hide captionA massive 2007 cyberassault, traced to Russia, highlighted the need for Estonia to set up a Cyber Defense League, a force of programmers, computer scientists and software engineers who in wartime would function under a unified military command. iStockphoto A massive 2007 cyberassault, traced to Russia, highlighted the need for Estonia to set up a Cyber Defense League, a force of programmers, computer scientists and software engineers who in wartime would function under a unified military command. In April 2007, the Baltic republic of Estonia became the first country in the world to experience cyberwar. Government, financial and media computer networks were paralyzed by a series of attacks, which authorities ultimately concluded originated in Russia. In the years since that cyberassault, Estonia has distinguished itself once again: Now it is a model for how a country might defend itself during a cyberwar. Volunteer Cyber Army Emerges In Estonia
Security expert Bruce Schneier has called for governments to establish ‘hotlines’ between their cyber commands, much like the those between nuclear commands, to help them battle against cyber attacks. Cyber security is high on the national agenda, and is regarded as a top threat to the UK’s security. It is also top a concern for other nations around the world. Last month, the EU announced plans to cybercrime centre by 2013, and it agreed with the US to set up a working group on cybersecurity. Meanwhile, NATO also adopted its Strategic Concept Charter, which outlines plans to develop new capabilities to combat cyber attacks on military networks. Bruce Schneier: We need ‘cyberwar hotlines’ to match nuclear hotlines
The AP noticed something troubling in Michael Vickers’ response to the Senate Armed Services Committee questions on his nomination to be Undersecretary of Defense for Intelligence: the government did not include descriptions of its cyberwar activities in the quarterly report on clandestine activities. The Senate Armed Services Committee voiced concerns that cyber activities were not included in the quarterly report on clandestine activities. But Vickers, in his answer, suggested that such emerging high-tech operations are not specifically listed in the law — a further indication that cyber oversight is still a murky work in progress for the Obama administration.Vickers told the committee that the requirement specifically calls for clandestine human intelligence activity. But if confirmed, he said, he would review the reporting requirements and support expanding the information included in the report. Hiding our Cyberwar from Congress
AAAS "U.S. Government, Businesses Are Poorly Prepared for Cyber Attacks, Experts Say at AAAS" The United States is ill-prepared to defend its vital infrastructure against a cyber attack, a former top cybersecurity official said during a recent panel discussion at AAAS. Richard C. Clarke, special adviser for cybersecurity under President George W.
Nicholas Roberts for The New York Times Ralph Langner, an independent computer security expert, solved Stuxnet. The Dimona complex in the Negev desert is famous as the heavily guarded heart of Israel’s never-acknowledged nuclear arms program, where neat rows of factories make atomic fuel for the arsenal. Over the past two years, according to intelligence and military experts familiar with its operations, Dimona has taken on a new, equally secret role — as a critical testing ground in a joint American and Israeli effort to undermine Iran’s efforts to make a bomb of its own. Behind Dimona’s barbed wire, the experts say, Israel has spun nuclear centrifuges virtually identical to Iran’s at Natanz, where Iranian scientists are struggling to enrich uranium. Stuxnet Worm Used Against Iran Was Tested in Israel
New info on Stuxnet Stuxnet continues to make headlines. The New York Times published a long story on the latest findings, including these: President George Bush started an experimental cyber attack program against Iran already in 2008. The NY Times claims that Stuxnet was developed jointly by USA and Israel. They offer no direct proof though.
Hillary Clinton, speech on Internet freedom, Newseum, Washington, DC, January, 21, 2010: Countries or individuals that engage in cyber attacks should face consequences and international condemnation. In an interconnected world, an attack on one nation’s networks can be an attack on all. The New York Times, Saturday: Over the past two years, according to intelligence and military experts familiar with its operations, Dimona has taken on a new, equally secret role . . . . Dimona tested the effectiveness of the Stuxnet computer worm, a destructive program that appears to have wiped out roughly a fifth of Iran’s nuclear centrifuges. . . . the operations there, as well as related efforts in the United States, are among the newest and strongest clues suggesting that the virus was designed as an American-Israeli project to sabotage the Iranian program. . . . Applying U.S. principles on Internet freedom - Glenn Greenwald
Risks of cyber war 'over-hyped' says OECD study 17 January 2011 Last updated at 10:33 GMT A huge solar flare could give rise to a global cyber shock, warns the report The vast majority of hi-tech attacks described as acts of cyber war do not deserve the name, says a report. The Organisation for Economic Cooperation and Development study is part of a series considering incidents that could cause global disruption. While pandemics and financial instability could cause problems, cyber attacks are unlikely to, it says. Instead, trouble caused by cyber attacks is likely to be localised and short-lived.
Like many people, I've been following the story of the Stuxnet worm with great interest. As you probably know, this worm was apparently designed to infect Iranian nuclear operations to create problems -- and supposedly setting back their nuclear operations quite a bit. The NY Times came out with a fascinating investigative report about the background of Stuxnet over the weekend, and it's worth a read. What I found most entertaining was the rather Hollywood-trickery angle by which Stuxnet did its dirty work: The worm itself now appears to have included two major components. stuxnet-increasingly-sounding-like-movie-plot.shtml from techdirt.com