The Cyberwar Thread

Rogers Takes Over Top NSA, Cyber Command Posts



FORT MEADE, Md., April 3, 2014 – Navy Adm. Michael S. Rogers assumed command of U.S. Cyber Command and became director of the National Security Agency and the Central Security Service during a ceremony here today.

He succeeds Army Gen. Keith B. Alexander, who retired last week, in all three posts. Previously, Rogers was commander of the Navy’s 10th Fleet, the service’s cyber arm. He has already been confirmed by the Senate.

There has not been a discussion about the role of NSA with the public, he acknowledged. “We live in a world of great risk,” he said. “There are individuals, groups out there who, if they had their way, we would not longer exist as a nation. The very values and ideals that we represent are offensive to them and stand against everything they believe in. We need to be mindful of that, and we can’t forget.”

Rogers said there will be strict adherence to law and policy in the cyber world. “There are no shortcuts here, teammates,” he said. “The nation places its trust in us. It has given us great resources and it counts on us to do the right thing, the right way to defend them.”
 




From the article:

Russia has managed to hit almost all Ukraine government websites and it was able to take control and to put on surveillance and monitoring
all the Internet and telephone communications lines, before the invasion and occupation of Crimea by its military.
Russian Special Forces managed to derail all important communications systems through direct physical impact on them by combined field and high-tech operation.
...
The largest military cyber attack was the attack implemented by the Russian Military Intelligence (GRU) on the armed forces of Ukraine, as reported by BBC.
According to the law enforcement agencies of Ukraine, Russian cyber attacks collapsed the communication systems of almost all Ukrainian forces
that were based in Crimea that could pose danger to the invading Russian troops.
...
The Head of the Security Service of Ukraine, Valentin Nalevaychenko admitted, that mobile communication systems of members of the Ukrainian government
were attacked in order to neutralize and disrupt communication between government agencies.
As the Ukrainian company Ukrtelecom announced, unmarked gunmen penetrated into their infrastructure objects and the optical fiber and conductor units were knocked out,
which in turn led to the collapse of all communication.

Source: http://defense-update.com/20140405_ukrainian-crisis-cyber-warfare-battlefield.html#.U0F4G4tOWCg
 
Interesting. Yeah, I think Historians will begin covering cyber as an aspect of 21st century combat. A little like radar in the Battle of Britain.
 


The chairman of the U.S. House Armed Services Committee said on Thursday that intelligence, surveillance and reconnaissance capabilities would be top priorities as the panel puts together this year's massive defense policy bill.
"If you don't know what somebody else is doing, you don't even know what your risks are," U.S. Representative Buck McKeon said during a meeting with reporters.
"You need to have information. That's always critical in any battle, in any war, in avoiding a war," the California Republican said.

Source: http://www.reuters.com/article/2014/04/10/us-usa-defense-congress-idUSBREA391EQ20140410
 
‘Heartbleed’ Internet security bug is as bad as it sounds

The word “Heartbleed” meant nothing at the start of the week. Today it is one of the hottest topics on the Internet — a simple security bug in an obscure piece of software that could compromise the personal information of millions. And while the Internet’s biggest companies scramble to fix the problem, users had better get ready to upgrade their own security practices.

“It’s not an academic exercise,” said Trey Ford, global security strategist at network security firm Rapid7 LLC in Boston. “I think this is a really big deal.”



Heartbleed bug

Heartbleed is a software bug in the open-source cryptography library OpenSSL, which allows an attacker to read the memory of a server or a client, allowing them to retrieve, for example, a server's SSL private keys. Examinations of audit logs appear to show that some attackers may have exploited the flaw for at least five months before it was rediscovered and published.

By reading an arbitrary block of the web server's memory, attackers might receive sensitive data, compromising the security of the server and its users. Vulnerable data include the server's private master key, which would enable attackers to decrypt current or stored traffic via passive man-in-the-middle attack (if perfect forward secrecy is not used by the server and client), or active man-in-the-middle if perfect forward secrecy is used. The attacker cannot control which data is returned, as the server responds with a random chunk of its own memory.

The bug might also reveal unencrypted parts of users' requests and responses, including any form post data in users' requests, session cookies and passwords, which might allow attackers to hijack the identity of another user of the service. At its disclosure, some 17% or half a million of the Internet's secure web servers certified by trusted authorities were believed to have been vulnerable to an attack. The Electronic Frontier Foundation, Ars Technica, and Bruce Schneier all deemed the Heartbleed bug "catastrophic." Forbes cybersecurity columnist, Joseph Steinberg, described the bug as potentially "the worst vulnerability found (at least in terms of its potential impact) since commercial traffic began to flow on the Internet.
 
Heartbleed bug affects gadgets everywhere

The Internet bug Heartbleed doesn't just affect websites. It also has shown up in the gadgets we use to connect to the Internet.

Tech giants Cisco (CSCO, Fortune 500) and Juniper (JNPR) have identified about two dozen networking devices affected by Heartbleed, including servers, routers, switches, phones and video cameras used by small and large businesses everywhere. The companies are also reviewing dozens more devices to determine whether they're impacted by the bug as well.

That means for two years now, someone could have been able to tap your phone calls and voicemails at work, all your emails and entire sessions at your computer or iPhone. You also could have been compromised if you logged into work from home remotely. And you'll probably never know if you were hacked.

Change these passwords right now

As sites fix the bug on their end, it's time for you to change your passwords. The Heartbleed bug allowed information leaks from a key safety feature that is supposed to keep your online communication private -- email, banking, shopping, and passwords.

Many companies are not informing their customers of the danger -- or asking them to update their log-in credentials.
 



From the article:

In a speech Tuesday at the PLA's National Defence University, Hagel planned to urge China to be more open about its cyber capabilities to defuse tensions and avoid an inadvertent conflict, a senior defence official said.
"We have tried to be as open and transparent on that as we can be. And we would like to see them be able to reciprocate," said the official, who spoke on condition of anonymity.
"We very recently shared with them some basic doctrine on cyberspace, on how we're approaching the challenges in cyberspace," the official told reporters travelling with Hagel.
But the Chinese so far had not "reciprocated", said the official, confirming a New York Times report.

Source: http://www.spacedaily.com/reports/US_urges_Chinese_candour_on_cyber-warfare_999.html
 



From the article:

What if your network was compromised for the past five years and you didn't know?
...
On February 11, Kaspersky Labs announced its discovery of a particularly insidious piece of malware dubbed "The Mask" – also known as "Careto" (Spanish for "mask" or "ugly face"),
the name given by the attackers to one of the two primary backdoor implants used on target machines.
Kaspersky has detected at least 380 unique victims of the attack across at least 31 countries, concentrated among energy companies, government offices, private equity firms, research institutions, and political activists.
Kaspersky further concedes that many more victims could remain undetected.
Kaspersky reports that The Mask has been active for at least five years, until January of this year.
This means that, for years, major public and private sector organizations have had their networks and data deeply compromised and not known about it.

Some samples of The Mask were found to have been compiled even before then, in 2007.
Disturbingly, this is the same year as the origins of major cyberweapons like Stuxnet and Duqu.
What's more, Kaspersky reports that The Mask is a more sophisticated piece of malware than Duqu because of the former's capacity for flexibility and customization.
...
For these reasons, and because of the unique and sophisticated way this malware would work from a network infrastructure management perspective, security experts hypothesize that The Mask was created or sponsored by a nation-state, similar to Kaspersky's conclusions about the Stuxnet worm.

Source: http://www.enterprisenetworkingplan...curity-worries-in-an-age-of-cyberwarfare.html
 
Don't assume you're safe from Heartbleed

In the post-Heartbleed world, assume your online communication isn't secure unless proven otherwise. It sounds alarmist, but it's true. Email, social media, banking -- all of it is at risk.

The Heartbleed Internet bug is particularly nasty because it's pervasive. It affects apps, hardware and websites.

To be safe from Heartbleed, you need to know that everything you use to connect online is updated and fixed: smartphone apps, Wi-Fi routers, office servers, the websites you visit -- and their servers too.

The risk is inherent in the complicated way the Internet works. Signing into your bank might bounce you to data centers around the globe. That's why solving the Heartbleed problem is a herculean task that's largely outside of your control.

All you can do is change your passwords often -- all of them -- and update your software to the latest version. And don't trust any app, device, computer environment or website until those in charge specifically say they've patched the problem.

"At this point, the best thing the average consumer should do is simply pay close attention to vendors' notices and apply any fixes," said FireEye researcher Hui Xue. Then change all your passwords again.

Video: Defense Officials Alert Computer Users to Heartbleed
 
Will cops be free to search your phone?

(CNN) -- On Tuesday, the U.S. Supreme Court will hear arguments in two cases testing the authority of police to conduct a warrantless search of an arrested person's cell phone.

For the most part, the justices' rulings in cases dealing with the Fourth Amendment go largely unnoticed by the public. Most citizens are not interested in these cases the way they are in issues like same-sex marriage or gun control. On the whole, Americans don't worry too much about search-and-seizure issues because they think these cases don't apply to them.

Police can potentially arrest you for minor infractions like littering, jaywalking, and traffic offenses. And just because they arrest you, should they be able to swipe through your pictures and text messages?
 
New cybersecurity bill would require all ministries to report attacks

Japan is set to take another step toward bolstering its cybersecurity by creating a central government entity tasked with assessing the threat of online attacks and implementing measures to counter them.

Lawmakers from the ruling coalition will submit a related bill before the current Diet session ends on June 22, with the aim of launching a new cybersecurity policy headquarters, according to the Liberal Democratic Party and junior coalition partner New Komeito.

The bill aims to strengthen the authority of the National Security Information Center (NISC), which analyzes and counters cyberattacks across government bodies — but it does not have the power to mandate them to submit materials related to cybersecurity.

The bill would oblige all government ministries and agencies to report cyberattacks to the new headquarters. If they refuse to do so, the prime minister would have the authority to order them to comply.

If it passes, the bill would also allow the government to coordinate with the newly established National Security Council to counter cybersecurity threats, which have become increasingly important for Japan-U.S. defense cooperation.
 
DARPA to Showcase Latest Cyber, Big Data Ideas

American Forces Press Service
WASHINGTON, May 19, 2014 – The Defense Advanced Research Projects Agency will display more than 100 projects and 29 programs in the Pentagon’s courtyard May 21 to demonstrate cybersecurity technologies and spark feedback from warfighters, a DARPA scientist said during a May 16 interview with the Pentagon Channel here.

Daniel Kaufman, DARPA’s Information Innovation Office director, said the ever-changing landscape of network warfare spurs the need for ongoing analysis of and dialogue about network security and greater user empowerment for warfighters in even the most remote locales.

“I want them to see the tools we’re building them to fight better and more effectively,” Kaufman said. “We’re technicians, scientists, and engineers and we build things, but there’s nothing like having somebody in uniform who actually has to use your product give you actual feedback.”

Kaufman described network warfare as a “new war,” with some 98 percent of devices having embedded microprocessors of some type.

But making forces safer yet more lethal to the enemy requires asking tough and unusual questions, Kaufman explained.

“It’s this cross-over between criminal organizations, terrorist organizations, state actors and non-state actors,” he added, “and the question is what tools do we have to create a new map?”
 
US charges Chinese military

In the first-ever prosecution of state actors over cyber-espionage, a federal grand jury indicted the five on charges they broke into US computers to benefit Chinese state-owned companies, leading to job losses in the United States in steel, solar and other industries.

Attorney General Eric Holder called on China to hand over the five men for trial in the steel city of Pittsburgh and said the United States would use “all the means that are available to us” if, as expected, Beijing refuses.

President Barack Obama’s administration “will not tolerate actions by any nation that seek to illegally sabotage American companies and undermine the integrity of fair competition,” Holder told reporters.

“This case should serve as a wake-up call to the seriousness of the ongoing cyber threat,” Holder told reporters. The grand jury indicted each of the five —Wang Dong, Sun Kailiang, Wen Xinyu, Huang Zhenyu and Gu Chunhui — on 31 counts, which each carry penalties of up to 15 years in prison.

Prosecutors said that the five officers belonged to Unit 61398 of the People’s Liberation Army. A report last year by security firm Mandiant said that the unit had thousands of workers operating out of a non-descript, 12-story building on the outskirts of Shanghai where they pilfer intellectual property and government secrets.

Retaliatory Attacks, Online
Firms That Challenge China on Trade Face Cybertheft

HONG KONG — Two large American steel makers, United States Steel and Allegheny Technologies, each lost confidential files in online attacks. The largest solar panel manufacturer in the United States, SolarWorld, lost technological secrets, production cost data, cash flow projections and details of its legal strategy.

The United Steelworkers union lost computer records containing trade policy strategies and discussions about rare earth metals and auto parts.

All four had something in common besides the data thefts: Each was publicly pushing back against China’s trade policies by seeking help from the World Trade Organization or the Commerce Department.

A Justice Department indictment released on Monday — which accuses five Chinese military personnel of the attacks — reads like a chronology of most of the major trade disputes between the United States and China in the last five years.

In most instances, the American company or union that defied Beijing ended up facing extensive break-ins by Chinese military hackers, according to the documents. It is a pattern that could discourage further trade policy challenges.
 
Snowden's leaks damage US intelligence operations - (not so)Top-secret Pentagon report

23 May 2014, 09:39 -- A top-secret Pentagon report to assess the damage to national security from the leak of classified National Security Agency documents by Edward Snowden concluded that 'the scope of the compromised knowledge related to US intelligence capabilities is staggering'. Report contains one sensational line: 'The scope of the compromised knowledge related to US intelligence capabilities is staggering.'

The Guardian has obtained a copy of the Defense Intelligence Agency's classified damage assessment in response to a Freedom of Information Act (Foia) lawsuit filed against the Defense Department earlier this year. The heavily redacted 39-page report was prepared in December and is titled 'DoD Information Review Task Force-2: Initial Assessment, Impacts Resulting from the Compromise of Classified Material by a Former NSA Contractor.'

The December report from the Pentagon is absent specific details about how Snowden's compromise affected the NSA or other agencies of the US intelligence community, but nevertheless concludes that a staggering amount of information was taken by Snowden which are thought to impact national defense.
 


Hacker Helped Disrupt 300 Web Attacks, Prosecutors Say

A prominent hacker set to be sentenced in federal court this week for breaking into numerous computer systems worldwide has provided a trove of information to the authorities, allowing them to disrupt at least 300 cyberattacks on targets that included the United States military, Congress, the federal courts, NASA and private companies, according to a newly filed government court document.

The hacker, Hector Xavier Monsegur, also helped the authorities dismantle a particularly aggressive cell of the hacking collective Anonymous, leading to the arrest of eight of its members in Europe and the United States, including Jeremy Hammond, who the Federal Bureau of Investigation said was its top “cybercriminal target,” the document said. Mr. Hammond is serving a 10-year prison term.
 


Teams to Compete for $2M Prize in DARPA’s Cyber Grand Challenge

ARLINGTON, Va., June 3, 2014 – Computer security experts from academia, industry and the larger security community have organized themselves into more than 30 teams to compete in the Defense Advanced Research Projects Agency’s Cyber Grand Challenge -- a first-of-its-kind tournament designed to speed the development of automated security systems able to defend against cyberattacks as fast as they are launched, DARPA officials announced today.

The winning team from the Cyber Grand Challenge finals stands to receive a cash prize of $2 million. Second place can earn $1 million, and third place $750,000.

DARPA officials also announced today that the organization has reached an agreement to hold the 2016 Cyber Grand Challenge final competition in conjunction with DEF CON, one of the largest computer security conferences in the world.

DARPA’s Cyber Grand Challenge takes aim at an increasingly serious problem, officials said: the inadequacy of current network security systems, which require expert programmers to identify and repair system weaknesses, typically after attackers have taken advantage of those weaknesses to steal data or disrupt processes.

As of today, 35 teams from around the world have registered with DARPA to construct and program high-performance computers capable of competing in the Cyber Grand Challenge. Most competitors have entered on the “open track” available to self-funded teams. A parallel “proposal track” consists of teams invited and partially supported by DARPA to develop automated network defense technology.
 



From the article:

Buoyed by tens of millions of defense dollars, Lockheed Martin Corp. has made Orlando ground zero for a "test range" to help the military develop antivirus technology to combat hacker attacks and cyber-terrorism.

The secret electronic system, known as the National Cyber Range, is being operated by an Orlando-based Lockheed unit and financed by the Army's Orlando simulation and training contract agency.
...
But it is apparent that the computer-based "weapons range" uses simulated viruses to develop and test the military's defense systems against cyber-attacks.
And the military is beginning to put some serious money into developing that capability.
...
According to the Department of Defense, the work "allows potentially virulent code to be introduced and studied on the cyber range without compromising the range itself."

Source: http://www.stripes.com/news/us/lockheed-develops-tools-to-fight-viruses-1.286515
 
You must log in or register to reply here.

Similar threads

Quintillus
Internet Cafes
2
Replies
24
Views
1K
Tee Kay
Tee Kay
Dhoomstriker
STOP RISAA, the FISA Mass Surveillance Expansion
Replies
10
Views
443
Moff Jerjerrod
Moff Jerjerrod
Kaitzilla
The Boeing Thread
4 5 6
Replies
104
Views
3K
r16
r16
GoodEnoughForMe
Posts of the Year
Replies
16
Views
712
Bonyduck Campersang
Bonyduck Campersang
Birdjaguar
  • Locked
[RD] War in Gaza: News Thread
29 30 31
Replies
601
Views
22K
Birdjaguar
Birdjaguar
Top Bottom