Tag Archives: Cyberspace

[ISN] Why Silicon Valley Hackers Still Won’t Work With the Military, and Vice Versa

http://motherboard.vice.com/read/why-silicon-valley-hackers-still-wont-work-with-the-military-and-vice-versa By Kari Paul Contributor Motherboard.vice.com February 26, 2015 In the fight to defend cyberspace from its enemies, the US military is rushing to hire as many skilled hackers as it can. But no one is really sure how to get the two cultures to coexist. Although the feds have implied they’re willing to loosen up some of their policies so that weed-smoking, basement-dwelling hacker stereotypes can work for government agencies, there are still some significant hurdles preventing the two industries from working together in earnest. At the first annual Future of War Conference on Wednesday, a panel of experts weighed in on the simmering Silicon Valley culture clash after an audience member asked why the US doesn’t just militarize Silicon Valley if private sector technology is so far ahead of the government’s own. “The real reason is DoD does not have a culture that would allow them in any way shape or form to manage a silicon valley operation,” said Brad Allenby, a faculty member at Arizona State University Center on the Future of War. “Someone high on coke, Skittles and slinging code is not a good candidate for basic training,” he later joked. Peter Singer, a strategist and senior fellow at the think tank New America Foundation, said the chasm between the private tech sector and the government is only widening—a trend that will have big implications for the “extraordinarily difficult” technological components of future war. […]




Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Offensive Cyber Operations in US Military Doctrine

http://fas.org/blogs/secrecy/2014/10/offensive-cyber/ By Steven Aftergood Federation of American Scientists Oct. 22, 2014 A newly disclosed Department of Defense doctrinal publication acknowledges the reality of offensive cyberspace operations, and provides a military perspective on their utility and their hazards. Attacks in cyberspace can be used “to degrade, disrupt, or destroy access to, operation of, or availability of a target by a specified level for a specified time.” Or they can be used “to control or change the adversary’s information, information systems, and/or networks in a manner that supports the commander’s objectives.” However, any offensive cyber operations (OCO) must be predicated on “careful consideration of projected effects” and “appropriate consideration of nonmilitary factors such as foreign policy implications.” “The growing reliance on cyberspace around the globe requires carefully controlling OCO, requiring national level approval,” according to the newly disclosed Cyberspace Operations, Joint Publication 3-12(R). […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] China Wants To Replicate NSA’s Cyber Schools

http://www.defenseone.com/threats/2014/09/china-wants-replicate-nsas-cyber-schools/94475/ By Aliya Sternstein Nextgov Sept 18, 2014 Chinese universities are welcome to adopt the U.S. National Security Agency’s cyber education program, the top U.S. computer security education official said, after a recent trip to Beijing. Entrepreneurs in China have voiced support for improving the notoriously spotty relations between the U.S. and China in cyberspace by patterning Chinese courses on NSA-approved curricula, said Ernest McDuffie, head of the National Initiative for Cybersecurity Education. The offer of shared cybersecurity training comes at a time when both countries are exchanging accusations of hacking each other’s trade secrets. Both parties have denied these allegations. “It’s not like we’re giving away some deep, dark secret that they didn’t know before,” McDuffie said during an interview. “And it gives you the chance to put ethics into the mix.” […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Chinese hackers successfully attacked military contractors for 12 months: Senate probe

http://www.washingtontimes.com/news/2014/sep/17/chinese-hackers-successfully-attacked-military-con/ By Douglas Ernst The Washington Times September 17, 2014 A yearlong investigation into cyberattacks on U.S. military contractors for U.S. Transportation Command found that 50 such incidents occurred over the 12 months beginning June 1, 2012. “These peacetime intrusions into the networks of key defense contractors are more evidence of China’s aggressive actions in cyberspace,” Sen. Carl Levin, the Senate Armed Services Committee chairman from Michigan, said in a statement released with the report on Wednesday. The committee’s report found that at least 20 of the attacks were successful in achieving China’s objective, and of those 20, Transcom initially only caught two, Reuters reported Wednesday. U.S. military personnel were said to be mostly in the dark about the security breaches due to gaps in reporting requirements of its contractors, the report concluded, Reuters reported. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Commentary: Cyber Deterrence Is Working

http://www.defensenews.com/article/20140730/DEFFEAT05/307300017/Commentary-Cyber-Deterrence-Working By Jason Healey Defense News July 30, 2014 Despite the mainstream view of cyberwar professionals and theorists, cyber deterrence is not only possible but has been working for decades. Cyberwar professionals are in the midst of a decades-old debate on how America could deter adversaries from attacking us in cyberspace. In 2010, then-Deputy Defense Secretary Bill Lynn summed up the prevailing view that “Cold War deterrence models do not apply to cyberspace” because of low barriers to entry and the anonymity of Internet attacks. Cyber attacks, unlike intercontinental missiles, don’t have a return address. But this view is too narrow and technical. The history of how nations have actually fought (or not fought) conflicts in cyberspace makes it clear deterrence is not only theoretically possible, but is actually keeping an upper threshold to cyber hostilities. The hidden hand of deterrence is most obvious in the discussion of “a digital Pearl Harbor.” In 2012, then-Defense Secretary Leon Panetta described his worries of such a bolt-from-the-blue attack that could cripple the United States or its military. Though his phrase raised eyebrows among cyber professionals, there was broad agreement with the basic implication: The United States is strategically vulnerable and potential adversaries have both the means for strategic attack and the will to do it. But worrying about a digital Pearl Harbor actually dates not to 2012 but to testimony by Winn Schwartau to Congress in 1991. So cyber experts have been handwringing about a digital Pearl Harbor for more than 20 of the 70 years since the actual Pearl Harbor. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] We’re Saved! Experts Show How to Fix U.S. Cybersecurity

http://www.defenseone.com/technology/2014/05/were-saved-experts-show-how-fix-us-cybersecurity/83734/ By Patrick Tucker Defense One May 4, 2014 The date is April 4, 2015. A major cyberattack hits two generators in Florida, knocking out power in the cities of Coral Springs and St. Augustine, leading to multiple deaths and millions of dollars lost. One month later, Congress has to get a bill to the president to fix the vulnerability. But political gridlock, media histrionics and aggressive lobbying from industry makes passage of a bill far from certain. With this as their background, 350 members of the Truman National Security Project ran a massive simulation on Saturday to see if the United States was capable of passing legislation to fix the nation’s cyber vulnerabilities in the aftermath of a national crisis. In a few rooms at the Washington Plaza hotel, the simulation played out dramatically over the course of four hours. The feel was Washington, D.C., at hyper-speed. Five minutes into the experiment, a poll revealed the president’s approval rating falling to 35 percent, with the public trusting Republicans more than Democrats to handle cybersecurity. Rumors about the origin of the attack moved in whispers. Within ten minutes, business interests sought full liability protection for American utility companies and software providers. Players’ phones buzzed with push notifications from dueling press releases, news reports and polls, adding a realistic urgency to the action. The exercise represented something of a first in size and scope for legislative simulations, with players drawn from Hill staff, the cybersecurity field, and the military. In theory, it showed that Congress and the White House are capable of passing a cybersecurity bill with mandatory standards for industry. Matt Rhoades, director of the cyberspace and security program at Truman and the designer of the experiment, described it as an acid test to reveal the effectiveness of the White House’s recent Cybersecurity Framework, released in February. The framework is a set of practices and guidelines for utility companies, software designers and cybersecurity players to protect the nation’s critical infrastructure from attack. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Cyber Security: Why Nigeria Needs Computer Emergency Response Team

http://leadership.ng/news/368843/cyber-security-nigeria-needs-computer-emergency-response-team By Nkechi Isaac Leadership April 29, 2014 Cybercrime is one of the fastest growing areas of crime. More and more criminals are exploiting the speed, convenience and anonymity that modern technologies offer in order to commit a diverse range of criminal activities. These include attacks against computer data and systems, identity theft, the distribution of child sexual abuse images, internet auction fraud, the penetration of online financial services, as well as the deployment of viruses, Botnets, and various email scams such as phishing. The global nature of the Internet has allowed criminals to commit almost any illegal activity anywhere in the world, making it essential for all countries to adapt their domestic offline controls to cover crimes carried out in cyberspace. The use of the Internet by terrorists, particularly for recruitment and the incitement of radicalization, poses a serious threat to national and international security. In addition, the threat of terrorism forces authorities to address security vulnerabilities related to information technology infrastructure such as power plants, electrical grids, information systems and the computer systems of government and major companies. Speaking at the handover and launching of the Computer Emergency Readiness and Response Team (CERTT.ng) Ecosystem by Consultancy Support Services (CS2) to the National Information Technology Development Agency (NITDA), the former acting director-general of the agency, Dr. Ashiru Daura, said the project marked a turning point in the fight against cyber crime in Nigeria. Daura said, “CERTT.ng is concerned with cyber crime which is crime committed on the cyber space, the internet. A lot of these crimes, which are of different kinds, happen every minute and every second, now even though we try as much as possible to provide protection for our systems, our networks some of these criminals penetrate or attack. So, there is need for us to do at least two things and these are to repel the attack and recover the systems, to make sure that we can come back to our original status as fast as we can and then also learn few lessons from the attack. That’s the purpose for this team which is to provide response to any threat or attack in the cyber space.” […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Secret Shin Bet Unit at The Front Lines of Israel’s Cyber-War

http://www.israelnationalnews.com/News/News.aspx/179925 By Tova Dvorin Arutz Sheva 4/25/2014 Several weeks ago, a vigilante by the name of “Buddhax” made waves when he exposed the true faces – and names and passwords – of several anti-Israel hackers who participated in the #OpIsrael project to launch a cyber-attack against Israel. Now, nearly one month later, Channel 2 revealed Friday the existence of another party responsible for keeping Israel’s cyberspace safe: a secret unit of the Israeli Security Agency (ISA), or Shin Bet. Tens of hackers work in S-74, the codename for the Shin Bet unit which protects Israeli cyberspace. For days, they will cluster around their computers, tracking the suspicious movements of “Anonymous” hacktivists around the world. Then, just moments before a hack will disrupt a system, they will strike – without anyone even knowing the Shin Bet was involved. “We have prepared well in advance, we follow networks around the world closely and collect intelligence through HUMINT and SIGINT [human intelligence and signals intelligence, respectively – ed.],” Alon, an S-74 member, revealed to the daily Friday. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail