Cyber attacks on the USA (catch all)

[AdamG]

When is a cyberattack an act of war?
By Ellen Nakashima, Published: October 26

On the night of Oct. 11, Defense Secretary Leon Panetta stood inside the Intrepid Sea, Air and Space Museum, housed in a former aircraft carrier moored at a New York City pier, and let an audience of business executives in on one of the most important conversations inside the U.S. government.

Welcome to the new world of “drip, drip cyber attacks,” in the words of Tufts University law professor Michael J. Glennon. The nature of cyberspace, he says, creates the potential for “a mysterious airliner accident here, a strange power blackout there, incidents extending over months or years,” generally “with no traceable sponsorship.”

http://www.washingtonpost.com/opinio...8_story_1.html

[AdamG]

(Reuters) - Homeland Security Secretary Janet Napolitano warned on Thursday that a major cyber attack is a looming threat and could have the same sort of impact as last year's Superstorm Sandy, which knocked out electricity in a large swathe of the Northeast.

http://www.reuters.com/article/2013/...90N1A320130124

A jihadist website posted a new threat by al Qaeda this week that promises to conduct “shocking” attacks on the United States and the West.

The posting appeared on the Ansar al Mujahidin network Sunday and carried the headline, “Map of al Qaeda and its future strikes.”

The message, in Arabic, asks: “Where will the next strike by al Qaeda be?” A translation was obtained by Inside the Ring.

“The answer for it, in short: The coming strikes by al Qaeda, with God’s Might, will be in the heart of the land of nonbelief, America, and in France, Denmark, other countries in Europe, in the countries that helped and are helping France, and in other places that shall be named by al Qaeda at other times,” the threat states.

The attacks will be “strong, serious, alarming, earth-shattering, shocking and terrifying.”

Read more: http://www.washingtontimes.com/news/...#ixzz2Jg8CH8dt

[AdamG]

The Energy Department has been hit by a major cyber-attack, which resulted in the personal information of several hundred employees being compromised and could have been aimed at obtaining other sensitive information, The Washington Free Beacon reports.

Read more: http://www.foxnews.com/politics/2013...#ixzz2JxTT3nw8

[davidbfpo]

Apparently a rare White House comment on matters cyber, entitled 'Heartbleed: Understanding When We Disclose Cyber Vulnerabilities' and all beyond me:http://www.whitehouse.gov/blog/2014/...lnerabilities?

Meantime over here a RUSI comment on how the UK responds:

The UK’s Computer Emergency Response Team (CERT) was launched this week to universal nods of approval. Questions remain, however, over how it will achieve its aims and what value it will add in an increasingly crowded UK network of cyber security teams.

See:https://www.rusi.org/analysis/commen.../#.U1-mfqJZAdU

[AdamG]

(Reuters) - A sophisticated hacking group recently attacked a U.S. public utility and compromised its control system network, but there was no evidence that the utility's operations were affected, according to the Department of Homeland Security.

DHS did not identify the utility in a report that was issued this week by the agency's Industrial Control Systems Cyber Emergency Response Team, or ICS-CERT.

"While unauthorized access was identified, ICS-CERT was able to work with the affected entity to put in place mitigation strategies and ensure the security of their control systems before there was any impact to operations," a DHS official told Reuters on Tuesday.

Such cyber attacks are rarely disclosed by ICS-CERT, which typically keeps details about its investigations secret to encourage businesses to share information with the government. Companies are often reluctant to go public about attacks to avoid potentially negative publicity.

http://www.reuters.com/article/2014/...A4J10D20140521

[AdamG]

Tom Clancy-esque plot twist - what if the US responds to a cyber attack against a State Actor (based on the best evidence at the time) when it was actually perpetrated by a non-State Actor (like say, a disgruntle ex-employee/s)?

The White House says the devastating cyber attack on Sony Pictures was done with "malicious intent" and was initiated by a "sophisticated actor" but it would not say if that actor was North Korea.

Spokesman Josh Earnest says the matter is still under investigation.

http://www.npr.org/blogs/thetwo-way/...e-proportional

[selil]

Tom Clancy-esque plot twist - what if the US responds to a cyber attack against a State Actor (based on the best evidence at the time) when it was actually perpetrated by a non-State Actor (like say, a disgruntle ex-employee/s)?


http://www.npr.org/blogs/thetwo-way/...e-proportional

Great question asked by a lot of people. Not being answered either.

[Bill Moore]

Tom Clancy-esque plot twist - what if the US responds to a cyber attack against a State Actor (based on the best evidence at the time) when it was actually perpetrated by a non-State Actor (like say, a disgruntle ex-employee/s)?


http://www.npr.org/blogs/thetwo-way/...e-proportional

Attribution is frequently challenging in cyber, but I suspect we will know with some degree of certainty, or we won't respond.

What would be a proportionate response for the hermit kingdom when it comes to cyber? Blocking the Dear Leader's access to porno?