With another week of highly dramatic over blown talk in the media about how hackers declared war on BART you’d think the world was coming to an end. Since BART wasn’t brought to it’s knees nor was there a dramatic loss of life, and since most of the adversarial agents in cyberspace aren’t nation states I can’t imagine that we’ve had an Article 5 event here in the United States. The punditry aside the event of hacking into a computer system because peoples rights were injured by an agency and then you disclose the details of the user populace just doesn’t make much sense. Later attacks against police systems seem more aligned to low intensity conflict or cyber-insurgency type operations. Though I may have to ban the word “cyber” from my lexicon.
There are several legal scholars who are starting to come out of the woodwork and stating there is no legal vacuum or lack of understanding in how to evaluate events in cyberspace. This is interesting even if hacks keep spouting “The Department of Defense has no idea how to work with cyber”. One of my favorite examples is a GAO report that was written in July says Joint Forces Command (JFCOM) will be taking the leadership position far into the future on things cyber. Meanwhile in the real world JFCOM was decommissioned after several years of discussion in August. People also seem to attribute a lot more to DoD and other agencies than they should. I attended a Cyber Law conference last week and there really wasn’t much question on how cyber and law intersect in the conflict space. The rules are pretty formalized for the laws of armed conflict. There is always going to be fudge room in the law as the courtroom is also a contested domain. Lawyers have opinions and judges have decisions.
With the long column inches positioned towards defining cyber warfare it is kind of interesting that some of the specific incidents didn’t get much more play. Friday as we can see didn’t have nearly the normal article coverage though there was an editorial calling for the end of the BART cyberwar (sic). As if anybody is going to be urging that kind of activity. I am concerned though that the groups involved will make the step from going after web enabled ERP systems to SCADA systems and recreate the DC Metro disaster from a few years ago (SCADA comms failure) in the BART system turning an accident into a real form of cyber terrorism. Considering this entire debacle started with a protest against the government because of conduct towards an individual (Police shot two reportedly unarmed men) and now the cyber enabled protests have been harming those who were first aggrieved (disclosing user PII), a major SCADA failure attributed to Anonymous would just put an end to the legitimacy of any Internet based protests. I only know what has been in the media but this incident shows the relative merits and issues of collective action when the fog of understanding is not quite as permeable as you would hope. Anonymous is running around with a loaded gun and not enough sense to understand the consequences in the meatspace for what they’re doing in cyberspace.
Don’t think my concerns are all about the fear, uncertainty, and doubt in dealing with Anonymous. They are as a collective a fairly benign and low probability of risk adversary. They can disrupt, disable, and expose data on a variety of systems, but in the threat matrix towards organizations the insider (your own information technology staff) is a much higher threat. Anonymous is about social causes and the insider threat is about punishment and profit towards the organization on a much more targeted trajectory. I disagree with many that the insider threat is “THIS BIG”, but it is a much more realistic topic for management to chew on than anonymous. Unless you’re the police or a governmental agency.
Monday August 15th
| Hacker group threatens cyberwar against BART San Francisco Chronicle San Francisco — An international group of hackers threatened Saturday to wage a cyberwar against BART in retaliation for the agency’s decision to cut cell phone service to prevent a separate protest last week. The activist group, known as Anonymous, … See all stories on this topic » |
||
| Hackers group ‘Anonymous’ threatens cyber attack on Fullerton police Los Angeles Times The shadowy hackers group calling itself “Anonymous” has threatened cyber attacks against the Fullerton Police Department in retaliation for the death of a homeless mentally ill man after a violent confrontation with police last month, the department’s … See all stories on this topic » |
||
|
||
|
||
| Tibetan Exiles Accuse Chinese of Cyber-Attacks Voice of America China’s increasingly sophisticated ability to conduct cyber-warfare is making the task more challenging, and pushing Tibetan exiles to develop training programs for keeping themselves secure online. Kanyak Tsering is an exiled Tibetan monk. … See all stories on this topic » |
||
| Beijing: We’re under cyber siege too Afterdawn.com However, the Chinese government does not admit to any involvement in such shenanigans, and has insisted that it is a victim of cyber-warfare. It claims that last year, the number of attacks against it totalled almost half a million, with the majority … See all stories on this topic » |
| Exiled Tibetans Battle Chinese “Cyber-Warfare“ Tibet Post International Increasingly, according to a report from Voice of America, China is increasingly conducting “cyber-warfare” to prevent such communication. Kanyak Tsering, an exiled monk, belongs to a Kirti Monastery based in Dharamshala. … See all stories on this topic » |
||
| Cyberwar Erupts in Mississippi Killing The Root The Huffington Post is reporting that a cyberwar is breaking out over the alleged hate-crime murder of James Craig Anderson in Mississippi. It’s no wonder. The vicious murder captured on video ignited passions across the globe. … See all stories on this topic » |
||
| Cyber attack against Fullerton police threatened in wake of man’s in-custody death Southwest Riverside News Network By City News Service, on August 14, 2011, at 3:17 pm Fullerton police are gearing up for a threatened cyber attack from a group of hackers upset over the in-custody death of a 37- year-old homeless man, a police official said Sunday. … See all stories on this topic » |
||
|
||
| Spinning Iran’s centrifuges Asia Times Online [12] And cyber-warfare, like the STUXNET virus suspected to be the work of US and Israel, [13] has not made a significant dent in Iran’s enrichment capabilities: to the contrary, the Iranians have reportedly begun deploying second- and third-generation … See all stories on this topic » |
Tuesday August 16th
| Cyber warfare and international humanitarian law: ICRC (press release) All over the world, policy makers and military leaders are considering the implications of cyber warfare. Cordula Droege, an ICRC legal expert, explains that the existing legal framework is applicable and must be respected even in the cyber realm. … See all stories on this topic » |
||
| Anonymous on BART Cyber Attack All Things Digital (blog) “In the Bay Area, we’ve seen people gagged, and once more, Anonymous will attempt to show those engaging in the censorship what it feels like to be silenced. #OpBART is an operation geared toward balance — toward learning. … See all stories on this topic » |
||
|
||
| ‘Anonymous’ hackers launch cyber attack on San Francisco’s BART website Vancouver Sun The international group of hackers known as Anonymous began a cyber attack on the San Francisco subway’s website Sunday. SAN FRANCISCO – The international group of hackers known as Anonymous began a cyber attack on the San Francisco subway’s online … See all stories on this topic » |
||
| Companies face terrorism, cyber attack risks Channel News Asia By Dylan Loh | Posted: 16 August 2011 1111 hrs SINGAPORE: Deputy Prime Minister Teo Chee Hean highlighted terrorism, cyber attacks, natural disasters and pandemics as key threats businesses must guard against. He urged businesses to have contingency … See all stories on this topic » |
||
| Alarm Sounded as Cyber Attacks on US Defense Base Multiply Aviation International News At least six US government agencies and 13 defense contractors were victims of a recent cyber attack. (Image: Fotolia) Newly released information on cyber attacks against the US government and defense industry suggest that classified information may … See all stories on this topic » |
Wednesday August 17th
|
||
| Former IT Admin Pleads Guilty to Cyber Attack eSecurity Planet By eSecurityPlanet Staff An IT administrator recently pleaded guilty to hacking into the computer system of his former employer, the US subsidiary of a Japanese pharmaceutical company, months after his job there ended. … See all stories on this topic » |
||
| News of cyber attack should be prominently displayed Baltimore Sun … new terrorist attacks, it is indeed unfortunate that you relegated to a tiny section of Page A10 an important story about another attack — a cyber-attack — against America that has been ongoing for five to six years (“Warning on cyberspying,” Aug … See all stories on this topic » |
||
| No legal vacuum in cyber space (ICRC: Q&A) Mindanao Examiner Cyber warfare and international humanitarian law. All over the world, policy makers and military leaders are considering the implications of cyber warfare. Cordula Droege, an ICRC legal expert, explains that the existing legal framework is applicable … See all stories on this topic » |
||
| Air Force hammers out cyber warfare structure Defense Systems By Defense Systems Staff The military has yet to develop the analytical structure to anticipate the effects of offensive cyber weapons and the command structure to approve their use, although it is working toward such ends, reports David A. Fulghum at … See all stories on this topic » |
||
| MURPHY’S LAW: My Lawyer Says I Can Hurt You Strategy Page August 17, 2011: The US Air Force recently announced that its lawyers were hard at work to make sure that all its Cyber War activities were legal, including the classified ones (which are most of them). However, the air force pointed out that just … See all stories on this topic » |
||
| Cyber attack on Le Devoir site reports Charest dead Montreal Gazette By JOËLLE POULIOT, The Gazette August 17, 2011 Cyber attacks like the one aimed at Le Devoir’s website Tuesday are a growing concern for organizations that operate in the online world. While many activists are using computers as a means of protest to … See all stories on this topic » |
||
| RSA’s CSO: ‘This Is The Stuff That Makes You Stronger’ CRN … CRN sat down with Eddie Schwartz, RSA’s new CSO, to examine how RSA, the security division of EMC, is picking up the pieces in the aftermath of a massive cyber attack that compromised its flagship SecureID two-factor authentication tokens in March. … See all stories on this topic » |
||
|
||
| MetService hit by cyber attack New Zealand Herald Online users visiting the MetService website this week may have contracted a computer virus from malware hidden on the site. File photo / Thinkstock Visitors to the MetService website this week may have been exposed to a computer virus, … See all stories on this topic » |
Thursday August 18th
|
Friday August 19th
| PD Editorial: BART-hacker cyber war needs to cease Santa Rosa Press Democrat BART’s move has triggered worldwide debate about free speech in an age of social networks and has set off something of a cyber war here in the Bay Area. In the latest round, hackers seized and posted personal information of more than 100 police … See all stories on this topic » |
| Hong Kong arrests man over stock exchange hacking Straits Times HONG KONG (AFP) – Hong Kong police said on Friday they had arrested a 29-year-old man over acyber attack on the city’s stock exchange website which halted trading in the shares of seven companies. Police said they detained the man on Thursday, … See all stories on this topic » |