Learn, hack!

URL

http://dewy.fem.tu-ilmenau.de/CCC/23C3/audio/23C3-1439-en-information_operations.mp3

File name

23C3-1439-en-information_operations.mp3

File size

69.1 MB

MD5

d754cdec6ec0bf10a72e336735c2d0e6

SHA1

4908fa3582f9f604ca162015f825e0df460ee9d0

The use of information technology has brought a lot of new functionality and efficiency with it. But due to the fact that enterprises are totally dependant on IT, they are vulnerable to theft or destruction of information assets, a process described as information operations. This is the presentation of a one-year Postgraduate Infosec Research Project conducted in New Zealand. This presentation gives a sector-oriented overview of what has been done so far to address information operations (IO) and where improvements could and should be made. Main threat sources were identified: malicious insiders, as well as competitive organizations, cyber terrorists, criminal groups, and foreign governments. The research analyzes the potential risks of IO, clarifies how organizations are prepared for IO, and demonstrates how IO threats are addressed. Miscellaneous IO weapons, trends, threats, and possible countermeasures will be discussed. IO involves much more than computers and computer networks. It encompasses information in any form and transmitted over any medium. It covers operations against information content and operations against supporting systems, including hardware, software, and human practices. Numerous definitions of IO and related topics exist. When trying to define IO there is a danger of defining the concept either too narrowly or too broadly.