03.01.10
Posted in Cyberterrorism, Extremism at 12:54 pm by George Smith
Americans are nothing if not the foremost braggarts in the world. It’s embedded in the national DNA.
There isn’t a day that goes by without someone being proclaimed a rockstar, a wizard, a true star. Usually in complete absence of any proof why this should be so except that lickspittling in corporate America.
Today’s headline at the always exciting read: Government Information Security.
Some blogger, writing with no discernible sense of humor:
Howard Schmidt doesn’t look like one, but he’s a rock star in the cybersecurity universe. As proof: the White House cybersecurity coordinator will headline the biggest IT security show of them all, the RSA Conference in San Francisco this week.
Schmidt will give not one, but two performances Tuesday: The keynote address at midday and an early evening town-hall-style meeting, where he’ll field questions from adoring fans and, no doubt, some critics of administration cybersecurity policy.
This in a column entitled “Howard Schmidt Achieves Rock-Star Status.”
I’d recommend reading the rest but it’s devoid of folksy jokes for the sake of boilerplate and name-checking.
Schmidt, since being named the Obama administration’s cyberczar, has been absent from the ongoing chronicles of the Cult of Cyberwar.
The top voices running the show are Alan Paller — of the vaunted Paller-Scope, Mike McConnell/Booz Allen, Jim “Wild West” Lewis and the McAfee business.
And that’s proven by ‘science’ here.
Not a trace of Howard Schmidt to be seen in these critical times.
But way back in 2002, DD wrote this about Schmidt and his aptitude for security conferencing, at Securityfocus:
This month’s dose of demented prediction comes to you courtesy of Howard Schmidt, chairman vice of the President’s Critical Infrastructure Protection Board.
Alleged “zero-day viruses and affinity worms” will sunder business records, as reported in Network World Fusion and credited to a Schmidt speech at an Information Systems Audit and Control Association (ISACA) conference. Brokerage house trading records will be scrambled, corporate networks rendered molten, CEOs humiliated.
This is not the worst. Traffic lights, pacemakers, appliances — all subject to outages and interruptions because in the future they’re controlled via Internet, declares Schmidt. The power grid could fail catastrophically by 2005! [That was certainly prescient. — DD, 2010.] Cats and dogs fornicate in the street as the sky turns black as sackcloth.
If it’s the first time for you at one of these [security] cons, where your employer coughs up anywhere from $500 – $1900 for the price of admission, Schmidt’s virus alarums might seem quite remarkable, even prescient. The remora-like journalists who get in gratis will assuage any lingering doubts you have as to the value of his lecture by emphasizing the most fantastic elements of it in the trades. If your boss reads the published result, it’s all good. You were educated at the feet of the guru.
In simplest terms, Schmidt is a computer security celebrity junketeer, a highly specialized occupation somewhat obscured by an official biography bulging with professional-strength acronyms. Much of his time is spent as a featured speaker jetting around corporate America. Search engines return Schmidt lectures everywhere in 2002: Atlantic City/HTCIA 2002 con, Cybercrime 2002, IT Business Forum, RIMS.ORG, New York State’s “Cyberstrategies,” the Chicago National Cybercrime Conference, South Sound (Washington), the National State Association of Chief Information Officer’s midyear confab, High-End Computing in an Insecure World, WSATA 2002 (the Western States Association of Tax Administrators), Trust & Security in Cyberspace at the Center for Strategic and International Studies, Defending Against Information Warfare, the Secure e-Business Executive Summit, Winning the War on Cyberterrorism at Washington University of St. Louis, Microsoft’s Government Leaders 2002…
Ouch, I feel an airline coach-class thrombosis coming on just browsing the list!
As a deliverer of keynote addresses, Schmidt has created a powerful image of furious action in the name of national security. Indeed, he has become an invaluable mover in the computer-trouble industry economy.
Not for everyday public idlers are these affairs, oh no!
Cult of Cyberwar — from the archives.
Permalink
02.26.10
Posted in Cyberterrorism, Extremism at 10:34 am by George Smith
“How vulnerable would the U.S. be if a global cyberwar broke out today?” writes some cyberwar fugleman at a Forbes blog.
“Vulnerable enough, according to Richard Clarke, former anti-terrorism czar under Presidents Bush and Clinton, that he rates our odds behind even those of our most Luddite adversary: North Korea.”
For the Cult of Cyberwar, even the most backward country becomes a deadly menace to the United States. Simply because it is such a backward country! Brilliantly nefarious!
Plus — Richard Clarke has a new book to sell. So it’s a good hook.
“That’s because, as Clarke writes in a new book, Cyberwar: The Next National Security Threat And What To Do About It, cyberwarfare preparedness isn’t just a matter of training a crack team of superhackers. It’s also a matter of how porous a nation’s cyberborders are. American corporations and government agencies are more integrated into the Internet than their counterparts in North Korea, where most of the country has access to only a tightly controlled Intranet known as Kwangmyong.”
A tidbit is then sampled from the Clarke book. Here is a sentence of it:
Moreover, North Korea has so few systems dependent upon cyberspace that a major cyber war attack on North Korea would cause almost no damage.
Clarke’s book is said to offer a “handy chart” on national cyberwar capabilities across the globe. How one determines such a thing is presumably beyond dispute.
“Earlier this week, former NSA director Mike McConnell told a congressional hearing that the U.S. would likely lose a cyberwar and followed up with a lengthy editorial in the Washington Post,” in case you missed it everyplace else.
The Paller-scope is called into play:
As SANS research director Alan Paller told us at the time, we shouldn’t underestimate the cyber capabilities of countries with undeveloped or even stone-age economies: “We have this view of our enemies as being unsophisticated cave dwellers, and we’re dead wrong. It’s an idea that could get us into very deep trouble over the next few years.”
“Richard Clarke, the world’s most famous security expert, has a new book entitled Breakpoint, wrote DD back in 2007.
“A techno-thriller, it takes its place among its equivalents, romance fictions for American men, a genre for combining combat action porn with loving trademarked descriptions of weapons. The men in this story get hard over firearms, scotch and a chardonnay named Kistler … Clarke [was] the last cyberczar among cyberczars, the only TV-genic one, ever.
“For Breakpoint, Clarke [returned] to his cyberczar roots. But in this story, someone gets to do something about the digital mayhem, not just scream ‘electronic Pearl Harbor,’ make policy recommendations no one listens to and be keynote speaker at security conventions.
“Clarke supplies a team of outside-the-bureaucracy do-gooders: a dauntless central heroine, one NYPD cop for muscle and one hacker, a nebbish named Soxster. Soxter’s purpose is to be the magic wand, no more and no less. Whenever there are villains to be traced, or information needed when the group is against the wall in the race against the terror clock, Soxter furnishes both so the story may proceed.”
The rest of it is here.
Richard Clarke is among the best DD has ever seen at flogging it.
His peddling of the coming of cyberwar is years long, stubbornly dogged and personally eminently successful.
From 1999, back when DD began noticing, this in Signal magazine on the coming of ‘electronic Pearl Harbor’ (note — this was eleven, that’s eleven, years ago):
In the August ’99 issue of Signal magazine, Richard Clarke said there was “a very real possibility of an electronic Pearl Harbor.”
“Without computer-controlled networks, there is no water coming out of your tap; there is no electricity lighting your room; there is no food being transported to your grocery store; there is no money coming out of your bank; there is no 911 system responding to emergencies; and there is no Army, Navy and Air Force defending the country . . . All of these functions, and many more, now can only happen if networks are secure and functional.”
It’s a handy citation and was last used in one of the always popular Cult of Cyberwar pieces last year here.
Richard Clarke is so great, he even made me famous for a day! That’s hard to do! And that even got my picture on the frontpage of the Village Voice!
That story, also vaguely connected to the Cult of Cyberwar and US politics, is here in “I, Vermin from Under Rock.”
Excerpt:
[Clarke] bequeathed the nation a haystack of quotes leading idiots to believe terrorists were going to devastate us through computer networks.
That was by 2006. It’s probably up to about six haystacks worth now.
Cult of Cyberwar — from the archives.
Permalink
02.24.10
Posted in Cyberterrorism at 2:13 pm by George Smith
Smiling Mike McConnell, one of the most famous salesmen-in-chiefs of the cult of cyberwar. Committed to hiring computer security specialists from the clutches of the government then leasing them back at premium rates for the benefit of Booz Allen business.
From today’s news, Mike McConnell of Booz Allen’s cybersecurity sales unit, again making a putsch/pitch on the coming of cyberwar catastrophe:
If the United States fought a war in cyberspace today it would lose, the nation’s former top intelligence official has told a Senate Committee.
“We’re the most vulnerable, we’re the most connected, we have the most to lose, so if we went to war today in a cyber war we would lose,??? Michael McConnell, who previously served as the director of national intelligence, told the Commerce, Science, and Transportation Committee on Feb. 23.
McConnell told the panel that although the United States has made progress on cybersecurity, the country hasn’t made a national commitment to understanding and securing cyberspace. He predicted a catastrophic event would be needed to move the country toward a pre-emptive posture to mitigate the threat.
“We’re not going to do what we need to do; we’re going to have a catastrophic event [and] the government’s role is going to change dramatically, and then we’re going to go to a new infrastructure.???
This — sampled from GCN — was echo’d in similar form at many other news outlets.
“McConnell joined a number of former government officials who have warned of cyber vulnerability,” reported Businessweek.
“A bipartisan group of ex-federal officials said on Feb. 16 after a simulated cyber attack that the U.S. was unprepared to respond to the real thing.”
In this, the publication was referring to a dog and pony show which ran constantly over the weekend on CNN. A cyberwargame was played, one which the United States lost. Catastrophe descended.
However, long-time readers know that such cyberwar games are always rigged so that we experience catastrophic failure.
Difficult to take seriously, its bipartisan panel consisted of people chosen for name value, a couple even being exceptionally odd in this area because they would not seem to have ever been remotely interested in cybersecurity.
These two: Former White House press secretary Joe Lockhart and a befuddled-looking, even by low US standards, John Negroponte.
“[Negroponte] is currently a research fellow and lecturer in international affairs at Yale University’s MacMillan Center,” says his Wiki bio, perhaps generously written by one of his student interns.
Jason at Armchair Generalist latched onto this earlier today in “Cyber Warfare — It’s the New WMD.”
The CNN farce, called Cyber Shockwave, was delivered with the position that cyberattacks are somehow like WMDs.
How this was so wasn’t really explained except by the claims of cyberwar catastrophe put forward in a number of mock news broadcasts aired for the special.
“I find it somewhat amusing that [Michael Chertoff suggested] we ought to treat cyber-terrorism as seriously as we do WMD terrorism,” writes Sigger. “DHS’s record on preparing for WMD terrorism is really not that good.”
Another quote, furnished all the way from the UK by Tim Stevens here noted the differences in cyberwar peddling in his country and over here:
[Cybersecurity] as an element of national security and a subject of political concern seem to be playing out very differently in the US and its main European ally. Whereas the UK is cautious in projecting concern into the public domain, some elements of the US hierarchy seem very determined to make this a public issue of the highest priority. The discourse is different, and is being mediated in starkly contrasting manner.
Which brings us right back to the way it has been handled in the US.
Just like every other very important national security special interest group issue: Catastophe is predicted, and everything is covered with a thick and obvious crust of exaggeration-from-important-person and manipulation. The media and Congressional hearings are the stage for this natsec theatrical production.
The next table comes from DD’s tabulation on Cult of Cybersecurity narrow sourcing and how just a small number of large corporate computer security business interests drive the debate.
Here is the unscientific master list, taken from a search on cybersecurity/cyberwar through newspaper databases over the past year, current only to January 19:
1. Alan Paller, SANS — 84
2. McAfee — 80
3. James Lewis, CSIS — 47
4. Booz Allen Hamilton — 38
5. Symantec — 31
6. Mike McConnell, BA — 25
7. Paul Kurtz, Good Harbor — 11
8. Richard Clarke, Good Harbor 4
‘Control values’:
1. Gene Spafford, Purdue 25
2. Marcus Ranum 0
In terms of security vendor businesses, the list condenses to a small number of players controlling the debate in 2009: SANS, McAfee, and Booz Allen Hamilton, the latter which jumps to number three on the list with 63 hits in major stories if you add McConnell’s total.
In a country as large and complicated as the United States there are many many computer security businesses. And there are also many computer security experts in the academy — scientists and engineers who have published books and papers on the subject.
Yet in the current national ‘debate,’ they’re all missing or excluded.
The ‘experts’ called upon to shape and dictate the entire discussion can be counted on the fingers of one hand. They hold the keys to all knowledge.
SANS has already been addressed.
It’s a security training business and its director, Alan Paller, is the man who knows everything.
When a newsman wants to know what evil China is up to today in cyberspace, Paller is the man to call. (If he’s busy, one goes for James Lewis of the Center for Strategic and International Studies.)
And this is why DD blog has the Paller-Scope.
In February, the master list condensed even more.
This happened when McAfee, number two on the list, bought the Center for Strategic and International Studies to provide ‘research’ atesting to the belief that cyberattacks are about to result in horribleness everywhere — proven by polling corporate businessmen who read the news about horrible cyberattack everywhere.
One illustrative citation:
Globally, widespread cyberfacilitated bank and credit-card fraud has serious implications for economic and financial systems and the national security, …
Power plants, oil refineries and water supplies increasingly dependent on the Internet are under relentless attack by cyber spies and thugs, according to a McAfee report.
The “Critical Infrastructure in the Age of Cyber-War” analysis by the US-based Center for Strategic and International Studies said the price of “downtime” from major attacks exceeds six million dollars a day.
“If cyberspace is the Wild West, the sheriff needs to get to Dodge City,” concluded the study commissioned by McAfee, which sells computer security software.
From earlier today at PC World:
The Internet was designed as a global commons that polices itself, but that model has failed, [James Lewis of the Center for Strategic and International Studies] added. “Instead, we’ve got the Wild West.”
“The days of the Internet Wild West are over, said James Lewis, a cybersecurity expert and senior fellow at the Washington-based Center for Strategic and International Studies,” reported the Associated Press at the same time.
When messaging, it is always important to have a consistant and well-rigged script. And to not deviate from it.
This was all delivered in the context of legislation which would, theoretically, “require a national licensing and certification program for cybersecurity professionals … it would be illegal to provide some cybersecurity services without being licensed and certified.” (The latter from PC World.)
Two things stand out, aside from the stilted abuse of the Wild West simile.
First, CSIS being pocketed to provide convenient research to McAfee is much like the model of AHIP, the research group put together by the health insurance industry to provide studies on all the things that must be done for the health insurance industry.
Second — legislation which requires “a national licensing and certification program for cybersecurity professionals [making it] illegal to provide some cybersecurity services without being licensed and certified” stands to most efficiently transfer profits to the large corporate businesses furnishing cybersecurity training and services to the government and the rest of the country.
In other words, it cements and mandates the businesses of McAfee, Booz Allen and the rest of our collection of debate drivers from the Cult of Cyberwar.
Some readers may have noticed this business model for fixing things has some common philosophy with healthcare reform which mandates everyone buy health insurance without providing a public option, cost limiting or any guarantees that the purchased new excellence in computer security is actually any different than it is now.
Narrow-sourcing and kings of cyberwar quote.
Cult of Cybersecurity — from the archives.
Permalink
02.18.10
Posted in Cyberterrorism at 8:45 pm by George Smith
Dreyfus: Give me ten men like Clouseau and I could destroy the world.
John Markoff reports from the New York Times:
“[A] leading professor in Jiaotong’s School of Information Security Engineering said in a telephone interview: “I’m not surprised. Actually students hacking into foreign Web sites is quite normal.??? The professor, who teaches Web security, asked not to be named for fear of reprisal.
“I believe there’s two kinds of situations,??? the professor continued. “One is it’s a completely individual act of wrongdoing, done by one or two geek students in the school who are just keen on experimenting with their hacking skills learned from the school, since the sources in the school and network are so limited. Or it could be that one of the university’s I.P. addresses was hijacked by others, which frequently happens.???
At Lanxiang Vocational, officials said they had not heard about any possible link to the school and declined to say if a Ukrainian professor taught computer science there.
A man named Mr. Shao, who said he was dean of the computer science department at Lanxiang but refused to give his first name … acknowledged that every year four or five students from his computer science department were recruited into the military.
Remarkable!
With the Times and the NSA on the trail, the Chinese are for it now. It’ll be a slam dunk. And everyone knows American students in computer science classes don’t hack computers in foreign countries or ever sign up for the military after high school or college. It’s common knowledge.
Clouseau: This is a very serious matter and everyone in this reuoom is under the suspicions.
The real Inspector Clouseau.
Pot – Kettle – Black … Oops!
These “zombie” computers are often grouped into “botnets,” or armies of infected computers that can be used to send spam e-mail or attack Web sites, according to McAfee, a Silicon Valley security firm. The company, which said it collects information about Internet-based threats that target more than 100 million computers in 120 countries, said that in the last three months of 2009, about 1,095,000 computers in China and 1,057,000 in the United States were infected.
Those numbers are in addition to 10 million or so previously infected computers in each country, McAfee said.
Excerpted from the WaPo.
Permalink
Posted in Cyberterrorism at 9:19 am by George Smith
From December on DD ‘old’ blog:
[I] removed a copy of one of the Zeus/Zbot pieces of malware after it floated through my anti-virus software on Saturday. This took about ten minutes, not only to squash but also to upload to the vendor so that it might be detected at some point in the future. Yesterday, the software was finally updated to flag my test files.
The purpose of Zeus/Zbot is fundamentally the same as what was alleged to have happened to State Dept. computers. It steals banking credentials, credit cards, logons and installs hooks which allow the attacker to manipulate the infected PC remotely.
A rather homespun, if somewhat patience-trying, description of what Zbot can and has done is here on YouTube.
Typically, though, big or splashy news of government intrusions — the best scare stories — are now furnished almost entirely by vendors because vendors control the business of computer security in the US government.
Zeus’s gig, part of it — anyway — was pulling the fake anti-virus thing on users, telling the infected they had to sign up their credit to remove viruses they didn’t have, except for the ransomware itself.
Today from the Wall Street Journal via Yahoo:
Starting in late 2008, hackers operating a command center in Germany got into corporate networks by enticing employees to click on contaminated Web sites, email attachments or ads purporting to clean up viruses, NetWitness found.
In more than 100 cases, the hackers gained access to corporate servers that store large quantities of business data, such as company files, databases and email.
They also broke into computers at 10 U.S. government agencies.
By definition, government agencies are broken into every day. And all business computers always store large amounts of business data.
In any case, Zeus attacks were not extraordinary frontpage news when DD reported it matter of factly. Or when others noted the same in various videos posted to YouTube.
Today they’re news because NetWitness made a report out of them and handed it over to the press.
Way down in the articles on the worldwide Zeus cyber-catastrophe one spies Amit Yoran’s name.
“These large-scale compromises of enterprise networks have reached epidemic levels,” says Yoran, chief executive officer of Virginia-based NetWitness, to the UPI.
Amit used to be the US government’s cyberczar. For a mercilessly brief period during the Bush administration.
In a website post from that time:
While some children have role models like John Wayne or Babe Ruth, [Amit Yoran’s] most envied role model was Alex P. Keaton, the character Michael J. Fox played on the NBC TV sitcom Family Ties. People who know him say he used to wear vests and even ties to school when he was growing up – and he did not attend a private school where uniforms were required. No, this was just the way Amit used to like to dress, even amidst a mix other kids wearing everything from Metallica shirts to the latest Benetton fashions. And he would – like the Keaton character on the show – frequently gush about, “What a stud,” Ronald Reagan or Oliver North were.
But Yoran quit his job as cyberczar. The US government was perhaps not the best place for him to release reports on the threat and menace of global cyberattacks.
“Cyber 9-11 has happened over the last 10 years, but it’s happened slowly so we don’t see it,??? Yoran said at some cybersecurity conference after departing.
Scoffers are naive, it was said in the same article.
Our advance into the bright and safe future of proper cybersecurity has always been slowed down by the Fussell-noted American tendency to deliver everything coated in a crust of exaggeration and hype. Rather than opening the way for a new and proper regime of cybersecurity, it has bred just enough resistance — the adoption of the derogatory slang term, fud, as one example — to get in the way of taking enormous cyberthreat stories as seriously as their creators feel they should be taken.
In the book BAD: Or, the Dumbing of America, the author described this general practice systemically, well before it got carried over into things that didn’t exist yet, like corporate computer security business.
“Thus, this … is about the publicity enterprise propelling modern life, which seems to make it clear that few today are able independently to estimate the value of anything without prompting from self-interested sources,” the author wrote.
“This means nothing will thrive unless inflated by hyperbole and gilded with a fine coat of fraud. If in some ways the subject suggests the tragic — all those well-meaning people swindled by their own credulity — looked at another way the topic proposes all the pleasures of farce … [projecting] anew and continuously the classic comic motif, the manipulation of fools by knaves.”
And so the newsmedia becomes an instrument of it.
Since the US government practices the same thing in some area, every single day, one wonders why Yoran left its employ in the first place.
The answer may have been that it just didn’t pay enough and the skids, while well-greased, were just not quite as greasy as thought appropriate by the cyberczar of computer securing.
“The [tens of thousands of] computers were infected with spyware called ZeuS, which is available free on the Internet in its basic form,” reported the Wall Street Journal.
“Evidence suggests an Eastern European criminal group is behind the operation, likely using some computers in China because it’s easier to operate there without being caught, said NetWitness’s Mr. Yoran.
“There are some electronic fingerprints suggesting the same group was behind a recent effort to dupe government officials and others into downloading spyware via emails purporting to be from the National Security Agency and the U.S. military, NetWitness’s Mr. Yoran said.”
And here is another dose of predicted catastrophe courtesy of Mike McConnell, one of the Cult of Cyberwar’s best and most famous salesmen.
Related: Cybersecurity Schwick
Cult of Cyberattack — from the archives.
Permalink
02.12.10
Posted in Cyberterrorism at 12:12 pm by George Smith
The Paller-Scope’s unblinking gaze…
China was trying to show that “we care about keeping the Internet free of criminals and we are doing our part,” said Alan Paller, director of research at … –Datamation
China was seeking to say, “we care about keeping the Internet free of criminals and we are doing our part,” said Alan Paller, director of research at the … — Wall Street Journal
Alan Paller, who is the director of research at the SANS Institute, thinks the impact will be limited. “Sadly, the tack they [China] took is just a whack-a-mole exercise.” Paller added that other hackers will simply take their place.— FierceCIO
“The Internet is God’s gift to espionage,” says Alan Paller, who created NetWars and serves as its chief evangelist. “This is a skill we need Americans to have. But even more we need to find the ones who are already talented and make sure they’re working for the good guys.”
Twenty-one years ago Paller founded a cybersecurity school known as the Sans Institute. The for-profit school, in Bethesda, Md., has 110,000 alumni, most of whom have taken an intensive six-day course in data security. (Paller, 64, directs research at the institute.) — Forbes
To catch a thief, you must think like a thief – the best way to defend an asset is to get inside the head of the attacker and predict his actions.
That’s the opinion of Alan Paller, founder of the SANS Institute and creator of NetWars, an online cybersecurity simulation game in which contestants compete against each other by hacking into and controlling the game’s 12 servers, leaving their user name in them to prove they did it. — Help Net Security
“Predicting legislative action leads to lots of wrong answers,” Alan Paller, research director at SANS, said. “What I know is that Sen. Reid gave Sen. Lieberman the lead on cyber for this session of Congress. Rockefeller and Snow are much more tuned to the research and education initiatives, so they are likely to provide a big chunk of the content of the bill, and Carper’s work is also excellent and will help shape the ultimate bill.” — GovInfoSecurity
Cult of Cybersecurity — from the archives.
Permalink
02.05.10
Posted in Cyberterrorism at 2:39 pm by George Smith
The font from which all small brooks flow.
This week:
The NSA’s experience protecting government agencies give it the expertise to help companies as large as Google fend off sophisticated computer attacks, said Alan Paller, director of research at Bethesda, Maryland-based Sans Institute, which provides computer security training … — Businessweek
Alan Paller, director of research at the SANS Institute, told Information Week the privacy fears are overblown — San Francisco Chronicle
Fears that the Google will hand its servers over to the NSA are “completely unrealistic,” stresses Alan Paller, director of research at the SANS Institute … — Information Week
Alan Paller, director of research at the SANS Institute in Bethesda, Md. said the [cybersecurity research] bill is “absolutely vital” and needs to be passed … — Computerworld
There are several reasons why [buying the Air Force/IBM secure cloud computing is] a great project, said Alan Paller, director of research with the SANS Institute, a computer and network security — GCN.com
Alan Paller, director of research at the SANS Institute computer security training organization, said the [cybersecurity research] bill is vital to improving the country’s … — CNET
“These were regular old businesses being attacked,??? said Alan Paller, director of research at the SANS Institute, which provides cybersecurity training programs. “This means that regular old federal agencies are being attacked the same way, and they are, but their managers don’t know it.??? — Federal Computer Week
What’s worse, agencies have been required to take an approach to cybersecurity that makes it extremely difficult to protect themselves from these kinds of assaults, Paller and other security experts say.
Alan Paller of the SANS Institute, a US security firm, told the Los Angeles Times: “The odds of the 25 biggest companies in California not being fully [etc] … — Sydney Morning Herald, “Cyber attacks take aim at heart of the American empire”
Rolodex journalism, narrow sourcing and the all-seeing Paller-scope —
from the archives.
Permalink
07.13.09
Posted in Cyberterrorism, Stumble and Fail at 8:16 am by George Smith
Today, a column at the Motley Fool flails around because it can’t figure out what stock to recommend as a result of the Pathetic War. Other than the usual defense contracting giants like Lockheed Martin. Since the Pathetic War doesn’t immediately seem to lend itself to windfalls of opportunity in financial speculation and carpet-bagging, this is a matter of some dismay.
The Fool asks for a magic wand in cyberspace — the ability to immediately identify precisely who is launching the attack. Since that’s not going to happen anytime soon, it opens the door for a lot of charlatans who say they can do it. All they have to do is send their press releases to the Motley Fool.
See here.
Business sections are also mad for anyone who can show a Pathetic War ‘job-creation’ angle, as evidenced by this bit of fluff at the Washington Post.
IT jobs! That’s the ticket! Company’s are always hiring! They can’t fill the positions fast enough!
Here’s the pail-of-fail truth: You’re middle-aged or old and one of the half million/per month who’s been fired for the last half year. You’ll need another degree to get into the market. So forget it, unless your parents or someone else will again bankroll your continuing education. Besides, fours year later, you’ll be that much more an old-looking flat tire compared to the new college grads.
Second pailful of fail: You already have the training, but you’re still screwed. No one wants you when they can have a young whipper-snapper for less than what you were earning when you were fired. Plus, everyone knows kids are the only ones who know about hacking. And that’s a permanent pail of fail.
“Austin-based 21st Century Technologies signed a $1 million cybersecurity contract with the U.S. Air Force,” reports the Austin-American Statesman.
“The company said the Air Force will use its Lynxeon intelligence analytics software to strengthen the government’s ability to head of cyberattacks.
“The contract runs from June 2009 to December 2011. The system will be used at Lackland Air Force Base in San Antonio.
“The company said between 20 and 100 jobs are expected to be created over the life of the contract.”
“Yippie!!!!” writes one astute commenter. “$10,000 a year jobs created by Obama. Great piece of news Austin American. That should pay a lot of rent and utility bills.”
With a facility for arithmetic, the man gets to the nut of the matter. Most of the money is for software, installation, maintenance and consulting through a small shop, not job creation per se.
Rob Rosenberger
tees off on the GOP ninny — Pete Hoekstra,who recommended retaliation for the affront of the
Pathetic War.
Permalink
07.11.09
Posted in Crazy Weapons, Cyberterrorism at 7:08 am by George Smith
“A North Korean army lab of hackers was ordered to ‘destroy’ South Korean communications networks — evidence the isolated regime was behind cyberattacks that paralyzed South Korean and American Web sites — news reports said Saturday, citing an intelligence briefing,” read an AP wire news story today.
“[SK lawmakers were told Friday] that a research institute affiliated with the North’s Ministry of People’s Armed Forces received an order to ‘destroy the South Korean puppet communications networks in an instant’ … ”
Break out the cases of Taedonggang
Permalink
07.09.09
Posted in Crazy Weapons, Cyberterrorism at 7:37 am by George Smith
Updated
North Korea: We’ll make a handful of your websites load slow!
South Korea: Just wait! Once we get our electromagnetic pulse bomb to work at a range of greater than ten yards …
North Korea: Your EMP-bomb building scientists have nothing on our selfless warriors. They can can modify a five-year-old computer virus as well as Internet script kiddies or maybe even a little better! Tomorrow we strike your Imperialist puppet-master pigdogs at dol.gov as another example that you are powerless! Powerless!
South Korea: Our electromagnetic pulse (EMP) bombs, if exploded, will jam and damage your defence systems! Then you will not be able to rewrite more computer viruses!
North Korea: Tomorrow we will inflict more merciless retribution and pounding on your decadent overlords as well as make the website of your evil Ministry of Agriculture to load slow, if maybe at all. At least five people will be made to work overtime!
“This is how small powers can damage large ones in an era of asymetric warfare.” — frightened at the Booman Tribune.
“If it is verified that North Korea is the origin of the cyber attacks, perhaps it is time to take some action against them — something more serious than begging them to be good. They have shown they are a dangerous outlaw nation.” — some random Blogger blog.
“Attack on government computers draws speculation and shrugs …” Los Angeles Times.
What to do, what to do, about The Pathetic War? Or, “Who Should We Bomb?”
“If the attacks caused harm to anyone ‘you get more serious, and start thinking and talking about it as an act of war or at least state-sponsored violence,’ said Michael O’Hanlon, a defense analysts at the Brookings Institution.”
Appearing in an Associated Press story today, readers will remember O’Hanlon as the famous ‘liberal hawk’ who lobbied vigorously for the Iraq War and, years later, was tossed in the rubbish bin by everyone still possessing even a shred of common sense.
Will O’Hanlon launder himself fresh on the cybersecurity beat?
“And if you go out over the networks to strike back at Pyongyang, how can you be sure you’re not accidentally going to also take down Japan at the same time? You could end up shooting the wrong guy.” — someone with more apparent brains.
However, if readers review an older piece on cyberwar-retaliation at all el Reg, one written by your host, not everyone will be on board with restraint, moderation and good sense. Keep in mind, this article was written as a bit of dry satire.
However, that was well before the triumph of The Pathetic War.
When it comes to carpet-bombing a foreign country’s cyberspatial infrastructure, the proper intelligence will be important, reasons [a US military man]. But no capability should be particularly restricted by details. If the US blows some puny country off the Internet and it turns out that their computers were only being used by others, the retaliation will have had, in any case, a warning effect. After all, a weapon has no deterrence if you keep it a secret. And besides, they’ll probably have had it coming.
“Brute force has an elegance all its own,” the man [said].
DD on
McIntyre in the Morning, K ABC AM 790, Los Angeles
Host Peter Tilden: Hey, we have three computers in my house and I can’t get my kid’s to work right on the Internet. Do you know what to do?
DD: Sorry, can’t help you there.
Fast forward to end of segment
Tilden: The least he could have done was fix my kid’s computer.
“Our [South Korean] EMP devices can currently affect systems only tens of meters away, but our aim is to extend the reach to one km by 2014,” Yonhap news agency quoted an official as saying.
“An EMP bomb cannot be considered effective unless its range is at least one km,” an official said.
The development effort, which has been under way for nearly a decade according to the officials …
See here.
In another form, at SITREP.
Permalink
« Previous Page — « Previous entries « Previous Page · Next Page » Next entries » — Next Page »