1090 megahertz so these all are the frequencies but to um with like so invisible and ignore our devices are like currently screaming out large amount of information about us our habit uh our pattern of life to anyone who care to listen so let's see some example what is commonly been broadcasted and what can we do with this information so we can like of course create a FM radio um like using gnu radio and usrp blade RF um with hey RF we can do this and we

have also witnessed some kind of related attack in the Cyber War like recently because the communication was not encrypted and the people uh in the Army like Ukraine Army were able to decrypt some of the information so that all things happened then ADHD signal is for the surveillance technology in the for the aircraft to determine its position so debt can be listened using this then of course we can use grgsm and calibrate command we can listen to MC number we can decrypt the A3 A5 algorithm to version returns listen into the call and message so every mobile has in like MC which is the international mobile subscriber identification number this number is unique to every SIM card and

this number is shown on every mobile phone which is like can be traced with the MC culture so the police can like determine your identity easily once they have this unique number so there is no way you cannot be a victim except you are not in an area where the MC uh catcher network is and these are some of the vulnerabilities which we see in the radio environment so we all know like Wi-Fi uses radio to communicate but so does other 99 plus protocols did make up the world of mobile cellular internet of things and all these new radio enabled devices bring with them new invisible trade Enterprise will need to be able to react to this new trade entering their

environment so sniffing War driving evil twin replay firmware jamming these are like some of the all attacks and like again as I mentioned that Russia war in the Ukraine has been marked by its apparent lack of coordination and then a studently like a float Pawn plan because Russian forces have been observed moving deep into Ukraine only to be cut off by a lake of fuel vehicle backgrounds and ultimately the forces of Open Source intelligence and Ukrainian reports suggested radio communication across the uh Russian forces are poor leading to make shift Solutions including the use of unencrypted high frequencies which we have seen for a long range communication mobile phones to communicate there is so much some

evidence that soldiers have deployed with some Advanced software defined radio searches like r187 P1 and r168 so technical radio state were carried so these all are like things which I I'm not sure why they were not using the sophisticated Technologies maybe they are saving their best of tools for the future but if we have seen them like using the cell phones and this HF high frequency radio communications so electronic warfare has come a long way from the early days of like basic signal intelligence and has covered a wide variety of Technologies and use cases so modern military forces are required to operate in an increasingly complex electromagnetic environment which has recently been recognized as an

operational environment and all modern forces like conduct operations did depend on the use of eme so if we Trace back to the history it's not like that cyber war is happening now or this is all of a sudden a totally new things even from the uh big like of century we have witnessed so many different attack which are like which we can say like as in technological War so from the Russia Japanese war in 1904 did have seen the birth of the signal intelligence and then moving forward like the invention of British signal intelligence in the 1914 so we have witnessed it then Battle of uh Britain in which the radar was born and the photo track like the enemy

uh aircraft RAF Fighters could be quickly directed to internship then the first industrial Skilling was witnessed in 1952 where the Soviet Union fought an electromagnetic war on the home front through the Cold War so it was like before the program came to an end in the 1980 more than 1700 stations were operating with an estimated uh combined output of like 45 megawatts and costing tens of millions of dollars and a year to run then Cuban Missile Crisis like the first deceptive drones were witnessed and the best was like the GPS War at the gulf so there was like so many different statistics and tactics which were published in stocks that we all know so it was like a technology was always

there in the different War it depends like how we were using it and it is really important at this point to understand the importance of the power range like how it happens so if this will help us when we will be discussing about the drones and the satellite attack so if we have like a transmission power of 100 kilowatt and if we transmit it like from a radar that point like it will resume at the destination it will be like let's say if it if we are transmitting a 100 kilowatt at a distance of 10 kilometer so the received power will be in Pico votes because the reflected power is like inversely proportional to the radius so the uh

inversely proportional to the distance Square so how we use this effect so uh we have like radar cross section area so RCS is a measure of how detectable an object it is by the radar so therefore it is called like the electromagnetic signature of the object so a larger RCS indicates that an object is more easily detected so here like a simple example we can take that let's say a B52 at the same distance on the radar will look like a of like 100 or 125 meter Square so at the same time like with the same technology at the same distance the rf22 Raptor will like just look like a size of a b which is like 0.001 so this is

how important it is and it is impacted by like so many different factors like the material of which the target is made the size of the target then the absolute size incident angle the polarization so there are so many different factor and this old effects are like now also being used for the drones and the other important factor for the cyber warfare is the jamming so there are so many different ways to do a jumping so jamming is like while interference generally describe an international form of disruption during wireless communication Jamin described the deliberate interference with or blocking of such communication so as the name suggests like jamming antennas are especially used to interfere with the

radio noise or signals and in electronic warfare this interference are meant to disturb control of a battle so there are so many different

equally being used during the War uh what happened yeah so now these are like all other different jamming techniques and the important is like how do we communicate while we are facing a jamming so this is like a simple example let's say if this is my target frequency the ideal Jammer will only block this particular frequency but this is not actually the case because we always see the frequency hoping sometimes like it's a distributed over a long distance so let's say if we are doing a frequency hoping and I know that the frequency opening is thin this particular range then maybe we can use the sweep jamming in which like we are dividing the power but it would not be

effective because the effective power is divided for the long bandwidth so the big question is like how do we communicate when we are facing a jamming so there is like a really good research paper which is published which it discusses about uh this particular technique so let's say if we have a Ally Jammer and these are our authorized devices in the green and these are my unauthorized devices so I don't want them to listen to the signal like what I'm doing or what I'm communicating so I want to do a gyming take but during that jamming I take my authorized devices should be able to communicate but unneutralized device should not be able to so for date like we use the QR NT

Technologies in which we are encrypting the frequencies using the shadow random number generator and the frequency jamming frequency will be like encrypted with that particular key so all of my authorized devices will be knowing that particular jamming key and it's like we are adding jamming signal to our actual signal so when the authorized device is received at particular uh noise they will be able to easily subtract the jamming signal because they know the signature and they will be receiving the actual file so this is how this particular technique work and this is broadly uh used in the year 18g interference cancellation system so in the in case like we have witnessed this particular system now which is working

is like the non-coherent technique and so this was all about the electronic warfare Now quickly moving forward like why is it important so declaring cyber as an official Warfare allows NATO members to improve planning in better manage resources for cyber defense operation so in the 2016 like they have designated cyberation official domain of warfare and again like military are now trying so many different techniques on top of debt like how they can hack the different uh better things using the Cyber weapons or maybe using the electronic weapons so if we don't win this cyber and electronic warfare uh fight then the next manual may not matter because we are not getting to it so this is what like we have also

witnessed during the Azerbaijan and Armenia Warfield that all of the Warfare was fought with the drones so even through the Armenia Army was like so strong but they were like uh using the Azerbaijan was like using the drones and this is why like they were at the uh perils and Advantage so when we talk about the Warfare we should not ignore the Cyber war and it is the use of the digital take to attack a nation so causing comparable harm to actual Warfare and disrupting the vital communication systems let me check time check okay sure so I will quickly uh jump to one very important slide so this is like what exactly is going in

the cyber warfare so modern military forces are like rely heavily on a variety of complex high technology electronic offensive and defensive capabilities so this is how like the all of the integration is looking like and we are at the heart of the electronic warfare convergence so in the era of convergence like we have cyber weapons cyber operations signal intelligence and all of them are like converging in some one-way or different so um like the known kinetic effect the insurance information assurance ISR they are previously thought of as a different technique but now we think of the electronic warfare is the same thing as we think of the cyber warfare because the spectrum is said among all of the

different things so this is very important over here and the big question like which I would leave this particular session is should electronic warfare technique like this Safe Sun and jamming be grouped together with seemingly related skills like cyber security and Signal intelligence or should they be treated as a different disciplines so the answer is towards like the convergence by including all the different Technologies in a single integrated architecture that is supported by a powerful real-time management software so in pursuing the vision systems must become more effectively efficient flexible so the network operations electronic warfare cyber operations these are all like getting together so the new Target of ew will be like to gain the information

dominance that is the operational advantage and it is going to be like a very big thing for the 21st century this is a new scenario the new discipline is of the Cyber electronic magnetic activities and I can discuss this particular fire slide so in this light light we can see the difference between kinetic weapon and cyber weapons so the kinetic weapons like almost always produce irreversible physical effect whereas cyber weapons can produce completely reversible effect so all through a small fraction of weapons like for example rubber bullets can deliver a quickly recoverable outcome most are intended to produce permanent or slow recovery effect while cyber weapons can produce permanent damage to the physical world such as the

case of instructions which caused physical destruction of centrifugue other cyber effect can be completely reversed by either the attacker or the victim so for an example like winner denial of service attack stops the target systems written to normal encryption such as used in ransomware is also reversible given the correct decoration key now indeed ransomware relies on reversibility in order to be effective so demonstration of the capability like to believe that it can be undone to predict the victim's willingness to pay Ransom and importantly like reversibility can be an asset of or limitation of cyber weapon because depending on the objective of their use so it is difficult to reverse engineering and reuse kinetic weapons since they are

typically uh damaged beyond the ReUse of a condition of their employment so because hyper weapons are like often compromised of easily replicable software they offer more ability for others to observe analyze and reuse the weapons by simply copying the software and replaying the context of its employment so whether separately or combined cyber and kinetic weapons are now available as strategic instrument of power and the present Noble opportunities for pursuing National interest so given the sort history of cyber warfare many opportunities remain for our future work to deepen the under standing of cyber weapon is leader gained experience and expertise with cyber weapons integrated combat Gray Zone operations will be stranded I am running out of time

there are a lot of good slides to discuss okay so uh just one quick slide overview I will do so whatever operations we do command in control is really important in in the 21st century uh this is how like the digital reconnaissance have came into a picture so before like in the 19th century we were doing like the reconnaissance using the land then in the 20th century we had the air and now in the 21st century we have cyber ISO reconnaissance and there are so many different reasons because these are like all of the Justified case studies so some of them you might be interested to read about I will share my slide after the presentation so that it would be

very easy for you to over go through overview of it and like there are so many different good or emergence tools all right so I can skip over here let me check [Music] most and this is like again one really good case study from persistent surveillance systems in which like uh aircraft was flying like at a top row for ten thousand feet that was doing its surveillance on the city so every moment every crime everything was monitored by that particular aircraft folder that was like having a 192 megapixel camera and covering an area of 25 square miles so that was like a very big project of U.S government in which like they were doing it and I think that was like they were

doing it on the top of Baltimore City to find murderer a high resolution camera which you can use now you which you can see on the top left image is placed in the casino over a long duration drone in the city is filmed so that one pixel is one person so the pixel Oro person can be highlighted or a trigged then all event in the field of view are a tie about and recorded when an event of Interest happens the recording is rebound over of physical interaction with that point can be traced so you are physical object and if you can be seen from the sky your every movement can be trained but with fast pace of Technology

you can see Equity parallel camera picture on the right side which shows stunning Clarity of camera systems and can zoom into a specific area or a large a space so a small bike rider or a window sign can be Amplified or so dramatically that you can read the fine prints so each 50 Mega gigapixel camera could like break up 110 kilometer by 110 kilometer of area so all through like about a thousand high resolution such camera array could cover the entire USA or China and with swamp drones and Camera arrays it would be um it would be like easy and cheap to do it so that's not that difficult okay so now I will be stopping over here

so if you have any questions you can reach out to me on this particular slide so these are like all of the different slide which I was supposed to discuss and uh here is my contact information so I will drop a slight update time yes second yeah so you can uh drop me email you can connect with me on LinkedIn you can connect with me on Twitter if you have any questions and I will be setting my slide with the gems so you can collect with him so I really apologize for being running late and I'm really thankful for being a speaker at the besides thank you so much