Tag Archives: Cyberspace

Security

[ISN] A disaster foretold — and ignored

http://www.washingtonpost.com/sf/business/2015/06/22/net-of-insecurity-part-3/ By Craig Timberg The Washington Post June 22, 2015 The seven young men sitting before some of Capitol Hill’s most powerful lawmakers weren’t graduate students or junior analysts from some think tank. No, Space Rogue, Kingpin, Mudge and the others were hackers who had come from the mysterious environs of cyberspace to deliver a terrifying warning to the world. Your computers, they told the panel of senators in May 1998, are not safe — not the software, not the hardware, not the networks that link them together. The companies that build these things don’t care, the hackers continued, and they have no reason to care because failure costs them nothing. And the federal government has neither the skill nor the will to do anything about it. “If you’re looking for computer security, then the Internet is not the place to be,” said Mudge, then 27 and looking like a biblical prophet with long brown hair flowing past his shoulders. The Internet itself, he added, could be taken down “by any of the seven individuals seated before you” with 30 minutes of well-choreographed keystrokes. The senators — a bipartisan group including John Glenn, Joseph I. Lieberman and Fred D. Thompson — nodded gravely, making clear that they understood the gravity of the situation. “We’re going to have to do something about it,” Thompson said. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail
Tags: , , , , , , , , , , , , , , , , , ,
Security

[ISN] Industry cyber info-sharing body to launch new ‘ISAO’ for insurers

http://insidecybersecurity.com/Cyber-General/Cyber-Public-Content/industry-cyber-info-sharing-body-to-launch-new-isao-for-insurers/menu-id-1089.html Inside Cybersecurity May 13, 2015 The information-sharing entity for industrial control system operators is being folded into Webster University’s “Cyberspace Research Institute” and will announce next week that it is launching a new information sharing and analysis organization, or ISAO, for the insurance sector. Webster’s Cyberspace Research Institute, known as the CRI, will also bid to be selected by the Department of Homeland Security as the private-sector standards-setting body for ISAOs, according to Chris Blask, the ICS-ISAC executive director. DHS is expected to release a “grant opportunity notice” in the near term. Blask will continue to lead the ICS-ISAC within the Webster cyber institute, and the existing info-sharing body will keep its name. Blask has been an active promoter of info-sharing initiatives and the framework of cybersecurity standards developed by the National Institute of Standards and Technology. Webster’s cybersecurity program was launched in 2014 and is the brainchild of Tom Johnson, chief of strategic initiatives at the school and a pioneer in cybersecurity education. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail
Tags: , , , , , , , , , , , , , ,
Security

[ISN] Strategic Friendship in Asymmetric Domain)

http://www.pircenter.org/en/blog/view/id/208 By Oleg Demidov PIR Center 09.05.2015 The bilateral intergovernmental Russian-Chinese agreement on cooperation in the field of international information security which was signed on May 8, 2015 during the visit to Moscow of Xi Jinping, General Secretary of the CPC and the President of China, could potentially become an important milestone in Russia’s strategy of pivoting to the East. Though in its current state the agreement rather provides a general cooperation framework, it also provides a broad range of directions for further practical cooperation steps and efforts between the two countries. It primarily focuses on systemic information exchange between special services of the two states, joint monitoring and prevention of escalation of serious incidents and especially conflicts in cyberspace, ensuring and strengthening cybersecurity of critical infrastructures, countering ICT-enabled forms and methods of terrorism, exchange of expertise and academic knowledge on cybersecurity, etc. A strong focus in made on joining efforts in countering the unlawful use of ICTs targeted at “undermining of social order, political and social stability, provoking extremism, hate and social unrest”, and even (and this is something quite new even for Russian doctrines, let alone intergovernmental agreements) “threatening to the spiritual sphere” of the two nations. Noteworthy, the agreement for the first time for a Russian official international document operates with the notion of strategic stability with regard to cyberspace and information security. Previously, a more broad and vague notion of ICT-enabled threats to international peace and security was used. Something distinct from a mere terminological equilibristic, this conceptual update serves as an indicator of the fact that Moscow now truly regards China as a strategic partner in the dialogue on political and military dimension of cybersecurity. The discourse of strategic stability was always linked to the issues of WMD strategic balance and (in Russian view) strategic antimissile defense. Now cybersecurity has a strong presence in this “elite club” of ultimate global security factors in the Russian strategic thinking, and first intergovernmental manifestation of this paradigm is addressed to and agreed with China. Accidentally or not, this aspect reveals interesting intersections with the recently published updated DoD’s Strategy for Cyberspace, which has replaced the previous document from 2011, even having in mind that an intergovernmental agreement and a national strategy are very different documents in terms of their scope and purposes. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail
Tags: , , , , , , , , , , , , , , , , , , , , , , , ,
Security

[ISN] Preparing for Warfare in Cyberspace

http://www.nytimes.com/2015/04/28/opinion/preparing-for-warfare-in-cyberspace.html By THE EDITORIAL BOARD The New York Times APRIL 28, 2015 The Pentagon’s new 33-page cybersecurity strategy is an important evolution in how America proposes to address a top national security threat. It is intended to warn adversaries — especially China, Russia, Iran and North Korea — that the United States is prepared to retaliate, if necessary, against cyberattacks and is developing the weapons to do so. As The Times recently reported, Russian hackers swept up some of President Obama’s email correspondence last year. Although the breach apparently affected only the White House’s unclassified computers, it was more intrusive and worrisome than publicly acknowledged and is a chilling example of how determined adversaries can penetrate the government system. The United States’ cybersecurity efforts have typically focused on defending computer networks against hackers, criminals and foreign governments. Playing defense is still important, and the Obama administration has started to push Silicon Valley’s software companies to join in that fight. But the focus has shifted to developing the malware and other technologies that would give the United States offensive weapons should circumstances require disrupting an adversary’s network. The strategy document provides some overdue transparency about a military program that is expected to increase to 6,200 workers in a few years and costs billions of dollars annually. Officials apparently hope talking more openly about America’s plans will deter adversaries who view cyberattacks as a cheap way to gather intelligence from more destructive operations. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail
Tags: , , , , , , , , , , , , , , , , , , , ,
Security

[ISN] Will China and America Clash in Cyberspace?

http://www.nationalinterest.org/feature/will-china-america-clash-cyberspace-12607 By Jon R. Lindsay, Tai Ming Cheung, Derek Reveron The National Interest April 12, 2015 The information revolution has been a mixed blessing for China and the world. On one hand, computer networks enhance economic productivity, national security, and social interaction. On the other, valuable information infrastructure provides lucrative targets for thieves, spies, and soldiers. Nearly every type of government agency, commercial firm, and social organization benefits from information technology, but they can also be harmed through cyberspace. Not a week goes by where a major hack is not reported in the media or countries chastise each other for cyberespionage. In the absence of shared norms or even concepts, cybersecurity discourse becomes mired in competing morality tales. Chinese hackers are pillaging intellectual property and creating asymmetric threats. The National Security Agency (NSA) is jeopardizing civil liberties and weakening the Internet. Communist censorship is undermining the democratic promise of information technology, even as American firms unfairly dominate its development. Cybercrime is costing everyone trillions of dollars. There is a grain of truth in all of these claims, which means that the phenomenon as a whole must be more complicated than any one suggests. China both generates and experiences serious cyber threats, shaped by a combination of bureaucratic politics and economic policy, domestic security imperatives, military modernization, and ambitions for international influence. Nevertheless, the United States and China both have far more to gain than lose through their digital interdependence. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail
Tags: , , , , , , , , , , , , , , , , , ,
Security

[ISN] China Reveals Its Cyberwar Secrets

http://www.thedailybeast.com/articles/2015/03/18/china-reveals-its-cyber-war-secrets.html By Shane Harris The Daily Beast March 18, 2015 A high-level Chinese military organization has for the first time formally acknowledged that the country’s military and its intelligence community have specialized units for waging war on computer networks. China’s hacking exploits, particularly those aimed at stealing trade secrets from U.S. companies, have been well known for years, and a source of constant tension between Washington and Beijing. But Chinese officials have routinely dismissed allegations that they spy on American corporations or have the ability to damage critical infrastructure, such as electrical power grids and gas pipelines, via cyber attacks. Now it appears that China has dropped the charade. “This is the first time we’ve seen an explicit acknowledgement of the existence of China’s secretive cyber-warfare forces from the Chinese side,” says Joe McReynolds, who researches the country’s network warfare strategy, doctrine, and capabilities at the Center for Intelligence Research and Analysis. McReynolds told The Daily Beast the acknowledgement of China’s cyber operations is contained in the latest edition of an influential publication, The Science of Military Strategy, which is put out by the top research institute of the People’s Liberation Army and is closely read by Western analysts and the U.S. intelligence community. The document is produced “once in a generation,” McReynolds said, and is widely seen as one of the best windows into Chinese strategy. The Pentagon cited the previous edition (PDF), published in 1999, for its authoritative description of China’s “comprehensive view of warfare,” which includes operations in cyberspace. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail
Tags: , , , , , , , , , , ,
Security

[ISN] Why Silicon Valley Hackers Still Won’t Work With the Military, and Vice Versa

http://motherboard.vice.com/read/why-silicon-valley-hackers-still-wont-work-with-the-military-and-vice-versa By Kari Paul Contributor Motherboard.vice.com February 26, 2015 In the fight to defend cyberspace from its enemies, the US military is rushing to hire as many skilled hackers as it can. But no one is really sure how to get the two cultures to coexist. Although the feds have implied they’re willing to loosen up some of their policies so that weed-smoking, basement-dwelling hacker stereotypes can work for government agencies, there are still some significant hurdles preventing the two industries from working together in earnest. At the first annual Future of War Conference on Wednesday, a panel of experts weighed in on the simmering Silicon Valley culture clash after an audience member asked why the US doesn’t just militarize Silicon Valley if private sector technology is so far ahead of the government’s own. “The real reason is DoD does not have a culture that would allow them in any way shape or form to manage a silicon valley operation,” said Brad Allenby, a faculty member at Arizona State University Center on the Future of War. “Someone high on coke, Skittles and slinging code is not a good candidate for basic training,” he later joked. Peter Singer, a strategist and senior fellow at the think tank New America Foundation, said the chasm between the private tech sector and the government is only widening—a trend that will have big implications for the “extraordinarily difficult” technological components of future war. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail
Tags: , , , , , , , , ,
Security

[ISN] Offensive Cyber Operations in US Military Doctrine

http://fas.org/blogs/secrecy/2014/10/offensive-cyber/ By Steven Aftergood Federation of American Scientists Oct. 22, 2014 A newly disclosed Department of Defense doctrinal publication acknowledges the reality of offensive cyberspace operations, and provides a military perspective on their utility and their hazards. Attacks in cyberspace can be used “to degrade, disrupt, or destroy access to, operation of, or availability of a target by a specified level for a specified time.” Or they can be used “to control or change the adversary’s information, information systems, and/or networks in a manner that supports the commander’s objectives.” However, any offensive cyber operations (OCO) must be predicated on “careful consideration of projected effects” and “appropriate consideration of nonmilitary factors such as foreign policy implications.” “The growing reliance on cyberspace around the globe requires carefully controlling OCO, requiring national level approval,” according to the newly disclosed Cyberspace Operations, Joint Publication 3-12(R). […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail
Tags: , , , , , , , , , ,