Payloading the 5th domain, from hacking to economy, politics, warfare, and people.

Published by Juan Mosso on

A work done originally in 2017, a 60-years journey focused in technology evolution and information security, to help us understand some major events and their profound impact on society. Not to persuade us, but to inspire us to think and act.

“Not to persuade us, but to inspire us to think and act.”

A review that starts in the 1960s with some seminal work on Time Sharing System (TSS) computers in MIT, the connection of the first computers through ARPANET, and the fundamental change in computing paradigms triggered by UNIX at Bell Labs. The first infromation security breaches like Phone Phreaking and CTSS password theft. Then the 1970s, from creeper to reaper, the introduction of the microprocessor and initial security concerns around ARPANET. The first ever pure Infromation Security Evaluation of MULTICS at US Air Force. ARPANET gets operational, the first BBSs ant then Apple and Microsoft enter the scene. The 1980s, the rise of the Internet as we know it today, the Chaos Computer Club (CCC), intial standarization through the Orange Book at US DoD and fundamental British Standards, the first important computer and nbetwork breaches at Lawrence Berkley Labs and the amazing Morris Worm, the creation of the US Computer Fraud and Abuse Act (CFAA), first use evidence of computer crime at US Congress, and first sentence to Herbert Zinn using CFAA. The very first backdoor at UNIX by Ken Thompson, the IDES intrusion detection model, Clarck Wilson security policies for computer systems, Chinese wall model for commerciasl systems and owr loved Firewalls. The 1990s encouraging openess and standardization, the dial-up age, the biggest computer heist ever at the time on Citybank, Kevin Mitnik empowering and using social engineering, internationalization of law and the extradition of Vladimir Levin to US by Scotland Yard, the first software bomb, the incredible Melissa virus, the first sound information security standards like BS7799-1 and BS7799-2, and the internalization of standards through ISO work. The HIPPA framewrok and the GRamm-Leach Billey Act on privacy in financial institutions. POSIX standarization on access control systems made our lives easier! The 2000s, well, read the presentation for more infromation…

At the end of the work, some thoughs, open questions, examples, and reflection on the world to come, crazy as it may sounds.

Key takeaways:

  • Modern life aggressively shaped by technology.
  • Big players operating over cyber space (big threats!).
  • Conflicting interest (both short-term and long-term).
  • Different conflict dimensions (Economics, Policy, Warfare, Human).
  • Weaponised information all around us (still HF-LI CC).
  • Lack of awareness and knowledge (individual and collective).
  • Lack of laws and regulations.

We definitely have a problem, it is not the technology, it is the application and the uncertainty around it.

“We definitely have a problem.”

Payloading the 5th domainDownload
Categories: AnalysisFoundationsInformation Security
Tags:

0 Comments

Leave a Reply

Avatar placeholder

Related Posts

Information Security Operations Policy Red Teams Research

Red teaming for lifeline infrastructures

From supporting societies’ most basic human needs to enabling its most ambitious endeavors in commerce, science, and technology, lifeline services and critical infrastructures underpin modern civilization’s well-being and development. Without them, it would not be Read more…

Analysis Management Research Servoces Value

Enterprise Service Model Canvas (ESMC)

I developed the Corporate Service Model Canvas (ESMC) to help address some major issues linked to the lack of maturity recognised in relation to both how to define services and innovate on new value proposals. Read more…

Foundations Information Security

An abstract from “Design for MULTICS Security Enhancements”

The results of a 1973 security study of the Multics Computer System are presented detailing requirements for a new access control mechanism that would allow two levels of classified data to be used simultaneously on Read more…