06.12.13
Posted in Cyberterrorism, Shoeshine at 3:15 pm by George Smith
One good thing about the Edward Snowden affair: It has quieted NSA director Keith Alexander on cyber-espionage against the US being the greatest transfer of wealth in history. At least for a moment.
In fact, it’s blown the Cult of Cyberwar and its army of shoeshine completely off the pages of the dailies.
In turnabout, we have Congressmen who just a couple weeks ago were warning about the perfidy of the Chinese, now trying to make themselves look good in grilling Keith Alexander.
Edward Snowden, make no mistake, was part of the big corporate shoeshine army of cybersecurity, the well-paid servants of the upper class, with the privilege of work in the national security megaplex.
That he left the fold is rather remarkable, considering the sheer size of the shoeshine army. Paid employment in the US does buy loyalty for most.
Anyway, today from the Guardian, what one would expect:
[NSA director Keith Alexander] said that “dozens” of terrorist attacks had been thwarted in part because of the domestic surveillance dragnet. But he did not give specific details …
Alexander said he struggled with how much detail to provide in public about the surveillance. “I would rather take a public beating, and let people think I’m hiding something, than jeopardize the security of this country,” Alexander testified. He said he would aim to declassify specific cases in which the two surveillance programs described by the Guardian had contributed to government efforts at thwarting terrorist attacks.
It’s reasonable to be a cynic, even healthy. Two months from now it will be business as usual. You wait and see.
The national security powers know it as does everyone else paying attention. One just has to be patient and the bad notices eventually blow away like dry dog excrement before the wind.
Too late now in the national security state. Always too late.
You do retain the freedom to shop, of course.
Keith Alexander and the Cult of Cyberwar — from the archives.
Permalink
06.09.13
Posted in Cyberterrorism, Shoeshine at 2:57 pm by George Smith
From the wire:
The source of the intelligence leaks that revealed the National Security Agency’s massive domestic surveillance program last week was identified on Sunday by the Guardian as Edward Snowden, a soft-spoken 29-year-old former technical assistant for the CIA and current employee of NSA defense contractor Booz Allen Hamilton …
“I don’t want to live in a society that does these sort of things,” Snowden said. “I do not want to live in a world where everything I do and say is recorded. That is not something I am willing to support or live under … I can’t in good conscience allow the U.S. government to destroy privacy, Internet freedom and basic liberties for people around the world with this massive surveillance machine they’re secretly building.”
Snowden said he decided to leave his family, girlfriend and a comfortable, $200,000-a-year salary behind, and flew to Hong Kong on May 20. He said he chose China because “they have a spirited commitment to free speech and the right of political dissent.”
The paradox of the leaker seeking refuge in China and spilling the beans at the very moment the Obama administration was mounting an unsubtle press campaign over the matter of Chinese cyber-espionage is noticeable.
As an employee of Booz Allen Hamilton, Snowden would have certainly been in the middle of things.
The head of that firm’s cybersecurity contracting arm, Michael McConnell, is and was one of the leading salesmen of cyberwar hype. The firm has a very large interest in expansion of its cybersecurity and cyberwar contracting business to the Department of Defense.
The lengthy and original profile of Snowden, at the Guardian.
Top cyberwar rent-seeker, Michael McConnell and Booz Allen Hamilton.
Michael McConnell and Booz Allen — from the archives.
Permalink
06.07.13
Posted in Culture of Lickspittle, Cyberterrorism, Made in China at 3:49 pm by George Smith
The massive leaks on the Obama administration’s cyber-spying and cyberwar initiatives to the Guardian come at an incredibly damaging time for the President.
In the run-up to this week’s talk with Chinese premier Xi Jinping in California the US government carefully laid the stage with selective news leaking on rampant Chinese cyber-spying. The cyber-spying operation, it was claimed, was aimed at everything, from priceless corporate intellectual property to the Department of Defense’s most expensive weapons systems.
There was the creation of a stealth corporate national security lobbying agency called the Intellectual Property Commission, its aim to recommend how the nation could protect its business stuff and ideas from Chinese predation. Millions of jobs had been lost, it claimed, billions of dollar in profit made gone.
It has all been a carefully wrought publicity operation, a deliberate and studied massage of the media to get out a message, one to shame and embarrass China’s rulers.
That was never going to work.
And this week, someone — in cahoots with the Guardian, has leaked explosive material on the US government’s cyberspying and cyberwar activities. Turns out, it’s not particularly surprising the National Security Agency (NSA) has been into everyone’s stuff domestically, all in the name of the war on terror.
Moreover, it appears this release has been strategically timed to come just at a delicate time for the Obama administration. News would have filled with just more of the same on Chinese cyberespionage.
Now the news is filled with information on NSA snooping.
Truth be told, the US has been in terrible position to lecture people on proper conduct in cyberspace since releasing the Stuxnet virus into Iranian networks in an effort to physically damage its nuclear program.
It set off an escalating cyber-arms race. This, in turn, triggered retaliations against US networks and greased the black market for the hoarding and clandestine sale of security vulnerabilities.
And for what? What has the exceptional nation, the one that can say do what we recommend but we reserve the right to do as we please, achieved?
What has the scooping up of all this private data accomplished?
Terrorism just isn’t that common in the US. The use of the biggest digital vacuuming operation in the world hasn’t accomplished much, looking at the black box from the outside.
For example, technically, the government would seem to have been able to sweep up all the on-line and credit card purchases of castor seeds as they happened or shortly after and, therefore, have had a database with the three latest perps in it.
But the FBI still went the wrong way a couple times, had to seize computers and finds the information within hours after descending on places. James Everett Dutschke, who bought on-line, was only identified after Paul Kevin Curtis’ lawyer fingered him. And it was Shannon Richardson who summoned the FBI to New Boston, not credit card purchases of castor seeds.
Anyway, a couple years back Tim Weiner’s history of the FBI, “Enemies,” mentioned the agency getting access to national e-mail through a program called Stellar Wind. It probably used the NSA as the technical collection means. This is more of the same. Only the names, data-mining software applications and corporate security contractors change.
More broadly, this is another issue where, if the national security megaplex can do something that means more for itself, it will do it.
The American people were never asked if they wanted everything about themselves in cyberspace and on the telephone shoved into a massive database, for the sake of safety during the war on terror. No one you know was consulted or asked for permission. It was just done.
And when you read the shock in some places on the net now, in this country anyway, you’re reading the opinions and feelings of the shoeshine upper middle class types who haven’t been sloughed off the US economy yet. They are so put out.
If you asked the people I see in the supermarket in Pasadena every evening about it (and I’ll be walking out to it in a few minutes), they wouldn’t know what’s being discussed. FISC? PRISM?
What’s NSA stand for?
They haven’t had the time or luxury to know. Their snooped-on smartphones are their connection to cyberspace and there’s not anything in this great mass of people that poses an existential national security threat.
So what does Keith Alexander make per year as the 4-star who’s head of the National Security Agency? He’s famously claimed that Chinese cyber-spying is resulting in the “greatest transfer of wealth in history.”
Who’s wealth, precisely?
It is fair game to discuss his compensation in relationship to these issues because nobody involved in this game is in the bottom three-quarters of the economic scorecard. The people implementing the mechanics of this kind of massive digital spying are all from the top, or employed in the national security servant class.
Alexander’s salary: somewhere between 230,000 and 290,000/year.
I don’t know anyone who makes that kind of money.
Permalink
06.06.13
Posted in Culture of Lickspittle, Cyberterrorism at 8:10 am by George Smith
Wants you to believe China cyberspying on the US constitutes the greatest transfer of wealth in history.
Famous last words.
Inconveniently, right when the President is ready to meet with the premier of China to discuss cyberespionage, the biggest spy on Americans is shown to be … four-star general Keith Alexander, director of the National Security Agency, pictured above.
From the Guardian:
The National Security Agency is currently collecting the telephone records of millions of US customers of Verizon, one of America’s largest telecoms providers, under a top secret court order issued in April.
The order, a copy of which has been obtained by the Guardian, requires Verizon on an “ongoing, daily basis” to give the NSA information on all telephone calls in its systems, both within the US and between the US and other countries.
The document shows for the first time that under the Obama administration the communication records of millions of US citizens are being collected indiscriminately and in bulk – regardless of whether they are suspected of any wrongdoing.
From the Obama administration, yada-yada:
The White House has sought to justify its surveillance of millions of Americans’ phone records as anger grows over revelations that a secret court order gives the National Security Agency blanket authority to collect call data from a major phone carrier.
Politicians and civil liberties campaigners described the disclosures, revealed by the Guardian on Wednesday, as the most sweeping intrusion into private data they had ever seen by the US government.
But the Obama administration, while declining to comment on the specific order, said the practice was “a critical tool in protecting the nation from terrorist threats to the United States”.
The secret Foreign Intelligence Surveillance Court (Fisa) granted the order to the FBI on April 25, giving the government unlimited authority to obtain the data for a specified three-month period ending on July 19.
Under the terms of the blanket order, the numbers of both parties on a call are handed over, as is location data, call duration, unique identifiers, and the time and duration of all calls. The contents of the conversation itself are not covered.
Readers may or may not recall part of the campaign on cyberwar, cybersecurity and cyberespionage has involved visits by Verizon executives, as well as leaders of other US big businesses, for talks exhorting them to support instantaneous information sharing about what’s going on on their networks with the National Security Agency.
I wish I could say I regret that cyber-spying has embarrassingly blown up in the administration’s face, at exactly the worst time.
But I’m not.
Like the Stuxnet virus deployed into Iran, this is another item putting the US hype generated on cyberwar into the cold water of a real world perspective.
There is what the US government and the national security megaplex say others are doing to us. And then there is what they are actually doing to us.
Keith Alexander and the Shoeshine Cult of Cyberwar — from the archives.
Permalink
06.03.13
Posted in Culture of Lickspittle, Cyberterrorism at 1:03 pm by George Smith
Because President Obama will be meeting China’s premier, Xi Jinping, will be meeting in southern California this week, count on the press to deluge everyone with pieces on the latter country’s cyberespionage, always said to be stealing our economic future, precious military designs, and everything.
Today the New York Times fulfills the role by finding two students at Yale Law School, both who were about four — or maybe younger — when talk of cyberwar and digital Pearl Harbor plundering the nation first started.
Because they have no history or background in cybersecurity or cyberwar, they are therefore the most senseless and fit for the job.
Write Jordan Chandler Hirsch and Sam Adelsberg of Yale, for the Times:
In confronting today’s cyberbattles, the United States should think less about the Soviets and more about pirates. Indeed, today’s cybercompetition is less like the cold war than the battle for the New World …
Among those who view these hostilities as the cold war redux, some are proposing a more strident response. Earlier this year, the United States military announced the formation of 13 units dedicated to offensive cyberstrikes and endorsed pre-emptive cyberattacks. And late last month, Jon M. Huntsman Jr., the former ambassador to China, and Dennis C. Blair, the former director of national intelligence, suggested allowing American companies to retaliate against Chinese hackers on their own.
This emergence of cyberhawks in both nations raises the odds of a hack’s [sic] becoming a cyberwar …
This is part of a slightly longer discussion in which the authors warn the country runs the risk of being like Spain sending the Armada against Elizabethan England.
“In these legally uncharted waters, only Elizabethan guile, not cold war brinkmanship, will steer Washington through the storm,” they conclude.
Elizabethan guile.
The only thing remarkable about the piece is that it’s at least the second time in about a week or so the Times has put the crackpot idea — from a lobbying firm for national security and corporate America called the Intellectual Property Commission — that American businesses ought to be empowered to conduct their own retaliatory cyberstrikes against China.
It’s an idea that’s truly excrement and has been treated primarily as such by experts and the tech press, or just about anyone not on the corporate/government cybersecurity payroll.
Nevertheless, the Times continues to push it on its opinion pages, today’s contribution by law students adding to it without actually having the nerve to express much of an opinion about it, one way or another.
What’s needed is Elizabethan guile, though.
Sam Adelsberg recommends Elizabethan strategy. Was about four when electronic Pearl Harbor was invented.
Jordan Chandler Hirsch. Here he recommends we give Israel fuel tankers so it can just go ahead and attack Iran without calling on us.
With future lawyers like this we’re in good hands.
The IP Commission — 1 Percenter stealth business and cyberwar lobby.
Permalink
05.29.13
Posted in Cyberterrorism at 1:05 pm by George Smith
The US is terribly positioned to talk of fair play in cyberspace. However, it pretends otherwise in the current campaign to boost cyberdefense-spending in the national security megaplex. Consider that one whole plank in the US discussion of China’s cyber-espionage is that the latter is not playing fair. American officials have lined up to assert this over and over, which led to this recent lampoon made for DD blog, one showing Michael Hayden, General Keith Alexander’s predecessor at the National Security Agency.
Hayden famously maintained stealing another country’s secrets for this country was for the security of American citizens, the preservation of liberty. The Chinese, on the other hand, were engaged in dirty pool, when they were stealing (or trying to steal) similar things.
Keith Alexander, the current head of the National Security Agency, in a quote widely used by others to frame an alleged unfolding disaster, claimed that what the Chinese are doing constitutes “the greatest transfer of wealth in history.”
I saw a video of when this was delivered to a small miscellaneous audience of inside-the-Beltway journalists and national security shoe-shine boys. No one blinked or asked a question.
Here’s another example from Bloomberg this week:
“China is doing stuff you’re not supposed to do,??? says Jacob Olcott, a principal at Good Harbor Security Risk Management, a Washington firm that advises hacked companies.
This is Richard Clarke’s firm talking. Clarke has mined the catastrophism end of the cybersecurity discussion since the Clinton administration. That’s a long time, from public service to the private sector and through non-fiction books and novels. As a celebrity in the arena, Clarke has taken it to the bank. Anyone speaking from Good Harbor is a sock puppet in the cause.
The Businessweek piece notes that the National Security Agency has been into everyone’s networks, accumulating so much experience and technical power that much of the routine penetration and collection is automated.
The Chinese are not moved by American complaints. And yesterday’s stunt in the Washington Post, in which it was implied that American weapon systems had been compromised, is not likely to change anything.
From Businessweek:
All this activity gives China leverage against Washington’s complaints, says Steven Aftergood, director of the Project on Government Secrecy at the Federation of American Scientists. Beijing can turn U.S. protests about industrial espionage around and claim that Washington is doing something even worse. “It’s OK to steal plans for a new automobile,??? Aftergood says the Chinese can argue, “but not our national secrets.???
If it is not China, more leaking, or tactical planting of information, is taken to the big media.
Earlier, the Wall Street Journal reported that Iran has been into corporate American energy infrastructure.
From the WSJ:
Iranian-backed hackers have escalated a campaign of cyberassaults against U.S. corporations by launching infiltration and surveillance missions against the computer networks running energy companies, according to current and former U.S. officials.
In the latest operations, the Iranian hackers were able to gain access to control-system software that could allow them to manipulate oil or gas pipelines. They proceeded “far enough to worry people,” one former official said.
The developments show that while Chinese hackers pose widespread intellectual-property-theft and espionage concerns, the Iranian assaults have emerged as far more worrisome because of their apparent hostile intent and potential for damage or sabotage.
The US touched off a hot covert war with Iran when it deployed the destructive Stuxnet malware and perhaps other viruses into that country’s networks in an attempt to derail or slow down its nuclear program. Many computer security experts not in the US government warned that this would touch off an cyber-arms race and escalations.
Unsurprisingly, it has.
In light of this the country continues to act as if it the exceptional nation. It balefully speaks of the actions of others against US networks while reserving the prerogative to conduct extra-legal operations against those deemed enemies. We can no longer have it both ways. There are costs as well as consequences and they quickly become obvious.
More from the WSJ:
In theory, manipulating the software could be used to delete important data or turn off key safety features such as the automatic lubrication of a generator, experts said.
Current and former U.S. officials wouldn’t name the energy companies involved in the attacks. or say how many there were. But among the targets were oil and gas companies along the Canadian border, where many firms have operations, two former officials said.
The officials also wouldn’t detail the precise nature of the evidence of Iranian involvement. But the U.S. has “technical evidence” directly linking the hacking of energy companies to Iran, one former U.S. official said.
The same people are gathered to comment.
The Richard Clarke sock puppet:
“If you were worried about cyberattacks against electric utilities five years ago, you’re still worried today,” said Jacob Olcott, a former cybersecurity aide on Capitol Hill now at GoodHarbor Consulting. “Some within the electric sector have become more savvy about security in recent years. Many are not.”
James Lewis, of the Center for Strategic and International Studies, who provides for every major story on impending cybertrouble:
“It’s reached a really critical level,” said James Lewis, a cybersecurity specialist at the Center for Strategic and International Studies, who frequently advises the White House and Capitol Hill. “We don’t have much we can do in response, short of kinetic warfare.”
The reliance on jargon is a bit cute. Kinetic sounds more erudite than blowing them up.
The Iranians are very threatening because they are bent on destruction, of setting an example of their power in cyberspace, reads the piece. There is the continuing implication that a country with a military that compares to the US as an ant compares to a hob-nailed boot has the potential to create a serious and horrid event in the continental US simply by pushing software switches from remote.
The Chinese, on the other hand, have “a 50-year plan” and are interested in maintenance of stability.
So they are only quietly stealing things.
The media selects and carefully grooms its stories, including those which involve cybersecurity and cyberwar. It actively excludes and edits those who do not exude the right tone.
This has always been so.
The Washington Post’s story on a DoD report and the confidential side of it which revealed China had allegedly compromised important US weapons platforms was guaranteed to generate copycat news pieces throughout the day and the rest of the week.
John Pike, in e-mail from GlobalSecurity.Org, with me:
“One of the networks did a pre-interview with me, but I was not
sufficiently alarmed, so they went with Richard Clarke instead.”
It was learned that this brand of posh wine was a favorite of Richard Clarke’s when he mentioned it repeatedly in Breakpoint, his techno-thriller novel which included cyberattacks on the country.
James Lewis — from the archives.
Permalink
05.28.13
Posted in Cyberterrorism at 2:24 pm by George Smith
If you’ve been following along it’s no secret the US government and the national security industry have been waging an increasingly concerted campaign to increase cyber-defense spending. The lynchpin of the strategy is the relentless argument that Chinese hackers, under the guidance of its government and military, are into all American corporate business, military networks and the nation’s infrastructure. Because of this catastrophe looms.
Another ploy in this orchestrated theatrical production arrived today in the guise of the Defense Science Board report, Resilient Military Systems and the Advanced Cyber Threat.
The report is here.
However, it is not the same report the Washington Post’s Ellen Nakashima publicized in a big story on alleged deep Chinese cyberespionage directed against the US military and its arms manufacturers.
“Designs for many of the nation’s most sensitive advanced weapons systems have been compromised by Chinese hackers, according to a report prepared for the Pentagon and to officials from government and the defense industry,” writes Nakashima for the Post.
The Post’s report never makes clear if classified information was taken. And it informs that internal US government discussion of some of the incidents with China is now over a year old.
What does seem to be secret, but in a selective way, is the Defense Science Report.
The Post reporter delivers the information on Chinese cyber-espionage by admitting she has access to a “confidential” section of the report not included in the copy made generally available to the public.
One of the definitions for “confidential” in Merriam-Webster is “private, secret.”
The public version of the DSB report contains only three instances of the word “China” and only one of “Chinese.” “Espionage” appears only four times in report’s 146 .pdf pages.
What does this mean?
It means one of the Defense Science Board’s members or minions — which can be any number of a pool of representatives from arms manufacturers like Boeing and Northrop Grumman, to consultants to these same businesses or small national security “think tanks” or lawyers in legal firms providing consultation on cybersecurity issues under contract to the Department of Defense — leaked the real report, the “confidential” part, to the Washington Post.
These are never selfless acts to get word out about an emerging national threat. That’s not how things work.
What it is is another report, among an increasing number, aimed at growing the national security industry’s cyberwar and cyber-defense programs, in which many of the Defense Science Board’s members are employed.
The secret report, the one the Washington Post tells us about, is to redirect attention toward a new threat. It is part of a national argument that generally lumps all cyber-crime , cyber-spying and claimed cyberwar into one big threat aimed at the United States, over everyone else.
Nakashima’s report for the Post grudging includes the information that spokesmen for the Chinese government have complained that it is the victim of hacking and cyberespionage, too.
Indeed, a recent set of articles in the Financial Times on the subject includes an analysis that recounts internal cyberespionage in China, a case in which groups of young hackers invade Chinese firms, as well as those in other countries, in collection of information and e-mails which can be sold to competing firms or used in extortion schemes.
China’s corporate security businesses are not as mature as American competitors, the FT informs. As a result, criminal hacking groups and espionage efforts can be very successful.
Reads the FT:
China’s leading internet security firms such as Kingsoft, Qihoo 360, Inspur, Topsec or Venustech have little or no ambition in investing in forensics, the capability that supports long-term, in-depth analysis of the origin, structure and technical detail of past attacks that is being built by firms such as Symantec or TrendMicro. “Our internet security sector is light years behind the US, partly because there is very little awareness of the problems yet and companies are not willing to pay for such services,??? says Tony Yuan, head of Netentsec, a Beijing security company …
For Chinese experts, therefore, foreign complaints about hacking attacks originating in their country are far down the priority list. “Those who accuse the Chinese government of cyber attacks lack sincerity,??? says Liu Deliang, a cyber law expert from Beijing Normal University. “Cyber crime is the main problem and we should close ranks to fight it.???
Obviously, the Chinese read the Washington Post and they are not naive.
They know how the system works in America, too. And they are unlikely to be cowed or embarrassed by a newspaper story about a “confidential” Pentagon report, news of which is a fairly obvious case of insider manipulation. Of course, everyone connected with the DSB report knows this, too.
Thought question: What’s the difference between a good leak and a bad leak?
Answer: Bad leaks are those the Department of Justice is commanded to investigate. Good leaks are when contractor/consultants give “confidential” material on an expanding national security threat to the WaPost.
Yes, China is engaged in cyber-espionage against us. The US military is the largest and most powerful in world history. It would be a surprise if everyone wasn’t trying spy on it and its vast private sector infrastructure of giant arms and services contractors.
How do you secure such a large globe-spanning enterprise, one in which there will always be thousands of people, or even many more, who dumbly click on e-mail attachments, idly insert foreign media, go off secure protocols or copy sensitive materials to networked home or unsecured devices for convenience? Rhetorical question.
What can be seen in the non-secret version of Resilient Military Systems and the Advanced Cyber Threat?
Well, there is a loud call for mounting a big defensive and offensive military cyberwar capability, claiming that the cybersecurity threat facing the nation is equivalent to, or even more serious and complex than, things like mounting strategy against the German U-boat campaign in WW2 and the achievement of nuclear deterrence during the Cold War (page 38).
Readers may recall the latter was the building of a survivable capability to blow up the entire world in the case of a doomsday attack.
Cyberthreats are given a taxonomy and a graphic illustration. They range from nuisances, Tier 1 threats, to Tier 6 threats, malware hardware/software as yet unmade that is an “existential” threat.
A threat to existence!
It then proceeds to explain what constitutes various tier threats.
The Stuxnet virus, which the report coyly declines to mention was developed and deployed by the United States, was a Tier 4 threat. The Agent.btz worm/malware, a piece that circulated worldwide in 2008, is given the same rating.
Which I and others would call inflated but which left a lasting scar on the US military because it demonstrated that DoD was no better at keeping viruses off its networks than anyone else.
Agent.btz is never actually named in the Advanced Cyber Threat report. Instead the authors reference only the problem contained by “Buckshot Yankee,” which means nothing to laymen because it is not explained in the edition released to the public audience.
Buckshot Yankee was the name given to the operation aimed at neutralizing Agent.btz.
As an illustrative example of what constitutes a past Tier 6 threat, the DSP report comes up with the spying IBM Selectric typerwriter, machines that were altered by the Soviet to collect and transmit what was typed on them. The spying typewriters were put into US embassies in Moscow and Leningrad.
A newer Tier 6 threat is what I call the Subversive Chip of Cyber Doom.
The subversive chip would work normally in US computing and weapons systems until triggered by conditions or an outside signal. At which point it could transmit compromised information or destroy the processor and operating system.
So let’s not outsource all computer manufacturing to China. Oh, wait…
Other parts of the document discuss growing the US capacity for offensive cyberwar and establishing a “resilient” cyber force, a potentially immense open-ended project that is said to be of the utmost urgency.
More germane excerpts on China and cyberespionage from recent Financial Times pieces.
More than a quarter of US companies surveyed by the American Chamber of Commerce in China say they have had trade secrets stolen or compromised through cyber attacks on their China operations, adding weight to US accusations that Beijing is behind numerous corporate espionage attacks.
Twenty-six per cent of respondents to the US business lobby’s annual survey said they had been victims of such attacks …
In response to a question about the Amcham survey, a spokesman for the Chinese Foreign Ministry described any accusation of Chinese cyber theft as “irresponsible??? and urged US officials and companies “not to politicise economic and trade issues and to stop hyping the issue of cyber security???. Link.
And, an assertion that US deployment of the Stuxnet virus has made international cooperation between computer emergency response teams harder because of weakened trust:
Mr Du, “deputy chief engineer of the National Computer Network Emergency Response Team of China,” blamed [a mistaken identification of an IP in China as origination of a recent cyberattack on South Korean banks] on governments’ growing wariness since the detection in 2010 of Stuxnet, a worm which is believed to have been launched by the US and Israel against Iran’s nuclear programme.
“Since the cyber attack against Iran, namely the Stuxnet incident, governments don’t trust each other as much as before, and trust among CERTs has been damaged too,??? he said. “The dispute and misunderstandings among countries will give cyber attackers and terrorists new opportunities.???
Permalink
05.12.13
Posted in Culture of Lickspittle, Cyberterrorism at 3:19 pm by George Smith
You don’t really think a few lines of computer code are going to crash the world down around are ears, do you? I’m disappointed, I’m disappointed in you, Sherlock …
I knew you’d fall for it. That’s your weakness. You always want things
to be clever. — Jim Moriarty, The Reichenbach Fall
Took a while to get to it but the New Yorker ran such a thoroughly insipid piece on the matter of cyberwar, it deserves mention for its slapdash collection of pasted-together assertions and idiotic anecdotes.
“The New Cyber War — Why Did Syria Shut Down the Internet?” by Nicholas Thompson (the greatest hits, pure nose gold):
The distinction between a war with guns and a war with bits is blurring.
(But did the New Yorker writer ask for the opinions on the matter from those bombed or shot?)
Throughout the conflict in Syria, rebels have used YouTube to foment outrage and to tell their stories. A sentence can tell you that blood flows in the streets, but a handheld camera can show it.
The government in Damascus meanwhile has sent out malware and published its own videos …
The so-called Syrian Electronic Army spun the U.S. stock market into a panic by hacking into the Twitter account of the Associated Press …
More recently, hackers broke into the Twitter feed of The Onion [and posted something inane] …
The Internet has helped to open up [Iran] in recent years, as Evan Osnos has written. But the government remains far more lion than wildebeest.
(As Evan Osnos has written. Of course!)
On shutting off the Internet: It’s terrible for business, creates chaos, and enrages the world.
(Did shutting off the Internet in Syria enrage you or appear to enrage many of your friends? Do you think it enraged the President?)
Last year, the security firm Renesys published a study on just how hard it would be to shut off the Internet in countries around the world. Sixty-one were at “severe risk …”
Cyberwar explained, allegedly. Or, rather, cyberwar discussion as a squirt of intellectual air-freshener for the posh.
“Nicholas Thompson is a grandson of Paul Nitze, one of the subjects of his most recent book, which gave him unprecedented access while researching his book. In March 2013, Thompson received a 21st Century Leader award from the National Committee on American Foreign Policy. He is also an acoustic guitarist and has released three albums of original instrumental music.” — Wikipedia
“This biographical article is written like a résumé … Please help improve it,” reads the site.
Permalink
05.11.13
Posted in Culture of Lickspittle, Cyberterrorism at 9:55 am by George Smith
On the 45 million buck ATM heist:
“It took a well-coordinated and very busy industrious criminal gang — a directed mob,” said George Smith, senior fellow with Washington, D.C.-based think tank GlobalSecurity.org.
“If you have such a similar mob you can put together, you can think about trying to duplicate this type of thing,” Smith said. “But you’ll have to have some startup capital, since it’s not quite something you can just walk out the door and assemble off the cuff.”
“The picture of two of the New York errand boys flaunting their stack of bundled cash in the car won’t strike anyone as being from the high end of innovation and thinking,” Smith pointed out.
Hiring local petty criminals to do the dirty work also increases the risk of exposure, said Sean Sullivan, a security adviser with the F-Secure security firm in Helsinki, Finland.
“The need to have lots of money mules to withdraw all the cash seems to be the big complication in getting away with the crime. That leaves a trail for law enforcement” …
Or, as a commenter on Slashdot wryly observed, “This is not how bank fraud should be done. The right and proper way is to become too big to fail, too big to jail, rig the LIBOR rates, create systematic rigging, award oneself huge salaries and bonuses, threaten worldwide economic collapse, hold governments to ransom and get huge bailout money.”
Global banking, apparently particularly in the Middle East, can’t secure itself. And it is probably quite prone to criminal recruitment of insiders.
The larger issue looming is how does one secure a financial system the average person, or worker, has no faith in?
In the US, bankers and giant banks are now among the most hated. How do you save or batten down a system when attacks on the system are met with public indifference?
Permalink
« Previous Page — « Previous entries « Previous Page · Next Page » Next entries » — Next Page »