Epilogue

Each of my posts over the last several weeks had a common theme and generally discussed the Pentagon and its declaration of Cyber War in the Ethernet.  Most of the information posted came from new media such as ABCNews.com or FoxNews.com.  I am somewhat of a news junkie in that I watch a lot of news and read six or seven newspapers a day.  I like the variety of story presentations by each of the news media.  I also read news magazines, Time, Newsweek, US News. 

The state of information security is indeterminate for me at this time.  I am relatively new in the information security industry and I am very surprised as to how vulnerable we all are.  I will tell you that I personally became more aware of the issues through the research and blogging process.  However, for me, at this time, to express an opinion of the state of information security would be biased towards my relative ignorance and would most likely not have a proper perspective. 

As far as trends are concerned, nine weeks is not a long enough period to identify or develop a trend.  For subjects such as computer security, trends occur over months or years.  Trends were apparent in the various annual Verizon Data Breach Investigations Reports.

As far as lessons learned, I have one – lock it up.  If you don’t want it stolen, used, or abused, secure it, whether it be your bicycle or data on your computer, get aware, do an inventory, learn how it can be compromised, and take the necessary actions to prevent the loss.

Importing Cyber Risks

In a prior blog, two weeks ago, we reported that much of the cyber security infrastructure hardware and software used by the US are designed, manufactured and assembled overseas.  Not surprising is the fact that some of this equipment is coming to the US with ready-made spyware, malware and other security compromising components.  The White House, Homeland Security, and the Pentagon are aware of this.  There is no evidence to indicate that foreign governments are involved in this deception, but it is not hard to imagine that one or more could be involved.  Given that a purchase of a firewall or other cyber security related (or non-cyber security for that matter) hardware/software related product could be purchased with malware that could open the backdoor to any security, how does one defend against this?  It is not possible nor practical to inspect each product as the software or firmware is downloaded or as it is manufactured.  One solution will be the mandatory installation of Intrusion Detection System (IDS) software.  Intrusion Prevention System (IPS) software will be of little value because the intruder has already been invited in.

Importing Cyber Risks

In a prior blog, two weeks ago, we reported that much of the cyber security infrastructure hardware and software used by the US are designed, manufactured and assembled overseas.  Not surprising is the fact that some of this equipment is coming to the US with ready-made spyware, malware and other security compromising components.  The White House, Homeland Security, and the Pentagon are aware of this.  There is no evidence to indicate that foreign governments are involved in this deception, but it is not hard to imagine that one or more could be involved.  Given that a purchase of a firewall or other cyber security related (or non-cyber security for that matter) hardware/software related product could be purchased with malware that could open the backdoor to any security, how does one defend against this?  It is not possible nor practical to inspect each product as the software or firmware is downloaded or as it is manufactured.  One solution will be the mandatory installation of Intrusion Detection System (IDS) software.  Intrusion Prevention System (IPS) software will be of little value because the intruder has already been invited in.

Can the genie be contained?

Cyber security for the US, including the US Congress and Pentagon is underdeveloped.  The Congress was recently hacked and a Pentagon contractor was likewise hacked.  The House and Senate networks are especially vulnerable.  According to US News and World report, congress traffics about 500 emails each year.  The number of attacks has grown from 8 million attacks per month, in 2008, to 1.8 billion per month for 2011.  The Senate Sergeant At Arms claims the Congress is safe – they only allow 1.1 attacks through every day.  The Pentagon is suffering the same level of attacks, but instead of a centrally located facility akin to the Congress in Wash DC, the Pentagon has its facilities plus those of its contractors and subcontractors.  The recent theft of details for new weapons systems has Pentagon officials questioning whether they need to redesign the system.  One Pentagon official claimed that the new Pentagon initiatives for countering cyber warfare do not go far enough, that intrusion into Pentagon cyber did not penalize attackers.  The Official indicated that the current strategy is “purely defensive” and there is no penalty for attacking us.  The Official indicated that more aggressive cyber tactics, as well as legal and diplomatic measures are needed to “raise the price” of attacking.

The ongoing Saga - Pentagon vs. the Cyber

In the ongoing saga of the Pentagon and Cyber War, the Pentagon declared the Internet a war domain.  Just think, the 8 year Johnny or Susie logging on to his Macintosh to download Pond Puppies could somehow be caught up in a war zone and may have his computer taken over by the Pentagon and recruited as a bot.  Internet bots, also known as web robots, WWW robots or simply bots, are software applications that run automated tasks over the Internet.  The largest use of bots is in web spidering, in which an automated script fetches, analyzes and files information from web servers at many times the speed of a human.  Many organizations, large and small rely on the internet to function, including the State and Federal governments, large corporations, and small businesses.  The Pentagon is claiming that the bad guys are taking war to the Cyber and that they have no choice.  The Pentagon plans to focus on three areas in their Cyber War plans – the theft or exploitation of data; attacks of US military networks (how they can differentiate between military and civilian, I’ll never know) and the destruction or degradation of networks.  The plans do not specifically differentiate between those of the US or others.   One of the obstacles facing the US military is that many components used in the US internet infrastructure are designed, manufactured and assembled overseas.  As part of their strategy, the Pentagon is adopting the Cyber as a medium in which wars can be fought, much like the ground, air and water is used for fighting wars.

Organized Crime and the Cyber

Organized crime syndicates are organizing for an attack on the cyber world.  The US Secret Service, has successfully investigated and prosecuted numerous of the largest cybercriminal cases in the US.  In 2010 alone, the USSS arrested over 1200 suspects for some form of cybercrime totaling over $500 million in actual loss and prevention of over $7 billion in losses.  According to the 2011 Verizon Data Breach Investigations Report, cybercriminals are primarily interested in point-of-sale systems, performing account takeovers, and Automated Clearing House transaction fraud.  Many of these criminals originate from Eastern Europe.  As a result, the USSS and other agencies are teaming up with their counterparts in Romania, Germany, Turkey and elsewhere.  Romania, it appears, is the hotbed of most cybercrime.  Romanian legal forces are marshaled to take down the international organized crime organizations.  The Russians too are getting involved.  Some Russian agents are being trained in the US in the hopes of becoming as affective as the Romanians become.  In addition, cybercrime in Eastern Europe will be met with an increase in penalties.

Civilian Perspective on Cyber Warfare

Dartmouth College defines cyber warfare as nation-states participating in offensive and defensive operations, using computers to attack other computers or networks through electronic media.  The attackers do not need to be part of the military forces of these nation-states, rather they can be any person, sanctioned by these units.  The purveyors of cyber warfare are individuals who know how to exploit weaknesses in software and computers.  These nation-states, including the United States gather intelligence or spy to determine vulnerabilities in the digital infrastructure of known or potential enemies.  In doing so, they determine how to defeat the enemy while learning of their own weaknesses.  Perfect security is but a dream.  This is true for information security.  Since the beginning of time, someone has devised a means to defeat any security system – hackers are no different.  As soon as one security system is established, a hacker is disabling it.  The best we can to is minimize or mitigate the destructive nature of cyber warfare.

Pentgon is Reading this Blog

The Pentagon must be reading my blog.  Interestingly enough, the Pentagon is back-pedaling on its threshold for declaring war due to cyber-attacks.  According to CBS News, the U.S. military may never have a direct answer on when to fire back against a computer-based attack.  The Pentagon is developing different scenarios for its cyber war plans.  These scenarios are intended to define the rules of war as they apply to cyber war.  The scenarios do include launching attacks from unknowing civilian computers attacking civilian computers.  Critics of the Pentagon argue that it is not progressing fast enough in determining what constitutes a cyber-attack.  Pentagon spokesperson reminds these critics that the US is constantly being barraged with attacks from countries such as China.  However, much of what the US is doing to protect its cyber infrastructure remains secret and, therefore, is not open to the public.  The Pentagon did express that retaliation to cyber-attacks would most likely be in kind.  In other words, the US intends to fight fire with fire.

Evolution of Cyber Crime

In the beginning, cyber security issues began as purchasers of software attempted and succeeded at breaking the anti-copy seal of software.  Software was purchased by a single individual and then boot leg copies were made and distributed to friends and relatives.  Software developers made several attempts to create a “seal” that would prevent copying the software, only have someone, somewhere break the code nd distribute the software freely for use by non-purchasers.  The difficulty to break the seal became ever increasingly more difficult as time wore on.  Nowadays, software is protected by a “key” which consists of several apparently randomly generated alpha-numeric key codes which will unlock the software for use. 

With the advent of the internet, cracking of computer related security became the domain of teenagers trying to outsmart the establishment’s security efforts.  This new wave of hacking has evolved to the breaking in and theft of much more valuable resources than locks and keys.  Hacking has developed into a multi-billion dollar crime venture.  While some of these ventures remain rather benign, the worse are a malignant sore for those who rely on the internet to conduct daily business.

War Over Cyber Security?

Another apparently significant breach of information security was reported this week.  The International Monetary Fund was hacked with some files being transferred by unknown parties.  However, an identified security expert indicated the hackers were believed to be connected to an unspecified government.  In addition, this week, a Fox News story reports that the US Pentagon indicates that computer sabotage coming from another country can constitute an act of war.  The news story raises several questions.  For example, can an otherwise anonymous person, masquerading as a foreign government agent hack into the US governments computers, commit sabotage, and cause a war?  Alternatively, can a foreign government agent, posing as an anonymous civilian hacker, do the same with the same results?  What are the retaliation options for the US government? 

The hacking of the IMF can be viewed as vandalism, theft or international sabotage.  Response to such actions require thorough investigation resulting in a conclusion that is “beyond a reasonable doubt” before any kind of retaliation is conducted.  The practice of warfare has evolved over the centuries, and as with the war on terrorism, the war on cyber security will require new defenses, tactics and weapons.

Learning Something New

If you want to learn something new, read an old book.  A British Member of Parliament (MP) is likening internet security to the imposition of highway and roadway traffic laws.  A hundred years ago, with the advent of the automobile, Americans were given the freedom to explore and travel beyond the norms of their times.  But with this new freedom came a responsibilities that needed to be learned through the automobile accident.  As a result, rules of the road were developed, Stop signs, traffic lights, speed limits and other traffic control measures.  The PM is linking this evolution with the recently found freedoms that internet travel is allowing people’s all over the world.  New rules will need to be devised to assure personal safety whilst traveling through the internet.  The PM argues new regulations are needed while assuring that Big Brother is not interjecting himself into our private lives.

Protecting Critical Digital Assets

Hi Everyone & Welcome to my new blog site.


This blogging site is to help me become aware of protecting critical digital assets (CDAs). 

I am employed at a nuclear plant which generates electricity.  Many of the controls for the reactor plant and secondary side (electric generator plant) are digital control systems (DCS).  For cyber security reasons we designate some of these as CDAs.  These are controls which are computers (programable logic computers) or other platforms which need to be isolated from unauthorized use.

My intent here is to have you provide me with some perspectives external to my organization.

Hopefully, I can provide you with some insights too.

Robert Nilsson
Assignment 1.4

Protecting Critical Digital Assets

Hi Everyone & Welcome to my new blog site.


This blogging site is to help me become aware of protecting critical digital assets (CDAs). 

I am employed at a nuclear plant which generates electricity.  Many of the controls for the reactor plant and secondary side (electric generator plant) are digital control systems (DCS).  For cyber security reasons we designate some of these as CDAs.  These are controls which are computers (programable logic computers) or other platforms which need to be isolated from unauthorized use.

My intent here is to have you provide me with some perspectives external to my organization.

Hopefully, I can provide you with some insights too.

Robert Nilsson
Assignment 1.4