Cyber Strategies for a World at War

OPEN SOURCE AGGREGATION & ANALYSIS

Top Hacker Shows Us How It’s Done

Advertisements

Filed under: cyber security, , , , , , , ,

An “Horrendous Risk” In Action

Wired tech writer Mat Honan provides heart-stopping but timely insight into what Steve Wozniak’s horrendous cloud risks look like:

In the space of one hour, my entire digital life was destroyed. First my Google account was taken over, then deleted. Next my Twitter account was compromised, and used as a platform to broadcast racist and homophobic messages. And worst of all, my AppleID account was broken into, and my hackers used it to remotely erase all of the data on my iPhone, iPad, and MacBook.

Continue reading, if you dare, at Wired

Filed under: Business, cyber security, Internet, Life, News, Polls, Technology, , , , , , , , , , , , , , , , , ,

Cyber Threats 101

By Kim Hart
February 16, 2009
The Washington Post

An Army lieutenant may be an expert at securing borders and warding off enemies in a war zone. But when it comes to making sure hackers cannot break into the military’s communications network, officers may feel pretty defenseless.

To get a better grasp on technological threats, military officers, agency heads and government contracting executives have found one of the Defense Department’s best-kept secrets: the National Defense University.

NDU is made up of four graduate-level colleges, including the National War College, the Industrial College of the Armed Forces, and the Joint Forces Staff College. But the largest college — the Information Resources Management College — has grown the fastest over the past few years because the skills it teaches are in such high demand.

Located on the District waterfront, at Fort Lesley J. McNair, the college trains mid-career workers, in the public and private sectors, how to leverage the newest consumer technologies as well as how to protect vital information. This expertise used to be reserved for an agency’s chief information officer. But as tools like thumb drives, Facebook, Twitter and voice over Internet Protocol phone services creep into offices and bases, secure digital networks are becoming essential for all employees.

“Web 2.0 and information assurance are such big deals these days, but they are in conflict,” said Robert Childs, senior director of the college. The courses are tailored for people responsible for safeguarding the networks at the National Security Administration and the Department of Homeland Security, for example. The Defense Department is the college’s primary source of funding.

Continue reading…

Filed under: Analysis, Biography, Business, cyber security, cyber war, Doctrine, government, History, Intelligence Community, Internet, Life, Military, News, Policy, Politics, Polls, Strategy, Technology, Terrorism, Training, War, , , , , , , , , , , , , , , , , , , , , , , , ,

VA settlement demonstrates just how costly lax security can be

By William Jackson
February 02, 2009
GCN

If you want another good reason to make sure your sensitive data is adequately locked down, look no farther than the Veterans Affairs Department, which last week agreed to pay $20 million to settle a class action lawsuit over the 2006 loss of a laptop containing records with personal information about up to 26.5 million veterans and active duty personnel.

That’s a lot of money, and it will be paid from taxpayers’ dollars, but VA got off lucky. The suit originally asked for $1,000 for each person whose data was exposed, which could have been more than $26 billion. That’s nearly enough to bail out a good-sized bank.

The settlement demonstrates that the repercussions of exposing data can be long-lasting and that the cost can go far beyond the immediate expense of cleaning up the breach. For companies it has long been known that negative publicity resulting from public notification of a data breach can quickly translate into millions of dollars of lost shareholder value as stock prices tumble. Agencies do not have to worry about stock prices, but the threat of other costs is real. The VA agreed to the settlement even though the department has said there is no evidence that the information on the stolen laptop was used or than any person involved was harmed by it.

Continue reading…

Filed under: cyber security, government, News, , , , , , , , , , ,

Nato’s cyber defence warriors

By Frank Gardner
February 3, 2009
BBC

Nato officials have told the BBC their computers are under constant attack from organisations and individuals bent on trying to hack into their secrets.

The attacks keep coming despite the establishment of a co-ordinated cyber defence policy with a quick-reaction cyber team on permanent standby.

The cyber defence policy was set up after a wave of cyber attacks on Nato member Estonia in 2007, and more recent attacks on Georgia – so what are they defending against and how do they do it?

Tower of Babel

Nato’s operational headquarters in Mons is a low, drab three-storey building – part of a sprawling complex set in rolling farmland south of Brussels.

The blue and white flag of the 26-nation alliance flutters in the cold breeze alongside the spangled banner of the EU.

Inside the canteen it is like a Tower of Babel with almost every language of Europe competing to be heard above the clatter of trays and dishes.

Our escort, a German army officer in immaculate uniform, leads us down a corridor to a hushed room where 20 or so military analysts sit hunched over computers; their desert boots and camouflage fatigues strangely out of place for a windowless room in Belgium.

This, explains Chris Evis, is the Incident Management Section, which he heads.

“We face the full gamut of threats. It varies from your kiddie who’s just trying to gain street cred amongst his friends to say he’s just defaced a Nato system to more focused targeted attacks against Nato information”.

Cyber attacks are not new – websites were being hacked into and brought down during the Kosovo war 10 years ago.

Continue reading…

Filed under: cyber war, Military, News, , , , , , , , , , , , , , ,

Federal Job Database Is Breached

By Joe Davidson
January 31, 2009
washingtonpost.com

The federal government’s online database for job seekers has been hacked.

As if Uncle Sam’s hiring process is not in enough of a mess already, now comes word that the pocket where he keeps job applications has been picked.

USAJOBS, the government’s database, is powered by Monster.com, the Internet employment service.

A “special security alert” posted by USAJOBS says “certain contact and account data were taken, including user IDs and passwords, e-mail addresses, names, phone numbers, and some basic demographic data.

“The information accessed does not include resumes,” the statement continues. “The accessed information does not include sensitive data such as social security numbers or personal financial data.”

But the government warns that the stolen data could be used in phishing schemes. This is a type of electronic fraud in which crooks use e-mail messages, pretending to come from legitimate organizations — potentially the U.S. government in this case — to secure sensitive information from those whose e-mail addresses were stolen.

Continue reading…

Filed under: cyber security, government, News, , , , , , , , , , , , , , , , , , ,

Offering protection in the new cyber war

By David Shamah
January 07, 2009
ISRAEL21c

While Hamas rockets disrupt Israeli life in the Negev, supporters of the terror group are fighting against Israel on another front – over the Internet. Groups of sophisticated hackers, with names like Moroccan Hackers, Islamic Crew, and Iran Black Hats, have been working overtime to “own” Israeli web sites, using them to send messages protesting the Israel Defense Force’s operation in Gaza, chalking up a “cyber-victory” against Israel.

Lucky we have David Allouch, CTO of Israeli security company AppliCure Technologies, on our side. Allouch has been on both sides of the cyber war – a former “black hat” hacker who attacked business and government sites in his native France, now helping protect Israeli sites from the onslaught of hacker teams around the world, determined to hack Israeli sites.

Today, most businesses and individuals have plenty of protection on their computer networks – including firewalls, e-mail spam catchers, anti-virus programs, etc. – so hackers bent on computer mischief don’t concentrate on those installations. Instead, they go for the one “door” that remains open for data from the outside – a company’s web server, which hosts web pages, applications, and databases.

Web site programmers use one of several popular site server software (Apache, Microsoft IIS, etc.), which allow users to interact with sites and site designers to set up things like streaming music and video, as well as logging, site security, and other “back end” stuff. Hackers work endlessly to exploit weaknesses in the server software, and when they find such weaknesses, they’re quick to develop an “exploit” to take advantage of it.

Hackers insert new content

Once a weakness is discovered, the programmers responsible for the hole issue a fix to close the security hold. But not all web programmers get the memo – so there are lots of sites out in cyberspace that have old weaknesses that haven’t been repaired, and it’s these sites the hackers attack. Using an automatic attack script – a bot – hackers can parse thousands of sites in a short time, looking for sites to take over. And when they find them, those sites can be compromised, with the most common exploit being a change in the home page by hackers, where they insert their own content.

Continue reading…

Filed under: cyber security, cyber war, News, Terrorism, , , , , , , , , , , , , , , , , , , ,

Are We In A Tech ‘War’ With Russia?

By Rob Enderle
January 29, 2009
Dark Reading

I was reading the withering comments Vladimir Putin made to Michael Dell in response to Dell’s offer to help Russia. While Putin is the Prime Minister of Russia now, he clearly is also the guy running the country, and reading between the lines, I think it is likely he is driving a technology war with the US — and that has some rather scary implications.

I’ve already seen what appears to be a massive ramp-up of Eastern European botnets and attacks designed to do massive amounts of identity theft. The running assumption is that these are criminals and they are simply too difficult for Russia to catch. But given that Russia treats the tools that these folks use as legitimate products that are developed, protected, and can carry warranties which can be enforced has me wondering if the folks doing the attacking aren’t also government-backed.

Russian hackers are considered a global menace as it is, and if they are overtly or covertly government-backed, this would be a sort of equivalent to a tech war. The FBI has just started warning that Cybergeddon is coming and that they are unprepared for the result. And it likely will come out of Eastern Europe.

The Dell Trigger

At the recent World Economic Conference, Vladimir Putin made a presentation that clearly had an anti-West (actually more anti-US) tone to it. The first question to him was asked by Michael Dell, who after praising Russia for its technical and scientific prowess, asked: “How can we help you?”

Putin reinterpreted Dell’s remarks to mean that Dell was calling Russia weak and then went on in a rant suggesting that Dell was removing Western technology from Russian infrastructure and then concluded with what sounded like a personal attack on Dell. This attack consisted of belittling Dell’s business and stating that Russian software was superior and hardware didn’t matter. The way he said it implied that Dell was running the equivalent of a lemonade stand.

Continue reading…

Filed under: cyber war, News, , , , , , , , , , , , , , , , , , , , ,

Seeking Obama’s Cyber Czar

By Andy Greenberg
December 19, 2008
Forbes

Should the head of cybersecurity in the new administration come from private industry, government or the military?

For weeks, blogs have been buzzing about which Silicon Valley luminary will be tapped as President-elect Barack Obama’s chief technology officer, the most innovation-focused position in what has been touted as a hyper-innovative regime.

But the Obama team may also be quietly preparing another, less-flashy tech role. The president-elect has alluded to appointing a so-called “cyber adviser,” charged with protecting the government and critical infrastructure from a growing wave of hackers and cyberspies.

Continue reading…

Filed under: News, Politics, , , , , , , , , , , ,

Hackers running fake Obama websites: security firm

PARIS (AFP) — Hackers are using dozens of fake websites linked to Barack Obama’s inauguration as US president to spread a virus on the Internet, a security company warned Tuesday.

According to the firm Panda Security, more than 70 websites are running a bogus news story titled “Barack Obama has refused to be a president,” aimed at tricking Internet users into downloading the computer virus.

Users who click on the story are asked to click in a pop-up window to download an information file.

“In reality these are malicious files that are installed on the computer, and turn it into a zombie PC, that can be remotely controlled by hackers,” the firm said in a statement.

It said the cyber-attack appeared to have originated in China, based on analysis of the website domain names, which were all bought by a Chinese company linked to previous cyber-attacks.

Web users are advised not to visit the sites — which include bestbarack.com, jobarack.com, thebaracksite.com — unless they have powerful anti-virus protection.

Filed under: cyber security, Internet, News, , , , , , , , , ,

Global Trends

"The nature of conflict is changing. The risk of conflict will increase due to diverging interests among major powers, an expanding terror threat, continued instability in weak states, and the spread of lethal, disruptive technologies. Disrupting societies will become more common, with long-range precision weapons, cyber, and robotic systems to target infrastructure from afar, and more accessible technology to create weapons of mass destruction."
 
Global Trends and Key Implications Through 2035 from the National Intelligence Council Quadrennial Report GLOBAL TRENDS: The Paradox of Power

A World at War

The World is at War. It is a world war that is being fought right now, in real time, virtually everywhere on the planet. It is a world war that is, perhaps, more encompassing and global in nature than any other world war in history because, not only is it being fought by nations and their governments, it is also being fought by non-state actors such as terrorists, organized crime, unorganized crime, and many other known and unknown entities. It is a total world war being fought every day on the hidden and dark battle fields of the cyber domain. It is a war that, according to some intelligence estimates, has the potential to be as nearly as serious and as deadly as a nuclear war... [MORE]

 


 


ADVERTISEMENT

Author of the #1 New York Times bestseller Against All Enemies, former presidential advisor and counter-terrorism expert Richard A. Clarke sounds a timely and chilling warning about America’s vulnerability in a terrifying new international conflict—Cyber War! Every concerned American should read this startling and explosive book that offers an insider’s view of White House ‘Situation Room’ operations and carries the reader to the frontlines of our cyber defense. Cyber War exposes a virulent threat to our nation’s security. This is no X-Files fantasy or conspiracy theory madness—this is real... [MORE]

RSS ODNI News

  • An error has occurred; the feed is probably down. Try again later.

ADVERTISEMENT

Hackers are always pushing the boundaries, investigating the unknown, and evolving their art. Even if you don't already know how to program, Hacking: The Art of Exploitation, 2nd Edition will give you a complete picture of programming, machine architecture, network communications, and existing hacking techniques. Combine this knowledge with the included Linux environment, and all you need is your own creativity... [MORE]


ADVERTISEMENT

Web applications are the front door to most organizations, exposing them to attacks that may disclose personal information, execute fraudulent transactions, or compromise ordinary users. This practical book has been completely updated and revised to discuss the latest step-by-step techniques for attacking and defending the range of ever-evolving web applications... [MORE]

RSS NSA News

  • An error has occurred; the feed is probably down. Try again later.

ADVERTISEMENT

“When it comes to what government and business are doing together and separately with personal data scooped up from the ether, Mr. Schneier is as knowledgeable as it gets…. Mr. Schneier’s use of concrete examples of bad behavior with data will make even skeptics queasy and potentially push the already paranoid over the edge.” (Jonathan A. Knee - New York Times)... [MORE]

RSS CIA News


ADVERTISEMENT

The Blue Team Handbook is a zero fluff reference guide for cyber security incident responders and InfoSec pros alike. The BTHb includes essential information in a condensed handbook format about the incident response process, how attackers work, common tools, a methodology for network analysis developed over 12 years, Windows and Linux analysis processes, tcpdump usage examples, Snort IDS usage, and numerous other topics... [MORE]

RSS Defense Advanced Research Projects Agency (DARPA)

  • 2018/07/20 DARPA Sets Date for Subterranean Challenge Competitors Day July 20, 2018
    DARPA will host a competitors day September 27, 2018, to communicate the vision and timeline of the DARPA Subterranean (SubT) Challenge, engage potential competitors, and provide a space for technical and operational exchange.
  • 2018/07/20 Accelerating the Exploration of Promising Artificial Intelligence Concepts July 20, 2018
    DARPA today announced its Artificial Intelligence Exploration (AIE) program, a key component of the agency's broader artificial intelligence (AI) investment strategy aimed at ensuring the United States maintains an advantage in this critical and rapidly accelerating technology area. AIE will constitute a series of unique funding opportunities that use s […]
  • 2018/07/18 Faster, Lighter, Smarter: DARPA Gives Small Autonomous Systems a Tech Boost July 18, 2018
    DARPA's Fast Lightweight Autonomy (FLA) program recently completed Phase 2 flight tests, demonstrating advanced algorithms designed to turn small air and ground systems into team members that could autonomously perform tasks dangerous for humans – such as pre-mission reconnaissance in a hostile urban setting or searching damaged structures for survivors […]
  • 2018/07/17 Developing Microrobotics for Disaster Recovery and High-Risk Environments July 17, 2018
    Imagine a natural disaster scenario, such as an earthquake, that inflicts widespread damage to buildings and structures, critical utilities and infrastructure, and threatens human safety. Having the ability to navigate the rubble and enter highly unstable areas could prove invaluable to saving lives or detecting additional hazards among the wreckage. Partner […]
  • 2018/07/17 Seeking 72-hour Space Environment Forecasts with Updates on the Hour July 17, 2018
    Models for providing hourly terrestrial weather forecasts anywhere in the world have become increasingly precise-our smartphones buzz or chirp with local alerts of approaching thunderstorms, heavy snow, flash floods, and big events like tornados and hurricanes. The military relies on accurate weather forecasts for planning complex operations in the air, on g […]

ADVERTISEMENT

RSS Cyber News (Google)

  • This RSS feed URL is deprecated July 21, 2018
    This RSS feed URL is deprecated, please update. New URLs can be found in the footers at https://news.google.com/news
  • Cyber Saturday—Introducing Fortune Brainstorm Finance - Fortune July 21, 2018
    FortuneCyber Saturday—Introducing Fortune Brainstorm FinanceFortuneGood morning, Cyber Saturday readers. It's been a heady week of hand-shaking, connection-making, and idea-waking at Fortune Brainstorm Tech in Aspen. With the conference concluded, I've descended from the mountaintops to an islet off the coast of ...
  • Singapore cyber attack affects 1.5 million people - euronews July 21, 2018
    euronewsSingapore cyber attack affects 1.5 million peopleeuronewsGovernment officials did not say who might have been behind the attack, but a joint statement by the health and communications ministries suggested a high degree of sophistication. The cyber attack comes as the state has made cybersecurity a top ...Cyber attack on Singapore health database stea […]
  • What Alexander Hamilton Can Teach Us About Cyber Policy - Defense One July 21, 2018
    Defense OneWhat Alexander Hamilton Can Teach Us About Cyber PolicyDefense OneThough this Hamiltonian framework is useful for any policy discussion, it is a particularly good lens for the cyber realm, for it encourages policymakers to balance the expected effects and unintended consequences of a proposed policy; and to harmonize ...
  • US Officials Warn of Potential Cyber Attacks from Iran - Fortune July 20, 2018
    FortuneUS Officials Warn of Potential Cyber Attacks from IranFortuneIranian hackers have laid the groundwork to carry out extensive cyber attacks against private U.S. and European companies, U.S. officials warn, according to NBC News. Although experts don't believe any such attack is imminent, the preparations could ...Iran has laid groundwork for exten […]
  • What a Cyber 9/11 Would Mean for the US - Fortune July 20, 2018
    FortuneWhat a Cyber 9/11 Would Mean for the USFortuneThe United States has been beset by hackers who have plundered the country's intellectual property and meddled with its political system. But the worst could be yet to come in the form of a “cyber 9/11″—a term often invoked but rarely defined. This ...
  • Top FBI cyber officials set to retire - CNNPolitics - CNN.com - CNN July 20, 2018
    CNNTop FBI cyber officials set to retire - CNNPolitics - CNN.comCNNThe FBI's top two cybersecurity officials are planning to leave the bureau, the FBI confirmed Thursday.Three senior cyber officials at FBI retiring: report | TheHillThe HillTop FBI cyber officials set to retireWPLG Local 10all 10 news articles »
  • Cyber Security offers long list of work opportunities - KCAU 9 July 20, 2018
    KCAU 9Cyber Security offers long list of work opportunitiesKCAU 9Non-profit information security advocacy groups, predict a global shortage of two million cyber security professionals by 2019. And research shows employers are struggling to fill 200,000 other cyber-security positions every year. One of the biggest ...
  • What Is The GRU And What Role Does It Play In Russia's Cyber And Military Operations? - NPR July 20, 2018
    What Is The GRU And What Role Does It Play In Russia's Cyber And Military Operations?NPRIn 2008, a combined cyber and military attack that pummeled neighboring Georgia. More recently, critical ongoing support to bolster President Bashar al-Assad in Syria's devastating war. MARK GALEOTTI: And then, above all, along came the Ukrainian ...and more » […]
  • EU, China setting global cyber standards - Politico July 19, 2018
    NextgovEU, China setting global cyber standardsPoliticoAnd China has been even more aggressive, enacting a cyber law with strict security controls on tech companies and spreading its heavy-handed model throughout the developing world. And while the global tech industry is adapting to these new realities, ...Government's Cyber Monitoring Program Would Be […]
  • With cyber forces underequipped, DoD turns to rapid prototyping contracting - fifthdomain.com July 20, 2018
    fifthdomain.comWith cyber forces underequipped, DoD turns to rapid prototyping contractingfifthdomain.comAs a result, the military wants to quickly get these new cyber warriors the tools they need. To do this, they are turning to contracting vehicles such as other transaction authorities and the so-called IT Box construct as a way to skirt the traditional .. […]

ADVERTISEMENT

RSS Cyber War News (Bing)


ADVERTISEMENT

RSS Cyber Tag (Icerocket)


ADVERTISEMENT

RSS Cyberwar Tag (Wordpress)


ADVERTISEMENT


 
The Art of Attention

© 2016 PROSOCHĒ. All Rights Reserved.
Fair Use Policy ҩ Terms of Service ҩ Privacy Policy ҩ Contact

Cyber Threat Assessment

 


ADVERTISEMENT

In this New York Times bestselling investigation, Ted Koppel reveals that a major cyberattack on America’s power grid is not only possible but likely, that it would be devastating, and that the United States is shockingly unprepared... [MORE]


ADVERTISEMENT

As cyber-attacks dominate front-page news, as hackers join terrorists on the list of global threats, and as top generals warn of a coming cyber war, few books are more timely and enlightening than Dark Territory: The Secret History of Cyber War, by Slate columnist and Pulitzer Prize–winning journalist Fred Kaplan... [MORE]


ADVERTISEMENT

ADVERTISEMENT

Support CSWW

Please help improve CSWW by providing us with your comments, concerns, and questions at our FEEDBACK page.

Editor, CSWW

Kurt Brindley is a retired U.S. Navy Senior Chief who specialized in the fields of tele-communications and C4SRI systems Upon retirement from the navy, he spent nearly a decade as a defense industry consultant. He now writes full time... [MORE]


ADVERTISEMENT

Now in development for film by 20th Century Fox, award-winning CyberStorm depicts, in realistic and sometimes terrifying detail, what a full scale cyber attack against present-day New York City might look like from the perspective of one family trying to survive it... [MORE]