Posts Tagged ‘cyber warfare’

CSI releases first in a new series of whitepapers

Wednesday, February 3rd, 2010

The Cyber Secure Institute (CSI), a group looking to raise awareness about cyber security, has released it’s first whitepaper in a new series about cyberwar. This whitepaper, written by retired USAF General Eugene Habiger, addresses the need for a new approach towards viewing cyberwar. Gen. Habiger goes on to validate his claims with real-world examples, showing that our “rotary-phone-era stratgies are not well suited for today’s digital world.”

One of the main focuses of this whitepaper is showing that our tried-and-true methodologies of preemption and deterrence aren’t well suited to digital warfare. While both shouldn’t be left out of the cyberwarfare playbook, General Habiger builds the case for needing an alternative that is more suited for the digital battle ground.

Preemption relies on being able to detect an attack before it happens and respond in a way that prevents the attack. In the physical world preemption is a game of “I spy” watching troop movements and gathering intelligence; then responding with force directed at the aggressor. When we look at a similar strategy in the digital world, it becomes much more difficult. Detection before-the-fact because a bit more of a guessing game. It’s very possible to create or recruit a botnet, discover an 0-day, or gather intelligence on a target without any visible or detectable signs. Beyond simply finding a cyberattack in order to preempt it, there also are issues inherent in the response. In many cases attackers may be distributed across various nations (including the one being attacked) making it very hard to deliver a decisive blow and stopping the attack all together.

Deterrence, on the other hand, has a lot to do with stopping an attacker in the planning stages of an attack. The idea is when an attacker looks to make a move, they have to take into account the repercussions of their decision. To take a page from the history books, the cold war is a perfect example of deterrence. Any nation foolish enough to launch an offensive nuclear weapon would be met in kind. When we try and map this concept to the cyberwar, we reach an interesting conclusion: we’ve got a lot more to lose than they do and as with preemption, we have to be able to know who did it.

General Habiger concludes the paper with a call to arms for inherent security – security that is built in, not an after thought. He goes on to suggest that security be made so inherent that the basics would be taught in school or shown as public service announcements. This “paradigm shift” to inherent security creates an environment where security is within every layer of the internet, from the end-user to the hardware an application runs on. While such a methodology provides no obvious offensive strategies, it does harden the infrastructure and provide a much more appropriate defense.

References:

Cyber Secure Institute home page

Cyberwarfare and Cyberterrorism: The need for a new U.S. strategic approach – Gen. Habiger

Summary of Gen. Habiger’s 10 main points

Tags: , , , ,
Posted in Reviews | 1 Comment »

Reading Rainbow: Episode 10

Monday, July 7th, 2008

“90% of emails sent are spam” is a statistic found on the following article. With such a large percentage of emails being considered spam protection techniques need to move to proactive, rather than reactive. One method being suggested is tracking the sources and flow of email traffic.http://sify.com/finance/fullstory.php?id=14698112

In my continuing search for information pertaining to cyber warfare I have found the following two articles. The first describes why global hackers are so hard to detect and the problems both security related and political this creates. The second article shows that France is making an effort to join the “digital front line.” It explains France’s strategy to get into the cyber warfare game. http://www.livescience.com/technology/080619-chinese-hackers.html http://news.xinhuanet.com/english/2008-06/19/content_8402780.htm

This article lists 10 of the most infamous “black hat’s” over the years along with what they are known for doing. Interestingly enough, the fact that they are known shows they are not quite as good as people make them out to be. http://www.itpro.co.uk/603831/ten-of-the-most-infamous-black-hat-hackers

With anti-virus software and firewalls on the rise, virus writes have moved to targeting routers. By changing the DNS settings on a router the attacker gains control of all traffic the infected network has access too. Pointing sites to malware ridden pages or conducting man-in-the-middle attacks are only the beginning of this potential. http://www.itpro.co.uk/603852/new-trojan-threat-able-to-control-network-routers

“Be careful what you say” is something we’ve all heard, but in the current day and age perhaps “be careful what you email” is more relevant. Two Bear Stearns hedge fund managers have been brought up on charges for misleading investors. Part of the evidence are email records proving that these two knew the market was not where they claimed it to be. http://biz.yahoo.com/ap/080620/bear_stearns_investigation.html

MySQL may be partially going closed source thanks to Sun, but IBM is taking DB2 to the open source market. It is not directly going to be put out for all eyes, but according to Chris Livesey it is inevitable that DB2 will end up in the open source world. Read more here: http://news.cnet.com/IBM-to-open-source-DB…1694.html?tag=html.alert.hed

For those of you old enough to remember some of Blizzard’s classics: Diablo and Diablo II (and Lord of Destruction), it seems Blizzard is going to be blessing us with Diablo III. So far 2 character classes have been released, the barbarian and the witch doctor. http://www.blizzard.com/diablo3/

Tags: , , , , , , , , , ,
Posted in SamuraiNet Archive | No Comments »

Reading Rainbow: Episode 9

Monday, June 16th, 2008

Virtual machine’s use unique MAC addresses to access the internet. This article provides a listing of their identifiers so that you may asertain whether or not a particular machine is within a Virtual machine. http://blogs.techrepublic.com.com/networking/?p=538&tag=nl.e102

Botnets are no new threat and neither is the way they are used. The article shows some statics on just how powerful they are and what sorts of damages they are doing. The second link provided is from SANS and discusses a proactive, rather than reactive way to deal with the possibility of infection. The final link provided shows how bot herders are using their destructive potential to make money. With such a lucrative business in place it puts more and more pressure on security professionals to take the next step in securing their systems. http://www.sourcewire.com/releases/rel_display….9472&hilite= http://isc.sans.org/diary.html?date=2008-06-14 http://www.technewsworld.com/story/The-….Con-Game-63357.html

Again we find proof that hackers are compromising government systems and using the data attained to raise problems. What is possibly more disturbing is the government’s continuing lax efforts to deal with the issue at hand. It seems that just pushing it under the carpet is the defacto method of dealing with these problems, when the correct approach should be to deal with the problem at the source. Here we see that Chinese hackers actually managed to gain access to dissident lists and actually managed to find the people on those lists. http://ap.google.com/article/ALeqM5g….ZaBwez4_gq7mwD918ATTG0

Mozilla’s Firefox 3 was supposed to come packaged with “private browsing” a “no digital trail” method of surfing the net, however; because of the amount of code affected by this options it has been released without this feature. http://news.cnet.com/8301-10789_3-9967829-57.html

Tags: , , , , , ,
Posted in SamuraiNet Archive | No Comments »

Reading Rainbow: Episode 8

Saturday, June 7th, 2008

Restrictive passwords make cracking more difficult by requiring that users use a wider range of characters; however, can restrictive password policies actually decrease time required to crack? This blog goes into the math behind it. http://lukenotricks.blogspot.com/2008/03/more-on-counting-restrictive-password.htm

Mozilla has a new campaign to break the world record for number of downloads in 24 hours. They have even gone to allowing people to pledge downloads, to be sure they accomplish their goal. This is an interesting marketing campaign. http://www.spreadfirefox.com/en-US/worldrecord/

In a previous post (America’s Cyber defense or lack there of) I pointed out problems with foreign hackers and our government. Here are two articles as a semi-continuation of the saga. http://www.scmagazineus.com/Potential-security-breach-by-China/article/110790/ http://www.thehindubusinessline.com/2008/06/04/stories/2008060451781200.htm

If you are considering being in the IT field or are looking to hire new IT staff, this article is well worth a read. 30 items that IT staff should know. I don’t agree with all 30, but the list itself is something to be looked at and will help you evaluate yourself or potential staff. http://www.infoworld.com/article/08/06/02/23FE-how-to-fire-IT-staff-skills-list_1.html

After battling with an .htaccess problem all day long I ended up at this article. It didn’t solve my problem, but is a great source of information on all things .htaccess. http://perishablepress.com/press/2006/01/10/stupid-htaccess-tricks/

Tags: , , , , , ,
Posted in SamuraiNet Archive | No Comments »

America’s Cyber Defense… or lack there of

Saturday, May 10th, 2008

Over the past few years more and more news has arrisen about hacking becoming a part of warfare, however; it seems that though it has a tactical advantage and is a powerful resource for any government that uses it, it is not paid enough attention to. Governments’ lax attitude towards these actions only prove to encourage.

Attacks on the defense department by Chinese web sites (http://www.washingtonpost.com/wp…8/24/AR2005082402318.html) have been used as well as trojans on external harddrives and direct hacking attempts. Still recourse has only been to “harden networks” and “further investigate” things. While these are both important, and I’m glad to see that “hardening networks” is on the list, but the problem is at the source: we have not made clear we see it as a threat. Had Chinese spies entered the DoD building and stolen critical data more than an “investigation” would ensue, yet if the same sensitive material was stolen over the internet the reaction would be quite different.

Attacks of these types be they political or economical (targeting corporations) have proven to be effective. So effective that attacks such as Distrusted Denial of Service attacks are for sale. Estonia’s entire infrastructure was damaged when a massive DDoS attack rendered their “eGovernment” useless.

According to an article at Bloggernews.com (http://www.bloggernews.net/115503) cyber warfare is here. This is no surprise to the rest of us, but what I find most interesting is that the government’s reaction was saying not to use email for critical and sensitive information transfer. Again, this is exactly the problem I speak of. I am by no means advocating another offensive war, nor am I trying to raise hatred against China or any other nation. I simply and pointing out that we are leaving ourselves unprepared. Speak up! Raise your voice. Politicians are afraid to lose their seats. If we make it clear that our nation’s cyber security is paramount, perhaps something will be done.

Tags: , , ,
Posted in SamuraiNet Archive | 3 Comments »