Stop The Coronavirus, Please!

It’s been a few exhausting weeks since the outbreak of the Coronavirus (Covid-19) has gone public. 


First case in China in November.


Now as a Pandemic in 126 countries!


Over 132,000 confirmed cases, so far .


And around 5,000 deaths 🕱.


The numbers are projected to climb/////.


With Dr. Faucci of NIH’s National Institute of Allergy and Infectious Diseases (NIAID) warning that it will “get worse before it gets better.”


Everything is closing down from our work facilities to Cruises, Broadway, and Disney.


Of course, we need the government (at all levels), health professionals, and pharmaceutical companies to get their acts together with an effective response strategy. 


Also, this is a wake up call for better preparedness for all sorts of natural and man made disasters that are awaiting. 


Today it’s a virus (natural or biowarfare) and tomorrow it’ll be a devastating cyber attack that we are woefully unprepared for. 


No more playing politics, half measures, and waiting for the next shoe to drop (Spanish Flu, Pearl Harbor, 9/11).


The rest of us need to do our “prepping” parts and to say a prayer or two and keep going. 


(Source Graphic: Andy Blumenthal)

Israel’s Near Pearl Harbor

Terror Tunnels
I wanted to share this analysis of the recent threat to Israel from Matti Follman. 


While perhaps not a true existential threat to the country, the death and destruction that Hamas could’ve inflicted via the terror tunnels and missiles at their own time and choosing could have been a Pearl Harbor or 9/11 event (or worse) for the State of Israel. 


Rather, than the United Nations Human Rights Council members and others decrying Israel’s self-defense while protecting civilians (in spite of Hamas blatantly using them as human shields), they should be applauding Israel’s true morality! 


But anti-semites and hate mongers, don’t savor Israel’s safety, security, or continuity as a Jewish and democratic state, they just seek an excuse, like Hitler, to attack whether by tunnels, missiles, boycotts, or resolutions to discriminate and obliterate those that they perceive as historically inconvenient and whom they simply want dead.

________________________________

Provided by Matti Follman

Analysis of the Situation: The State of Israel was facing an existential threat for the first time since the War of Independence. By their deaths, the three youths saved the State of Israel.

The dozens of tunnels that had been dug from Gaza to the southern cities of Israel were not tunnels for the purpose of terrorism – they were the infrastructure for the occupation of the Land of Israel. If we had not surprised ourselves with the severe response to the kidnap and murder of these boys (of blessed memory), Hamas, at a time that would suit them, would have sent thousands of soldiers through the tunnels to occupy cities and military posts; thousands of soldiers wearing the uniform of IDF soldiers, to kill, to conquer and to kidnap, and the IDF would have had no time to organize, and protect the nation. At the same time, Hamas would have fired off barrages of hundreds and thousands of missiles at the center of the country, paralyzing Israel’s organizational ability to defend itself against invasion. What were they waiting for? Maybe a rainy day? Or, most likely, the recovery of Hezbollah, in order to coordinate an integrated attack of missiles from the north. . . and possibly tunnels dug towards the northern cities too. . .

In Israel, in such a situation, there could be tens of thousands of deaths, the complete breakdown of national systems, and the need to build protection at the neighborhood and street levels. This, on the presumption  that the Arabs of Judea & Samaria, and some Israeli Arabs, would not join in the fray. Of course, IAF counter-attacks would be futile when the enemy was well entrenched underground and laughing all the way to Jerusalem! The best case scenario – international forces would come in to disarm the country, take our nuclear capabilities, and the dream of the Jewish State would crumble for another thousand years.

We were saved thanks to two things they did not believe would happen, because we also did not believe it: we did not believe that the abduction of the three boys would unite the nation in such a way that it would lead to massive air assault, the return of political prisoners to jail, and preparation for a ground offensive into the wasps’ nest they had built. And we had not believed that the Iron Dome would work. In other words – all of us, those to the right and those to the left, had disdained the Islamic-psychopathic rhetoric calling for the conquest of Jerusalem, had ignored the determination of the psychopaths in Iraq and Syria, and did not want to comprehend that they had built a smart, strong and – in fact – quite an excellent military system with almost no flaws, which was capable of crushing the State of Israel. We had all seen how ten fighting men had exited a tunnel in just a few minutes. What would have prevented two hundred soldiers from exiting a tunnel on any given day, and many thousands altogether from all of the tunnels – including hundreds of commandos landing on the beaches at the same time, and missiles landing in the heart of the country? The truth is that if, now, there were not tens of thousands of Israeli troops in the south, nothing could have prevented the next step in realizing the Islamic dream – the destruction of the Zionist nation, and marching into Jerusalem.

Eyal, Naftali and Gilad – by dying, they saved our country, our freedom and our lives.


Danny Gold – who developed the Iron Dome – may you live a long and healthy life.

And to all of the soldiers – we love you and embrace you. Muster courage and be brave! All the Jewish people, the whole world – and most of all, many of the Arab countries and the sane Muslims – are praying for the craziness to be overcome. Yes, even Mahmoud Abbas (Abu Mazen). Thanks to those poor boys, we caught them with their pants down, when the timing and the conditions don’t suit them. Our State has survived and now is the time to settle accounts with the murderers, to the very last man.

And a word to citizens on the home front – when you hear the sirens, go into the shelter or your safe room and smile! When you hear the “boom” – laugh!  These noises are the screams of frustration of the psychopaths in Gaza, whose ingenious plan to crush Israel was prematurely exposed. All of the damage that we are suffering now is nothing compared to what they had been planning.


(Source Photo: here with attribution to the IDF)

>Overcoming the Obstacles to Cyber Security

>

There continues to be a significant shortfall in our cyber security capabilities, and this is something that needs our determined efforts to rectify.

Often I hear a refrain from IT specialists that we can’t wait with security until the end of a project, but rather we need to “bake it into it” from the beginning. And while this is good advice, it is not enough to address the second-class status that we hold for IT security versus other IT disciplines such as applications development or IT infrastructure provision. Cyber Security must be elevated to safeguard our national security interests.

Here are some recent statements from some our most respected leaders in our defense establishment demonstrating the dire strait of our IT security posture:

· “We’re the most vulnerable, we’re the most connected, we have the most to lose, so if we went to war today in a cyber war, we would lose.”- Retired Vice Admiral Mike Mullen (Federal Computer Week 24 February 2010)

· The United States is “under cyber-attack virtually all the time, every day” – Defense Secretary Robert Gates: (CBS, 21 April 2009)

· “The globally-interconnected digital information and communications infrastructure known as “cyberspace” underpins almost every facet of modern society and provides critical support for the U.S. economy, civil infrastructure, public safety, and national security. This technology has transformed the global economy and connected people in ways never imagined. Yet, cybersecurity risks pose some of the most serious economic and national security challenges of the 21st Century.” (White House CyberSpace Policy Review, 2009)

Further, the number of attacks is increasing; for example, SC Magazine 20 November 2009 reported that the number of cyber attacks against the Department of Defense was increasing year-over-year 2009 to 2008 by some 60%!

And the penetration of our critical systems spans our industrial, civilian, and defense establishment and even crosses international boundaries. Most recently reported, these included the following:

· F-35 Joint Strike Fighter $300B program at Lockheed Martin,

· The Space Shuttle designs at NASA

· The joint U.S. South Korean defense strategy

· The Predator feeds from Iraq and Afghanistan and more.

Thankfully, these events have not translated down en-masse and with great pain to the individuals in the public domain. However this is a double-edged sword, because on one had, as citizens we are not yet really “feeling the pain” from these cyber attacks. On the other hand, the issue is not taking center stage to prevent further and future damage.

This past week, I had the honor to hear Mr. James Gossler, a security expert from Sandia National Labs speak about the significant cyber security threats that we face at MeriTalk Innovation Nation 2010 on the Edge Computing panel that I was moderating.

For example, Mr. Gossler spoke about how our adversaries were circumventing our efforts to secure our critical cyber security infrastructure by being adept and agile at:

· Playing strength to weakness

· Developing surprising partners (in crime/terror)

· Changing the rules (“of the game”)

· Attacking against our defenses that are “naïve or challenged”

In short, Mr. Gossler stated that “the current state-of-the-art in information assurance [today] is significantly outmatched” by our adversaries.

And with all the capabilities that we have riding on and depending on the Internet now a days from financial services to health and transportation to defense, we do not want to be outgunned by cyber criminals, terrorists, or hostile nation states threatening and acting in ways to send us back to the proverbial “stone-age.”

Unfortunately, as a nation we are not moving quickly enough to address these concerns as retired Navy vice admiral Mike McConnell was quoted in Federal Computer Week: “We’re not going to do what we need to do; we’re going to have a catastrophic event [and] the government’s role is going to change dramatically and then we’re going to go to a new infrastructure.”

Why wait for a cyber Pearl Harbor to act? We stand forewarned by our experts, so let us act now as a nation to defend cyber space as a free and safe domain for us to live and thrive in.

There are a number of critical obstacles that we need to overcome:

1) Culture of CYA—we wait for disaster, because no one wants to come out first—it’s too difficult to justify.

2) Security is seen as an impediment, rather than a facilitator—security is often viewed by some as annoying and expensive with a undefined payback, and that it “gets in our way” of delivering for our customers, rather than as a necessity for our system to work

3) We’ve become immune from being in a state of perpetual bombardment—similar to after 9-11, we tire as human beings to living in a state of fear and maintaining a constant state of vigilance.

Moreover, to increase our cyber security capabilities, we need to elevate the role of cyber security by increasing our commitment to it, funding for it, staffing of it, training in it, tools to support it, and establishing aggressive, but achievable goals to advance our capabilities and conducting ongoing performance measurement on our initiatives to drive results.

>Let’s Not Understate the Cyber Threat

>

Wow. I read with some surprise and consternation an article in Government Computer News, 4 December 2009. In this article, the author portrays the fears of a “digital Pearl Harbor” or overwhelming cyber attack on the United States as overblown—almost as if it’s of no real possibility or significant impact. In short, the article states:

“What good would it do an attacker to take down the vital U.S. networks? While the damage to this country could be great, the benefit to an attack would be nil if it could not be followed up. The real threat of cyber warfare is not in stand-alone attacks, but in attacks coordinated with military action.”

While, I agree that a coordinated attack is obviously more dangerous than a cyber attack alone, the threat and potential damage of a cyber attack could potentially be devastating—with or without military action.

Let’s think for a second about how the military traditionally projects force around the world through conventional warfare—taking control of the air, land, and sea. Control the sea-lanes and you have power over 90%+ of international commerce. Control the land and you have power over people’s daily lives—including their ability to satisfy even basic needs for food, clothing, and shelter, their personal safety, and even their ability to govern themselves. Control the air and you control freedom of movement on the ground, people’s basic comings and goings. Traditional military power can affect just about every facet of people’s lives including ultimately the taking of life itself i.e. paying “the ultimate price.”

Now think for a second, about what a massive cyber attack could potentially do to us. At this stage in history, we have to ask ourselves not what elements could be affected by cyber attack, but what elements of our lives would not be impacted? This is the case since virtually our entire civil and elements of the military infrastructure are dependent on the Internet and the computers that are connected to them. If you “pull the plug” or corrupt the interconnected systems, “watch out” seems apropos.

The same areas that are vulnerable to traditional military attack are threatened by cyber attack: Commerce, Energy, Transportation, Finance, Health, Agriculture, (Defense)…are all deeply interwoven and dependent on our interconnected computer systems—and this is the case more and more.

Think e-Commerce, online banking and finance, manufacturing production systems, transportation systems, food production and safety, the energy grid, electronic health records, C4ISR, and so on.

While thank G-d, we have been spared a really devastating attack to date (if you exclude the massive data compromised/stolen in recent cyber attacks), we would be derelict in responsibilities for ensuring safety and security if we thought that was it.

Further, while unpleasant as it may be, we should consider the impact in terms of potential for physical harm or loss of life in the event of a serious cyber attack?

While many brush aside this possibility, there is certainly the potential. Even putting aside the potential public panic/chaos and ensuing loss of life and property that could occur in a serious attack, how about just taking out a single, major facility—like a dam, power plant, reservoir, electrical hub, transportation system, and so on. This is an important focus of efforts to ensure critical infrastructure protection, a public-private sector partnership initiative.

Rep. Lamar Smith, R-Texas said “Until we secure our cyber infrastructure, a few keystrokes and an Internet connection is all one needs to disable the economy and endanger lives.”

Sure, a severe and consequential attack would require ample skills, knowhow, resources, and sophistication—it is no small feat—but with the hosts of cyber criminals, terrorists, and hostile nation states out there increasingly trying to hack our systems, there is valid cause for concern.

This recognition of what’s possible does not mean it is probable or imminent. However, the awareness and understanding of our increasing dependence on the Internet and related systems and the acknowledgement that there are those out there—as in 9-11—who seek to do our country harm, should not blind us with fear, but rather spark us to constructively deal with the challenge and take proactive actions to secure the ever expanding realm of cyberspace.

The Executive Summary in the CyberSpace Policy Review that was conducted by the White House in 2009 sums it up, this way:

“The globally-interconnected digital information and communications infrastructure known as “cyberspace” underpins almost every facet of modern society and provides critical support for the U.S. economy, civil infrastructure, public safety, and national security. This technology has transformed the global economy and connected people in ways never imagined. Yet, cybersecurity risks pose some of the most serious economic and national security challenges of the 21st Century.”

We should not and cannot understate the possible threats against our nation, but rather we need to act responsibility and rationality, with resolve to protect our nation, before and not only after. As the CyberSpace Policy Review states:

“The Nation’s approach to cybersecurity over the past 15 years has failed to keep pace with the threat. We need to demonstrate abroad and at home that the United States takes cybersecurity-related issues, policies, and activities seriously.”

Fortunately, our nation has recognized the potential threat and is acting, as Security Focus reported on June 24, 2009: “The U.S. Secretary of Defense ordered the military to create a unified command to act as the nation’s central hub for cyber capabilities and commanded the Pentagon to develop a policy framework for cyberspace operations.”

On a personal note, I am grateful for the many good, hardworking people in our military, civilian and private sector that are working to secure cyberspace for us, and believe we need to do this with vigor and resolve. It’s necessary in order to safeguard our future that is ever reliant on technology.