Coming out of the weekend the big news was the attacks on the various department of energy laboratory environments. At first blush it appeared and was reported as a significant advanced persistent threat event. Now I’m not exactly sure what that means, but I am absolutely sure a whole bunch of pundits will explain it in detail throughout the week. As we have seen the terminology often is chosen for the emotional and fear or pseudo intellectulism inherent in euphemisms rather than reality or factual discussion.
Over the weekend Kim Komando of podcasting and radio fame waded into the shallow end of the conceptual ideas pool with a fear uncertainty and doubt piece on how to survive a cyber attack. She is suggesting preparing for 30 days and her first item in your emergency kit is cash because ATM’s won’t work. She suggests using Facebook or Twitter to coordinate your families but here scenario has cell phone coverage not working. She admits this is a bit tricky but continues to confuse the reader with meandering FUD. Being prepared for self sustaining care in case of disaster is always a good idea regardless of “cyber fud”. Think of it this way though. At 96 hours most food in refrigerators is going to start going bad without electricity. Depending on the city at a week of water rationing most cisterns and water towers will be empty. At two weeks those unprepared are going to be getting hungry, and well at one month out in a major disaster your last worry is going to be cash. My problem with this article is it sensationalizes using the key words of cyber and attack while giving nothing to the reader.
As the week ended we find Marcus Ranum stating that only nation states can engage in cyber warfare. Which is likely true when considering the United Nations charter and the Laws of Armed Conflict (LOAC). However, that is a distinction in semantics. It is not necessarily true that non-state adversaries can’t reach the level of conflict through cyber means that a nation state may hold them as actors or agency of another nation state. Dunlap in spring 2011 published an intriguing study of LOAC, and when balanced with the work by Libicki in Cyber Deterrence there is a strong suggestion that only non-state actors would engage in cyber conflict. The inherent symmetry and desire to win being broken by the guerrilla model (insurgency). That discussion though is what somebody who understands conflict models and technology might be able to suggest.
The over-hyped “Largest cyber attack yet” of Elion (70K accounts) versus the Washington Post hack (1.27 million accounts) would be great fodder for a discussion over media responsibility. Never mind the continuing to develop story of the national labs that were exploited over the July 4th weekend.
Monday July 4th
| Coast photographer fights back against cyber attack WLOX By Doug Walker – bio | email Police have charged 19 year old Byron Charles Miller with two felony counts for hacking Samuel Martino’s website, loading it with pornography and more than 1400 e-mails. Martino and Miller had a business arrangement that … See all stories on this topic » |
||||||
| Cyber attack forces PNNL to shut down online services KVEW Published Friday, July 1st, 2011 The Pacific Northwest National Laboratory shuts down its external email and internet services, while workers try to prevent a sophisticated cyber attack on the company. A spokesman from the lab says workers were warned … See all stories on this topic » |
||||||
|
||||||
| The uncertainties of cyberspace China Daily IT has become so advanced and hackers are so adept that it is extremely difficult to determine the intent of a cyber attack and the place it is launched from. It is, therefore, important to build a code of conduct to limit the negative effects of a … See all stories on this topic » |
||||||
| Few Businesses Appropriately Respond to Cyber Attacks. Are You One of the Few? Business Insider A cyber attack can be anything from flooding service to a website to crash the server, disabling phone lines, or hacking in to steal personal information. Neustar is a provider of web performance and managed external DNS security solutions, … See all stories on this topic »
|
Tuesday July 5th
| “Israel vulnerable to cyber attack on civilian targets” Globes Prof. Isaac Ben-Israel: Israel has the potential to be a key global player in the cyber protection field. “Israel does not currently have an adequate response to targeted cyber attacks in the civilian sector,” said Israel National Council for R&D … See all stories on this topic » |
|
| Exclusive Interview With LulzSec Hacker Big Think (blog) It was a surprise to those who thought the cyber war was underway and that LulzSec was on the frontlines. One of LulzSec’s hackers, known as Sabu, explains the groups motives: “In 50 days, you saw how big and small companies were handling their user … See all stories on this topic » |
|
|
Wednesday July 6th
| ‘Everybody’s vulnerable’: Anonymous computer hackers claim cyber attack on … New York Daily News BY Doak Jantzen Apple is the latest company to come under cyber attack – by the same hackers blamed for infiltrating Sony’s Playstation Network. “Not being so serious, but well…Apple could be a target, too,” the notorious hacker group Anonymous … See all stories on this topic » |
||
|
||
| South Korea to open cyber warfare school FutureGov Magazine By Clarice Africa | 6 July 2011 South Korea’s Military will create a cyber warfare school as a response to the growing internet attacks from North Korea. With South Korea having a high internet penetration, it has become a target for cyber threats. … See all stories on this topic » |
||
| Cyber Attack – Techniques For Making Computers Resistant To Cyber Attacks … Star Global Tribune Intended for the computer-literate (non-programmer, non-IT staff) home and small business User, the new book provides a source of “how-to” basic techniques for making personal computers resistant tocyber attack. Intended for the computer-literate … See all stories on this topic » |
||
| CyberWar is Hell SC Magazine US It’s not that I want to get into any cyberwarfare hype, but I think it’s quite clear enough now that those who wage war (or at least have to be prepared to wage war) on our behalf are taking the threat of cyberwar seriously, and that means we should … See all stories on this topic » |
||
| Report: Cyber Attacks Against South Korea Were ‘War Drills’ by the North TIME By Giles Turnbull on July 6, 2011 North Korea has been conducting “drills” for cyberwar against its southern neighbor using simple, but very effective denial-of-service attacks, according to security experts. A team from McAfee looked into the attacks … See all stories on this topic » |
||
| New FFIEC Guidelines Validate StrikeForce Technologies Solution Approach MarketWatch (press release) “The FFIEC’s security update validates that our solution approach is the path forward not only for the banking industry, but for any organization that must protect users, sensitive data, and intellectual property from cyber attack,” says Mark Kay, CEO, … See all stories on this topic » |
||
|
||
| Who, And Where, Are The Greatest Threats To Internet Security? Wall Street Journal There’s good reason: not only are there renewed questions about just which hacker group is responsible for what cyber-attack, but the rate and severity of computer hacks appear to be escalating rapidly. In the last week alone the governments of Brazil, … See all stories on this topic » |
||
|
Thursday July 7th
| DOE Lab Shuts Down Email, Web Access After Sophisticated Cyber-Attack eWeek The Energy Department’s Pacific Northwest National Laboratory in Washington shut down Internet access and email services following a sophisticated cyber-attack, according to a July 5 post on the facility’s Twitter account. Officials became aware of the … See all stories on this topic » |
||
| Noon News: US Government Labs Under Cyber Attack, Spotify All Set for US … ITProPortal Two government-funded laboratories in the US are investigating a sophisticated cyber attack on their networks, which has forced them to be shut down for a number of days. The research labs that were targeted in the cyber attacks are the Thomas … See all stories on this topic » |
||
| North Korea steps forward as new cyberwar villian ITworld.com By Kevin Fogarty Add a new comment July 06, 2011, 4:14 PM — Those of you who are connoisseurs of international cyberthreat conspiracies – both the entertaining Men in Black-ish type and the all-our-infrastructure-belong- See all stories on this topic » |
||
|
||
| Red herrings and the threat of cyber war Public Service This cynicism is wide of the mark and threatens to divert the momentum needed to encourage government departments and businesses to address significant vulnerabilities to cyber attack. The most cited of the criticisms is simply a red herring. … See all stories on this topic » |
Friday July 8th
| Swiss police raid cyber attack suspect’s home Reuters ZURICH, July 7 (Reuters) – Swiss police have searched the home of an Italian citizen suspected of carrying out cyber attacks in Italy, prosecutors said on Thursday. “We confiscated computer material we will now have to examine closely,” said Xaverio … See all stories on this topic » |
||
| Elion Hit by Largest Cyber Attack Yet ERR News An unidentified computer hacker conducted a cyber attack against the telecom service provider Elion’s email system, attempting to gain access to 70000 client accounts. An investigation by Elion concluded that the hacker failed to obtain access to … See all stories on this topic » |
||
| Marcus Ranum on cyberwar, critical infrastructure protection SearchSecurity.com Cyberwarfare is only a tool for powerful nation states, according to Marcus Ranum, chief security officer of Tenable Network Security. Smaller countries won’t use cyberweapons, Ranum said, because the threat looms that more powerful nation states will … See all stories on this topic » |
||
| INFORMATION WARFARE: South Korea Creates Cyber War College Course Strategy Page July 8, 2011: The South Korean military is funding the establishment a Cyber War department at a major university. The military will also provide full scholarships for 30 students a year, who will take a four year course heavy in information technology … See all stories on this topic » |
||
|
||
| Washington Post Jobs Board Hack Compromises 1.27 Million E-Mail Addresses eWeek DEK Security experts have long warned that all organizations are vulnerable to cyber-attack and that these days there is no such thing as being “not important enough” to attack. The latest proof comes in the form of Washington Post’s admission that its … See all stories on this topic » |
||
| New “highly sophisticated” cyber attacks on US government labs VentureBeat Today two government-funded research laboratories and a government contractor in the United States are still recovering from a “highly sophisticated” cyber attack that took place during the July 4 holiday weekend. The attacks are under investigation, … See all stories on this topic » |
||
| Presenting Cyber Risks to the Board ebizQ (blog) How vulnerable is your organization to a cyber-attack? What would the consequences of a cyber-attack be on your organization? Your board needs to know. The consequences of a successfulcyber-attack reach far beyond just legal or IT issues. … See all stories on this topic » |
||
| Washington Post Hack Compromises 1.27 Million Job Seeker Accounts CRN Specifically, the Washington Post said its “Jobs” section experienced a cyber attack by an “unauthorized third party” in what it described as “two brief episodes” June 27 and June 28. The hackers made off with user IDs and e-mail addresses but failed … See all stories on this topic » |
||
|
