cyber attacks

...now browsing by tag

 
 

Cyber Fear Echo Chamber

Wednesday, December 2nd, 2009



 

Theologians, Politicians, and Financiers agree! When in doubt use a little fear and not FUD.

Interesting how things pick up right where we left off; with discussion of MAD and CyOffensive Stratagies. A policy of ‘deterrence’ only works when you are not bluffing, and can neutralize your opponent. Hence
Can America take over the internet?”, because thats the only way such a policy would be effective. CyWar is more of a guerrilla operation, there is no specific target to nuke.

 

A threat pops up here, we whack it down, and another one comes up here – this is the environment that many of your enterprise cybersecurity officers are facing,”Bruce McConnell, counselor to DHS’ top cybersecurity official


Threats like al Qaeda?

 

I don’t think they’re the most capable in the world, but they have some capability,”Former Homeland Security Secretary Michael Chertoff


I am worried about some terrorist group [with] the capability to destroy the U.S. money supply,” The impact of such an attack would be “an order of magnitude greater” than the Sept. 11 terrorist attacksthe former Director of National Intelligence Mike McConnell


Spottswoode: From what Intelligence has gathered, it would be 9/11 times 100.
Gary:9/11 times 100? Jesus, that’s–”
Spottswoode: “Yes, 91,100.

Kim Jong Il:It will be 9/11 times 2,356.”
Chris:My god, that’s… I don’t even know what that is.”
Kim Jong Il: Nobody does.” – Team America World Police

 


FBI Suspects Terrorists Are Exploring Cyber Attacks

While there is no evidence that terrorist groups have developed sophisticated cyber-attack capabilities, a lack of security protections in U.S. computer software increases the likelihood that terrorists could execute attacks in the future, the official warned.

If terrorists were to amass such capabilities, they would be wielded with “destructive and deadly intent,”

Cyber agencies mum on how they try to identify cyberattackers

Identifying the sources of cyberattacks might not be technically possible in all cases, federal agencies can draw conclusions based on motive and the consequences of the attack

There is “no evidence” terrorists are ready for CyWar, but Chertoff seems to think they have some capability, and McConnell is worried they will destroy the economy before the bankers finish it off.  I almost feel like some of these people are doing the work of the terrorists by striking fear of  “destructive and deadly” CyAttacks into the hearts of hard working men and women.

McAfee stirred things up the month with some secondhand fearmongering.

Nations all over the world are gearing up for a cyber war and that everyone must adapt to these threats”David Dewalt, McAfee president and CEO

Now the media, which knows exactly squat about CySec, can only put into the echo chamber what they are fed into the. Which is exactly what happens with the McAfee statements.

McAfee Cautions About The Possibility Of Cyber Wars

Cyber Warfare Warning Sounded

Cyber Warfare Warning Sounded
In its annual report on cybercrime, McAfee says that the age of cyber warfare has arrived.

FBI Suspects Terrorists Are Exploring Cyber Attacks

Separately, the computer anti-virus company McAfee Inc. issued a report by Paul Kurtz, who led the cyber-security review for the Obama transition team. He concluded that some cyber-attacks in 2007, including Israeli cyber-attacks on Syria and U.S. cyber-weapons employed in Iraq, constitute cyber-warfare.

Cyber ‘cold’ war may have started

Cyber ‘cold’ war may have started


Hold the phone. A cyber cold war? I’ve been talking about this for several months now. To clarify it is not a ‘cyber cold war’, it is The Cold War. The established and powerful military industrial complex, which Dwight Eisenhower warned us against, is moving its resources into the Intelligence Industrial Complex. The same old players, now working the intelligence angle; The Cold War.

 

CyberWar is a Racket

Under the threat of war, the cost of defense is never too high. A nation is under significant obligation to protect its investments where ever they may be. What we see now, is the transition from physical to electronic defense. The United States is returning to Cold War status. In preparation for this the advancement of technology and the power of the intelligence community is of the foremost importance. In order to maintain a position of dominance, the government must sustain its partnership with wartime industry. Through a metamorphosis of the “military industrial complex”, into a new “intelligence industrial complex”, this accomplishment can be witnessed. The ever present fear of terrorism will still be used as justification for sustained engagement. The new terrorist threat comes from what the media refers to as hackers.

 

Its not even McAfee’s report. It’s Richard A. Clarke’s. See how this works? The Public-Private sycophants spoon feed the media into a frenzy to get them stirred up. The media echo chamber picks up the supplied message, and unsuspecting members of the public become influenced by it and believe the lie, which causes them to be more than willing to vote for any sort of legislation that could remedy the issue. Sounds like we’ve gone back to the Hegelian scheme once again.

Dick Destiny
The report itself is attributed to Paul Kurtz, another of Richard Clarke’s
men. Buttressing quote is furnished by Greg Rattray, another in a small
circle of individuals all known for pushing the coming age of cyberwar.

Paul Kurtz, if you remember, was one of my first picks for CyCzar.

CzarWars Episode 1
Paul Kurtz an Obama advisor who served in the national security council
under bush and Clinton, he has in the white house for long enough to
know its politics. Kurtz is also one of the people quoted in the
findings on which the Cybersecurity Act was drafted saying “the United
States is unprepared to respond to a `cyber-Katrina’ and that `a
massive cyber disruption could have a cascading, long-term impact
without adequate co-ordination between government and the private
sector”. Here is a person that fits my criteria, he is technical,
political, and a possesses an overwhelming desire to over-hype the
cybersecurity threat with the understanding that it will create revenue
to his and others private interests. It’s all about the money. If you
check out the consulting team Paul B. Kurtz is on, it’s also about the
cyber-FUD.


He is also mentioned in the CySecurity Act of 2009:

 

(6) Paul Kurtz,
a Partner and chief operating officer of Good Harbor Consulting as well
as a senior advisor to the Obama Transition Team for cybersecurity,
recently stated that the United States is unprepared to respond to a
`cyber-Katrina’ and that `a massive cyber disruption could have a
cascading, long-term impact without adequate co-ordination between
government and the private sector.’.


The people who stand to make the most profit from a little cyFear create a report. They give it to a company whose name is well known to the general public. The company feeds the report into the media echo chamber which bounces it back and forth making it seem legitimate. The public believes the lie, and is now willing to continue funding the people who stand to make the most profit from a little cyFear.

Hegelian Dialectic – Step 1: need $$$ Step 2: FUD Step 3: $$$

 

 

Despite the apparent lack of leadership or direction, the money is still getting spent. It seems that many of the recommendations set out in the proposed bill 773 are being implemented. Regional CySecurity Centres, and competitions to recruit skilled workers are two I can think of at the moment. In addition to competition based recruitment, thousands of skilled CyOps (Cyber Operators) have been offered employment for the purpose of national CySecurity. It is not just regional centres, which as the bill suggested would be facilitated by existing local institutions, but there are many new structures being constructed.


It’s almost as if they are taking CySecurity and the CyWar seriously, while appearing to seem incompetent. I know what you’re thinking, it’s the government, “
Never ascribe to malice that which is adequately explained by incompetence”, but I’ve never agreed with that statement. I know that by feigning incompetence you can avoid responsibility, it’s even in the Art of War; “Appear weak when you are strong, and strong when you are weak.

By preventing unwanted meddling with development of CyDefenses, the NSA and DHS and their corporate partnerships are actually throwing a fair amount of money at the problem. The issue with the CyCzar, and apparent lack of focus, could be a clever ruse.

So what is the real plan?
Monitoring, storeing and most importantly indexing every communication possible. Why else would the NSA be in charge? Now they have their own Air Force unit, where the CyWar will begin to merge with NetCent Ops. Imagine! A mobile militarized and offensive arm of the NSA; for those hard to reach communications during the next Cold War years.

CyWar is job security for an industry who has run out of sophisticated enemies to fight on the ground.


Bonus:

Buzzword: “IT Eco-System”
Freudian Typo:

Senate Panel: 80 Percent of Cyber Attacks Preventable

We need to, as a nation and as an IT echo system, continue to make it more simple for people to institute protections to determine if they’ve been compromised and to make sure they stay secure,” said Reitinger, a former Microsoft executive.

Response to “Thinking about cyber offensive capabilities”

Thursday, September 17th, 2009

MAD

http://threatchaos.com/2009/09/thinking-about-cyber-offensive-capabilities/

Should the US engage in offensive cyber attacks?

All warfare is based on deception….

With the NSA’s acquisition of cybercommand, we have a fair indicator of the nation’s digital offensive capability and direction. Cyber attacks such as denial of service are much too public for the intelligence community.  The cyber offensive will come in the form of information collection and subversion of the enemy population, the infowar. Psychological operations will continue to be carried out as they have been for decades, only now with a massive influx of skilled technologists to maintain the competitive electronic edge. Kinetic attacks are also very much a reality. Such was the case when Russia acquired a piece of software corrupted by western intelligence, which caused damage to a pipeline.

“”The result was the most monumental non-nuclear explosion and fire ever seen from space,” he recalls, adding that U.S. satellites picked up the explosion. Reed said in an interview that the blast occurred in the summer of 1982.”

http://www.msnbc.msn.com/id/4394002

Without an external botnet to control, undue stress would be placed on the networks. However, it is likely that the command and control of existing botnets could be subverted by the cybercommand and used to against remote targets. Reflecting on the historical nature of nuclear, biological, and chemical warfare, it does not seem to be a stretch of the imagination to believe that governments would be willing to develop new attacks. By utilizing offensive tactics such as worms, viruses, and even electromagnetic pulse attacks to achieve some objective, suddenly we have a new threat of cyber collateral damage. There is already a precedent for clandestine cyber warfare, and one can only imagine this will continue to escalate.

Will we see cyber Mutually Assured Destruction, the “Deterrence by in-kind response”?

That seems to be how these things reach their apex.  Only by fully developing offensive capability will a nation no longer be subject to a major attack. Or at least that’s the logic behind it.  MAD is the old school way of thinking, and sometimes it’s hard for the old war dogs to learn new tricks. Perhaps through education and training at the local level, a holistic approach to national cyber defense can be effective, this as opposed to relying on government and corporate entities to assume the whole of the burden. One thought on a sort of cyber homeland security is to offer the civilians an opportunity to participate in the federal botnet, offering up their systems willingly to fight the “enemy”.  Learning the lesson from America’s forefathers and establishing a well armed militia for the defense of the nation.

Attacks should not be used as a deterrent, after all the best offense is a good defense, and the enemy could use an event to draw their opponent into a conflict where they possess the higher ground.  One should make their position unassailable, and wait for their opponents to reveal themselves and with it their weakness.

The 24th airborne are training for cyber operations. They are learning to deploy physical assets to defend communications lines, and methods of attack on various targets such as networks, industrial control systems, radio, and air defense. True cyber war will be the combination of traditional combat blended with advanced technological attacks by ‘hacking’ the enemy in the field as a means to gain and advantage. Realistically speaking this is nothing new. ‘Hackers’, and more specifically ‘Crackers’, have played a significant and decisive role in warfare for decades.  Without the employment of these skilled technologists, the result of the Second World War may have been quite different. The connection between cyber war and the NSA is quite clear. By compromising the enemy’s communications, obtaining their documents, and influencing their actions. The outcome of a conflict can be predicted before the first move has ever been made.

On the netcentric battlefield, can there be anything other then western dominance?  The irony there is that there does not seem to be someone their own size to pick on, and they fall victim to the same guerilla warfare that acted as their own midwife into existence. The west owns space, the sky, the airwaves, and the technology. The netcentric warfighter is progressing into the future with little to no opposition, yet continues to fall prey to primitive attacks (though perhaps that’s what the British said about the colonists). I suppose one could envision a future battlefield where technologists play a game of virtual chess, attempting to outhack each other before the first shot is fired.

A cyber Geneva Convention, some UN mandated rules of engagement, would be totally ineffective on the virtual battlefield. Control of the media, political spin, and the very nature of cyber combat, will maintain the air of plausible deniability for any sort of electronic offensive. Protected by secrecy they will be able to carry out operations that supersede any national or international laws.  Privacy, property, and speech have long since fallen victim to this system.

We need to keep in mind the division of roles between the military cybercommand and Homeland cyber security.  Any offensive actions would come from the military.  The protection of non-military government and critical infrastructure systems is the function of Homeland Security.  The protection of the civilian end user of the internet has been delegated to the corporate sector.

So with that perspective, the cybercommand has no role other then military defense of its own networks and to carry out attacks against the enemy. The defense of infrastructure is completely separate. It has less to do with protecting the people, and more focused on defending the critical infrastructure which the government relies upon to operate. In other words, if an attack only affects non-critical sites such as mybook or twitterface, then the general public must look to the corporations to resolve this issue.

The US will continue to conduct intelligence operations against foreign and domestic targets using the most advanced technology and best available labor. Ground forces have been appropriated for kinetic operations. We can call this cyberwar if you wish.

Twitter links powered by Tweet This v1.8, a WordPress plugin for Twitter.

Get Adobe Flash player