We’re Giving It All Away

Nice little video from Mandiant on “The anatomy of a cyber attack.”

Despite the typical firewalls, antivirus, and intrusion detection system, cyber attacks can and do penetrate your systems.

This happens through social engineering (including phishing attempts), automated spam, and zero-day exploits.

Once inside your network, the cyber attacker takes command and control of your computers, surveys your assets, steals user names and passwords, hijacks programs, and accesses valuable intellectual property.

Mandiant performs security incident response management (detecting breaches, containing it, and helping recovery efforts), and they are known for their report “APT1” (2013) exposing an alleged significant government-sponsored cyber espionage group that they state “has systematically stolen hundreds of terabytes of data from at least 141 organizations.”

Another fascinating report on a similar topic of advanced persistent threats was done by McAfee on Operation Shady Rat (2011) that reveals over 70 organizations (governments, commercial entities, and more) that were targeted over 5 years and had terabytes of information siphoned off.

The overall risk from cyber espionage is high and the McAfee report states:

– “Every company in every conceivable industry with significant size and valuable intellectual property and trade secrets has been compromised (or will be shortly), with the great majority of the victims rarely discovering the intrusion or its impact.”

– “What we have witnessed…has been nothing short of a historically unprecedented transfer of [intellectual] wealth – closely guarded national secrets…disappeared in the ever-growing electronic archived of dogged adversaries.”

In short we can’t keep a secret–we’re putting endless gobs and gobs of our information online and are not adequately protecting it in cyberspace, with the result that our adversaries are able to access, exfiltrate, disclose, modify, or destroy it.

In short, we’re giving it all away – why?

National State Of Cyber Insecurity

This video is a wake up call on the state of our national cyber insecurity.

It is the opening statement (about 6 minutes) of Chairman Michael McCaul (R-TX) of the Homeland Security Subcommittee of Oversight, Investigations, and Management.

What he describes is quite grave and every American should listen carefully about the state of our cyber insecurity that poses a real and significant threat to our economy and national security.

We are under attack by cyber criminals, terrorists, and hostile nation states.

Our adversaries seek to and can paralyze our critical infrastructure, steal our intellectual property, conduct espionage, and access our personal and financial information.

The collapse of our military networks, financial system, energy, transportation, and electricity “is not science fiction.”

The cyber attacks are “real, stealth, and persistent, and can devastate our nation.”

It is “not a matter of if, but when a Cyber Pearl Harbor will occur.”

And “we have been fortunate that up until this point that cyber attacks on our country have not caused a cataclysmic event.”

I read from the Center for Strategic and International Studies (2011) that cybersecurity has taken a back seat after 9/11 to the War on Terror as well as the economic fight after the recession of 2008, with the result that “the United States is unprepared to defend itself.”

Chairman McCaul critically states at the end of his opening statement, “Let’s do something meaningful [now] because it is not a tolerable situation!”

Security Advisory For Architecture Drawings

Blueprint

Dark Reading (21 June 2012) came out with security news of a AutoCAD Worm called ACAD/Medre.A that targets design documents.

I also found warnings about this vulnerability at PC magazine (24 June 2012).

This malware was discovered by computer security firm ESET.

This is a serious exploitation in the industry leader for computer-aided design and drafting that is used to create most of our architectural blueprints.

Approximately 10,000 machines are said to have been affected in Peru and vicinity, with documents being siphoned off to email accounts in China.

With information on our architectural structure and designs for skyscrapers, government building, military installations, bridges, power plants, dams, communication hubs, transportation facilities, and more, our critical infrastructure would be seriously jeopardized.

This can even be used to steal intellectual property such as designs for innovations or even products pending patents.

This new malware is another example of how cyber espionage is a scary new reality that can leave us completely exposed from the inside out.

Need any more reason to “air gap” sensitive information and systems?

(Source Photo: here with attribution to Wade Rockett)

Facebook IPO–Love It, But Leave It

Image

With the Facebook IPO scheduled for this week, valuing the company at as much as $96 billion, many investors according to Bloomberg BusinessWeek (11 May 2012) see this as overvalued.

Facebook will be the largest Internet IPO in history, and would be about 4 times as much as Google was valued at its IPO at $23 billion in 2003.

Further, Facebook could be valued at offering at 99 times earnings.

This is more than the price earnings ratio of 99% of companies in the S&P Index, yet even with some estimating sales of $6.1 billion this year, Facebook would only rank about 400 in the S&P 500.

True Facebook has amassed an incredible 900 million users, but the company’s revenue growth has slowed for the 3rd year in a row.

Another article in BusinessWeek (10 May 2012) describes a new social networking contender called Diaspora.

Unlike Google+ which is predominantly a Facebook copycat, Diaspora is bringing something new and major to the table–they are addressing the privacy issues that Facebook has not.

Diaspora is a distributed (or federated) social network, unlike Facebook which is centralized–in other words, Diaspora allows you to host your own data wherever you want (even in the cloud).

Each of these independently owned Diaspora instances or “pods” (dispersed like in the Diaspora) make up a true social “network”–interconnected and interoperable computing devices.

With Diaspora, you own your own data and can maintain its privacy (share, delete, and do what you want with your information), unlike with Facebook where you essentially give up rights to your data and it can and is used by Facebook for commercial use–for them to make money off of your personal/private information.

When it comes to personal property, we have a strong sense of ownership in our society and are keen on protecting these ownership rights, but somehow with our personal information and privacy, when it comes to social networking, we have sold ourselves out for a mere user account.

As loss of personally identifiable information (PII), intellectual property, identity theft, and other serious computer crimes continues to grow and cost us our money, time, and even our very selves in some respects, alternatives to the Facebook model, like Diaspora, will become more and more appealing.

So with social networks like Facebook–it is a case of love it, but leave it!

Love social networking–especially when privacy is built in–and others don’t have rights to what you post.

But leave it–when they are asking for your investment dollar (i.e. IPO) that could be better spent on a product with a business model that is actually sustainable over the long term.

(Source Photo: here with attribution to Allan Cleaver)

 

Losing The Edge, No More

Copyright

For years, there has been all sorts of uproar about the U.S. and its citizens and businesses losing their edge.

 

From critics who point out to how our educational system (especially through high school) is not keeping up, how we are not attracting and graduating enough folks in science, technology, engineering, and math (STEM), how our inventions are freely copied overseas, and how innovation and entrepreneurship is suffering at home whether due to challenging economic or social conditions.

 

Yet, when it comes to losing our edge, nothing is more maddening than when the technological advances we do have are taken from us–this happens in numerous ways, including:

 

– Cyber Attacks: According to the Pentagon Strategy on Cyberwar as per the Wall Street Journal (15 July 2011) “each year a volume of intellectual property the size of the Library of Congress is stolen from U.S. government and private-sector networks.” Cyber espionage has affected a broad range of our prized national assets: from Space Shuttle designs to the Joint U.S. Defense Strategy with South Korea as del as the plans for the F-35 Joint Strike Fighter and more. Moreover and unfortunately, this is only the tip of the iceberg. For example, this past August, McAfee disclosed a cyber spying operation dubbed Operation Shady Rat that infiltrated some 71 government and corporate entities of which 49 were in the U.S. and which included more than a dozen defense firms over five years, compromising a massive amount of information.

 

– Spies/Insider Threats: Spies and insider threats can turn over state secrets to foreign powers or entities causing a major lose to our competitive advantage. This has happened with convicted spies from Aldrich Ames to FBI agent Robert Hanssen, and more recently to Army Corporal Bradley Manning accused of turning over troves of restricted documents to WikLleaks. And despite the amazing efforts to catch these subversives, presumably, there are plenty more where they came from.

 

– Expropriations: We lose our edge to foreign nations and organizations when our high-technology or intellectual assets are used without our consent or otherwise seized and compromised. This can happen from having our copyrights trampled on, our designs simply copied and “knockoffs” produced and peddled, or even when we are in a sense forced to exchange our intellectual property for basic entry into foreign markets. But this also happens more explicitly and violently when our assets are literally taken from us. For example this happened in April 2001, when Chinese fighter jets intercepted (in international air space) and crashed a U.S. EP-3 reconnaissance plane and didn’t return it until July in disassembled pieces. Similarly, when the tail of the stealth modified MH-60 Black Hawk helicopter, with sensitive military technology, used in the raid in Osama bin Laden’s was recovered and held by Pakistan for weeks before it was returned to the U.S. And we saw this again this week when the Iranians showed off a prized RQ-170 Sentinel stealth drone they now have seized, and which secrets presumably may end up in Russian, Chinese, or ultimately terrorist hands.

 

Developing an edge is not something we should take lightly or for granted–It is based on lots of talent, experience, and hard work and we do not have an exclusive hold on any of these.

 

We must prize our scientific and technological advances and secure these the way a mother protects it’s young–fiercely and without compromise.

 

No matter how much or fast we churn out the advances, it will not matter if we do not safeguard our investments from those who would take it right out from under us. We can do this by significantly increasing investment in cyber security, strengthening counterespionage efforts, and not letting any nation or organization take something that doesn’t belong to them without consequences–economic or military–that restore our edge and then some.

 

(Source Photo: here)