BCA

By John Riley

 Cyber security was under attack during the past year as never before and it shows no sign of abating in 2010. While both government and business have been taking steps to deal with these threats, the most important step has yet to be taken…a partnership between government and business. While independent study commissions have recommended such a union, the necessary legislation has not been enacted.

 

However, that has not prevented organizations from moving ahead on their own. Michael Carpenter, Senior Vice President for the Public Sector at McAffee, says, “we can expect to see an increase in the overall effectiveness of government, business and  law enforcement, powered by innovative new technologies, to combat cybercrime.” Some of Carpenters’ predictions for 2010:

1)       Social mediums such as Facebook and Twitter will face more sophisticated threats as the number of users grow.

2)     Adobe software, especially Adobe Reader and Flash, will be the primary targets.

3)     Banking Trojans will become more clever, sometimes interrupting a legitimate transaction to make an unauthorized withdrawal.

4)     Botnets used for spamming and identity threat will remain the leading infrastructure for cybercriminals.

5)     We often think of “civilian” applications and “government” applications, but the increasingly seamless nature of the world means cybercrime fallout knows no borders and does not distinguish between victims.

 More Evidence of Progress

 A January 20, 2010 article in Enterprise Risk Management by Dr, Jagan Nathan Vaman, CEO Vertical Six, provides further evidence of government and industry’s progress in preparing for the future: 

 Input, a Reston, Va. government business consulting firm, indicated the government’s information security budget will increase from $7.9 billion in 2009 to $11.7 billion in 2014 at a compound growth rate of 8.1 percent.  This is largely due to a 300 percent increase in cyber attacks since 3005 and the sophistication of these attacks which  is also increasing.  Unfortunately, there is no figure on Cyber security expenditures by private firms because many of them do not want to admit their computers have been penetrated. Deputy Secretary of Defense, William J. Lynn, provided some insight into the commitment of the Pentagon in a recent speech when he said, “there were an estimated 90,000 people engaged in administering, monitoring and defending 15,000 networks connecting 7 million computers.”

 Bob Gourley, former chief technology officer for the Defense Intelligence Agency and a Board member of the Cyber Conflict Studies Association stated in a National Security Cyberspace Institute report, “U.S. cyber warriors are already deployed overseas and are in direct contact with adversaries. They live in adversary networks.” He added  that an editorial in the Chinese People’s Daily opined, ‘U.S. intelligence agencies can, through technical means, fully monitor, follow and erase online information harmful to U.S. national interests.’

 Loren Thompson, a military policy analyst for the Lexington Institute, says, “Cyber-Security is shaping up to be a major growth opportunity for the defense industry.” After years of working intensively on military equipment, the growing  infiltration of computer systems by cyber-spies is forcing contractors to shift that intensity to defending computer systems and networks.

 Timothy McKnight, vice president of Northrop Grumman Corp’s intelligence systems division,  observes that, “in today’s current state, there’s a good chance you have already been compromised. We want to stay ahead of this problem. We’re doing everything to stay on the cutting edge.” An important step in that direction was when Northrop, the maker of the B-2 stealth bomber and nuclear submarines, bought the Essex Corporation, which specializes in encryption technology used by U.S. intelligence agencies in 2007. In 2009, all of Northrop’s divisions handling cyber security business were consolidated into a single unit.

 Late last year, Northrop also entered a cyber security research consortium with Carnegie Mellon University, Massachusetts Institute of Technology and Purdue University to develop new technologies and collar promising new engineers. 

 Microsoft Corp, Cisco Systems Inc. and Dell Inc. joined with the nation’s largest military contractor, Lockheed Martin, to form a cyber security alliance with Lockheed Martin Corp to collaborate on ways to combat hackers.  Lockheed also built a 5,000 square foot facility in Maryland dedicated to cyber security research and hired Lee Holcomb, former chief technology officer for the Department of Homeland Security, to head cyber security activities.

 The Sleeping Giant is Awaking

 While there are signs of our progress in the cyber security quest for superiority, the competition is smart, innovative and persistent. It is clear the United States is the primary target of most, if not all, of the world’s cyber espionage players and it is unrealistic to think all of the best talent resides in this country. However, when  government and industry work together, it’s a very formidable combination and hopefully the day isn’t too far off when that team is on the field.

By John Riley

 Access to the Internet is easier than ever. It provides an unending fountain of  information on entertainment, credit and financial services, sports, politics, and countless other subjects. However, there is a downside… many internet users are careless in protecting their assets and identities in operating their websites/blogs as well as surfing the net.  As a result, hackers find a fertile landscape where they can ply their trade often with  stunning success.  Neither business, government or individuals are immune. While many businesses and the government have sophisticated layers of security in place to protect their systems, individuals must rely on commercial services.  Here’s what some of those experts suggest for individuals and families  to better secure your systems:

 Password security  (Information Technology Consultants Update Oct 9, 2009)

 If there is any indication your website/blog has  while surfing the Internet that your password has been compromised, immediately change that password and  investigate all your other passwords. Too often, a person will wait a day or two before taking action and by then it may be too late to prevent an economic loss.

 Stop re-using your password for multiple websites. If  the hacker figures out your password he will be able to access bank information, private e-mail or your other accounts.

 Vary your  mix of letters, numbers and symbols and use at least 8 characters for your  password. You can also mix up capital letters with lower case letters,

 Avoid using passwords that are personal, i.e. birthdays, wedding dates, addresses or children’s names.  If you write down your passwords, keep the papers in a secure location.

 Computer security (OnGuard Online.Gov 2010)

 Hackers will try to find home computers that are not well protected by security software and  install ‘malware’. Or they might send you an e-mail with attachments that will install malware when you open them. Once the bad software is installed, the affected computer becomes a BotNet and anonymously sends out thousands of spam e-mails. Millions of homes are part of BotNets and most families are unaware of it. That’s why it’s important to keep operating systems and Web browsers up to date at all times.

 Phishing is the biggest threat to the loss of personal information. Never reply to a phone call or e-mail requesting personal or financial information. Most reputable organizations do not use those means to obtain such information. Know who you are dealing with. Check out unknown callers by using Google Search, especially if they represent a ‘company’.  If they claim to represent a company, call the company and check. If not, be very cautious.

 Use security software that updates automatically. Be sure you have anti-virus, anti-spyware and a firewall at a minimum. And back up your important files regularly, i.e. daily or weekly.

 Wireless security (OnGuardonline.gov 2010)

Convenience and mobility are driving more computer users to utilize wireless connections to the Internet without realizing the risk.  A hacker with a wireless-ready computer can take over a users network and if the hacker commits a crime or sends spam, the incident can be traced back to the user’s account creating problems for the user. On Guard Online suggests  the following steps to protect yourself:

1)      Encrypt or scramble communications over the network. Buy a wireless router that has encryption features.

2)     Use anti-virus and anti-spyware software with a firewall

3)     Turn off wireless router identifier broadcasting that sends out signals to any device in the area announcing its presence.

4)     Routers usually have an identifier and a pre-set password for administration. Turn off the identifier and change the default password.

5)     Turn off your wireless network when you aren’t using it

6)     Don’t assume public ‘hot spots’ are secure

 When you have been attacked, report it immediately

Hacking or Computer Virus:  Send to the  FBI at www.ic3.gov.  Be sure to include the information in the hacker’s e-mail’s header (sender’s Internet Service Provider) and routing information along  with any other information you have. Without that information, the FBI has nothing to work with.

 Internet Fraud: Any fraud attempt involving shopping online or an Internet auction,

report it to the Federal Trade Commission, at ftc.gov

 Deceptive Spam:  Send the e-mail header and routing information to spam@uce.gov

 Phishing e-mail: The Anti-Phishing Working Group is a consortium of Internet Service Providers (ISP) security vendors, financial institutions and law enforcement agencies that rely on user reports to fight phishing. Send your report to reportphishing@antiphishing.org

 Identity Theft:  Send your report to the Federal Trade Commission at ftc.gov  

Go to ftc.gov/idtheft for information on how to minimize risk of theft identity.

 Most successful hackers succeed, not so much because of their prowess and analytical skills, but because so many people fail to realize or accept the threat to their security. It can be a costly mistake.  

 The final article, Cyber Espionage (5 of 5) Preparing for the Future,  will appear April 11.

 

By John Riley

  Chinese hackers penetrated White House e-mail archives and were able to sneak onto the network several times according to The Register, a British publication in 2008. 

 North Korean hackers managed to penetrate a website and obtain a secret U.S.-South Korean plan to defend the Korean peninsula in case of war according to a recent Defense News report.

 An investigation by The Wall Street Journal revealed an unnamed intruder was able to penetrate the Pentagon computers and steal terabytes of information about the design and electronic systems for the new $300 billion state-of-the-art Joint Strike Fighter project.  

 Every day, the Department of Defense detects 3 million unauthorized computer probes of its networks while the Department of State fends off 2 million probes according to a Right Side News report November 29, 2009.

 Several countries have state-of-the-art cyber espionage capabilities

 These incidents are typical of the daily threats that military, government contractors, and industry organizations are facing. Global Cyber CEO, Jody Westby, said in USA Today in January that China, Russia, North Korea, Iran, Israel, France, the United States and the United Kingdom are recognized as possessing state-of-the-art cyber espionage expertise which they use for economic and military intelligence gathering. Alan Paller, director of research for the Sans Institute said on Fox News, January 22, 2010, that over 100 countries have cyber espionage capabilities.  

 “It’s espionage on a massive scale” says Paul B. Kurtz, a former high-ranking national security official. In 2008, over 12,900 cyber security attacks had been reported to the Homeland Security Dept. which was triple the number from two years earlier. Air Force Lt. General, Robert Elder points out “ while much of the focus is on data loss or data gain, the biggest concern should be that an adversary manipulates data and we do not even recognize it.”

 U. S. power plants are vulnerable

 To make the point, a PC World story in early 2009 talked about hackers believed to be from China or Russia, had penetrated the U.S. electrical grid and were able to install “software tools” that would disrupt the grid system. The degree to which the grid had been accessed was not revealed, but investigators said the attack was ‘pervasive’ to the extent that control of U.S. power plants could be taken over by the hackers.

 Several studies have been made of U.S. cyber security policies and programs to improve security, each with a set of recommendations. One of the most recent was the Commission on Cyber Security under the leadership of Melissa Hathaway, which made its recommendations to the White House and congress in February, 2009, but little or no implementation has taken place. The most important proposal calls for the government to work more closely with the private sector, but also pointed out the need for emphasis on key infrastructure and coordination of preventive and responsive activities.

 The U. S. has no formal policy dealing with foreign threats

 Another reason for adopting Hathaway’s study recommendation for closer government-private sector coordination is the fact most of the critical infrastructure is owned and operated by the private sector. Without that coordination, it is very difficult to determine the targets and the nature of the threats.

 According to a Wall Street Journal online report, “the U.S. government and private industry seem to be in a reactive role, detecting intrusions and information losses only after the fact, with no cross-government or industry coordinated response. Efforts to coordinate standards and policies across the private sector and in government, therefore appear stalled.” A Computer World story adds, “The U.S. has no formal policy for dealing with foreign government-led threats against U.S interest in cyberspace.

 While there are obvious areas of concern about the state of  U.S. cyber security, it is entirely possible some of the recommendations of various organizations have not been ignored. Cyber security techniques are not something the government would want to share in any detail. Time will tell if the government may have quietly adopted some or many of the recommendations and advanced our cyber security more than is generally recognized.

 The next article, Cyber Espionage- (2 0f 5) Vulnerabilities are Many, will appear March 30..