Friday, November 13, 2009

The Cyberwar Plan

Shane Harris from the National Journal checks in with this lengthy investigation of the United States's offensive cyber warfare capabilities. Its well worth the read given our upcoming focus on state-sponsored cyber espionage and warfare.

Highlights from this article include ...

At the request of his national intelligence director, Bush ordered an NSA cyberattack on the cellular phones and computers that insurgents in Iraq were using to plan roadside bombings. The devices allowed the fighters to coordinate their strikes and, later, post videos of the attacks on the Internet to recruit followers. According to a former senior administration official who was present at an Oval Office meeting when the president authorized the attack, the operation helped U.S. forces to commandeer the Iraqi fighters' communications system. With this capability, the Americans could deceive their adversaries with false information, including messages to lead unwitting insurgents into the fire of waiting U.S. soldiers.

Posted by Ned Moran at 1:05 PM 1 comments
Labels:

Wednesday, November 11, 2009

China proves to be an aggressive foe in cyberspace

The Washington Post checks in with a re-hash of China's cyber espionage and cyber warfare capabilities. Theres not much new information here but for those new to the field its worth the read.

From the article ...

China is significantly boosting its capabilities in cyberspace as a way to gather intelligence and, in the event of war, hit the U.S. government in a weak spot, U.S. officials and experts say. Outgunned and outspent in terms of traditional military hardware, China apparently hopes that by concentrating on holes in the U.S. security architecture -- its communications and spy satellites and its vast computer networks -- it will collect intelligence that could help it counter the imbalance.
Posted by Ned Moran at 10:59 AM 0 comments
Labels: ,

Tuesday, November 10, 2009

Four Indicted in $9.5 Million Bank Card Attack

Wired's Threat Level Blog provides an in-depth look at a recent attack on RBS WorldPay. This story provides a good case study on how sophisticated cyber criminals conduct an attack. From Threat Level ...

Initial reports painted the intrusion as a limited hack, due to the number of cards compromised. But the 16-count indictment (.pdf) charges that the four “compromised the data encryption” that RBS WorldPay used on payroll debit cards to raise the amount of funds available on the cards as well as withdrawal limits. Payroll debit cards are used by employers to pay employees instead of checks. In some cases the hackers raised the limits to $500,000.

According to the indictment, Tsurikov conducted reconnaissance of the RBS network after Covelin provided him with information about vulnerabilities in the system. Pleshchuk and Covelin then worked on exploiting the vulnerabilities to obtain access on November 4. Pleschuk allegedly developed the method for reverse-engineering the encrypted PINs.

Once the hackers raised the account limits, they provided an army of cashers with 44 cards embedded with the account details for a coordinated, simultaneous attack on ATMs around the world. On November 8, the cashers were instructed to begin siphoning money, and they hit 2,000 ATMs in less than 12 hours, netting about $9.5 million.
Posted by Ned Moran at 1:18 PM 1 comments
Labels:

Monday, November 9, 2009

Errata Security Responds to 60 Minutes

Errata Security has posted an interesting piece in response to 60 Minute's investigation into threats to the US's digital critical infrastructure. I recommend you read the entire piece. Selected highlights from Errata are found below:

We know the CBS story is bogus. CBS news did not investigate the evidence. They instead cite “half a dozen sources” in the US intelligence community. However, these sources themselves did not investigate the evidence: they are simply confirming that they heard the rumor from people in the Brazilian government. Those government officials likewise did not investigate the evidence, they are likewise just passing on rumors.

CBS news didn't track this down. They didn't attempt to contact anybody in Brazil. They did not contact anybody at “Furnas Centrais Elétricas”, the company responsible maintaining those transmissions lines. They didn't even do a simple Google search, which would tell them that the company claimed at the time that the 2007 outage was caused by dust and soot from local forest fires (which, apparently, is a common problem in power transmission).
Additionally,
The CBS story is obvious government propaganda. All their sources are from the government, from people who stand to gain from increased government control over the Internet. For example, it says that the US power grid is insecure, and claims that the reason it's insecure is because it's not regulated by the government. That's not a reason. The federal government's computers are even less secure than the power grid – there is no reason to think that Congress can secure the power grid if they can't secure their own computers. Conversely, all the energy companies belong to the “National Energy Regulatory Commission” or “NERC”, which is does indeed regulate the cybersecurity of the power grid. The reason the CBS story exists is because somebody else, such as the DHS or NSA, wants to take control away from the NERC. That's why you have such a one-sided story from CBS – they never talked to anybody at NERC, or any of the power companies.
Errata comes off a bit strong with some of their opinions, but there is interesting food for thought in this piece.
Posted by Ned Moran at 11:23 AM 2 comments
Labels:

Sunday, November 8, 2009

60 Minutes on CyberWar

For those who missed the 60 minutes piece on CyberWar here it is ...

Watch CBS News Videos Online

We will discuss this in class tomorrow.
Posted by Ned Moran at 8:38 PM 0 comments
Labels:

Cyber Attacks Caused Brazil Power Outages

The oft discussed but mysterious cyber attack that caused a power outage is the focus of a 60 Minutes piece to be aired on November 8, 2009. In early 2008 CIA Officer Tom Donohue publicly stated,
We have information, from multiple regions outside the United States, of cyber intrusions into utilities, followed by extortion demands. We suspect, but cannot confirm, that some of these attackers had the benefit of inside knowledge. We have information that cyberattacks have been used to disrupt power equipment in several regions outside the United States. In at least one case, the disruption caused a power outage affecting multiple cities. We do not know who executed these attacks or why, but all involved intrusions through the Internet.
CBS News now says two of these attacks that caused blackouts occurred in Brazil. According to 60 Minutes
A series of power outages affecting millions of people in Brazil in 2005 and 2007 were the result of cyber attacks. The two-day event in Espirito Santo State affecting more than three million people in 2007 and another, smaller event in three cities north of Rio de Janeiro in January 2005 were perpetrated by hackers manipulating control systems.
I highly recommend that interested students check out the 60 Minutes episode.
Posted by Ned Moran at 7:38 AM 0 comments
Labels:

Monday, October 26, 2009

Big Brother's Database

The Salt Lake Tribune reports on the NSA's construction data storage facility in Utah.

The secretive NSA on Friday made public what has for months been Utah's worst-kept military secret: It plans to build an enormous new data center at the Utah National Guard's Camp Williams. The facility could consume as much power as every home in Salt Lake City as it processes information collected in an effort to prevent attacks on the nation's cyber networks. But only a very small slice of the information stored at the center in southern Salt Lake County will ever be scanned by human eyes. And that's the reality for most of what is collected by the nation's other spy agencies as well.
James Bamford sheds further light on this facility on the challenges faced by the NSA in the 21st century in this piece in the New York Review of Books.

Where does all this leave us? Aid concludes that the biggest problem facing the agency is not the fact that it's drowning in untranslated, indecipherable, and mostly unusable data, problems that the troubled new modernization plan, Turbulence, is supposed to eventually fix. "These problems may, in fact, be the tip of the iceberg," he writes. Instead, what the agency needs most, Aid says, is more power. But the type of power to which he is referring is the kind that comes from electrical substations, not statutes. "As strange as it may sound," he writes, "one of the most urgent problems facing NSA is a severe shortage of electrical power." With supercomputers measured by the acre and estimated $70 million annual electricity bills for its headquarters, the agency has begun browning out, which is the reason for locating its new data centers in Utah and Texas. And as it pleads for more money to construct newer and bigger power generators, Aid notes, Congress is balking.
While both these pieces raise important questions about the balance between privacy and security, they also raise important questions about the efficacy of spending so much money collecting data which is never analyzed. According to MIT defense expert Pete Rustan, who complained that "70 percent of the data we collect is falling on the floor." Bamford is right to suggest that the money spent on these collection capabilities may be better spent on other programs.
Posted by Ned Moran at 1:19 PM 4 comments
Labels: , ,
Subscribe to: Posts (Atom)