Cyber Security – “The Virtual Battlefield”

War Drums Beat Louder For ‘World War C’

Cyber Security

Article Courtesy of: Kenneth Rapoza | Forbes

Forbes

A report by cyber security firm FireEye says cyber warfare expanding. The U.S. leads the charge in this virtual battlefield.

If the lingo of cyber security experts, zombie warfare might that be that far fetched after all.

Call it “World War C”, and it playing right now at a nation near you. It is quiet, mostly invisible and oddly as safe as it is dangerous.

The ‘C’ in this war zone stands for cyberspace, and industry experts have been warning about it for the last five years.  The war drums are beating louder. Once limited to cybercrime stealing credit card numbers, cyber attacks are becoming a key weapon for governments seeking to defend national sovereignty, project national power or spy on both friend and foe alike, as was brought to light by former National Security Agency contractor Edward Snowden revealed.  The United States uses its soft cyber powers to tap into the computer systems of friendly nations in the E.U. and Brazil.

From strategic cyber espionage campaigns, such as Moonlight Maze and Titan Rain, to the destructive, such as military cyber strikes on Georgia and Iran, human and international conflicts are entering a new phase in their long histories. In this shadowy battlefield, victories are fought with bits instead of bullets, malware instead of militias, and botnets instead of bombs.

“Cyber warfare isn’t necessarily part of a wider war. Sometimes it is just to collect data that is not easily accomplished by a military drone,” said Eugene Kaspersky, head of Moscow-based Kaspersky Lab.

Kaspersky said the war drums are beating louder.

“A cyber attacks are being used more and more for military purposes,” he said.  Kaspersky became famous for being part of the team that discovered the Stuxnet worm in 2010.  The worm targeted Siemens industrial control systems used at Iran nuclear power plants and is believed to have been the brainchild of the U.S. and Israeli defense departments.

A cyber attack is best understood not as an end in itself, but as a potentially powerful means to a wide variety of political, military, and economic goals.

“Serious cyber attacks are unlikely to be motiveless,” Martin Libicki, Senior Scientist at RAND Corp. said in a report released this month by cyber security firm FireEye. “Countries carry them out to achieve certain ends, which tend to reflect their broader strategic goals. The relationship between the means chosen and their goals will look rational and reasonable to them if not necessarily to us.”

Just as each country has a unique political system, state-sponsored attacks also have distinctive characteristics, which include everything from motivation to target to type of attack.

World War C is a FireEye creation.  They noted in their 22 page report that their out-of-this-world war scenario is hard to fully describe. There are very little physical casualties involved. For the general public, collateral damage is unheard of so far.

Cyber war has been compared to special operations forces, submarine warfare, targeted missile strikes, and assassins.

But some say it could be as bad as a nuclear weapons, Pearl Harbor, 9/11 or a natural disaster.

FireEye’s zombie analogy is not new. Often, any compromised computer, if it is actively under the surreptitious control of a cybercriminal, is called a zombie, and botnets are sometimes called zombie armies. Also, compared to stockpiling tanks and artillery, writing cyber attack code, and compromising thousands if not millions of computers, is easy. Moreover, malware often spreads with the exponential growth of an infectious disease.

The analytical waters surrounding cyber warfare are inherently murky, write FireEye analysts in their report. At the strategic level, governments desire to have a degree of plausible deniability. At the tactical level, military and intelligence organizations envelop such operations in layers of classification and secrecy. To be effective, information operations rely on deception—and the Internet offers an ideal venue for a spy’s smoke and mirrors.

Read the Complete Article… CLICK HERE

Network Vulnerabilities Continue to Worry Security Experts

Irrational’ hackers are growing U.S. security fear

Reuters

Article Courtesy of:  Jim Finkle | Reuters

(Reuters) – Cybersecurity researcher HD Moore discovered he could use the Internet to access the controls of some 30 pipeline sensors around the country that were not password protected.

Homeland Security - Investigative Database

A hacking expert who helps companies uncover network vulnerabilities, Moore said he found the sensors last month while analyzing information in huge, publicly available databases of Internet-connected devices.

“We know that systems are exposed and vulnerable. We don’t know what the impact would be if somebody actually tried to exploit them,” said Moore, chief research officer at the security firm Rapid7.

U.S. national security experts used to take comfort in the belief that “rational” super powers like China or Russia were their main adversaries in cyber space. These countries may have the ability to destroy critical U.S. infrastructure with the click of a mouse, but they are unlikely to do so, in part because they fear Washington would retaliate.

Now, concerns are growing that “irrational” cyber actors – such as extremist groups, rogue nations or hacker activists – are infiltrating U.S. systems to hunt for security gaps like the one uncovered by Moore.

These adversaries may not be as resourceful, but like Timothy McVeigh’s bombing of an Oklahoma federal building in 1995, it is the element of surprise that is as concerning.

DHS Secretary Michael ChertoffPhoto by Greg Henshall / FEMA

Former DHS Secretary Michael Chertoff – Photo by Greg Henshall / FEMA

Former U.S. Homeland Security Secretary Michael Chertoff said he was worried the first destructive cyber attack on U.S. soil might resemble the Boston Marathon bombings in the sense that the suspects were not on the government’s radar.

“You are going to get relatively modest-scale, impact attacks from all kinds of folks – hactivists, criminals, whatever,” Chertoff said at the Reuters Cybersecurity Summit last week. “Are they going to take down critical infrastructure? They might.”

Emerging cyber actors that security experts say they are most concerned about include Iran, believed to be behind the ongoing assaults on U.S. banking websites, as well as a devastating attack on some 30,000 PCs at Saudi Arabia’s national oil company last year.

North Korea is also quickly gaining cyber skills, experts say, after hackers took down three South Korean broadcasters and two major banks in March.

Another emerging actor is the Syrian Electronic Army, an activist group that has claimed responsibility for hacking the Twitter accounts of major Western media outlets, such as the Associated Press last month, when its hackers sent a fake tweet about explosions at the White House that briefly sent U.S. stocks plunging.

UNRELENTING ATTACKS

The U.S. power grid is the target of daily attempted cyber attacks, according to a report by California Representative Henry Waxman and Massachusetts Representative Ed Markey released at the House Energy and Commerce Committee’s cybersecurity hearing on Tuesday.

More than a dozen utilities report daily, constant or frequent attempted attacks, ranging from unfriendly probes to malware infection, according to the report. (To read the report, see http://r.reuters.com/sej38t)

Gerry Cauley, chief executive of the North American Electric Reliability Corp, told the Reuters Cybersecurity Summit that computer viruses have been found in the power grid that could be used to deliver malicious software to damage plants. NERC is a non-profit agency that oversees and ensures the reliability of bulk power system in the region.

Experts say that with so many unknown hackers trying to infiltrate U.S. industrial control systems, they fear someone somewhere – perhaps even an amateur – will intentionally or unintentionally cause damage to power generators, chemical plants, dams or other critical infrastructure.  “Even if you don’t know how things actually work, you can still wreak havoc by crashing a device,” said Ruben Santamarta, a senior security consultant with IOActive. “Probably in the near future we may face an incident of this type, where the attackers will not even know what they are doing.”

Santamarta has identified hundreds of Internet-facing control systems — on the grid, at water treatment facilities and heating and ventilation systems for buildings including hospitals. He has also uncovered bugs built into industrial control equipment.

The Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team, known as ICS-CERT, last week warned of a flaw that Santamarta found in equipment from Germany’s TURCK, which is used by manufacturers and agriculture firms in the United States, Europe and Asia.

The agency said attackers with “low” hacking skills could exploit the flaw, letting them remotely halt industrial processes. It advised customers to install a patch that would protect them against such attacks.

Director of National Intelligence James Clapper told a Senate committee in March that “less advanced, but highly motivated actors” could access some poorly protected control systems. They might cause “significant” damage, he warned, due to unexpected system configurations, mistakes and spillovers that could occur between nodes in networks.

For the Complete Article:  CLICK HERE

Reuters