Cyber Strategies for a World at War

OPEN SOURCE AGGREGATION & ANALYSIS

Top Hacker Shows Us How It’s Done

Advertisements

Filed under: cyber security, , , , , , , ,

An “Horrendous Risk” In Action

Wired tech writer Mat Honan provides heart-stopping but timely insight into what Steve Wozniak’s horrendous cloud risks look like:

In the space of one hour, my entire digital life was destroyed. First my Google account was taken over, then deleted. Next my Twitter account was compromised, and used as a platform to broadcast racist and homophobic messages. And worst of all, my AppleID account was broken into, and my hackers used it to remotely erase all of the data on my iPhone, iPad, and MacBook.

Continue reading, if you dare, at Wired

Filed under: Business, cyber security, Internet, Life, News, Polls, Technology, , , , , , , , , , , , , , , , , ,

Cyber Threats 101

By Kim Hart
February 16, 2009
The Washington Post

An Army lieutenant may be an expert at securing borders and warding off enemies in a war zone. But when it comes to making sure hackers cannot break into the military’s communications network, officers may feel pretty defenseless.

To get a better grasp on technological threats, military officers, agency heads and government contracting executives have found one of the Defense Department’s best-kept secrets: the National Defense University.

NDU is made up of four graduate-level colleges, including the National War College, the Industrial College of the Armed Forces, and the Joint Forces Staff College. But the largest college — the Information Resources Management College — has grown the fastest over the past few years because the skills it teaches are in such high demand.

Located on the District waterfront, at Fort Lesley J. McNair, the college trains mid-career workers, in the public and private sectors, how to leverage the newest consumer technologies as well as how to protect vital information. This expertise used to be reserved for an agency’s chief information officer. But as tools like thumb drives, Facebook, Twitter and voice over Internet Protocol phone services creep into offices and bases, secure digital networks are becoming essential for all employees.

“Web 2.0 and information assurance are such big deals these days, but they are in conflict,” said Robert Childs, senior director of the college. The courses are tailored for people responsible for safeguarding the networks at the National Security Administration and the Department of Homeland Security, for example. The Defense Department is the college’s primary source of funding.

Continue reading…

Filed under: Analysis, Biography, Business, cyber security, cyber war, Doctrine, government, History, Intelligence Community, Internet, Life, Military, News, Policy, Politics, Polls, Strategy, Technology, Terrorism, Training, War, , , , , , , , , , , , , , , , , , , , , , , , ,

VA settlement demonstrates just how costly lax security can be

By William Jackson
February 02, 2009
GCN

If you want another good reason to make sure your sensitive data is adequately locked down, look no farther than the Veterans Affairs Department, which last week agreed to pay $20 million to settle a class action lawsuit over the 2006 loss of a laptop containing records with personal information about up to 26.5 million veterans and active duty personnel.

That’s a lot of money, and it will be paid from taxpayers’ dollars, but VA got off lucky. The suit originally asked for $1,000 for each person whose data was exposed, which could have been more than $26 billion. That’s nearly enough to bail out a good-sized bank.

The settlement demonstrates that the repercussions of exposing data can be long-lasting and that the cost can go far beyond the immediate expense of cleaning up the breach. For companies it has long been known that negative publicity resulting from public notification of a data breach can quickly translate into millions of dollars of lost shareholder value as stock prices tumble. Agencies do not have to worry about stock prices, but the threat of other costs is real. The VA agreed to the settlement even though the department has said there is no evidence that the information on the stolen laptop was used or than any person involved was harmed by it.

Continue reading…

Filed under: cyber security, government, News, , , , , , , , , , ,

Nato’s cyber defence warriors

By Frank Gardner
February 3, 2009
BBC

Nato officials have told the BBC their computers are under constant attack from organisations and individuals bent on trying to hack into their secrets.

The attacks keep coming despite the establishment of a co-ordinated cyber defence policy with a quick-reaction cyber team on permanent standby.

The cyber defence policy was set up after a wave of cyber attacks on Nato member Estonia in 2007, and more recent attacks on Georgia – so what are they defending against and how do they do it?

Tower of Babel

Nato’s operational headquarters in Mons is a low, drab three-storey building – part of a sprawling complex set in rolling farmland south of Brussels.

The blue and white flag of the 26-nation alliance flutters in the cold breeze alongside the spangled banner of the EU.

Inside the canteen it is like a Tower of Babel with almost every language of Europe competing to be heard above the clatter of trays and dishes.

Our escort, a German army officer in immaculate uniform, leads us down a corridor to a hushed room where 20 or so military analysts sit hunched over computers; their desert boots and camouflage fatigues strangely out of place for a windowless room in Belgium.

This, explains Chris Evis, is the Incident Management Section, which he heads.

“We face the full gamut of threats. It varies from your kiddie who’s just trying to gain street cred amongst his friends to say he’s just defaced a Nato system to more focused targeted attacks against Nato information”.

Cyber attacks are not new – websites were being hacked into and brought down during the Kosovo war 10 years ago.

Continue reading…

Filed under: cyber war, Military, News, , , , , , , , , , , , , , ,

Federal Job Database Is Breached

By Joe Davidson
January 31, 2009
washingtonpost.com

The federal government’s online database for job seekers has been hacked.

As if Uncle Sam’s hiring process is not in enough of a mess already, now comes word that the pocket where he keeps job applications has been picked.

USAJOBS, the government’s database, is powered by Monster.com, the Internet employment service.

A “special security alert” posted by USAJOBS says “certain contact and account data were taken, including user IDs and passwords, e-mail addresses, names, phone numbers, and some basic demographic data.

“The information accessed does not include resumes,” the statement continues. “The accessed information does not include sensitive data such as social security numbers or personal financial data.”

But the government warns that the stolen data could be used in phishing schemes. This is a type of electronic fraud in which crooks use e-mail messages, pretending to come from legitimate organizations — potentially the U.S. government in this case — to secure sensitive information from those whose e-mail addresses were stolen.

Continue reading…

Filed under: cyber security, government, News, , , , , , , , , , , , , , , , , , ,

Offering protection in the new cyber war

By David Shamah
January 07, 2009
ISRAEL21c

While Hamas rockets disrupt Israeli life in the Negev, supporters of the terror group are fighting against Israel on another front – over the Internet. Groups of sophisticated hackers, with names like Moroccan Hackers, Islamic Crew, and Iran Black Hats, have been working overtime to “own” Israeli web sites, using them to send messages protesting the Israel Defense Force’s operation in Gaza, chalking up a “cyber-victory” against Israel.

Lucky we have David Allouch, CTO of Israeli security company AppliCure Technologies, on our side. Allouch has been on both sides of the cyber war – a former “black hat” hacker who attacked business and government sites in his native France, now helping protect Israeli sites from the onslaught of hacker teams around the world, determined to hack Israeli sites.

Today, most businesses and individuals have plenty of protection on their computer networks – including firewalls, e-mail spam catchers, anti-virus programs, etc. – so hackers bent on computer mischief don’t concentrate on those installations. Instead, they go for the one “door” that remains open for data from the outside – a company’s web server, which hosts web pages, applications, and databases.

Web site programmers use one of several popular site server software (Apache, Microsoft IIS, etc.), which allow users to interact with sites and site designers to set up things like streaming music and video, as well as logging, site security, and other “back end” stuff. Hackers work endlessly to exploit weaknesses in the server software, and when they find such weaknesses, they’re quick to develop an “exploit” to take advantage of it.

Hackers insert new content

Once a weakness is discovered, the programmers responsible for the hole issue a fix to close the security hold. But not all web programmers get the memo – so there are lots of sites out in cyberspace that have old weaknesses that haven’t been repaired, and it’s these sites the hackers attack. Using an automatic attack script – a bot – hackers can parse thousands of sites in a short time, looking for sites to take over. And when they find them, those sites can be compromised, with the most common exploit being a change in the home page by hackers, where they insert their own content.

Continue reading…

Filed under: cyber security, cyber war, News, Terrorism, , , , , , , , , , , , , , , , , , , ,

Are We In A Tech ‘War’ With Russia?

By Rob Enderle
January 29, 2009
Dark Reading

I was reading the withering comments Vladimir Putin made to Michael Dell in response to Dell’s offer to help Russia. While Putin is the Prime Minister of Russia now, he clearly is also the guy running the country, and reading between the lines, I think it is likely he is driving a technology war with the US — and that has some rather scary implications.

I’ve already seen what appears to be a massive ramp-up of Eastern European botnets and attacks designed to do massive amounts of identity theft. The running assumption is that these are criminals and they are simply too difficult for Russia to catch. But given that Russia treats the tools that these folks use as legitimate products that are developed, protected, and can carry warranties which can be enforced has me wondering if the folks doing the attacking aren’t also government-backed.

Russian hackers are considered a global menace as it is, and if they are overtly or covertly government-backed, this would be a sort of equivalent to a tech war. The FBI has just started warning that Cybergeddon is coming and that they are unprepared for the result. And it likely will come out of Eastern Europe.

The Dell Trigger

At the recent World Economic Conference, Vladimir Putin made a presentation that clearly had an anti-West (actually more anti-US) tone to it. The first question to him was asked by Michael Dell, who after praising Russia for its technical and scientific prowess, asked: “How can we help you?”

Putin reinterpreted Dell’s remarks to mean that Dell was calling Russia weak and then went on in a rant suggesting that Dell was removing Western technology from Russian infrastructure and then concluded with what sounded like a personal attack on Dell. This attack consisted of belittling Dell’s business and stating that Russian software was superior and hardware didn’t matter. The way he said it implied that Dell was running the equivalent of a lemonade stand.

Continue reading…

Filed under: cyber war, News, , , , , , , , , , , , , , , , , , , , ,

Seeking Obama’s Cyber Czar

By Andy Greenberg
December 19, 2008
Forbes

Should the head of cybersecurity in the new administration come from private industry, government or the military?

For weeks, blogs have been buzzing about which Silicon Valley luminary will be tapped as President-elect Barack Obama’s chief technology officer, the most innovation-focused position in what has been touted as a hyper-innovative regime.

But the Obama team may also be quietly preparing another, less-flashy tech role. The president-elect has alluded to appointing a so-called “cyber adviser,” charged with protecting the government and critical infrastructure from a growing wave of hackers and cyberspies.

Continue reading…

Filed under: News, Politics, , , , , , , , , , , ,

Hackers running fake Obama websites: security firm

PARIS (AFP) — Hackers are using dozens of fake websites linked to Barack Obama’s inauguration as US president to spread a virus on the Internet, a security company warned Tuesday.

According to the firm Panda Security, more than 70 websites are running a bogus news story titled “Barack Obama has refused to be a president,” aimed at tricking Internet users into downloading the computer virus.

Users who click on the story are asked to click in a pop-up window to download an information file.

“In reality these are malicious files that are installed on the computer, and turn it into a zombie PC, that can be remotely controlled by hackers,” the firm said in a statement.

It said the cyber-attack appeared to have originated in China, based on analysis of the website domain names, which were all bought by a Chinese company linked to previous cyber-attacks.

Web users are advised not to visit the sites — which include bestbarack.com, jobarack.com, thebaracksite.com — unless they have powerful anti-virus protection.

Filed under: cyber security, Internet, News, , , , , , , , , ,

Global Trends

"The nature of conflict is changing. The risk of conflict will increase due to diverging interests among major powers, an expanding terror threat, continued instability in weak states, and the spread of lethal, disruptive technologies. Disrupting societies will become more common, with long-range precision weapons, cyber, and robotic systems to target infrastructure from afar, and more accessible technology to create weapons of mass destruction."
 
Global Trends and Key Implications Through 2035 from the National Intelligence Council Quadrennial Report GLOBAL TRENDS: The Paradox of Power

A World at War

The World is at War. It is a world war that is being fought right now, in real time, virtually everywhere on the planet. It is a world war that is, perhaps, more encompassing and global in nature than any other world war in history because, not only is it being fought by nations and their governments, it is also being fought by non-state actors such as terrorists, organized crime, unorganized crime, and many other known and unknown entities. It is a total world war being fought every day on the hidden and dark battle fields of the cyber domain. It is a war that, according to some intelligence estimates, has the potential to be as nearly as serious and as deadly as a nuclear war... [MORE]

 


 


ADVERTISEMENT

Author of the #1 New York Times bestseller Against All Enemies, former presidential advisor and counter-terrorism expert Richard A. Clarke sounds a timely and chilling warning about America’s vulnerability in a terrifying new international conflict—Cyber War! Every concerned American should read this startling and explosive book that offers an insider’s view of White House ‘Situation Room’ operations and carries the reader to the frontlines of our cyber defense. Cyber War exposes a virulent threat to our nation’s security. This is no X-Files fantasy or conspiracy theory madness—this is real... [MORE]

RSS ODNI News

  • An error has occurred; the feed is probably down. Try again later.

ADVERTISEMENT

Hackers are always pushing the boundaries, investigating the unknown, and evolving their art. Even if you don't already know how to program, Hacking: The Art of Exploitation, 2nd Edition will give you a complete picture of programming, machine architecture, network communications, and existing hacking techniques. Combine this knowledge with the included Linux environment, and all you need is your own creativity... [MORE]


ADVERTISEMENT

Web applications are the front door to most organizations, exposing them to attacks that may disclose personal information, execute fraudulent transactions, or compromise ordinary users. This practical book has been completely updated and revised to discuss the latest step-by-step techniques for attacking and defending the range of ever-evolving web applications... [MORE]

RSS NSA News

  • An error has occurred; the feed is probably down. Try again later.

ADVERTISEMENT

“When it comes to what government and business are doing together and separately with personal data scooped up from the ether, Mr. Schneier is as knowledgeable as it gets…. Mr. Schneier’s use of concrete examples of bad behavior with data will make even skeptics queasy and potentially push the already paranoid over the edge.” (Jonathan A. Knee - New York Times)... [MORE]

RSS CIA News


ADVERTISEMENT

The Blue Team Handbook is a zero fluff reference guide for cyber security incident responders and InfoSec pros alike. The BTHb includes essential information in a condensed handbook format about the incident response process, how attackers work, common tools, a methodology for network analysis developed over 12 years, Windows and Linux analysis processes, tcpdump usage examples, Snort IDS usage, and numerous other topics... [MORE]

RSS Defense Advanced Research Projects Agency (DARPA)

  • 2018/11/19 CODE Demonstrates Autonomy and Collaboration with Minimal Human Commands November 19, 2018
    In a recent test series at Yuma Proving Ground in Arizona, DARPA's Collaborative Operations in Denied Environment (CODE) program demonstrated the ability of CODE-equipped Unmanned Aerial Systems (UASs) to adapt and respond to unexpected threats in an anti-access area denial (A2AD) environment. The UASs efficiently shared information, cooperatively plann […]
  • 2018/11/16 DARPA Announces 2019 AI Colloquium November 16, 2018
    Throughout DARPA's history, artificial intelligence (AI) has been an important area of groundbreaking research and development (R&D). In the 1960s, DARPA researchers completed some of the foundational work in the field, leading to the creation of expert systems, or the first wave of AI technologies. Since then, DARPA has funded developments in the s […]
  • 2018/11/09 Program Targets Innovative Propulsion Solutions for Ground-Based Weapons Delivery System November 9, 2018
    The joint DARPA/U.S. Army Operational Fires (OpFires) program will soon kick off with three performers awarded contracts to begin work: Aerojet Rocketdyne, Exquadrum, and Sierra Nevada Corporation. OpFires aims to develop and demonstrate a novel ground-launched system enabling hypersonic boost glide weapons to penetrate modern enemy air defenses and rapidly […]
  • 2018/11/06 DARPA Names Potential Sites for Launch Challenge, Eighteen Teams Prequalify November 6, 2018
    DARPA has narrowed the potential launch locations for the DARPA Launch Challenge to eight, with options for both vertical and horizontal launch. The challenge will culminate in late 2019 with two separate launches to low Earth orbit within weeks of each other from two different sites. Competitors will receive information about the final launch sites, payload […]
  • 2018/11/01 Bringing Photonic Signaling to Digital Microelectronics November 1, 2018
    Parallelism – or the act of several processors simultaneously executing on an application or computation – has been increasingly embraced by the microelectronics industry as a way of sustaining demand for increased system performance. Today, parallel computing architectures have become pervasive across all application domains and system scales – from multico […]

ADVERTISEMENT

RSS Cyber News (Google)

  • This RSS feed URL is deprecated November 21, 2018
    This RSS feed URL is deprecated, please update. New URLs can be found in the footers at https://news.google.com/news
  • Airlines roll out Black Friday, Cyber Monday sales - USA TODAY November 20, 2018
    USA TODAYAirlines roll out Black Friday, Cyber Monday salesUSA TODAY“Black Friday” and “Cyber Monday” are now firmly entrenched on the ever-growing calendar of holiday marketing gimmicks, giving consumers a virtual cornucopia of deal-hunting opportunities timed to the Thanksgiving holiday. The travel industry has ...Don't make these 6 common mistakes an […]
  • From cyber to military mobility: EU members endorse new defense objectives - DefenseNews.com November 20, 2018
    DefenseNews.comFrom cyber to military mobility: EU members endorse new defense objectivesDefenseNews.comThe Cyber Threats and Incident Response Information Sharing Platform, one of the 17 new projects formally announced on Monday, will develop more active cyber-defense measures, potentially moving from traditional firewalls to more active measures.and more » […]
  • Cyber Deterrence is an Oxymoron for Years to Come - The National Interest Online (blog) November 20, 2018
    The National Interest Online (blog)Cyber Deterrence is an Oxymoron for Years to ComeThe National Interest Online (blog)For more than two decades after the end of the Cold War, Western states were able to redefine international security and associated rules related to the use of military force within the globalizing international system. During this period, b […]
  • Where Did North Korea's Cyber Army Come From? - Voice of America November 20, 2018
    Voice of AmericaWhere Did North Korea's Cyber Army Come From?Voice of AmericaNorth Korean hackers continue to circumvent protections and compromise computer systems around the globe. Pyongyang's cyber operatives, like the Lazarus Group, have been linked to computer system infiltrations like the 2014 Sony Pictures Studios hack ...
  • Salesforce: 40% Of 2018's Retail Revenue Will Happen This Week During Black Friday and Cyber Monday - Forbes November 20, 2018
    ForbesSalesforce: 40% Of 2018's Retail Revenue Will Happen This Week During Black Friday and Cyber MondayForbesThe coming Thanksgiving weekend is going to be huge, says Salesforce. So big that almost half of retailers' annual revenue will come in this one massive Thanksgiving, Black Friday, and Cyber Monday weekend. Mobile will be key. So will AI, […]
  • 3 traps to watch out for on Black Friday and Cyber Monday - Yahoo Finance November 20, 2018
    Yahoo Finance3 traps to watch out for on Black Friday and Cyber MondayYahoo FinanceA lot of the deals on Black Friday appear too good to be true, so it should be of no surprise that many of them are. The endless hype parade of Black Friday and Cyber Monday has created a bit of a momentum model when it comes to listing products. As ...and more »
  • Cyber-security firm doxxes hacker who sold MySpace and Dropbox databases in 2016 - ZDNet November 20, 2018
    ZDNetCyber-security firm doxxes hacker who sold MySpace and Dropbox databases in 2016ZDNetRecorded Future, a US-based cyber-security firm, claims to have uncovered the real world identity of a notorious hacker who, back in 2016, had been behind the sale and proliferation of a slew of user databases from companies such as MySpace, Badoo, ...and more »
  • Where Are Your 2018 Cyber Monday Cannabis Deals? - Leafly November 21, 2018
    LeaflyWhere Are Your 2018 Cyber Monday Cannabis Deals?LeaflyWhere to go: Rockville in Baltimore, MD. Verilife has stores in Illinois, Massachusetts, and Maryland. For Cyber Monday, their Rockville location in Maryland is offering a sweet 10% discount on all Leafly Pickup orders. There's nothing better than ...
  • How learning from hackers can protect us from cyber attacks - ZDNet November 20, 2018
    ZDNetHow learning from hackers can protect us from cyber attacksZDNetFor cyber criminal groups and underground communities on the dark web, speed is key to running a successful operation -- especially when it comes to the use of zero-days and other advanced attacks where there can sometimes be just a short delay ...and more »
  • UK 'wholly' unprepared to stop devastating cyber-attack, MPs warn - The Guardian November 19, 2018
    The GuardianUK 'wholly' unprepared to stop devastating cyber-attack, MPs warnThe GuardianMinisters are failing to act with “a meaningful sense of purpose or urgency” in the face of a growing cyber threat to the UK's critical national infrastructure (CNI), a parliamentary committee has warned. The joint committee on national security ...UK powe […]

ADVERTISEMENT

RSS Cyber War News (Bing)


ADVERTISEMENT

RSS Cyber Tag (Icerocket)

  • The 3 PR Dashboards Your Comms Strategy Needs November 20, 2018
    Confession: While media monitoring software was evolving into media intelligence over the last decade, I didn’t as a user. My media monitoring routine remained fairly static since the early aughts:…Read More >>>
    newscred
  • Government Social Media Accounts: 3 Agencies that Inspire on Social November 18, 2018
    Arguably one of the most useful aspects of social media is its ability to deliver relevant content to a significantly large group of people instantaneously. Whether it's delivering crucial information during…Read More >>>
    newscred
  • Social Sidekick: Your Monthly Guide to Social Holidays, Themes, and Noteworthy Events November 16, 2018
    December is already upon us! It feels like the year flew by! Although the month of December doesn't have quite as many social holidays, there is still a lot to…Read More >>>
    Meltwater
  • Social Entrepreneurs: 5 Consumer Brands that Started on Social November 11, 2018
    It’s now taken for granted that some businesses are so entwined with a social channel experience that you can’t imagine them functioning without social media. We call them social entrepreneurs.Consider…Read More >>>
    Meltwater
  • 3 Recipe Sites’ Social Strategies November 8, 2018
    Sometimes, it can seem like the internet was made specifically for food content. Aspirational, yet obtainable, recipe-focused content showcases beautiful, delicious food and it’s ingredients. Not sure what to cook…Read More >>>
    newscred

ADVERTISEMENT

RSS Cyberwar Tag (Wordpress)


ADVERTISEMENT


 
The Art of Attention

© 2016 PROSOCHĒ. All Rights Reserved.
Fair Use Policy ҩ Terms of Service ҩ Privacy Policy ҩ Contact

Cyber Threat Assessment

 


ADVERTISEMENT

In this New York Times bestselling investigation, Ted Koppel reveals that a major cyberattack on America’s power grid is not only possible but likely, that it would be devastating, and that the United States is shockingly unprepared... [MORE]


ADVERTISEMENT

As cyber-attacks dominate front-page news, as hackers join terrorists on the list of global threats, and as top generals warn of a coming cyber war, few books are more timely and enlightening than Dark Territory: The Secret History of Cyber War, by Slate columnist and Pulitzer Prize–winning journalist Fred Kaplan... [MORE]


ADVERTISEMENT

ADVERTISEMENT

Support CSWW

Please help improve CSWW by providing us with your comments, concerns, and questions at our FEEDBACK page.

Editor, CSWW

Kurt Brindley is a retired U.S. Navy Senior Chief who specialized in the fields of tele-communications and C4SRI systems Upon retirement from the navy, he spent nearly a decade as a defense industry consultant. He now writes full time... [MORE]


ADVERTISEMENT

Now in development for film by 20th Century Fox, award-winning CyberStorm depicts, in realistic and sometimes terrifying detail, what a full scale cyber attack against present-day New York City might look like from the perspective of one family trying to survive it... [MORE]