cowboy me, 2.0: jose nazario beauty and the street


Cyber Conflict and Cyberwar Links for December 2013



News



Riyadh, Tel Aviv Cooperating to Sabotage Iran's N. Program
TEHRAN (FNA)- Saudi Arabia and Israel are making strenuous attempts to produce a computer worm more destructive than the Stuxnet malware designed to disrupt Iran's nuclear program after they failed to block a nuclear deal between Tehran and the world powers.
http://english.farsnews.com/newstext.aspx?nn=13920909000362 via http://securityaffairs.co/wordpress/20146/intelligence/israel-saudi-arabia-cyber-weapon.html More: http://www.v3.co.uk/v3-uk/news/2316605/governments-preparing-stuxnet-20-malware-for-nuclear-strike

Ukraine: Hackers Disable Government Websites in Protest of Police Brutality
There has been a series of cyber attacks on Ukrainian government websites after police brutally dispersed peaceful Euromaidan protests in Kyiv in support of Ukraine's European integration on November 30. On December 1, many of the government websites in Ukraine were hacked and blocked [uk], including the official website of the President of Ukraine, Ministry of Interior of Ukraine and the official Government portal. As of 10:00 am CET, December 1, the Presidential website and the website of the Ministry of Interior's were still down, while the Government portal is accessible again.
http://globalvoicesonline.org/2013/12/01/ukraine-hackers-disable-government-websites-in-protest-of-crackdown-on-euromaidan/

Israeli hacking school trains cyber warriors
Hadera (Israel) (AFP) - Three hooded hackers hunch over their computer screens in the control room at Israel's new state-of-the-art "Cyber Gym", where IT and infrastructure company employees train to defend against cyber attacks.
http://au.news.yahoo.com/technology/a/20119817/israeli-hacking-school-trains-cyber-warriors/

Willis Ware, computer pioneer who foresaw privacy concerns of today, dies at 93
In 1966, Dr. Ware, who worked as an engineer at Rand Corp. in California, foresaw not only the omnipresence of personal computers but also social networks such as Twitter and Facebook. In 1973, with personal data increasingly being added to company and government computer systems, Dr. Ware had another, darker prediction. "The central issue is that for various reasons there is more and more information about people floating around in data banks," he said in a 1972 Los Angeles Times interview. "The computer is beginning to make it possible to find out more about you in fewer places."
http://www.washingtonpost.com/national/on-innovations/willis-ware-computer-pioneer-who-foresaw-privacy-concerns-of-today-dies-at-93/2013/11/30/9a290aa8-5a04-11e3-ba82-16ed03681809_story.html

Accused of Cyberspying, Huawei Is 'Exiting the U.S. Market'
The CEO of the world's biggest telecommunications equipment maker, which for years has been labeled by U.S. officials as a proxy for Chinese military and intelligence agencies, says he's giving up on America. In a rare interview on Nov. 25 with French journalists, Ren Zhengfei, the 69-year-old founder and CEO of China-based Huawei, said he would no longer look for business in the United States, in the wake of accusations from lawmakers and government officials that the company is a de facto arm of the Chinese authorities. "If Huawei gets in the middle of U.S-China relations," and causes problems, "it's not worth it," Ren reportedly said, according to a Chinese transcript of the interview. "Therefore, we have decided to exit the U.S. market, and not stay in the middle."
http://killerapps.foreignpolicy.com/posts/2013/12/02/accused_of_cyberspying_huawei_is_exiting_the_us_market

Estonia, U.S. sign cyber security deal
Estonian Foreign Minister Urmas Paet and US Secretary of State John Kerry have signed a major Cyber partnership statement on Dec. 3. The partnership statement provides a framework for supplementary bilateral activity as well as cooperation in international organisations. Paet added that the plans would increase internet freedom and security.
http://www.baltictimes.com/news/articles/33918/#.Up8XiZRgZKQ

David Cameron challenges China to be more open about cyber-security
David Cameron has challenged the Chinese leadership to do more to open up on the highly sensitive area of cyber-security amid fears in the EU and the US that Beijing is responsible for the world's most aggressive online attacks. The prime minister asked Li Keqiang, the Chinese premier, to agree to a formal dialogue on cyber-security, which he described as an "issue of mutual concern". Li said Beijing was prepared to discuss the issue.
http://www.theguardian.com/politics/2013/dec/04/david-cameron-challenges-china-cyber-security

Spared from Hagel's Cuts: Cyber, Asia-Pacific, Homeland Policy Jobs
In the office of Under Secretary of Defense for Policy Jim Miller, Hagel is making sure to protect several key areas, namely homeland defense, cyber threats and the pivot to the Asia-Pacific region. Miller, who spoke to a small group of reporters at the Pentagon on Thursday, said despite the budget crunch, key policy areas were protected, including outer space threats and countering weapons of mass destruction. The Homeland Defense and Americas' Security Affairs units will actually be beefed up in the restructuring. "The reality is that the world has changed since 2009 when the current structure was put in place," Miller said.
http://www.defenseone.com/management/2013/12/spared-hagels-cuts-cyber-asia-pacific-homeland-policy-jobs/75038/?oref=d-skybox?oref=d-interstitial-continue?oref=d-interstitial-continue

Chinese hackers infiltrate five European governments
Chinese hackers have successfully infiltrated five European Foreign Ministries and targeted other Western industrial companies using lures ranging from files on the Syria political crisis to nude photos of France's former First Lady Carla Bruni, according to FireEye researchers. The research team caught sight of the group, known as 'Ke3chang', when they successfully hacked the ministries of five different European countries in nine separate attacks just before the G20 leaders' summit held in St Petersburg, Russia on 5-6 September.
http://www.scmagazineuk.com/chinese-hackers-infiltrate-five-european-governments/article/324937/ More: http://www.reuters.com/article/2013/12/09/us-china-hacking-g-idUSBRE9B817C20131209

[UK] Government Announces Schemes To Secure Cyber Supply Chain
The UK government has launched fresh initiatives to both secure and boost its supply chain, as part of the national Cyber Security Strategy. The announcements were made by Cabinet Office minister Francis Maude today, on the second anniversary of the strategy. They include a security "kitemark" or standard that those in the supply chain will be required to meet if they want to do business with government, and this has now been mandated across all government procurement.
http://www.techweekeurope.co.uk/news/government-cyber-security-supply-chain-133945

House Homeland Security introduces new critical infrastructure cybersecurity bill
A bipartisan cybersecurity bill introduced Wednesday by members of the House Homeland Security Committee would codify the department's existing governmentwide civilian agency cybersecurity duties and require it to analyze its current public-private partnership model with critical infrastructure sectors to ensure that owners and operators "are equal partners and regularly collaborate on all programs and activities" of DHS to protect critical infrastructure.
http://www.fiercegovernmentit.com/story/house-homeland-security-introduces-new-critical-infrastructure-cybersecurit/2013-12-12

Iran's DM Unveils Cyber Products, Highlights Technology Progress
TEHRAN (Tasnim) - Iranian Defense Minister Brigadier General Hossein Dehqan on Saturday unveiled a dozen home-made technological products that are aimed to be used in the country's cyber sectors. The 12 cyber products, all developed and manufactured by local experts, were unveiled in a ceremony attended by Dehqan, as well as Head of Iran's Civil Defense Organization General Gholam Reza Jalali.
http://www.tasnimnews.com/English/Home/Single/220803

WORLD FEDERATION OF EXCHANGES (WFE) LAUNCHES GLOBAL CYBER SECURITY COMMITTEE
PARIS, 12 December 2013 -- The World Federation of Exchanges (WFE) announced today the launch of the exchange industry's first cyber security committee with a mission to aid in the protection of the global capital markets. The working group will bring together representation from a number of exchanges and clearinghouses across the globe, to collaborate on best practices in global security. The Cyber Security Working Group will be chaired by Mark Graff, Chief Information Security Officer, NASDAQ OMX and vice-chaired by Jerry Perullo, Vice President, Information Security, IntercontinentalExchange (ICE).
http://www.world-exchanges.org/insight/reports/wfe-launches-global-cyber-security-committee

Indian National Cyber-security Strategy Released
The Indian Ministry of Communications and Information Technology has just formally released the "Indian National Cyber-security Policy".
http://www.stefanomele.it/news/dettaglio.asp?id=383

India and US to Launch Joint Cybercrime Portal
Representatives of Indian and American police have agreed to set up a new portal that would allow them to cooperate on cybercrime investigations, including hacking and social media network misuse. The cooperation portal would be used to log and track cybercrime-related requests.
http://news.softpedia.com/news/India-and-US-to-Launch-Joint-Cybercrime-Portal-411718.shtml

North Korea may have secretly engineered computer games to launch mass cyber attack
Some free-to-use computer games may secretly be North Korean plants, South Korea's national police agency warned Tuesday, according to South Korean media. The seemingly innocent games, designed to appeal to as many users as possible and thus to spread widely on computer networks, could carry malware code controlled from Pyongyang. The code, once activated, would take control of the host computers and allow North Korea to launch mass cyber attacks against major South Korean targets.
http://www.washingtonpost.com/blogs/worldviews/wp/2013/10/23/north-korea-may-have-secretly-engineered-popular-computer-games-to-launch-mass-cyber-attack/

North Korean 'cyberwarfare' said to have cost South Korea lb500m
North Korea's alleged cyber-attacks against South Korea have cost the country more than half a billion pounds, according to a member of the South's national congress. Citing data from the country's defence ministry, representative Chung Hee-soo revealed that the most recent wave of cyber-attacks, which started on 20 March and ended on 25 June, caused 800bn won (lb470m) of economic damage alone.
http://www.theguardian.com/world/2013/oct/16/north-korean-cyber-warfare-south-korea

Chinese Hackers Breach US Federal Election Commission During Government Shutdown
When the United States government was shut down back in October, all of the Federal Election Commission's (FEC) employees were furloughed. Chinese hackers reportedly took the opportunity to breach the agency's computer systems. According to the Center for Public Integrity, the attack came shortly after an independent auditor warned that the FEC's systems were highly vulnerable to cyberattacks.
http://news.softpedia.com/news/Chinese-Hackers-Breach-US-Federal-Election-Commission-During-Government-Shutdown-410105.shtml

South Korean Officials Accused of Political Meddling
SEOUL, South Korea - The Defense Ministry in South Korea said Thursday that at least 11 officials at its cyberwarfare unit, created four years ago to fight North Korean propaganda, had spread 2,100 online political messages praising President Park Geun-hye and her party or attacking their domestic opponents ahead of her election a year ago.
http://mobile.nytimes.com/2013/12/20/world/asia/south-korean-cyberwarfare-unit-accused-of-political-meddling.html

UK develops cyber strike capability
Britain has become the first country in the world to confirm it has developed a cyber strike capability in what has been hailed the biggest military revolution since tanks replaced cavalry brigades 100 years ago in the First World War. But while Australia has been developing its own capability, announced as part of its Defence White paper released earlier this year, it has been confirmed the British under "Five Eyes" arrangements with its Allies will be sharing their capability.
http://mobile.news.com.au/world/uk-develops-cyber-strike-capability/story-fndir2ev-1226789746476?utm_source=buffer&utm_campaign=Buffer&utm_content=buffera9ea2&utm_medium=twitter

Pentagon's cyber arm poised to expand role
The U.S. military's Cyber Command is about to receive the digital equivalent of faster ships and stronger missiles - but the force, only a few years in the making, is still grappling with how far it can go in fighting adversaries in cyberspace. As part of the defense policy bill that just passed Congress, the Pentagon's many cybersecurity initiatives together secured billions of dollars in funding as well as new resources to help train Cyber Command's programmers and prepare them to operate on the emerging digital battlefield.
http://www.politico.com/story/2013/12/pentagon-cybersecurity-role-101485.html?hp=l4

Netanyahu to Praise Israeli Cyber Industry at World Economic Forum
JNS.org - Prime Minister Benjamin Netanyahu will attend the World Economic Forum in Davos, Switzerland, in late January, the Prime Minister's Office announced on Wednesday. Netanyahu will make a speech at a special session titled "Israel's Economy." The prime minister is expected, among other subjects, to discuss Israel's cyber industry, which is among the world's most advanced.
http://www.algemeiner.com/2013/12/26/netanyahu-to-praise-israeli-cyber-industry-at-world-economic-forum/

NSA Scandal May Help Build Cyber-Barriers
The smooth flow of online communication and commerce between Europe and the U.S. is at risk of interruption, thanks in part to naked opportunism on the part of European telecommunications giants. If the governments involved fail to keep online barriers between the continents low, the Internet's potential to be an engine of global economic growth will be constrained.
http://www.bloomberg.com/news/2013-12-27/nsa-scandal-may-help-build-cyber-barriers.html

US military sees more drones, 'cyber weapon' non-proliferation in the future
The $552 billion 2014 military defense budget signed by President Barack Obama will continue to fund high-tech cyber and unmanned aircraft operations. The budget, which grants central Cyber Command $68 million in operational costs alongside more money for research and individual unit operations, instructs agencies to work towards controlling the proliferation of "cyber weapons." That means stopping the sale or spread of malicious code for "criminal, terrorist, or military activities" while allowing governments and businesses to use it for "legitimate" self-defense.
http://www.theverge.com/2013/12/27/5248702/military-drone-roadmap-and-cyber-weapon-non-proliferation-announced

IRGC hack opposition websites; Why?
Iran's Islamic Revolutionary Guard Corps in Kerman province announced on Dec. 22 that it had hacked nine anti-regime websites during a technical operation. Does the end justify the means? While some of the websites that were hacked express Iran's reformist views, reformists want President Hassan Rouhani and his moderate administration to denounce the hacking. "The hacked websites are totally close to the reformists and have been illegally hacked by the IRGC," professor of political science at Tehran University, Sadeq Zibakalam told Trend, expressing hope that Rouhani`s administration condemn the action.
http://m.trend.az/en/regions/iran/2224969.html

A New Twist in International Relations: The Corporate Keep-My-Data-Out-of-the-U.S. Clause
By now, we've heard from tech companies such as Facebook, Google and Cisco Systems that the National Security Agency's spying poses a threat to their international business and, in Cisco's case, is already hurting it. So what does that threat look like, exactly, at ground level? Some companies are apparently so concerned about the NSA snooping on their data that they're requiring - in writing - that their technology suppliers store their data outside the U.S.
http://www.bloomberg.com/news/2013-12-24/a-new-twist-in-international-relations-the-corporate-keep-my-data-out-of-the-u-s-clause.html

Cyber warfare official to be indicted over online smear campaign
SEOUL, Dec. 31 (Yonhap) -- A mid-ranking official of the military cyber warfare unit will be indicted on Tuesday on charges of launching an online smear campaign to influence last year's presidential election, the defense ministry said. The director of the cyber command's psychological warfare team, identified only by his surname Lee, will face indictment without physical detention for ordering his subordinates to post politically biased writings and to destroy evidence, according to the military prosecution.
http://www.globalpost.com/dispatch/news/yonhap-news-agency/131231/cyber-warfare-official-be-indicted-over-online-smear-campaig

NATO to Set Up Cyber Attack Response Teams
NATO will soon set-up two rapid reaction teams that can help protect its networks in the event of a cyber attack. The two cyber-defence teams are expected to be up and running in weeks in response to significant cases of cyber-attacks recorded every year, a NATO official told defenseworld.net.
http://www.defenseworld.net/news/9602/NATO_to_Set_Up_Cyber_Attack_Response_Teams

Blogs & Opinion Pieces



Preparing for war: how far are we from a mass mobile cyber battle? By Tom Bienkowski
Given how many mobile devices are used on corporate networks and how little organisations are so far doing in terms of protecting them, it's a question of "when" rather than "if" a new mass mobile cyber battle unfolds before our eyes.
http://www.theguardian.com/media-network/media-network-blog/2013/nov/28/mobile-cyber-security-mobile-operators

Hack Tibet: Welcome to Dharamsala, ground zero in China's cyberwar
The Chinese government is everywhere and nowhere in Dharamsala, planting malware and intercepting messages in ways that are nearly undetectable and difficult to trace. The CTA's Chinese-language website was hacked in August. Everyone within the Tibetan community is a target, from the Dalai Lama's advisors to any smartphone-wielding refugee.
http://www.foreignpolicy.com/articles/2013/12/04/hack_tibet_china_cyberwar#sthash.LTfHWMz7.cIfSr2Eb.dpbs

It's Time to Write the Rules of Cyberwar by Karl Rauscher
We can bring the principles of the Geneva Conventions into the 21st century if we agree that these rules are worth preserving and agree that war need not be the infliction of maximum suffering on the enemy. Some may call me naive, but I believe mankind can be civilized even as we engage in a new era of cyberconflicts.
http://spectrum.ieee.org/telecom/security/its-time-to-write-the-rules-of-cyberwar

Cold War to cyber war, here's how weapon exports are controlled By Bruce Bae Arnold
The push to include cybersecurity in Wassenaar negotiations is unlikely to be effective but will reassure nervous politicians and officials. It will be accepted by much industry, such as the banks, and connectivity providers such as phone companies and internet service providers who are already cooperating with governments and will continue, because they're legally bound to do so.
http://theconversation.com/cold-war-to-cyber-war-heres-how-weapon-exports-are-controlled-21173 More: http://www.ft.com/cms/s/2903d504-5c18-11e3-931e-00144feabdc0,Authorised=false.html?_i_location=http%3A%2F%2Fwww.ft.com%2Fcms%2Fs%2F0%2F2903d504-5c18-11e3-931e-00144feabdc0.html%3Fsiteedition%3Duk&siteedition=uk&_i_referer=http%3A%2F%2Ft.co%2FjX3GxOYxC2#axzz2mvJflRHm

Stability and Sovereignty in Cyberspace
China Real Time's Josh Chin highlights one novel aspect of a police recommendation for the prosecution of New Citizens' Movement activist Xu Zhiyong, which was issued last week. At the Council on Foreign Relations, meanwhile, Adam Segal cites a recent speech by Lu Wei of China's State Internet Information Office as "a bracing reminder that the norms of cyberspace remain highly contested."
https://chinadigitaltimes.net/2013/12/stability-sovereignty-cyberspace/

Cyber warfare - Why we need to define a model of conflict?
Cyber offensives are instantaneous events and in some cases to avoid the destruction of assets or to prevent the loss of human life it is necessary to take decisions in real time. Are we really able to substitute human intervention in critical situation evaluating every possible consequences real time? Are we able to design systems that could not be deceived and that will be able to take the right decision in a timely way? Until we have defined a model for cyber conflict and the rules for the involved actors the answer is no!
http://securityaffairs.co/wordpress/20204/intelligence/cyber-warfare-model-of-conflict.html

Papers & Reports



The Myth of Cyberwar by Erik Gartzke in International Security, Vol. 38, No. 2 (Fall 2013), pp. 41-73
This article assesses the salience of the internet for carrying out functions commonly identiaed with terrestrial political violence. War is fundamentally a political process, as Carl von Clausewitz famously explained.6 States, groups, and individuals threaten harm to deter or compel, generating inouence through the prospect of damage or loss. Military force can also be exercised to maintain or alter the balance of power and resist or impose disputed outcomes. The internet is generally an inferior substitute to terrestrial force in performing the functions of coercion or conquest. Cyber "war" is not likely to serve as the anal arbiter of competition in an anarchical world and so should not be considered in isolation from more traditional forms of political violence.7 The capacity for internet coercion is further limited by some of the same factors that make cyberwar appear at arst so intimidating.
http://www.mitpressjournals.org/doi/pdf/10.1162/ISEC_a_00136

Cyber Weapons Convention By Kenneth Geers
World leaders are beginning to look beyond temporary fixes to the challenge of securing the Internet. One possible solution may be an international arms control treaty for cyberspace. The 1997 Chemical Weapons Convention (CWC) provides national security planners with a useful model. CWC has been ratified by 98% of the world's governments, and encompasses 95% of the world's population. It compels signatories not to produce or to use chemical weapons (CW), and they must destroy existing CW stockpiles. As a means and method of war, CW have now almost completely lost their legitimacy. This article examines the aspects of CWC that could help to contain conflict in cyberspace. It also explores the characteristics of cyber warfare that seem to defy traditional threat mitigation.
http://www.sciencedirect.com/science/article/pii/S0267364910001081

Report to the US President on Immediate Opportunities for Strengthening America's Cyber Security
A key conclusion is that, given the increasingly dynamic nature of cybersecurity threats, it is important to adopt protective processes that continuously couple information about evolving threats to defensive reactions and responses; static protective mechanisms are no longer adequate. PcaSt recommends that the federal Government lead by example and improve its own processes to combat cyberthreats. PcaSt also recommends a number of approaches to encourage greater adoption of secure practices in the private sector, including leveraging existing regulatory frameworks and focusing on auditable processes of continuous improvement rather than on list-based mandates that encourage a "check-the-box" mentality and provide incentives for minimal compliance.
http://www.whitehouse.gov/sites/default/files/microsites/ostp/PCAST/pcast_cybersecurity_nov-2013.pdf

Books



Cybersecurity and Cyberwar: What Everyone Needs to Know Paperback By P. W. Singer and Allan Friedman
In Cybersecurity and CyberWar: What Everyone Needs to Know, New York Times best-selling author P. W. Singer and noted cyber expert Allan Friedman team up to provide the kind of easy-to-read, yet deeply informative resource book that has been missing on this crucial issue of 21st century life. Written in a lively, accessible style, filled with engaging stories and illustrative anecdotes, the book is structured around the key question areas of cyberspace and its security: how it all works, why it all matters, and what can we do? Along the way, they take readers on a tour of the important (and entertaining) issues and characters of cybersecurity, from the "Anonymous" hacker group and the Stuxnet computer virus to the new cyber units of the Chinese and U.S. militaries. Cybersecurity and CyberWar: What Everyone Needs to Know is the definitive account on the subject for us all, which comes not a moment too soon.
http://www.amazon.com/gp/product/0199918112/

Events



Cybersecurity and Cyberwar: What Everyone Needs to Know...and How to Talk About It January 6, 2014 2:00 PM - 4:00 PM EST Brookings Institution, Falk Auditorium 1775 Massachusetts Avenue, N.W.
On January 6, the Center for 21st Century Security and Intelligence and Governance Studies at Brookings will launch the new book Cybersecurity and Cyberwar: What Everyone Needs to Know. The first panel will feature co-authors Peter W. Singer and Allan Friedman discussing their book and the key questions of cybersecurity - how it all works, why it all matters and what we can do. A second panel will then feature some of the leading journalists on the cybersecurity beat today, exploring the challenges of reporting on a new domain and explaining its complexities to the public.
http://www.brookings.edu/events/2014/01/06-cybersecurity-cyberwar-what-everyone-needs-to-know#.Ur3hGZtqIdk.twitter

|

----

next Sunday, Jan 05, 2014 @ 12:08am | previous Saturday, Jan 04, 2014 @ 04:05am | archives

Last modified: Saturday, Jan 04, 2014 @ 08:12am
Weblog Commenting and Trackback by HaloScan.com

Your Ad Here

copyright © 2002-2005 jose nazario, all rights reserved.