Showing posts with label Critical Infrastructure. Show all posts
Showing posts with label Critical Infrastructure. Show all posts

September 29, 2016

USA Surrendering The Internet

So here we go again, we cut off the hand (and arm) despite the face.

We are recklessly giving up control of the Internet, specifically of the Internet Corporation for Assigned Names and Numbers (ICANN), which oversees the Domain Names Servers (including all the DNS root zones like .com, .net, .gov, etc.) that handle all the addressing of our Internet traffic.

Despite repeated cautions from many in industry, academia, and government not to do this, we are moving ahead anyway with tomorrow being the transition date!

Why would we give away anything, let alone control over the awesome technological power of the Internet that we depend on in some way for virtually every activity we do these days?

Aside from non-explanations of "fulfilling historic promises" to cede control (i.e surrender the Internet out of fear that other countries will challenge us and set up their own alternate DNS's) and nonsensical talk of "protecting Internet freedom" by giving it away to authoritarian regimes and despots--there seems to be no REAL reason to do this drastic action that weakens our country and puts our technology, commerce, critical infrastructure, and national security at risk!

Rather than defend the Internet that the USA invented (specifically DARPA), here we go again in fear and weakness going in the wrong direction--surrendering and giving up control of the web.

If you love the Internet and recognize how important this asset is to us, then like an FCC Commissioner said this week, you should be worried about what the h*ck we are doing to the freedom (vice censorship) of the Internet and to ourselves . ;-)

(Source Photo: Andy Blumenthal)
Share/Save/Bookmark

October 21, 2015

The Times and Events Of Gog And Magog

So I have never ever heard so much talk about doomsday as I am these days. 

Earlier in the year (January 2015) the Doomsday Clock moved up to 3 minutes to midnight--that was a full 2 minute move or 40% advance to the end of times. 

The cited reasons by the Bulletin of Atomic Scientists:

- "Unchecked climate change"

- "Nuclear arms race"

Essentially, these "pose extraordinary and undeniable threats to the continued existence of humanity."

But on a daily level now--

Islamic extremism showing through post 9/11 mounting turmoil and unbelievable terror in the Middle East, including seeming non-ending ISIS brutality, Iran's march towards nuclear weapons and advanced ballistic missiles, the Sunni vs. Shiite war for dominion centering (lately) in Syria, Iraq, and Yemen but with much larger geopolitcal overtones towards a return of a powerful caliphate to challenge the West, fighting between Muslims and Christians in countries like Nigeria, ongoing terror threats to the democratic State of Israel, and a rising tide death, casualties, and refugees.

Russian aggression in multiple countries and regions including Georgia, Ukraine, and Syria, air and naval military incursions and encroachment towards Turkey, the countries in the Baltic Sea region, the Arctic, and even a Russian military satellite parking itself between 2 U.S. satellites yesterday. 

China's militarization including greater military spending on advanced weapons, Island/posts building in the South China Sea, and ongoing threatening overtures toward Taiwan and other neighbors, and cyber warfare conducted against the U.S.government and the private sector. 

Frightening new military capabilities are coming online with advances in weapons of mass destruction--nuclear, chemical, biological, and radiological--colonization and militarization of space, laser weapons, satellite killers, swarms of drones, armies of robots, and cyberwar.

The drumbeat of climate change and environmental deterioration (unsustainable practices of deforestation, overfishing, pollution, and the extinction of countless species) is being felt in changing weather patterns, global warming, glacier meltdown, alternating threats of flooding and drought in various part of the world, major storms and lightening patterns, and an uptick in natural disasters (tsunamis, hurricanes, and tornadoes), and an overall trend towards shortage and conflict. 

An ailing global economy after 2 major recessions in the 21st century so far, booming national debts, stalling economies, slowing innovation, and scarcity of stable, good paying, full time jobs in an outsourcing, short-term, freelance, contractor culture, and automaton and robotization advances. 

Dysfunctional political systems that are bogged down with endless indecision, infighting, bickering, finger-pointing, stalemates, shutdowns, pork barrel spending, catering to special interest groups, short-term wins at the expense of long-term goals, corruption, and a lack of strong capable leadership at the helm. 

An article I read recently from Russian Times, I believe, said how the U.S. teeters just steps from potential collapse by just relatively easy societal interruptions (presumably that they could facilitate) and that with farms/food production far from major metropolitan areas, people hooked on drugs that they could not get supplies for, and other severe disruptions in our critical care needs, we would be in big trouble--the message was clearly watch out, you are extremely vulnerable. 

That these tactic threats and overtures are already being made explicit is not a good sign. Just politicians and countries throwing around their weight or jockeying for position on the world stage--who knows?

But people are frail, countries are vulnerable, budgets are limited, and bad things can and do happen if we are not careful in a world ticking closer to very dangerous times and events.

The coming realization of the prophecy of a devastating world war--of Gog and Magog--is what people are saying to me.  

In conversation about deteriorating world events, my wife innocently asked someone this week--"Can we avoid a major world war?" Their unequivocal response, "No, it's inevitable!" ;-) 

(Source Photo: Andy Blumenthal)
Share/Save/Bookmark

July 23, 2014

UN Inhuman Rights

The UN High Commissioner for Human Rights calls for investigation of Israel for possible violations.

Hmmm, how does that make sense?

Israel abides by every ceasefire, sets up medical facilities for Gazans, provides advance warning of fighting to get innocents out of the way, and makes every attempt to withhold fire when civilians are at risk. 

This while Hamas and Islamic Jihad use babies as human shields and indiscriminately target vast population centers and critical infrastructure in Israel.

Incredibly, the UN Relief and Works Agency facilities in Gaza (e.g. schools) were being used to hide missiles for use against Israel and upon discovery, the UNRWA returned these to terrorists to continue to harm civilians. 

Unfortunately, in these cases, the UN is not protecting human rights, but rather is enabling the "rights" of dangerous terrorists to act grossly inhuman and immoral.  

Where politics trumps right and wrong...evil is permitted to flourish and good is diminished in the world.

Only 13 years since the 9/11 attack by Islamic terrorists that killed almost 3,000 innocent civilians here...is the world again getting amnesia on the very dangerous threat it faces?

(Source Photo: here from The Yeshiva World)
Share/Save/Bookmark

March 9, 2014

SCADA in Pictures




So SCADA are Supervisory Control and Data Acquisition systems.

They are a form of Industrial Control Systems (ICS) that monitor and control major industrial processes from power generation, transmission, and distribution, to water treatment, chemical production, air traffic control, traffic lights, building controls, and more. 

These are part of our nation's critical infrastructure. 

In the lab, we are able to use tools to capture and analyze communication packets and edit and re-use them to: 

- Turn on and off lights

- Open/close perimeter gates

- Control water and gas pipelines

- And even open and close a bridge

This was very scary!

No one, unauthorized, should be able to do this in real life, in the physical world. 

This is a major security vulnerability for our nation:

- SCADA systems should not be openly available online, and instead they should be able to be controlled only either locally or remotely through an encrypted virtual private network (VPN).

- SCADA systems should not be available without proper access controls--there must be credentials for user id and passwords, and even two-step authentication required. 

No one but vetted, cleared, authorized, and trained personnel should be able to monitor and control our critical infrastructure--otherwise, we are giving them the keys to disrupt it, destroy it, and use it for terror. 

We owe our nation and families better, much better. 

(Source Photos from lab: Andy Blumenthal)

Share/Save/Bookmark

March 8, 2014

Security Is A Joke!


Fascinating video with Dan Tentler on the Shodan Search Engine...which CNN calls the "scariest search engine on the Internet."

The search engine crawls the Internet for servers, webcams, printers, routers, and every type of vulnerable device you can imagine.

It collects information on more than 500 million devices per month and that was as of last year, so it's already probably a lot more.

Tentler shows the unbelievable amounts and type of things you can access with this, including our critical infrastructure for the country --from utilities to traffic lights, and power plants:

- Private webcams
- Bridges
- Freeways
- Data Centers
- Polycoms
- Fuel cells
- Wind farms
- Building controls for lighting, HVAC, door locks, and alarms
- Floor plans
- Power meters
- Heat pump controllers
- Garage doors
- Traffic control systems
- Hydroelectric plants
- Nuclear power plant controls
- Particle accelerators
- MORE!!!!

Aside from getting information on the IP address, description of the devices, locations (just plug the longitude and latitude into Google for a street location), you can often actually control these devices right from YOUR computer!

The information is online, open to the public, and requires no credentials.

- "It's a massive security failure!"

- "Why is this stuff even online?"

Where is our cyber leadership????

>>>Where is the regulation over critical infrastructure?

If there is a heaven for hackers, this is it--shame on us. :-(
Share/Save/Bookmark

February 22, 2014

National State Of Cyber Insecurity


This video is a wake up call on the state of our national cyber insecurity. 

It is the opening statement (about 6 minutes) of Chairman Michael McCaul (R-TX) of the Homeland Security Subcommittee of Oversight, Investigations, and Management.

What he describes is quite grave and every American should listen carefully about the state of our cyber insecurity that poses a real and significant threat to our economy and national security.

We are under attack by cyber criminals, terrorists, and hostile nation states. 

Our adversaries seek to and can paralyze our critical infrastructure, steal our intellectual property, conduct espionage, and access our personal and financial information. 

The collapse of our military networks, financial system, energy, transportation, and electricity "is not science fiction."

The cyber attacks are "real, stealth, and persistent, and can devastate our nation." 

It is "not a matter of if, but when a Cyber Pearl Harbor will occur."

And "we have been fortunate that up until this point that cyber attacks on our country have not caused a cataclysmic event."

I read from the Center for Strategic and International Studies (2011) that cybersecurity has taken a back seat after 9/11 to the War on Terror as well as the economic fight after the recession of 2008, with the result that "the United States is unprepared to defend itself."

Chairman McCaul critically states at the end of his opening statement, "Let's do something meaningful [now] because it is not a tolerable situation!"
Share/Save/Bookmark