cyber

...now browsing by tag

 
 

Cyber Fear Echo Chamber

Wednesday, December 2nd, 2009



 

Theologians, Politicians, and Financiers agree! When in doubt use a little fear and not FUD.

Interesting how things pick up right where we left off; with discussion of MAD and CyOffensive Stratagies. A policy of ‘deterrence’ only works when you are not bluffing, and can neutralize your opponent. Hence
Can America take over the internet?”, because thats the only way such a policy would be effective. CyWar is more of a guerrilla operation, there is no specific target to nuke.

 

A threat pops up here, we whack it down, and another one comes up here – this is the environment that many of your enterprise cybersecurity officers are facing,”Bruce McConnell, counselor to DHS’ top cybersecurity official


Threats like al Qaeda?

 

I don’t think they’re the most capable in the world, but they have some capability,”Former Homeland Security Secretary Michael Chertoff


I am worried about some terrorist group [with] the capability to destroy the U.S. money supply,” The impact of such an attack would be “an order of magnitude greater” than the Sept. 11 terrorist attacksthe former Director of National Intelligence Mike McConnell


Spottswoode: From what Intelligence has gathered, it would be 9/11 times 100.
Gary:9/11 times 100? Jesus, that’s–”
Spottswoode: “Yes, 91,100.

Kim Jong Il:It will be 9/11 times 2,356.”
Chris:My god, that’s… I don’t even know what that is.”
Kim Jong Il: Nobody does.” – Team America World Police

 


FBI Suspects Terrorists Are Exploring Cyber Attacks

While there is no evidence that terrorist groups have developed sophisticated cyber-attack capabilities, a lack of security protections in U.S. computer software increases the likelihood that terrorists could execute attacks in the future, the official warned.

If terrorists were to amass such capabilities, they would be wielded with “destructive and deadly intent,”

Cyber agencies mum on how they try to identify cyberattackers

Identifying the sources of cyberattacks might not be technically possible in all cases, federal agencies can draw conclusions based on motive and the consequences of the attack

There is “no evidence” terrorists are ready for CyWar, but Chertoff seems to think they have some capability, and McConnell is worried they will destroy the economy before the bankers finish it off.  I almost feel like some of these people are doing the work of the terrorists by striking fear of  “destructive and deadly” CyAttacks into the hearts of hard working men and women.

McAfee stirred things up the month with some secondhand fearmongering.

Nations all over the world are gearing up for a cyber war and that everyone must adapt to these threats”David Dewalt, McAfee president and CEO

Now the media, which knows exactly squat about CySec, can only put into the echo chamber what they are fed into the. Which is exactly what happens with the McAfee statements.

McAfee Cautions About The Possibility Of Cyber Wars

Cyber Warfare Warning Sounded

Cyber Warfare Warning Sounded
In its annual report on cybercrime, McAfee says that the age of cyber warfare has arrived.

FBI Suspects Terrorists Are Exploring Cyber Attacks

Separately, the computer anti-virus company McAfee Inc. issued a report by Paul Kurtz, who led the cyber-security review for the Obama transition team. He concluded that some cyber-attacks in 2007, including Israeli cyber-attacks on Syria and U.S. cyber-weapons employed in Iraq, constitute cyber-warfare.

Cyber ‘cold’ war may have started

Cyber ‘cold’ war may have started


Hold the phone. A cyber cold war? I’ve been talking about this for several months now. To clarify it is not a ‘cyber cold war’, it is The Cold War. The established and powerful military industrial complex, which Dwight Eisenhower warned us against, is moving its resources into the Intelligence Industrial Complex. The same old players, now working the intelligence angle; The Cold War.

 

CyberWar is a Racket

Under the threat of war, the cost of defense is never too high. A nation is under significant obligation to protect its investments where ever they may be. What we see now, is the transition from physical to electronic defense. The United States is returning to Cold War status. In preparation for this the advancement of technology and the power of the intelligence community is of the foremost importance. In order to maintain a position of dominance, the government must sustain its partnership with wartime industry. Through a metamorphosis of the “military industrial complex”, into a new “intelligence industrial complex”, this accomplishment can be witnessed. The ever present fear of terrorism will still be used as justification for sustained engagement. The new terrorist threat comes from what the media refers to as hackers.

 

Its not even McAfee’s report. It’s Richard A. Clarke’s. See how this works? The Public-Private sycophants spoon feed the media into a frenzy to get them stirred up. The media echo chamber picks up the supplied message, and unsuspecting members of the public become influenced by it and believe the lie, which causes them to be more than willing to vote for any sort of legislation that could remedy the issue. Sounds like we’ve gone back to the Hegelian scheme once again.

Dick Destiny
The report itself is attributed to Paul Kurtz, another of Richard Clarke’s
men. Buttressing quote is furnished by Greg Rattray, another in a small
circle of individuals all known for pushing the coming age of cyberwar.

Paul Kurtz, if you remember, was one of my first picks for CyCzar.

CzarWars Episode 1
Paul Kurtz an Obama advisor who served in the national security council
under bush and Clinton, he has in the white house for long enough to
know its politics. Kurtz is also one of the people quoted in the
findings on which the Cybersecurity Act was drafted saying “the United
States is unprepared to respond to a `cyber-Katrina’ and that `a
massive cyber disruption could have a cascading, long-term impact
without adequate co-ordination between government and the private
sector”. Here is a person that fits my criteria, he is technical,
political, and a possesses an overwhelming desire to over-hype the
cybersecurity threat with the understanding that it will create revenue
to his and others private interests. It’s all about the money. If you
check out the consulting team Paul B. Kurtz is on, it’s also about the
cyber-FUD.


He is also mentioned in the CySecurity Act of 2009:

 

(6) Paul Kurtz,
a Partner and chief operating officer of Good Harbor Consulting as well
as a senior advisor to the Obama Transition Team for cybersecurity,
recently stated that the United States is unprepared to respond to a
`cyber-Katrina’ and that `a massive cyber disruption could have a
cascading, long-term impact without adequate co-ordination between
government and the private sector.’.


The people who stand to make the most profit from a little cyFear create a report. They give it to a company whose name is well known to the general public. The company feeds the report into the media echo chamber which bounces it back and forth making it seem legitimate. The public believes the lie, and is now willing to continue funding the people who stand to make the most profit from a little cyFear.

Hegelian Dialectic – Step 1: need $$$ Step 2: FUD Step 3: $$$

 

 

Despite the apparent lack of leadership or direction, the money is still getting spent. It seems that many of the recommendations set out in the proposed bill 773 are being implemented. Regional CySecurity Centres, and competitions to recruit skilled workers are two I can think of at the moment. In addition to competition based recruitment, thousands of skilled CyOps (Cyber Operators) have been offered employment for the purpose of national CySecurity. It is not just regional centres, which as the bill suggested would be facilitated by existing local institutions, but there are many new structures being constructed.


It’s almost as if they are taking CySecurity and the CyWar seriously, while appearing to seem incompetent. I know what you’re thinking, it’s the government, “
Never ascribe to malice that which is adequately explained by incompetence”, but I’ve never agreed with that statement. I know that by feigning incompetence you can avoid responsibility, it’s even in the Art of War; “Appear weak when you are strong, and strong when you are weak.

By preventing unwanted meddling with development of CyDefenses, the NSA and DHS and their corporate partnerships are actually throwing a fair amount of money at the problem. The issue with the CyCzar, and apparent lack of focus, could be a clever ruse.

So what is the real plan?
Monitoring, storeing and most importantly indexing every communication possible. Why else would the NSA be in charge? Now they have their own Air Force unit, where the CyWar will begin to merge with NetCent Ops. Imagine! A mobile militarized and offensive arm of the NSA; for those hard to reach communications during the next Cold War years.

CyWar is job security for an industry who has run out of sophisticated enemies to fight on the ground.


Bonus:

Buzzword: “IT Eco-System”
Freudian Typo:

Senate Panel: 80 Percent of Cyber Attacks Preventable

We need to, as a nation and as an IT echo system, continue to make it more simple for people to institute protections to determine if they’ve been compromised and to make sure they stay secure,” said Reitinger, a former Microsoft executive.

Can America Take Over the Internet?

Friday, September 11th, 2009

Original Title : Cyber FUD s773

9.11.2009 – I haven’t forgotten.

A final straw has just broken this camel’s back.  I’m not exactly sure why it suddenly became such a big issue, but the story about “Obama can shut down the Internet” really topped the charts there for a while. I even had someone ask me about it without the facilitation of an electronic or analog device.  Today, I saw one more headline about the topic then was good for me, and as I said it was the last straw.  The thing that bothers me more then the sudden influx of news stories suddenly paying attention to this legislation is that nothing regarding the president’s powers has changed since its introduction. A few of us were making noise about this months ago, and it was no big deal. So some mainstream media must have picked up on it, and the type of people who take in that sort of information ate it up. In what seems to be par for the course, those covering the story have no idea what they are talking about, and are just playing on the popularity of the subject to attract attention to their publication. 

Internet Takedown Links

Let’s just skip over the fertile male bovine fecal matter, and get to the point.

Can Obama Shut Down the Internet?  – New Legislation Gives President Emergency Control.

That is a whole load of ignorance. Obama wouldn’t know how to turn off the internet even if such a thing was possible.  Yes the new legislation does contain wording related to the executive powers of control over critical infrastructure, but in reality this is nothing new. 

Lawmakers strike new tone with proposed bill giving Obama power to shut down Internet

When the bill was release in April, Leslie Harris, president and CEO at the Center for Democracy and Technology (CDT), which promotes democratic values and constitutional liberties for the digital age, told Network World: “We are confident that the communication networks and the Internet would be so designated [as critical infrastructure], so in the interest of national security the president could order them disconnected.”


I suppose this is the right day for this article.

In time of emergency the government has the power to seize control over anything and everything they desire. This includes the communications infrastructure and access to the internet.  If the people covering this story were aware of this, they might have expressed their concern over the redundancy of this power; why are they reminding us of this now?

Existing laws already give the president broad discretion on how to respond to cyberattacks, despite language in a Senate bill that proposes giving the president specific powers during such events, according to experts.

Experts debate expansion of president’s cybersecurity powers

The president has that power under the National Security Strategy, Addicott said. The most recent National Security Strategy was published in 2006.

Addicott said the bill — S.773 — probably included the language to more clearly define how government officials expect to react to a potential threat, Addicott said. There are precedents for presidents acquiring authority in situations where they do not legally need it, he said.


The people pushing this legislation are using scare tactics to advance their agenda. Using the threat of a cyber-911 or cyber-pearl harbor type of event as leverage to wedge the legislation into existence, they are merely trying to grow a new teat on Uncle Sam’s buttocks for them to feed from.

New Threat Scenarios Drive Cybersecurity Planners to Mull Responses

“It could even be a panic if you think about it,” Meyerrose said. “A story catches hold, there’s an attribution that says that country x has infiltrated something and nobody can take anything out of an ATM, or your power is going to go off or your water is going to turn off or whatever. And then a panic ensues. Those are the kinds of things (to consider) when you’re talking about cyber 911s or cyber Pearl Harbors, in my view.”

Meyerrose said laws are in place already for a situation like the one eight years ago, when the United States was attacked and President Bush ordered all aircraft grounded until further notice. But those aren’t easily applicable to cyberspace.

“There are already provisions I believe — and most of the folks in the business and the government believe — that give the powers to the president that allow to effectively do what needs to be done in times of national emergency,” Meyerrose said.

“I would be troubled if the president didn’t have some sort of emergency powers” for the Internet, he added. “The real ambiguity is, what’s the trip wire for making it a national emergency?”

 Obama Administration Seeks “Emergency Control” of the Internet

True enough as far as it goes, these “free market” cheerleaders are extremely solicitous however, when it comes to government defense and security contracts that benefit their clients; so long as the public is spared the burden of exercising effective control as cold cash greases the sweaty palm of the market’s “invisible hand”!


Of course Meyerrose is the former head of technology for the US Spymaster, and is now the traveling salesman for the Harris Corporation which works with the NSA on U.S. SECRET level encrypted communications. In  2008 it was the number one recipient of funds from the Department of Commerce, and makes billions of dollars a year in revenue. Security and cyber is their business. With the cybercommand being hosted by the NSA, I’m sure Harris <HRS> is a stock symbol to watch.

Internet security bill continues to cause uproar

Larry Clinton, president of the Internet Security Alliance, which represents a cross-section of IT companies including Verizon and Nortel, has criticized what he calls vaguely worded language in the latest version.

“It is [still] unclear what authority … is necessary over the private sector. Unless this is clarified, we cannot properly analyze, let alone support the bill,” he states.

However, there are those who say the recommendations make sense. James Lewis of the Center for Strategic and International Studies compared the provisions to President Bush’s decision to shut down airlines after the 9/11 attacks.

“It seems foolish not to have the same authority for cyberspace,” he said, quoted by TheHill.com. “It’s not that the president will wake up in a bad mood one day and implode Yahoo. This would apply only to s
evere national emergencies. … This is a great opportunity to blast us into a new level of discussion about cybersecurity.”


Ok, so not everyone writing about this is in need of immediate cranial rectal extraction, just most of them.  Lewis’ statement points something out that is important to note.


James Lewis of the Center for Strategic and International Studies compared the provisions to President Bush’s decision to shut down airlines after the 9/11 attacks.


Next time you read a story that says ‘the government can’t shut down the internet because 90% of the infrastructure is privately owned’, I want you to think for a moment; did the government own the airlines?  Remember, once these systems are designated as critical infrastructure, regardless of their ownership, they will be required to comply with federal standards which put them indirectly under government control. Depending on who is attached to these networks, the systems will fall under control of either Homeland Security or the NSA.  Both competent agencies with the publics best interests at heart.

Obama Administration Seeks “Emergency Control” of the Internet

Drafted by Senators Jay Rockefeller (D-WV) and Olympia Snowe (R-ME), “best friends forever” of the National Security Agency (NSA) and the telecommunications industry, they were key enablers of Bush-era warrantless wiretapping and privacy-killing data mining programs that continue apace under Obama.


Once the ‘emergency’ is declared, and the networks are commandeered, privacy’s already dead zombie corpse is beheaded and killed with fire, so not even the illusion of privacy would remain. 

The initial question remains. Can America Take Over The Internet?

My initial reactionary response to this absurd question is “of course not”.  Though after some discussion it seems to be that with enough pressure from the United States, most international corporations, telecommunications providers, and ISP’s are likely to cave and accept the forced compliance standards.  After all if America gets the DNSSEC root, then the DHS will be able to shut down pretty much whatever they want on an international scale, not to mention that the IANA was a US Department of Defense contract which ICANN was created to handle after the death of John Postal

New Agreement Means Greater Independence in Managing the Internet’s System of Unique Identifiers

“The United States Department of Commerce has clearly signaled that multi-stakeholder management of the Internet’s system of unique identifiers is the way ahead and ICANN is the obvious organization to take that responsibility,”- ICANN will no longer have its work prescribed for it. How it works and what it works on is up to ICANN and its community to devise;- ICANN is not required to report every 6 months as it has been under the MOU. It will now provide an annual report that will be targeted to the whole Internet community; – There is no requirement to report regularly to the DOC. The DOC will simply meet with senior ICANN staff from time to time. “The ICANN model of multi-stakeholder consultation is working and this agreement endorses it.


No requirement to report to the Department of Commerce, they can just come over for drinks every once in a while to see how things are going.   “Multi-stakeholder consultation”, makes me wonder where the ICANN is getting its funding.  Strangely enough, the federal funding for ICANN seems to be incompletely listed

ICANN Funding

It is unclear from the above paragraph whether ICANN inherits IANA’s self-proclaimed mandate of ‘Preserving the central coordinating functions of the global Internet for the public good.’ However, it would appear that it is in a good position to assert end-users should be willing to pay. If they are not, then the internet should be allowed to fall apart. Certainly the regulatory authorities who have largely stepped aside to allow this experiment to happen ‘would like to see an economically rational and practical charging system – a contribution per name registered for example.’ Therefore ICANN devises a funding scheme that not only takes account of internediary functions, but goes directly to the beneficiaries of the connectivity ICANN preserves and asks them for a contribution appropriate to the value of their benefit. ICANN provides security and stability. What is the price of that stabilty and security? What further can ICANN do to provide these services? It is in terms of the above argument that, apart from registry contributions, well-wisher contributions (disallowed as political contirbutions long-term?), we devised a quadripartite funding plan which can draw income from the end-user services ICANN provides. However it is not suggested that ICANN, in its not-for-profit guise, should operate these income streams directly -this would hazard the not-for-profit status of ICANN and threaten its mandate-, but that it be an agreed beneficiary on a cost-recovery basis, whilst any other pooled income accrues to internediaries pro rata.


So now, I believe, the question should be: “Can the World Take The Internet From the USA?”
Click to continue »

CzarWars Episode 1 – The Phantom Finance

Wednesday, June 24th, 2009

CzarWars Episode 1 -The Phantom Finance

First of all we need to define the various compartments of network security.  There is the Military/Government sector, the DOD is responsible for defending these systems. There is the public government infrastructure, which the DHS will be in charge of defending. There is the private sector which are responsible to defend themselves. mixed in with this is the general protection of the people which will come in usual form of software developed by the private sector.

The announcement has not yet been made for the new cybersecurity coordinator.  though there are many choices, and much speculation. I’ll add to it with my own observations.  All of the choices will be from one of the 3 sectors who have a stake in the cybersecurity plan. Whoever is selected will show what lobby has been successful. The DOD has stated repeatedly they have no interest in backing the position. that leaves the DHS and big business.  It gets a bit complicated because the DHS also has a close private-public collaboration.  So the distinction again needs to be made that there are two levels of defense here. the DHS, while responsible for civilian infrastructure, only takes responsibility for the systems that are government critical. The rest of the work, dealing with what their CISO calls the standard internet pollution, will go to some of the big names in public security. Meaning the responsibility to protect the people will be left to Anti-Virus vendors, and Microsoft. The person who is selected should have an existing understanding of current national security policy.  This would rule out the representatives from a strictly business background. The new cyber coordinator will most likely be someone from inside government, or someone who has recently gone into the private government consulting sector.  Before I continue I should mention Keith Alexander is rumored to be head of the new [cyber]command, but this is not the czar position. Melissa Hathaway already holds a similar white house position, and it is possible that she could receive the promotion – though I get a sense of reluctance either from her, or on the part of the white house.  What we have left is Fred Kramer, the former assistant defense secretary for international affairs under president Clinton, Paul Kurtz an Obama advisor who served in the national security council under bush and Clinton, Maureen Baginski  a former FBI intelligence leader, and Tom Davis.

To update this a little bit, Alexander was selected as head of the CyberCommand, and Tom Davis has expressed that he is quite comfortable in his new position in the private sector, he mentioned he was lucky to get out with out an indictment, and has no plans to return. Davis did act quite nervous when confronted about the position, so it is possible he already has been confirmed and is playing the denial game until the president makes it official.

The cybersecurity coordinator will need to have a technical enough background to understand the details of security recommendations. This person will need to then be able to translate the recommendations into terms that the president can understand, as well as pass them along to the Secretary of Commerce who can choose to request funding from the OMB.  The cyberczar might not have direct power to make changes, but the position is an important one. There is defiantly need for a coordinator to facilitate between the public-private partnership and the Executive Office of the President.  Someone who already has a good understanding of national security, technical knowledge, and political ability.  I’ve made my pick based on the current choices, so when if pull someone out of left field don’t hate.

Paul Kurtz an Obama advisor who served in the national security council under bush and Clinton, he has in the white house for long enough to  know its politics. Kurtz is also one of the people quoted in the findings on which the Cybersecurity Act was drafted saying “the United States is unprepared to respond to a `cyber-Katrina’ and that `a massive cyber disruption could have a cascading, long-term impact without adequate co-ordination between government and the private sector”. Here is a person that fits my criteria, he is technical, political, and a possesses an overwhelming desire to over-hype the cybersecurity threat with the understanding that it will create revenue to his and others private interests.  Its all about the money. If you check out the consulting team Paul B. Kurtz is on, it’s also about the cyber-FUD.

-I don’t want to leave out Maureen Baginski as a possible choice, since the current administration seems to be about equal opportunity employment, breaking barriers, etc.  Baginski is a career NSA gal who was tapped by FBI Director Robert Muller to reform the FBI’s handling of domestic intelligence.  It was suggested that major restructuring within the government might be required to integrate ‘cyber’ as a separate but equal department.-

CyberWar is a Racket

Monday, June 15th, 2009

Inspired by ‘War is a Racket’ by Maj. Gen. Smedly Darlington Butler U.S.M.C

CyberWar is a Racket

Under the threat of war, the cost of defense is never too high. A nation is under significant obligation to protect its investments where ever they may be. What we see now, is the transition from physical to electronic defense. The United States is returning to Cold War status. In preparation for this the advancement of technology and the power of the intelligence community is of the foremost importance. In order to maintain a position of dominance, the government must sustain its partnership with wartime industry. Through a metamorphosis of the “military industrial complex”, into a new “intelligence industrial complex”, this accomplishment can be witnessed. The ever present fear of terrorism will still be used as justification for sustained engagement. The new terrorist threat comes from what the media refers to as hackers.

The United States’ trade deficit is in the trillions of dollars. The nation must possess assets for which they use to back the value of money sent overseas. China, for example, has accumulated a surplus of US currency. The deficit exists due to the lack of goods being sold in return. These dollars are then stockpiled or used to buy fuel. The oil cartel uses this petro-dollar as the international rate of exchange. There is already discussion to take the world off of this standard. The dollar has already been abandoned in places where once it was used it as a common currency. The United States needs to be ready to compete in the global market, or in default will continue to forfeit property as payment. If the international oil standard were to shift from the dollar, the American economy could be crushed. Places like China would have no reason to continue accepting currency from the United States as a form of trade. In order to continue doing global business, and maintain the standard of living for most Americans, the United States would need to find an acceptable financial solution. It would be necessary to provide a product or service which can be sold on the international market.

With a shift of strategy by the public-private sector, there is the beginning of what could be a record breaking transition. The same corporations, agencies, and institutions which traditionally have been government contractors understand this move, and are shifting production accordingly. International finance, which in the past has funded one or more sides of various conflicts, is already buying into this new deal. With the new President and his many supporters, the official war should be concluded soon. Although there will always be justification for troops stationed around the globe, much funding for war expenses would no longer be necessary. The companies which produced the equipment, supplied the fuel for the machinery, and paid the workers, would be looking at a massive drop in revenue. To compensate they will begin to offer services in line with the new focus on infrastructure protection. War profits can be an increase of 7856% over peace time. That is a real historical figure of seven-thousand eight-hundred and fifty-six percent. Profit is the only motivation for the existence of a corporation. Existing funding could be redirected towards new projects and a new war. A nation needs a real or fabricated threat to justify taxation to its people, for the necessity of its defenses. In Orwell’s 1984 we saw Emmanuel Goldstein as the fictional ‘enemy of the people’. The character was a phantom used to justify the actions of the state. Some would say there is a modern analogue to the Goldstein character.

It is claimed that Tim Osman, in only 30 years, was partly responsible for the near collapse of not one, but two world empires. He has never been permanently detained despite a concerted global effort. In fact, he taunts the world by sending recordings of himself to media outlets, which use his image as a rallying symbol of fear comparable to Orwell’s construct. It is hard to imagine how a person in need of regular medical attention, can evade the worlds most advanced intelligence gathering network, and continue to avoid capture. A sufficiently disruptive electronic attack would be an excellent pretense to create a new phantom enemy. Sophisticated attacks on domestic infrastructure by unknown foreign entities, could easily be sold to the people as ‘the cost of war hitting home’, against enemies which must be defeated ‘at any cost’. Create a little fear, combined with nationalism, and a popular charismatic leader, and one can accomplish almost anything through the mob mentality.

Operation Cyberstorm has introduced us to the next generation of hypothetical threats. These new terrorists are individuals and groups of technically skilled people. United by a popular voice of dissent, these groups have formed a loosely knit alliance with a common goal of disrupting the global economy. There are individual actors, the known unknowns, who may assist and possibly increase the severity of an electronic attack. To defend the global financial system and domestic infrastructure, the federal government partnered with private industry, and is spear heading the effort to crack down on criminal activity within these groups. It is not an eAl-Queada, or the iTaliban, the new terrorists are hackers. They are the poltergeist in the machine, whenever there is a disruption in internet service, or a random power outage, or any other system the public has come to depend on is interrupted, there will be the suspicion and speculation as to the root cause. If a server catches fire in Phoenix, or suzie1865 can not get to her mytwitterface account, someone is going to cry wolf. When this occurs the justification for more funding is shown to be necessary, the cycle of funding continues. Operation Cyberstorm was not focused on international state sponsored crime, or independent groups of foreign nationals conducting espionage. Though these are the fears represented in the recent legislation and government reviews. The very intangible nature of cyber-bogeymen provides the vagueness needed to justify any measure of prevention, or manner of retaliation.

It is possible that we could see the war funding re-purposed for the improvement of infrastructure, the advancement of technology, and the defense of communications networks. These billions of dollars will continue to flow into the same hands. The nature of security allows the defender to only divulge knowledge when it is to their advantage. The knowledge of potential threats, or even past incidents, is just another form of information which could be released for profit. When the industry shifts from traditional combat to electronic engagement, the resources allocated would create a world class institution. The heavy corporate involvement will open up the opportunity for those holding a large number of dollars to trade them in. The sale of data, proprietary and patented new technologies, and accompanying services, would create an outlet for stockpiled petro-dollars.

However this is not the end of physical combat. With industry there is the necessity for natural resources, the foreign and domestic sources of these materials would continue to require physical protection. To prevent against supply line attacks involving sabotaged materials, increased international oversight would be required at these facilities, which produce today’s high-tech components. Government contractors will supply both electronic and physical security to protect their assets. Tax money is used to fund corporations which are not interested or obligated to protect people’s rights. By partnering with the private sector, the government has relieved itself of much responsibility to the people. This responsibility is transferred to the private sector, which only has the single minded goal of increasing its own profit. This could explain why corporate representatives testify before congress to the need for the very services they provide. The agencies which use their services sit alongside them in agreement. This gives the illusion of a clear and present threat which must be eliminated as soon as possible.

The corporations are lined up with their hands out for increasingly larger slices of the federal pie. Sadly, with the lack of resistance and competition, there will be no organic incentive for innovation. Like a pack of wolves they will only destroy each other fighting over the scraps. Those who rely on the contracts to continue operation are forced into compliance for their ration, forever submitting to the alpha of the pack. The market would not be free, and likely would eventually create a situation where it will be too hollow to support itself and collapse, leading to a very real threat to national security. On the other hand there is a great risk for the continued creation of a technocratic fascist state. In which we would see constant and holistic surveillance to protect against foreign or domestic threats, among which the government themselves admit, is public dissent. America was founded on the principle of dissent against tyranny. It is a patriotic duty to question the motivations of government. Technology can be the key that sets us free, or the yoke under which the many exist to serve the few.

With the end of the war, the media will further turn its attention to programming which numbs the mind. Without the constant reminder of the hellish nature of war the protesters will slowly go away. When the international terrorist computer criminals allegedly cripple some piece of critical infrastructure, and the justification for increased spending be comes a reality, the new victims of war will not draw the public sympathy as do dead and dieing solders in the field. When the power grid is compromised, or restrictions are placed on internet usage, even the anti-war crowd will stand behind the government looking for justice against the terrorists, which have caused their inconvenience. The intelligence assurance community, a government and corporate body, would expand as protectorate of the national electronic infrastructure.

Anyone who operates critical equipment, including networks of computers, will be biometricly catalogued. Some existing uses, of similar government systems, also employ operators in real time remote connection monitoring, as a security measure to ensure the validity of the information transfer, and that standard protocols are being observed. Most domestic communications are intercepted and recorded by the intelligence agencies at various points in the network. Private companies index this information, protecting it from Freedom of Information Act requests. Like so many baseball cards, profiles are bought, sold, and traded.

Information is the new currency. The data centers are the new vaults, the processing facilities the new banks. Where there are banks there will always be robbers. Where there are robbers there will always be lawmen to make pursuit. In their way are things like privacy, the Constitution, and international boundaries. The intelligence agencies are more then willing to put themselves above the law when it suits them. Their collaboration with the private sector gives them special access to infrastructure, which they have already shown the willingness to abuse. Unlike land, gold, and oil, persons and their information are renewable resources, so this new market has infinite growth potential.

S.773 Cybersecurity Act -quick summary.

Friday, June 12th, 2009


The 2009 Cybersecurity act as proposed by Jay Rockefeller, is little more then a business plan.  It is designed to sell products and services, yet is narcotic enough to seem benign to bankers. The Act is prefaced with the promise of defending global trade and commerce, though it sets unrealistic goals for international compliance with new standards.  What we really have is an attempt by the intelligence community to monopolize on the information industry by way of their private partnerships.  In effort to maintain this advantage, mandatory licensees will be required to practice cybersecurity or to operate critical infrastructure.  The President and the CyberCzar will have total power to decide what is critical infrastructure. The point here is that while the Internet might not seem like critical infrastructure, there are many agencies that rely on it, and the operations centers which maintain these sections of the net might be required by law that their employees are federally certified.  In order to ensure there are plenty of willing federal employees, the Act would create a national cyber challange, where the best and brightest from high school and on up would have the opportunity to compete for cash prizes, and that elusive government job.  While those lucky winners are being used up, the bill proposes cyberawareness education starting in kindergarten.  They even have plans for a smokey bear type campaign to really get the youngsters interested.  Summer programs and internships will pave the way for even the youngest of students to do their part in the battle against cyberterrorists.

Remember:

The Government has the right to refuse your internet service at anytime, for any reason.

S.773 – The Cyber Security Act of 2009 – part 3

Friday, June 12th, 2009

S.773 The Cybersecurity Act of 2009 pt3

This is part three in a series reviewing the proposed cybersecurity legislation.

(e) FCC NATIONAL BROADBAND PLAN- In developing the national broadband plan pursuant to section 6001(k) of the American Recovery and Reinvestment Act of 2009, the Federal Communications Commission shall report on the most effective and efficient means to ensure the cybersecurity of commercial broadband networks, including consideration of consumer education and outreach programs.

At the end of section 6, I decided to carry this last paragraph over to the next article. Under the bailout bill funding will be provided to create new problems for protecting national infrastructure. This includes the new smart grid for energy transfer, and a new advanced air traffic control technology. The FCC is responsible for reporting on the security of the commercial internet, and will receive bailout money for evaluating the network’s security.

SEC. 7. LICENSING AND CERTIFICATION OF CYBERSECURITY PROFESSIONALS.

This is a mandatory national computer and infrastructure security license. It
will include anyone who is engaged in network or computer security at the federal level, and operators of systems deemed critical by the president or his advisor.  Critical systems can include internet operations.  Federal and local emergency response systems are already dependent on the internet. In the case of a national emergency or in wartime the government does reserve the right to commandeer all forms of communication.  This act would require anyone operating any of these systems to receive approved training to qualify for a license to practice the security trade within the United States.  The vague nature of critical systems could mean that anyone who operates publicly accessible private equipment may be required to obtain this license to operate the internet.

SEC. 8. REVIEW OF NTIA DOMAIN NAME CONTRACTS.

The IANA is a government contract. The work is currently being carried out by ICANN. This group has been approved by the Defense Department since the IANA contract was handed over. The bill makes it clear there will be no changing of this situation without review, consideration, and approval.

SEC. 9. SECURE DOMAIN NAME ADDRESSING SYSTEM

This sets a three year timetable to develop a strategy for implementation of a secure Domain Name System (DNS).  This is a political issue.  The industry has already developed methods of securing the domain name addressing system. It is the role of the government to resolve the issues of foreign and domestic implementation. Federal, and critical systems will be required to participate in the secure DNS.  Internationally it would fall under the Department of State and the President to convince other nations to adopt the system.

SEC. 10. PROMOTING CYBERSECURITY AWARENESS.

The national cybersecurity awareness campaign will come complete with mascots and public service announcements. There will be awareness training beginning in the first years of school.  The goal of this is to not only create awareness of potential threats, but also to create an information and technology workforce for the future.

SEC. 11. FEDERAL CYBERSECURITY RESEARCH AND DEVELOPMENT.

In an effort to bring the United States to the front of this digital arms race, funding will be directed to research and development. The National Science Foundation will be given priority in researching how to design and build systems that are secure and reliable when first deployed.  They will develop the ability to audit software, so that it “implements stated functionality and only that functionality”. Part of this will involve “selected secure coding education and improvement programs”, where the Director of the Foundation will look at ways to integrate secure coding into the “core curriculum of computer science programs” and “other programs where graduates have a substantial probability of developing software after graduation”. Colleges and universities regularly receive funding from the NSF, if this amount is over one million dollars, these institutions will release to the Foundation their statistics on computer since students, and those in related fields.  These figures will include the number of students likely to enter software design or development, whether or not they received secure coding education, and what classes they were enrolled in.  The NSF would like to evaluate these programs, and measure the effectiveness of the students “to master secure coding and design”.
The NSF will also research identity and information assurance, including the ability to “determine the origin of a message transmitted over the Internet”. The Foundation will provide support towards building new protocols for Internet security. There will be grants awarded for the creation of internet test labs “sufficiently large in order to model the scale and complexity of the real world networks and environments”. These labs will be used for playing war games, or “to support the rapid development of new cybersecurity defenses, techniques, and processes by improving understanding and assessing the latest technologies in a real world environment”.  There will also be work done towards the balance of security and privacy, and the problem of insider threat.

SEC. 12. FEDERAL CYBER SCHOLARSHIP-FOR-SERVICE PROGRAM.

The Federal Cyber Scholarship-for-Service program pretty much introduces itself.  I can not restrain my self from mentioning this was one of the solutions I reached independently.  I phrased it as “trucker school” like training.  Instead of paying for expensive training, licensing, and equipment, these things are provided with the promise that the student will work for the company for some period of time. This is an alternative solution to the current certification process.  Since operating the Internet is not quite the same as piloting eighteen wheels of Detroit iron, the government plans to start the kids off early.  They will provide “a procedure for identifying promising K-12 students”.  These promising students would be eligible for summer programs and internship “that would lead to certification of Federal information technology workforce standards and possible future employment”.  Just like with trucking school, once the class is complete the job is guaranteed.

SEC. 13. CYBERSECURITY COMPETITION AND CHALLENGE.

The goal of this challenge is to “attract, identify, evaluate, and recruit talented individuals”. The competition would also serve to “stimulate innovation in basic and applied cybersecurity research, technology development, and prototype demonstration”. If they don’t get the recruit, they will still have access to their work.  These widely advertised challenges will be available for high school and college students. Institutions will also be allowed to compete for the millions of dollars in prize money.

SEC. 14. PUBLIC-PRIVATE CLEARINGHOUSE.
The Secretary of Commerce will have access to all internet and critical networks “without regard to any provision of law, regulation, rule, or policy restricting such access”. The Department of Commerce will serve as a clearinghouse of related information, acting as liaison between the government and the private sector.

SEC. 15. CYBERSECURITY RISK MANAGEMENT REPORT.

This section simply gives value to risk.  It will create a market for risk management, require “cybersecurity to be a factor in all bond ratings”.

SEC. 16. LEGAL FRAMEWORK REVIEW AND REPORT.

This section calls for “a comprehensive review of the Federal statutory and legal framework applicable to cyber-related activities in the United States”.  There are several acts specifically mentioned, but it also includes “any applicable Executive Order or agency rule, regulation, or guideline”.

SEC. 17. AUTHENTICATION AND CIVIL LIBERTIES REPORT.
When the government starts discussing an “identity management and authentication program”, they must also address the privacy concerns which follow along with it.

SEC. 18. CYBERSECURITY RESPONSIBILITIES AND AUTHORITY.

The President will develop a strategy for security. This strategy should include a long term plan. It will respect national security, and include the private sector.  In the event of an emergency the President has the power to restrict, shutdown, or disconnect the internet. This applies to Federal and critical systems in time of emergency, or in the interest of national security. The President also will “designate an agency to be responsible for coordinating the response and restoration” of the systems restricted or shut down.  There will also be a department or agency which will “review equipment that would be needed after a cybersecurity attack and develop a strategy for the acquisition, storage, and periodic replacement of such equipment.” There will be “periodic mapping of…..critical infrastructure information systems or networks” to “measure the effectiveness of the mapping process”.  The President will also have the power to enforce regulations, and bestow ‘cyber-related’ certifications to United States people.

SEC. 19. QUADRENNIAL CYBER REVIEW.

Starting in 2013, this review will provide an unclassified summary, and include recommendations for improvement.

SEC. 20. JOINT INTELLIGENCE THREAT ASSESSMENT.

The Director of National Intelligence and the Secretary of Commerce will make a yearly report to Congress on “cybersecurity threats” and “vulnerabilities of critical national information, communication, and data network infrastructure”.

SEC. 21. INTERNATIONAL NORMS AND CYBERSECURITY DETERRANCE MEASURES.

The President would “work with representatives of foreign governments” to encourage global adoption of America’s new standards.

SEC. 22. FEDERAL SECURE PRODUCTS AND SERVICES ACQUISITIONS BOARD.

This section is an attempt to address the ‘supply chain’ vulnerability. There is need for “review and approval of high value products and services”, and so there must be “the establishment of appropriate standards for the validation of software to be acquired by the Federal Government”, including “independent secure software validation and verification”. This act would require the approval of the Secure Products and Services Acquisitions Board for any product or service subject to federal standards.

This marks the end of part 3. A summary will be provided later.

Cyberspace Policy Review – 2009 "The cyberSpace Race"

Saturday, June 6th, 2009

Analysis of the Cyberspace Policy Review

Essentially they want a well regulated internet to protect the economy, and defend the nation. This will require international acceptance of standards to protect against state sponsored cyber war. The government is organized to address this problem. They intend to centralize control over cyber security. A new position of Cyber Security Coordinator will be created as a White House level position. This person will work closely with a number of agencies and the Executive Office of the President.

They are comparing the current cyber security situation to the Space Race. With specific mention to the launch of Sputnik, it seems like the U.S. is still pretty bitter about that. The upside to this will be the creation of jobs during the current recession. In order to achieve their goals they intend to further blend the existing government activities with private ones.

According to the document this is a ‘Digital Revolution‘, with their main focus being on the protection of economic and national security. In specific they fear industrial and military espionage, including actions such as the theft of valuable data including corporate and military secrets. There is also the threat to non-cyber infrastructure such as the power grid, where they site SCADA as an example. Last but not least they mention their concerns on privacy. Unfortunately for the people, this concern is monetary, with the focus on the economic damage caused by identity loss and fraud.

Behind this policy review are people referred to as ‘stakeholders’. They seem to be the cyber-sycophants determined on funneling as much funding to their own coffers as possible. Much of this Review parallels the direction of the Cyber Security act. It has been drawn up on much of the same Congressional testimony, and official reports as the Act.

There are some legal issues which will have to be dealt with, some of them possibly Constitutional. To reassure the public they will be kept safe at all costs, the report mentions multiple times the existing Executive Orders which give the Government the power to seize complete control over communications in time of an emergency. At the moment that power would go to the Department of Homeland Security, the concept of an eFEMA is not factually that far off base. In regards to the international impact of such a decision, the Department of State has the authority over foreign communication policy. According to the Review, the Secretary of Homeland Security is responsible for the protection of critical infrastructure, including information networks.

However the Secretary’s power does not cover Federal systems. For this the Comprehensive National Cyber security Initiative was created. The goal of the CNCI is the consolidation of law enforcement, intelligence, counterintelligence, and military capabilities to address the full spectrum of cyber threats. The head of the CNCI stepped down out of concern for the public based on the direction of the current cyber strategies.

To replace him they have created a new White House level position. The Cyber Policy Officer, will report to the National Security Council and the National Economic Council. There also is the established Communications Infrastructure Interagency Policy Committee (ICI-IPC), which is chaired by the NSC and the Homeland Security Council. The ICI-IPC is focused on “achieving an assured, reliable, secure, and survivable global information and communications infrastructure and related capabilities”.

Whoever is appointed by the President to the position of policy official, will be supported by Presidential authority, support and resources. They will receive assistance from at least two Senior Directors from the NSC, and one Senior Director and appropriate staff from the NEC. One of their duties will be to consult with the Federal governments Chief Technology Officer, and Chief Information Officer, in addition to the appropriate people within the Office of Management and Budget and The Office of Science and Technology Policy.

The Goal is to create a central position of leadership within the White House, a figurehead who will be responsible for establishing security policy, as well as responding to cyber-emergencies. There are a number of agencies which have already been created such as the National Security and Telecommunications Advisory Committee, the National Infrastructure Advisory Council, the Critical Infrastructure Partnership Advisory Council, and the Information Security and Privacy Advisory Board. These groups will be evaluated by the policy official with the goal of optimization, and elimination of redundancy, which basically amounts to the consolidation of power within the White House.

The stakeholders involved in the Cyberspace Policy Review discussed a variety of options to coordinate and oversee cyber security. The Joint Interagency Cyber Task Force (JIACTF) currently is responsible for this. If you have read the previous articles, you might find it interesting to know that this task force works under the Director of National Intelligence. The former DNI is cited in both the Cyber security Act as well as this Policy Review. He is currently employed as SR. Vice president of one of the largest recipients of government cyber security and intelligence contracts. The Review states explicitly that “unless and until such an office is established, the work of the JIACTF will continue”. The Director of National Intelligence is in charge of all the intelligence agencies, which in turn outsource most of their work to private corporations.

It is no wonder the Review explains that goals consistent with U.S. Constitutional Principles may make certain activities conducted by the Federal government more difficult. Keeping their best interests at heart, they feel the need to partner with Congress. The goal of this partnership is to benefit from Congressional knowledge and experience, in order to properly please the industrial lobbyists represented there.

At the state level, representatives from the National Governors Association, feel that cyber security is the weakest link in the protection of their states. While they already receive funding from Homeland Security which can go to cyber security, historically the grant funds have not been prioritized for that purpose.

The digital revolution includes the Smart Grid program as well as the Next Generation Air Traffic System, which receive funding from the new bailout bill. To sustain this revolution they wish to educate the public beginning in the first year of school. A cyber security education program would teach digital safety, ethics, and security, with the hopes of creating a technologically advanced workforce. The review even goes so far as to recommend a public safety campaign similar to the Smokey Bear fire safety campaign. Likely with accompanying catchy public service announcements stating that ‘only you can prevent malicious worm propagation’ (don’t copy that floppy anyone?). Along this same thread it is suggested that Celebrities, the computer generation, and new media should be used to deliver this message of cyber security awareness.

The reason for this education campaign is an underlying fear that the United States will fall behind other nations in the cyberSpace Race. Why else would they have brought up the whole Sputnik thing? They state that talented IT employees are in high demand, but the number of people receiving related education has been in sharp decline for several years. Thankfully the National Science Foundation, and the DHS offer grants and scholarships, with 80% of those who receive them getting government jobs. The National Centers of Academic Excellence in Information Assurance Education and Research, which was founded by the National Security Agency, and lately co-sponsored by the DHS, works to promote education in information assurance in 38 states and DC. The Defense Department also sponsors the Information Assurance Scholarship Program in the same institutions.

Now that you’ve bit the hook, and they’ve reeled you in, they want to keep you fresh. The Review mentions a plan for “shared training across agencies and into the private sector”. Blending the oft mentioned public-private partnership, they would like to have public-private employees as well. In reality this is not likely much different then the current situation. I could imagine a scenario where they would begin to trade top talent like the professional sports leagues. This could lead to some interesting results with IT ‘stars’ demanding higher pay because of their ‘skills’.

Another reason for the necessity for a tight public-private partnership is that the private sector “designs, builds, owns, and operates most of the network infrastructures”. Aside from a hostile take over, the best option is partnership. Likewise the corporations involved depend on the government’s protection from various threats, so it is a mutual arrangement. I mentioned in a previous article how they are attempting to create a monopoly. The Review actually cites the Sherman Antitrust Act in reference to private sector concerns about “certain federal laws” that might impede their partnership. Thanks to the Trade Secrets act and the Critical Infrastructure Information Act, the parties involved will not need to be concerned with the Freedom of Information Act.

We can be sure there will be no conflict of interest specifically concerning the multinational owners of major private government consulting operations. The Review suggests tailored solutions to handle such situations. One of them is to adopt a system similar to that which is used in Britain. Called the consultancy model, vetted private information security providers are used as a nexus to combine data.

Taking it to the next level, the Review suggests the government consider focusing on “game-changing” areas things such as behavioral and incentive based solutions. Something similar to the vouchers I have mentioned previously, tax breaks could be offered to those who choose to become early adopters of the new system.

Since the Internet is a global system, it is important to partner with the international community. Once the government comes up with their domestic plan, they hope to spread it around the world with love like they have done with democracy, bringing like minded nations together to discuss acceptable norms, implementation of standards, and “use of force”. “New agreements between governments and industry may need to be documented to enable international information sharing, as well as strategic and operational collaboration”. The U.S. will help other countries build legal frameworks, and work with allies to ensure the stability and global interoperability of the Internet.

When the Taliban unleashes their cyber army, the government wants to be prepared. The Review states the need for a coordinated joint response from the government, the private sector, and its allies. As a defensive measure is suggested that some sort of system be put into place before an attack happens, a sort of early warning system and cyber defensive grid. Only the White House has the authority to react to such an event. The policy official would be responsible in this situation, which underlines the necessity for centralization of National cyber emergency management.

The Cyber security act mentioned the National Institute of Standards and Technology ignoring classifications of national security on systems. Similarly the Review mentions the problems that arise from the “existing legal, but artificial, distinctions between national security and other federal networks”. With regards to the Review it pertains to the dispersion of federal cyber incident response across many federal departments. It is mentioned that legislation might be required to consolidate this response, to harmonize or enhance as necessary the different departments.

The defensive strategy will begin with the development of “a set of threat scenarios and metrics” that can be used for “risk management decisions, recovery planning, and prioritizing of R&D”. The ICI-IPC would be in charge of making enforceable rules for incident reporting, while the CNCI would continue to improve “federal network defenses”. In addition there is a plan called the Trusted Internet Connection program, whose goal is to reduce the number of government network connections.

For the moment “the Defense Department is responsible for aggregating information on network health and status, attempted intrusions, and cyber attacks for its networks, the Intelligence Community for its networks, and US-CERT for civilian federal agencies and to some extent the private sector”. The Review suggests the government should assist in preventing, detecting, and responding to cyber incidents by leveraging existing resources such as the Multi-State Information Sharing and Analysis Center, and the 58 existing State and local Fusion Centers.

According to the Review, “security classification and clearance requirements” inhibit information sharing. Policies governing the “collection, use, retention, and dissemination of information” need to be audited as they “present significant barriers”. The “Federal government should help the research community gain access with appropriate controls, to cyber security-related event data that could be useful to develop tools.”

Once they figure out the domestic file sharing, they plan to expand it internationally, sharing data with allies, and seeking “bilateral or multilateral” agreements. This international collaboration might upset some of their domestic partners. However since they depend on the government for “the common defense of privately-owned critical infrastructures”, most of the stakeholders have “indicated a willingness to work toward a framework under which the government would pursue malicious actors and assess with information and technical support to enable private-sector operators to defend their own networks”. Private sector operators “such as the World Bank and the International Monetary Fund” are specifically mentioned as institutions that should be defended.

As medical records are digitized, the Smart Grid technology is implemented, along with the Next-Generation Air Traffic Control system; there will be an increasing need for information security. One way to achieve this is to develop a “next-generation of secure computers and networking for national security applications”. The goal is to “harness the full benefits of innovation to address cyber security concerns”.

Cloud Computing, “introduces new policy challenges for the private sector and governments around the globe”, it “presents challenges for law enforcement, the protection of privacy, and civil liberties”. This could prove to be difficult for the government if a terrorist’s data was in the cloud in a country that did not conform to the international standards. On the other hand, as a side note, if your data exists in a cloud in a foreign country then your rights to that data might only be covered by their law.

DARPA, the guys that brought us the Internet, see the “defense of current Internet Protocol-based networks as a losing proposition”. They suggest “an independent examination of alternate architectures”. As of March 2009 they have begun analysis of alternatives. In the mean time it is suggested the government focus on research and development into “game-changing technologies”, which build on “existing Networking and Information Technology Research and Development strategies”.

One of these game-changers might be the development of “an opt-in array of interoperable identity management systems”. It is being developed based on the findings of The National Science and Technology Council’s subcommittee on Biometrics and Identity Management. The goal is to create a national standard of biometric identification at the federal level. This technology would become available for private operators, and emergency services. Part of securing the Nations cyberspace, the Smart Grid and the new air traffic control system, will involve the adoption of  technology to verify the identity of whoever is using the services.

This doesn’t do any good if the hardware or software is compromised during manufacture. Because much of the hardware is constructed overseas, there are “concerns about the potential for easier subversion of computers and networks through subtle hardware or software manipulations”. Examples of these are the counterfeit products that have turned up in various places. Called “supply chain attacks”, this manipulation can be “virtually impossible to discover”. To protect against this, the Review suggests the U.S. should “define procurement strategies”. Such strategies would be based on work by the National Security Agency and the Defense Department, “to create market incentives for security to be part of hardware and software product designs”.

National security and emergency preparedness are two of the main concerns of the government. When there is some event of national emergency, federal and local agencies depend on the national communications infrastructure. Many of the services such as the Emergency Operations Centers are beginning to use new technologies. Enhanced 9-11 call centers are using Voice Over Internet Protocol in some cases. So these facilities also now require direct cyber defense. Homeland Security is “working toward the goal of providing national security and emergency users with access to the converged information services of next-generation networks”. This includes the authorization of the President “to use, control, or close communications services, systems, and networks”. A public-private National Coordinating Center exists to “assist in the initiation, coordination, restoration, and reconstruction of communications services or facilities”.

Cyber security is the two faces of a single coin. One side is the Federal government, its agencies, departments, and alphabet soup. The flip side is private business and corporations. The two sides depend on one another for survival, and therefore are very willing to share the middle ground. If one was to remove the emblems from the obverse and reverse of the coin, you would be left with a homogenous metallic slug. At the core of the national cyber defense strategy is the alloy consisting of the public-partnership. To maintain the value of this partnership, it is very important for it to become the international standard. Steps will be taken to prevent the production of counterfeits, but eventually the plan is to replace it with something modern and more secure.

S.773 – The Cyber Security Act of 2009 – part 1

Thursday, May 14th, 2009

S. 773: Cyber Security Act of 2009

A bill to ensure the continued free flow of commerce within the United States and with its global trading partners through secure cyber communications, to provide for the continued development and exploitation of the Internet and intranet communications for such purposes, to provide for the development of a cadre of information technology specialists to improve and maintain effective cybersecurity defenses against disruption, and for other purposes.


The summary is quite honest to the actual intent of the bill. It is designed to protect commerce, and global trade. An act to ensure the continued exploitation of the Internet. Just looking at the initial sponsor, and the groups represented in the findings it seems quite obvious this act has been dreamed up by businesses and government agencies as a way of soliciting additional funding in the form of contracts. Essentially using tax payer money to expand their operations while projecting the illusion of securing ‘cyberspace’. Cyberwar profiteers getting their feet in the door for more government funding.
We already have the majority of intelligence work done by agencies such as the NSA being outsourced to businesses like Booz Allen Hamilton. Now we see the same people giving dire warnings of an eminent terrorist threat. The reaction to these warnings it the Cyber Security Act, and the solution is to channel more resources to the people giving the warning.

Rockefeller – Cybersecurity

Sponsor:
Sen. John Rockefeller [D-WV]Great-grandfather was once the worlds richest man is considered the richest person in history. Infamous for his Standard Oil monopoly.

Cosponsors [as of 2009-04-18]

Sen. Olympia Snowe [R-ME] – Daughter of a Spartan, popular Senator from Maine. Known for her ability to influence the outcome of close votes. Consider a RINO by some. She is also known as a Rockefeller Republican.

Sen. Bill Nelson [D-FL] Former astronaut. Member of the Book and Snake secret society at Yale.

Sen. Evan Bayh [D-IN] Claims his wife’s corporate roles hold no sway over his votes. Recently formed the ‘Blue Dog’ caucus, where it is suspected he is supporting corporate agendas.

Capitol Hill’s corridors are now filled with corporate America’s lobbyists, who are working to assure that our middle class and those who aspire to it have as little representation as possible


Once the church was the dominant power in society, and churches dominated the skyline. Following the church was industry, and steeples were replaced with smoke stacks. From this industry grew enormous wealth. Soon the towering bank buildings facilitated the fluidity of these corporate industrial assets, and again their structures loomed over the city. What I noticed was a transfer of power from the banking and finance sector into telecommunications. Information is the currency of today. Where you have something of value, there will always be threats against it.

Cyberspace is the marketplace of information, and just like in the physical world there is also a black market.

Click to continue »

Twitter links powered by Tweet This v1.8, a WordPress plugin for Twitter.

Get Adobe Flash player