Web Concepts

Posts Tagged ‘cyberwar’

The idea goes something like this: China and other regimes around the world inherently have an upper hand when it comes to cyber defense because their lack of civil liberty protections lets the government freely monitor online activity. Things like “deep packet inspection” (which gained notoriety during Iranian election protests back in 2009) that let governments monitor citizens traffic also let them monitor for unusual activity.

That activity could be cyber criminals at work, or it could be foreign-backed cyber warriors and cyber spies working to weaken a nation’s infrastructure or penetrate sensitive government systems. Regardless, other countries are better protected. The U.S. Internet, by virtue of its adherence civil liberties, is more like the wild west. Everyone does everything online anonymously, and while that’s great for liberties, it’s also dangerous when cyber criminals/foreign hackers are roaming the cyber countryside.

The proposed solution: a dot-secure safe zone (basically, a seperate Internet) where things like financial institutions, sensitive infrastructure, government contractors, and the government itself can hide behind heavier defenses. Your fourth amendment privacy rights wouldn’t apply here, as you would consent to give them up upon entry; as when walking onto a military base or into an airport, users would have to show detailed identification and credentials to get in. Those who want to remain anonymous on the Web can still frolic about in the world of dot-com, but in the dot-secure realm you would have to prove you are you.

A wise man once warned about giving up a little liberty for a little security, but a tiered Internet with varying levels of freedom, security, and anonymity may be the way the Internet goes in the end. The Obama administration and members of Congress are finally taking cybersecurity quite seriously it appears, and big-league legislation is likely imminent. When the dust settles, you may not be able to go to certain neighborhoods of the Web without showing your papers at a checkpoint--and perhaps subjecting yourself to one of those humiliating electronic pat-downs as well.

[Nextgov]

The U.S. government is doing little to protect American interests from cyber threats, claims Clarke in an op-ed

Clarke worked in various high-level security roles for every president from Reagan to G.W. Bush, leaving the White House in 2003 with the title Special Advisor to the President on cybersecurity. That is, he’s got some background on the topic at hand. And his assessment is pretty bleak: Senior U.S. officials know--and have known--that Chinese hackers are systematically infiltrating our networks, stealing source code, valuable R&D, and trade secrets from corporations while probing our power grids and other critical infrastructure for weaknesses, leaving behind easy access for themselves should they ever need to return and carry out more malicious acts.

Google, he says, has had the stones to stand up and admit it when its networks have been breached. But other companies, usually out of fear of being labeled “not secure,” haven’t done so. The recent RSA Security breach says it all; Chinese hackers--with government support--are walking all over us digitally, and the U.S. government is doing little to protect jeopardized American interests that aren’t on a .gov or .mil server.

How do we know the Chinese government is behind these hacks? The Chinese claim attacks originating on their soil are rogue hackers, not government-backed cyber warriors. But, Clarke says, cyber criminals breach companies for financial gain, swiping credit cards or otherwise making away with funds. There’s no money in hacking the U.S. electrical grid, yet President Obama himself has admitted that the grid has been thoroughly probed by hackers. Says Clarke:

“What would we do if we discovered that Chinese explosives had been laid throughout our national electrical system? The public would demand a government response. If, however, the explosive is a digital bomb that could do even more damage, our response is apparently muted—especially from our government.”

Tough words from a former cybersecurity czar. The op-ed is worth a read if you’re staying current on cyber threats and the larger geopolitical situation. Click through below for the whole story.

[WSJ]

We already knew Stuxnet was unprecedented, but it’s what is unknown about it that makes it so unsettling. The code can enter systems undetected, steal information or alter processes, and basically live there causing a mess of things while the system appears to security software to be working properly. But authorities don’t know where the Stuxnet worm came from, or what it was specifically designed to attack, McGurk told Senators.

That last part is debatable. While there is still a degree of uncertainty about Stuxnet’s aims, cybersecurity firm Symantec released a report Friday saying that all evidence points to Iran as the target of the worm. “Stuxnet is a threat targeting a specific industrial control system likely in Iran, such as a gas pipeline or power plant,” the report reads. “The ultimate goal of Stuxnet is to sabotage that facility by reprogramming programmable logic controllers (PLCs) to operate as the attackers intend them to, most likely out of their specified boundaries.”

Symantec researchers were able to deduce this from the fact that Stuxnet requires specific industrial control systems from very specific vendors (one in Finalnd, the other in Tehran) to work, and more than 60 percent of infections have been reported in Iran (there have been approximately 44,000 unique infections reported; just 1,600 are in the United States). That has led to speculation that Stuxnet was designed to sabotage Tehran’s controversial uranium enrichment program.

Still, global security experts appear co closer to pinpointing a source of the attack, which is a serious threat to systems that control infrastructure like power grids and pipelines around the globe. That’s more than a little unsettling in a wired world. According to one cybersecuiry expert quoted by CNN, “we’re not only susceptible, but we’re not very well prepared.”

[CNN, Symantec]

The command will be responsible for defending the nation against computer attacks from abroad, and also for attacking enemy computer networks. Official U.S. policy on cyber-warfare has not yet been clearly articulated, but in April, General Alexander asserted the legitimacy of the U.S. military returning such attacks.

"Even with the clear understanding that we could experience damage to our infrastructure, we must be prepared to fight through in the worst case scenario," he told the Senate.

[the Washington Post]

Alexander is testifying before Congress as part of his confirmation as the new head of US Cyber Command. In that position, he will oversee the protection of the US data infrastructure. In his answers to questions from Congressmen before tomorrow's in-person testimony, Alexander said that the US has responded to threats against the country in cyberspace, but declined to get into specifics. He also added that while military law doesn't specifically authorize a country to retaliate with a cyber-attack, the law implicitly condones the use of retaliatory cyberwar.

In general, Alexander's testimony reflected a policy that treats a computer the same as a rifle in a military context. For him, it's a weapon, and faces the same deterrent, legal, technical issues as a fighter plane, nuclear bomb, or sharpened stick. However, it should be noted that Alexander also gave extensive classified testimony that no doubt went into more specific detail about the US's cyber-deterrence and offensive capabilities.

Still, what Alexander did reveal is mostly new information for the general public, and with live questioning set to begin tomorrow, we should end this week knowing far more about US cyber policy than we began it.

[Associated Press]