Posts Tagged ‘hacktivism’

CSI releases first in a new series of whitepapers

Wednesday, February 3rd, 2010

The Cyber Secure Institute (CSI), a group looking to raise awareness about cyber security, has released it’s first whitepaper in a new series about cyberwar. This whitepaper, written by retired USAF General Eugene Habiger, addresses the need for a new approach towards viewing cyberwar. Gen. Habiger goes on to validate his claims with real-world examples, showing that our “rotary-phone-era stratgies are not well suited for today’s digital world.”

One of the main focuses of this whitepaper is showing that our tried-and-true methodologies of preemption and deterrence aren’t well suited to digital warfare. While both shouldn’t be left out of the cyberwarfare playbook, General Habiger builds the case for needing an alternative that is more suited for the digital battle ground.

Preemption relies on being able to detect an attack before it happens and respond in a way that prevents the attack. In the physical world preemption is a game of “I spy” watching troop movements and gathering intelligence; then responding with force directed at the aggressor. When we look at a similar strategy in the digital world, it becomes much more difficult. Detection before-the-fact because a bit more of a guessing game. It’s very possible to create or recruit a botnet, discover an 0-day, or gather intelligence on a target without any visible or detectable signs. Beyond simply finding a cyberattack in order to preempt it, there also are issues inherent in the response. In many cases attackers may be distributed across various nations (including the one being attacked) making it very hard to deliver a decisive blow and stopping the attack all together.

Deterrence, on the other hand, has a lot to do with stopping an attacker in the planning stages of an attack. The idea is when an attacker looks to make a move, they have to take into account the repercussions of their decision. To take a page from the history books, the cold war is a perfect example of deterrence. Any nation foolish enough to launch an offensive nuclear weapon would be met in kind. When we try and map this concept to the cyberwar, we reach an interesting conclusion: we’ve got a lot more to lose than they do and as with preemption, we have to be able to know who did it.

General Habiger concludes the paper with a call to arms for inherent security – security that is built in, not an after thought. He goes on to suggest that security be made so inherent that the basics would be taught in school or shown as public service announcements. This “paradigm shift” to inherent security creates an environment where security is within every layer of the internet, from the end-user to the hardware an application runs on. While such a methodology provides no obvious offensive strategies, it does harden the infrastructure and provide a much more appropriate defense.

References:

Cyber Secure Institute home page

Cyberwarfare and Cyberterrorism: The need for a new U.S. strategic approach – Gen. Habiger

Summary of Gen. Habiger’s 10 main points

Tags: , , , ,
Posted in Reviews | 1 Comment »

Paypal Shuts down the Hackers for Charity

Wednesday, July 15th, 2009

It would seem in an attempt to keep fraud off Paypal, the Hackers for Charity (and Johnny himself) have been put in quite a pickle. While out in Kenya helping fight off the world’s problems, Paypal has gone ahead and frozen his account because of some paperwork issues. I agree that security and fraud protection are paramount for an organization such as Paypal; however, their poor response time and awful support system have left something to be desired.

For more information, check out:

http://www.hackersforcharity.org/259/paypal-shuts-us-down/

Tags: , , , , , ,
Posted in SamuraiNet Archive | No Comments »

Hackers For Charity

Saturday, November 1st, 2008

In one of my recent HFC emails, I read the following:

“This month, I thought that it would be fun to partner up with Hackers
for Charity in order to raise money for the people of Uganda. The
Academy has offered to donate $1 to Hackers for Charity for every user
that registers for a free account at www.theacademy.ca for the entire
month of November. If you’re a registered user already please forward
this email or post it on a blog. Anything you can do to spread the
word would be greatly appreciated. Let’s try to make a substantial
donation to charity this month. Thanks everybody!”

As this seems like a good cause, I thought I’d repost it here. You don’t even have to be active, just register.

Enjoy!

Tags: , , , ,
Posted in SamuraiNet Archive | 1 Comment »

America’s Cyber Defense… or lack there of

Saturday, May 10th, 2008

Over the past few years more and more news has arrisen about hacking becoming a part of warfare, however; it seems that though it has a tactical advantage and is a powerful resource for any government that uses it, it is not paid enough attention to. Governments’ lax attitude towards these actions only prove to encourage.

Attacks on the defense department by Chinese web sites (http://www.washingtonpost.com/wp…8/24/AR2005082402318.html) have been used as well as trojans on external harddrives and direct hacking attempts. Still recourse has only been to “harden networks” and “further investigate” things. While these are both important, and I’m glad to see that “hardening networks” is on the list, but the problem is at the source: we have not made clear we see it as a threat. Had Chinese spies entered the DoD building and stolen critical data more than an “investigation” would ensue, yet if the same sensitive material was stolen over the internet the reaction would be quite different.

Attacks of these types be they political or economical (targeting corporations) have proven to be effective. So effective that attacks such as Distrusted Denial of Service attacks are for sale. Estonia’s entire infrastructure was damaged when a massive DDoS attack rendered their “eGovernment” useless.

According to an article at Bloggernews.com (http://www.bloggernews.net/115503) cyber warfare is here. This is no surprise to the rest of us, but what I find most interesting is that the government’s reaction was saying not to use email for critical and sensitive information transfer. Again, this is exactly the problem I speak of. I am by no means advocating another offensive war, nor am I trying to raise hatred against China or any other nation. I simply and pointing out that we are leaving ourselves unprepared. Speak up! Raise your voice. Politicians are afraid to lose their seats. If we make it clear that our nation’s cyber security is paramount, perhaps something will be done.

Tags: , , ,
Posted in SamuraiNet Archive | 3 Comments »

Reading Rainbow: Episode 3

Sunday, April 27th, 2008

Welcome back boys and girls,

I have some great articles for you this week.

Political Lobbying,.. the hacker way – An XSS vulnerability in Obama’s website was exploited to redirect visitors to Clinton’s website. Not the most difficult hack of the year by far, but still entertaining.

Hackers For Hire – News Corp. has been accused of hiring a hacker to do monetary damage to Dish Network Corp.

Interview with Matt Mullenweg – Matt Mullenweg gives his views on the future of WordPress as well as the internet social scene. (The video has alot of background noise, but is worth a watch)

Cyber-warfare – Cyber security students entered in the NSA’s competition must defend their networks from the NSA’s top hackers.

How green is green? – Is that printer you just bought “green enough” or was it another marketing scam?

Tags: , , , ,
Posted in SamuraiNet Archive | No Comments »