12.17.14
Posted in Culture of Lickspittle, Cyberterrorism at 4:35 pm by George Smith
What happens when hackers from North Korea, according to the US government, threaten the American arm of an entertainment giant, Sony, over a mediocre-to-crappy movie, Seth Rogen’s The Interview, set to open Xmas Day?
Americans fold. Despite the lack of any actual credible threat of violence, three big theater chains backed out of showing it and Sony pulled the plug at the same time the US government was attempting to finger North Korea. (Here’s the NY Times piece with the usual array of unattributed sources.)
For the sake of amusement, let’s take a look at Variety’s review of the movie:
North Korea can rest easy: America comes off looking at least as bad as the DPRK in “The Interview,??? an alleged satire that’s about as funny as a communist food shortage, and just as protracted. For all its pre-release hullabaloo — including two big thumbs down from Sony hackers the Guardians of Peace — this half-baked burlesque about a couple of cable-news bottom-feeders tasked with assassinating Korean dictator Kim Jong-un won’t bring global diplomacy to its knees, but should feel like a kind of terror attack to any audience with a limited tolerance for anal penetration jokes. Extreme devotees of stars James Franco and Seth Rogen (who also co-directed with Evan Goldberg) may give this Christmas offering a pass, but all others be advised: An evening of cinematic waterboarding awaits.
That’s cold.
Variety’s Scott Foundas wrote the review on the 12th, a day after a showing in Hollywood. And the only thing wrong with its lede graph is that, yes, someone was brought to their knees. Sony and Rogen.
This morning, as Senior Fellow for GlobalSecurity.Org, I was interviewed by the Voice of America on the matter. And the best I could say was that Sony had handled everything very badly.
It stumbled into being a shit magnet. Publicity stemming from the culture of lickspittle’s love of celebrity voyeurism served hackers beyond what anyone might have imagined.
Sony is a corporation that is probably too big and sprawling to ever secure on today’s Internet. The nature of its employees, its business and they way everything is now exposed on the global network make it impossible. Just as they do with lots of other big American corporations recently victimized by hackers in massive break-ins. (Part of the occasional Computer Security for the 1 Percent series.)
Once again, the amount of data lost to the net was stupefying. Said to be the equivalent of ten Libraries of Congress, everybody’s e-mail, their credentials, plans, billions of files.
Ten terabytes. How do you analyze, even look, at all of it? No one can.
Computer security experts may lie and say it’s doable but that’s all rubbish, the only thing noticeable being the scandalous, impolitic and rude bits, ephemera, of great interest to the media for all the numbingly predictable reasons.
Sony’s problem is that by canceling the movie it will take at least a 30-40 million dollar loss. Catalyzing it was the laughably poor behavior of the theater chains that pulled the movie from their thousands of screens for Xmas day.
Another problem with long range ramifications is that the corporate response has very obviously crashed morale company-wide. Bring on the fear and loathing and embedded institutional paranoia! It’s a great environment for an entertainment giant reliant on the labor of creative people.
I’ve come to expect absurd, timorous and counter-productive behavior from Americans, particularly the very important people who are in charge of things. I suspect many others have the same impression.
Today the bleak humor of US reality is better than anything Hollywood could have put on the screen. God knows, it has certainly given Seth Rogen enough material for the next couple years.
For example, over the holidays Rogen can contemplate how he, his jokes about stuff being stuffed up the butt written while baked, Sony, a hack of an entertainment company (for cryin’ out loud), and silly threats about nationwide attacks on theaters, have given the President yet another headache. [1] One that will force him into eventually making a meaningless statement coupled with the appearance of doing something.
When there’s nothing to do. Sony isn’t going to fail.
Retaliate? Against North Korea for allegedly sending hackers to derail a movie that includes:
The slow-acting poison [ricin] with which the characters are meant to contaminate Kim, concealed on a small adhesive strip, practically begs to be passed around like a hot potato, or perhaps lost in a Band-Aid factory, but all we get is a rather lame bit about [Rogen] having to conceal the poison (and its large conical container) inside his rectum.
Seriously. Ricin, yet! Always ricin. Ricin up yer ass! Genius!
By now you should be howling with laughter. Not at the movie, of course, but with what’s happened due to it. It’s the only rational response.
Seth Rogen was paid $8.4 million for the thing. And that brings us back to one of the characteristics of computer security stories for the 1 percent. The people who are paid everything don’t lose anything, really. They’re too important.
A momentary embarrassment over the holidays, perhaps. Six months from now Seth Rogen will be doing something else for a few million more.
Maybe he’ll even get to write a book about it. Something about digital Pearl Harbor. How his battleship was scuttled.
Picked on a paranoid country with the biggest national inferiority complex on the planet, North Korea. Lost and was deserted by his sponsors.
1. Rolling Stones’ story on Rogen, today, lede graph:
It’s not every day you get to sit down with the guys who might be responsible for starting World War III. And it’s definitely not every day that they’re getting baked when you do.
“Hell-o!” booms Seth Rogen on a June afternoon as the door to his L.A. office swings open, revealing him and comedy partner/hetero lifemate Evan Goldberg preparing to take a mighty hit from a bong.
The technology aspect of the story is much less interesting than what is shown about the psychology of a big company. It’s a house of cards.
We know large corporations deal with threats by either ignoring them, dispatching an army of lawyers and fixers or government capture. In this case, Sony had nothing going for it. The lawyers had nobody to go after. The op-ed pieces didn’t work. The rather astonishing publicity did not make theater chains confident.
What did it do, though? Dispatched lawyers to threaten journalists.
UPDATE
Quote from Variety, emblematic of what’s wrong with Sony’s management: “We are deeply saddened at this brazen effort to suppress the distribution of a movie, and in the process do damage to our company, our employees, and the American public.???
The “American public” was not damaged. I wasn’t. Do you feel damaged?
With the movie canceled nationwide on Xmas day, there is one thing left that Sony, or some of its employees (and perhaps soon to be ex-employees) can do. Even Seth Rogen could do it.
Leak The Interview to the net. If it hasn’t already been done. [2]
There’s only one way to stop it then.
A real digital Pearl Harbor, one of the parts of it that all the national security experts like to talk about: Switching off the power in the US.
2. An idea, coincidentally, endorsed by Mitt Romney.
Mirrored, at GlobalSecurity. Share, share, share, share, share.
Permalink
12.01.14
Posted in Culture of Lickspittle, Cyberterrorism, The Corporate Bund at 4:03 pm by George Smith
In this week’s chapter of computer security news from corporate America of no value to 99 percent of the people who live here:
Security researchers say they have uncovered a cyber espionage ring focused on stealing corporate secrets for the purpose of gaming the stock market, in an operation that has compromised sensitive data about dozens of publicly held companies.
Cybersecurity firm FireEye Inc, which disclosed the operation on Monday, said that since the middle of last year, the group has attacked email accounts at more than 100 firms, most of them pharmaceutical and healthcare companies.
Victims also include firms in other sectors, as well as corporate advisors including investment bankers, attorneys and investor relations firms, according to FireEye.
The cybersecurity firm declined to identify the victims.
How can you tell if you’re a computer security servant for the corporate dictatorship and its precious loot?
1. Part of your business plan is to find hackers targeting Wall Street, the “stock market,” company e-mail folders of bloated, parasitic American financial and business titans (and their flunkies), etc.
2. Your business is leasing computer security services to Wall Street, big companies on the “stock market,” and trying to secure the e-mail folders of bloated, parasitic American financial and business titans (and their flunkies).
3. Your business is news writing about the great problem of potential wealth stealing by hackers targeting Wall Street, big American corporations, and the invasion of e-mail folders belonging to bloated, parasitic American financial and business titans (and their flunkies).
You good computer security servant, you! A grateful nation thanks you.
From the Keepin’ It Real in the Corporate Dictatorship desk:
Amid empty talk in Washington about corporate tax reform, the study said the seven companies, which in 2013 reported more than $74 billion in combined U.S. pre-tax profits, came out ahead on their taxes, gaining $1.9 billion more than they owed.
At the same time, the CEOs at each of the seven companies last year was paid an average of $17.3 million, said the study, compiled by two Washington think tanks.
The seven companies cited were Boeing Co (BA.N), Ford Motor Co (F.N), Chevron Corp (CVX.N), Citigroup Inc (C.N), Verizon Communications Inc (VZ.N), JPMorgan Chase & Co (JPM.N) and General Motors Co (GM.N) …
Earlier this month, on the protecting-the-shit-of-the-plutocrats-or-the-country-will-fall beat:
The huge cyberattack on JPMorgan Chase that touched more than 83 million households and businesses was one of the most serious computer intrusions into an American corporation. But it could have been much worse.
Questions over who the hackers are and the approach of their attack concern government and industry officials. Also troubling is that about nine other financial institutions — a number that has not been previously reported — were also infiltrated by the same group of overseas hackers, according to people briefed on the matter…
“It was a huge surprise that they were able to compromise a huge bank like JPMorgan,??? said Al Pascual, a security analyst with Javelin Strategy and Research. “It scared the pants off many people.???
Several financial regulators have warned that a coordinated attack on the banking system could set off another financial crisis.
I’ll bet. I want to see another financial crisis. Don’t disappoint us now.
Priceless quote:
The push by government officials is a stark acknowledgment of the vulnerability of financial institutions — even after they have spent hundreds of millions of dollars to protect themselves — to an attack if one of their vendors is not fully prepared. The problem is causing some security consultants to privately consider whether the sprawling financial firms with operations across the globe may be “too big to secure.???
Hundreds of millions of dollars to protect themselves! Why, that’s only an order or more of magnitude less than the money Uncle Sam paid them back on its tax returns in 2013.
Permalink
11.21.14
Posted in Culture of Lickspittle, Cyberterrorism, The Corporate Bund at 1:37 pm by George Smith
A very young person named Russell Brandom at clickbait news site, The Verge, has discovered this is so.
He’s figured out, rightly, that cybersecurity in the US, and — in general, and among its toadies in the West, is solely for protecting the shit of the 1 percent.
Former NSA director Keith Alexander, the million dollar, then 600,000 dollar man for protecting Wall Street from the depredations of Chinese and Russian hackers is the leading man for it. He is custom-made as the apparatchik-of-protection for the banksters and they, in turn, deserve him.
In another way of saying it, there’s no reason at all that anyone without a mansion in the Hamptons should care that hackers are into giant American corporations of finance and manufacturing. Only those at the very top derive any benefit at all from cybersecurity. Everyone else gets zero to very little.
Brandom:
So if you found spyware on your computer tomorrow, the NSA would not help you. Maybe you could reach someone at the FBI who cared, but I wouldn’t bet on it. US Cyber Command is designed to defend military and government infrastructure. When James Clapper talks about defending the nation from cyberattack, these are the people he means. Everyone else is on their own …
In fact, most of the cyberdefense money is actively making things worse. The techniques behind these weapons were all actively developed by organizations like the NSA before trickling out to more oppressive regimes. The same agencies are lobbying against encryption that might protect your conversations from being stolen, and planting backdoors in the algorithms you might use to encrypt your files. They’re buying up software vulnerabilities and keeping them secret, leaving the door open for anyone who discovers them in the future.
Hey, go read Bill Blunden and Violet Cheung’s Behold a Pale Farce: Cyberwar, Threat Inflation & the Malware Industrial Complex. (A review is here.)
If you read the entire piece at the Verge (it’s short), you’ll also see they’re naive, or perhaps ignorant, about the line on Mandiant.
Mandiant was quickly identified as part of the problem.
Its security story/analysis, delivered so self-servingly by the New York Times, was quick convenience for Keith Alexander’s NSA narrative that Chinese hackers were stealing the entire country’s economic future, a now laughable assumption then taken seriously until Edward Snowden showed up and began showing details on the nature of the American cyberwar machine.
Anyway, readers know I wrote a lot on these matters. That is until the natural nausea that results from dealing with the stories of American computer security experts got to be too much.
Sou can also read read Computer Security for the 1 Percent, or the Cyberterrorism tab on this blog.
Or Hacking to Save Corporate America. (AKA Stooging for the Man)
Or Poverty and the Annual National Security Ogres & Wealth Festival.
Or “Pentagon declares Chinese cyberespionage the cause of all woe.”
Hey, those are some snappy titles. Funny, even! National Security Ogres & Wealth Festival — a great name for a record album or band.
Permalink
09.06.14
Posted in Crazy Weapons, Culture of Lickspittle, Cyberterrorism at 12:50 pm by George Smith
On the cybersecurity for the benefit of the 0.1 percent beat, earlier this week on a story about JP Morgan Chase being hacked, allegedly by the Russians, probably criminals:
Former NSA/U.S. Cyber Command chief and cybersecurity consultant Keith Alexander said the success of such an attack highlights just how “vulnerable??? the U.S. financial sector is, and how future attacks could result in significantly more damage.
“If you can steal the data — if you can reach in that far and steal it — you can do anything else you want,??? Alexander told Bloomberg. “You collapse one bank and our financial structure collapses.???
The FBI and NSA are also investigating the attack, which left behind evidence of the use of a Russian data center.
This supposedly in retaliation for US sanctions levied over the conflict in the Ukraine:
“How would you shake the United States back? Attack a bank in cyberspace,??? Alexander [told a news service.]
Oh, drat! A bank has been attacked! The “financial structure” could “collapse,” like in 2007, when (ahem) the US government rushed in to save them all, including JP Morgan under Jamie Dimon because they were, er, too big to fail.
It is, as one might say, a likely story. Keith Alexander, and others at the top, have many of them.
And while the US polity has never really recovered from the Great Recession, corporate profits on Wall Street are back to an all time high. It has ended so well. So perhaps “the Russians” aren’t trying hard enough.
Speaking of JP Morgan Chase, this summer, from January in Davos where the wisest and wealthiest go every year to discuss who will be plundered next in the name of economic progress:
JPMorgan agreed last year to pay $13 billion to settle multiple government claims over dealings in mortgage securities at JPMorgan and at two banks it took over during the crisis, Bear Stearns and Washington Mutual.
It also settled other assorted cases for about $7 billion more. Those included allegations stemming from derivatives and electric power trading and sales of extra products to credit card customers.
Dimon said JPMorgan had “two really bad options” in choosing to settle or fight the cases. Going to court could have taken three or four years and the outcome could have been worse, he said.
Defending the financial system from collapse by cyberattack, a noble activity right up there with the in-house putting of anthrax in the mail to spur defense on bioterrorism.
So, explain why you’re working in cybersecurity? Rhetorical. As in banks and masses of taxpayers, that’s where the money is.
There’s no gold in keeping the crooks and malware out of the devices of lessers. The efficient process is to take their cash after it has been passed on to the government.
Bill Blunden, author of Behold a Pale Farce: Cyberwar, Threat Inflation; the Malware Industrial Complex and reader of this blog, had a letter in this week’s Times.
It addresses a story in which NATO leaders were announcing they were drawing up contingency plans against cyberattack:
You report that NATO leaders plan to update their collective defense policy to include a contingency for cyberattacks. The caveat of an agreement like this is that it assumes that NATO members are capable of identifying the actual source of an attack.
Leaked documents reveal classified government programs like Hacienda and corporate services like Ntrepid’s Internet Operations Network, which are leveraged to reroute network traffic and undermine digital trails. Furthermore, logistical signatures can be faked and forensic artifacts can be forged. In other words, when facing off against an organized, well-funded adversary, attribution is largely a lost cause.
Both national governments and private sector companies have made investments to ensure that this is the case. False flag attacks are as old as espionage and relatively simple to execute on the Internet.
In fact, they may not even be as complicated as a false flag attack.
Leaks have recently shown that Keith Alexander’s plumbers at the National Security Agency were responsible for knocking Syria off the Internet. While capable of solving the Rubik Cube puzzle in seconds they are apparently not beyond serious fucking up. Then keeping quiet about it knowing others will be blamed (no link, it’s from a Vox Media property cribbing wire news with clickbait title):
When Syria’s access to the internet was cut for two days back in 2012, it apparently wasn’t the fault of dissenting “terrorists,” as the Syrian government claimed: [It] was the fault of the US government. [In interview, Edward Snowden described what actually happend]: An elite hacking unit in the National Security Agency had reportedly been attempting to install malware on a central router within Syria — a feat that would have allowed the agency to access a good amount of the country’s internet traffic. Instead, it ended up accidentally [rendering] the router unusable, causing Syria’s internet connection to go dark.
At the time, the Assad government was blamed, accused of using the maneuver to close the internet to its citizens and others in the country’s ongoing civil war.
Repeated again, for effect: NSA elite hacking unit.
Mr. Alexander, we are well acquainted with your manner of wrenching the true cause the false way.
Permalink
08.06.14
Posted in Culture of Lickspittle, Cyberterrorism at 9:00 am by George Smith
I stopped writing about most incident and general computer security issues because there’s no longer any point to it. The stories of large breaches and new vulnerabilities come, often in multiples, every day.
News of it is of no practical use to the average person. It’s an endless river of excrement and a fact of life signifying nothing except the always on insecurity of the systems we are compelled to use every day.
So this is a bit of an exception. Hypocrisy? Yes, certainly. Guilty!
From the New York Times, a headline yesterday, of a small company that has determined Russian hackers have stolen passwords to 1.5 billion accounts:
A Russian crime ring has amassed the largest known collection of stolen Internet credentials, including 1.2 billion user name and password combinations and more than 500 million email addresses, security researchers say.
The records, discovered by Hold Security, a firm in Milwaukee, include confidential material gathered from 420,000 websites, including household names, and small Internet sites. Hold Security has a history of uncovering significant hacks …
[Mr. Alex Holden, the founder and chief information security officer of Hold Security], who is paid to consult on the security of corporate websites, decided to make details of the attack public this week to coincide with discussions at an industry conference and to let the many small sites he will not be able to contact know that they should look into the problem.
There is no reason to doubt it. But what is to be done with such a number? One and a half billion accounts, 500 million e-mail addresses.
It’s stupefying.
So is the expectation of a fix. It’s beyond that. There’s no way to deal with 1.5 billion potential compromised accounts. To think so is to believe you can change the weather.
Go to a computer security vendor conference and interest the Times in getting the word out and that will do it? Seriously? I bet Hold Security doesn’t even believe that.
So what do you do if you’re on the computer security news beat or a system host and you read this? Write yet another piece advising people of the great gravity of the problem/revelation and that they should change their passwords? Speak for the millionth time about closing vulnerabilities? Should you automate another script or widget to badger or force your clients and users with mostly inconsequential accounts into changing their passwords? Again?
It’s so obvious that works.
From the Big Book of Cynical and Supercilious Jokes:
How do we fix a billion and a half accounts with stolen credentials?
Easy, pay Keith Alexander a billion and a half dollars.
Permalink
08.02.14
Posted in Crazy Weapons, Culture of Lickspittle, Cyberterrorism at 11:48 am by George Smith
In twenty years of writing about computer and national security issues, I’ve never anyone from the top of the US military quite as grasping as former NSA director, Keith Alexander.
He’s redefined retiring from service at a whole new level.
And I know of no military men, or directors of any intelligence agency, to claim they’re going to be filing patents for security inventions after leaving their public sector jobs.
Yet here we go:
[Alexander, in an interview Monday, said he has developed] a new technology, based on a patented and “unique” approach to detecting malicious hackers and cyber-intruders that the retired Army general said he has invented, along with his business partners at IronNet Cybersecurity Inc., the company he co-founded after leaving the government and retiring from military service in March. But the technology is also directly informed by the years of experience Alexander has had tracking hackers, and the insights he gained from classified operations as the director of the NSA, which give him a rare competitive advantage over the many firms competing for a share of the cybersecurity market …
Alexander said he’ll file at least nine patents, and possibly more, for a system to detect so-called advanced persistent threats, or hackers who clandestinely burrow into a computer network in order to steal secrets or damage the network itself. It was those kinds of hackers who Alexander, when he was running the NSA, said were responsible for “the greatest transfer of wealth in American history” because they were routinely stealing trade secrets and competitive information from U.S. companies and giving it to their competitors, often in China.
Keith Alexander wants you to believe, along with all the other simpletons and sycophants in the natsec journalism business, that he’s so insightful, so inventive, that at night — or in off hours from the NSA, he came up with unique computer security concepts and inventions that he will now sell or lease to the private sector.
After years of building the biggest cyberwar machine in the world on the taxpayer dime, without any apparent oversight at all. And, of course, all while undermining the basic security of the internet, launching clandestine malware attacks on nations in the Middle East, hoarding computer security vulnerabilities and greasing a global clandestine market for the buying and selling of them.
In 1994, for Issues in Science & Technology, in a very old piece entitled Electronic Pearl Harbor, Not Likely, I wrote:
Another reason to be skeptical of the warnings about information warfare is that those who are most alarmed are often the people who will benefit from government spending to combat the threat. A primary author of a January 1997 Defense Science Board report on information warfare, which recommended an immediate $580-million investment in private sector R&D for hardware and software to implement computer security, was Duane Andrews, executive vice president of SAIC, a computer security vendor and supplier of information warfare consulting services.
Assessments of the threats to the nation’s computer security should not be furnished by the same firms and vendors who supply hardware, software, and consulting services to counter the “threat” to the government and the military. Instead, a true independent group should be set up to provide such assessments and evaluate the claims of computer security software and hardware vendors selling to the government and corporate America. The group must not be staffed by those who have financial ties to computer security firms. The staff must be compensated adequately so that it is not cherry-picked by the computer security industry.
In twenty years, Keith Alexander is now on top of a situation that is just the opposite.
He spent his career lecturing and warning of devastating cyberattacks on American infrastructure. Most notably, he insisted again and again that Chinese hackers were stealing so much from corporate America in the way of information and private intellectual property, it constituted the greatest transfer of wealth in history.
If you’ve been on food stamps, the unemployment line, or been otherwise damaged by the Great Recession, you may have missed it.
This is the picture: Grasping Keith Alexander spends his career publicly warning that America’s financial system was imperiled by cybewar, all while building the world’s biggest cyberwar apparatus. And now that he has retired he intends to sell his soon-to-be-patented computer security innovations to corporate America so that they can be shielded from the attacks he spent years telling them are coming and which have already allegedly stolen much of its intellectual wealth. (Which is presumably why they’re all doing legal foreign merger tricks to avoid the payment of tax owed the US govenrment. Which was protecting them, or trying to, in cyberspace.)
Although the Issues in Science and Technology article is a very accurate slice of history from two decades ago, much in Electronic Pearl Harbor, Not Likely is pretty dated, quaintly naive even, and no longer relevant to the computer security discussion. Virus hoaxes are no longer around. Malware production exploded. Computer virus production became professionalized and they’re now used as clandestine weapons of war.
I wrote that it would be hard to do such things. And it has been hard.
It takes government agencies like the NSA to develop things like Stuxnet. And the phenomenon took years to arrive but nevertheless, it has arrived.
But electronic Pearl Harbor never happened. Even though many still warn about it, first among them being Keith Alexander when he was director of the National Security Agency.
And the part about conflicts of interest and casting a skeptical eye upon those who do threat assessment and then seek to immediately gain financially from the impact of such assessments has not changed.
It’s become much worse and Keith Alexander is now the very best example of it.
Keep in mind, this is all part of the expansion of internet spying and its secret infrastructure, he supervised and which was exposed by Edward Snowden. And Alexander’s work has not made the internet more trustworthy.
Quite the contrary, Alexander is seen as primarily responsible for damaging the global reputation of the United States when it comes to acceptable conduct in cyberspace.
Alexander, justifiably, is and should be a pariah. And we dig our global pariahs in 2014. It’s a national character trait. So we should own up to it because we deserve the guy and his grasping.
Permalink
07.10.14
Posted in Culture of Lickspittle, Cyberterrorism at 12:34 pm by George Smith
It didn’t come out quite the way he wanted it to. But it sure sounded good to the stenographer.
From Politico:
Gen. Keith Alexander, who resigned from the NSA/CyberCom earlier this year, on his move to the private sector: “It wasn’t me saying, ‘Wow, I can go make a lot of money doing A, B, C and D,’??? Alexander said. “I do think, like everybody else, I have some great insight in this area.” And, later: “A doctor who works at Walter Reed who’s a brain surgeon and retires, and he’s a world-class brain surgeon, would you find it acceptable that he could go to the Genome Center in Manhattan and work there???? he said.
Oh, Mr. Alexander! There’s a humanitarian quality to being brain surgeon, something sort of lacking in being the director of an intelligence agency.
Plus, there’s the thing were you have to go to medical school, be awarded the M.D. thing, that’s also not commensurate.
And, yes, there are MD’s who do research in neurology and genomics.
Permalink
07.08.14
Posted in Culture of Lickspittle, Cyberterrorism at 10:11 am by George Smith
It’s a good gig and it’s apparently working. Former NSA director, Keith Alexander, the 1 million dollar a month consultant on cyberdefense, is convincing banks they ought to pay him protection money so they don’t lose money to cyberwar.
From Bloomberg:
Wall Street’s biggest trade group has proposed a government-industry cyber war council to stave off terrorist attacks that could trigger financial panic by temporarily wiping out account balances, according to an internal document …
The document sketches an unusually frank and pessimistic view by the industry of its readiness for attacks wielded by nation-states or terrorist groups that aim to “destroy data and machines.??? It says the concerns are “compounded by the dependence of financial institutions on the electric grid,??? which is also vulnerable to physical and cyber attack.
“The systemic consequences could well be devastating for the economy as the resulting loss of confidence in the security of individual and corporate savings and assets could trigger widespread runs on financial institutions that likely would extend well beyond the directly impacted banks, securities firms and asset managers,??? Sifma [the Wall Street trade group allied with Alexander] wrote in the document, dated June 27.
Computer intrusions also have been a concern of regional and small banks. Camden Fine, president of the Independent Community Bankers of America, said today that an account-draining cyberattack is “a question of when.???
While the image is still muddy, the general idea seems to be put the banks, Keith Alexander and the US government together in a war council for the dealing with anyone with the temerity to attack the interests of the 1 percent in cyberspace.
You don’t think they’re really concerned about your shitty little account, do you?
Permalink
06.25.14
Posted in Culture of Lickspittle, Cyberterrorism at 10:26 am by George Smith
Keith Alexander: “Freedom is not free.” No, advice on the matter costs a million bucks a month for some, maybe.
Briefly retired ex-NSA director Keith Alexander has been busy. “He’s already out pushing hard,” as someone pointed out earlier this week.
And he just pushed hard as the keynote speaker at the Gartner Security and Risk Management Summit, an national security megaplex affair where it is assured that a percentage of the attendees are directors or employers of businesses and agencies writing software for spying and generally making things more untrustworthy on the net.
An excerpt on Alexander’s opinions, from the web:
Without mentioning former Snowden or any specific news organization, Alexander said the revelations about the tools and processes the NSA uses to conduct mass surveillance have had a “devastating??? impact on national security. “It’s devastating not only for our country but for Europe,??? he said, adding he thinks that Islamic militant terrorist organizations seem “to be learning from these leaks??? and evading some detections.
He said the freedom enjoyed in the U.S. arises from the security provided by the military and law enforcement. “Freedom is not free,??? he said to the Gartner audience of security professionals.
Got that? Freedom in the US only comes from the money spent on the national security megaplex.
While it’s quite a twisting of the concept of democracy, which we no long have a function example of, anyway, there is a nugget of truth deep within.
The “freedom” the country enjoys, mostly the freedom to shop and collectively spend more money on national security, is kinda preserved by the beliefs put into action by our Keith Alexanders.
Continuing a regular arguing point, Alexander told the security flock that terrorism is increasing.
“Alexander referenced the growing violence around the world, specifically citing more than 1,700 executions at the hands of the Islamic State Iraq and Syria (ISIS),” reads one report from yesterday.
And who set the stage for that?
General Keith Alexander doesn’t live in the same world that I, or anyone I know, does. And the biggest example of it has been Edward Snowden and Alexander’s continuing speeches on the affair and value of the latter’s security work to everyone’s well-being.
Which will all go to hell if he and his successors are not enabled to be ever more on guard.
“[Alexander said] if attackers launch major denial of service attacks or destroy data held in financial systems, for example, the consequences are severe for all,” reads a report on the Gartner summit.
In usage of the cliche of patriots, “freedom is not free,” Alexander puts himself in the company of, wait for it, Ted Nugent.
Go ahead, click that link.
And do enjoy, one more time, the reprint of another PARIAH, one of my favorites in the bunch. Sha–a-a-a-a-a-a-r-e.
Finally, if someone reading comes along with some experience in the matter, do enlighten me.
Why do people at these things sit and listen to speeches like Keith Alexander’s? What’s the motivation?
Douglas MacArthur he’s not.
Permalink
06.23.14
Posted in Culture of Lickspittle, Cyberterrorism at 1:24 pm by George Smith
Continuing with the issue of retired NSA director Keith Alexander almost immediately going to work as a million dollar security consultant to the 1 percent, a bit from today’s International Business Times:
“He’s already out pushing hard,??? an anonymous industry source told Politico. “He’s cleared. If something does pop, he can get in the door and get a briefing. That’s part of his stock and trade.???
For all of Alexander’s expertise, though, there are still questions over whether his fee ($1 million per month) is simply too much, even for firms that have so much to lose.
Now notorious for building the US cyber-war machine, Alexander also developed offensive operations to weaken security on the global networks while creating a growing market for malware and unreported vulnerabilities. He takes all his taxpayer-paid for expertise and pull as an information/reputation commodity to be sold to Wall Street and the 1 percent.
An expensive commodity, at that.
How does anyone but Keith Alexander’s consulting firms and the 1 percent in US and global banking who may take his services benefit from any of it? They don’t.
But there’s no money or will in doing anything for anyone or anything below that level, anyway. Cynically, if you protect the financial system and its titans you’re protecting only the stuff and people worth protecting.
Alexander was always going to go where a story he has been developing for years, that catastrophic cyberattacks were coming to the US financial sector, to those too big to fail, has fallen on the most willing and able to pay corporate ears.
Continued from the IBT:
Others have been less welcoming to Alexander’s foray into the private sector. To Bea Edwards, the executive and international director of the Government Accountability Project, Alexander seems to be saying that his decades’ worth of knowledge from the world of classified information is available to the highest bidder.
“In the person of Keith Alexander, we’re seeing the de facto merger of corporate financial power and government outreach … “Some subset of corporations is paid to develop the cyber-attack and defense capability of the U.S. government, and another subset pays the graduations of the contracting agencies (the NSA and USCYBERCOM) for an inside route to the technology.
Edwards refers to the synergy in which cyber-defense contractors like the firms that hired Edward Snowden, Booz Allen, or the Lockheed Martins, provided leased workers, at no deal for the taxpayer, to staff Alexander’s cyber-war machine-building operation. And then, in turn, once retired from government work, he leases himself to the top in corporate America.
That’s a helluva retirement.
Permalink
« Previous Page — « Previous entries « Previous Page · Next Page » Next entries » — Next Page »