How the U.S. Government Hacks the World. Obscured by trees and grassy berms, the campus of the National Security Agency sits 15 miles north of Washington’s traffic-clogged Beltway, its 6 million square feet of blast-resistant buildings punctuated by clusters of satellite dishes.
Created in 1952 to intercept radio and other electronic transmissions—known as signals intelligence—the NSA now focuses much of its espionage resources on stealing what spies euphemistically call “electronic data at rest.” These are the secrets that lay inside the computer networks and hard drives of terrorists, rogue nations, and even nominally friendly governments. When President Obama receives his daily intelligence briefing, most of the information comes from government cyberspies, says Mike McConnell, director of national intelligence under President George W. Bush. “It’s at least 75 percent, and going up,” he says.
Obama signs secret directive to help thwart cyberattacks. The new directive is the most extensive White House effort to date to wrestle with what constitutes an “offensive” and a “defensive” action in the rapidly evolving world of cyberwar and cyberterrorism, where an attack can be launched in milliseconds by unknown assailants utilizing a circuitous route.
For the first time, the directive explicitly makes a distinction between network defense and cyber-operations to guide officials charged with making often-rapid decisions when confronted with threats. The policy also lays out a process to vet any operations outside government and defense networks and ensure that U.S. citizens’ and foreign allies’ data and privacy are protected and international laws of war are followed. “What it does, really for the first time, is it explicitly talks about how we will use cyber-operations,” a senior administration official said. “Network defense is what you’re doing inside your own networks. . . . 10K Reasons to Worry About Critical Infrastructure. Screenshot showing an industrial control system in Idaho that's connected to the internet.
The red tag indicates there are known vulnerabilities for the device that might be exploitable. Two known vulnerabilities are listed at the bottom of the text bubble. MIAMI, Florida – A security researcher was able to locate and map more than 10,000 industrial control systems hooked up to the public internet, including water and sewage plants, and found that many could be open to easy hack attacks, due to lax security practices.
Infrastructure software vendors and critical infrastructure owners have long maintained that industrial control systems (ICSes) — even if rife with security vulnerabilities — are not at risk of penetration by outsiders because they’re “air-gapped” from the internet — that is, they’re not online. ManTech Awarded $9.2 Million Contract to Provide Cyber Security Services to the Federal Bureau of Investigation. ManTech International Corporation (NASDAQ: MANT) (www.mantech.com), a leading provider of innovative technologies and solutions for mission-critical national security programs, today announced that the. Fuck FBI Friday III: ManTech. Fuck FBI Friday III: ManTech Type: Other > Other Files: Size: 390.19 MiB (409145089 Bytes)
University projects to secure cyberspace could soon bear fruit. University projects to secure cyberspace could soon bear fruit Five-year program funded by Northrop Grumman researching new technologies By William JacksonJun 01, 2011 A number of university cybersecurity research programs funded by Northrop Grumman are expected to begin paying off in new technologies soon, researchers said June 1.
NSA is looking for a few good hackers. For that reason an alphabet soup of federal agencies — DOD, DHS, NASA, NSA — are descending on Las Vegas this week for Defcon, an annual hacker convention where the $150 entrance fee is cash only — no registration, no credit cards, no names taken.
Attendance is expected to top 10,000. The NSA is among the keen suitors. The spy agency plays offense and defense in the cyberwars. Fake femme fatale shows social network risks. News July 22, 2010 06:00 AM ET Computerworld - Hundreds of people in the information security, military and intelligence fields recently found themselves with egg on their faces after sharing personal information with a fictitious Navy cyberthreat analyst named "Robin Sage," whose profile on prominent social networking sites was created by a security researcher to illustrate the risks of social networking.
In a conversation with Computerworld, Thomas Ryan, co-founder of Provide Security, said he used a few photos to portray the fictional Sage on Facebook, LinkedIn and Twitter as an attractive, somewhat flirty cybergeek, with degrees from MIT and a prestigious prep school in New Hampshire. Then he established connections with some 300 men and women from the U.S. military, intelligence agencies, information security companies and government contractors. Pentagon, LulzSec, News of The World ... we live in interesting times for hacking. The hacking stories just keep on coming.
Of course, The News of the World is the big one at the moment, matched, for the moment at least, by the hacking of The Sun’s website by celebrity – and proficient – hacking group LulzSec. Other interesting stories on hacking exploits keep cropping up, but are perhaps not getting the same high-profile coverage. One well worth having a look at is the fact a Pentagon supplier recently lost 24,000 files to a foreign intelligence service.
There are several interesting things about this hack: Cyber war focus drives attacks on privacy and funding of contractors. When it comes to cyber defence, assessing the risk of online warfare, or even of a “cyber Pearl Harbor”, as opposed to common-or-garden crime or espionage, is made more difficult by the lack of detail around cyber attacks and the conflation of unrelated attacks.
The revelations this week about “Operation Shady RAT”, the multi-year Chinese effort to spy on a host of foreign governments and corporations, plainly related to regulated security and commercial espionage. That is, it was a continuation of ordinary spying activities — particularly by China, where impressive levels of education don’t seem to have yet produced a strong culture of technological innovation — online, rather than a peculiarly online form of attack, and certainly not any “cyber war”.
Pentagon wants to change strategy for dealing with cyber-attacks. The Pentagon may have to redesign some of its weapons system after a foreign intelligence service hacked into systems at a corporate contractor and obtained 24,000 key files in March.
The incursion was one of the worst single incidents the US defence department has seen. Though it did not name the contractor nor the country suspected of carrying out the attack, Lockheed Martin said in May that it had come under attack. The Comprehensive National Cybersecurity Initiative. President Obama has identified cybersecurity as one of the most serious economic and national security challenges we face as a nation, but one that we as a government or as a country are not adequately prepared to counter.
Shortly after taking office, the President therefore ordered a thorough review of federal efforts to defend the U.S. information and communications infrastructure and the development of a comprehensive approach to securing America’s digital infrastructure. In May 2009, the President accepted the recommendations of the resulting Cyberspace Policy Review, including the selection of an Executive Branch Cybersecurity Coordinator who will have regular access to the President. Pentagon doesn't rule out military force against cyberattacks. The Pentagon's cyber attack policy "All appropriate options would be on the table"Identifying attacker can be hard, take a long time2008 incident was wake-up call Washington (CNN) -- The Pentagon is formulating a new strategy on how to respond to cyberattacks that would include using military force, a spokesman confirmed late Tuesday.
Col. David Lapan said if the attack is serious enough, "a response to a cyberincident or attack on the U.S. would not necessarily be a cyber response, so as I said all appropriate options would be on the table. " The final public portion of the "Defense Strategy for Operating in Cyberspace" is expected to be released in two or three weeks. Pentagon: Online Cyber Attacks Can Count as Acts of War. The last line of cyber defense. According to the Wall Street Journal, DoD’s first formal cyber strategy is based on the doctrine that a cyber attack on US critical infrastructure can be retaliated by a conventional military strike.
The article is decorated with macho statements from unidentified military officials, such as “if you shut down our power grid, maybe we will put a missile down one of your smokestacks.” The military person who said that may have had full confidence in how deterring and frightening his or her line would be to wannabe attackers, and yet could not be more off the mark.
Here is what everybody can read from DoD’s cyber strategy, given that the WSJ’s report is authentic (which I don’t call in question): 1. We, the Department of Defense, acknowledge that US critical infrastructure is vulnerable to cyber attack. Cyberwar heats up with Pentagon's virtual firing range. The National Cyber Range marks a rise in the temperature of the online battlefield. Illustration: Getty Images The US defence agency that invented the forerunner to the internet is working on a "virtual firing range" intended as a replica of the real internet so scientists can mimic international cyberwars to test their defences. Commentary: The Patriot Act, cyber-edition - Sacramento Living - Sacramento Food and Wine, Home, Health. Cyberwar Doomsayer Lands $34 Million in Government Cyberwar Contracts. White House Cyber Czar: ‘There Is No Cyberwar’
Mike McConnell on how to win the cyber-war we're losing - washingtonpost.com. Pentagon wastes time defining cyberwar rather than trying to fight the one it's already in. U.S. Cyber Command: 404 Error, Mission Not (Yet) Found. Ex-U.S. general urges frank talk on cyber weapons. Cyber ShockWave Shows U.S. Unprepared For Cyber Threats. Kissinger, Huntsman: U.S., China need cyber detente. Special report: Government in cyber fight but can't keep up. Cyber threats to spur defense innovation: Huntsman. Analysis: Could a cyber war turn into a real one for U.S.? Revealed: Air Force ordered software to manage army of fake virtual people. FinFisher - IT Intrusion lets Government Agents Steal ALL your info - Lawmen.
Exclusive: Military’s ‘persona’ software cost millions, used for ‘classified social media activities’ Metaphor is the new weapon in the 'war' on terror. So, Why Does the Air Force Want Hundreds of Fake Online Identities on Social Media? [Update] Preparing for cyber warfare: US Air Force floats botnet plan. US Paid Millions For Bogus (Patented) Intelligence Software; Now Trying To Cover It Up Claiming 'National Security' Pentagon to Help Internet Providers Get Military Cyber Tools. Information Warfare Monitor. HBGary E-mails: DuPont, Other Firms Hit In Aurora Attack. Black ops: how HBGary wrote backdoors for the government. US cyber war defences 'very thin', Pentagon warns. Cyberguerre : un général veut un deuxième Internet aux Etats-Unis. Obama needs to address our cyber-warfare gap with China. A Declaration of Cyber-War.
Premier test grandeur nature d'une cyber-attaque aux Etats-Unis - Monde. CBS 60 Minutes: Cyber War: Sabotaging the System 1/2. New recovery system restores virus-infected computers, could be used by agencies. Pentagon: Online Cyber Attacks Can Count as Acts of War. Taliban mobile phones and website 'hacked' Net neutrality rules declared illegal by US court.