Should We Fire the First Shot in a Cyberwar?
Defending against an attack is so hard that some think a stronger offense is required.
http://m.technologyreview.com/web/39315/
Should We Fire the First Shot in a Cyberwar?
Defending against an attack is so hard that some think a stronger offense is required.
http://m.technologyreview.com/web/39315/
A scrimmage in a Border Station
A canter down some dark defile
Two thousand pounds of education
Drops to a ten-rupee jezail
http://i.imgur.com/IPT1uLH.jpg
China-Based Hacking of 760 Companies Shows Cyber Cold War
http://mobile.bloomberg.com/news/201...obal-cyber-warGoogle Inc. (GOOG) and Intel Corp. (INTC) were logical targets for China-based hackers, given the solid-gold intellectual property data stored in their computers. An attack by cyber spies on iBahn, a provider of Internet services to hotels, takes some explaining.
A scrimmage in a Border Station
A canter down some dark defile
Two thousand pounds of education
Drops to a ten-rupee jezail
http://i.imgur.com/IPT1uLH.jpg
Like any of the other domains cyber has different roles that inherently suggest capabilities and also responsibilities. If you accept cyber as a defacto domain.
Computer Network Attack, Defense, and Operations are elements of nation state capability to wage war and control communications and control mechanisms.
Information (assurance) and security is about users, corporations, and non-military governmental entities protecting their information assets.
This is not an equivocation, but a realization that not all attacks rise to the level of war, and that not all capabilities are about making war. We have police forces for taking care of crime, but militaries for taking care of similar actions/behaviors that carry quite different consequences. Not all nations separate these powers, but almost all nations realize the difference when talking about terrestrial or the sea.
So hacking, low level noise, and other inelegant descriptions of the noise in a borderless cyber world is not necessarily war. No matter what people call it. It may be criminal, it may be inconvenient, but it is not war. Similarly defense by a military entity is not the same as defense by a non-military entity. Further, the element of defense in hostile operations environments will be significantly different the element of defense in normal operations.
Unfortunately such subtleties aren't in vogue or considered by the main stream media.
Sam Liles
Selil Blog
Don't forget to duck Secret Squirrel
The scholarship of teaching and learning results in equal hatred from latte leftists and cappuccino conservatives.
All opinions are mine and may or may not reflect those of my employer depending on the chance it might affect funding, politics, or the setting of the sun. As such these are my opinions you can get your own.
Chinese hackers deface Bloomberg 'capitalist roader' editorial section, produce non-alarmist article; cyberpocalypse slouches closer:
View: Corporate America Must Fight, and Live With, China Hackers - Bloomberg - Dec 16, 2011.View: Corporate America Must Fight, and Live With, China Hackers
Chinese hackers have redefined the concept of room service: In one recent attack, they infiltrated an Internet service provider to some of the world’s leading hotels, potentially gaining access to millions of confidential messages of traveling executives, as well as to the victims’ corporate networks.
[...]
Of course, industrial espionage has been a fixture of the economic landscape for centuries. Americans have a rich history of pilfering ideas from abroad, beginning with the theft of spinning and weaving technology from the British. So one proper response to today’s techno-thieves -- be they Chinese, Russian, French, German or Israeli -- is for American companies to embrace the threat as a fact of life and step up their own vigilance, especially when their executives travel overseas.
[...]
Finally, we need to treat the threat of Chinese cyber- espionage, real as it is, in a sober, nuanced manner. Sometimes, U.S. cyber warriors talk of China in language that sounds like it comes from an old Fu Manchu movie. China isn’t a monolith: the Ministry of Foreign Affairs, the Ministry of State Security and the People’s Liberation Army -- not to mention an army of rogue hackers -- all behave very differently.
Many Chinese recognize that China and the U.S. share a common interest in ensuring the protection of intellectual property, that foreign companies will not continue to invest in a country that is stealing their crown jewels, and that China stands to lose from undermining an economy in which it has invested hundreds of billions of dollars.
...
Also hacked; Council of Foreign Relations (paper tiger dept.) becomes 'PLA mouthpiece', cybergeddon looms:
Can You Hear Me Now? The U.S. Sends China a Message on Cyber Espionage - Asia Unbound (CFR blog) - Dec 13, 2011.Can You Hear Me Now? The U.S. Sends China a Message on Cyber Espionage
[...]
Whatever happens next, we are clearly only at the beginning. Claiming specific individuals and groups are behind the attacks is an important step forward, but where this all ends will ultimately depend on politics—how important cyber threats are compared to all the other issues in the U.S.-Sino relationship.
...
Fah Lo Suee
http://bits.blogs.nytimes.com/2011/1...rsecurity-law/The United States Chamber of Commerce has confirmed Chinese hackers last year broke into internal networks.
The breach is, in some ways, a twist of fate for the Chamber. It has been one of the more vocal critics of cybersecurity legislation. In an internal draft document circulated earlier this year, the Chamber criticized the White House’s legislative proposals on cybersecurity as “regulatory overreach” and cautioned that “layering new regulations on critical infrastructure will harm public-private partnerships.”
A scrimmage in a Border Station
A canter down some dark defile
Two thousand pounds of education
Drops to a ten-rupee jezail
http://i.imgur.com/IPT1uLH.jpg
Adam G, I was beginning to think you'd hit the snooze button.
Paranormal activity:China Hackers Hit U.S. Chamber
Attacks Breached Computer System of Business-Lobbying Group; Emails Stolen
A group of hackers in China breached the computer defenses of America's top business-lobbying group and gained access to everything stored on its systems, including information about its three million members, according to several people familiar with the matter.
Ends on a hopeful note:The Chamber continues to see suspicious activity, they say. A thermostat at a town house the Chamber owns on Capitol Hill at one point was communicating with an Internet address in China, they say, and, in March, a printer used by Chamber executives spontaneously started printing pages with Chinese characters.
"It's the new normal. I expect this to continue for the foreseeable future. I expect to be surprised again."
It's funny cos' it's Fu! (reader observation from WSJ article comment thread, p.10):
To be more succinct the Chinese are already at war with the free world and America just haven't accepted that these are really xenophobic nasty people who need to be quarantined from the civilized world.
China Hackers Hit U.S. Chamber - WSJ - Dec 21, 2011.
Last edited by Backwards Observer; 12-22-2011 at 06:00 AM. Reason: word insertion
We are the Priests of the Temple of Syrinx:
Defending intellectual property in an internet age - Financial Times - 21.12.11Defending intellectual property in an internet age
SpaceX is in a race for its life with the Chinese. The US venture says it has $3bn in orders under its belt, making it one of the early leaders in the commercial space industry. But founder Elon Musk is under no illusions about the existential risk to his business: the Chinese path to success in the commercial space industry, he says, runs over his company’s dead body.
What should a company, or an entire industry, that finds itself in Chinese cross-hairs do? One response at SpaceX, Mr Musk says, has been to avoid seeking patent protection for the company’s most important technology.
[...]
That starts with a clear-eyed assessment of what technology is most the most vital. If businesses like SpaceX are not going to patent their best ideas, then they must go to great lengths to defend it. It should be stored on systems that are not connected to the internet, says Mr Anderson, with strict limits on who has access.
Greater accountability is also essential, both inside and outside. Protection of IP should be a clear senior executive responsibility. And shareholders and regulators have a part to play. More disclosure of hacking attacks is needed. Shareholders would also be reassured by explicit certification that their company’s crown jewels are secure.
2112
Merry Christmas, Peace on Earth, Goodwill to All Humans (MC:PoEGaH)
I've been working on answering "WHY it's so easy to hack targets" It's way outside the lane of Small Wars but here is some link bait http://selil.com/archives/2880 of what I'm working on. Don't worry about all the other stuff the only thing that really matters is there are a whole lot of vulnerabilities with associated exploits (that will be zero days) that aren't even disclosed on any one day and that window moves through time. Only silly people say that Stuxnet had an unprecedented 4 zero days. On average 12 zero days are created every day.
Summary: Pishaw
Sam Liles
Selil Blog
Don't forget to duck Secret Squirrel
The scholarship of teaching and learning results in equal hatred from latte leftists and cappuccino conservatives.
All opinions are mine and may or may not reflect those of my employer depending on the chance it might affect funding, politics, or the setting of the sun. As such these are my opinions you can get your own.
Bookmarks