Cyber Strategies for a World at War

OPEN SOURCE AGGREGATION & ANALYSIS

The Latest Security Firm “Tell all”

On the heels of Mandiant’s international sensation APT1: Exposing One of China’s Cyber Espionage Units, we now have the Symantec report flamboyantly entitled Stuxnet 0.5: The Missing Link.

Have we now entered an era where Security Firms need to reveal their secrets in order to stay relevant and, perhaps more importantly, attract new customers? Or is it that these Security Firms regard more openness by them as better for the overall health and security of the cyber world than keeping their secrets secret?

Read the Symantec report:
Stuxnet 0.5: The Missing Link

Filed under: Business, cyber security, cyber war, government, Intelligence Community, Internet, Politics, SCADA, Stuxnet, Technology, Threats, , , , , , , , , , , , , ,

Attorney General Eric Holder Speaks at the Administration Trade Secret Strategy Rollout

Department of Justice
February 20, 2013

Thank you, Victoria, for those kind words – and thank you all for being here. It’s a pleasure to welcome you to the White House today – and a privilege to stand with so many friends, key partners, and indispensable allies in introducing the Administration’s strategy for combating the theft of trade secrets.

As Victoria just mentioned, this work is a top priority for President Obama, for the entire Administration – and of course for the dedicated men and women at the Department of Justice. I’m deeply proud of the contributions that my colleagues have made in developing this strategy – and the pivotal role that the Department will play in its implementation. And I’m confident that – as we bring government agencies and additional private sector partners together to put these plans into action – we’ll continue strengthening national efforts to protect the rights, safety, and best interests of American consumers, innovators, and entrepreneurs.

Particularly in this time of ongoing economic recovery, this work is more important than ever. Despite the challenges of recent years, American companies remain the most innovative in the world. They are responsible for many of the most important technological advances the world has ever seen, an overwhelming number of the 100 most valuable brands, and almost 30 percent of global research and development spending.

This level of innovation and the investments that make it possible benefit consumers, create jobs, and support our economy. For instance, in 2011, companies in Silicon Valley added over 42,000 jobs and recorded a growth rate more than three times that of the U.S. economy as a whole. But, as any of the corporate leaders in this crowd can attest, this prosperity is a double-edged sword. And it inevitably attracts global rivals – including individuals, companies, and even countries – eager to tilt the playing field to their advantage.

By corrupting insiders, hiring hackers, and engaging in other unscrupulous and illegal activities, these entities can inflict devastating harm on individual creators, start-ups, and major companies. As one private security expert has said of the largest U.S. corporations, there are only “two categories” of companies affected by trade secret theft – “[T]hose that know they’ve been compromised and those that don’t know yet.”

This is because, as new technologies have torn down traditional barriers to international business and global commerce, they’ve also made it easier for criminals to steal trade secrets – and to do so from anywhere in the world. A hacker in China can acquire source code from a software company in Virginia without leaving his or her desk. With a few keystrokes, a terminated or simply unhappy employee of a defense contractor can misappropriate designs, processes, and formulas worth billions of dollars.

Some of these criminals exploit pilfered secrets themselves – often by extorting the victim company or starting their own enterprise. Others try to sell the illicit information to a rival company, or obtain a bounty from a country interested in encouraging such theft. And all represent a significant and steadily increasing threat to America’s economic and national security interests.

Fortunately, the women and men of the Justice Department are working tirelessly to prevent, combat, and punish these serious crimes. Thanks to the efforts of 40 prosecutors and four computer forensic experts serving in the Computer Crime and Intellectual Property Section, and more than 230 specially-trained prosecutors stationed at U.S. Attorneys’ Offices around the country, including 25 Computer Hacking and Intellectual Property – or “CHIP” – units, I’m pleased to report that we’re fighting back more aggressively, and collaboratively, than ever before. And with approximately 240 FBI agents in the field dedicated to investigating IP crime, along with officials from U.S. Immigration and Customs Enforcement, and 20 additional state, federal, and international law enforcement agencies that are partners at the IPR Center, we are poised to build on our recent successes.

I’m proud of the outstanding work that these professionals are leading every day, in offices all across the country. But I also recognize – as I know you all do – that the Justice Department won’t be able to continue making the progress we need, and that our citizens and companies deserve, on its own.

We need to increase cooperation and coordination between partners at every level of government. We need to improve engagement with the corporations represented in the room today. We need to find ways to work together more efficiently and effectively – by following the road map set forth in the Administration’s new, comprehensive strategy. And we need to do so starting immediately – because continuing technological expansion and accelerating globalization will lead to a dramatic increase in the threat posed by trade secret theft in the years ahead.

In fact, by 2015, experts believe that the number of smart phones, tablets, laptops, and other internet-access devices in use will be roughly double the total that existed in 2010. In the same period, the proliferation of cloud-based computing will significantly enhance flexibility and productivity for workers around the world. But these same forces will also create more access points and vulnerabilities that allow criminals to steal confidential information.

Just as increasing globalization will enable American companies of all sizes to benefit from foreign technical experts and research and development activities in other countries, the sharing of trade secrets with entities operating in nations with weak rule of law may expose them to intellectual property losses. Any resulting cost advantages will likely be more than offset by losses in proprietary company information.

Unfortunately, these projections aren’t merely hypothetical. We’ve seen this phenomenon before – including in the late 1990s, when I had the privilege of serving as Deputy Attorney General. Between 1997 and 2000, internet usage in the United States more than doubled – and this massive technological shift also brought about major changes in the nature of crime. For instance, in 1999 alone, we saw a 30-percent spike in intellectual property cases over the previous year. In order to fight back, in July of that year I announced the Department’s first major IP Strategy, known as the Intellectual Property Rights Initiative.

Of course, we’ve all come a long way since then. As critical technologies have advanced, criminals have adapted accordingly. Our need to keep pace with these changes remains imperative. And the stakes have never been higher.

In some industries, a single trade secret can be worth millions – or even billions – of dollars. Trade secret theft can require companies to lay off employees, to close factories, to lose sales and profits, to experience a decline in competitive position and advantage – or even to go out of business. And this type of crime can have significant impacts not only on our country’s economic well-being, but on our national security – allowing hostile states to obtain data and technology that could endanger American lives; expose our energy, financial, or other sensitive sectors to massive losses; or make our infrastructure vulnerable to attack.

In response, the Justice Department has made the investigation and prosecution of trade secret theft a top priority. This is why the National Security Division’s Counterespionage Section has taken a leading role in economic espionage cases – and others affecting national security and the export of military and strategic commodities or technology. It’s also why, in 2010, I established an internal Task Force on Intellectual Property – led by Deputy Attorney General Jim Cole and other senior Department leaders – to improve and expand our enforcement efforts in this area. And it’s why the FBI has increased its focus on trade secret theft and its use of sophisticated tools and techniques in conducting national security and criminal investigations.

Of course, most trade secret matters are dealt with in civil court. But when the Justice Department receives referrals, we investigate and, when appropriate, prosecute those matters fairly and completely. And, although the primary legislation creating criminal liability for these acts is less than 20 years old, federal law enforcement officials have established a remarkable record of success in this area.

In the decade between 2001 and 2011, we secured well over 100 convictions in cases involving criminal trade secret thefts, and 6 convictions in economic espionage cases. For instance, in December 2011, a federal court in Indiana sentenced a man from China to more than 7 years in prison – after his conviction on charges of economic espionage on behalf of a foreign university tied to the Chinese government. Last September – in New Jersey – a jury convicted another Chinese native of trade secret theft and other charges for stealing information from a defense contractor about the performance and guidance systems for missiles and other military hardware. And last November – in Michigan – a former General Motors engineer and her husband were convicted of conspiring to steal more than $40 million worth of trade secrets from GM, with intent to use them in a joint venture with an automotive competitor in China.

In these and many other cases – as we’ve refined our approach and increased our understanding of these crimes and those who commit them – the Department has also gathered valuable intelligence about foreign-based economic espionage. We’ve forged strong relationships with law enforcement partners, private sector experts, and international allies. And we’ve begun to raise awareness about the devastating impact of these crimes – and to encourage companies to report suspected breaches to law enforcement – so violators can be caught, brought to justice, and kept from striking again.

As we carry this work into the future – thanks to the support and assistance of everyone here today, and the cutting-edge strategy we’re committed to implementing – I’m confident that we’ll continue to make great strides in the fight against trade secret theft. We’ll keep improving our ability to crack down on intellectual property infringement and economic espionage. And together we’ll ensure that the United States is, and always will be, the world leader in innovation.

/////////////////

Attendees of the Justice Department announcement received copies of the following report:

FOREIGN SPIES STEALING US ECONOMIC SECRETS IN CYBERSPACE

 

Filed under: Business, China, cyber security, Doctrine, government, Internet, News, Policy, Politics, Strategy, Technology, Threats, , , , , , , , , , , , , , ,

Former CIA Director Talks Cyber Security

Michael_Hayden,_CIA_official_portraitFormer National Security Agency and Central Intelligence Agency Director General Michael Hayden discusses life as the nation’s premier spy, as well the pressing cyber and national security issues of the day, with Frank Sesno, Director of George Washington University‘s School of Media and Public Affairs. This event took place February 19, 2013, and was recorded by CSPAN.

One of the first topics they discuss is the huge load of evidential data the information security company Mandiant recently released that alleges the Chinese government, through its military, is complicit in persistent cyber espionage against the United States government and corporations.

Not-so breaking news, folks: According to General Hayden, the United States steals China‘s secrets, too. However, he goes on to differentiate the type of espionage between the two nations. He regards the United States’s spying against the Chinese government as being done only to protect the United States’s citizens’s liberty and security; whereas the Chinese spying is being done against the United States primarily to steal its corporate and national secrets to improve China’s industrial and technological capacity and strength.

Unfortunately, CSPAN offers no embeddable file for the event so you will need to watch it at www.c-spanvideo.org/program/311052-1

Filed under: Analysis, cyber security, cyber war, Doctrine, government, Intelligence Community, Internet, Military, News, Terrorism, Threats, , , , , , , , , ,

China Responds To Mandiant Accusations Through State Media

Xinhua
February 20,2013

China defense ministry refutes cyber attack allegations

China’s military spokesman said on Wednesday that the country’s armed forces had never backed any hacking activities, denouncing U.S. cyber security firm Mandiant’s report as groundless both in facts and legal basis.

China’s laws ban any activities disrupting cyber security and the Chinese government always cracks down on cyber crimes, Geng Yansheng, spokesman with the Ministry of National Defense, said at a briefing.

Mandiant on Monday released a report which alleged that a secret Chinese military unit in Shanghai was behind years of cyber attacks against U.S. companies.

Geng said Mandiant’s report was groundless in fact because it came to the conclusion that the source of attack came from China simply because of the discovery that attacks were linked to IP addresses based in China.

First, as known to all, it is so common for hacking attacks on the Internet to take place by peculating IP addresses that “it happens almost everyday,” according to the spokesman.

Second, there has been no clear and consistent definition of cyber attacks around the world. The report lacks legal basis to assert cyber espionage only by cataloguing some routine cyber activities, he said.

Third, cyber attacks are transnational, anonymous and deceptive with their source often difficult to identify. Releasing irresponsible information will not help solve problems, Geng added.

The spokesman further said China actually is a major victim of cyber attacks.

[Continue reading...]

Filed under: China, cyber war, government, Internet, Military, News, , , , , ,

Congressional Open Hearing: Cyber Threats and Ongoing Efforts to Protect the Nation

Mandiant’s groundbreaking report that alleges China’s government is responsible for persistent, long-term hacking and cyber espionage, has the following quote:

“China’s economic espionage has reached an intolerable level and I believe that the United States and our allies in Europe and Asia have an obligation to confront Beijing and demand that they put a stop to this piracy. Beijing is waging a massive trade war on us all, and we should band together to pressure them to stop. Combined, the United States and our allies in Europe and Asia have significant diplomatic and economic leverage over China, and we should use this to our advantage to put an end to this scourge.”

— U.S. Rep. Mike Rogers, October, 2011

Representative Rogers’ quote comes from this congressional testimony:

House Permanent Select Committee on Intelligence
Chairman Mike Rogers Opening Statement
Open Hearing: Cyber Threats and Ongoing Efforts to Protect the Nation
October 4, 2011

*Remarks as Prepared

Introduction: The House Permanent Select Committee on Intelligence meets today in open session to convene a hearing on cyber threats and ongoing efforts to protect the nation. There are a wide range of cyber issues being debated these days. I would like to focus our discussion at today’s hearing, however, on cyber information sharing, and in particular, what the Intelligence Community might be able to do to assist the private sector in defending their networks.

The Speaker has asked Congressman Mac Thornberry of this Committee to lead the efforts of the House on the broader range of important cyber security issues, and his Task Force has done some very important work in thinking through some of these difficult problems. He has the full support of the House Intelligence Committee as he does his work, and I hope this hearing will be of benefit to the work of the Task Force.

Our witnesses for today’s hearing are The Honorable Michael Hayden, Mr. Arthur Coviello, and Mr. Kevin Mandia.

General Hayden has had a very long and distinguished military career. His assignments include serving as director of the National Security Agency, and director of the Central Intelligence Agency. He also served as the Principal Deputy Director of National Intelligence, and he is no stranger to the significant cyber threats we face from nation states like China.

Mr. Coviello is the Executive Chairman of RSA Corporation, a company which plays an important role in helping secure both private and government networks and systems.

RSA’s business alone would probably be sufficient to qualify him to testify before the Committee on cyber, but RSA was also the target of a significant cyber attack recently, and therefore serves as a useful case study of the state of our cyber security efforts.

Mr. Kevin Mandia is the Chief Executive Officer of MANDIANT, an industry leader in cyber incident response and computer forensics. Mr. Mandia deals with the consequences of advanced cyber espionage against American companies every day, and we look forward to his observations on the threats we face, as well as what we can do to better cope with them.

Read the complete testimony at the U.S. House of Representatives website.

Filed under: Business, China, government, Intelligence Community, Internet, Politics, Technology, Threats, , , , , , , , , , ,

Mandiant Exposes Persisten Hacking Authorized By Chinese Government

Mandiant, an information security company, has been in the news lately as the go-to cybersecurity company after high profile newspapers like the New York Times, Washington Post, and others were allegedly attacked by Chinese hackers. The New York Times alleged they were attached by China in retribution for the newspaper exposing government corruption at the highest levels.

Today, Mandiant has done something unusual for the hyper-secret world of cyber espionage and counter-espionage: they went public with accusatory reports and videos that shows a “day in the life” of a typical Chinese hacker.

The following is available from Mandiant’s website:

From the report:

Since 2004, Mandiant has investigated computer security breaches at hundreds of organizations around the world. The majority of these security breaches are attributed to advanced threat actors referred to as the “Advanced Persistent Threat” (APT). We first published details about the APT in our January 2010 M-Trends report. As we stated in the report, our position was that “The Chinese government may authorize this activity, but there’s no way to determine the extent of its involvement.” Now, three years later, we have the evidence required to change our assessment. The details we have analyzed during hundreds of investigations convince us that the groups conducting these activities are based primarily in China and that the Chinese Government is aware of them.

Read the full report:
Mandiant Report

Filed under: Analysis, Business, China, cyber security, cyber war, government, Military, News, Technology, Threats, , , , , , , , , , , , , ,

Obama’s Cybersecurity Executive Order: A Pirate Party Analysis

RussiaToday
February 13, 2013

Filed under: Analysis, cyber security, government, Internet, News, Technology, , , , ,

Improving the Security of the Nation’s Critical Infrastructure

White House
February 13, 2013

The Nation increasingly relies on the Internet to run the systems that light our houses, provide gas for our cars, and ensure our water is safe to drink. Collectively, these diverse systems represent our cyber critical infrastructure. Linking our critical infrastructure to the Internet brings considerable benefits, but our daily reliance on this critical infrastructure means that we are vulnerable to disruptions in our ability to use it. Unfortunately, the threats against our cyber critical infrastructure are numerous, ranging from sophisticated nation states to common criminals.

The government’s senior-most civilian, military, and intelligence professionals all agree that inadequate cybersecurity within this critical infrastructure poses a grave threat to the security of the United States. Most recently, we have seen an increased interest in targeting public and private critical infrastructure systems by actors who seek to threaten our national and economic security. Along with dissuading their actions, we must better protect the critical systems that support our way of life.

[Continue reading...]

Filed under: government, , , , , , , , ,

Executive Order — Improving Critical Infrastructure Cybersecurity

White House
February 12, 2013

EXECUTIVE ORDER

- – – – – – -

IMPROVING CRITICAL INFRASTRUCTURE CYBERSECURITY

By the authority vested in me as President by the Constitution and the laws of the United States of America, it is hereby ordered as follows:

Section 1Policy. Repeated cyber intrusions into critical infrastructure demonstrate the need for improved cybersecurity. The cyber threat to critical infrastructure continues to grow and represents one of the most serious national security challenges we must confront. The national and economic security of the United States depends on the reliable functioning of the Nation’s critical infrastructure in the face of such threats. It is the policy of the United States to enhance the security and resilience of the Nation’s critical infrastructure and to maintain a cyber environment that encourages efficiency, innovation, and economic prosperity while promoting safety, security, business confidentiality, privacy, and civil liberties. We can achieve these goals through a partnership with the owners and operators of critical infrastructure to improve cybersecurity information sharing and collaboratively develop and implement risk-based standards.

Sec2Critical Infrastructure. As used in this order, the term critical infrastructure means systems and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters.

Sec3Policy Coordination. Policy coordination, guidance, dispute resolution, and periodic in-progress reviews for the functions and programs described and assigned herein shall be provided through the interagency process established in Presidential Policy Directive-1 of February 13, 2009 (Organization of the National Security Council System), or any successor.

Sec4Cybersecurity Information Sharing. (a) It is the policy of the United States Government to increase the volume, timeliness, and quality of cyber threat information shared with U.S. private sector entities so that these entities may better protect and defend themselves against cyber threats. Within 120 days of the date of this order, the Attorney General, the Secretary of Homeland Security (the “Secretary”), and the Director of National Intelligence shall each issue instructions consistent with their authorities and with the requirements of section 12(c) of this order to ensure the timely production of unclassified reports of cyber threats to the U.S. homeland that identify a specific targeted entity. The instructions shall address the need to protect intelligence and law enforcement sources, methods, operations, and investigations.

(b) The Secretary and the Attorney General, in coordination with the Director of National Intelligence, shall establish a process that rapidly disseminates the reports produced pursuant to section 4(a) of this order to the targeted entity. Such process shall also, consistent with the need to protect national security information, include the dissemination of classified reports to critical infrastructure entities authorized to receive them. The Secretary and the Attorney General, in coordination with the Director of National Intelligence, shall establish a system for tracking the production, dissemination, and disposition of these reports.

(c) To assist the owners and operators of critical infrastructure in protecting their systems from unauthorized access, exploitation, or harm, the Secretary, consistent with 6 U.S.C. 143 and in collaboration with the Secretary of Defense, shall, within 120 days of the date of this order, establish procedures to expand the Enhanced Cybersecurity Services program to all critical infrastructure sectors. This voluntary information sharing program will provide classified cyber threat and technical information from the Government to eligible critical infrastructure companies or commercial service providers that offer security services to critical infrastructure.

(d) The Secretary, as the Executive Agent for the Classified National Security Information Program created under Executive Order 13549 of August 18, 2010 (Classified National Security Information Program for State, Local, Tribal, and Private Sector Entities), shall expedite the processing of security clearances to appropriate personnel employed by critical infrastructure owners and operators, prioritizing the critical infrastructure identified in section 9 of this order.

(e) In order to maximize the utility of cyber threat information sharing with the private sector, the Secretary shall expand the use of programs that bring private sector subject-matter experts into Federal service on a temporary basis. These subject matter experts should provide advice regarding the content, structure, and types of information most useful to critical infrastructure owners and operators in reducing and mitigating cyber risks.

Sec5Privacy and Civil Liberties Protections. (a) Agencies shall coordinate their activities under this order with their senior agency officials for privacy and civil liberties and ensure that privacy and civil liberties protections are incorporated into such activities. Such protections shall be based upon the Fair Information Practice Principles and other privacy and civil liberties policies, principles, and frameworks as they apply to each agency’s activities.

(b) The Chief Privacy Officer and the Officer for Civil Rights and Civil Liberties of the Department of Homeland Security (DHS) shall assess the privacy and civil liberties risks of the functions and programs undertaken by DHS as called for in this order and shall recommend to the Secretary ways to minimize or mitigate such risks, in a publicly available report, to be released within 1 year of the date of this order. Senior agency privacy and civil liberties officials for other agencies engaged in activities under this order shall conduct assessments of their agency activities and provide those assessments to DHS for consideration and inclusion in the report. The report shall be reviewed on an annual basis and revised as necessary. The report may contain a classified annex if necessary. Assessments shall include evaluation of activities against the Fair Information Practice Principles and other applicable privacy and civil liberties policies, principles, and frameworks. Agencies shall consider the assessments and recommendations of the report in implementing privacy and civil liberties protections for agency activities.

(c) In producing the report required under subsection (b) of this section, the Chief Privacy Officer and the Officer for Civil Rights and Civil Liberties of DHS shall consult with the Privacy and Civil Liberties Oversight Board and coordinate with the Office of Management and Budget (OMB).

(d) Information submitted voluntarily in accordance with 6 U.S.C. 133 by private entities under this order shall be protected from disclosure to the fullest extent permitted by law.

Sec6Consultative Process. The Secretary shall establish a consultative process to coordinate improvements to the cybersecurity of critical infrastructure. As part of the consultative process, the Secretary shall engage and consider the advice, on matters set forth in this order, of the Critical Infrastructure Partnership Advisory Council; Sector Coordinating Councils; critical infrastructure owners and operators; Sector-Specific Agencies; other relevant agencies; independent regulatory agencies; State, local, territorial, and tribal governments; universities; and outside experts.

Sec7Baseline Framework to Reduce Cyber Risk to Critical Infrastructure. (a) The Secretary of Commerce shall direct the Director of the National Institute of Standards and Technology (the “Director”) to lead the development of a framework to reduce cyber risks to critical infrastructure (the “Cybersecurity Framework”). The Cybersecurity Framework shall include a set of standards, methodologies, procedures, and processes that align policy, business, and technological approaches to address cyber risks. The Cybersecurity Framework shall incorporate voluntary consensus standards and industry best practices to the fullest extent possible. The Cybersecurity Framework shall be consistent with voluntary international standards when such international standards will advance the objectives of this order, and shall meet the requirements of the National Institute of Standards and Technology Act, as amended (15 U.S.C. 271 et seq.), the National Technology Transfer and Advancement Act of 1995 (Public Law 104-113), and OMB Circular A-119, as revised.

(b) The Cybersecurity Framework shall provide a prioritized, flexible, repeatable, performance-based, and cost-effective approach, including information security measures and controls, to help owners and operators of critical infrastructure identify, assess, and manage cyber risk. The Cybersecurity Framework shall focus on identifying cross-sector security standards and guidelines applicable to critical infrastructure. The Cybersecurity Framework will also identify areas for improvement that should be addressed through future collaboration with particular sectors and standards-developing organizations. To enable technical innovation and account for organizational differences, the Cybersecurity Framework will provide guidance that is technology neutral and that enables critical infrastructure sectors to benefit from a competitive market for products and services that meet the standards, methodologies, procedures, and processes developed to address cyber risks. The Cybersecurity Framework shall include guidance for measuring the performance of an entity in implementing the Cybersecurity Framework.

(c) The Cybersecurity Framework shall include methodologies to identify and mitigate impacts of the Cybersecurity Framework and associated information security measures or controls on business confidentiality, and to protect individual privacy and civil liberties.

(d) In developing the Cybersecurity Framework, the Director shall engage in an open public review and comment process. The Director shall also consult with the Secretary, the National Security Agency, Sector-Specific Agencies and other interested agencies including OMB, owners and operators of critical infrastructure, and other stakeholders through the consultative process established in section 6 of this order. The Secretary, the Director of National Intelligence, and the heads of other relevant agencies shall provide threat and vulnerability information and technical expertise to inform the development of the Cybersecurity Framework. The Secretary shall provide performance goals for the Cybersecurity Framework informed by work under section 9 of this order.

(e) Within 240 days of the date of this order, the Director shall publish a preliminary version of the Cybersecurity Framework (the “preliminary Framework”). Within 1 year of the date of this order, and after coordination with the Secretary to ensure suitability under section 8 of this order, the Director shall publish a final version of the Cybersecurity Framework (the “final Framework”).

(f) Consistent with statutory responsibilities, the Director will ensure the Cybersecurity Framework and related guidance is reviewed and updated as necessary, taking into consideration technological changes, changes in cyber risks, operational feedback from owners and operators of critical infrastructure, experience from the implementation of section 8 of this order, and any other relevant factors.

Sec8Voluntary Critical Infrastructure Cybersecurity Program. (a) The Secretary, in coordination with Sector-Specific Agencies, shall establish a voluntary program to support the adoption of the Cybersecurity Framework by owners and operators of critical infrastructure and any other interested entities (the “Program”).

(b) Sector-Specific Agencies, in consultation with the Secretary and other interested agencies, shall coordinate with the Sector Coordinating Councils to review the Cybersecurity Framework and, if necessary, develop implementation guidance or supplemental materials to address sector-specific risks and operating environments.

(c) Sector-Specific Agencies shall report annually to the President, through the Secretary, on the extent to which owners and operators notified under section 9 of this order are participating in the Program.

(d) The Secretary shall coordinate establishment of a set of incentives designed to promote participation in the Program. Within 120 days of the date of this order, the Secretary and the Secretaries of the Treasury and Commerce each shall make recommendations separately to the President, through the Assistant to the President for Homeland Security and Counterterrorism and the Assistant to the President for Economic Affairs, that shall include analysis of the benefits and relative effectiveness of such incentives, and whether the incentives would require legislation or can be provided under existing law and authorities to participants in the Program.

(e) Within 120 days of the date of this order, the Secretary of Defense and the Administrator of General Services, in consultation with the Secretary and the Federal Acquisition Regulatory Council, shall make recommendations to the President, through the Assistant to the President for Homeland Security and Counterterrorism and the Assistant to the President for Economic Affairs, on the feasibility, security benefits, and relative merits of incorporating security standards into acquisition planning and contract administration. The report shall address what steps can be taken to harmonize and make consistent existing procurement requirements related to cybersecurity.

Sec9Identification of Critical Infrastructure at Greatest Risk. (a) Within 150 days of the date of this order, the Secretary shall use a risk-based approach to identify critical infrastructure where a cybersecurity incident could reasonably result in catastrophic regional or national effects on public health or safety, economic security, or national security. In identifying critical infrastructure for this purpose, the Secretary shall use the consultative process established in section 6 of this order and draw upon the expertise of Sector-Specific Agencies. The Secretary shall apply consistent, objective criteria in identifying such critical infrastructure. The Secretary shall not identify any commercial information technology products or consumer information technology services under this section. The Secretary shall review and update the list of identified critical infrastructure under this section on an annual basis, and provide such list to the President, through the Assistant to the President for Homeland Security and Counterterrorism and the Assistant to the President for Economic Affairs.

(b) Heads of Sector-Specific Agencies and other relevant agencies shall provide the Secretary with information necessary to carry out the responsibilities under this section. The Secretary shall develop a process for other relevant stakeholders to submit information to assist in making the identifications required in subsection (a) of this section.

(c) The Secretary, in coordination with Sector-Specific Agencies, shall confidentially notify owners and operators of critical infrastructure identified under subsection (a) of this section that they have been so identified, and ensure identified owners and operators are provided the basis for the determination. The Secretary shall establish a process through which owners and operators of critical infrastructure may submit relevant information and request reconsideration of identifications under subsection (a) of this section.

Sec10Adoption of Framework. (a) Agencies with responsibility for regulating the security of critical infrastructure shall engage in a consultative process with DHS, OMB, and the National Security Staff to review the preliminary Cybersecurity Framework and determine if current cybersecurity regulatory requirements are sufficient given current and projected risks. In making such determination, these agencies shall consider the identification of critical infrastructure required under section 9 of this order. Within 90 days of the publication of the preliminary Framework, these agencies shall submit a report to the President, through the Assistant to the President for Homeland Security and Counterterrorism, the Director of OMB, and the Assistant to the President for Economic Affairs, that states whether or not the agency has clear authority to establish requirements based upon the Cybersecurity Framework to sufficiently address current and projected cyber risks to critical infrastructure, the existing authorities identified, and any additional authority required.

(b) If current regulatory requirements are deemed to be insufficient, within 90 days of publication of the final Framework, agencies identified in subsection (a) of this section shall propose prioritized, risk-based, efficient, and coordinated actions, consistent with Executive Order 12866 of September 30, 1993 (Regulatory Planning and Review), Executive Order 13563 of January 18, 2011 (Improving Regulation and Regulatory Review), and Executive Order 13609 of May 1, 2012 (Promoting International Regulatory Cooperation), to mitigate cyber risk.

(c) Within 2 years after publication of the final Framework, consistent with Executive Order 13563 and Executive Order 13610 of May 10, 2012 (Identifying and Reducing Regulatory Burdens), agencies identified in subsection (a) of this section shall, in consultation with owners and operators of critical infrastructure, report to OMB on any critical infrastructure subject to ineffective, conflicting, or excessively burdensome cybersecurity requirements. This report shall describe efforts made by agencies, and make recommendations for further actions, to minimize or eliminate such requirements.

(d) The Secretary shall coordinate the provision of technical assistance to agencies identified in subsection (a) of this section on the development of their cybersecurity workforce and programs.

(e) Independent regulatory agencies with responsibility for regulating the security of critical infrastructure are encouraged to engage in a consultative process with the Secretary, relevant Sector-Specific Agencies, and other affected parties to consider prioritized actions to mitigate cyber risks for critical infrastructure consistent with their authorities.

Sec11Definitions. (a) “Agency” means any authority of the United States that is an “agency” under 44 U.S.C. 3502(1), other than those considered to be independent regulatory agencies, as defined in 44 U.S.C. 3502(5).

(b) “Critical Infrastructure Partnership Advisory Council” means the council established by DHS under 6 U.S.C. 451 to facilitate effective interaction and coordination of critical infrastructure protection activities among the Federal Government; the private sector; and State, local, territorial, and tribal governments.

(c) “Fair Information Practice Principles” means the eight principles set forth in Appendix A of the National Strategy for Trusted Identities in Cyberspace.

(d) “Independent regulatory agency” has the meaning given the term in 44 U.S.C. 3502(5).

(e) “Sector Coordinating Council” means a private sector coordinating council composed of representatives of owners and operators within a particular sector of critical infrastructure established by the National Infrastructure Protection Plan or any successor.

(f) “Sector-Specific Agency” has the meaning given the term in Presidential Policy Directive-21 of February 12, 2013 (Critical Infrastructure Security and Resilience), or any successor.

Sec12General Provisions. (a) This order shall be implemented consistent with applicable law and subject to the availability of appropriations. Nothing in this order shall be construed to provide an agency with authority for regulating the security of critical infrastructure in addition to or to a greater extent than the authority the agency has under existing law. Nothing in this order shall be construed to alter or limit any authority or responsibility of an agency under existing law.

(b) Nothing in this order shall be construed to impair or otherwise affect the functions of the Director of OMB relating to budgetary, administrative, or legislative proposals.

(c) All actions taken pursuant to this order shall be consistent with requirements and authorities to protect intelligence and law enforcement sources and methods. Nothing in this order shall be interpreted to supersede measures established under authority of law to protect the security and integrity of specific activities and associations that are in direct support of intelligence and law enforcement operations.

(d) This order shall be implemented consistent with U.S. international obligations.

(e) This order is not intended to, and does not, create any right or benefit, substantive or procedural, enforceable at law or in equity by any party against the United States, its departments, agencies, or entities, its officers, employees, or agents, or any other person.

BARACK OBAMA

Filed under: cyber security, Doctrine, government, SCADA, , ,

Working to Counter Online Radicalization to Violence in the United States

White House
February 5, 2013

The American public increasingly relies on the Internet for socializing, business transactions, gathering information, entertainment, and creating and sharing content. The rapid growth of the Internet has brought opportunities but also risks, and the Federal Government is committed to empowering members of the public to protect themselves against the full range of online threats, including online radicalization to violence.

Violent extremist groups ─ like al-Qa’ida and its affiliates and adherents, violent supremacist groups, and violent “sovereign citizens” ─ are leveraging online tools and resources to propagate messages of violence and division. These groups use the Internet to disseminate propaganda, identify and groom potential recruits, and supplement their real-world recruitment efforts.  Some members and supporters of these groups visit mainstream fora to see whether individuals might be recruited or encouraged to commit acts of violence, look for opportunities to draw targets into private exchanges, and exploit popular media like music videos and online video games.  Although the Internet offers countless opportunities for Americans to connect, it has also provided violent extremists with access to new audiences and instruments for radicalization.

[Continue reading...]

Filed under: cyber security, cyber war, Life, Policy, Strategy, Terrorism, , , , , ,

Spies give way to ‘sexy’ social media

ODNI
August 2, 2012

Gathering intelligence from social media has finally become as “sexy” as more traditional clandestine methods.

Open source intelligence — generally regarded as information gathered through methods other than clandestine activity — is the “hot new field” in the intelligence community, said Patrick O’Neil, director of analytic development at the Open Source Center (OSC) in the Office of the Director of National Intelligence.

Intelligence agencies are developing their capabilities to gather useful information by scouring social media platforms such as Twitter and Facebook.

The amount of data available continues to grow from the inclusion of these non-traditional sources. As a result, members of the intelligence community must develop new tools and best practices to analyze the information.

There are opportunities involved, but there also are challenges in the process of adjusting to the shift, as O’Neil and two other panelists discussed at the event hosted by the Government Executive Media Group and the Intelligence and National Security Alliance in Washington Tuesday.

O’Neil said the Director of National Intelligence has chosen the Open Source Center to act as the intelligence community’s functional manager for open source intelligence and to coordinate resources and methodologies between governmental agencies.

“Our goal is to collect information once and distribute it to everybody in the government who needs it,” O’Neil said.

Filed under: cyber security, government, Intelligence Community, Internet, , , , , , , ,

Stuxnet: The New Face of 21st Century Cyber Warfare Infographic

Stuxnet

Infographic by Veracode Application Security

Filed under: cyber security, cyber war, government, Intelligence Community, Internet, Military, Stuxnet, Threats, War, , , ,

Obama may act to stop cyberattacks

Navy Times
August 9, 2012

“I think the administration is seriously frustrated over the lack of “I think the administration is seriously frustrated over the lack of congressional action and may decide they have no choice” but to act congressional action and may decide they have no choice” but to act administratively, said Roger Cressey, who served as a cybersecurity and administratively, said Roger Cressey, who served as a cybersecurity and counterterrorism adviser in the Clinton and George W. Bush counterterrorism adviser in the Clinton and George W. Bush administrations. administrations.

Cressey, now a senior vice president at the Booz Allen Hamilton consulting Cressey, now a senior vice president at the Booz Allen Hamilton consulting firm, said the administration was weighing a number of options, including firm, said the administration was weighing a number of options, including offering incentives, such as liability protection, to entice industry to opt-in offering incentives, such as liability protection, to entice industry to opt-in to voluntary computer security standards. He said there likely would be to voluntary computer security standards. He said there likely would be more conversations about the issue after Congress returns in September more conversations about the issue after Congress returns in September before the White House takes any action. before the White House takes any action.

Filed under: cyber security, cyber war, government, Internet, Policy, Politics, , , ,

An “Horrendous Risk” In Action

Wired tech writer Mat Honan provides heart-stopping but timely insight into what Steve Wozniak’s horrendous cloud risks look like:

In the space of one hour, my entire digital life was destroyed. First my Google account was taken over, then deleted. Next my Twitter account was compromised, and used as a platform to broadcast racist and homophobic messages. And worst of all, my AppleID account was broken into, and my hackers used it to remotely erase all of the data on my iPhone, iPad, and MacBook.

Continue reading, if you dare, at Wired

Filed under: Business, cyber security, Internet, Life, News, Polls, Technology, , , , , , , , , , , , , , , , , ,

Wozniak Warns of “Horrendous” Cloud Risks

The Telegraph
August 6, 2012

Wozniak told an audience in Washington DC: “I really worry about everything going into the cloud. I think it’s going to be horrendous. I think there are going to be a lot of horrible problems in the next five years.”

Steve Wozniak, who co-founded Apple with Steve Jobs in 1976, was speaking after a performance of The Agony and the Ecstasy of Steve Jobs, a monologue about working conditions at Apple’s Chinese factories.

Read more at The Telegraph

Filed under: cyber security, Internet, Life, News, Polls, Technology, , , , , , , , , , ,

It May Not Be the Result of Cyber Warfare

…but India’s recent massive power outage, which affected more than 700 million people, certainly is a glimpse at what havoc effective cyber warfare can potentially inflict on a country’s electrical grid and, more importantly, its population.

Mumbai Skylines

Filed under: cyber war, government, SCADA, , , , , ,

Senate Denies Cyber Security Bill

According to the Associated Press, the Senate has failed to pass the much-needed Cyber Security Legislation.

 

 

Filed under: cyber security, government, Politics, , , , , , , , , , ,

Department of Defense Cyber Strategy

U.S. Department of Defense
July 14, 2011

It should come as no surprise that the United States is prepared to defend itself. It would be irresponsible, and a failure of the Defense Department’s mission, to leave the nation vulnerable to a known threat. Just as our military organizes to defend against hostile acts from land, air, and sea, we must also be prepared to respond to hostile acts in cyberspace. Accordingly, the United States reserves the right, under the laws of armed conflict, to respond to serious cyber attacks with a proportional and justified military response at the time and place of our choosing.

Deputy Secretary of Defense William J. Lynn, III, National Defense University, Washington, D.C.,

Read the speech at Defense.gov

Filed under: cyber security, Doctrine, Intelligence Community, Internet, Military, Policy, , , , , , , , , , , , ,

President Obama Names Vivek Kundra Chief Information Officer

The White House
March 5, 2009

WASHINGTON, DC – Today, President Barack Obama named Vivek Kundra the Federal Chief Information Officer (CIO) at the White House.

The Federal Chief Information Officer directs the policy and strategic planning of federal information technology investments and is responsible for oversight of federal technology spending. The Federal CIO establishes and oversees enterprise architecture to ensure system interoperability and information sharing and ensure information security and privacy across the federal government. The CIO will also work closely with the Chief Technology Officer to advance the President’s technology agenda.

President Obama said, “Vivek Kundra will bring a depth of experience in the technology arena and a commitment to lowering the cost of government operations to this position. I have directed him to work to ensure that we are using the spirit of American innovation and the power of technology to improve performance and lower the cost of government operations. As Chief Information Officer, he will play a key role in making sure our government is running in the most secure, open, and efficient way possible.”

The following announcement was made today:

Vivek Kundra, Federal Chief Information Officer
Vivek Kundra formerly served in Mayor Fenty’s cabinet as the Chief Technology Officer (CTO) for the District of Columbia, responsible for technology operations and strategy for 86 agencies. He has been recognized among the top 25 CTO’s in the country and as the 2008 IT Executive of the Year for his pioneering work to drive transparency, engage citizens and lower the cost of government operations. Kundra is also recognized for his leadership in public safety communications, cyber security and IT portfolio management. Before Kundra came to the District, Governor Timothy M. Kaine appointed him Assistant Secretary of Commerce and Technology for the Commonwealth of Virginia, the first dual cabinet role in the state’s history. Kundra’s diverse record also includes technology and public policy experience in private industry and academia. He is a graduate of the University of Virginia’s Sorensen Institute for Political Leadership and holds a MS in Information Technology from the University of Maryland.

Filed under: Analysis, Biography, Business, cyber security, cyber war, Doctrine, government, History, Intelligence Community, Internet, Life, Military, News, Policy, Politics, Strategy, Technology, Terrorism, Training, War, , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

The Highlighter: Securing Cyberspace for the 44th Presidency – Part V

A Report of the CSIS Commission on Cybersecurity for the 44th Presidency

Part V includes highlights of:

  • Section 4 – Regulate for Cybersecurity

——————————————————————————————————————————————
CSWW is not affiliated with CSIS or the commission that produced this report. The use of “we,” “our,” “us,” etc., throughout the highlights of this report refers to the members of the CSIS Commission and not to CSWW.
——————————————————————————————————————————————

The Highlights:

4
Regulate for Cybersecurity

Recommendations

  • The president should task the NOC to work with appropriate regulatory agencies to develop and issue standards and guidance for securing critical cyber infrastructure, which those agencies would then apply in their own regulations.
  • The NOC should work with the appropriate regulatory agencies and with the National Institute of Standards and Technology (NIST) to develop regulations for industrial control systems (ICS). The government could reinforce regulation by making the development of secure control systems an element of any economic stimulus package…
  • The NOC should immediately determine the extent to which government-owned critical infrastructures are secure from cyber attack…
  • The president should direct the NOC and the federal Chief Information Officers Council, working with industry, to develop and implement security guidelines for the procurement of IT products (with software as the first priority).
  • The president should task the National Security Agency (NSA) and NIST, working with international partners, to reform the National Information Assurance Partnership (NIAP).
  • The president should take steps to increase the use of secure Internet protocols. The president should direct OMB and the NOC to develop mandatory requirements for agencies to contract only with telecommunications carriers that use secure Internet protocols.

Read the rest of this entry »

Filed under: Analysis, Biography, Business, cyber security, cyber war, Doctrine, government, History, Intelligence Community, Internet, Life, Military, News, Policy, Politics, Strategy, Technology, Terrorism, The Highlighter, Training, War, , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

A World at War

The United States must treat cybersecurity as one of the most important national security challenges it faces. Cybersecurity can no longer be relegated to information technology offices and chief information officers. Nor is it primarily a problem for homeland security and counterterrorism. And it is completely inadequate to defer national security to the private sector and the market. This is a strategic issue on par with weapons of mass destruction and global jihad, where the federal government bears primary responsibility.

Central Finding from Securing Cyberspace for the 44th Presidency: A Report of the CSIS Commission on Cybersecurity for the 44th Presidency

Read the full CSIS report
Read the CSWW Highlights

The World is at War. It is a world war that is being fought right now, in real time, virtually everywhere on the planet. It is a world war that is, perhaps, more encompassing and global in nature than any other world war in history because, not only is it being fought by nations and their governments, it is also being fought by non-state actors such as terrorists, organized crime, unorganized crime, and many other known and unknown entities. It is a total world war being fought every day on the hidden and dark battle fields of the cyber domain. It is a war that, according to some intelligence estimates, has the potential to be as nearly as serious and as deadly as a nuclear war. Continue reading...

RSS Office of the Director of National Intelligence

  • Interim Progress Report on Implementing PPD-28 October 17, 2014
    As the President said in his speech on January 17, 2014, “the challenges posed by threats like terrorism, proliferation, and cyber-attacks are not going away any time soon, and for our intelligence community to be effective over the long haul, we must maintain the trust of the American people, and people around the world.” As a part of that effort, the Presi […]
  • JEDI MIND Wins IARPA’s INSTINCT Challenge October 9, 2014
    WASHINGTON – The Intelligence Advanced Research Projects Activity (IARPA), within the Office of the Director of National Intelligence (ODNI), announced today the winner of its first public challenge contest, Investigating Novel Statistical Techniques to Identify Neurophysiological Correlates of Trustworthiness (INSTINCT).
  • NGA's New Leader to Focus on Expanding Agency's Capabilities October 7, 2014
    A short trip into the DoD Reporter's notebook this week as there was a change of leadership ceremony at the National Geospatial-Intelligence Agency that's worth mentioning. Letitia Long retired from government after 36 years, including the last four as the director of NGA.
  • “Disability as an Intelligence Community Mission Need” Remarks as delivered by PDDNI Stephanie O’Sullivan October 3, 2014
    Good morning. I love “firsts,” and I’m glad we set this summit up. Thank you, Rita [Sampson, director of Intelligence Community equal employment opportunity and diversity], for inviting me to kick this off. I’m particularly happy that we’re putting some devoted thought into meeting the needs of disabled members of our workforce.
  • Federal Agency Data Mining Report 2013 October 1, 2014
    The Office of the Director of National Intelligence (ODNI) provides this report pursuant to Section 804 of the Implementing the Recommendations of the 9/11 Commission Act of 2007, entitled The Federal Agency Data Mining Reporting Act of 2007 (Act).
  • NCTC 10 Years later - A Decade of Service September 29, 2014
    As the National Counterterrorism Center enters a new decade, its founders and former leaders reflect on the defining moments and challenges they faced standing up a new organization.
  • Remarks as Delivered by The Honorable James R. Clapper Director of National Intelligence AFCEA/INSA National Security and Intelligence Summit September 18, 2014
    This is truly remarkable, to see INSA and AFCEA co-hosting this summit. It’s extra special for me, because I’m somewhat of an “INSA hipster.” I was into INSA before it was cool. [laughter]Actually, I was into INSA before it was INSA. In the late ‘90s, I was president of SASA for a year or two, and I tried to promote – a word you’ll hear again from me – integ […]
  • DNI Unveils 2014 National Intelligence Strategy September 18, 2014
    The Director of National Intelligence James R. Clapper today unveiled the 2014 National Intelligence Strategy - the blueprint that will drive the priorities for the nation's 17 Intelligence Community components over the next four years.
  • As Prepared Statement for the Record by NCTC Director, Matthew Olsen Before the House Committee on Homeland Security September 17, 2014
    As I conclude three years as Director of the National Counterterrorism Center, I also want to express my deep appreciation to the Committee for its unflagging support of the men and women at the National Counterterrorism Center and our counterterrorism community, as a whole.
  • As Prepared Statement for the Record, NCTC Deputy Director, Nicholas Rasmussen Before the Senate HSGA Committee September 17, 2014
    NCTC Director Olsen and I don’t often testify in open hearings, and so we see today as an important opportunity to share our understanding of an evolving, dynamic terrorist threat with the Committee and with the American public.

RSS NSA News

  • An error has occurred; the feed is probably down. Try again later.

RSS Defense Advanced Research Projects Agency (DARPA)

  • 2014/10/20 Atom-width Graphene Sensors Could Provide Unprecedented Insights into Brain Structure and Function October 20, 2014
    Understanding the anatomical structure and function of the brain is a longstanding goal in neuroscience and a top priority of President Obama’s brain initiative. Electrical monitoring and stimulation of neuronal signaling is a mainstay technique for studying brain function, while emerging optical techniques—which use photons instead of electrons—are opening […]
    DARPA Public Affairs Office
  • 2014/10/08 Using Light Frequencies to Sniff Out Deadly Materials from a Distance October 8, 2014
    DARPA yesterday issued a solicitation for proposals responsive to its Spectral Combs from UV to THz (SCOUT) program, which seeks new capabilities for highly sensitive remote detection of multiple biological or chemical agents in liquid or gaseous forms. A proposers day is set for Oct. 15 via webcast.
    DARPA Public Affairs Office
  • 2014/10/07 GXV-T Imagines Future Armored Ground Vehicles that Could Increase Survivability through Improved Situational Awareness October 7, 2014
      One of the key goals of DARPA's Ground X-Vehicle Technologies (GXV-T) program is improving the survivability of ground-based armored fighting vehicles through crew augmentation. Crew augmentation involves improved physical and electronically assisted situational awareness for crew and passengers. It also involves semi-autonomous driver assistance and […]
    DARPA Public Affairs Office
  • 2014/09/30 DARPA Technology Identifies Counterfeit Microelectronics September 30, 2014
    Advanced software and equipment to aid in the fight against counterfeit microelectronics in U.S. weapons and cybersecurity systems has been transitioned to military partners under DARPA’s Integrity and Reliability of Integrated Circuits (IRIS) program. Researchers with SRI International, an IRIS performer, announced today they have provided Advanced Scanning […]
    DARPA Public Affairs Office
  • 2014/09/24 Neutron Vision: Going Beyond X-Rays for Advanced Imaging in the Field September 26, 2014
    Seeking to expand the nation’s capability to detect and identify materials that are not easily visualized by conventional imaging technologies, DARPA today released an announcement inviting proposals to develop portable, next-generation imaging tools that combine the complementary benefits of X-ray and neutron radiography.
    DARPA Public Affairs Office
  • 2014/09/18 Seeing Through the Fog (and Dust and Snow) of War September 18, 2014
    Degraded visibility—which encompasses diverse environmental conditions including severe weather, dust kicked up during takeoff and landing and poor visual contrast among different parts of terrain—often puts both the safety and effectiveness of tactical helicopter operations at risk. Current sensor systems that can provide the necessary visualization through […]
    DARPA Public Affairs Office
  • 2014/09/16 Lightweight, Soft Exosuit Aims to Prevent Musculoskeletal Injury in Warfighters September 16, 2014
    Harvard University’s Wyss Institute for Biologically Inspired Engineering is continuing development of a lightweight, soft exosuit for DARPA’s Warrior Web program, which is aimed at creating technologies that mitigate musculoskeletal injuries among warfighters while improving performance. The Wyss team is seeking to integrate component technologies developed […]
    DARPA Public Affairs Office
  • 2014/09/15 Blood-cleansing “Artificial Spleen” Technology Could Increase Survival Odds for Future Sepsis Patients September 15, 2014
      Sepsis—a life-threatening over-reaction by the immune system to infection—afflicts 18 million people a year worldwide and kills between 30 and 50 percent of them. Sepsis poses a significant threat to warfighters who suffer combat injuries that predispose them to infection. Antibiotics can kill sepsis-inducing microbes but their overuse is contributing to t […]
    DARPA Public Affairs Office
  • 2014/09/11 New Mathematical Tools Seen as Key to Maximizing Value of Scientific Data and Accelerating Discovery September 11, 2014
    The exponential growth of diverse science data represents an unprecedented opportunity to make substantial advances in complex science and engineering, such as discovery of novel materials or drugs. However, without tools to unify principles, results, models and other kinds of data into a single computational representation, it is difficult to relate data fr […]
    DARPA Public Affairs Office
  • 2014/09/10 DARPA Program “Grows” Lasers Directly on Silicon-Based Microchips September 10, 2014
    DARPA’s Electronic-Photonic Heterogeneous Integration (E-PHI) program has successfully integrated billions of light-emitting dots on silicon to create an efficient silicon-based laser. The breakthrough, achieved by researchers working on the program at the University of California, Santa Barbara (UCSB), will enable the production of inexpensive and robust mi […]
    DARPA Public Affairs Office
  • 2014/09/05 GXV-T Envisions Future Armored Ground Vehicles that Could Sprint, Dodge and Shield Their Way Out of Danger September 5, 2014
      One of the key goals of DARPA's Ground X-Vehicle Technology (GXV-T) program is improving the survivability of ground-based armored fighting vehicles by increasing vehicle agility. Vehicle agility involves the ability to autonomously avoid incoming threats, either by rapidly moving out of the way or reconfiguring the vehicle so incoming threats have a […]
    DARPA Public Affairs Office
  • 2014/09/03 Wanted: Insights to Guide Creation of Robotic Satellite-Servicing Capabilities in Geostationary Earth Orbit September 3, 2014
      An increasing number of expensive, mission-critical satellites are launched every year into geostationary Earth orbit (GEO), approximately 22,000 miles (36,000 kilometers) above the Earth. Unlike objects in low Earth orbit (LEO), such as the Hubble Space Telescope, satellites in GEO are essentially unreachable with current technology. As a result, these sa […]
    DARPA Public Affairs Office
  • 2014/08/29 DARPA Open Catalog Expands Listings to Include Research into Biological and Fundamental Sciences August 29, 2014
    The DARPA Open Catalog—a six-month-old public web portal that organizes and shares the results of DARPA research—today expanded its research listings to include peer-reviewed publications and other material from the agency’s Biological Technologies Office (BTO) and Defense Sciences Office (DSO). Along with that expansion, the website now offers open source s […]
    DARPA Public Affairs Office
  • 2014/08/26 President Obama Highlights New DARPA Program Aimed at Developing Novel Therapies Customized to Individual Patients August 26, 2014
    The body’s peripheral nervous system constantly monitors the status of internal organs and helps regulate biological responses to infection, injury or other imbalances. When this regulatory process goes awry due to injury or illness, peripheral nerve signals can actually exacerbate a condition, causing pain, inflammation or immune dysfunction.
    DARPA Public Affairs Office
  • 2014/08/22 Atoms to Product: Aiming to Make Nanoscale Benefits Life-sized August 25, 2014
      Many common materials exhibit different and potentially useful characteristics when fabricated at extremely small scales—that is, at dimensions near the size of atoms, or a few ten-billionths of a meter. These “atomic scale” or “nanoscale” properties include quantized electrical characteristics, glueless adhesion, rapid temperature changes, and tunable abs […]
    DARPA Public Affairs Office
  • 2014/08/18 New Ground X-Vehicle Technology (GXV-T) Program Aims to Break the “More Armor” Paradigm for Protection August 18, 2014
      For the past 100 years of mechanized warfare, protection for ground-based armored fighting vehicles and their occupants has boiled down almost exclusively to a simple equation: More armor equals more protection. Weapons’ ability to penetrate armor, however, has advanced faster than armor’s ability to withstand penetration. As a result, achieving even incre […]
    DARPA Public Affairs Office
  • 2014/08/15 CHIKV Challenge Asks Teams to Forecast the Spread of Infectious Disease August 15, 2014
      The Chikungunya virus (CHIKV) is on the move. Spread among humans by mosquitoes, and spread across geographic boundaries by humans who travel, the virus—which causes a debilitating illness—is now expanding through the Western Hemisphere. Governments and health organizations could take proactive steps to limit its spread if they had accurate forecasts of wh […]
    DARPA Public Affairs Office
  • 2014/08/07 SyNAPSE Program Develops Advanced Brain-Inspired Chip August 25, 2014
      DARPA-funded researchers have developed one of the world’s largest and most complex computer chips ever produced—one whose architecture is inspired by the neuronal structure of the brain and requires only a fraction of the electrical power of conventional chips.
    DARPA Public Affairs Office
  • 2014/07/29 Building the Foundation for Future Synthetic Biology Applications with BRICS July 29, 2014
    The development of increasingly sophisticated techniques and tools to sequence, synthesize and manipulate genetic material has led to the rapidly maturing discipline of synthetic biology. To date, work in synthetic biology has focused primarily on manipulating individual species of domesticated organisms to perform specific tasks, such as producing medicines […]
    DARPA Public Affairs Office
  • 2014/07/24 Beyond GPS: 5 Next-Generation Technologies for Positioning, Navigation & Timing (PNT) July 24, 2014
      It is difficult to imagine the modern world without the Global Positioning System (GPS), which provides real-time positioning, navigation and timing (PNT) data for countless military and civilian uses. Thanks in part to early investments that DARPA made to miniaturize GPS technology, GPS today is ubiquitous. It’s in cars, boats, planes, trains, smartphones […]
    DARPA Public Affairs Office

Advertisement

RSS Cyber News (Google)

  • New cyber doctrine shows more offense, transparency - FCW.com October 24, 2014
    New cyber doctrine shows more offense, transparencyFCW.comThe document also clearly defines offensive cyber operations as those "intended to project power by the application of force in and through cyberspace." The document is a reference point for top brass in planning cyber operations, not something that ...
  • US government probes medical devices for possible cyber flaws - Reuters October 22, 2014
    ReutersUS government probes medical devices for possible cyber flawsReutersThe products under review by the agency's Industrial Control Systems Cyber Emergency Response Team, or ICS-CERT, include an infusion pump from Hospira Inc and implantable heart devices from Medtronic Inc and St Jude Medical Inc, according to other ...DHS investigates 24 potential […]
  • Cyber security needed in all aspects of life - Tahlequah Daily Press October 24, 2014
    PropertyCasualty360Cyber security needed in all aspects of lifeTahlequah Daily PressSponsored by the National Cyber Security Division within the Department of Homeland Security, the Multi-State Information Sharing and Analysis Center, and the nonprofit organization National Cyber Security Alliance, National Cyber Security Awareness ...Bringing attention to c […]
  • Domains, Budgets and Bureaucracies: Nukes, Space & Now — Cyber - Breaking Defense October 24, 2014
    Breaking DefenseDomains, Budgets and Bureaucracies: Nukes, Space & Now — CyberBreaking DefenseJoan Johnson Freese, a member of our Board of Contributors and professor at the Naval War College, is an expert on space, Strategic Command and several other topics dealt with below. She doesn't think the creation of Cyber Command is a great idea.
  • Cyber Education Summit kicks off Thursday at GRU - WRDW-TV October 24, 2014
    NBC26.tvCyber Education Summit kicks off Thursday at GRUWRDW-TVThe Department of Defense says last year there were 10 million intrusions a day in their system, and with data breaches like target and Home Depot it hits home to all of is. Since cyber command is expected to keep growing GRU is working with Fort ...NSA director speaks at Cyber Education Summit a […]
  • Local students to participate in cyber-security competition this weekend - Charleston Post Courier October 24, 2014
    Local students to participate in cyber-security competition this weekendCharleston Post CourierDozens of high school students in the Lowcountry will compete against students across the country this weekend to be named the top defender of national cyber-security. The National Youth Cyber Defense competition is held each year by the Air Force ...
  • Cyber Security Business Doubles for London Insurer - Wall Street Journal (blog) October 24, 2014
    Cyber Security Business Doubles for London InsurerWall Street Journal (blog)Miller Insurance Services LLP, riding a rash of high-profile security breaches, has seen its cyber insurance business double in the past year. The London company has sold “hundreds” of policies since Target Corp. was hacked in late 2013, says Nick ...
  • China says US must change 'mistaken policies' before deal on cyber security - The Guardian October 19, 2014
    The GuardianChina says US must change 'mistaken policies' before deal on cyber securityThe GuardianYang Jiechi, a state councillor overseeing foreign affairs, told Kerry at private talks in Boston the US “should take positive action to create necessary conditions for bilateral cyber security dialogue and cooperation to resume”, according to a ...an […]
  • Apple's iCloud service suffers cyber-attack in China, putting passwords in peril - Washington Post (blog) October 22, 2014
    Fast CompanyApple's iCloud service suffers cyber-attack in China, putting passwords in perilWashington Post (blog)A sophisticated cyber-attack has targeted Apple's iCloud service in China, in an apparent attempt to collect user names, passwords and other private information as the company releases its newest round of iPhones in the world's mos […]
  • Anti-bullying group presents even on cyber safety - Post-Bulletin October 25, 2014
    Anti-bullying group presents even on cyber safetyPost-BulletinAUSTIN — Now that nearly every cellphone is a smartphone and more and more children are carrying them, it's getting more and more important for parents to be vigilant, said Danielle Borgerson-Nesvold, founder of Community Against Bullying in Austin.and more »

RSS Cyber News (Yahoo)

RSS Cyber War News (MSN Live)

  • Cyber Security Business Doubles for London Insurer October 24, 2014
    Miller Insurance Services LLP, riding a rash of high-profile security breaches, has seen its cyber insurance business double in the past year. The London company has sold “hundreds” of policies since Target Corp. was hacked in late 2013, says Nick ...
  • Cyber-Attacks Principal Concern of Financial Institutions October 24, 2014
    A record 84 percent of respondents listed cyber-risk as one of their top five concerns, an increase of 25 points since the last survey was conducted. Cyber-security ranks as the principal concern of the financial services industry, according to results of ...
  • Cyber Security: Humans are Largely the Problem October 25, 2014
    (Targeted News Service Via Acquire Media NewsEdge) ADELAIDE, Australia, Oct. 24 -- The University of Adelaide issued the following news release: When people think about cyber and information security they often think about anti-virus software and firewalls ...
  • Local students to participate in cyber-security competition this weekend October 24, 2014
    Dozens of high school students in the Lowcountry will compete against students across the country this weekend to be named the top defender of national cyber-security. The National Youth Cyber Defense competition is held each year by the Air Force ...
  • Loyola Blakefield Launches Cyber Science Program to Prepare Students for High Demand Internships and Job Market October 25, 2014
    TOWSON, Md., Oct. 24, 2014 /PRNewswire-USNewswire/ -- Loyola Blakefield has announced the launch of its Cyber Science program to prepare students for America's most in-demand jobs and internships. The program is the one of the nation's first to offer the ...
  • VC cyber security funding tops £850 million October 24, 2014
    A new study from US-based research firm CBI Insights reveals that corporate cyber security investments have risen five-fold since 2009, with 30 percent growth in the last year alone. The report, dated 21 October and which is based on data publicly ...
  • VIMRO LLC Becomes National Cyber Security Awareness Month 2014 Champion October 25, 2014
    Coordinated and led by the National Cyber Security Alliance (NCSA) and the Department of Homeland Security, National Cyber Security Awareness Month (NCSAM) promotes online safety awareness. VIMRO LLC today announced that it has become a Champion of ...
  • Sibu cops raid 169 cyber gambling centres October 24, 2014
    SIBU: Police in Sibu have so far raided 169 cyber gambling centres this year, an alarming 500 per cent increase over the figure for the same period last year. Deputy Home Minister Wan Junaidi Tuanku Jaafar, who disclosed these figures on Friday, said that ...
  • Bringing attention to child pornography with National Cyber Security Awareness Month October 24, 2014
    If one pays close attention to the radio ads this month, many are directed towards cyber crime awareness, as October is National Cyber Security Awareness Month. The virtual world is full of perpetrators waiting to exploit the vulnerable. Although any kind ...
  • Cyber security needed in all aspects of life October 24, 2014
    October marks the 11th annual National Cyber Security Awareness Month, a time to educate citizens on ways to make the Internet safer and more secure for all users. Sponsored by the National Cyber Security Division within the Department of Homeland Security ...

RSS Cyber Tags (Icerocket)

  • \1000★藤★【希少品■紬糸■お洒落長襦袢■】仕立上り October 25, 2014
    \1000★藤★【希少品■紬糸■お洒落長襦袢■】仕立上り 現在価格: 10,500円 入札件数: 32件 詳細はこちら>> .☆.・∴゜ ☆:*・∵.:*・ ☆.☆.。.:*, ★ :*・∵.:☆.。.: 消費税分は別途必要ございません! ★ :*・∵.:☆.。.: ☆.☆.。.:*, ☆:*・∵.:*・ .☆.・∴゜ Club Fuji では落札金額に対する消費税はいただいておりません。 従いまして、消費税額が変更になる4月以降も 落札金額+送料(全国一律\500) にてお届けいたします。 .☆.・∴゜ 送料”ワンコイン”キャンペーン実施中 / 佐川急便で全国どこでも一律【\500*ジャスト ... […]
  • Supreme Court Decision Reached on Bikini Girls of STC Cebu -#CebuPhilippines October 25, 2014
    The Winner In April 2012, I wrote about the five senior students of St. Theresa's College (STC), Cebu, whose pictures showing them scantily clad, appeared in Facebook. Pictures of the students drinking and smoking in a bar had also been posted. When the officials at the exclusive Catholic school, wh ...
    Cecilia Manguerra Brainard
  • Richard Sang Yeong Sue Do Sa Beue Wheol would like to THANK the AECYCLOPEIDIA.COM for Post_TAGS (SUPRA) of the Abstract + "Developing White Papers" Especiallly Japanese WIKI (Asia Project)--Nihon Desk ... October 25, 2014
    SURVEILLANCE, CRIME & PHILOSOPHY & CULTURE In the past I would like to most gratefully thank SUZUKI MOTER TRENDS INTERNATIONAL FOR BEING MY GLOBAL TRAFFIC ANALYZER, NEXT TO GOOGLE CHROME, GOOGLE CHROME + NETWORK PROFILE--HA HA--I don't know a thing in knowing how to use, and have a promissory note t ...
    S.Y.R. Kim
  • Birthday Gift Idea Unique October 25, 2014
    Occasionally, you may wish to get her a birthday celebration. When we feel the birthday gift idea unique as one that shows your careful consideration in its very own growing pot. The recipient relives the birthday gift idea unique that has made the birthday gift idea unique on this extra special on ...
    Norman
  • Φυλάκιση 14 μηνών σε 28χρονο κάτοικο Χαλκιδικής που ανάρτησε σκηνές από «cyber sex» October 25, 2014
    Σε ποινή φυλάκισης 14 μηνών και σε χρηματική ποινή 10.000 ευρώ καταδικάστηκε χθες, από το Τριμελές Πλημμελειοδικείο Ρόδου, ο Θ. Ε., κάτοικος Χαλκιδικής, που κρίθηκε ένοχος απόπειρας εκβίασης δύο 18χρονων κοριτσιών, μέσω ηλεκτρονικών μηνυμάτων, που απεστάλησαν στις ιστοσελίδες τους, στον ιστοχώρο κοι ... […]
    Simantra Xalkidiki
  • Manpreet’s email account hacked, 400 mails sent October 25, 2014
    Manpreet’s email account hacked, 400 mails sent Hacker impersonates PPP chief and seeks money from his contacts Archit Watts Tribune News Service Muktsar, October 24 Unidentified persons hacked the personal email account of Manpreet Singh Badal, former state Finance Minister and People’s Party of Pu ...
    (Archit Watts)
  • Now Is The Time October 25, 2014
    In my opinion, there is no better time to play contests and sweepstakes than the last two months of the year. Along with the Thanksgiving and Christmas/Holiday sweepstakes, there are also the Black Friday, Cyber Monday and New Year’s Eve/Day sweeps which give huge prizes. Along with the many prizes ...
    gmoney36
  • Intelligence US - 1ª Temporada em Torrent e Legendado (HDTV/720P) October 25, 2014
    Legendas e Torrents - Intelligence US - 1ª Temporada Episódio 01 - Pilot (HDTV) Episódio 01 - Pilot (720p) Episódio 02 - Red X (HDTV) Episódio 02 - Red X (720p) Episódio 03 - Mei Chun Returns (HDTV) Episódio 03 - Mei Chun Returns (720p) Episódio 04 - Secrets of the Secrets Service (HDTV) Episódio 04 ...
    Filmes para Download via Torrent
  • Halloween Party October 25, 2014
    There is nothing like a lunar eclipse to prepare for Halloween. Actually it took place a few weeks before we had our party at about 5 in the morning. While not the best shot it gives you an idea. It was followed by a partial solar eclipse the day before we had our family Halloween party. There were ...
    Greg and Cindy
  • Today's Teamster News 10.25.14 October 25, 2014
    Teamster News Oakland School Bus Drivers Choose Teamsters Representation teamster.org ...First Student school bus drivers in Oakland, Calif., have voted by an overwhelming 15-1 margin in favor of representation by Teamsters Local 853 in San Leandro, Calif. The 150 drivers transport children in the O ...
    Teamster Power

RSS Cyber News (Ask.com)

  • Ethical hackers combat cyber criminals to boost public safety October 25, 2014
    Gladwinmi.com - Found 27 minutes agoHow do businesses strengthen protection against cyber criminals? They beat them at their own game by employing ethical hackers. Cyber security... Ethical hackers combat cyber criminals to boost public safety - Daily Mail Ethical hackers combat cyber criminals to boost public safety - Kaufman Herald Ethical hackers combat c […]
  • TAG Greater Augusta Hosts Cyber Security Conference October 25, 2014
    TMC Net - Found 5 hours ago... including: - What is Cyber Security and Why Should Business Care? - What is the Mission of Army Cyber Security? - What Impact will the Cyber... TAG Greater Augusta Hosts Cyber Security Conference - TMC Net Loyola Blakefield Launches Cyber Science Program to Prepare Students ... - WMBF Palmyra district sees enrollment increase i […]
  • Remarks of the Assistant Secretary General at the Regional Workshop ... October 25, 2014
    TMC Net - Found 7 hours ago... the importance and timeliness of this Regional Workshop on Cyber Security Policies, as it takes place in the National Cyber Security Awareness...
  • SecurityScorecard CEO to Speak at Advisen Cyber Risk Insight ... October 24, 2014
    Yahoo! Finance - Found 17 hours agoNEW YORK, Oct. 24, 2014 /PRNewswire/ -- Why and how financial institutions must understand all the cyber risks they face as well as those of their SecurityScorecard CEO to Speak at Advisen Cyber Risk Insight ... - BusinessWeek SecurityScorecard CEO To Speak At Advisen Cyber Risk Insight ... - TheStreet.com SecurityScorecard […]
  • Newly Revised Global Information Security Policy Manual Available ... October 24, 2014
    ABC News 4 Charleston - Found 18 hours agoThis article was originally distributed via PRWeb. PRWeb, WorldNow and this Site make no warranties or representations in connection therewith. Carmakers ignore hacking risk, security expert says - CBC securitypoliciesonline.com Announce Launch of its Global Information ... - TMC Net Newly Revised Information Securit […]
  • The Super Saver Black Friday & Cyber Monday 2014 Deal for Xbox ... October 24, 2014
    TMC Net - Found 22 hours agoOne Black Friday & Cyber Monday 2014 is the most wanted deal that one could ever get for this new version of Xbox. Black Friday & Cyber Monday... The Super Saver Black Friday & Cyber Monday 2014 Deal for Xbox ... - TMC Net Xbox One November: Free games for Xbox Live with Gold to be ... - Christian Today Dead Or Alive 5 […]
  • Teensafe Supports National Bullying Prevention Month by Empowering ... October 23, 2014
    KHQ Right Now - Found Oct. 23, 2014“We know the terrible effects bullying and Cyber-bullying can have on our children and want to empower parents to be aware of what goes on... Alanson Schools goes orange to challenge bullying - TV 7 & 4 Teensafe Supports National Bullying Prevention Month by Empowering ... - ABC News 4 Charleston Teensafe Supports Natio […]
  • Cyber security centre to guard 'smart nation' October 23, 2014
    Asiaone - Found Oct. 23, 20141:43 AM A NEW CyberSecurity Research Centre will be set up early next year to defend Singapore's upcoming smart nation systems. New cyber security centre to defend S'pore's smart nation systems - Asia News Network New cyber security centre to defend Singapore's smart nation systems - Straits Times Explore All […]
  • Feds Probe Medical Devices for Possible Cyber Flaws October 22, 2014
    NBCNews.com - Found Oct. 22, 2014The products under review by the agency's Industrial Control Systems Cyber Emergency Response Team, or ICS-CERT, include an infusion pump from... US government probes medical devices for possible cyber flaws - FOXNews.com Possible cybersecurity flaws in medical devices probed - CBC Risk of hack attacks on heart implants, […]

RSS Cyber-war Tag (Wordpress)

RSS Cyberwar Tag (Wordpress)

About the Author

Kurt Brindley is a retired U.S. Navy Senior Chief who specialized in the fields of tele-communications and C4SRI systems Upon retirement from the navy, he spent nearly a decade as a defense industry consultant. He now writes full time ...more

Books by Kurt Brindley

THE SEA TRIALS OF AN UNFORTUNATE SAILOR is a suspenseful psychological drama about life in the navy during the Don't Ask Don't Tell era. But it's more than that. It is also about each of us and how we perceive the world around us. Written with a narrative starkness, it is a story that leaves us with only our own prejudices and stereotypes to draw from as we are forced to make assumptions about character and identity, and, in the end, determine not just who did it but if it was even done at all...more.

Cyber Poll – 20090208

Archives

Support CSWW

Please help improve CSWW by providing us with your comments, concerns, and questions at our FEEDBACK page.

Enter your email address to follow this blog and receive notifications of new posts by email.

Join 442 other followers

Follow

Get every new post delivered to your Inbox.

Join 442 other followers

%d bloggers like this: