Cyber Strategies for a World at War

OPEN SOURCE AGGREGATION & ANALYSIS

Top Hacker Shows Us How It’s Done

Advertisements

Filed under: cyber security, , , , , , , ,

An “Horrendous Risk” In Action

Wired tech writer Mat Honan provides heart-stopping but timely insight into what Steve Wozniak’s horrendous cloud risks look like:

In the space of one hour, my entire digital life was destroyed. First my Google account was taken over, then deleted. Next my Twitter account was compromised, and used as a platform to broadcast racist and homophobic messages. And worst of all, my AppleID account was broken into, and my hackers used it to remotely erase all of the data on my iPhone, iPad, and MacBook.

Continue reading, if you dare, at Wired

Filed under: Business, cyber security, Internet, Life, News, Polls, Technology, , , , , , , , , , , , , , , , , ,

Cyber Threats 101

By Kim Hart
February 16, 2009
The Washington Post

An Army lieutenant may be an expert at securing borders and warding off enemies in a war zone. But when it comes to making sure hackers cannot break into the military’s communications network, officers may feel pretty defenseless.

To get a better grasp on technological threats, military officers, agency heads and government contracting executives have found one of the Defense Department’s best-kept secrets: the National Defense University.

NDU is made up of four graduate-level colleges, including the National War College, the Industrial College of the Armed Forces, and the Joint Forces Staff College. But the largest college — the Information Resources Management College — has grown the fastest over the past few years because the skills it teaches are in such high demand.

Located on the District waterfront, at Fort Lesley J. McNair, the college trains mid-career workers, in the public and private sectors, how to leverage the newest consumer technologies as well as how to protect vital information. This expertise used to be reserved for an agency’s chief information officer. But as tools like thumb drives, Facebook, Twitter and voice over Internet Protocol phone services creep into offices and bases, secure digital networks are becoming essential for all employees.

“Web 2.0 and information assurance are such big deals these days, but they are in conflict,” said Robert Childs, senior director of the college. The courses are tailored for people responsible for safeguarding the networks at the National Security Administration and the Department of Homeland Security, for example. The Defense Department is the college’s primary source of funding.

Continue reading…

Filed under: Analysis, Biography, Business, cyber security, cyber war, Doctrine, government, History, Intelligence Community, Internet, Life, Military, News, Policy, Politics, Polls, Strategy, Technology, Terrorism, Training, War, , , , , , , , , , , , , , , , , , , , , , , , ,

VA settlement demonstrates just how costly lax security can be

By William Jackson
February 02, 2009
GCN

If you want another good reason to make sure your sensitive data is adequately locked down, look no farther than the Veterans Affairs Department, which last week agreed to pay $20 million to settle a class action lawsuit over the 2006 loss of a laptop containing records with personal information about up to 26.5 million veterans and active duty personnel.

That’s a lot of money, and it will be paid from taxpayers’ dollars, but VA got off lucky. The suit originally asked for $1,000 for each person whose data was exposed, which could have been more than $26 billion. That’s nearly enough to bail out a good-sized bank.

The settlement demonstrates that the repercussions of exposing data can be long-lasting and that the cost can go far beyond the immediate expense of cleaning up the breach. For companies it has long been known that negative publicity resulting from public notification of a data breach can quickly translate into millions of dollars of lost shareholder value as stock prices tumble. Agencies do not have to worry about stock prices, but the threat of other costs is real. The VA agreed to the settlement even though the department has said there is no evidence that the information on the stolen laptop was used or than any person involved was harmed by it.

Continue reading…

Filed under: cyber security, government, News, , , , , , , , , , ,

Nato’s cyber defence warriors

By Frank Gardner
February 3, 2009
BBC

Nato officials have told the BBC their computers are under constant attack from organisations and individuals bent on trying to hack into their secrets.

The attacks keep coming despite the establishment of a co-ordinated cyber defence policy with a quick-reaction cyber team on permanent standby.

The cyber defence policy was set up after a wave of cyber attacks on Nato member Estonia in 2007, and more recent attacks on Georgia – so what are they defending against and how do they do it?

Tower of Babel

Nato’s operational headquarters in Mons is a low, drab three-storey building – part of a sprawling complex set in rolling farmland south of Brussels.

The blue and white flag of the 26-nation alliance flutters in the cold breeze alongside the spangled banner of the EU.

Inside the canteen it is like a Tower of Babel with almost every language of Europe competing to be heard above the clatter of trays and dishes.

Our escort, a German army officer in immaculate uniform, leads us down a corridor to a hushed room where 20 or so military analysts sit hunched over computers; their desert boots and camouflage fatigues strangely out of place for a windowless room in Belgium.

This, explains Chris Evis, is the Incident Management Section, which he heads.

“We face the full gamut of threats. It varies from your kiddie who’s just trying to gain street cred amongst his friends to say he’s just defaced a Nato system to more focused targeted attacks against Nato information”.

Cyber attacks are not new – websites were being hacked into and brought down during the Kosovo war 10 years ago.

Continue reading…

Filed under: cyber war, Military, News, , , , , , , , , , , , , , ,

Federal Job Database Is Breached

By Joe Davidson
January 31, 2009
washingtonpost.com

The federal government’s online database for job seekers has been hacked.

As if Uncle Sam’s hiring process is not in enough of a mess already, now comes word that the pocket where he keeps job applications has been picked.

USAJOBS, the government’s database, is powered by Monster.com, the Internet employment service.

A “special security alert” posted by USAJOBS says “certain contact and account data were taken, including user IDs and passwords, e-mail addresses, names, phone numbers, and some basic demographic data.

“The information accessed does not include resumes,” the statement continues. “The accessed information does not include sensitive data such as social security numbers or personal financial data.”

But the government warns that the stolen data could be used in phishing schemes. This is a type of electronic fraud in which crooks use e-mail messages, pretending to come from legitimate organizations — potentially the U.S. government in this case — to secure sensitive information from those whose e-mail addresses were stolen.

Continue reading…

Filed under: cyber security, government, News, , , , , , , , , , , , , , , , , , ,

Offering protection in the new cyber war

By David Shamah
January 07, 2009
ISRAEL21c

While Hamas rockets disrupt Israeli life in the Negev, supporters of the terror group are fighting against Israel on another front – over the Internet. Groups of sophisticated hackers, with names like Moroccan Hackers, Islamic Crew, and Iran Black Hats, have been working overtime to “own” Israeli web sites, using them to send messages protesting the Israel Defense Force’s operation in Gaza, chalking up a “cyber-victory” against Israel.

Lucky we have David Allouch, CTO of Israeli security company AppliCure Technologies, on our side. Allouch has been on both sides of the cyber war – a former “black hat” hacker who attacked business and government sites in his native France, now helping protect Israeli sites from the onslaught of hacker teams around the world, determined to hack Israeli sites.

Today, most businesses and individuals have plenty of protection on their computer networks – including firewalls, e-mail spam catchers, anti-virus programs, etc. – so hackers bent on computer mischief don’t concentrate on those installations. Instead, they go for the one “door” that remains open for data from the outside – a company’s web server, which hosts web pages, applications, and databases.

Web site programmers use one of several popular site server software (Apache, Microsoft IIS, etc.), which allow users to interact with sites and site designers to set up things like streaming music and video, as well as logging, site security, and other “back end” stuff. Hackers work endlessly to exploit weaknesses in the server software, and when they find such weaknesses, they’re quick to develop an “exploit” to take advantage of it.

Hackers insert new content

Once a weakness is discovered, the programmers responsible for the hole issue a fix to close the security hold. But not all web programmers get the memo – so there are lots of sites out in cyberspace that have old weaknesses that haven’t been repaired, and it’s these sites the hackers attack. Using an automatic attack script – a bot – hackers can parse thousands of sites in a short time, looking for sites to take over. And when they find them, those sites can be compromised, with the most common exploit being a change in the home page by hackers, where they insert their own content.

Continue reading…

Filed under: cyber security, cyber war, News, Terrorism, , , , , , , , , , , , , , , , , , , ,

Are We In A Tech ‘War’ With Russia?

By Rob Enderle
January 29, 2009
Dark Reading

I was reading the withering comments Vladimir Putin made to Michael Dell in response to Dell’s offer to help Russia. While Putin is the Prime Minister of Russia now, he clearly is also the guy running the country, and reading between the lines, I think it is likely he is driving a technology war with the US — and that has some rather scary implications.

I’ve already seen what appears to be a massive ramp-up of Eastern European botnets and attacks designed to do massive amounts of identity theft. The running assumption is that these are criminals and they are simply too difficult for Russia to catch. But given that Russia treats the tools that these folks use as legitimate products that are developed, protected, and can carry warranties which can be enforced has me wondering if the folks doing the attacking aren’t also government-backed.

Russian hackers are considered a global menace as it is, and if they are overtly or covertly government-backed, this would be a sort of equivalent to a tech war. The FBI has just started warning that Cybergeddon is coming and that they are unprepared for the result. And it likely will come out of Eastern Europe.

The Dell Trigger

At the recent World Economic Conference, Vladimir Putin made a presentation that clearly had an anti-West (actually more anti-US) tone to it. The first question to him was asked by Michael Dell, who after praising Russia for its technical and scientific prowess, asked: “How can we help you?”

Putin reinterpreted Dell’s remarks to mean that Dell was calling Russia weak and then went on in a rant suggesting that Dell was removing Western technology from Russian infrastructure and then concluded with what sounded like a personal attack on Dell. This attack consisted of belittling Dell’s business and stating that Russian software was superior and hardware didn’t matter. The way he said it implied that Dell was running the equivalent of a lemonade stand.

Continue reading…

Filed under: cyber war, News, , , , , , , , , , , , , , , , , , , , ,

Seeking Obama’s Cyber Czar

By Andy Greenberg
December 19, 2008
Forbes

Should the head of cybersecurity in the new administration come from private industry, government or the military?

For weeks, blogs have been buzzing about which Silicon Valley luminary will be tapped as President-elect Barack Obama’s chief technology officer, the most innovation-focused position in what has been touted as a hyper-innovative regime.

But the Obama team may also be quietly preparing another, less-flashy tech role. The president-elect has alluded to appointing a so-called “cyber adviser,” charged with protecting the government and critical infrastructure from a growing wave of hackers and cyberspies.

Continue reading…

Filed under: News, Politics, , , , , , , , , , , ,

Hackers running fake Obama websites: security firm

PARIS (AFP) — Hackers are using dozens of fake websites linked to Barack Obama’s inauguration as US president to spread a virus on the Internet, a security company warned Tuesday.

According to the firm Panda Security, more than 70 websites are running a bogus news story titled “Barack Obama has refused to be a president,” aimed at tricking Internet users into downloading the computer virus.

Users who click on the story are asked to click in a pop-up window to download an information file.

“In reality these are malicious files that are installed on the computer, and turn it into a zombie PC, that can be remotely controlled by hackers,” the firm said in a statement.

It said the cyber-attack appeared to have originated in China, based on analysis of the website domain names, which were all bought by a Chinese company linked to previous cyber-attacks.

Web users are advised not to visit the sites — which include bestbarack.com, jobarack.com, thebaracksite.com — unless they have powerful anti-virus protection.

Filed under: cyber security, Internet, News, , , , , , , , , ,

Global Trends

"The nature of conflict is changing. The risk of conflict will increase due to diverging interests among major powers, an expanding terror threat, continued instability in weak states, and the spread of lethal, disruptive technologies. Disrupting societies will become more common, with long-range precision weapons, cyber, and robotic systems to target infrastructure from afar, and more accessible technology to create weapons of mass destruction."
 
Global Trends and Key Implications Through 2035 from the National Intelligence Council Quadrennial Report GLOBAL TRENDS: The Paradox of Power

A World at War

The World is at War. It is a world war that is being fought right now, in real time, virtually everywhere on the planet. It is a world war that is, perhaps, more encompassing and global in nature than any other world war in history because, not only is it being fought by nations and their governments, it is also being fought by non-state actors such as terrorists, organized crime, unorganized crime, and many other known and unknown entities. It is a total world war being fought every day on the hidden and dark battle fields of the cyber domain. It is a war that, according to some intelligence estimates, has the potential to be as nearly as serious and as deadly as a nuclear war... [MORE]

 


 


ADVERTISEMENT

Author of the #1 New York Times bestseller Against All Enemies, former presidential advisor and counter-terrorism expert Richard A. Clarke sounds a timely and chilling warning about America’s vulnerability in a terrifying new international conflict—Cyber War! Every concerned American should read this startling and explosive book that offers an insider’s view of White House ‘Situation Room’ operations and carries the reader to the frontlines of our cyber defense. Cyber War exposes a virulent threat to our nation’s security. This is no X-Files fantasy or conspiracy theory madness—this is real... [MORE]

RSS ODNI News

  • An error has occurred; the feed is probably down. Try again later.

ADVERTISEMENT

Hackers are always pushing the boundaries, investigating the unknown, and evolving their art. Even if you don't already know how to program, Hacking: The Art of Exploitation, 2nd Edition will give you a complete picture of programming, machine architecture, network communications, and existing hacking techniques. Combine this knowledge with the included Linux environment, and all you need is your own creativity... [MORE]


ADVERTISEMENT

Web applications are the front door to most organizations, exposing them to attacks that may disclose personal information, execute fraudulent transactions, or compromise ordinary users. This practical book has been completely updated and revised to discuss the latest step-by-step techniques for attacking and defending the range of ever-evolving web applications... [MORE]

RSS NSA News


ADVERTISEMENT

“When it comes to what government and business are doing together and separately with personal data scooped up from the ether, Mr. Schneier is as knowledgeable as it gets…. Mr. Schneier’s use of concrete examples of bad behavior with data will make even skeptics queasy and potentially push the already paranoid over the edge.” (Jonathan A. Knee - New York Times)... [MORE]

RSS CIA News

  • New 9/11 Memorial at CIA Headquarters
    Feature Story: A rust-colored steel column recovered amid the rubble of the World Trade Center after the September 11, 2001 terrorist attacks has a new home at CIA Headquarters. The column now resides in a solemn memorial, a moving tribute to all those who died in the attacks on that fateful day, and serves as a space for Agency employees to honor the fallen […]
  • CIA Unveils Memorial to Agency K9s
    Blog Post: Earlier this year, the Agency unveiled a new stone monument to honor the dogs who have spent their lives in service to their country. Carved from a roughhewn boulder, the monument features a paw print, the Agency seal, and an imprint of the Security Protective Service badge.
  • A Day in the Life of a Publications Officer
    Feature Story: This is part of our series profiling CIA officers working in occupations not commonly associated with the Agency. We talk with them about their daily challenges and rewards, as well as some exceptional moments. We recently spoke with “Lynn,” a former schoolteacher who uses her keen eye for editing to create the intelligence publications, inclu […]
  • Director Haspel Announces Leadership Team
    Press Release: CIA Director Gina Haspel welcomed three senior officers to the Agency’s leadership team with the arrival of Deputy Director Vaughn Bishop, Chief Operating Officer (COO) Andrew (Andy) Makridis, and Chief Diversity and Inclusion Officer (CDIO) Sonya Holt.
  • DCIA Message to the Workforce: Sonya Holt Selected to Serve as CIA’s Chief Diversity & Inclusion Officer
    Statement: I am pleased to announce Sonya L. Holt’s selection as the Agency’s Chief Diversity and Inclusion Officer (CDIO). As a veteran officer who served more than three decades at CIA, Ms. Holt brings a wealth of experience and expertise to DIO. She is widely known for putting people first in order to accomplish CIA’s mission and has a proven record track […]

ADVERTISEMENT

The Blue Team Handbook is a zero fluff reference guide for cyber security incident responders and InfoSec pros alike. The BTHb includes essential information in a condensed handbook format about the incident response process, how attackers work, common tools, a methodology for network analysis developed over 12 years, Windows and Linux analysis processes, tcpdump usage examples, Snort IDS usage, and numerous other topics... [MORE]

RSS Defense Advanced Research Projects Agency (DARPA)

  • 2018/09/07 DARPA Announces $2 Billion Campaign to Develop Next Wave of AI Technologies September 7, 2018
    Over its 60-year history, DARPA has played a leading role in the creation and advancement of artificial intelligence (AI) technologies that have produced game-changing capabilities for the Department of Defense. Starting in the 1960s, DARPA research shaped the first wave of AI technologies, which focused on handcrafted knowledge, or rule-based systems capabl […]
  • 2018/08/17 Robotic Payload for RSGS Mission Moves to Next Phase of Development August 17, 2018
    DARPA has completed a major review milestone for its Robotic Servicing of Geosynchronous Satellites, or RSGS, program. Results from a recently completed preliminary design review showed that the robotic payload design – coupled with a spacecraft bus that Space Systems Loral (SSL) is providing through a partnership agreement – is on track to fulfill a multi-y […]
  • 2018/08/09 Restoring Trust in Electronic Documents August 9, 2018
    Today, the expeditious delivery of electronic documents, messages, and other data is relied on for everything from communications to navigation. As the near instantaneous exchange of information has increased in volume, so has the variety of electronic data formats–from images and videos to text and maps. Verifying the trustworthiness and provenance of this […]
  • 2018/07/24 DARPA Selects Teams to Unleash Power of Specialized, Reconfigurable Computing Hardware July 24, 2018
    The general-purpose computer has remained the dominant computing architecture for the last 50 years, driven largely by the relentless pace of Moore's Law-the transistor-scaling that has allowed for a half-century of rapid progress in electronics. As this trajectory shows signs of slowing, however, it has become increasingly more challenging to achieve p […]
  • 2018/07/24 Research Teams Selected to Lower Barriers to Modern System-on-Chip Design Announced July 24, 2018
    A once highly manual process, circuit design has been transformed by the advent of electronic design automation (EDA) tools and modular design methodologies. Despite continuing advances in automation technologies, the demand for increasingly complex System-on-Chip (SoC) platforms has shown no sign of slowing. Today's SoCs incorporate billions of transis […]

ADVERTISEMENT

RSS Cyber News (Google)

  • This RSS feed URL is deprecated September 19, 2018
    This RSS feed URL is deprecated, please update. New URLs can be found in the footers at https://news.google.com/news
  • Pentagon's new cyber strategy lists Russia, China as biggest threats - Fox News September 18, 2018
    Fox NewsPentagon's new cyber strategy lists Russia, China as biggest threatsFox NewsA summary of the strategy obtained by Fox News said the U.S. has been "engaged in a long-term strategic competition with China and Russia," but also named Iran and North Korea as nations using cyber warfare "to harm U.S. citizens and threaten U.S. ...DoD r […]
  • Cyber Conflict as an Academic Discipline: It's Not All Doom-and-Gloom - Council on Foreign Relations (blog) September 18, 2018
    Council on Foreign Relations (blog)Cyber Conflict as an Academic Discipline: It's Not All Doom-and-GloomCouncil on Foreign Relations (blog)As few weeks ago on Net Politics, Melissa K. Griffith laid out the challenges facing academics who want to study cyber conflict. She highlights the start-up costs young academics face, the scare availability of data, […]
  • Data61 partners with Hensoldt Cyber for defence systems cyber protection - ZDNet September 18, 2018
    ZDNetData61 partners with Hensoldt Cyber for defence systems cyber protectionZDNetData61, the innovation arm of the Commonwealth Scientific and Industrial Research Organisation (CSIRO), has announced a partnership with Germany's Hensoldt Cyber that will focus on defending against cyber attacks. Under the arrangement announced at ...and more »
  • Ottawa launches probe of cyber security - The Globe and Mail September 19, 2018
    The Globe and MailOttawa launches probe of cyber securityThe Globe and MailCanada is conducting a national security analysis to minimize cyberthreats to the country from equipment made by foreign telecommunications companies, including China's Huawei – a study that has gained importance since the United States and Australia ...and more »
  • New cyber security centre to boost Asean's capabilities - The Straits Times September 18, 2018
    The Straits TimesNew cyber security centre to boost Asean's capabilitiesThe Straits TimesWith cyber attacks mounting, Singapore is expanding its programme to deepen Asean's cyber capabilities and enhance the region's ability to respond to emerging global cyberthreats. Announcing this yesterday at the opening of the third annual Singapore ...Si […]
  • Symantec to Provide Free Cyber Protection Ahead of Elections - Zacks.com September 19, 2018
    Symantec to Provide Free Cyber Protection Ahead of ElectionsZacks.comWith the mid-term elections knocking at the door, the need for tighter cyber security has increased to prevent any tampering activities. Symantec's free service will enable political candidates and campaigns to examine the security and authenticity of ...and more »
  • Cyber harassment advocate to discuss sexting, 'revenge porn' in MetroWest - MetroWest Daily News September 19, 2018
    Cyber harassment advocate to discuss sexting, 'revenge porn' in MetroWestMetroWest Daily NewsFRAMINGHAM — An advocate for tougher laws against online harassment will share her personal story and offer recommendations for making teens and adults safer online during a pair of appearances in the region this week. Darieth Chisolm, an author, life ...an […]
  • 1 in 4 Employees Have Experienced a Cyber-Attack or Data Breach - MarTech Series September 19, 2018
    MarTech Series1 in 4 Employees Have Experienced a Cyber-Attack or Data BreachMarTech SeriesGavan Doherty, CEO at 247meeting discusses these risks: “We were initially shocked that so many senior managers had experienced a cyber-attack or data breach, yet since they were the ones more willing to share conference call PINs and leave their ...
  • How brokers can better understand the cyber issues of SMBs - Insurance Business September 19, 2018
    Insurance BusinessHow brokers can better understand the cyber issues of SMBsInsurance BusinessThe number of US firms without any cyber insurance is dropping, from 50% last year to 24% in 2018, according to a recent survey from analytics firm FICO. Nonetheless, whether they're buying insurance or not, small and medium-sized businesses (SMBs) are ...
  • DNC Cyber Defenders Want Democrats To Purge Androids In Favor Of iPhones - Forbes September 19, 2018
    ForbesDNC Cyber Defenders Want Democrats To Purge Androids In Favor Of iPhonesForbesThe Democratic National Committee knows perhaps more than any other political body in America just how catastrophic a breach of its physical or digital defenses can be. From the Watergate break-ins to the alleged Russian hacks of its servers in the ...

ADVERTISEMENT

RSS Cyber War News (Bing)


ADVERTISEMENT

RSS Cyber Tag (Icerocket)


ADVERTISEMENT

RSS Cyberwar Tag (Wordpress)


ADVERTISEMENT


 
The Art of Attention

© 2016 PROSOCHĒ. All Rights Reserved.
Fair Use Policy ҩ Terms of Service ҩ Privacy Policy ҩ Contact

Cyber Threat Assessment

 


ADVERTISEMENT

In this New York Times bestselling investigation, Ted Koppel reveals that a major cyberattack on America’s power grid is not only possible but likely, that it would be devastating, and that the United States is shockingly unprepared... [MORE]


ADVERTISEMENT

As cyber-attacks dominate front-page news, as hackers join terrorists on the list of global threats, and as top generals warn of a coming cyber war, few books are more timely and enlightening than Dark Territory: The Secret History of Cyber War, by Slate columnist and Pulitzer Prize–winning journalist Fred Kaplan... [MORE]


ADVERTISEMENT

ADVERTISEMENT

Support CSWW

Please help improve CSWW by providing us with your comments, concerns, and questions at our FEEDBACK page.

Editor, CSWW

Kurt Brindley is a retired U.S. Navy Senior Chief who specialized in the fields of tele-communications and C4SRI systems Upon retirement from the navy, he spent nearly a decade as a defense industry consultant. He now writes full time... [MORE]


ADVERTISEMENT

Now in development for film by 20th Century Fox, award-winning CyberStorm depicts, in realistic and sometimes terrifying detail, what a full scale cyber attack against present-day New York City might look like from the perspective of one family trying to survive it... [MORE]