Cyber Strategies for a World at War

OPEN SOURCE AGGREGATION & ANALYSIS

Top Hacker Shows Us How It’s Done

Filed under: cyber security, , , , , , , ,

Former CIA Director Talks Cyber Security

Michael_Hayden,_CIA_official_portraitFormer National Security Agency and Central Intelligence Agency Director General Michael Hayden discusses life as the nation’s premier spy, as well the pressing cyber and national security issues of the day, with Frank Sesno, Director of George Washington University‘s School of Media and Public Affairs. This event took place February 19, 2013, and was recorded by CSPAN.

One of the first topics they discuss is the huge load of evidential data the information security company Mandiant recently released that alleges the Chinese government, through its military, is complicit in persistent cyber espionage against the United States government and corporations.

Not-so breaking news, folks: According to General Hayden, the United States steals China‘s secrets, too. However, he goes on to differentiate the type of espionage between the two nations. He regards the United States’s spying against the Chinese government as being done only to protect the United States’s citizens’s liberty and security; whereas the Chinese spying is being done against the United States primarily to steal its corporate and national secrets to improve China’s industrial and technological capacity and strength.

Unfortunately, CSPAN offers no embeddable file for the event so you will need to watch it at www.c-spanvideo.org/program/311052-1

Filed under: Analysis, cyber security, cyber war, Doctrine, government, Intelligence Community, Internet, Military, News, Terrorism, Threats, , , , , , , , , ,

China Responds To Mandiant Accusations Through State Media

Xinhua
February 20,2013

China defense ministry refutes cyber attack allegations

China’s military spokesman said on Wednesday that the country’s armed forces had never backed any hacking activities, denouncing U.S. cyber security firm Mandiant’s report as groundless both in facts and legal basis.

China’s laws ban any activities disrupting cyber security and the Chinese government always cracks down on cyber crimes, Geng Yansheng, spokesman with the Ministry of National Defense, said at a briefing.

Mandiant on Monday released a report which alleged that a secret Chinese military unit in Shanghai was behind years of cyber attacks against U.S. companies.

Geng said Mandiant’s report was groundless in fact because it came to the conclusion that the source of attack came from China simply because of the discovery that attacks were linked to IP addresses based in China.

First, as known to all, it is so common for hacking attacks on the Internet to take place by peculating IP addresses that “it happens almost everyday,” according to the spokesman.

Second, there has been no clear and consistent definition of cyber attacks around the world. The report lacks legal basis to assert cyber espionage only by cataloguing some routine cyber activities, he said.

Third, cyber attacks are transnational, anonymous and deceptive with their source often difficult to identify. Releasing irresponsible information will not help solve problems, Geng added.

The spokesman further said China actually is a major victim of cyber attacks.

[Continue reading…]

Filed under: China, cyber war, government, Internet, Military, News, , , , , ,

Congressional Open Hearing: Cyber Threats and Ongoing Efforts to Protect the Nation

Mandiant’s groundbreaking report that alleges China’s government is responsible for persistent, long-term hacking and cyber espionage, has the following quote:

“China’s economic espionage has reached an intolerable level and I believe that the United States and our allies in Europe and Asia have an obligation to confront Beijing and demand that they put a stop to this piracy. Beijing is waging a massive trade war on us all, and we should band together to pressure them to stop. Combined, the United States and our allies in Europe and Asia have significant diplomatic and economic leverage over China, and we should use this to our advantage to put an end to this scourge.”

— U.S. Rep. Mike Rogers, October, 2011

Representative Rogers’ quote comes from this congressional testimony:

House Permanent Select Committee on Intelligence
Chairman Mike Rogers Opening Statement
Open Hearing: Cyber Threats and Ongoing Efforts to Protect the Nation
October 4, 2011

*Remarks as Prepared

Introduction: The House Permanent Select Committee on Intelligence meets today in open session to convene a hearing on cyber threats and ongoing efforts to protect the nation. There are a wide range of cyber issues being debated these days. I would like to focus our discussion at today’s hearing, however, on cyber information sharing, and in particular, what the Intelligence Community might be able to do to assist the private sector in defending their networks.

The Speaker has asked Congressman Mac Thornberry of this Committee to lead the efforts of the House on the broader range of important cyber security issues, and his Task Force has done some very important work in thinking through some of these difficult problems. He has the full support of the House Intelligence Committee as he does his work, and I hope this hearing will be of benefit to the work of the Task Force.

Our witnesses for today’s hearing are The Honorable Michael Hayden, Mr. Arthur Coviello, and Mr. Kevin Mandia.

General Hayden has had a very long and distinguished military career. His assignments include serving as director of the National Security Agency, and director of the Central Intelligence Agency. He also served as the Principal Deputy Director of National Intelligence, and he is no stranger to the significant cyber threats we face from nation states like China.

Mr. Coviello is the Executive Chairman of RSA Corporation, a company which plays an important role in helping secure both private and government networks and systems.

RSA’s business alone would probably be sufficient to qualify him to testify before the Committee on cyber, but RSA was also the target of a significant cyber attack recently, and therefore serves as a useful case study of the state of our cyber security efforts.

Mr. Kevin Mandia is the Chief Executive Officer of MANDIANT, an industry leader in cyber incident response and computer forensics. Mr. Mandia deals with the consequences of advanced cyber espionage against American companies every day, and we look forward to his observations on the threats we face, as well as what we can do to better cope with them.

Read the complete testimony at the U.S. House of Representatives website.

Filed under: Business, China, government, Intelligence Community, Internet, Politics, Technology, Threats, , , , , , , , , , ,

Mandiant Exposes Persisten Hacking Authorized By Chinese Government

Mandiant, an information security company, has been in the news lately as the go-to cybersecurity company after high profile newspapers like the New York Times, Washington Post, and others were allegedly attacked by Chinese hackers. The New York Times alleged they were attached by China in retribution for the newspaper exposing government corruption at the highest levels.

Today, Mandiant has done something unusual for the hyper-secret world of cyber espionage and counter-espionage: they went public with accusatory reports and videos that shows a “day in the life” of a typical Chinese hacker.

The following is available from Mandiant’s website:

From the report:

Since 2004, Mandiant has investigated computer security breaches at hundreds of organizations around the world. The majority of these security breaches are attributed to advanced threat actors referred to as the “Advanced Persistent Threat” (APT). We first published details about the APT in our January 2010 M-Trends report. As we stated in the report, our position was that “The Chinese government may authorize this activity, but there’s no way to determine the extent of its involvement.” Now, three years later, we have the evidence required to change our assessment. The details we have analyzed during hundreds of investigations convince us that the groups conducting these activities are based primarily in China and that the Chinese Government is aware of them.

Read the full report:
Mandiant Report

Filed under: Analysis, Business, China, cyber security, cyber war, government, Military, News, Technology, Threats, , , , , , , , , , , , , ,

Improving the Security of the Nation’s Critical Infrastructure

White House
February 13, 2013

The Nation increasingly relies on the Internet to run the systems that light our houses, provide gas for our cars, and ensure our water is safe to drink. Collectively, these diverse systems represent our cyber critical infrastructure. Linking our critical infrastructure to the Internet brings considerable benefits, but our daily reliance on this critical infrastructure means that we are vulnerable to disruptions in our ability to use it. Unfortunately, the threats against our cyber critical infrastructure are numerous, ranging from sophisticated nation states to common criminals.

The government’s senior-most civilian, military, and intelligence professionals all agree that inadequate cybersecurity within this critical infrastructure poses a grave threat to the security of the United States. Most recently, we have seen an increased interest in targeting public and private critical infrastructure systems by actors who seek to threaten our national and economic security. Along with dissuading their actions, we must better protect the critical systems that support our way of life.

[Continue reading…]

Filed under: government, , , , , , , , ,

Executive Order — Improving Critical Infrastructure Cybersecurity

White House
February 12, 2013

EXECUTIVE ORDER

– – – – – – –

IMPROVING CRITICAL INFRASTRUCTURE CYBERSECURITY

By the authority vested in me as President by the Constitution and the laws of the United States of America, it is hereby ordered as follows:

Section 1Policy. Repeated cyber intrusions into critical infrastructure demonstrate the need for improved cybersecurity. The cyber threat to critical infrastructure continues to grow and represents one of the most serious national security challenges we must confront. The national and economic security of the United States depends on the reliable functioning of the Nation’s critical infrastructure in the face of such threats. It is the policy of the United States to enhance the security and resilience of the Nation’s critical infrastructure and to maintain a cyber environment that encourages efficiency, innovation, and economic prosperity while promoting safety, security, business confidentiality, privacy, and civil liberties. We can achieve these goals through a partnership with the owners and operators of critical infrastructure to improve cybersecurity information sharing and collaboratively develop and implement risk-based standards.

Sec2Critical Infrastructure. As used in this order, the term critical infrastructure means systems and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters.

Sec3Policy Coordination. Policy coordination, guidance, dispute resolution, and periodic in-progress reviews for the functions and programs described and assigned herein shall be provided through the interagency process established in Presidential Policy Directive-1 of February 13, 2009 (Organization of the National Security Council System), or any successor.

Sec4Cybersecurity Information Sharing. (a) It is the policy of the United States Government to increase the volume, timeliness, and quality of cyber threat information shared with U.S. private sector entities so that these entities may better protect and defend themselves against cyber threats. Within 120 days of the date of this order, the Attorney General, the Secretary of Homeland Security (the “Secretary”), and the Director of National Intelligence shall each issue instructions consistent with their authorities and with the requirements of section 12(c) of this order to ensure the timely production of unclassified reports of cyber threats to the U.S. homeland that identify a specific targeted entity. The instructions shall address the need to protect intelligence and law enforcement sources, methods, operations, and investigations.

(b) The Secretary and the Attorney General, in coordination with the Director of National Intelligence, shall establish a process that rapidly disseminates the reports produced pursuant to section 4(a) of this order to the targeted entity. Such process shall also, consistent with the need to protect national security information, include the dissemination of classified reports to critical infrastructure entities authorized to receive them. The Secretary and the Attorney General, in coordination with the Director of National Intelligence, shall establish a system for tracking the production, dissemination, and disposition of these reports.

(c) To assist the owners and operators of critical infrastructure in protecting their systems from unauthorized access, exploitation, or harm, the Secretary, consistent with 6 U.S.C. 143 and in collaboration with the Secretary of Defense, shall, within 120 days of the date of this order, establish procedures to expand the Enhanced Cybersecurity Services program to all critical infrastructure sectors. This voluntary information sharing program will provide classified cyber threat and technical information from the Government to eligible critical infrastructure companies or commercial service providers that offer security services to critical infrastructure.

(d) The Secretary, as the Executive Agent for the Classified National Security Information Program created under Executive Order 13549 of August 18, 2010 (Classified National Security Information Program for State, Local, Tribal, and Private Sector Entities), shall expedite the processing of security clearances to appropriate personnel employed by critical infrastructure owners and operators, prioritizing the critical infrastructure identified in section 9 of this order.

(e) In order to maximize the utility of cyber threat information sharing with the private sector, the Secretary shall expand the use of programs that bring private sector subject-matter experts into Federal service on a temporary basis. These subject matter experts should provide advice regarding the content, structure, and types of information most useful to critical infrastructure owners and operators in reducing and mitigating cyber risks.

Sec5Privacy and Civil Liberties Protections. (a) Agencies shall coordinate their activities under this order with their senior agency officials for privacy and civil liberties and ensure that privacy and civil liberties protections are incorporated into such activities. Such protections shall be based upon the Fair Information Practice Principles and other privacy and civil liberties policies, principles, and frameworks as they apply to each agency’s activities.

(b) The Chief Privacy Officer and the Officer for Civil Rights and Civil Liberties of the Department of Homeland Security (DHS) shall assess the privacy and civil liberties risks of the functions and programs undertaken by DHS as called for in this order and shall recommend to the Secretary ways to minimize or mitigate such risks, in a publicly available report, to be released within 1 year of the date of this order. Senior agency privacy and civil liberties officials for other agencies engaged in activities under this order shall conduct assessments of their agency activities and provide those assessments to DHS for consideration and inclusion in the report. The report shall be reviewed on an annual basis and revised as necessary. The report may contain a classified annex if necessary. Assessments shall include evaluation of activities against the Fair Information Practice Principles and other applicable privacy and civil liberties policies, principles, and frameworks. Agencies shall consider the assessments and recommendations of the report in implementing privacy and civil liberties protections for agency activities.

(c) In producing the report required under subsection (b) of this section, the Chief Privacy Officer and the Officer for Civil Rights and Civil Liberties of DHS shall consult with the Privacy and Civil Liberties Oversight Board and coordinate with the Office of Management and Budget (OMB).

(d) Information submitted voluntarily in accordance with 6 U.S.C. 133 by private entities under this order shall be protected from disclosure to the fullest extent permitted by law.

Sec6Consultative Process. The Secretary shall establish a consultative process to coordinate improvements to the cybersecurity of critical infrastructure. As part of the consultative process, the Secretary shall engage and consider the advice, on matters set forth in this order, of the Critical Infrastructure Partnership Advisory Council; Sector Coordinating Councils; critical infrastructure owners and operators; Sector-Specific Agencies; other relevant agencies; independent regulatory agencies; State, local, territorial, and tribal governments; universities; and outside experts.

Sec7Baseline Framework to Reduce Cyber Risk to Critical Infrastructure. (a) The Secretary of Commerce shall direct the Director of the National Institute of Standards and Technology (the “Director”) to lead the development of a framework to reduce cyber risks to critical infrastructure (the “Cybersecurity Framework”). The Cybersecurity Framework shall include a set of standards, methodologies, procedures, and processes that align policy, business, and technological approaches to address cyber risks. The Cybersecurity Framework shall incorporate voluntary consensus standards and industry best practices to the fullest extent possible. The Cybersecurity Framework shall be consistent with voluntary international standards when such international standards will advance the objectives of this order, and shall meet the requirements of the National Institute of Standards and Technology Act, as amended (15 U.S.C. 271 et seq.), the National Technology Transfer and Advancement Act of 1995 (Public Law 104-113), and OMB Circular A-119, as revised.

(b) The Cybersecurity Framework shall provide a prioritized, flexible, repeatable, performance-based, and cost-effective approach, including information security measures and controls, to help owners and operators of critical infrastructure identify, assess, and manage cyber risk. The Cybersecurity Framework shall focus on identifying cross-sector security standards and guidelines applicable to critical infrastructure. The Cybersecurity Framework will also identify areas for improvement that should be addressed through future collaboration with particular sectors and standards-developing organizations. To enable technical innovation and account for organizational differences, the Cybersecurity Framework will provide guidance that is technology neutral and that enables critical infrastructure sectors to benefit from a competitive market for products and services that meet the standards, methodologies, procedures, and processes developed to address cyber risks. The Cybersecurity Framework shall include guidance for measuring the performance of an entity in implementing the Cybersecurity Framework.

(c) The Cybersecurity Framework shall include methodologies to identify and mitigate impacts of the Cybersecurity Framework and associated information security measures or controls on business confidentiality, and to protect individual privacy and civil liberties.

(d) In developing the Cybersecurity Framework, the Director shall engage in an open public review and comment process. The Director shall also consult with the Secretary, the National Security Agency, Sector-Specific Agencies and other interested agencies including OMB, owners and operators of critical infrastructure, and other stakeholders through the consultative process established in section 6 of this order. The Secretary, the Director of National Intelligence, and the heads of other relevant agencies shall provide threat and vulnerability information and technical expertise to inform the development of the Cybersecurity Framework. The Secretary shall provide performance goals for the Cybersecurity Framework informed by work under section 9 of this order.

(e) Within 240 days of the date of this order, the Director shall publish a preliminary version of the Cybersecurity Framework (the “preliminary Framework”). Within 1 year of the date of this order, and after coordination with the Secretary to ensure suitability under section 8 of this order, the Director shall publish a final version of the Cybersecurity Framework (the “final Framework”).

(f) Consistent with statutory responsibilities, the Director will ensure the Cybersecurity Framework and related guidance is reviewed and updated as necessary, taking into consideration technological changes, changes in cyber risks, operational feedback from owners and operators of critical infrastructure, experience from the implementation of section 8 of this order, and any other relevant factors.

Sec8Voluntary Critical Infrastructure Cybersecurity Program. (a) The Secretary, in coordination with Sector-Specific Agencies, shall establish a voluntary program to support the adoption of the Cybersecurity Framework by owners and operators of critical infrastructure and any other interested entities (the “Program”).

(b) Sector-Specific Agencies, in consultation with the Secretary and other interested agencies, shall coordinate with the Sector Coordinating Councils to review the Cybersecurity Framework and, if necessary, develop implementation guidance or supplemental materials to address sector-specific risks and operating environments.

(c) Sector-Specific Agencies shall report annually to the President, through the Secretary, on the extent to which owners and operators notified under section 9 of this order are participating in the Program.

(d) The Secretary shall coordinate establishment of a set of incentives designed to promote participation in the Program. Within 120 days of the date of this order, the Secretary and the Secretaries of the Treasury and Commerce each shall make recommendations separately to the President, through the Assistant to the President for Homeland Security and Counterterrorism and the Assistant to the President for Economic Affairs, that shall include analysis of the benefits and relative effectiveness of such incentives, and whether the incentives would require legislation or can be provided under existing law and authorities to participants in the Program.

(e) Within 120 days of the date of this order, the Secretary of Defense and the Administrator of General Services, in consultation with the Secretary and the Federal Acquisition Regulatory Council, shall make recommendations to the President, through the Assistant to the President for Homeland Security and Counterterrorism and the Assistant to the President for Economic Affairs, on the feasibility, security benefits, and relative merits of incorporating security standards into acquisition planning and contract administration. The report shall address what steps can be taken to harmonize and make consistent existing procurement requirements related to cybersecurity.

Sec9Identification of Critical Infrastructure at Greatest Risk. (a) Within 150 days of the date of this order, the Secretary shall use a risk-based approach to identify critical infrastructure where a cybersecurity incident could reasonably result in catastrophic regional or national effects on public health or safety, economic security, or national security. In identifying critical infrastructure for this purpose, the Secretary shall use the consultative process established in section 6 of this order and draw upon the expertise of Sector-Specific Agencies. The Secretary shall apply consistent, objective criteria in identifying such critical infrastructure. The Secretary shall not identify any commercial information technology products or consumer information technology services under this section. The Secretary shall review and update the list of identified critical infrastructure under this section on an annual basis, and provide such list to the President, through the Assistant to the President for Homeland Security and Counterterrorism and the Assistant to the President for Economic Affairs.

(b) Heads of Sector-Specific Agencies and other relevant agencies shall provide the Secretary with information necessary to carry out the responsibilities under this section. The Secretary shall develop a process for other relevant stakeholders to submit information to assist in making the identifications required in subsection (a) of this section.

(c) The Secretary, in coordination with Sector-Specific Agencies, shall confidentially notify owners and operators of critical infrastructure identified under subsection (a) of this section that they have been so identified, and ensure identified owners and operators are provided the basis for the determination. The Secretary shall establish a process through which owners and operators of critical infrastructure may submit relevant information and request reconsideration of identifications under subsection (a) of this section.

Sec10Adoption of Framework. (a) Agencies with responsibility for regulating the security of critical infrastructure shall engage in a consultative process with DHS, OMB, and the National Security Staff to review the preliminary Cybersecurity Framework and determine if current cybersecurity regulatory requirements are sufficient given current and projected risks. In making such determination, these agencies shall consider the identification of critical infrastructure required under section 9 of this order. Within 90 days of the publication of the preliminary Framework, these agencies shall submit a report to the President, through the Assistant to the President for Homeland Security and Counterterrorism, the Director of OMB, and the Assistant to the President for Economic Affairs, that states whether or not the agency has clear authority to establish requirements based upon the Cybersecurity Framework to sufficiently address current and projected cyber risks to critical infrastructure, the existing authorities identified, and any additional authority required.

(b) If current regulatory requirements are deemed to be insufficient, within 90 days of publication of the final Framework, agencies identified in subsection (a) of this section shall propose prioritized, risk-based, efficient, and coordinated actions, consistent with Executive Order 12866 of September 30, 1993 (Regulatory Planning and Review), Executive Order 13563 of January 18, 2011 (Improving Regulation and Regulatory Review), and Executive Order 13609 of May 1, 2012 (Promoting International Regulatory Cooperation), to mitigate cyber risk.

(c) Within 2 years after publication of the final Framework, consistent with Executive Order 13563 and Executive Order 13610 of May 10, 2012 (Identifying and Reducing Regulatory Burdens), agencies identified in subsection (a) of this section shall, in consultation with owners and operators of critical infrastructure, report to OMB on any critical infrastructure subject to ineffective, conflicting, or excessively burdensome cybersecurity requirements. This report shall describe efforts made by agencies, and make recommendations for further actions, to minimize or eliminate such requirements.

(d) The Secretary shall coordinate the provision of technical assistance to agencies identified in subsection (a) of this section on the development of their cybersecurity workforce and programs.

(e) Independent regulatory agencies with responsibility for regulating the security of critical infrastructure are encouraged to engage in a consultative process with the Secretary, relevant Sector-Specific Agencies, and other affected parties to consider prioritized actions to mitigate cyber risks for critical infrastructure consistent with their authorities.

Sec11Definitions. (a) “Agency” means any authority of the United States that is an “agency” under 44 U.S.C. 3502(1), other than those considered to be independent regulatory agencies, as defined in 44 U.S.C. 3502(5).

(b) “Critical Infrastructure Partnership Advisory Council” means the council established by DHS under 6 U.S.C. 451 to facilitate effective interaction and coordination of critical infrastructure protection activities among the Federal Government; the private sector; and State, local, territorial, and tribal governments.

(c) “Fair Information Practice Principles” means the eight principles set forth in Appendix A of the National Strategy for Trusted Identities in Cyberspace.

(d) “Independent regulatory agency” has the meaning given the term in 44 U.S.C. 3502(5).

(e) “Sector Coordinating Council” means a private sector coordinating council composed of representatives of owners and operators within a particular sector of critical infrastructure established by the National Infrastructure Protection Plan or any successor.

(f) “Sector-Specific Agency” has the meaning given the term in Presidential Policy Directive-21 of February 12, 2013 (Critical Infrastructure Security and Resilience), or any successor.

Sec12General Provisions. (a) This order shall be implemented consistent with applicable law and subject to the availability of appropriations. Nothing in this order shall be construed to provide an agency with authority for regulating the security of critical infrastructure in addition to or to a greater extent than the authority the agency has under existing law. Nothing in this order shall be construed to alter or limit any authority or responsibility of an agency under existing law.

(b) Nothing in this order shall be construed to impair or otherwise affect the functions of the Director of OMB relating to budgetary, administrative, or legislative proposals.

(c) All actions taken pursuant to this order shall be consistent with requirements and authorities to protect intelligence and law enforcement sources and methods. Nothing in this order shall be interpreted to supersede measures established under authority of law to protect the security and integrity of specific activities and associations that are in direct support of intelligence and law enforcement operations.

(d) This order shall be implemented consistent with U.S. international obligations.

(e) This order is not intended to, and does not, create any right or benefit, substantive or procedural, enforceable at law or in equity by any party against the United States, its departments, agencies, or entities, its officers, employees, or agents, or any other person.

BARACK OBAMA

Filed under: cyber security, Doctrine, government, SCADA, , ,

An “Horrendous Risk” In Action

Wired tech writer Mat Honan provides heart-stopping but timely insight into what Steve Wozniak’s horrendous cloud risks look like:

In the space of one hour, my entire digital life was destroyed. First my Google account was taken over, then deleted. Next my Twitter account was compromised, and used as a platform to broadcast racist and homophobic messages. And worst of all, my AppleID account was broken into, and my hackers used it to remotely erase all of the data on my iPhone, iPad, and MacBook.

Continue reading, if you dare, at Wired

Filed under: Business, cyber security, Internet, Life, News, Polls, Technology, , , , , , , , , , , , , , , , , ,

Wozniak Warns of “Horrendous” Cloud Risks

The Telegraph
August 6, 2012

Wozniak told an audience in Washington DC: “I really worry about everything going into the cloud. I think it’s going to be horrendous. I think there are going to be a lot of horrible problems in the next five years.”

Steve Wozniak, who co-founded Apple with Steve Jobs in 1976, was speaking after a performance of The Agony and the Ecstasy of Steve Jobs, a monologue about working conditions at Apple’s Chinese factories.

Read more at The Telegraph

Filed under: cyber security, Internet, Life, News, Polls, Technology, , , , , , , , , , ,

Senate Denies Cyber Security Bill

According to the Associated Press, the Senate has failed to pass the much-needed Cyber Security Legislation.

 

 

Filed under: cyber security, government, Politics, , , , , , , , , , ,

Department of Defense Cyber Strategy

U.S. Department of Defense
July 14, 2011

It should come as no surprise that the United States is prepared to defend itself. It would be irresponsible, and a failure of the Defense Department’s mission, to leave the nation vulnerable to a known threat. Just as our military organizes to defend against hostile acts from land, air, and sea, we must also be prepared to respond to hostile acts in cyberspace. Accordingly, the United States reserves the right, under the laws of armed conflict, to respond to serious cyber attacks with a proportional and justified military response at the time and place of our choosing.

Deputy Secretary of Defense William J. Lynn, III, National Defense University, Washington, D.C.,

Read the speech at Defense.gov

Filed under: cyber security, Doctrine, Intelligence Community, Internet, Military, Policy, , , , , , , , , , , , ,

President Obama Names Vivek Kundra Chief Information Officer

The White House
March 5, 2009

WASHINGTON, DC – Today, President Barack Obama named Vivek Kundra the Federal Chief Information Officer (CIO) at the White House.

The Federal Chief Information Officer directs the policy and strategic planning of federal information technology investments and is responsible for oversight of federal technology spending. The Federal CIO establishes and oversees enterprise architecture to ensure system interoperability and information sharing and ensure information security and privacy across the federal government. The CIO will also work closely with the Chief Technology Officer to advance the President’s technology agenda.

President Obama said, “Vivek Kundra will bring a depth of experience in the technology arena and a commitment to lowering the cost of government operations to this position. I have directed him to work to ensure that we are using the spirit of American innovation and the power of technology to improve performance and lower the cost of government operations. As Chief Information Officer, he will play a key role in making sure our government is running in the most secure, open, and efficient way possible.”

The following announcement was made today:

Vivek Kundra, Federal Chief Information Officer
Vivek Kundra formerly served in Mayor Fenty’s cabinet as the Chief Technology Officer (CTO) for the District of Columbia, responsible for technology operations and strategy for 86 agencies. He has been recognized among the top 25 CTO’s in the country and as the 2008 IT Executive of the Year for his pioneering work to drive transparency, engage citizens and lower the cost of government operations. Kundra is also recognized for his leadership in public safety communications, cyber security and IT portfolio management. Before Kundra came to the District, Governor Timothy M. Kaine appointed him Assistant Secretary of Commerce and Technology for the Commonwealth of Virginia, the first dual cabinet role in the state’s history. Kundra’s diverse record also includes technology and public policy experience in private industry and academia. He is a graduate of the University of Virginia’s Sorensen Institute for Political Leadership and holds a MS in Information Technology from the University of Maryland.

Filed under: Analysis, Biography, Business, cyber security, cyber war, Doctrine, government, History, Intelligence Community, Internet, Life, Military, News, Policy, Politics, Strategy, Technology, Terrorism, Training, War, , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

The Highlighter: Securing Cyberspace for the 44th Presidency – Part V

A Report of the CSIS Commission on Cybersecurity for the 44th Presidency

Part V includes highlights of:

  • Section 4 – Regulate for Cybersecurity

——————————————————————————————————————————————
CSWW is not affiliated with CSIS or the commission that produced this report. The use of “we,” “our,” “us,” etc., throughout the highlights of this report refers to the members of the CSIS Commission and not to CSWW.
——————————————————————————————————————————————

The Highlights:

4
Regulate for Cybersecurity

Recommendations

  • The president should task the NOC to work with appropriate regulatory agencies to develop and issue standards and guidance for securing critical cyber infrastructure, which those agencies would then apply in their own regulations.
  • The NOC should work with the appropriate regulatory agencies and with the National Institute of Standards and Technology (NIST) to develop regulations for industrial control systems (ICS). The government could reinforce regulation by making the development of secure control systems an element of any economic stimulus package…
  • The NOC should immediately determine the extent to which government-owned critical infrastructures are secure from cyber attack…
  • The president should direct the NOC and the federal Chief Information Officers Council, working with industry, to develop and implement security guidelines for the procurement of IT products (with software as the first priority).
  • The president should task the National Security Agency (NSA) and NIST, working with international partners, to reform the National Information Assurance Partnership (NIAP).
  • The president should take steps to increase the use of secure Internet protocols. The president should direct OMB and the NOC to develop mandatory requirements for agencies to contract only with telecommunications carriers that use secure Internet protocols.

Read the rest of this entry »

Filed under: Analysis, Biography, Business, cyber security, cyber war, Doctrine, government, History, Intelligence Community, Internet, Life, Military, News, Policy, Politics, Strategy, Technology, Terrorism, The Highlighter, Training, War, , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

National Intelligence Program Budget for 2010

Funding Highlights:

• Strengthens the capabilities of the Nation’s intelligence agencies to furnish timely, accurate, and
insightful intelligence on the capabilities and intentions of foreign powers, including international
terrorist groups.
• Enhances Federal cybersecurity capabilities.
• Prioritizes resources to support a U.S. Government-wide counterterrorism action plan.
• Improves the sharing of terrorist-related information with Federal, State, local, tribal and foreign
partners.
• Increases collection capabilities and continues transforming intelligence analysis.

The National Intelligence Program (NIP) funds intelligence activities in several Departments and the Central Intelligence Agency (CIA). NIP’s budget is classified, so the 2010 Budget does not publicly disclose funding requests for intelligence activities. However, since NIP supports key elements of America’s national security,
this chapter highlights some NIP-funded activities without detailing funding information.

To protect America’s national security, the Intelligence Community (IC) provides effective intelligence collection, the analysis of that intelligence, and the production of finished intelligence products. IC is responsible for ensuring timely and effective dissemination of intelligence to those who need it, ranging from the President, to heads of Executive Departments, military forces, and law enforcement agencies. To meet this country’s national security challenges, IC is strengthening its components’ abilities to collect intelligence, increasing the security of Federal cyber networks, and protecting against the threat of international terrorism in the United States.

The 2010 budget for NIP will support the Administration’s national security objectives. The Director of National Intelligence, the Director of the CIA, and Department Secretaries with intelligence organizations will use 2010 NIP funds to defeat terrorist networks, prevent the spread of weapons of mass destruction, penetrate and
analyze the most difficult targets of U.S. foreign policy, and anticipate developments of strategic concern.

The Administration will request funding for IC for the remainder of 2009 and for 2010 to cover the costs of global intelligence operations. The details of the 2009 supplemental appropriations request will be provided to the Congress in the next few weeks while the detailed 2010 request will be transmitted with the President’s 2010
Budget request.

Increases funding for Cybersecurity. The threat to Federal information technology networks is real, serious, and growing. To address this threat, the President’s 2010 Budget includes substantial funding for cybersecurity efforts; such activities will take an integrated and holistic approach to address current cybersecurity threats, anticipate future threats, and continue innovative public-private partnerships. These
efforts encompass the homeland security, intelligence, law enforcement, military and diplomatic mission areas of the U.S. Government.

Implements Counterterrorism Plan. The National Counterterrorism Center (NCTC) has developed a U.S. Government-wide counterterrorism action plan. This plan lays out broad strategic objectives aligned with policy objectives to guide the overall implementation of this national strategy on counterterrorism. The Administration will work with NCTC, IC, and relevant Departments such as Defense, State, and Homeland Security to direct resources in support of counterterrorism implementation objectives.

Facilitates information Sharing. The President’s 2010 Budget will support initiatives to improve the sharing of intelligence, including terrorist-related information, with Federal, State, local, tribal and foreign partners. These efforts include advancing the National Suspicious Activity reporting Initiative; establishing agency-based, outcome-oriented performance targets for information sharing; and institutionalizing the use of
effective business practices.

Improves Collection and Analysis Capabilities. The 2010 Budget provides funding to improve mission performance by increasing intelligence collection capabilities and continuing to transform intelligence analysis in IC.

Filed under: Analysis, Biography, Business, cyber security, cyber war, Doctrine, government, History, Intelligence Community, Internet, Life, Military, News, Policy, Politics, Polls, Strategy, Technology, Terrorism, Training, War, , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

NSA Should Oversee Cybersecurity, Intel Chief Says

By Kim Zetter
February 26, 2009

E731a5a1fb39407e8bee699ef32a5f7e2

Despite the fact that many Americans distrust the National Security Agency for its role in the Bush Administration’s warrantless wiretapping program, the agency should be entrusted with securing the nation’s telecommunications networks and other cyber infrastructures, President Obama’s director of national intelligence told Congress on Wednesday.

Director of National Intelligence Admiral Dennis Blair told the House intelligence committee (.pdf) that the NSA, rather than the Department of Homeland Security which currently oversees cybersecurity, has the smarts and the skills to secure cyberspace.

“The National Security Agency has the greatest repository of cyber talent,” Blair said. “[T]here are some wizards out there at Fort Meade who can do stuff.”

Blair added that “because of the offensive mission that they have, they’re the ones who know best about what’s coming back at us and it’s defenses against those sorts of things that we need to be able to build into wider and wider circles.”

He acknowledged that the agency had a trust handicap to overcome due to its role in the Bush Administration’s secret domestic spying program, and therefore asked Congress to help convince the public that it’s the right agency for the task.

“I think there is a great deal of distrust of the National Security Agency and the intelligence community in general playing a role outside of the very narrowly circumscribed role because of some of the history of the FISA issue in years past. . . . So I would like the help of people like you who have studied this closely and served on commissions, the leadership of the committee and finding a way that the American people will have confidence in the supervision, in the oversight of the role of NSA so that it can help protect these wider bodies. So, to me, that’s one of the keys things that we have to work on here in the next few months.”

Blair is not without support for his view. Paul Kurtz, who led the cybersecurity group on Obama’s transition team and was part of Bush’s White House National Security Council, recently told Forbes that he supports the NSA taking a prominent role in cybersecurity.

Continue reading…

Filed under: Biography, Business, cyber security, cyber war, Doctrine, government, History, Intelligence Community, Internet, Life, Military, News, Policy, Politics, Polls, Strategy, Technology, Terrorism, The Highlighter, Training, War, , , , , , , , , , , , , , , , , , , , , , , , ,

U.S. must craft cyberwarfare battle strategy

By William Jackson
February 18, 2009
Government Computer News

America has to face up to the realities of cyberwarfare with tactical and strategic planning, Kurtz says

The intelligence community and the military have crucial roles to play in protecting cyber space, former presidential adviser Paul E. Kurtz said Wednesday, and a clear command and control structure is needed to ensure that our information infrastructure can survive and recover from major disruptions.

In his opening address at the Black Hat Federal security conference being held in Arlington, Va., Kurtz, who served on the National and Homeland Security councils under presidents Bill Clinton and George W. Bush, said the nation has been reluctant to consider the proper role of government in regulating and defending cyberspace. He said it is important that these decisions be made openly after public discussion rather than allowed to happen behind closed doors.

“To those who object to the militarization of cyberspace, I would say, it’s too late: We’re already there,” Kurtz said.

Kurtz, who recently served as cybersecurity adviser on President Barack Obama’s transition team, steered clear of discussing his advice to the new administration. But he praised the 60-day review of federal cybersecurity initiatives announced by the president on Feb. 9 and called Melissa Hathaway, the Bush administration official tapped to conduct it, “exceptionally capable.”

He said the United States should apply some of the lessons learned during the Cold War to cyber conflicts now simmering online. Cyber warfare is not as simple as the bipolar confrontation between the Western democracies and the Soviet bloc, Kurtz said. It is multilateral standoff involving multiple nations, shadowy organizations, and individual hackers and criminals.

“But I do think a number of concepts from the Cold War may apply, and one of these is deterrence,” he added.

A clear policy of deterrence by the United States and its allies helped to avoid the use of nuclear weapons. But no similar policy has been established for battles fought over networks. There is no definition of cyberwarfare, no policy on how and when cyber weapons should be deployed and used, and we do not have a clear idea of who our enemies are.

“We must begin by addressing the question of attribution,” Kurtz said. The ability to collect, share and analyze data in order to tailor responses to a threat is “the beginning of a deterrence policy.”

That ability will require the efforts of the intelligence community, in cooperation with law enforcement and the private sector, he said. Each of these sectors now collects large amounts of data, but the same inability to share and “connect the dots” that led to the 2001 terrorist attacks still plague our cybersecurity, he said.

Continue reading…

Filed under: Analysis, Biography, Business, cyber security, cyber war, Doctrine, government, History, Intelligence Community, Internet, Life, Military, News, Policy, Politics, Polls, Strategy, Technology, Terrorism, Training, War, , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

The Highlighter: Securing Cyberspace for the 44th Presidency – Part IV

A Report of the CSIS Commission on Cybersecurity for the 44th Presidency

Part IV includes highlights of:

  • Section 3 – Rebuilding Partnership with the Private Sector

——————————————————————————————————————————————
CSWW is not affiliated with CSIS or the commission that produced this report. The use of “we,” “our,” “us,” etc., throughout the highlights of this report refers to the members of the CSIS Commission and not to CSWW.
——————————————————————————————————————————————

The Highlights:

3
Rebuilding Partnership with the Private Sector

Recommendation

The U.S. government should rebuild the public-private partnership on cybersecurity to focus on key infrastructures and coordinated preventive and responsive activities. We recommend the president direct the creation of three new groups for partnership that provide the bases for both trust and action:

  • A presidential advisory committee organized under the Federal Advisory Committee Act (FACA), with senior representatives from the key cyber infrastructures. This new body would incorporate the National Security and Telecommunications Advisory Committee (NSTAC) and National Infrastructure Advisory Council (NIAC);
  • A town hall style national stakeholders’ organization that provides a platform for education and discussion; and
  • A new operational organization, the Center for Cybersecurity Operations (CCSO), where public- and private-sector entities can collaborate and share information on critical cybersecurity in a trusted environment.

Securing cyberspace requires government and the private sector to work together.

There is a bifurcation of responsibility (the government must protect national security) and control (it does not manage the asset or provide the function that must be protected).

…the United States has a perplexing array of advisory groups with overlapping interests, inadequate resources, varying capabilities, and a lack of clarity around roles and responsibilities. To achieve real partnership, we must simplify mission and organizational structure.

In many interviews, we found almost universal recognition that the status quo is not meeting the needs of either the government or the private sector with respect to trust and operational collaboration.

Another problem for securing cyberspace is a diffusion of effort. Currently DHS identifies 18 different sectors as critical.

For us, critical means that, if the function or service is disrupted, there is immediate and serious damage to key national functions such as U.S. military capabilities or economic performance.

To focus the defense of cyberspace, we have identified four critical cyber infrastructures: energy, finance, the converging information technology and communications sectors, and government services (including state and municipal governments).

We recommend concentrating on two key problems: how to build trust between the government and company executives and how to focus efforts on what is truly critical for cyberspace.

The primary goal of the new partnership organizations should be to build action-oriented relationships rather than to share information that is either already available or that companies are reluctant to provide. This can be done by creating a simplified structure that has three parts: a new presidential advisory committee that connects the White House to the private-sector entities most important for cyberspace; a national town-hall organization that provides a dialogue for education and discussion, and a new operational organization.

The intent behind the three groups is to provide an inclusive platform for national engagement, something the United States currently lacks.

Trust is the foundation of a successful partnership between government and the private sector.

Read the rest of this entry »

Filed under: Analysis, Business, cyber security, cyber war, Doctrine, government, History, Intelligence Community, Internet, Life, Military, News, Policy, Politics, Polls, Strategy, Technology, Terrorism, The Highlighter, Training, War, , , , , , , , , , , , , , , , , , , , , , , , ,

The Highlighter: Securing Cyberspace for the 44th Presidency – Part III

A Report of the CSIS Commission on Cybersecurity for the 44th Presidency

Part III includes highlights of:

  • Section 2 – Organizing for Cybersecurity

————————————————————————————————–
CSWW is not affiliated with CSIS or the commission that produced this report. The use of “we,” “our,” “us,” etc., throughout the highlights of this report refers to the members of the CSIS Commission and not to CSWW.
————————————————————————————————–

The Highlights:

2
Organizing for Cybersecurity

Recommendations

The president should appoint an assistant for cyberspace and establish a Cybersecurity Directorate in the NSC that absorbs existing Homeland Security Council (HSC) functions.

A new National office for Cyberspace (NOC) would support the work of the assistant for cyberspace and the new directorate in the NSC. The president can create this office by merging the existing National Cyber Security Center (NSCS) and the Joint Inter-Agency Cyber Task Force (JIACTF). The assistant to the president for cyberspace would direct the NOC.

The central problems in the current federal organization for cybersecurity are lack of a strategic focus, overlapping missions, poor coordination and collaboration, and diffuse responsibility.

The Commission considered many options for how best to organize for cybersecurity. We grew to understand the importance of bridging across the federal agencies in order to leverage the knowledge to provide the best security for our nation.

We also recognize the importance of involving the private sector—the federal government cannot do this alone.

Our thinking on organization tracks with our finding that cybersecurity is now a central problem for national security. Our recommendation is to create a new “enterprise” governance model for cyberspace using the NSC, a collaborative network among the key agencies, and a new cyberspace office in the EOP.

We based our recommendations in part on the intelligence community’s experience in implementing the Intelligence Reform and Terrorist Prevention Act (IRTPA). IRTPA imposed a new, more collaborative structure on the intelligence community. It mandated a distributed “intelligence enterprise.” Congressional mandates, however, are not enough. It took a director of national intelligence (DNI) with the appropriate authorities to build collaboration.

What about the Department of Homeland Security?

One of the first tasks for the new administration will be to strengthen DHS.

DHS is not the agency to lead in a conflict with foreign intelligence agencies or militaries or even well-organized international cyber criminals.

Cybersecurity is no longer (if it ever was) a domestic issue. It is an issue of international security in which the primary actors are the intelligence and military forces of other nations.

Although the department’s performance has improved in recent years, our view is that any improvement to the nation’s cybersecurity must go outside of DHS to be effective. For that reason, we recommend that the White House, rather than any single agency, lead the new strategic and coordination functions required for cybersecurity.

Read the rest of this entry »

Filed under: The Highlighter, , , , , , , , , , , , , , , , , , , ,

The Highlighter: Securing Cyberspace for the 44th Presidency – Part II

A Report of the CSIS Commission on Cybersecurity for the 44th Presidency

Part II includes highlights of:

  • Section 1 – Create a Comprehensive National Security Strategy for Cyberspace

————————————————————————————————–
CSWW is not affiliated with CSIS or the commission that produced this report. The use of “we,” “our,” “us,” etc., throughout the highlights of this report refers to the members of the CSIS Commission and not to CSWW.
————————————————————————————————–

The Highlights:

1
Create a Comprehensive National Security Strategy for Cyberspace

The president should state as a fundamental principle that cyberspace is a vital asset for the nation and that the United States will protect it using all instruments of national power, in order to ensure national security, public safety, economic prosperity, and the delivery of critical services to the American public.

Our influence as a nation is at its lowest point in decades.

Years of underinvestment have weakened both government and our scientific establishment (and, in the case of government, scorn from those who sought to shrink it). The reputation of the United States has been badly tarnished, and our failure to defend cyberspace, despite huge informational losses, has encouraged our opponents to increase their attacks.

Strategies articulate goals and identify the means to achieve them. The United States has clear goals—to defend itself and its allies from threats and intimidation, increase openness to trade and to ideas, and expand the rule of law and democracy.

…we recommend a clear articulation of the importance of cyberspace of the nation.

To some extent expressing principles for cyberspace is more difficult than expressing a military doctrine designed to protect our physical territory.

Cyber attack joins terrorism and weapons of mass destruction (WMD) as one of the new, asymmetric threats that put the United States and its allies at risk.

A comprehensive cybersecurity strategy must engage all elements of U. S. power—economic, diplomatic, and law enforcement as well as military and intelligence.

As with the larger national security strategy, we identify four principal instruments—international engagement, military and defense actions, economic tools, and the coherent use of intelligence and law enforcement capabilities—to achieve this.

One model for the new approach, which we recommend for the next president, can be found in the U. S. experience with nonproliferation and WMD.

Read the rest of this entry »

Filed under: The Highlighter, , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

VA settlement demonstrates just how costly lax security can be

By William Jackson
February 02, 2009
GCN

If you want another good reason to make sure your sensitive data is adequately locked down, look no farther than the Veterans Affairs Department, which last week agreed to pay $20 million to settle a class action lawsuit over the 2006 loss of a laptop containing records with personal information about up to 26.5 million veterans and active duty personnel.

That’s a lot of money, and it will be paid from taxpayers’ dollars, but VA got off lucky. The suit originally asked for $1,000 for each person whose data was exposed, which could have been more than $26 billion. That’s nearly enough to bail out a good-sized bank.

The settlement demonstrates that the repercussions of exposing data can be long-lasting and that the cost can go far beyond the immediate expense of cleaning up the breach. For companies it has long been known that negative publicity resulting from public notification of a data breach can quickly translate into millions of dollars of lost shareholder value as stock prices tumble. Agencies do not have to worry about stock prices, but the threat of other costs is real. The VA agreed to the settlement even though the department has said there is no evidence that the information on the stolen laptop was used or than any person involved was harmed by it.

Continue reading…

Filed under: cyber security, government, News, , , , , , , , , , ,

New homeland security chief dives right in

January 31, 2009
CNN

WASHINGTON (CNN) — In her first full week as the nation’s homeland security secretary, Janet Napolitano got a full dose of the job’s diverse responsibilities — responding to ice storms in the Midwest, dealing with Congress on budget matters and scrutinizing security plans for the Super Bowl.

During it all, she said, she tried to learn her way around Washington.

Napolitano, who stepped down as governor of Arizona to accept the job, said her routine includes morning security briefings followed by visits to Department of Homeland Security agencies and interviews with job candidates.

In addition, she called the governors of Arkansas, Missouri and Kentucky to make sure they were getting the help they needed to cope with ice storms, she said.

Napolitano described the ice storms as the “most pressing issue” during her first week in office.

Napolitano has issued a series of “action orders” asking for information from DHS agencies about northern border security, cyber security and transportation security, among other things. Responses for some of the issues are due Monday.

“I would say, by and large, Congress has done a pretty good job at getting resources to this key department,” Napolitano told reporters Friday, adding that her job is to make sure those resources are used effectively.

Continue reading…

Filed under: News, Policy, , , , , , , ,

The Highlighter: Securing Cyberspace for the 44th Presidency – Part I

A Report of the CSIS Commission on Cybersecurity for the 44th Presidency

Part I includes highlights of the:

  • Executive Summary
  • Summary of Recommendations
  • Introduction

————————————————————————————————–
CSWW is not affiliated with CSIS or the commission that produced this report. The use of “we,” “our,” “us,” etc., throughout the highlights of this report refers to the members of the CSIS Commission and not to CSWW.
————————————————————————————————–

The Highlights:

This report makes use of a broad definition of cyberspace that goes beyond the Internet to include all forms of networked, digital activities.

Executive Summary

(1) cybersecurity is now a major national security problem
(2) decisions and actions must respect privacy and civil liberties
(3) only a comprehensive national security strategy that embraces both the domestic and international aspects of cybersecurity will make us more secure

We were encouraged in our work by senior officials in the Department of Defense, the intelligence community, and other agencies who told us that cybersecurity was one of the greatest security challenges the United States faces in a new and more competitive international environment.

Major agencies play key roles set by presidential directives and coordinated by the White House.

We propose creating a new office for cyberspace in the Executive Office of the President. This office would combine existing entities and also work with the National Security Council in managing the many aspects of securing our national networks while protecting privacy and civil liberties.

Government must recast its relationship with the private sector as well as redesign the public-private partnership to promote better cybersecurity.

The Bush administration took a major step toward improving federal cybersecurity with its Comprehensive National Cybersecurity Initiative.

…we face a long-term challenge in cyberspace from foreign intelligence agencies and militaries, criminals, and others, and that losing this struggle will wreak serious damage on the economic health and national security of the United States.

Read the rest of this entry »

Filed under: Analysis, cyber security, Doctrine, Policy, Politics, Strategy, The Highlighter, , , , , , , , , , , , , , , , , , ,

THE AGENDA • HOMELAND SECURITY

HOMELAND SECURITY

“We are here to do the work that ensures no other family members have to lose a loved one to a terrorist who turns a plane into a missile, a terrorist who straps a bomb around her waist and climbs aboard a bus, a terrorist who figures out how to set off a dirty bomb in one of our cities. This is why we are here: to make our country safer and make sure the nearly 3,000 who were taken from us did not die in vain; that their legacy will be a more safe and secure Nation.”

— Barack Obama, Speech in the U.S. Senate, March 6, 2007

The first responsibility of any president is to protect the American people. President Barack Obama will provide the leadership and strategies to strengthen our security at home.

Barack Obama and Joe Biden’s strategy for securing the homeland against 21st century threats is focused on preventing terrorist attacks on our homeland, preparing and planning for emergencies and investing in strong response and recovery capabilities. Obama and Biden will strengthen our homeland against all hazards -– including natural or accidental disasters and terrorist threats — and ensure that the federal government works with states, localities, and the private sector as a true partner in prevention, mitigation, and response.

Protect Our Information Networks

Barack Obama and Joe Biden — working with private industry, the research community and our citizens — will lead an effort to build a trustworthy and accountable cyber infrastructure that is resilient, protects America’s competitive advantage, and advances our national and homeland security. They will:

  • Strengthen Federal Leadership on Cyber Security: Declare the cyber infrastructure a strategic asset and establish the position of national cyber advisor who will report directly to the president and will be responsible for coordinating federal agency efforts and development of national cyber policy.
  • Initiate a Safe Computing R&D Effort and Harden our Nation’s Cyber Infrastructure: Support an initiative to develop next-generation secure computers and networking for national security applications. Work with industry and academia to develop and deploy a new generation of secure hardware and software for our critical cyber infrastructure.
  • Protect the IT Infrastructure That Keeps America’s Economy Safe: Work with the private sector to establish tough new standards for cyber security and physical resilience.
  • Prevent Corporate Cyber-Espionage: Work with industry to develop the systems necessary to protect our nation’s trade secrets and our research and development. Innovations in software, engineering, pharmaceuticals and other fields are being stolen online from U.S. businesses at an alarming rate.
  • Develop a Cyber Crime Strategy to Minimize the Opportunities for Criminal Profit: Shut down the mechanisms used to transmit criminal profits by shutting down untraceable Internet payment schemes. Initiate a grant and training program to provide federal, state, and local law enforcement agencies the tools they need to detect and prosecute cyber crime.
  • Mandate Standards for Securing Personal Data and Require Companies to Disclose Personal Information Data Breaches: Partner with industry and our citizens to secure personal data stored on government and private systems. Institute a common standard for securing such data across industries and protect the rights of individuals in the information age.

Read the entire strategy…

Filed under: Policy, Politics, War, , , , , , , , , , , , , , , , ,

Secretary Napolitano Issues Additional Action Directives on Cyber Security and Northern Border Strategy

January 23, 2009
US Department of Homeland Security

U.S. Department of Homeland Security (DHS) Secretary Janet Napolitano today issued a second round of action directives on cyber security and the northern border strategy.

These action directives instruct specific offices to gather information, review existing strategies and programs, and to provide oral and written reports back to her by mid February. In the coming days, Secretary Napolitano will continue to issue additional action directives focused on the missions critical to the department: Protection, Preparedness, Response, Recovery and Immigration.

“This continuing evaluation will unify our shared efforts and help me assess where improvements need to be made,” said Secretary Napolitano.

The full action directives are below:

* Cyber Security. Given the increasingly sophisticated number of threats to all areas of national cyberspace and considering the authorities provided by the Homeland Security Act, the Post-Katrina Emergency Management Reform Act, and Homeland Security Presidential Directive 23/National Security Presidential Directive 54, what are the authorities and responsibilities of DHS for the protection of the government and private sector domains, what are the relationships with other government agencies, especially the departments of Defense, Treasury, and Energy, and the National Security Agency, and what are the programs and timeframes to achieve the department’s responsibilities and objectives? An oral report is due by Feb. 3, with a final report due Feb. 17.

* Northern Border Strategy. The northern border of the United States has become, since 9/11, important to our national security. As we have designed programs to afford greater protection against unlawful entry, members of Congress and homeland security experts have called for increased attention to the Canadian border. What are the current vulnerabilities, the overall strategy for reducing those vulnerabilities, the requirements, the programs, the budget, and the timeframe for improving security along this border and what level of risk will remain once the programs are completed? An oral report is due by Feb. 10, with a final report due Feb. 17.

Filed under: News, Policy, , , , , , , , ,

President Obama’s cybersecurity plan released

By Angela Moscaritolo
January 22, 2009
SC Magazine

While campaigning, President Obama addressed the importance of cybersecurity.

On Wednesday, he made good on at least some of his promises when his administration posted to the White House website an outline for protecting the nation’s homeland security. The strategy includes a six-step plan to safeguard information networks.

Among the federal government’s goals around cybersecurity: Initiate increased research-and-development effort, increase collaboration with the private sector to establish new standards and appoint a cyber adviser who will report directly to Obama.

The section on the agenda dedicated to information security was designed to help create a blueprint for the construction of “a trustworthy and accountable cyber infrastructure that is resilient, protects America’s competitive advantage and advances our national and homeland security.”

Industry observers told SCMagazineUS.com on Thursday that the strategy hits on many of the points needed to accomplish this and effectively mirrors recommendations delivered in December from the Commission on Cybersecurity for the 44th Presidency.

Continue reading…

Filed under: News, Policy, Strategy, , , , ,

Global Trends

"The nature of conflict is changing. The risk of conflict will increase due to diverging interests among major powers, an expanding terror threat, continued instability in weak states, and the spread of lethal, disruptive technologies. Disrupting societies will become more common, with long-range precision weapons, cyber, and robotic systems to target infrastructure from afar, and more accessible technology to create weapons of mass destruction."
 
Global Trends and Key Implications Through 2035 from the National Intelligence Council Quadrennial Report GLOBAL TRENDS: The Paradox of Power

A World at War

The World is at War. It is a world war that is being fought right now, in real time, virtually everywhere on the planet. It is a world war that is, perhaps, more encompassing and global in nature than any other world war in history because, not only is it being fought by nations and their governments, it is also being fought by non-state actors such as terrorists, organized crime, unorganized crime, and many other known and unknown entities. It is a total world war being fought every day on the hidden and dark battle fields of the cyber domain. It is a war that, according to some intelligence estimates, has the potential to be as nearly as serious and as deadly as a nuclear war... [MORE]

 


 


ADVERTISEMENT

Author of the #1 New York Times bestseller Against All Enemies, former presidential advisor and counter-terrorism expert Richard A. Clarke sounds a timely and chilling warning about America’s vulnerability in a terrifying new international conflict—Cyber War! Every concerned American should read this startling and explosive book that offers an insider’s view of White House ‘Situation Room’ operations and carries the reader to the frontlines of our cyber defense. Cyber War exposes a virulent threat to our nation’s security. This is no X-Files fantasy or conspiracy theory madness—this is real... [MORE]

RSS ODNI News

  • NESPIN Welcomes Connecticut Intelligence Center (CTIC) to Group of Agency Systems Connected to RISSNET July 27, 2017
    By: Donald Kennedy  Aug 15, 2016   The New England State Police Information Network (NESPIN) is pleased to welcome the Connecticut Intelligence Center (CTIC) to the group of partner agency systems connected to Regional Information Sharing Systems (RISS) and sharing criminal intelligence via RISSIntel.
  • Unpacking Cyber Terrorism July 26, 2017
    By: ISE Bloggers  May 31, 2016   The Information Sharing Environment (ISE) has always been focused on terrorism-related information sharing; with terrorist groups’ ever-increasing level of sophistication in their use of the Internet, it is only natural that information sharing play a role in tackling issues posed by cyber terrorism.
  • Homeland Security Advisor Tom Bossert Discusses Global Ransomware Attack May 22, 2017
    The President's Homeland Security Advisor, Tom Bossert, briefed the press on 15 May 2017 on the WannaCry ransomware attack that began spreading 12 May and affected computers in more than 150 countries. Bossert highlighted CTIIC's role in keeping the White House informed of unfolding events and discussed US responses and public/private coordination […]
  • Homeland Security Advisor Tom Bossert Discusses Global Ransomware Attack May 22, 2017
    The President's Homeland Security Advisor, Tom Bossert, briefed the press on 15 May 2017 on the WannaCry ransomware attack that began spreading 12 May and affected computers in more than 150 countries. Bossert highlighted CTIIC's role in keeping the White House informed of unfolding events and discussed US responses and public/private coordination […]
  • DS&T AND OUSD(I) Launch “Xpress” Automated Analysis Challenge May 16, 2017
    NEWS RELEASE FOR IMMEDIATE RELEASE ODNI News Release No. 13-17 May 15, 2017   DS&T AND OUSD(I) Launch “Xpress” Automated Analysis Challenge   WASHINGTON – The Intelligence Community is sponsoring a $500,000 prize competition to explore artificial intelligence approaches that would transform the process by which analysts currently support policymakers and […]

ADVERTISEMENT

Hackers are always pushing the boundaries, investigating the unknown, and evolving their art. Even if you don't already know how to program, Hacking: The Art of Exploitation, 2nd Edition will give you a complete picture of programming, machine architecture, network communications, and existing hacking techniques. Combine this knowledge with the included Linux environment, and all you need is your own creativity... [MORE]


ADVERTISEMENT

Web applications are the front door to most organizations, exposing them to attacks that may disclose personal information, execute fraudulent transactions, or compromise ordinary users. This practical book has been completely updated and revised to discuss the latest step-by-step techniques for attacking and defending the range of ever-evolving web applications... [MORE]

RSS NSA News


ADVERTISEMENT

“When it comes to what government and business are doing together and separately with personal data scooped up from the ether, Mr. Schneier is as knowledgeable as it gets…. Mr. Schneier’s use of concrete examples of bad behavior with data will make even skeptics queasy and potentially push the already paranoid over the edge.” (Jonathan A. Knee - New York Times)... [MORE]

RSS CIA News

  • Top Ten Reasons to Apply to the CIA Scholarship Program
    Blog Post: Did you know the CIA has scholarships for undergraduate and graduate students? Did you know you could get paid to go to school? Here are our top 10 reasons to apply to the CIA Scholarship Program.
  • Remembering CIA’s Heroes: Richard Daniel Krobock
    Feature Story: "Rare is the man who has a full life by the age of 31. Rarer still is the man who, simply through the quiet strength of his personality and the resolve of his character, can dramatically affect the lives of the people who have encountered him. Richard Daniel Krobock was that man."
  • A Day in the Life of a CIA Cyber Threat Analyst Intern
    Featured Story: Every officer has a unique path to the Agency, and CIA interns are no exception. CIA.gov recently sat down with a Cyber Threat Analyst Intern in the Directorate of Analysis (DA) to learn more about her journey to the CIA and her experiences during her summer internships. She is back this summer for her second tour with the Agency and looks fo […]
  • Director Pompeo Delivers Remarks at INSA
    Speech: Remarks as Prepared for Delivery by CIA Director Mike Pompeo at INSA Leadership Dinner (July 11, 2017)
  • A Day in the Life of a CIA Scholarship Recipient
    Featured Story: The CIA Undergraduate Scholarship program is a financial needs based initiative that offers undergraduate students an unmatched experience in a diverse and inclusive environment. Undergraduate students, serving as scholarship recipients with the CIA, attend an accredited college/university on a full-time basis, studying a variety of subjects, […]

ADVERTISEMENT

The Blue Team Handbook is a zero fluff reference guide for cyber security incident responders and InfoSec pros alike. The BTHb includes essential information in a condensed handbook format about the incident response process, how attackers work, common tools, a methodology for network analysis developed over 12 years, Windows and Linux analysis processes, tcpdump usage examples, Snort IDS usage, and numerous other topics... [MORE]

RSS Defense Advanced Research Projects Agency (DARPA)

  • 2017/08/15 TALONS Tested on Commissioned U.S. Navy Vessel for First Time August 15, 2017
    DARPA's Towed Airborne Lift of Naval Systems (TALONS) research effort recently demonstrated its prototype of a low-cost, elevated sensor mast aboard a commissioned U.S. Navy vessel for the first time. The crew of USS Zephyr, a 174-foot (53-meter) Cyclone-class patrol coastal ship, evaluated the technology demonstration system over three days near Naval […]
  • 2017/08/11 Disruptioneering: Streamlining the Process of Scientific Discovery August 11, 2017
    DARPA's Defense Sciences office (DSO)-whose mission is to identify and pursue high-risk, high-payoff research initiatives across a broad spectrum of science and engineering disciplines-today announced the first programs under its new Disruptioneering effort, which pushes for faster identification and exploration of bold and risky ideas with the goal of […]
  • 2017/08/11 The Radio Frequency Spectrum + Machine Learning = A New Wave in Radio Technology August 11, 2017
    The current wave of artificial intelligence, driven by machine learning (ML) techniques, is all the rage, and for good reason. With sufficient training on digitized writing, spoken words, images, video streams, and other digital content, ML has become the basis of voice recognition, self-driving cars, and other previously only-imagined capabilities.
  • 2017/08/04 Strategic Technology Office Outlines Vision for “Mosaic Warfare” August 4, 2017
    DARPA's Strategic Technology Office (STO) this week unveiled its updated approach to winning or deterring future conflicts during Sync with STO Day, held in Arlington, Virginia. At the event-which attracted about 300 innovators and entrepreneurs, more than half of whom had never worked with DARPA before-STO program managers outlined new areas of interes […]
  • 2017/07/19 Building the Safe Genes Toolkit July 19, 2017
    DARPA created the Safe Genes program to gain a fundamental understanding of how gene editing technologies function; devise means to safely, responsibly, and predictably harness them for beneficial ends; and address potential health and security concerns related to their accidental or intentional misuse.

ADVERTISEMENT

RSS Cyber News (Google)

  • Petya ransomware: Cyber attack costs could hit $300m for shipping giant Maersk - ZDNet August 16, 2017
    ZDNetPetya ransomware: Cyber attack costs could hit $300m for shipping giant MaerskZDNetFalling victim to the global Petya cyber attack is set to cost Maersk, the world's largest container ship and supply vessel operator, up to $300m in lost revenues. The Danish transport and logistics conglomerate - which has offices in 130 countries and ...Maersk puts […]
  • In The Age Of Cyber-Terrorism, Every Investor Must Own Gold - Forbes August 16, 2017
    ForbesIn The Age Of Cyber-Terrorism, Every Investor Must Own GoldForbesIn a recent Metal Masters interview with the Hard Assets Alliance, he noted that the biggest geopolitical risk for Americans today is not a conventional war but rather cyber-attacks that could take down the U.S. power grid. In such a scenario, gold ...
  • Scottish parliament hit by cyber-attack similar to Westminster assault - The Guardian August 15, 2017
    The GuardianScottish parliament hit by cyber-attack similar to Westminster assaultThe GuardianIn an internal bulletin, Sir Paul Grice, Holyrood's chief executive, told MSPs and parliamentary staff on Tuesday afternoon: “The parliament's monitoring systems have identified that we are currently the subject of a brute force cyber-attack from ...Scotti […]
  • Och. Scottish Parliament under siege from brute-force cyber attack - The Register August 16, 2017
    The RegisterOch. Scottish Parliament under siege from brute-force cyber attackThe RegisterIn an internal bulletin Sir Paul Grice, Holyrood's chief executive, warned: "The parliament's monitoring systems have identified that we are currently the subject of a brute-force cyber attack from external sources. "This attack appears to be targeti […]
  • Should cyber competition performance be valued like schooling in cyber workforce? - FederalNewsRadio.com August 16, 2017
    FederalNewsRadio.comShould cyber competition performance be valued like schooling in cyber workforce?FederalNewsRadio.com“What we're seeing as part of the U.S. Cyber Challenge is that there is a lot of interest for people to move into cybersecurity, because they see and they hear of the demand,” Karen Evans, former White House IT official and director o […]
  • Financial regulators active in cyber security sans framework - Economic Times August 16, 2017
    Economic TimesFinancial regulators active in cyber security sans frameworkEconomic TimesIt is also planning to conduct annual cyber audits and has established a specialised cell (C-SITE) to conduct detailed IT examination of banks' cyber security preparedness, to identify the gaps and to monitor the progress of remedial measures, the ...and more »
  • Los Angeles Cyber Lab: Unprecedented Cyber Attack Prevention Program - NBC Southern California August 16, 2017
    NBC Southern CaliforniaLos Angeles Cyber Lab: Unprecedented Cyber Attack Prevention ProgramNBC Southern CaliforniaThe Los Angeles Cyber Lab is billed as America's first city-led partnership dedicated to protecting businesses and residents from cyber attacks. The lab will circulate information gleaned from analyses of what the mayor's office called […]
  • A Cyber Security Investment Strategy For The Future - Seeking Alpha August 15, 2017
    Seeking AlphaA Cyber Security Investment Strategy For The FutureSeeking AlphaHaving investments across all areas of cyber security is key to a diverse cyber defense portfolio. Zix, Symantec, and HACK ETF have seen strong growth and profits are expected to continue as the need for cyber defenses grow.
  • SPONSORED CONTENT: IP EXPO Nordic returns to Stockholm & includes Cyber Security - Business Insider Nordic August 16, 2017
    Business Insider NordicSPONSORED CONTENT: IP EXPO Nordic returns to Stockholm & includes Cyber SecurityBusiness Insider NordicNow located at Stockholmsmässan, the two-day event takes place on the 20-21 September 2017 and features is international sub-event Cyber Security Nordic. Mr. Fredrik Reinfeldt, Former Prime Minister of Sweden, will be opening the […]
  • British cyber researcher pleads not guilty to US hacking charges - Reuters August 14, 2017
    ReutersBritish cyber researcher pleads not guilty to US hacking chargesReutersSAN FRANCISCO (Reuters) - British cyber security researcher Marcus Hutchins pleaded not guilty on Monday to federal charges he built and sold malicious code used to steal banking credentials. Hutchins, 23, rose to overnight fame within the hacker ...NHS cyber-defender Marcus Hutchi […]

ADVERTISEMENT

RSS Cyber War News (Bing)


ADVERTISEMENT

RSS Cyber Tag (Icerocket)


ADVERTISEMENT

RSS Cyberwar Tag (Wordpress)


ADVERTISEMENT


 
The Art of Attention

© 2016 PROSOCHĒ. All Rights Reserved.
Fair Use Policy ҩ Terms of Service ҩ Privacy Policy ҩ Contact

Cyber Threat Assessment

 


ADVERTISEMENT

In this New York Times bestselling investigation, Ted Koppel reveals that a major cyberattack on America’s power grid is not only possible but likely, that it would be devastating, and that the United States is shockingly unprepared... [MORE]


ADVERTISEMENT

As cyber-attacks dominate front-page news, as hackers join terrorists on the list of global threats, and as top generals warn of a coming cyber war, few books are more timely and enlightening than Dark Territory: The Secret History of Cyber War, by Slate columnist and Pulitzer Prize–winning journalist Fred Kaplan... [MORE]


ADVERTISEMENT

ADVERTISEMENT

Support CSWW

Please help improve CSWW by providing us with your comments, concerns, and questions at our FEEDBACK page.

Editor, CSWW

Kurt Brindley is a retired U.S. Navy Senior Chief who specialized in the fields of tele-communications and C4SRI systems Upon retirement from the navy, he spent nearly a decade as a defense industry consultant. He now writes full time... [MORE]


ADVERTISEMENT

Now in development for film by 20th Century Fox, award-winning CyberStorm depicts, in realistic and sometimes terrifying detail, what a full scale cyber attack against present-day New York City might look like from the perspective of one family trying to survive it... [MORE]