Author Topic: Cyberwar, Cyber Crime, and American Freedom  (Read 276207 times)

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72081
    • View Profile
Stratfor on the Wang Dong 5
« Reply #300 on: May 21, 2014, 08:26:27 PM »

Summary

Washington's decision to indict officers of China's People's Liberation Army over alleged state-sponsored industrial espionage marks an important change in Washington's relations with Beijing. The move highlights growing concerns over intellectual property rights and industrial spying, but it also shows the intensified attention being paid to the challenges that state-to-state competition in the cyber domain creates.

Indictments have real consequences. Washington did not place largely unenforceable sanctions on individuals or bring a lawsuit to an international body that would take years to resolve, and those indicted risk extradition if they travel to a country with extradition treaties with the United States. A step such as this is not frequently taken in minor diplomatic spats, particularly between such important countries.
Analysis

Washington has specifically accused the indicted officers of industrial espionage. The move follows warnings made by U.S. President Barack Obama during his State of the Union address regarding state-backed cyber-espionage and intellectual property theft. However, it speaks to a much deeper issue: the management of international relations in cyberspace, from espionage to sabotage to warfare. The discussion inside China already equates actions in cyberspace as potential weapons of mass destruction, on par with nuclear, biological and chemical weapons. There are concerns that hostile actors could use cyberspace to sabotage power grids; trigger industrial equipment to operate outside of its parameters and break down, perhaps catastrophically; or even trigger explosions or a meltdown at conventional and nuclear power plants.

In standard military action and in more traditional forms of espionage, there are commonly shared rules -- but no such standards govern cyber-espionage. Furthermore, it is difficult to distinguish between lone actors carrying out some form of protest or defacement, those engaged in commercial industrial espionage or state-led espionage and cyber activities that are directed toward a more concrete and sinister end, such as sabotage or the destruction of critical infrastructure. Cyberspace is not just a domain where information can be stolen -- it is a place where sabotage and disruption could be geared toward a strategic end.

This is a concern in the United States and in other countries, including China. Determining the perpetrator's identity and intent is next to impossible, and the initial actions of thrill-seeking hackers and strategic saboteurs are similar or even identical. This leaves little time to determine the most effective counter and how far to take it. In some ways, this is not entirely unique to the cyber domain -- debate persists over whether cyberspace really is its own domain as air, sea, land and space are. States often act through proxies to instigate or facilitate spying, infiltration, disruption and destruction. But the cyber domain has several unique characteristics, including the ability to work from a distance, to deploy large numbers of individuals on discreet missions, and the ability (at least in theory) to spy, destabilize and disable without physical risk to the operatives.

By offering the ability to operate from a distance, the cyber domain allows for a much greater use of human resources against a target that would not be vulnerable to traditional espionage techniques. Regimes and individuals have also always sought plausible deniability -- the ability to dissociate oneself from a hostile action -- and the cyber domain allows a deeper level of anonymity. This has altered the balance between risk and reward. In traditional espionage, the risk is always high, so the reward needs to be high as well. Cyber-espionage is low risk, so operatives can seek lower-level rewards, increasing the frequency of action and making the target set too broad to effectively defend. If states can increase the potential cost of action, the target set should shrink, thus enabling states to concentrate their resources to defend their most critical assets.
An Attempt to Set the Rules

By prosecuting a case that targets specific Chinese officials, the United States is trying to break the element of plausible deniability and increase the amount of risk involved in cyber-espionage. Washington is also removing the veil that covers government involvement in cyber-espionage, disruptions and sabotage. The Chinese have reacted sharply, declaring a cessation of talks with the United States on the management of cyberspace issues. And the United States clearly knew such a reaction was not just possible but likely. Yet Washington not only made the indictment but also warned that numerous others would follow.

In part this is about U.S. competitiveness, as statements attached to the indictments assert. But it may also be a way to force China into a more serious discussion of the rules of the cyber domain, or at least to lay out the rules the United States wants to impose. Until now, China has deflected criticism by claiming that since the United States has a Cyber Command and the Chinese do not, Washington is alone in owning state-sponsored cyberwarfare capabilities. Now that accusations and leaks from investigations are being backed up with prosecutorial evidence, that defense, from Washington's point of view, is tossed aside.

Beijing will probably issue a strong response. The Chinese government is likely to arrest or deport individuals it has identified as involved in espionage in China, or even those in the business sphere that fall within China's ambiguous regulations on corporate espionage. Beijing will probably also appeal to global public opinion by repeating information revealed in the Snowden leaks, distracting from the issue by shifting attention to U.S. cyber activities. But for the United States, this is more than just an attempt to briefly influence Chinese behavior. It is part of a broader reassessment of the strategic issues surrounding the question of cyber activities and of the general rules of conduct in the offense-defense balance, and it is an effort to find ways to avoid significant strategic miscalculations.

Read more: Washington Shows It Is Serious About Cyber-Espionage | Stratfor
Follow us: @stratfor on Twitter | Stratfor on Facebook

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72081
    • View Profile
WSJ: US to rev up hacking fight
« Reply #301 on: May 24, 2014, 07:08:52 AM »
I must say I am intrigued , , ,

==============================

The U.S. plans to "keep up the pressure" on China as it gauges that nation's response to this week's indictment of five Chinese military officials for allegedly hacking into American corporate computers, a senior administration official said Friday.   If China doesn't begin to acknowledge and curb its corporate cyberespionage, the U.S. plans to start selecting from a range of retaliatory options, other officials said. They include releasing additional evidence about how the hackers allegedly conducted their operations, and imposing visa, business and financial restrictions on those indicted or people or organizations associated with them.  Beyond that, some officials are advocating more stealthy moves. These could include the government working with a U.S. company that has been breached to feed hackers bad data, said one person familiar with the discussions.

U.S. Attorney General Eric Holder announced the charges Monday, alleging the five men hacked into five U.S. companies, including Alcoa Inc. AA +2.19% and U.S. Steel Corp. X +0.96% , as well as the United Steelworkers union, to take sensitive information. U.S. officials said they expected the Chinese would strike back.


But so far, China's response has been fairly restrained: denying the accusations, canceling the nation's participation in cybersecurity talks and signaling that U.S. technology companies may face greater scrutiny in trying to do business in China.  A senior administration official said the Chinese response is as expected, and the U.S. will tie any retaliation to Beijing's longer-term reaction.

"It has to be calibrated some to what the Chinese government chooses to do," the senior administration official said. "This is a long-term process."

U.S. officials expect it will take a few more weeks to discern the true Chinese response.

"If the Chinese don't re-engage, they [U.S. officials] have more things in their bag of tricks," said James Lewis, a cybersecurity specialist at the Center for Strategic and International Studies who frequently consults with the Obama administration.

Chinese officials in Washington didn't immediately respond to a request for comment.

The indictment in federal court in Pittsburgh is part of a much broader strategy to counter a growing cyber assault against the U.S. government and companies, which intelligence officials have said tops their list of national security threats.  The indictment seems to be in direct response to a challenge Chinese officials issued more than a year ago, when U.S. officials launched a public shaming campaign to try to press China to stop hacking U.S. companies. Chinese officials called on the Americans to put forward the kind of evidence that would hold up in court.

Monday's indictment, in effect, is aimed at providing a foundation on which the U.S. government could build an array of punishments. It sets out evidence in detail—naming alleged actors and affected U.S. companies and organizations—that could be used to support additional penalties.

"Criminal charges can justify economic sanctions from our colleagues in the Treasury Department, sanctions that prevent criminals from engaging in financial transactions with U.S. entities and deny access to the U.S. financial system,'' said John Carlin, the head of the Justice Department's national security division, in a speech Wednesday at the Brookings Institution think tank. "They can facilitate diplomacy by the State Department."

On the prosecutorial side, follow-on steps may include releasing more evidence about the hacking cases, or filing new charges in other hacking cases in which investigators have collected a critical mass of evidence, officials say.  Officials were mum on the nature of the additional evidence. But a person familiar with U.S. probes into Chinese hacking said investigators often collect video evidence of hackers.

"Some of these actors are not real good about turning off the Skype camera on their machines while they are working," this person said.

A more controversial response advocated by some Federal Bureau of Investigation officials is to work with companies under cyber siege to feed bad information to hackers, said a person familiar with the discussions. The goal would be to cast doubt on the quality of the data being stolen, and in addition raise questions about information taken from other companies.

If executed as a counter-spying campaign, advocates of the approach say it would force Chinese officials to spend much time trying to separate bad information from good and lead them to centralize their diffuse operations, which could slow the pace of their cyberspying.

The idea is "getting a lot of traction, both on the commercial and government sides," said the person familiar with the discussions. "The dilemma has always been finding companies willing to cooperate."

Another option government officials are considering is putting individuals or organizations linked to hacking, such as Chinese universities or government contractors, on Department of Commerce lists of "parties of concern." People or entities on the lists are essentially red-flagged by the U.S. government and can't trade with Americans or conduct financial transactions in the U.S. The move also could bar faculty or graduate students at listed universities from fellowships or conferences in the U.S.

In the past, it has been difficult to use the lists in hacking cases, because evidence pointing to specific responsible entities was limited. Monday's cases now provide that kind of evidence.  Government officials are also weighing actions at the Treasury Department, such freezing assets or imposing individual sanctions, according to two people familiar with the discussions.  Those penalties could take a form similar to those levied against Russian business people in the wake of Russia's annexation of Crimea.

Officials in addition are assessing whether and how they might impose visa restrictions to prevent Chinese hackers from attending popular hacker conferences in the U.S., such as the annual Defcon conference in Las Vegas.  Another option under consideration is whether to take action at the World Trade Organization.  Monday's indictment focuses on trade-secret theft, and some U.S. officials believe they can make the case that Chinese hacking represents intellectual-property theft in violation of the WTO's trade-related aspects of intellectual-property rights.

U.S. officials also are looking to allies to both endorse the U.S. cases outlined Monday and take action of their own. Investigations "can lead other governments to take action, even when the United States doesn't end up doing so," Mr. Carlin noted.

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72081
    • View Profile


G M

  • Power User
  • ***
  • Posts: 26643
    • View Profile

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72081
    • View Profile
Spambots
« Reply #305 on: August 11, 2014, 11:35:16 PM »


Open Question: How would you repurpose a Spam Bot for info warfare?
Posted: 11 Aug 2014 11:06 AM PDT
My last post on spam bots openned up an interesting question:  how would you repurpose them for info warfare?
Spam bots can interact with us via:
   e-mail,
   phonecalls, and
   text messages.
Add your ideas to the discussion below. 
 

The IRS Bot Scam from Pakistan
Posted: 11 Aug 2014 07:32 AM PDT
I just got a call from the IRS bot today.  It threatened me in a computerized voice with an audit and prompted me to call it back to take with an agent. 
Of course, the call I got wasn't the IRS.  The IRS doesn't initiate an audit that way (it mails you). 
It was from scam bot from Pakistan.
In this case, the bot used an Internet connection to the US to dial my number.  That provided it with the number of 1-202-241-0331 which resolved to an official looking caller ID for the "District of Columbia".
If you haven't noticed already, most of the calls we get on our phones now are spam.   Why?
   Mismanaged phone companies.  The idiots running the phone companies look the other way when it comes to phone scams because of the $ they pump into the system.  Apparently, being a regulated monopoly wasn't enough.
   Backward technology.  The phone companies don't use Baysean spam filters and customer ratings/feedback to weed out phone scammers like g-mail etc. do.  This specific scam has been using this number for weeks without any action being taken to block it.
   A broken law enforcement/national security system.  Our security system now treats us as the criminals which is why IRS scams are a multi-billion dollar business every year.  Worse, it completely ignores a constant onslaught of frauds and scams that damage us, from Wall Street's multi-trillion dollar "too big to prosecute" frauds to daily telephone/e-mail bot hacks like this one.
Why is this important?
What's interesting to me is how easily this type of bot attack can be adopted by global guerrillas for large scale and very effective attacks on the US. 
I'll have more detail on this in my upcoming e-booklet: iWar. 
Hopefully, I'll get it up on Amazon/etc. this week.
 
 
 


G M

  • Power User
  • ***
  • Posts: 26643
    • View Profile

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72081
    • View Profile
Re: Cyberwar and American Freedom
« Reply #307 on: August 26, 2014, 09:29:18 AM »
 :-o :-o :-o :-o :-o :-o :-o :-o :-o

G M

  • Power User
  • ***
  • Posts: 26643
    • View Profile

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72081
    • View Profile
Re: Cyberwar and American Freedom
« Reply #309 on: September 03, 2014, 05:51:29 AM »
 :-o :-o :-o  What is our take on the implications there?
« Last Edit: September 03, 2014, 05:54:46 AM by Crafty_Dog »

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72081
    • View Profile
WSJ: A New Threat Grows Amid Shades of 911
« Reply #310 on: September 11, 2014, 11:58:01 AM »
A New Threat Grows Amid Shades of 9/11
The nation remains largely unaware of the potential for disaster from cyberattacks.
By Tom Kean and Lee Hamilton
Sept. 10, 2014 7:03 p.m. ET

Ten years ago, the 9/11 Commission Report triggered the most significant reorganization of the U.S. intelligence community since 1947. Two months ago, the former members of the commission—we are among them—issued a new report assessing where national security stands, 13 years after the most devastating attacks on America's homeland.

Most of the new report's observations focused on counterterrorism, the central focus of the 9/11 Commission. But in speaking with many of the nation's most senior national-security leaders, we were struck that every one of these experts expressed concern about another issue: daily cyberattacks against the country's most sensitive public and private computer networks.

A growing chorus of national-security experts describes the cyber realm as the battlefield of the future. American life is becoming evermore dependent on the Internet. At the same time, government and private computer networks in the U.S. are under relentless cyberattack. This is more than an academic concern—attacks in the digital world can inflict serious damage in the physical world. Hackers can threaten the control systems of critical facilities like dams, water-treatment plants and the power grid. A hacker able to remotely control a dam, pumping station or oil pipeline could unleash large-scale devastation. As terrorist organizations such as the Islamic State grow and become more sophisticated, the threat of cyberattack increases as well.
Enlarge Image

Getty Images

On a smaller scale, but equally unsettling, ordinary building systems like electronic door locks, elevators and video-surveillance cameras (today, present in many homes) are also vulnerable to penetration by hackers. Even life-sustaining medical devices, many of which contain embedded computer systems connected to the Internet, could be disabled by cyberattacks.

Others steal Americans' sensitive personal information and sell it to organized crime rings. The theft of credit- and debit-card numbers from tens of millions of Target customers last year is the most prominent example, but this happens every day. Home Depot HD -0.25% confirmed on Monday that it had been hit by a massive data breach.

Meanwhile, state-sponsored cyber intruders have stolen the plans to top-secret U.S. weapons systems, reducing America's technological advantage and putting military personnel and the homeland at risk. For example, Chinese hackers have used cyber infiltration to gain access to plans for the F-35 Joint Strike Fighter, the Global Hawk surveillance drone and other advanced systems. State-sponsored hackers have also made off with reams of American companies' intellectual property—business secrets worth hundreds of billions of dollars. Keith Alexander, the former National Security Agency director and retired Air Forcegeneral, has described the continued ransacking of American companies as "the greatest transfer of wealth in history."

We are at war in the digital world. And yet, because this war lacks attention-grabbing explosions and body bags, the American people remain largely unaware of the danger. That needs to change. Only public attention can create the political momentum for needed reform.

There are a number of cyber-related legislative initiatives pending in Congress. One of the most promising is legislation in the House and Senate that would encourage companies to share information about cyberattacks with the government, so that national-security agencies can analyze the attacks and respond to them. The former 9/11 commissioners' recent report endorsed such legislation, and it is an important first step. Given the dimension of the problem, however, a larger-scale effort is needed to elevate public awareness and get out in front of this rapidly changing threat. Simply put, the country needs a national cyber strategy, covering all aspects of the problem. This could be accomplished by taking two essential steps.

First, Congress should pass legislation creating a National Cyber Commission. The commission should be empowered to evaluate the cyber threat to the U.S., both to the government and private entities. It should also assess the capabilities that national-security agencies and the private sector possess today, and measure those capabilities against what will be needed as the threat grows. The commission should conduct its work as transparently as possible and should deliver unclassified findings and recommendations to Congress and the American people. The commission should be nonpartisan and should include experts in technology, law and national security.

Second, Congress should create a National Cyber Center, which would bring together government and private experts to ensure unity of effort on this crosscutting problem. The National Counterterrorism Center, created 10 years ago in response to a 9/11 Commission recommendation, is working well. At the NCTC, counterterrorism experts from federal, state and local law-enforcement agencies sit side-by-side, share terrorism-threat information and coordinate responses. There is no counterpart to this proven model for information-sharing in the cyber realm—a major gap in America's cyber defenses.

In recent months, we have heard time and again from leading experts that the cyber threat is serious—and that the government is not doing enough. One lesson of the 9/11 story is that, as a nation, we didn't awaken to the gravity of the terrorist threat until it was too late. We must not repeat that mistake in the cyber realm.

Messrs. Kean and Hamilton served as chairman and vice chairman of the 9/11 Commission, respectively. They are co-chairmen of the Bipartisan Policy Center's Homeland Security Project.

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72081
    • View Profile
Just revealed Yahoo faced big US fines over user data demands from NSA in 2008
« Reply #311 on: September 12, 2014, 01:19:34 AM »
Yahoo Faced Big U.S. Fines Over User Data
Government Wanted to Charge Internet Firm $250,000 a Day Fine If It Didn't Comply With NSA Request
By Danny Yadron
WSJ
Updated Sept. 11, 2014 8:52 p.m. ET

The government wanted to charge Yahoo $250,000 a day if it didn't comply. Getty Images

A secret legal battle between the U.S. government and Yahoo Inc. YHOO +0.29% over requests for customer data became so acrimonious in 2008 that the government wanted to charge the Internet company $250,000 a day if it didn't comply.

Yahoo made the threat public Thursday after a special federal court unsealed 1,500 pages of legal documents from a once-classified court battle over the scope of National Security Agency surveillance programs. The documents shed new light on tensions between American technology companies and the intelligence community long before former NSA contractor Edward Snowden began leaking in 2013.

The requests, and the long battles that can follow at the Foreign Intelligence Surveillance Court, traditionally are secret. Until last summer, Yahoo wasn't allowed to say that it had challenged government surveillance efforts—even without adding any other details. Google Inc. GOOGL -0.39% and Microsoft Corp. MSFT +0.34% have also challenged government records requests in court.

"The issues at stake in this litigation are the most serious issues that this nation faces today—to what extent must the privacy rights guaranteed by the United States Constitution yield to protect our national security," Marc Zwillinger, an outside counsel for Yahoo wrote in a legal brief in May 2008.

Court documents don't reveal exactly what the government wanted from Yahoo. In one brief, Yahoo states the main issue of the case is whether the Constitution protects the communications of U.S. citizens or legal residents believed to be outside the U.S.

Even after the documents were unsealed, portions were redacted, including the number of requests the government made of Yahoo.

The bulk collection of Internet records from U.S. companies can lead to the collection of data on people in the U.S.

In its legal response, the Justice Department said the government "employs extensive procedures to ensure that the surveillance is appropriately targeted."

Beginning in November 2007, the government began requesting "warrantless surveillance" of certain Yahoo customers, according to court records. Yahoo objected and asked the surveillance court to block the government request. A judge refused, and threatened Yahoo with a fine. The Justice Department had asked for at least $250,000 a day, though the judge was less specific. Yahoo complied with the order in May 2008.

"We refused to comply with what we viewed as unconstitutional and overbroad surveillance and challenged the U.S. Government's authority," Ron Bell, Yahoo's general counsel, said in a written statement. "Our challenge, and a later appeal in the case, did not succeed."

The dispute revolved around the Protect America Act, a 2007 law that allowed the government to eavesdrop, without a warrant, on people believed to be connected to terrorist groups. The law expired in 2008, but was replaced by other laws that grant the government essentially the same powers.

In a joint blog post, the Justice Department and the Office of the Director of National intelligence said the court found that the government "has sufficient procedures in place to ensure that the Fourth Amendment rights of targeted U.S. persons are adequately protected" and that the requests were "reasonable."

The disclosure comes as some intelligence officials are pushing to declassify more of the legal reasoning for controversial surveillance programs. That doesn't mean the government has backed down in the use of such programs.

From January to June 2013, the most recent period for which Yahoo has released the data, the company previously said it fielded between zero and 999 foreign intelligence requests for user content covering between 30,000 and 30,999 accounts. It is unclear how many of those requests Yahoo fulfilled.

Yahoo and other tech firms have pushed to make public more information about government requests for user data.

Privacy advocates have long engaged in similar legal debates with the government. Until Mr. Snowden's leaks revealed details of government surveillance efforts, those debates were largely theoretical.

As Reggie Walton, an FISC judge, noted after his threat of a fine to Yahoo in 2008, "This order is sealed and shall not be disclosed by either party."

—Douglas MacMillan contributed to this article.


Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72081
    • View Profile
Re: Cyberwar and American Freedom
« Reply #313 on: September 17, 2014, 03:29:03 PM »
 :-o :-o :-o :x :x :x

May I ask you to post this on the Privacy thread as well?  TIA.


Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72081
    • View Profile
Russian cyber attacks?
« Reply #315 on: October 08, 2014, 12:17:14 PM »

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72081
    • View Profile
Red line crossed so Obama asks Red China for help with Nork hacking
« Reply #316 on: December 20, 2014, 01:11:28 PM »
U.S. Asks China to Help Rein In Hackers From North Korea
The Obama administration has sought China’s help in recent days in blocking North Korea’s ability to launch cyberattacks, the first steps toward the “proportional response” President Obama vowed to make the North pay for the assault on Sony Pictures — and as part of a campaign to issue a broader warning against future hacking, according to senior administration officials.
“What we are looking for is a blocking action, something that would cripple their efforts to carry out attacks,” one official said.
So far, the Chinese have not responded. Their cooperation would be critical, since virtually all of North Korea’s telecommunications run through Chinese-operated networks.
It is unclear that China would choose to help, given tensions over computer security between Washington and Beijing since the Justice Department in May indicted five hackers working for the Chinese military on charges of stealing sensitive information from American companies.
READ MORE »
http://www.nytimes.com/2014/12/21/world/asia/us-asks-china-to-help-rein-in-korean-hackers.html?emc=edit_na_20141220



G M

  • Power User
  • ***
  • Posts: 26643
    • View Profile
Re: Red line crossed so Obama asks Red China for help with Nork hacking
« Reply #317 on: December 20, 2014, 01:34:34 PM »
Pathetic.


U.S. Asks China to Help Rein In Hackers From North Korea
The Obama administration has sought China’s help in recent days in blocking North Korea’s ability to launch cyberattacks, the first steps toward the “proportional response” President Obama vowed to make the North pay for the assault on Sony Pictures — and as part of a campaign to issue a broader warning against future hacking, according to senior administration officials.
“What we are looking for is a blocking action, something that would cripple their efforts to carry out attacks,” one official said.
So far, the Chinese have not responded. Their cooperation would be critical, since virtually all of North Korea’s telecommunications run through Chinese-operated networks.
It is unclear that China would choose to help, given tensions over computer security between Washington and Beijing since the Justice Department in May indicted five hackers working for the Chinese military on charges of stealing sensitive information from American companies.
READ MORE »
http://www.nytimes.com/2014/12/21/world/asia/us-asks-china-to-help-rein-in-korean-hackers.html?emc=edit_na_20141220




Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72081
    • View Profile
Re: Cyberwar and American Freedom
« Reply #318 on: December 20, 2014, 04:29:15 PM »
The Chinese fly the stealth plane with the tech they stole from us while either Obama or Hegel was in town-- bitch slap!  And now we ask them for help with the norks?

Look out!  They've crossed the red line and now temblingly await our proportional response , , ,

 :cry: :cry: :cry:

G M

  • Power User
  • ***
  • Posts: 26643
    • View Profile
Re: Cyberwar and American Freedom
« Reply #319 on: December 21, 2014, 07:47:45 AM »
When the Chinese are openly mocking your impotence, you know you are fcuked.

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72081
    • View Profile
WSJ: Cyberdefense is a government responsibility
« Reply #320 on: January 06, 2015, 09:27:00 AM »
Cyberdefense Is a Government Responsibility
The Navy fought Barbary pirates to protect U.S. commerce. Digital pirates have much less to fear.
By
Alan Charles Raul
Jan. 5, 2015 7:09 p.m. ET


In 1794 when the commerce of the United States was threatened by “the depradations” of the Barbary pirates, Congress created a Navy. And it sent the Marines to fight our country’s battles on “the Shores of Tripoli.” Today U.S. commerce is threatened by digital Barbary pirates.

The most sophisticated companies with every incentive to protect their crown jewels—intellectual property, confidential business information or customer records—are being ransacked and held hostage by cyberterrorists, state-sponsored hackers and highly effective organized cybercriminals. No corporation today is immune or can realistically believe itself adequately protected.

The government’s response, hobbled by a misguided view as to who is responsible for protecting U.S. commercial interests and how, is not up to 1794 standards. Regulatory agencies including the Federal Trade Commission, the Securities and Exchange Commission and state attorneys general think that investigating the corporate victims of cyberattacks for putative violations of consumer and investor protection laws is the best way to shore up the economy’s cyberdefenses. There is little evidence this approach is effective.

While every enterprise can do better, the big banks, big retailers and big media companies whose hacks make the front pages are not being penetrated because they’ve skimped on security out of sloth, stupidity or greed. There is very little these companies could reasonably have done to detect or prevent some of these attacks, as the FBI and the Secret Service have acknowledged. Any more so, in fact, than the White House, Air Force, Postal Service, Commerce and State Departments, FTC, or countless other federal hacking victims, could guarantee their own cybersecurity.

The current blame-the-corporate-victim mentality relieves the government of any responsibility. Instead, Congress and the executive branch must recognize that the battle for cyberspace must be waged by latter day cyber Marines, and cyberdiplomats who can more effectively defend U.S. commerce.

Currently the federal government has a network-inspection tool, called EINSTEIN, to protect certain federal communications. If EINSTEIN is in fact working, the government should make it available more broadly. New technologies also need to be developed and deployed, and the government should make the investments in the necessary research as well as in so-called “active” defense and intelligence measures designed to protect private networks before they are successfully compromised. This means aggressively tracking, tracing, deceiving, disrupting and punishing the cyber bad guys and their state-sponsors or protectors.

Any such aggressive program will provoke legitimate privacy concerns about government surveillance, just as airport screening, NSA programs and other antiterrorism measures have done. To address this, Congress should expand the mandate of the Privacy and Civil Liberties Oversight Board, a federal agency, to cover cybermeasures in addition to the board’s current focus on government activities to combat terrorism.

The president should also designate a senior policy official to manage the relevant privacy concerns and ensure that the government’s new cyberdefense force focuses strictly on the technical side of the computer networks, and not on the private contents of any communications. This will entail difficult judgment calls and intense oversight. But ferreting out and destroying malicious computer code is not inherently privacy invasive, whereas malware that exfiltrates our personal-account information and private emails certainly is.

To take on this responsibility, Congress and the president need to do more than merely offer “real time” “information sharing” that fosters “public-private partnerships.” These half measures have been the focus of recent cybersecurity legislation and administration policy, but they are not nearly sufficient. “Tougher” regulatory standards for the private sector are also not the answer.

President Obama has said that cyberattacks are “one of the most serious challenges we face as a nation,” and “America’s economic prosperity in the 21st century will depend on cybersecurity.” Thus Congress and the president must immediately order the Department of Homeland Security, FBI and Secret Service—and the State Department—to protect American commerce from attacks, as the Navy and Marines protected U.S. maritime trade off the coast of Tripoli 200 years ago. And the public needs to hold our national leaders accountable to fight and win this battle.

Mr. Raul is a partner in the law firm Sidley Austin LLP. He previously served as vice chairman of the Privacy and Civil Liberties Oversight Board, a federal agency established by Congress after 9/11.

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72081
    • View Profile

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72081
    • View Profile
Future Crimes
« Reply #322 on: January 15, 2015, 09:57:32 AM »
« Last Edit: January 15, 2015, 09:59:03 AM by Crafty_Dog »

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72081
    • View Profile

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72081
    • View Profile
Re: Cyberwar, Cyber Crime, and American Freedom
« Reply #324 on: January 26, 2015, 09:05:55 AM »
JOURNAL: Attack leaves 140 million people w/o power in Pakistan.
Posted: 25 Jan 2015 01:32 PM PST
 
Militants toppled two transmission pylons causes a cascade of failure that plunged most of Pakistan (140 out 190 m people) into a blackout.  Here's some insight into this:
   Apparently, the attackers found a systempunkt.  A systempunkt is the node in any network (physical or social) where it is the most vulnerable.  An attack on a systempunkt can generate cascades of failure that take down the entire network. Its possible, although unlikely, the attackers knew this was the network's systempunkt when they destroyed it.
   The success of this attack was largely due to the strain on Pakistan's grid.  Pakistan's demand for electricity stands an estimate 14,000 MW, but it only produces 7,000 MW due to gross mismanagement, high debt, theft, fuel shortages, regulatory failure, etc.  You name it.  This shortfall has led to load shedding of up to ~15 hours a day already.  As we know, when a complex network is operating at or near its capacity, it is many times more vulnerable to collapse and thereby much easier to attack. 
   This attack will prompt more attacks on the grid as other groups attempt to replicate the success it had. The reason is that militant groups in Pakistan (and across the world) use open source development to improve themselves.  When an attack this simple and inexpensive yields outsized results, other groups will copy it in an attempt to do the same. 
Attacks like these can be very damaging.  How so?  People don't blame the attackers for blackouts.  They blame the government.  In fact, the inability of a government to deliver the basics of energy and fuel is more damaging to its legitimacy than problems with security (it routinely led the list of reasons Iraqis were angry at the government).
JR
PS:  It's easy to find systempunkts like this in the KSA as well as the USA.

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72081
    • View Profile
Global Guerilla: Systempunkt
« Reply #325 on: February 01, 2015, 11:53:40 PM »
A US Phone Systempunkt
Posted: 01 Feb 2015 12:28 PM PST
Here's an interesting US systempunkt -- a systempunkt is the point in a big network where even a small attack would cause the entire network to fail. This systempunkt would enable a prepared individual the unique ability to shut down a large part of the US without shedding a drop of blood. For example, this attack has the ability to:
   Put any company into a complete panic in less than an hour.
   Generates hundreds of false arrests and armed police searches -- all done with a high risk of fatal injury.
   It even has the ability (with some careful planning) to shut down all US schools (k-12 and colleges), hundreds of airline flights, and many government offices for a couple of days.
Auto-dialing Panic
How is an attack like this possible?   It's possible due to a flaw in the US communications system (due to corporate corruption), new tech (not really new, but cheaper and more ubiquitous), and an overly sensitized population.  These combine to make it possible for anyone to send threats and other misleading messages to thousands of specific people and organizations in a very short period of time, and in a way that minimizes capture.  Here's more detail:
1.   Robocalls with voice threats/misinformation.  The attacker uses phone based marketing software to auto-dial hundreds of target numbers to deliver threatening and misleading audio messages (bomb threat, impending attack, shots fired, armed intruder seen).  NOTE: This software is highly configurable so specific voice messages (human voice) can be delivered to specific numbers.  Also, since it costs almost nothing to make these calls (rates and software cost) and this software can deliver messages (hundreds per phone per hour), it's possible to tackle targets of nearly any scale.
2.   Economic Corruption (amoral companies).  Fortunately for the attacker, there's no system in place to stop this from happening.  The phone system is completely open to short term manipulation. NOTE:  We see this every day.  Most US households (particularly elderly households) get slammed with a half dozen robocalls (many of them are dangerous scams from abroad that attempt to defraud them of every penny they have) every single day.  Despite the damage this does, the US phone monopolies won't do anything about it.  Worse, the system is so badly managed, it's even possible for robocalling software to manipulate the "caller ID."  This makes it possible for attackers to spoof targets with fake "Police Department" to "local" caller IDs.
3.   Extreme reactions.  Based on a phone threat alone, nearly all US schools and all government offices will evacuate and send home their personnel.  Further, the ability to configure threats to specific locations and attach fake caller IDs provides the ability amplify and extend the duration of these evacuations and armed responses.
What does this mean?
Warfare is in transition.  New tech and new threats are emerging every day.  In many cases, simply doing the right thing (in this case, protecting US households from phone scams/spam), can blunt the effectiveness of the attack.  In others, it takes an understanding of where modern warfare is going (not where it has been) in order to anticipate these threats and tweak the system in ways that blunts their potential for damage. 
Unfortunately, I don't see this happening.  The governmental and economic system we have isn't that good at doing the right thing.  Worse, the security system we pay so much for, is only good at stopping the repetition of the types of attack that have already happened, not the attack that will happen.  Why?  Our national security system is simply unwilling to study warfare seriously. 
 
PS:  Robocalling software is very easy to acquire and run now.  There are even smartphone apps that can do this on stolen phones.

G M

  • Power User
  • ***
  • Posts: 26643
    • View Profile
Re: Cyberwar, Cyber Crime, and American Freedom
« Reply #326 on: February 02, 2015, 09:26:55 AM »
I'm not seeing this as a serious threat. A minor disruption at most.

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72081
    • View Profile

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72081
    • View Profile

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72081
    • View Profile

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72081
    • View Profile
Hillary likely got hacked by Russians, Chinese, et al
« Reply #330 on: April 08, 2015, 09:04:43 AM »
Investor’s Business Daily published a long article on Tuesday night, collecting the opinions of current and former intelligence officials about the national security threat posed by Hillary Clinton’s private email server.

It feels like a floodgate bursting open.  These experts are absolutely beside themselves over Clinton’s irresponsible conduct as Secretary of State.  Former NSA officer John Schindler called it “a counterintelligence disaster of truly epic proportions.”

“She may have deleted 30,000 emails before turning her files over to the State Department,” observed former U.S. National Counterintelligence Executive Michelle Van Cleave, “but that doesn’t mean that the Russians and the Chinese don’t have them.”

Ever since Clinton began destroying subpoenaed evidence and refusing to hand her server over for analysis, it’s been a running joke among Internet wags that if Congress wants to see her email, they should ask the Russians and Chinese for copies.

But that’s not really a joke.  The intelligence community has to assume, based on the weak security of Clinton’s secret server — slipshod even by private corporate standards — that every piece of sensitive information she ever handled has been compromised.  Her server was called “clintonemail.com” — it was easy to find.  Her email was completely unencrypted for three months after she became Secretary of State.

“It’s a disaster for U.S. policy.  It’s a huge boon for the former KGB and the Iranians,” said a veteran intelligence officer who spoke to IBD anonymously.  The officer found Clinton’s claims that she never handled classified information through her private server laughable — “how the hell could she do her job without it?”

Also, as Schindler pointed out to IBD, we have to assume there was “bleed-over” into her private email as well, since we’ve discovered instances of Clinton mistakenly replying to official messages as if they were personal correspondence.

The IBD piece was most likely put together before news broke about Russian hackers penetrating White House systems; one suspects these intelligence experts are even more apprehensive about the risks Clinton took in light of those developments.  There is some discussion in the Investors’ Business Daily piece about how foreign spies might have used Clinton’s vulnerable server as a launching pad for attacks on other government systems.  The sort of “spear phishing” attack used to get into the White House system would be especially potent if malware-laced emails were ostensibly coming from the Secretary of State.

“It would be possible for a hostile service to use the server as a platform to deliver other malware to other targets of their choosing, based on their knowledge of whom the former secretary and president were communicating with,” said Paul Joyal, the former director of security for the Senate Select Committee on Intelligence.

A senior former Defense Department official seconded that notion: “If they’re getting into her server, they’re not just extracting stuff.  They’re going to do things that could be planted from other sources.”

Most of these experts called for the sort of extensive independent analysis of her server that Clinton has adamantly refused to allow — in fact, she’s still tampering with the machine, as it became known last week that she deleted everything she didn’t decide to turn over to the State Department.  Given her manipulation of the data, it might already be impossible to learn everything counterintelligence experts need to assess the possible penetration of the system.  (You can bet she did a lot more to destroy the emails she doesn’t want security experts, Congress, or the American people to see than merely click the “Delete” buttons in her email program.)

“Why Clinton hasn’t offered to turn over the server to the FBI, or why the FBI has not seized it to assess the damage to national security, is unclear,” IBD writes.

Is it?  There are a lot of questions swirling around this debacle, including the extent to which Hillary Clinton jeopardized national security, but her motivation really isn’t one of them.  There’s nothing mysterious or unprecedented about the Obama Administration’s belief that Democrat royalty is above the law, either.  Did anyone seriously expect agents of this politicized Justice Department to raid Hillary’s mansion in Chappaqua and seize that computer?

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72081
    • View Profile
Hillary likely hacked by Russian, Chinese, et al 2.0
« Reply #331 on: April 08, 2015, 10:20:54 AM »
A more complete version

http://news.investors.com/politics/040715-746883-hillary-clinton-email-server-vulnerable-to-china-russia-iran.htm?p=full

Hillary Clinton's private email server was a spy magnet for the Russian, Chinese, Iranian and other intelligence services, say current and former intelligence officials.
As secretary of state, Clinton routed all her government-related email through the server, based in her house in Chappaqua, New York. She reportedly hired a Cablevision (NYSE:CVC) subsidiary to run the server, with antivirus protection from Intel's (NASDAQ:INTC) McAfee. And she registered her domain name, clintonmail.com, through Network Solutions.

Intelligence professionals fear that the use of the privately installed server, free of certified government defenses against foreign interception, has been a boon to foreign cyberspies.
"By using her own private server with email — which we now know was wholly unencrypted for the first three months of Hillary Clinton's tenure as secretary of state — she left this easily interceptable by any decent 21st century SIGINT service," said John Schindler, a former National Security Agency counterintelligence officer. SIGINT is shorthand for signals intelligence, or electronic spying.
"The name Clinton right on the email handle meant this was not a difficult find," Schindler said. "We should assume Russians, Chinese and others were seeing this."

'Epic' Counterintelligence Disaster
"In all, this is a counterintelligence disaster of truly epic proportions, not to mention that, since Clinton admitted she did not use higher-classification email systems at all" — systems like SIPR and JWICS, Schindler said — "we have to assume some bleed-over into her unsecured private email too, which makes this even worse."
SIPR is the Secret Internet Protocol Router network that the Department of Defense runs to ensure secret communications for the U.S. military, other agencies and certain allies. JWICS is the Joint Worldwide Intelligence Communications System for top-secret government communication. Both provide secure communications for the State Department and secretary of state. Clinton's private server was not protected by the Department of Homeland Security's Einstein intrusion detection system, which relies on NSA systems, for official State Department emails.

"She may have deleted 30,000 e-mails before turning her files over to the State Department, but that doesn't mean that the Russians and the Chinese don't have them," said Michelle Van Cleave, former U.S. National Counterintelligence Executive.
Others say that the potential damage to U.S. national security is so grave that the FBI should seize the server and conduct a forensic analysis to determine the extent of foreign penetration. That analysis would be part of what is called a damage assessment, which is routine after any suspected security breach.

FBI Forensic Analysis
However, the FBI might not find anything now, according to Rep. Trey Gowdy, R-S.C., chairman of a House investigative panel, who says that Clinton had the server wiped clean. Still, the forensic analysis by trained personnel could yield valuable clues about foreign spies gaining access to America's most fiercely guarded secrets. Gowdy has called on Clinton to appear before his committee for what he called a "transcribed interview regarding her use of private email and a personal server for official State Department business."
Rep. Ken Buck, R-Colo., a former prosecutor, said that the FBI should conduct a forensic analysis of any attempted foreign penetrations, to determine which foreign intelligence services might have hacked into Clinton's email server.
"Denying a legitimate request by the Bureau to examine her computer would certainly suggest that America's security is not Clinton's highest priority," Buck said.
"The FBI investigated a sitting CIA director for intentionally disclosing classified information. The Bureau can certainly investigate whether a former secretary of state unintentionally disclosed classified information," Buck said. "The motive may be different, but the potential damage to national security is similar."

Why Clinton hasn't offered to turn over the server to the FBI, or why the FBI has not seized it to assess the damage to national security, is unclear. A Clinton spokesperson declined to comment.
In a question-and-answer sheet provided to reporters, Clinton did not address the issue. The FBI won't say whether or not it made a request or took possession of the server. The Bureau does not have the device, according to a highly placed FBI source. That source is not cleared to speak to the press and could not speak on the record.

The lure of reading a secretary of state's emails would exert a pull on any foreign spy, intelligence officials say.

Where, on a scale of one to 10, would any sitting secretary of state rank as a target of foreign spies? "10, of course," said Van Cleave. "That being the case, all of her e-mails would have been potentially of interest to any number of foreign parties."
"A target like this would be at least a 10, maybe 10-plus if the enemy knew the email address and server," said Robert W. Stephan, a former counterintelligence analyst at the Defense Intelligence Agency who also served 19 years in the CIA. "If a foreign intelligence service determines that it is indeed the secretary of state's private communications/e-mail/server and even given the security measures that were set up, it would still be a top target for some sophisticated services," Stephan said. "Obviously Chinese, Russian, and Cuban, and possibly Iranians and North Koreans."

That statement presumes that the server was strongly protected against outside penetration, which does not seem to be the case. News reports indicate that the server's security configurations were done improperly, protecting Clinton's personal privacy and not national security, and that, even if everything was done by the book, that type of server and software package remains vulnerable to a good hacker.
"A 16-year-old can break into a server, and certainly a government sophisticated enough to break into the Sony (NYSE:SNE) system can break into Hillary Clinton's system," said Rep. Buck. "That's a no-brainer."
How would adversary spy services exploit this intelligence? "The positions, the interests, the communications between the secretary of state and her staff are of great interest to any foreign intelligence service, whether hostile or friendly," said Paul Joyal, former director of security of the Senate Select Committee on Intelligence.

"The American secretary of state using an open, unprotected server? That's an invitation to a party," said a veteran intelligence officer who asked for anonymity because he still holds active clearances. "All of her private musings. There's no secretary of state who doesn't communicate with classified information. How the hell could she do her job without it?"

Gateway To Government Systems?
"From a counterintelligence perspective, (for) anyone with any responsibility for intelligence, counterintelligence and security, this thing is a monumental disaster," the longtime senior intelligence officer said. "It's a disaster for U.S. policy. It's a huge boon for the former KGB and the Iranians."
Some experts are concerned that foreign spies could have penetrated the server as a gateway to breaking into other government systems, including classified communications.
"The real question is, what if any intelligence collection was being done on a private server somewhere?" Joyal said. "The only way to know is for the proper federal authorities to impound the server and do a forensic analysis."
"It would be possible for a hostile service to use the server as a platform to deliver other malware to other targets of their choosing, based on their knowledge of whom the former secretary and president were communicating with," Joyal said.
'Vast Deception Potential'

Foreign spies could use their access to Clinton's server to warp or distort information that government officials rely on. "If they're getting into her server, they're not just extracting stuff," said a senior former Defense Department official who spoke on condition of anonymity. "They're going to do things that could be planted from other sources."
"The denial and deception potential here is vast," said John Schindler, referring to intelligence tradecraft in which a spy service denies or conceals information, and seeks to deceive other countries. "Not to mention that any shady games played" by the Obama Administration "would be known to Moscow and Beijing — but not to the American public."
"It could affect a number of people within the U.S. government and, for that matter, people around the world," Joyal said. "It would behoove the federal government to conduct a forensic analysis of the server itself."
Until such a forensic analysis is done, he said, authorities simply will not know the answer.
"This should not be politicized," said Joyal. "It should be done with hard-nosed national security interests driving the forensic analysis."

• Waller is a senior reporter at the American Media Institute, a nonprofit news service.


Read More At Investor's Business Daily: http://news.investors.com/politics/040715-746883-hillary-clinton-email-server-vulnerable-to-china-russia-iran.htm#ixzz3Wjj4n2YJ
Follow us: @IBDinvestors on Twitter | InvestorsBusinessDaily on Facebook


Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72081
    • View Profile
Stratfor: Pentagon and Cyber Defense
« Reply #333 on: June 04, 2015, 12:20:45 PM »
Analysis
Forecast

    Though the U.S. Department of Defense leads in understanding and exploiting cyberspace vulnerabilities abroad, it will struggle to defend the same vulnerabilities domestically without assistance from other agencies and the private sector.
    The Pentagon will continue to lack the visibility and organizational structure to defend the range of networks upon which it relies.
    Any efforts to expand U.S. law enforcement or military jurisdiction or authority over the Internet's infrastructure likely would face significant domestic opposition.
    The Defense Department has accepted that it must share the domain of cyber defense and thus will continue to work as a partner in defending U.S. economic interests that reside in cyberspace.

The U.S. Department of Defense Cyber Strategy, a report released April 23, highlights the government's efforts thus far in realizing its role in cyberspace since the publication of its first formal strategy in 2011. The United States already has clearly demonstrated its technological edge in conducting espionage and sabotage online, as with the Stuxnet attack against Iranian centrifuges in 2008. However, the U.S. military's capabilities in the potential war-fighting domain of cyberspace do not equal its land, sea and air dominance. The Pentagon's cyber strategy focuses on this reality as much as it does on further incorporating cyberspace capabilities into its military structure. While the Department of Defense recognizes cyberspace as an operational domain, it also recognizes that it must share this domain to safeguard U.S. interests.
U.S. Cyber Capabilities

The U.S. government, with the Department of Defense leading the way principally through the National Security Agency, began developing and employing offensive cyber capabilities — acts of espionage and industrial sabotage — years before formally defining cyberspace as an operational domain. The scope of past U.S. intelligence operations in cyberspace was revealed by Edward Snowden's leaks and the demonstrable efforts to sabotage Iran's nuclear program. However, the Pentagon's capabilities do not safeguard its own information technology infrastructure and have generally been ineffective in defending U.S. interests in cyberspace.

To discourage cyber attacks, the U.S. government has used the threat of economic sanctions, criminal prosecution of foreign state officials, and the prospect of physical military action stemming from its 2011 declaration that cyber attacks constitute an act of war. Yet, aside from the prospect of physical military action or economic sanctions, the U.S. government still lacks any effective deterrence to cyber attacks. These breaches continually cause financial losses for the U.S. private sector, and state and non-state actors continue targeting government institutions. To defend in cyberspace (rather than engaging strictly in espionage), the military must play an auxiliary role in a domain it must share with other government organizations and the private sector.

The private sector owns and operates roughly 90 percent of the physical infrastructure that constitutes the abstract world of cyberspace. Though the Pentagon has proven resourceful in researching and exploiting new vulnerabilities in cyberspace, it lacks the authority to ensure that U.S. interests are protected against such exploits. In other words, the United States' ability to conduct espionage and sabotage in cyberspace depends on the same types of vulnerabilities that threaten its own economic interests. To rectify this, the Pentagon's top priorities in developing its cyberspace strategy focus on defense — namely partnering with domestic government agencies and the private sector to ensure that U.S. interests are safeguarded from cyber attacks by foreign state and non-state actors.

Not all countries that employ offensive capabilities and espionage in cyber space — such as China, Russia, Iran or North Korea — face the same dynamics in defending their own information technology infrastructure. The Chinese government, for instance, maintains strict control over the network infrastructure and the information passing through it within its borders. This allows for much greater control over its security of the network technology, though it stems from China's particular concern for social control.
The Pentagon's Limitations

Protecting U.S. economic interests abroad has been one of the U.S. military's tasks since its inception. However, defending commercial activity that takes place on the Internet involves a different skill set and political constraints than, say, safeguarding international sea lanes. Both the U.S. military and law enforcement face a complex landscape in cyberspace, where their jurisdictions are complicated by the global nature of the Internet's infrastructure and the U.S. distinction between private and public ownership. This situation is not likely to change much, because any efforts to expand law enforcement or military jurisdiction or authority likely would face significant opposition in the United States.

This lack of authority over infrastructure is just one barrier for the military in dominating cyberspace. Though the Internet's inception was rooted in defense research and development, the increasing importance of the Internet to global commerce and the abstract landscape of cyberspace are shaped by both the private sector and popular use. In 2000, 400 million people were using the Internet; that number will grow to some 3.2 billion by the end of 2015. The very nature of the Internet — once a collection of a few networked computer terminals — has rapidly evolved to encompass nearly every facet of life through an increasing number of different devices that communicate over the global network as part of the Internet of Things. New technologies, and thus new vulnerabilities, are constantly emerging in cyberspace — innovations around which the Department of Defense must continually adapt.

By partnering with the private sector, the Department of Defense can help maintain stronger situational awareness of the ever-changing landscape. The Pentagon may lack the authority to enforce security compliance in the private sector, but it is in an advantageous position, particularly given the power of the intelligence community, to advise the private sector about the current technical vulnerabilities that permit cyber attacks. This kind of cooperation requires the will of individual actors in the private sector and large corporations that also often rely on overseas infrastructure, which can complicate partnerships. However, the Pentagon's own communications rely on numerous networks, many of which can fall victim to malware propagated on the Internet. In its latest cyber strategy report, the Department of Defense admits it lacks the "visibility and organizational structure" to defend such networks, furthering the need for partnerships in defending its cyberspace interests. The dynamics behind this need are not likely to change in the foreseeable future.
The Challenging Nature of Cyber Attacks

In cyberspace, attacks and espionage are conducted independent of geographic range, and expenses are often negligent compared to physical spying or acts of aggression. For example, a distributed denial of service attack against a U.S. company relying on its Internet presence for business can be organized by a small group of individuals at little expense, particularly compared to the resources necessary to even investigate the authorship of such an attack. The impact of cyber attacks is far greater on developed countries with greater reliance on the Internet — a fact that gives state actors in the developing world and non-state actors a significant advantage. On Dec. 22, 2014, for example, an unidentified actor isolated North Korea from the global network via the country's weak link in China, possibly in retaliation for the 2014 cyber attack on Sony Pictures Entertainment, which the U.S. government publicly attributed to North Korea. Whether or not the incident was tied to the Sony attack, the effect of isolating North Korea — which only retains around 1,000 unique Internet Protocol addresses — was minimal.

The asymmetric nature of threats in cyberspace, including potential attacks by non-state actors, makes employing an effective deterrence more challenging for the Department of Defense. Economic sanctions and military responses are less useful against common threats from lone hackers, organized crime and activists. Even distinguishing attribution of a specific attack between state and non-state actors can be a daunting task. For example, though the U.S. government appears confident in blaming North Korea for the Sony hack, many cyber security analysts still question the validity of the accusations.

There is no doubt that the Pentagon has been aggressively seeking ways to improve its capabilities in cyberspace. Its latest cyber strategy report highlights how the Department of Defense wants to further integrate its growing capabilities within its traditional combatant command structure. As the U.S. military continues to embrace cyberspace as a domain, it will find that its traditional role in other operational areas does not necessarily translate to this new and increasingly critical territory. Thus, the military will share cyberspace defense duties with other government agencies and the private sector in an effort to protect U.S. economic interests and the military's own networks.

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72081
    • View Profile
NSA vs. overseas hackers
« Reply #334 on: June 04, 2015, 12:22:36 PM »
second post

N.S.A. Secretly Widens Cross-Border Internet Spying to Find Hackers

Without public notice or debate, the Obama administration has expanded the National Security Agency’s warrantless surveillance of Americans’ international Internet traffic to search for evidence of malicious computer hacking, according to classified N.S.A. documents.

In mid-2012, Justice Department lawyers wrote two secret memos permitting the spy agency to begin hunting on Internet cables, without a warrant and on American soil, for data linked to computer intrusions originating abroad — including traffic that flows to suspicious Internet addresses or contains malware, the documents show.

READ MORE »
http://www.nytimes.com/2015/06/05/us/hunting-for-hackers-nsa-secretly-expands-internet-spying-at-us-border.html?emc=edit_na_20150604


Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72081
    • View Profile
Isarael hacks nuke talks with Iran
« Reply #335 on: June 10, 2015, 08:41:09 AM »
Spy Virus Linked to Israel Targeted Hotels Used for Iran Nuclear Talks
Cybersecurity firm Kaspersky Lab finds three hotels that hosted Iran talks were targeted by a virus believed used by Israeli spies

Members of the media await the arrival of Iranian and other nations’ delegates at the Beau-Rivage Palace Hotel in Lausanne, Switzerland in March 2014. The hotel is one of several that served as a site for nuclear talks. A Beau-Rivage spokeswoman said the hotel was unaware of being hacked. Photo: BRENDAN SMIALOWSKI/PRESS POOL
By
Adam Entous And
Danny Yadron
June 10, 2015 8:00 a.m. ET

When a leading cybersecurity firm discovered it had been hacked last year by a virus widely believed to be used by Israeli spies, it wanted to know who else was on the hit list. It checked millions of computers world-wide and three luxury European hotels popped up. The other hotels the firm tested—thousands in all—were clean.
Researchers at the firm, Kaspersky Lab ZAO, weren’t sure what to make of the results. Then they realized what the three hotels had in common. Each was targeted before hosting high-stakes negotiations between Iran and world powers over curtailing Tehran’s nuclear program.

The spyware, the firm has now concluded, was an improved version of Duqu, a virus first identified by cybersecurity experts in 2011, according to a Kaspersky report reviewed by The Wall Street Journal and outside security experts. Current and former U.S. officials and many cybersecurity experts believe Duqu was designed to carry out Israel’s most sensitive intelligence-collection operations.

Senior U.S. officials learned Israel was spying on the nuclear talks in 2014, a finding first reported by The Wall Street Journal in March. Officials at the time offered few details about Israel’s tactics.

Kaspersky’s findings, which the Moscow-based company is expected to disclose publicly Wednesday, shed new light on the use of a stealthy virus in the spying efforts. The revelations also could provide what may be the first concrete evidence that the nuclear negotiations were targeted and by whom.

No intelligence-collection effort is a higher priority for Israel’s spy agencies than Iran, including the closed-door talks which have entered a final stage. Israeli leaders say the emerging deal could allow Iran to continue working toward building nuclear weapons, a goal Iran has denied having.

Kaspersky, in keeping with its policy, doesn’t identify Israel by name as the country responsible for the hacks. But researchers at the company indicate that they suspect an Israeli connection in subtle ways. For example, the company’s report is titled “The Duqu Bet.” Bet is the second letter of the Hebrew alphabet.

Researchers at the company acknowledge that many questions remain unanswered about how the virus was used and what information may have been stolen. Among the possibilities, the researchers say, the intruders might have been able to eavesdrop on conversations and steal electronic files by commandeering the hotel systems that connect to computers, phones, elevators and alarms, allowing them to turn them on and off at will to collect information.

Israeli officials have denied spying on the U.S. or Israel’s other allies, although they acknowledge conducting close surveillance on Iranians generally. Israeli officials declined to comment specifically on the allegations relating to the Duqu virus and the hotel intrusions.

The Federal Bureau of Investigation is reviewing the Kaspersky analysis and hasn’t independently confirmed the firm’s conclusions, according to people familiar with the discussions. U.S. officials, though, said they weren’t surprised to learn about the reported intrusions at the hotels used for the nuclear talks.

A senior congressional aide briefed on the matter said Kaspersky’s findings were credible. “We take this seriously,” the aide said.

Kaspersky, which protects hundreds of millions of computers from intruders, didn’t realize its own computers were compromised for more than six months after the 2014 breach. Hackers and intelligence agencies have long targeted security companies, given the valuable information they can learn about the Internet’s defenses.  Costin Raiu, director of the global research and analysis team at Kaspersky, said the attackers first targeted a Kaspersky employee in a satellite office in the Asia Pacific region, likely through email that contained an attachment in which the virus was hidden.

By opening the attachment, the employee inadvertently would have allowed the virus to infect his computer through what Kaspersky believes was a hacking tool called a “zero day exploit.” Such tools take advantage of previously unknown security holes—giving software companies no opportunity to prevent hackers from sneaking in through them. Kaspersky says the hackers used up to two more “zero day exploits” to work further into Kaspersky’s system.

That alone, Kaspersky and outside experts say, offers evidence of the hackers’ sophistication. These kinds of tools are expensive to create and are guaranteed to work only the first time they are used. After that, companies can build up digital antibodies through software patches.

Security researchers such as Kaspersky’s Mr. Raiu often strive not just to find hackers, but also to find links between breaches through digital detective work. It is a mix of computer science, instinct and luck. In this case, Mr. Raiu saw links between this new virus and Duqu.

U.S. intelligence agencies view Duqu infections as Israeli spy operations, former U.S. officials said. While the new virus bore no overt links to Israel, it was so complex and borrowed so heavily from Duqu that it “could not have been created by anyone without access to the original Duqu source code,” Kaspersky writes in its report.
To check his conclusions, Mr. Raiu a few weeks ago emailed his findings to a friend, Boldizsár Bencsáth, a researcher at Budapest University of Technology and Economics’ Laboratory of Cryptography and System Security. Mr. Bencsáth in 2011 helped discover the original Duqu virus.

“They look extremely similar,” Mr. Bencsáth said in an interview Tuesday. He estimated a team of 10 people would take more than two years to build such a clean copycat, unless they were the original author.

In the early spring, Kaspersky found itself on the other side of the countless digital intrusions it investigates.

A Kaspersky employee in Moscow discovered the virus while testing a new security program on a company computer he assumed was bug-free. Rather than try to kick the hackers out, the company set up a special team to monitor the virus in action to figure out how it worked and what it was designed to do.

The way the virus operated took the team by surprise. It jumped from one system to another, slowly attacking an increasing number of computers. The virus sought to cover its tracks, abandoning machines the attackers deemed of no additional interest, while leaving a small file that would allow them to return later.

Mr. Raiu said the company had been bracing for cyberintrusions but didn’t expect anything this sophisticated. The attackers moved slowly through Kaspersky’s systems to avoid attracting attention. Mr. Raiu concluded that they probably valued stealth more than anything else. The company dubbed the new-and-improved virus Duqu 2.0.
In a written statement with the report that was reviewed by the Journal, Kaspersky said it didn’t expect the incident to make customers more vulnerable to hackers. “Kaspersky Lab is confident that its clients and partners are safe and that there is no impact on the company’s products, technologies and services,” it said.

The company ran tests to determine if any of its 270,000 corporate clients world-wide had been infected. Kaspersky’s list of corporate clients includes big energy companies, European banks and thousands of hotels.

It found infections on a limited number of clients in Western Europe, Asia and the Middle East. None of Kaspersky’s clients in the U.S. were targeted. A targeted cyberattack against a hotel struck researchers as unusual but not unprecedented.

The first hotel with Duqu 2.0 on its computers piqued Mr. Raiu’s interest right away, in light of the revelations he read in the Journal about Israeli spying efforts, he said. The hotel, he said, was a well-known venue for the nuclear negotiations. But he wasn’t sure if it was an isolated case.

Soon thereafter, Kaspersky found the same virus at a second luxury hotel. Initially, Mr. Raiu didn’t see a connection between the hotel and the nuclear talks. Then, a couple of weeks after the discovery of the second hotel, he learned that the nuclear negotiations would take place there. His team was “shocked,” Mr. Raiu recalled. In both cases, the hotels were infected about two to three weeks before the negotiators convened.

Kaspersky provided information about Duqu 2.0 to one of its partners, which did its own round of tests. That search turned up a third infected hotel which hosted the nuclear talks. Mr. Raiu said the third hotel was discovered last but appeared to have been infected first, sometime in 2014.

Kaspersky declined to identify the three hotels.

Hotels that served as venues for the talks include: the Beau-Rivage Palace in Lausanne, Switzerland, the Intercontinental in Geneva, the Palais Coburg in Vienna, the Hotel President Wilson in Geneva, the Hotel Bayerischer Hof in Munich and Royal Plaza Montreux in Montreux, Switzerland.

A Beau-Rivage spokeswoman said the hotel was unaware of being hacked. A manager on duty at the Intercontinental said he also was unaware of such an incident. The management team at the Royal Plaza said, “Our internal policy doesn’t allow us to deliver any information.”

The others didn’t respond to requests for comment.

In addition to the three hotels reported to have been hacked, the virus was found in computers at a site used to commemorate the 70th anniversary of the liberation of the Nazi death camp at Auschwitz. Some world leaders had attended events there.

A former U.S. intelligence official said it was common for Israel and other countries to target such international gatherings. “The only thing that’s unusual now is you hear about it,” the official said.

Mr. Raiu said Kaspersky doesn’t know what was stolen from the three hotels or from the other venues. He said the virus was packed with more than 100 discrete “modules” that would have enabled the attackers to commandeer infected computers.

One module was designed to compress video feeds, possibly from hotel surveillance cameras. Other modules targeted communications, from phones to Wi-Fi networks. The attackers would know who was connected to the infected systems, allowing them to eavesdrop on conversations and steal electronic files. The virus could also enable them to operate two-way microphones in hotel elevators, computers and alarm systems.

In addition, the hackers appeared to penetrate front-desk computers. That could have allowed them to figure out the room numbers of specific delegation members.
The virus also automatically deposited smaller reconnaissance files on the computers it passed through, ensuring the attackers can monitor them and exploit the contents of those computers at a later date.

Write to Adam Entous at adam.entous@wsj.com and Danny Yadron at danny.yadron@wsj.com

G M

  • Power User
  • ***
  • Posts: 26643
    • View Profile

Body-by-Guinness

  • Guest
Other Side of the Scapegoat
« Reply #337 on: June 25, 2015, 05:26:17 PM »
Whose Fault is the OPM Hack Really?

Everyone's mad at the Office of Personnel Management, and I totally get why. The hack is awful, the magnitude staggering. The consequences will be big, both for the country and for lots of individuals. It's a very ugly situation, and OPM has certainly not handled it competently, let alone well. And the more we learn, the worse it gets.

But here's my question: Is this really OPM's fault?

OPM, after all, is not an intelligence agency or a counterintelligence agency. Even had it behaved competently, it had no chance of protecting data that a professional adversary intelligence service wanted to go after. It also does not have the expertise to identify which data it is holding that are—individually or collectively—likely of interest to foreign intelligence powers. To put the matter simply, protecting sensitive data from foreign spies is not within the wheelhouse of an agency whose job is "to recruit, retain, and honor a world-class workforce for the American people."

It is very much within the wheelhouse of some other federal agencies, however.

Let's start with the FBI, whose mission includes "Protect[ing] the United States against foreign intelligence operations and espionage" and "Protect[ing] the United States against cyber-based attacks and high-technology crimes." I don't know whose job, if anyone's, it is to identify large aggregations of data outside the security sector that would be of foreign intelligence interest and to protect them from espionage, but it seems to me that the agency tasked with foreign counterintelligence would be the place to start. So here's a question: Did anyone at the bureau ever flag for OPM that this material might have a giant bullseye painted on it?

Then there's NSA, which has the government's Information Assurance portfolio, and also has a huge cybersecurity capacity. NSA describes its information assurance mission as follows: "NSA's Information Assurance Directorate (IAD) protects and defends National Security Information and Information Systems, in accordance with National Security Directive 42. National Security Systems are defined as systems that handle classified information or information otherwise critical to military or intelligence activities." The OPM systems were not classified, but any database that potentially exposes millions of federal workers—including defense and intelligence workers—to potential recruitment, blackmail, or other bad conduct at the hands of a foreign intelligence service could certainly be regarded as "critical to military or intelligence activities." So here's another question: Did anyone at NSA ever flag for OPM that this material might have a giant bullseye painted on it or offer to help secure it?

Or maybe the problem lies with DHS. DHS, after all, proudly boasts that it "has the lead for the federal government for securing civilian government computer systems"—something that clearly did not happen here. So here's a third question: Did anyone at DHS ever work with this civilian agency to security its government computer systems?

If this all sounds like an interagency mess of authorities, well, there are also agencies whose job is to work through those. What, one might ask, about what role the DNI has played in this area? His mission statement starts with the broad aim: to "lead Intelligence Integration." In other words, if it was someone's job to imagine that there are a lot of non-classified systems around the government that have extraordinarily sensitive data an intelligence service would want to steal, and that this data is being housed at agencies that probably don't understand that fact and don't have the capacity to defend that data, perhaps having that imagination was the DNI's job. And if it was some office's job to reach out across the government and assess what datasets would be catastrophic to lose and to set up programs to protect that material, perhaps that was the DNI's job too.

Taping Rational Security this morning, I mentioned all this to the Hoover Institution's Kori Schake—a defense analysts and former NSC staffer—who joked with gentle bitterness that it's a good thing this country does not have a National Security Council, whose job is to coordinate the activities of the various agencies engaged in national security activity to make sure questions like this get addressed. The NSC describes its mission as including "serv[ing] as the President's principal arm for coordinating these policies among various government agencies." So here's a fourth question: Was anyone at the DNI's office or the NSC serving as the President's principal arm for securing data of intelligence value at OPM?

I'm sure it will make a lot of people feel good to beat up on OPM, and I'm sure some folks there probably deserve it. But after we've gone through the political ritual of extracting our pound of Washington flesh, let's ask the serious question: Whose job is this really? And whose do we want it to be?

http://www.lawfareblog.com/whose-fault-opm-hack-really

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72081
    • View Profile
POTH: Well, this sounds decisive , , ,
« Reply #338 on: August 01, 2015, 11:40:58 PM »
U.S. Decides to Retaliate Against China’s Hacking

By DAVID E. SANGERJULY 31, 2015

Advertisement
Continue reading the main story
Continue reading the main story Share This Page

    Email
    Share
    Tweet
    Save
    more

Continue reading the main story

The Obama administration has determined that it must retaliate against China for the theft of the personal information of more than 20 million Americans from the databases of the Office of Personnel Management, but it is still struggling to decide what it can do without prompting an escalating cyberconflict.

The decision came after the administration concluded that the hacking attack was so vast in scope and ambition that the usual practices for dealing with traditional espionage cases did not apply.

But in a series of classified meetings, officials have struggled to choose among options that range from largely symbolic responses — for example, diplomatic protests or the ouster of known Chinese agents in the United States — to more significant actions that some officials fear could lead to an escalation of the hacking conflict between the two countries.
Continue reading the main story
Related Coverage

    Network specialists at the Department of Homeland Security’s National Cybersecurity and Communications Integration Center in Arlington, Va., during an unclassified tour for members of the news media last week. Classified information was excluded from screen displays.
    U.S. vs. Hackers: Still Lopsided Despite Years of Warnings and a Recent PushJULY 18, 2015

That does not mean a response will happen anytime soon — or be obvious when it does. The White House could determine that the downsides of any meaningful, yet proportionate, retaliation outweigh the benefits, or will lead to retaliation on American firms or individuals doing work in China. President Obama, clearly seeking leverage, has asked his staff to come up with a more creative set of responses.
Photo
The home of the Office of Personnel Management headquarters in Washington. The Obama administration has decided that it must retaliate against China for the theft of personal information from the office. Credit Mark Wilson/Getty Images

“One of the conclusions we’ve reached is that we need to be a bit more public about our responses, and one reason is deterrence,” said one senior administration official involved in the debate, who spoke on the condition of anonymity to discuss internal White House plans. “We need to disrupt and deter what our adversaries are doing in cyberspace, and that means you need a full range of tools to tailor a response.”

In public, Mr. Obama has said almost nothing, and officials are under strict instructions to avoid naming China as the source of the attack. While James R. Clapper Jr., the director of national intelligence, said last month that “you have to kind of salute the Chinese for what they did,” he avoided repeating that accusation when pressed again in public last week.

But over recent days, both Mr. Clapper and Adm. Michael S. Rogers, director of the National Security Agency and commander of the military’s Cyber Command, have hinted at the internal debate by noting that unless the United States finds a way to respond to the attacks, they are bound to escalate.

Mr. Clapper predicted that the number and sophistication of hacking aimed at the United States would worsen “until such time as we create both the substance and psychology of deterrence.”

Admiral Rogers made clear in a public presentation to the meeting of the Aspen Security Forum last week that he had advised President Obama to strike back against North Korea for the earlier attack on Sony Pictures Entertainment. Since then, evidence that hackers associated with the Chinese government were responsible for the Office of Personnel Management theft has been gathered by personnel under Admiral Rogers’s command, officials said.

Advertisement
Continue reading the main story

Admiral Rogers stressed the need for “creating costs” for attackers responsible for the intrusion, although he acknowledged that it differed in important ways from the Sony case. In the Sony attack, the theft of emails was secondary to the destruction of much of the company’s computer systems, part of an effort to intimidate the studio to keep it from releasing a comedy that portrayed the assassination of Kim Jong-un, the North Korean leader.

According to officials involved in the internal debates over responses to the personnel office attack, Mr. Obama’s aides explored applying economic sanctions against China, based on the precedent of sanctions the president approved against North Korea in January.

“The analogy simply didn’t work,” said one senior economic official, who spoke on the condition of anonymity to discuss internal White House deliberations. North Korea is so isolated that there was no risk it could retaliate in kind. But in considering sanctions against China, officials from the Commerce Department and the Treasury offered a long list of countersanctions the Chinese could impose against American firms that are already struggling to deal with China.

The Justice Department is exploring legal action against Chinese individuals and organizations believed responsible for the personnel office theft, much as it did last summer when five officers of the People’s Liberation Army, part of the Chinese military, were indicted on a charge of the theft of intellectual property from American companies. While Justice officials say that earlier action was a breakthrough, others characterize the punishment as only symbolic: Unless they visit the United States or a friendly nation, none of them are likely to ever see the inside of an American courtroom.

“Criminal charges appear to be unlikely in the case of the O.P.M. breach,” a study of the Office of Personnel Management breach published by the Congressional Research Service two weeks ago concluded. “As a matter of policy, the United States has sought to distinguish between cyber intrusions to collect data for national security purposes — to which the United States deems counterintelligence to be an appropriate response — and cyber intrusions to steal data for commercial purposes, to which the United States deems a criminal justice response to be appropriate.”

There is another risk in criminal prosecution: Intelligence officials say that any legal case could result in exposing American intelligence operations inside China — including the placement of thousands of implants in Chinese computer networks to warn of impending attacks.

Other options discussed inside the administration include retaliatory operations, perhaps designed to steal or reveal to the public information as valuable to the Chinese government as the security-clearance files on government employees were to Washington.

One of the most innovative actions discussed inside the intelligence agencies, according to two officials familiar with the debate, involves finding a way to breach the so-called great firewall, the complex network of censorship and control that the Chinese government keeps in place to suppress dissent inside the country. The idea would be to demonstrate to the Chinese leadership that the one thing they value most — keeping absolute control over the country’s political dialogue — could be at risk if they do not moderate attacks on the United States.

Advertisement
Continue reading the main story

Advertisement
Continue reading the main story

Advertisement
Continue reading the main story

But any counterattack could lead to a cycle of escalation just as the United States hopes to discuss with Chinese leaders new rules of the road limiting cyberoperations. A similar initiative to get the Chinese leadership to discuss those rules, proposed by Mr. Obama when he met the Chinese leader at Sunnylands in California in 2013, has made little progress.

The United States has been cautious about using cyberweapons or even discussing it. A new Pentagon strategy, introduced by the secretary of Defense, Ashton B. Carter, in the spring, explicitly discussed retaliation but left vague what kind of cases the United States viewed as so critical that they would prompt that type of retaliation.

In response to the Office of Personnel Management attack, White House officials on Friday announced the results of a 30-day “cybersecurity sprint” that began in early June after the federal personnel office disclosed the gigantic theft of data.

Tony Scott, the government’s chief information officer, who ordered the review, said in a blog post that agencies had significantly ramped up their use of strong authentication procedures, especially for users who required access to sensitive parts of networks.

By the end of the 30th day, officials said that more than half of the nation’s largest agencies, including the Departments of Transportation, Veterans Affairs and the Interior, now required strong authentication for almost 95 percent of their privileged users.

For Mr. Obama, responding to the theft at the Office of Personnel Management is complicated because it was not destructive, nor did it involve stealing intellectual property. Instead, the goal was espionage, on a scale that no one imagined before.

“This is one of those cases where you have to ask, ‘Does the size of the operation change the nature of it?’ ” one senior intelligence official said. “Clearly, it does.”

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72081
    • View Profile
WSJ: ISIS hacker killed by drone
« Reply #339 on: August 28, 2015, 05:23:34 AM »

By
Margaret Coker in London,
Danny Yadron in San Francisco and
Damian Paletta in Washington
Aug. 27, 2015 7:36 p.m. ET
79 COMMENTS

U.S. and British officials decided earlier this year that a hacker needed to die.

Junaid Hussain, a British citizen in his early 20s, had risen fast to become a chief in Islamic State’s electronic army. One person familiar with the matter said he hacked dozens of U.S. military personnel and published personal and financial details online, including those of a general, for others to exploit.

He helped sharpen the terror group’s defense against Western surveillance and built hacking tools to penetrate computer systems, said people familiar with the matter.

Mr. Hussain was killed by a U.S. drone strike on Tuesday while he was in a car in Raqqa, Syria, U.S. officials said. That he was targeted directly shows the extent to which digital warfare has upset the balance of power on the modern battlefield.


Islamic State didn’t build a large cyber force like the U.S.’s National Security Agency or China’s People’s Liberation Army. Instead, it had people like Mr. Hussain, a convicted hacker whose suite of inexpensive digital tools threatened to wreak havoc on even the world’s most-powerful country. Islamic State communications described him as one of the group’s secret weapons, said one person who has seen them.

U.S. officials said they believe Mr. Hussain played an important role in recruiting two American Muslims to open fire in Garland, Texas, this spring on a contest for cartoon depictions of the Prophet Muhammad. He also frequently hacked into U.S. service members’ Facebook accounts to determine personal details and future targets, one of the people familiar with the probe said.

“If you don’t have anybody who is kind of fluent in computer operations, you’ve got a problem,” said Michael Sulmeyer, a former cyberpolicy expert for the Pentagon now at the Belfer Center for Science and International Affairs at Harvard University’s John F. Kennedy School of Government. “The ballgame is pretty much the coder or the individual.”

Mr. Hussain drew attention from U.S. and British intelligence and military agencies in part because of his efforts to recruit and incite violence, said one U.S. official. His importance to Islamic State made him a legitimate target, the official said. “Leadership: That is what gets our attention.”


Islamic State hasn’t confirmed Mr. Hussain’s death, as it sometimes does after operatives are killed in drone strikes. Eulogies from Islamic State supporters, including one man who like Mr. Hussain grew up in the West Midlands city of Birmingham, England, began trickling through Twitter on Thursday.

In the 14 months since Islamic State announced it had formed a caliphate, the group has carved out a state of sorts in Iraq and Syria. Since last fall, when U.S. officials began tracking Mr. Hussain, the terror network also started to strengthen its cyberwarfare capabilities, adopting cutting-edge encryption technology and boosting its attempts to recruit hackers to even the odds against major Western powers.

Mr. Hussain grew up a book-smart teenager, according to court records and several people familiar with his case. He was planning to study computer science.

Before graduating from high school, however, he joined a group of British teens in a hacking collective called Team Poison. Using the handle “Tr1ck,” Mr. Hussain claimed responsibility for hacking into the email account of an assistant to former Prime Minister Tony Blair. Mr. Blair’s personal details, including his National ID number, the equivalent of a Social Security number, were published online.

A British court found Mr. Hussain guilty and he served a prison sentence.

Birmingham police in July 2013 arrested him for involvement in a street fight. While awaiting trial, he fled to Syria, U.K. officials said. By January 2014, he was communicating online with other British Muslims about how to join Islamic State, according to court documents.

Once living in Islamic State territory, Mr. Hussain re-emerged with a new online persona: Abu Hussain al-Britaini.

U.S. officials began to view Mr. Hussain as a top threat because he was on the leading edge of Islamic State efforts to recruit in the U.S. He would post names, addresses and photos of U.S. troops on his Twitter feed and suggest followers find and kill the person. In several instances, the Federal Bureau of Investigation and Defense Department set up 24-hour watches around targeted service members, a person familiar with the situation said.

Mr. Hussain developed a hacking tool, or malware, that could be used to spy on other machines, called a remote access Trojan, or RAT. He was training other Islamic State members in how to use hacker techniques, people familiar with the case said.

In at least one interaction, according to a Wall Street Journal review of online communications, he discussed the possibility of obtaining a zero-day exploit—hacker jargon for software that takes advantage of flaws in commercial software, such as Microsoft Word, unknown to that developer. Because they are unknown, they are almost impossible to stop.

Islamic State leaders have long communicated on a variety of platforms such as Facebook Inc. that U.S. officials can easily tap through court orders. Computer-security types such as Mr. Hussain, however, are notorious for being cautious with digital communications. After Mr. Hussain moved into a leadership role in the group’s so-called hacking division, Islamic State began ordering and teaching its commanders and followers to tighten its security awareness.

In December, Islamic State issued an order banning fighters from using devices equipped with location-tracking software, particularly Apple Inc. devices. By May, members were tweeting to throw out Samsung Galaxy smartphones as well.

This year, Islamic State officials started warning against using WhatsApp, the popular messaging app owned by Facebook, for fears it was being monitored. Officials said operatives should use one of several Western encrypted or hard-to-track messaging apps, such as Surespot, Telegram or Kik, according to security memos reviewed by The Wall Street Journal.

In August, Islamic State supporters lighted up social media over an apparent cyber bombshell. IS Hacking Division claimed responsibility for hacking into the social-media accounts of hundreds of U.S. military members. The group published lists of 1,481 names, departments, email addresses, passwords and phone numbers, warning, “we are in your emails and computer systems, watching and recording your every move, we have your names and addresses, we are in your emails and social media accounts, we are extracting confidential data.”

The hacked list of U.S. military names was retweeted on Aug. 11 by @AbuHu55ain_911, the last known social-media profile on Twitter for Mr. Hussain.

That feed has since been deleted, as has the Twitter feed of his wife, a 45-year-old British onetime punk rocker named Sally Jones who converted to Islam and traveled to Syria to marry Mr. Hussain.

Mr. Hussain appears to have institutionalized Islamic State’s interest in fostering an electronic army. Supporters send daily entreaties to Muslims around the world to move to the caliphate. They also regularly make specialized recruitment drives. A list of needed professional skills published on Islamic State media outlets on Jan. 3 included hackers, “penetrators” and computer programmers.

—Julian E. Barnes in Brussels and Alexis Flynn in London contributed to this article.

Write to Margaret Coker at margaret.coker@wsj.com, Danny Yadron at danny.yadron@wsj.com and Damian Paletta at damian.paletta@wsj.com



Set your profile to public to comment
There are 80 comments.
 

All comments will display your real name. Read our commenting rules.
NewestOldestReader Recommended
Justin Murray
Justin Murray 1 minute ago

We're losing the cyber war because government has the tendency to think "expensive and complicated" beats "accessible". Much like how the electronic music industry split between the expensive and difficult to use university synthesizers provided by government grants and the cheap one invented by Robert Moog that ended up winning, organizations like the NSA with billions for a budget don't understand that the cheap to free tools found on the Internet are far superior tools in cyber warfare than the expensive bureaucracies and tools they've purchased more for prestige purposes than functional.


Governments consistently lose asynchronous warfare with shoestring fighters because shoestring fighters have the incentive to find the best weapon. Governments only look for the most expensive.


The failings of America and why we will continue to lose this fight is because we spend too much on our security apparatus.
Flag ButtonShare
Fred Smith
Fred Smith 6 minutes ago

New technology, meet old technology.  BOOM.
Flag ButtonShare
Bradley S Armstrong
Bradley S Armstrong 13 minutes ago

He got the red white and blue screen of death.
Flag ButtonShare
2
Keith Brainard
Keith Brainard 16 minutes ago

Kill him all you want, just don't waterboard him.



Flag ButtonShare
6




Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72081
    • View Profile
Stratfor on ISIS's cyber capabilities
« Reply #343 on: November 30, 2015, 09:38:39 AM »
Forecast

    The Islamic State will continue efforts to improve its capabilities in communication and offensive attacks in cyberspace.

    The availability of cybercrime tools and services on underground criminal markets will allow the Islamic State to further bolster its existing abilities.

    The geographic spread of the Islamic State's online presence and its ability to tap into underground markets mean that efforts to counter the group's online activities will occur in countries other than Iraq and Syria.

    Regardless of offensive capabilities in cyberspace, the Islamic State's online activities will continue to focus on disseminating propaganda in efforts to draw recruits and funding.

Analysis

On Nov. 13, armed militants killed 130 people in Paris. On Nov. 14, unarmed militants from the public relations branch of the Islamic State sat down at their computers, signed in to their social media accounts — accounts from which they could reach virtually anyone in the world — and claimed responsibility for the attacks.

Propaganda is immensely important to the Islamic State. Part of its mission is to convince the world it is as dangerous as it claims to be, so it is little surprise that the group's behavior on the Internet is every bit as theatrical as its behavior on the battlefield. Even some of the venues of the Paris attacks — a soccer stadium, a concert hall — are structures of performance meant to host large crowds. In that sense, the Islamic State achieved precisely what it intended to on Nov. 13: It commanded the attention of a global audience, which it can use to spread its message and recruit new members.

Harnessing Technology

Islamic State's first claim of responsibility for the Paris attacks was disseminated through a popular instant messaging service, Telegram, which allows end-to-end encrypted communication. A month earlier, the Islamic State's media wing began encouraging its supporters to use the service. After the initial release of the message, the rest of the Islamic State's social media network operators and supporters amplified it further. The initial call to use Telegram drew focus to the Islamic State's technical capabilities in cyberspace, particularly when coupled with the group's repeated claims that it has offensive online capabilities.

Since the Islamic State's online presence began to grow rapidly in 2014, culprits claiming affiliation with the group have carried out numerous unsophisticated online attacks, such as hijacking social media accounts and defacing poorly secured websites. Online harassment of individuals, organizations and whole populations is a tactic frequently used to foster fear without any actual threat of violence. The Islamic State's online media machine has also made claims of hacking U.S. government networks, on some occasions by posting names and personal details claimed to belong to government and military personnel. In addition to carrying out cyberattacks, whether real or fabricated, the Islamic State has more recently attempted to educate its supporters in rudimentary operational security measures when communicating over the Internet.

The Islamic State has indeed given some attention to building up its technical online capabilities and will likely continue to do so. But these capabilities have largely focused on theatrics in online media in an attempt to maintain the group's image as an expanding threat despite losing the momentum it had in 2014, rather than presenting any significant threat to public safety. These capabilities carry even less significance on the battlefields in Iraq or Syria. Nevertheless, the Islamic State likely will continue to incorporate the use of information technology and attempt to expand its technical capabilities in cyberspace.
Social Media

For more than a decade, transnational jihadists have turned to the Internet to spread claims of terrorist attacks. However, the Islamic State has built up a particularly robust and effective online media machine that has placed its propaganda, and a glimpse into its recruitment efforts, on some of the most popular public mediums in the West, including Twitter and Facebook.

No technical sophistication is required in broadcasting social media messages, and the Islamic State's social media presence in terms of users is tiny. In March, the Brookings Institution released a paper estimating that there were only 46,000-90,000 Islamic State Twitter accounts between October and November 2014. This is a small number compared to the number of total Twitter users: 307 million. However, this number of accounts is evidently enough to routinely elevate the Islamic State's propaganda efforts to the level of the international media. The Islamic State's ability to sustain an effective social media presence shows a notable degree of organizational sophistication. Maintaining this kind of presence becomes even more challenging when the group's activities are under relentless scrutiny by international law enforcement and intelligence efforts, social media service providers and anti-Islamic State activists.

The Islamic State has leveraged this social media presence to portray itself as possessing exaggerated offensive capabilities in cyberspace. In March, the "Islamic State Hacking Division" posted a list of 100 names and personal information that the hackers claimed belonged to U.S. military personnel. The hackers said they obtained the information by compromising government databases, but the list was more likely compiled through open source research. In January, someone claiming affiliation with the Islamic State hijacked the U.S. Central Command's Twitter account. However, social media users — particularly those sharing accounts — often take poor security measures in selecting account credentials; thus, hijacking or "hacking" accounts can often be accomplished with cheap tricks.

Communication

The Islamic State intentionally misrepresents its online capabilities in its online propaganda efforts. This feeds into the principal reason for the group's organizational focus on online activities: drawing recruits and funding. However, because the bulk of the Islamic State's social media presence is highly decentralized, with a significant portion spread outside of Iraq and Syria, extensive online communication is required in order to organize its propaganda efforts. The Islamic State's means of communication are diverse — a guard against the effects of any crackdown on social media accounts. As a result, the group has recently begun efforts to at least bolster the security awareness of its broader online audience, such as recommending tools like anonymous communication service "Tor" in hopes of concealing messages.

The Islamic State has made additional efforts to educate its supporters on proper operational security, even circulating a manual on securing communications around more obscure online forums. The manual contains numerous best practices and suggestions, many of which were plagiarized from another manual. Although unlikely to ultimately thwart Western intelligence agencies' targeted surveillance efforts, these practices could pose significant obstacles to law enforcement organizations. However, given the decentralized and dispersed nature of the Islamic State's online presence, it is unlikely that most online supporters will heed all the advice listed in the manual.

Islamic State Hacking

Despite names associated with the Islamic State that imply offensive online capabilities, such as the "Islamic State Hacking Division" or the "Cyber Caliphate," there is no indication that the Islamic State has any organized branch capable of carrying out cyberattacks that could inflict physical harm on individuals or cause significant financial or physical damage.

Thus far, possible Islamic State members and supporters have demonstrated little sophistication in their online offensive abilities. Website defacements are common; the wide array of websites that have been targeted over the past year, along with the use of well-known security exploits, suggests that these efforts have been simply seized opportunities rather than targeted attacks. In other words, these attacks could be carried out by a low-skilled hacker working with simple software that automatically scans a selection of targets for known vulnerabilities and relies on documented exploits to compromise vulnerable targets.

In some cases, online attacks carried out in the Islamic State's name were not in fact carried out by the group's supporters. In April, the French television network TV5Monde suffered several cyberattacks targeting its social media accounts, website and station. The culprits claimed to be associated with the Islamic State, but by June, French authorities believed the attackers were in fact Russian hackers posing as Islamic State militants. In a domain where attributing activity to particular actors can challenge even the most resourceful intelligence agencies, names are trivial.

The Islamic State probably is not capable of carrying out spectacular acts of cyberterrorism, such as targeting critical infrastructure. The group would welcome such capabilities, but so far its use of cyberspace principally has been psychological operations and communications. The low sophistication of its offensive online capabilities has been effective in this regard.

However, the group has clearly put emphasis on publicizing its activities in cyberspace and on recruiting somewhat skilled individuals. In October, Malaysian authorities arrested Ardit Ferizi, a hacker from Kosovo, who U.S. authorities accused of stealing personal information after compromising the network of a U.S. company. Ferizi then allegedly handed the information over to an Islamic State member, Junaid Hussain, who reportedly was killed in a U.S. drone strike on Aug. 25 in Raqqa, Syria. Ferizi had been a known hacker operating under the pseudonym of a group of Kosovar hacktivists. Hussain, likewise, was a known hacker and British national previously associated with a different hacktivist group.

There is nothing to suggest the prevalence of Islamic State supporters with backgrounds similar to Hussain's or Ferizi's, nor are there any indicators that Ferizi and Hussain had highly technical abilities. But their association with the Islamic State shows the group at least has the intent to recruit individuals capable of carrying out cyberattacks, and the group is likely to be able to do so again eventually.

The Islamic State's Next Steps

As it has been for other jihadist groups, the Internet has been a powerful tool for the Islamic State. Given the Islamic State's efforts to recruit hackers to carry out low-level cyberattacks, it seems likely the group will continue to pursue greater capabilities that will help it organize its online communications and its attempts to portray itself as a technically capable threat, though not to the point of committing catastrophic cyberattacks.

Capabilities to carry out cyberterrorism do not necessarily have to come from within the Islamic State. A thriving underground market exists where tools designed to commit cybercrimes for financial gain, such as stealing banking credentials or installing malware that holds critical information on a victim's device hostage for ransom, can be purchased or even rented. Offensive skills for hire and exploits in popular software not publically known (referred to as "zero day" exploits) are also available, and often the buyers and sellers do not have to know each other's identities.

Cybercrime can be a considerably profitable endeavor, potentially earning millions of dollars for the culprits. The existence of such markets means that jihadist groups like the Islamic State could gain offensive capabilities without actually recruiting a person with the necessary skills into the organization. By intersecting with existing global cybercrime networks, the Islamic State could bolster the potential funds earned through its efforts online while potentially increasing the effect of its online attacks and thus boosting its overall propaganda efforts.

Regardless of how far the Islamic State can continue to develop its online capabilities, no improvements in this area will shape its fighting abilities in and around its core territories in Iraq and Syria. Its efforts as an insurgent force largely are independent of its cyberspace activities, and this will likely be reflected in the geography of counter-Islamic State efforts. The large, decentralized pool of supporters being organized over online media and the ability to contract additional capabilities from cybercriminals means that efforts to counter the Islamic State's online activities likely will occur in areas outside of Iraq and Syria, as was the case with Ferizi.



Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72081
    • View Profile
Cryptology Issues
« Reply #346 on: December 26, 2015, 06:38:45 PM »
Similar issues to those presented with Meta Data are presented here, but only more so.  Several of us here focus on quasi-ticking bomb scenarios where meta data is alleged to likely make a difference.  While this may well be (and I am not 100% persuaded) IMHO we also need to keep in mind that we are dealing with an increasingly lawless government a goodly portion of which is prone to regarding us as "extremists", , , IMHO this is worth careful consideration.

WSJ

The Debate Over Encryption: Stopping Terrorists From ‘Going Dark’
Encrypted devices block law enforcement from collecting evidence. Period.
By Richard Burr
Dec. 23, 2015 6:46 p.m. ET


While the terrorist attacks in Paris, San Bernardino, Calif., and Garland, Texas, have brought discussions about encryption to the front pages, criminals in the U.S. have been using this technology for years to cover their tracks. The time has come for Congress and technology companies to discuss how encryption—encoding messages to protect their content—is enabling murderers, pedophiles, drug dealers and, increasingly, terrorists.

Consumer information should be protected, and the development of stronger and more robust levels of encryption is necessary. Unfortunately, the protection that encryption provides law-abiding citizens is also available to criminals and terrorists. Today’s messaging systems are often designed so that companies’ own developers cannot gain access to encrypted content—and, alarmingly, not even when compelled by a court order. This allows criminals and terrorists, as the law enforcement community says, to “go dark” and plot with abandon.

Leaving aside the terrorism challenges, encryption is affecting the investigations of kidnapping, child pornography, gang activity and other crimes. Federal, state, local and tribal law-enforcement officers can obtain legal authority to conduct electronic communications surveillance on terrorists and criminals. But encrypted devices and applications sometimes block access to the data. This means that even when the government has shown probable cause under the Fourth Amendment, it cannot acquire the evidence it seeks.

Technology has outpaced the law. The core statute, the Communications Assistance for Law Enforcement Act, was enacted in 1994, more than a decade before the iPhone existed. The law requires telecommunications carriers—for instance, phone companies—to build into their equipment the capability for law enforcement to intercept communications in real time. The problem is that it doesn’t apply to other providers of electronic communications, including those supporting encrypted applications.

Federal Bureau of Investigation Director James Comey has said that one of the two Garland, Texas, shooters who died carrying out an attack on a Muhammad art exhibit in May exchanged 109 messages with an operative overseas. “We have no idea what he said,” Mr. Comey told the Senate this month, “because those messages were encrypted.” He described this as a “big problem”—and I couldn’t agree more.

Last month Manhattan District Attorney Cyrus R. Vance Jr. released an in-depth report specifically on “smartphone encryption and public safety.” Many cellphones, including those designed by Apple and Google, now encrypt by default all the data they store, which is accessible only with a passcode.

No one, not even the manufacturer, can access a passcode-locked phone. Apple has even touted this as a feature, telling customers that “it’s not technically feasible for us to respond to government warrants for the extraction of this data from devices.” The report states that “passcode-protected devices render lawful court orders meaningless and encourage criminals to act with impunity. The ultimate losers in this equation are crime victims.”

The authors conclude: “Congress should enact a statute that requires any designer of an operating system for a smartphone or tablet manufactured, leased, or sold in the U.S. to ensure that data on its devices is accessible pursuant to a search warrant. Such a law would be well within Congress’s Commerce Clause powers, and does not require costly or difficult technological innovations.”

The challenges presented by encryption extend to financial transactions. In August Sen. Elizabeth Warren wrote letters to six federal agencies voicing concerns that banks were using Symphony, an encrypted messaging system that could prevent regulators from detecting illegal activities. The letter came shortly after New York’s top banking regulator, the New York State Department of Financial Services, raised the same concern with several major banks and Symphony’s developer.

In response, the banks agreed to store decryption keys with independent custodians, and Symphony agreed to retain electronic communications for seven years. All parties also agreed to a periodic review process to make sure that oversight keeps in sync with new technologies.

It would seem to me that daily financial flows shouldn’t command more attention than terrorist or criminal communications, yet here we are. Although the agreement described above may not be the solution for all encrypted communications, it does show that cooperative solutions are possible.

I and other lawmakers in Washington would like to work with America’s leading tech companies to solve this problem, but we fear they may balk. When Apple objected to a recent court order in a New York criminal case requiring it to unlock an iPhone running iOS 7—an operating system that Apple can unlock—the company refused, arguing: “This is a matter for Congress to decide.” On that point, Apple and I agree. It’s time to update the law.

Mr. Burr, a Republican senator from North Carolina, is the chairman of the Senate Select Committee on Intelligence.

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72081
    • View Profile
WSJ: The Data Breach you have not heard about
« Reply #347 on: January 27, 2016, 11:28:48 AM »
The Data Breach You Haven’t Heard About
Foreign hackers may be reading encrypted U.S. government communications, yet basic information about what happened still isn’t available.
ENLARGE
Photo: Getty Images/Ikon Images
By Will Hurd
Jan. 26, 2016 7:15 p.m. ET
66 COMMENTS

A security breach recently discovered at software developer Juniper Networks has U.S. officials worried that foreign hackers have been reading the encrypted communications of U.S. government agencies for the past three years. Yet compared with the uproar over the Office of Personnel Management breach, first disclosed last June, this recent breach has gone largely unnoticed.

On Dec. 17 the California-based Juniper Networks announced that an unauthorized backdoor had been placed in its ScreenOS software, and a breach was possible since 2013. This allowed an outside actor to monitor network traffic, potentially decrypt information, and even take control of firewalls. Days later the company provided its clients—which include various U.S. intelligence entities—with an “emergency security patch” to close the backdoor.

The federal government has yet to determine which agencies are using the affected software or if any agencies have used the patch to close the backdoor. Without a complete inventory of compromised systems, lawmakers are unable to determine what adversaries stole or could have stolen.

If government systems have yet to be fixed then adversaries could still be stealing sensitive information crucial to national security. The Department of Homeland Security is furiously working to determine the extent to which the federal government used ScreenOS. But Congress still doesn’t know the basic details of the breach.

Yet this vital information should not be difficult to obtain. After all, U.S. banks that use this software for encryption were forced to share the extent of their use to the Securities and Exchange Commission only hours after the compromise was disclosed. It is government agencies that are dragging their feet.

This is why I and my colleagues on the House Committee on Oversight and Government Reform recently wrote a letter to the heads of 24 federal agencies demanding an inventory of their systems running the affected software, and whether or not they have installed the patch. If they fail to respond they will be called before Congress to explain why they couldn’t produce this basic information—even though the 2002 Federal Information Security Management Act requires government bodies to monitor and protect the data they possess.

Once we learn which agencies were using the faulty software, finish patching all the systems and conduct a damage assessment, we need to examine why this older version of ScreenOS, last updated in 2011, was being used in the first place. This product is considered a legacy system that many users have replaced with better technology, yet the U.S. government hadn’t bothered to update to a newer, more-secure system.

Sadly, this isn’t surprising. Last year, according to the U.S. Government Accountability Office, the federal government spent over $80 billion on IT procurement and 80% of those funds were for legacy systems—outdated technology or software similar to ScreenOS. This practice of not keeping up with the times renders our nation’s IT infrastructure less efficient and exponentially more vulnerable.

Finally, this incident shows that backdoors to bypass encryption—even those requested by law enforcement or mandated by lawmakers—are extremely dangerous. There is no way to create a backdoor that is not vulnerable to this kind of breach. Encryption is essential to our national security and economy; we should be focused on strengthening it not weakening it.

Rep. Hurd, a Republican from Texas, sits on the House Homeland Security Committee and is chairman of the IT Subcommittee on Oversight and Government Reform.

G M

  • Power User
  • ***
  • Posts: 26643
    • View Profile
Re: Cyberwar, Cyber Crime, and American Freedom
« Reply #348 on: January 27, 2016, 11:44:40 AM »
We are so scroomed.

ccp

  • Power User
  • ***
  • Posts: 19659
    • View Profile
Re: Cyberwar, Cyber Crime, and American Freedom
« Reply #349 on: January 27, 2016, 01:21:25 PM »
"On Dec. 17 the California-based Juniper Networks announced that an unauthorized backdoor had been placed in its ScreenOS software, and a breach was possible since 2013."

We do the majority of R & D and bear the burden of cost and simply give it all away through sharing, and theft.

What do they mean "unauthorized backdoor"?   Screw up?  Espionage?  Traitor?  What?

I remember sitting at the same lunch table with the CEO of Juniper networks back in the Gilder days at his tech conference in Memphis 1999? maybe.  Wonder if he still CEO.

Those were the glory days of Gilder tech. :-)