The Cyberwar Rages 24/7

Corporations’ cyber security under widespread attack, survey finds

Around the world, corporations’ computer networks and control systems are under “repeated cyberattack, often from high-level adversaries like foreign nation-states,” according to a new global survey of information technology executives.

The attacks include run-of-the-mill viruses and other “malware” that routinely strike corporate defenses, but also actions by “high-level” adversaries such as “organized crime, terrorists, or nation states,” a first-time global survey by the Center for Strategic and International Studies (CSIS) in Washington has found. More than half of the 600 IT managers surveyed, who operate critical infrastructure in 14 countries, reported that their systems have been hit by such “high-level” attacks, the survey concludes.

A large majority, 59 percent, said they believed that foreign governments or their affiliates had already been involved in such attacks or in efforts to infiltrate important infrastructure – such as refineries, electric utilities, and banks – in their countries.

Such attacks, the survey said, include sophisticated denial-of-service attacks, in which an attacker tries to so overwhelm a corporate network with requests that the network grinds to a halt.

But they also include efforts to infiltrate a company. Fifty-four percent of the IT executives said their companies’ networks had been targets of stealth attacks in which infiltration was the intent. In two-thirds of those cases, the IT managers surveyed said company operations had been harmed.

The IT managers also believed that these “stealthy” attacks were conducted by “nation states” targeting their proprietary data, says the survey’s main author, CSIS fellow Stewart Baker, in a phone interview. Mr. Baker is a cybersecurity expert formerly with the Department of Homeland Security and National Security Agency.

“It’s all the same kind of stuff – spear-phishing, malware, taking over the network and downloading-whatever-you-want kind of attack,” he says. “Over half of these executives believe they’ve been attacked with the kind of sophistication you’d expect from a nation state.”

The CSIS report describes such attacks as “stealthy infiltration” of a company’s networks by “a high-level adversary” akin to a “GhostNet,” or large spy ring featuring “individualized malware attacks that enabled hackers to infiltrate, control and download large amounts of data from computer networks.” The GhostNet attacks, which Canadian researchers attributed to Chinese state-run agencies, bear similarities to recent attacks on Google and other high-tech companies, Baker says. Google attributed attacks on it to entities in China.

Read the report:
In the Crossfire: Critical Infrastructure in the Age of Cyber War

See also:
In the Crossfire: Critical Infrastructure in the Age of Cyber War
Report: Critical Infrastructures Under Constant Cyberattack Globally
Utilities, Refineries and Banks Are Victims of Cyber Attacks, Report Says
Critical Infrastructure under Siege from Cyber Attacks
Critical Infrastructure Vulnerable To Attack
Critical Infrastructure Security a Mixed Bag, Report Finds
Report shows cyberattacks rampant; execs concerned
Key infrastructure often cyberattack target: survey
Critical infrastructure execs fear China
SCADA system, critical infrastructure security lacking, survey finds

Ironically, the more dependent we become on interconnected network technology, the more vulnerable we become too.

/so keep your fingers crossed and your computers patched against hacking and intrusion, at least you can do your part to avoid being part of the problem

Advertisements

Obama Administration Declares Victory In War On Semantics

Welcome to the world of jabberwocky.

US no longer at war with ‘terrorism’, says top official

The US is no longer engaged in a “war on terrorism”; neither is it fighting “jihadists” nor locked in a “global war” as the Obama
administration’s top homeland security and counterterrorism official has called the terms coined by the Bush administration as unacceptable.

It is now solely a “war with Al Qaeda” and its violent extremist allies, John Brennan, who heads the White House homeland security office, said during a speech on Thursday at the Center for Strategic and International Studies, a Washington think tank.

The Washington Times reported Friday that the “semantic shift” is intended to bring precision to the way the president and his aides talk about the nation’s efforts to defeat Al Qaeda, though Bush administration officials point out that there is no dramatic change in the policies.

According to Brennan, to say the US is fighting “jihadists” is wrong because it is using “a legitimate term, ‘jihad’, meaning to purify oneself or to wage a holy struggle for a moral goal”, which “risks giving these murderers the religious legitimacy they desperately seek but in no way deserve.”

“Worse, it risks reinforcing the idea that the United States is somehow at war with Islam itself,” Brennan was quoted as saying.

He said the administration will not use the phrase ‘war on terrorism’ “because terrorism is but a tactic – a means to an end, which in Al Qaeda’s case is global domination by an Islamic caliphate.”

He also dismissed “global war” as a term that feeds the terror network’s vision of itself as a “a highly organized, global entity capable of replacing sovereign nations with a global caliphate.”

See also:
No More War on Terror, White House Claims
Barack Obama adviser rejects ‘global war on terror’
Obama’s Battle Against Terrorism To Go Beyond Bombs and Bullets
Obama’s counter-terrorism advisor denounces Bush-era policies
The ‘Obama doctrine’ on national security begins to emerge
Political Punch Podcast: White House Counterterrorism Czar John Brennan
Administration Dumps ‘Jihadist’ Term
War By Euphemism

So, let me get this straight, we’re NOT at war with terrorism or jihadis, we ARE “solely at war with Al Qaeda.” Um, then why, exactly, do we have 60,000 troops engaged with the TALIBAN?

You know, I’m sure glad that the pinhead morons in Washington have gotten all their politically correct, semantic terminology bull[expletive deleted] squared away. Whatever the [expletive deleted] they think they’re trying to accomplish, it’d be a damn shame to refer to it incorrectly.

/I’m sure the troops fighting and dying every day in Afghanistan really appreciate the newly clarified nuance in the definition of what they’re doing

Hacking Back At The Chinese And Russians, The White Hat Cavalry

Gates Creates Cyber-Defense Command

Defense Secretary Robert M. Gates issued an order yesterday establishing a command that will defend military networks against computer attacks and develop offensive cyber-weapons, but he also directed that the structure be ready to help safeguard civilian systems.

In a memo to senior military leaders, Gates said he will recommend that President Obama designate that the new command be led by the director of the National Security Agency, the world’s largest electronic intelligence-gathering agency. The current NSA director, Lt. Gen. Keith B. Alexander, is expected to be awarded a fourth star and to lead the cyber-command.

Gates or his deputy had been expected to announce the command in a speech a week ago. Analysts said making the announcement by memo is in keeping with the Pentagon’s effort to tamp down concerns that the Defense Department and the NSA will dominate efforts to protect the nation’s computer networks.

“Is it going to be the dominant player by default because the Department of Homeland Security is weak and this new unit will be strong?” said James A. Lewis, a cybersecurity expert at the Center for Strategic and International Studies. “That’s a legitimate question, and I think DoD will resist having that happen. But there are issues of authorities that haven’t been cleared up. What authorities does DoD have to do things outside the dot-mil space?”

The command will be set up as part of the U.S. Strategic Command, which is responsible for commanding operations in nuclear and computer warfare. Gates directed that the command be launched by this October and be fully operational by October 2010.

In a speech last week, Deputy Defense Secretary William Lynn stressed that the command’s mission would be to defend military networks. However, he said, “it would be inefficient — indeed, irresponsible — to not somehow leverage the unrivaled technical expertise and talent that resides at the National Security Agency” to protect the federal civilian networks, as long as it is done in a way that protects civil liberties.

See also:
Military Command Is Created for Cyber Security
Pentagon approves creation of cyber command
Defense Secretary Orders Cyberspace Command
Gates approves creation of new cyber command
US Creates Military Cyber Command to Defend Computer Networks
Pentagon: New cyber command focuses on military network
US sets up anti-computer-hacking unit
Cyberspace: The New Battlefield
Welcome to the National Security Agency – NSA/CSS
National Security Agency
National Security Agency
U.S. Strategic Command
Strategic Command
United States Strategic Command
Air Force Cyber Command
Air Force Cyber Command (Provisional)
Navy Cyber Defense Operations Command (NCDOC)
Welcome to Fort George G. Meade
Fort George G. Meade
Center for Strategic and International Studies ( CSIS )
Center for Strategic and International Studies

/since you insist on [expletive deleted] with our networks, we’ll [expletive deleted] with yours, and we’re better at it

Missiles For Mullahs

‘Israel would attack Iran with missiles’

If Israel chose to take military action against Iran’s nuclear facilities, it might opt not to send IAF jets on a mission but rather use its arsenal of medium-range ballistic missiles, a report published by the Washington-based Center for Strategic and International Studies (CSIS) said Tuesday.

The Jericho III, Israel’s most advanced version of its custom-designed ballistic missile, is capable of carrying a 1,000-1,300 kilogram conventional payload or a 750kg nuclear warhead over a distance of up to 7,000 kilometers. With a smaller 350kg nuclear warhead, the missle’s range can be extended even further.

According to the [CSIS] report, 42 missiles would be enough to “severely damage or demolish” Iran’s core nuclear sites at Natanz, Esfahan and Arak.

“If the Jericho III is fully developed and its accuracy is quite high then this scenario could look much more feasible than using combat aircraft,” the [CSIS] report said.

See also:
Center for Strategic and International Studies ( CSIS )
Israeli Air Force Website
Jericho III
Jericho 3
Israel Tests a New Propulsion for 4,000 km Jericho III Missile
Jericho 3 Definitely in Service
Nuclear Weapons – Israel
Nuclear Weapons – Israel
Nuclear Weapons – Iran
Iran’s Nuclear Program
Nuclear Weapons Facilities (Iran)

Well, the world’s first hostile ICBM launch in history would certainly be much less sporting than using combat aircraft.

/Israel’s gotta do what she’s gotta do, but I can’t even imagine what the repercussions would be like