Cyber Defense Weekly February 22, 2010
| Greetings everyone,
Welcome to the new friendlier format for the Cyber Defense Weekly. This new set-up will allow me to use more pictures and, most importantly, add a sidebar that highlights upcoming security-related summits, conferences, events, and also podcasts and webinars.
I hope you find the new information helpful. If you would like to have an event, podcast, or webinar listed at a very reasonable rate contact me at karen@it-harvest.com. |
| From Richard Stiennon: Weapon of cyber war demonstrated |
|
 Imagine what a cyber offensive capability would look like. Lots of discourse on US military uses of cyber attack has been bandied about this past year, but there has been no discussion of the actual tools. Sure, it is assumed the cyber espionage techniques are in use by all parties. But direct attacks to take down servers is either limited to DDoS, using bots or server farms to generate an overwhelming force, or kinetic attacks that would take out fiber via dragging anchors or well placed explosives. For a demonstration of a cyber weapon, fittingly named XerXeS after the warrior kink of Persia, watch the video that J35t3r (Jester) put together and that Anthony Freed over at Security Island has published. The Jester has advanced his anti-jihadi tool-chest considerably with an interactive interface complete with animated heart beat, and exploding targets. The backend reportedly has been enhanced to use multiple source obfuscation techniques that hide the location of his attacking machine. I assume that the source will always appear different to the victim if they examine their logs. The autonomous aspect that allows him to set it up and let it run enhances his ability to cause havoc with his enemies, Taliban and other Jihadists actively using the Internet to recruit, train, and promulgate their anti-Western views. |
|
|
Fatal System Error - New book by Joseph Menn |
|
 Fatal System Error penetrates both the Russian cyber-mob and the American mafia as the two fight over the Internet's massive spoils. It takes readers into the murky hacker underground, traveling the globe from San Francisco to Costa Rica, London, and Russia. Using unprecedented access to mob businesses and Russian officials, it shows how top criminals earned protection from the Russian government and how Barrott Lyon and Andrew Crocker got closer to the titans of the underground economy than any previous outsider. Joseph Menn covers cybersecurity and other technology issues for the Financial Times.
|
|
| Is the U.S. prepared to handle a cyber attack? A mock doomsday scenario suggests otherwise | |
|
Flanked by three giant screens streaming digital grid maps and live news feeds, 10 former senior administration and national security officials sat on a specially constructed stage, ready to tackle an impending cyber threat - in real-time, before a live audience. "What you're about to see is not real," CNN's Wolf Blitzer warned the audience. "But the threat is very real indeed." For three hours Tuesday morning, a room in the Mandarin Oriental Hotel in Washington was converted into a mock White House Situation Room. A bipartisan think tank created the simulation, titled "Cyber ShockWave," which was designed to showcase the dangers of cyberterrorism and how well- (or ill-) equipped the U.S. government would be in handling a crippling attack on America's infrastructure and economic system. Key players were former top U.S. officials who assumed the roles of Cabinet members. While the U.S. government has held private versions of cyberwar games in the past, Tuesday's event marked the first live session open to the press. As a result, the event attracted a large crowde of journalists representing news outlets ranging from the Web-based Tech Herald to major news media like the Los Angeles Times. In the end, the session cast doubt about how well-prepared the government would be in handling a cyber threat. A lot of circular debate, questioning and cross-departmental conflicting concerns left no firm conclusions at the end of the morning. Not even a state-of-the-art, well-designed studio set-up could mask the sense of uncertainty present in the room. And much of the news media caught on.
|
|
| Hacking inquiry puts China's elite in new light | |
|
With its sterling reputation and its scientific bent, Shanghai Jiaotong University has the feel of an Ivy League institution. The university has alliances with elite American ones like Duke and the University of Michigan. And it is so rich in science and engineering talent that Microsoft and Intel have moved into a research park directly adjacent to the school. But Jiaotong, whose sprawling campus here has more than 33,000 students, is facing an unpleasant question: is it a base for sophisticated computer hackers? Investigators looking into Web attacks on Google and dozens of other American companies last year have traced the intrusions to computers at Jiaotong as well as an obscure vocational school in eastern China, according to people briefed on the case. Security experts caution that it is hard to trace online attacks and that the digital footprints may be a "false flag," a kind of decoy intended to throw investigators off track. But those with knowledge of the investigation say there are reliable clues that suggest the highly sophisticated attacks may have originated at Jiaotong and the more obscure campus, Lanxiang Vocational School in Shandong Province, an institution with ties to the Chinese military.
|
|
| Teaming up for security | |
|
Secretary of State Hillary Clinton has commendably warned states, terrorists and their proxies that America will protect its computer networks. To do so, however, the federal government must do much more to reach out to the private sector, which controls the vast majority of U.S. critical infrastructure, from banks to communications to energy. Cyber security affects every American. It enables the operation of nearly every part of the economy, from banking to manufacturing to retail to health care. Numerous critical infrastructure systems (electrical, fuel distribution, transportation, communication, financial and more) can go dark, collapse, derail or explode if their networks are subverted. Classified national security activities are generally well protected, so hackers focus on other sensitive but potentially more vulnerable networks and information.
|
|
| Feds change cybersecurity strategy - again |
|
|
Yesterday the Office of Management and Budget (OMB)announced that it will no longer pursue the Trusted Internet Connect (TIC) initiative first announced in November 2007. TIC was considered one of the cybersecurity efforts making up the Comprehensive National Cybersecurity Initiative (CNCI) which was born out of National Security Presidential Directive (NSPD) 54 and Homeland Security Presidential Directive (HSPD) 23 in January 2008. Unless you are somewhere between Foggy Bottom and Independence Ave. SE you are probably confused by all of these acronyms so allow me to explain. Back in 2007 there were thousands of Internet connections across the Federal government. This was viewed as a tremendous problem since each connection was a potential ingress point for malicious code and hacker attacks. TIC proposed a simple solution to the problem -- decrease the number of Internet connections to as few as possible and then secure the heck out of the remaining connections. I believe the ultimate goals was to reduce the thousands of Internet connections to something like 50. Throughout 2008 and 2009 the Feds boasted about the tremendous progress they were making.
|
|
|
MediaWidget |
|
 Easy iPod and iPhone transfer, backup, and recovery MediaWidget is an easy to use iPod utility designed to help you get more out of your iPod. Recover lost or missing music, backup and restore all of your iPod content, play music on your PC directly from your iPod, and that's not all. |
|
|
VideoWizard |
|
 Convert DVDs and videos to the iPod, iPhone, PSP, Zune, and AppleTVWith VideoWizard, you can convert DVDs and video files of all types to play on your iPhone, iPod, PSP, Zune, and AppleTV, all from a simple, easy-to-navigate interface.
Click here for more info and to purchase
|
|
| India under attack | |
|
In the second half of January, the Indian government detected a deliberate hacker attack on nearly 500 PCs used by key government officials. At least 30 of these attacks succeeded. Examination of the attacks indicate that the source was China. The information being sought in the attacks would have been of benefit to China, since several security organizations, involved in dealing with China, were hit. The Indian National Technical Research Organization (NTRO) had earlier set up rapid reaction teams for situations like this, and the teams were essential in containing the latest attack, and identifying the source. Over the last few years India has been are upgrading their Cyber War capabilities, partly by calling on allies for help. India has become a big customer of Israeli military equipment, and this now includes assistance in protecting themselves from Cyber War threats, especially from Pakistan and China.
|
|
| Cyber war game shows U.S. has a lot to do |
|
|
Former U.S. security officials say the government needs the authority to monitor the Internet and millions of cell phones during a major cyber attack. The conclusion came at the end of a high-profile "war game" sponsored by the Bipartisan Policy Center that simulated an incident in which a virus cripples not only the Internet but the national telecommunications and power grids. "Americans need to know that they should not expect to have their cell phone and other communications to be private," said Jamie Gorelick, a former deputy attorney general who took part in the exercise, "not if the government is going to have to take aggressive action to tamp down the threat."
|
|
| Richard Bejtlich's reaction to cyber shockwave | |
|
I just finished watching Cyber Shockwave, in the form of a two hour CNN rendition of the 16 February 2010 simulation organized by the Bipartisan Policy Center. The fake NSC meeting was held in response to a fictitious "cyber attack" against US mobile phones, primarily caused by a malicious program called "March Madness." (BPC). The event simulated, in real time, a meeting of the US National Security Council, with former government, military, and security officials role-playing various NSC participants. The simulation was created by former CIA Director General Michael Hayden and the BPC's National Security Preparedness Group, led by the co-chairs of the 9/11 Commission, Governor Thomas Kean and Congressman Lee Hamilton. |
|
| Chinese school linked to Google attacks also linked to '01 attacks on White House site |
|
|
One of two Chinese academic institutions identified in a New York Times report Thursday as the apparent source of the recent attacks against Google, has also been linked to a hacker who may have been involved with the takedown of whitehouse.gov in 2001. The Times yesterday reported that the recent cyberattacks against Google and more than 30 other organizations appeared to have originated from computers at two schools in China. One of the schools was identified as the Shanghai Jiaotong University; the other, as the Lanxiang Vocational School, an academic institution in China's Shandong Province with apparent ties to the country's military. A U.S. military contractor attacked in the same manner as Google, has even pointed investigators to a specific computer science class taught by a Ukrainian professor at the vocational school as one source of the attacks, the Times said. The newspaper, quoting unnamed investigative sources, said the attacks on Google and more than 30 other technology companies appear to have begun in April -- much earlier than previously believed. If evidence of the schools' involvement bears out, it could cast doubt on the assumption that the Chinese government or military was directly involved in the attacks, the Times said.
|
|
| Reality of Cyberwar | |
|
A very recent assessment by a highly reputed London-based think-tank that cyber warfare between nations is a reality and cannot be brushed aside as fanciful should make us sit up and take notice. The warning is contained in an annual report, The Military Balance, issued by the International Institute for Strategic Studies (IISS). This in-depth document analyses each year the competitive arms race that goes on between major nations and predicts its possible fall-out from the point of view of military capabilities and defence economics. The latest analysis, apart from citing threats in cyberspace, refers to dangers arising from the conflict in Afghanistan, the determined Chinese exercise to diversify its military prowess and the nuclear ambitions of Iran. As a Western analysis, it naturally devotes considerable attention to what is happening in China and North Korea, especially on the cyber front. Releasing the report, the IISS said: "Despite evidence of cyber attacks in recent political conflicts, there is little appreciation internationally of how to assess cyber-conflict. We are now, in relation to the problem of cyber-warfare, at the same stage of intellectual development as we were in the 1950s in relation to possible nuclear war." This may appear to be a strong statement, but it is obviously intended to shake policy makers out of their ignorance and complacence.
|
|
| James Fallows on China and cyberwar | |
|
Over at The Atlantic, James Fallows has a great piece on China's military and their cyberwar chops. The first segment is an excellent overview of the state of play on the US-China military rivalry in the real world. Fallows then dives into his main point: that on a virtual battlefield, China has some real power. A lot is the standard shadowy fearmongering: we are in a "pre-9/11 mindset," a "large-scale public breakdown" will occur, all our information in the cloud could simply dematerialize, etc. Some of that is bunk - short of a global EMP burst that fries all our electronics concurrently, we aren't going back to the stone age because Evil Hackers get inside the NYSE mainframes. More usefully, Fallows notes that China's disproportionate threat is not due to having the most skilled hackers (they don't) or most effective governmental coordination (he points at the French) but as pure numbers game, percentages of a 1.3 billion base. The infinite regress of smoke-filled (and often firetrap) underground Internet cafes in which I played Starcraft were crammed to the gills with computer-fluent Chinese youth. Now that they're grown up, some will be criminals, some will work for the government, most will stick with their video game addictions - and some will turn against the government. |
|
| Cyber attacks will 'catastrophically' spook public, warns GCHQ | |
|
A digital attack against the UK causing even minor damage would have a "catastrophic" effect on public confidence in the government, GCHQ has privately warned Whitehall. The Cheltenham spy agency's new Cyber Security Operations Centre (CSOC) makes the prediction in a document prepared for Cabinet Office and seen by The Register. Growing reliance on the internet to deliver public services will "quickly reach a point of no return", meaning "any interruption of broadband access becomes intolerable and will have serious impacts on the the economy and public well being", CSOC says. "A successful cyber attack against public services would have a catastrophic impact on public confidence in the government, even if the actual damage caused by the attack were minimal," it adds. The warning forms part of a preliminary "horizon scanning" report produced by the new unit, which is scheduled to begin operations next month. Its job will be to continually monitor internet security, producing intelligence on botnets, denial of service attacks and other digital threats to national security. |
|
