Showing posts with label Critical Infrastructure Protection. Show all posts
Showing posts with label Critical Infrastructure Protection. Show all posts

February 5, 2023

Stopping China's Spy Balloon

Please see my new article in The Times of Israel called "Stopping China's Spy Balloon."

Unfortunately, the longer we gazed up at the sky, procrastinated, and let this Chinese surveillance craft collect and send important information to China, the worse it was for our global reputation, vital national security, deterrence for future military engagement, and priceless sovereignty and freedom. That balloon should have been found, shot down, and caught in real time off the Alaskan coast, not days later after traversing our country and so near our capital. This has been a national embarrassment and has presumably damaged vital global security interests.

(https://static.timesofisrael.com/blogs/uploads/2023/02/Balloon.jpeg)

Share/Save/Bookmark

October 22, 2022

The Iranian Malachi Crunch

Please see my new article in The Times of Israel called "The Iranian Malachi Crunch."

Aside from the threat of the Iranian nukes themselves, Israel has to contend with the two Iranian terrorist proxy groups, Hamas and Hezbollah, that have set Israel up for the dreaded and violent crunch. Israel needs to avoid being positioned in the middle of the attack that is sure to come. Instead, Israel will have to take out the enemy with strategic pinpoint attacks that disable not their derby cars, but rather their terror rockets and missiles. When the evil Iran, Hamas, and Hezbollah are all dealt a staggering blow of epic proportions, then there will be happy days for Israel and the rest of the world, and please G-d, true peace and the arrival of Mashiach.

(Source Photo: https://www.pexels.com/photo/a-demolition-derby-event-10634045/)
Share/Save/Bookmark

February 20, 2022

Lessons From Israel In Stopping Ransomware

Please see my new article in The Times of Israel called "Lessons From Israel In Stopping Ransomware."
Israel is a small, but powerful nation that wants to stop attacks before they get to their door, and indeed, their lives depend on that. We can learn from Israel's military doctrine of deterrence through overwhelming strength, unity, and disincentivizing the attackers to inform other security issues, such as ransomware attacks. I believe that the answer lies in a public-private security partnership financially backed by the government.
First, companies voluntarily join a public-private security partnership in which they adhere to higher security standards and oversight as well as pledge not to pay ransomware. Additionally, these companies are placed on a public list and given a badge or seal of approval/logo like Brink's Home Security or ADT to display that indicates they are "fortified," and in this case, that they won't pay any ransom, and are backed by the government.

Second, the government provides an incentive for companies to participate in the public-private partnership and not to pay ransomware. The incentive provided is that the companies are backstopped (insured) by the government in the event of a ransomware attack to them. This is similar to ransomware insurance, but the difference is that the cost to companies would be a fraction of what they would otherwise have to pay. The benefit to the taxpayer is that the market for ransomware dries up with companies that have pledged not to pay. As the program become universal, there is no one left for the ransomware attackers to target.

(Source Photo: https://pixabay.com/illustrations/ransomware-cyber-crime-malware-2321110/)


Share/Save/Bookmark

March 22, 2020

We Just Magically Found $2,000,000,000,000

It's amazing how we can magically find $2 trillion for a Coronavirus "Rescue Plan."

This after we already wasted over $6.4 trillion (and thousands of our dead and wounded) through 2017 in unexplainable and endless wars in Iraq and Afghanistan with no known or lasting benefits to this country (while archenemy, Iran continues their pursuit of nukes unabated). 

And for decades, we haven't been able to find money for:

- Decent healthcare for all Americans.

- Ensuring our national security, including adequate planning and disaster preparedness for things like Coronavirus, cybersecurity, WMDs, EMPs, and for critical infrastructure protection. 

- Repairing our aging roads, bridges, and infrastructure

- Fixing our broken public education system.

- Helping our countless of homeless and needy lying the streets of our nation. 

- Restoring our space program to get a man on the moon again or put another shuttle into space. 

When politics are in play, there is plenty of money to go around. 

But when the nation needs proper care and feeding, there are no adults in the room. ;-)

(Credit Photo: Andy Blumenthal)
Share/Save/Bookmark

May 9, 2019

@National Cybersecurity Center of Excellence



So good today to visit the NIST Cybersecurity Center of Excellence (NCCoE).

The cybersecurity solutions developed are aligned to the well-known Cybersecurity Framework (CSF). 

Got to see some of the laboratories, including demonstrations for securing the Healthcare and Energy Sectors. 

Interesting to hear about examples for securing hospitals records and even things like infusion pumps.  

The medical devices are tricky to secure, because they are built to potentially last decades and are expensive to replace, but the underlying technology changes every couple of years. 

Also, learned more about securing the energy sector and their industrial control systems.  

One scary notable item mentioned was about the "big red button" for shutdown in many of these facilities, but apparently there is malware that can even interfere in this critical function. 

It is imperative that as a nation we focus on critical infrastructure protection (CIP) and continuously enhancing our security.

Time is of the essence as our adversaries improve their game, we need to be urgently upping ours. ;-)

(Source Photos: Andy Blumenthal)
Share/Save/Bookmark

April 25, 2018

Obsolesce Of Nuclear Weapons


This is one incredible video. 

It shows the killing power of micro killer drones. 

With a host of cameras and other sensors including facial recognition and GPS, plus a small amount of explosives, these drones can target individuals or critical infrastructure and take them out!

The drones can work alone or in swarms to get into and kill or destroy anything. 

No VIP (very important person) or CIP (critical infrastructure protected) is safe. 

We can wipe out entire cities or the nuclear infrastructure of our enemies. 

Despite the warning about artificial intelligence at the end of this video, rest assured these killer microdrones are coming. 

Big is the new small, and small is the new big. 

In fact, big things come in small packages--exactly!  

Iran and North Korea are chasing obsolete technology to harm the U.S. and Israel, and within a short time, they will see the error of their malevolent ways 

G-d foretells us all in the Bible and like David and Goliath--a slingshot to the forehead and the fight with the evil is over. ;-)

(Thank you to Itzchak for sharing this video with me). 
Share/Save/Bookmark

October 28, 2017

Deterrence Alone Is Not A Strategy

So there is a military doctrine that has been in place for decades. 

- MAD - Mutually Assured Destruction 

If you attack the USA with weapons of mass destruction, you'll get an overwhelming responses that will totally destroy your country. 

This was what supposedly held the USSR at bay during the cold war. 

And even recently, President Trump threatened North Korea that they would be "totally destroyed" if they try anything on us. 

The problem is that the MAD doctrine of deterrence assumes incorrectly that you are always dealing with rational actors and not with madmen.

Let's face it, their are plenty of crazies out there, and some of whom may be willing to go down in a "blaze of glory" as long as they stand up to the United States and die a heroes death for their radicalized or "subjected" people. 

Whether it's Iran or North Korea or others--we may not know what we are really dealing with here until it's too late. 

Life is not everything to these people--remember many a terrorist has died a martyrs death with the promise of 72 virgins in heaven awaiting them. 

To some, as Prime Minister Gold Meir stated:
"Peace will come when the Arabs will love their children more than they hate us!"

Hate by virtue of perceived injustice, required Jihad or "holy war," brainwashing or threats and the desire for a "glorious death" standing up to the infidels or the "great Satan...any of all of these can contribute to ignoring the consequences. 

Israel has tried to deter horrible homicide bombers/and other mad terrorists from performing their evil misdeeds on the civilian population by for example, demolishing the terrorist homes as a potent consequence that they know going into it, yet many terrorists still wear the explosive vests and detonate anyway.

Similarly, North Korea despite the President's threat that they "will be met with fire and fury like the world has never seen," brushed it off and shot off more volleys of ICBMs and threatened to engulf Guam in fire. 

- The point is that deterrence alone is not a strategy!

If our enemies can hit us with a devastating attack--whether WMD, cyber, EMP, or quantum attack-- that can inflict immeasurable harm on us--they may actually choose to take their best shot, rather than wait for us to hit them or continue to feel disrespected, subjected, inferior, and hopeless.

To someone on the radical fringes or the mental edge, maybe--just maybe--they will do the unthinkable and surprise us.

What good will our fire and fury counterstrike do us, when our cities are in ruin and our people dead and dying en masse. 

Revenge isn't so sweet when your family, homeland, and virtually everything you know and held dear is gone.

The only real military strategy is to be able to defend ourselves and AVOID getting a homeland catastrophe!

We need massive investment and expertise in missile defense, bio defense, cyber defense, quantum computing, and expansive hardening of our critical infrastructure.

Unfortunately, as naysayers to the threats abound, we are no where near where we need to be in protecting the homeland.

If one person falls from the high wire and smashes their head, what good is it that the other person falls and suffers similarly or worse. 

The point is not to fall, not to get hurt, not to die, not to have our country and way of life destroyed.

Deterrence does not guarantee this security to the country--especially when dealing with no shortage of radicalized nuts out there. 

Only a genuine defense that can STOP and counter the threats BEFORE a devastating attack happens and hits us is a strategy worth pursuing ...and THEN you can punch the other person squarely in their devil's face!

Without an adequate defensive strategy, get ready, because every high flying act eventually falls to the ground and hits their head hard. ;-)

(Source Photo: Andy Blumenthal)
Share/Save/Bookmark

October 23, 2017

Cybersecurity Vulnerabilities Database

There is a very useful article in Bloomberg about how the U.S. is taking too long to publish cybersecurity vulnerabilities. 

And the longer we take to publish the vulnerabilities with the patch/fix, the more time the hackers have to exploit it!

Generally, the U.S. is lagging China in publishing the vulnerabilities by a whopping 20-days!

Additionally, China's database has thousands of vulnerabilities identified that don't appear in the U.S. version. 

Hence, hackers can find the vulnerabilities on the Chinese database and then have almost three weeks or more to target our unpatched systems before we can potentially catch up in not only publishing but also remediating them. 

Why the lag and disparity in reporting between their systems and ours?

China uses a "wider variety of sources and methods" for reporting, while the U.S. process focuses more on ensuring the reliability of reporting sources--hence, it's a "trade-off between speed and accuracy."

For reference: 

The Department of Commerce's National Institute of Standards and Technology publishes the vulnerabilities in the National Vulnerability Database (NVD).

And the NCD is built off of a "catalog of Common Vulnerabilities and Exposures (CVEs) maintained by the nonprofit Mitre Corp."

Unfortunately, when it comes to cybersecurity, speed is critical.

If we don't do vastly better, we can be cyber "dead right" before we even get the information that we were vulnerable and wrong in our cyber posture to begin with.  ;-)

(Source Photo: Andy Blumenthal)
Share/Save/Bookmark

October 19, 2017

Never Ever More Vulnerable

So we have never been more technology advanced. And at the same time, we have never been more vulnerable

As we all know, our cybersecurity have not kept near pace with our ever growing reliance on everything technology.

There is virtually nothing we do now-a-days that does not involve networks, chips, and bits and bytes. 

Energy
Transportation
Agriculture
Banking
Commerce
Health
Defense
Manufacturing
Telecommunications

If ANYTHING serious happens to cripple our technology base, we are toast!

From a crippling cyberattack that disables or hijacks our systems, steals or locks down our data, or creates massive chaotic misinformation flow to a EMP blast that simply fries all our electronic circuitry--we are at the mercy of our technology underpinnings. 

Don't think it cannot happen!

Whether it's Wannacry ransonware or the Equifax breach of our privacy data or the Kaspersky Labs hidden backdoor to our top secret files or North Korea threatening to hit us with an EMP--these are just a few of the recent cyber events of 2017!

Technology is both a blessing and a curse--we have more capability, more speed, more convenience, more cost-effectiveness than ever before, but also there is greater vulnerability to complete and utter death and destruction!

This is not just a risk that life could become more difficult or inconvenient--it is literally an existential threat, but who wants to think of it that way?

People, property, and our very society is at risk when our cybersecurity is not what it must be.

It's a race of defensive against offensive capability. 

And we can't just play defense, we had better actually win at this! ;-)

(Source Photo: Andy Blumenthal)
Share/Save/Bookmark

January 14, 2017

Our Assets Are Compromised

So in the games that nations play, spy games is #1 on the hit parade.

Of course, it's about using information to get a strategic advantage. 

It runs the gamut from pure espionage in terms of stealing state secrets and intellectual property to conducting stealthy subversive acts to undermine enemies and competitors. 

Whatever spies do, it's all about compromising assets...whether they be human, information, or critical infrastructure. 

From turning patriots into traitors, words into info warfare, or critical infrastructure in trojan horses ready to im/explode...whatever leads to getting the upper-hand or advantage. 

What one nation comes to rely on for their sustainment and survival is instead exploited and turned against them like a trojan horse or modern-day malware.

And with people, using money, sex, ideology, compromising material (Kompromat), or threats against loved ones--it's simply about appealing to either opportunism or extortion. 

So truly defense means protecting not only what before one's eyes, but also what in the rear and at the flanks. 

When the over 21 million personnel records and background investigations where stolen from OPM on virtually all federal employees (civilian, military, and intelligence personnel) a door was left open and the demon is still hiding and waiting to cross the threshold, infiltrate, exfiltrate, and compromise. 

As an society that meaningfully values an open and transparent democracy, we can perhaps too easily become lured or lax to common sense safeguards and vigilance, but that does not excuse negligence, incompetence or stupidity.

Rich people and countries around the world can unknowingly falter by becoming overly comfortable and full of themselves...to the point where many don't fully care about their jobs or their country, as they sit in their mansions, designer clothes, and with busting bellies.

From the need to vastly improve our competencies in cyberwarfare to defending ourselves from a tidel wave of global terrorism to upgrading the U.S. nuclear triad against resurgent superpowers and dangerous rogue dictators, we have let our guard down to compromise. 

Is expelling 35 Russian diplomats an effective strategy against their technical attempts to subvert our free and democratic elections or does it just underscore how vulnerable we continue to be?

When as a country and with our leadership, we decide to get serious rather than stay scared and war weary then we will not only stand firm again, but fight against weakness and compromise of ourselves. ;-)

(Source Photo: Rebecca Blumenthal)
Share/Save/Bookmark

October 6, 2016

Preventing Cyber Disaster

So I liked this ad from Palo Alto Networks on the side of the bus, over the windows:
"Dinosaurs react.
Professionals prevent."

That's some very good marketing for a cyber security company.

It's almost a daily occurrence now to hear about the infiltrations into our networks and exfiltrations or manipulations of data that is taking place across government and industry.

Just today again, another NSA contractor accused of stealing highly classified computer code.

The day before Guccifer 2.0 and Wikileaks releases trove of stolen documents from the Clinton Foundation

And again, J&J reveals that it's insulin pump is vulnerable to hacking following allegations in August that St. Jude heart devices were subject to life-threatening hacking. 

Certainly, we can't afford to sit back and wait to react to the next attack...damage control and remediation is much harder than getting out in front of the problem in the first place. 

Prevention and deterrence is really the only solution...keep the hackers out and make sure they know that if they mess with us and our systems that we can identify who they are, find them, and take them out. 

These are the capabilities we need and must employ to dominate the cyber realm. 

In the presidential debates, candidates struggled to articulate how to deal with cybersecurity

But this is not a game of cyberopoly, rather national security, critical infrastructure, vital intellectual property, and our economy is at risk. 

Giving away Internet control and trying to plug leaks after the fact on a sinking cyber ship is no way to manage our vital technology resources.

It's high time for the equivalent Cold War determination and investment that ensures we win a free and safe cyberspace with all our networks and data intact. 

This is the only way that we don't go the way of the dinosaurs. ;-)

(Source Photo: Andy Blumenthal)
Share/Save/Bookmark

July 24, 2016

Defeating Terrorism Not Optional

So in today's New York Times Sunday Review, David Rieff provides some insights on the state of terrorism that we are living with. 

Two very concerning points he makes:

1) A resignation that not much can be done: There are limited security resources, but infinite points for terrorists to strike. As he says, "Not all these attacks can be stopped....there is no way to police every subway station, cafe, and public square."

2) Many of our leaders are in convenient denial or disengaged: They see the daily terrorist attacks and their response is a rote rejoinder to either join for a brief memorial, slough it off altogether, or even make a joke of it (as if murder is a laughing matter). Rieff repeats even a recent interview with President Obama where he makes light of the impact of terrorism in that doesn't pose "an existential threat to the United States of the world order." Unless of course, it escalates and involves weapons of mass destruction or potentially taking out significant portions of our nation's critical infrastructure.

This just seems so different that how our nation has raised itself up in past conflicts and to win them: 

In World War II, the Allies were committed to defeat Nazi Germany, and they did, including through D-Day, one of largest and bloodiest invasions in history. 

President Reagan helped win the Cold War, by labeling the Soviets the "evil empire" and setting America on a major military buildup, one that the Soviet Union could not afford and eventually withdrew from. 

After 9/11, President Bush vowed that we would get Osama Bin Laden "dead or alive," no matter how long it takes, and eventually we did!

Over and over, the odds were not great and the stakes were enormous, but a positive attitude and the commitment to win took us a long way. 

In contrast now a attitude of defeatism has set in with Rieff declaring that "the stark truth is that the number and lethality of terrorist attacks are far likelier to rise than to diminish in the near future," and as he quotes the French Prime Minister Manuel Valls as saying, "Times have changed, and we should learn to live with terrorism."

How can anyone agree with that--should we really resign ourselves to learn to live with random acts of violence, murder, and terror? 

Rieff ends with that "the best we can hope for is to hold on to enough of our humanity to have a chance of clawing back the rest when the war ends, as all wars do."

I do not believe that this is good enough!

Not identifying the enemy, disengaging from global events or leading from behind, appeasement of sworn enemies, removing sanctions and releasing terrorists from GITMO, getting soft on terror saying it's not so bad out there that "the birds were [still] chirping and the sun was out,", and giving up on defeating it...is a losing attitude and proposition and one that will only result in more heartbreaking and innocent deaths. 

Dismissing or belittling the issue, defeatism, and jokes will not defeat terrorism, but a commitment to do whatever it takes to save lives and protect our nation will, as has been the case from Hitler to Bin Laden, and so it will be again. ;-)

(Source Photo: Andy Blumenthal)
Share/Save/Bookmark

February 25, 2016

Terrified Of Terrorism

Sure there are terrorism scares that are just hoaxes, and generally-speaking, we feel quite protected by our nation's values, wealth, and entrepreneurial spirit, by Homeland Security, and by being surrounded with the Atlantic and Pacific Oceans and our friendly neighbors Mexico and Canada. 

So we can be very assured--no fear, right?  That's what we need and want to function normally in every day life.

But perhaps behind the veil of daily bravado is a not-so subtle fear about something really bad happening again--whether a 9/11 or a San Bernardino or a Boston Bombing or anything in between or even possibly more extreme, including attacks on our critical infrastructure (via kinetic means, cyber attacks, or EMP weapons) or even attacks with WMD (from anthrax to nukes in suitcases)--there is certainly plenty of attack vectors, means, and bad actors. 

It was interesting-scary, the other day, there was a video circulating on Facebook of a "radical Muslim"-like character with a turban or something distinctive (I can't really remember) and carrying a backpack. In scene after scene, the character goes up to innocent bystanders and throws his backpack in their direction. The people didn't know him or what was in the backpack or why he was throwing it in their direction. Yet, over and over again, the people jumped up hysterically in fear running for cover like there was very possibly no tomorrow. 

Similarly, we watch on the news almost daily of terrorist attacks around the world--school attacks, beach attacks, restaurants and cafe attacks, theater attacks, grocery store attacks, house of worship attacks, funeral attacks, ambulance attacks...and there literally is no end to this list of what and who is considered a legitimate target by terrorists--we all are.

In the last couple of weeks, there was surveillance captured of Muslim women visiting a number of synagogues in Miami around the same time and asking questions suspiciously--could they have been staking these out for possible future attack, similar to the attack on a Jerusalem synagogue with butcher knives, axes, and guns that massacred people praying and in devotion to their maker?

In the last half a year, we have seen terrorism morph in Israel from volleys of missiles indiscriminately shot at cities, tunnels to attack and abduct, and suicide/homicide bombings to become up close and personal butcher knife attacks in the throat, chest, and back of victims old, young, man, women. Everyone who is available to kill is being called to martyrdom, even the most little children being indoctrinated to slash and thrust a knife into any unsuspecting victim. 

So as we listen and watch the goings-on in the world and we say to ourselves those attacks happen in Paris and London and Turkey and Ukraine and Libya and Tunisia and Nigeria and Yemen and Lebanon and Syria and Iraq and Kuwait and Pakistan and Afghanistan and India and Indonesia and and and...but not [so much] over here. 

We say it, and we hope it, and we pray it, but in the back of our minds we instinctively fear otherwise. 

So while panic is certainly not helpful, perhaps phony bravado is not what is really needed either, but rather a renewed focus, investment, and commitment to our security--with more gates, guns, guards, intelligence, and advances in technology to stop the next attack(s). ;-)

(Source Photo: here with attribution to Irina Slutsky)

Share/Save/Bookmark

February 9, 2016

Cybersecurity Lost In Unknowns

Today unveiled is a new Cybersecurity National Action Plan

This in the wake of another Federal data breach on Sunday at the Department of Justice where hackers stole and published online the contact information for 9,000 DHS and 20,000 FBI personnel

And this coming on the heels of the breach at OPM that stole sensitive personnel and security files for 21 million employees as well as 5.6 million fingerprints.

While it is nice that cybersecurity is getting attention with more money, expertise, public/private poartnerships, and centers of excellence. 

What is so scary is that despite our utter reliance on everything cyber and digital, we still have virtually no security!

See the #1 definition for security--"the state of being free from danger or threat."

This is nowhere near where we are now facing threats every moment of every day as hackers, cybercriminals, cyber spies, and hostile nation states rapidly cycle to new ways to steal our secrets and intellectual property, commit identity theft, and disable or destroy our nation's critical infrastructure for everything from communications, transportation, energy, finance, commerce, defense, and more. 

Unlike with kinetic national security issues--where we regularly innovate and build more stealthy, speedy, and deadly planes, ships, tanks, surveillance and weapons systems--in cyber, we are still scratching our heads lost in unkowns and still searching for the cybersecurity grail:

- Let's share more information

- Let's throw more money and people at the problem.

- Let's seek out "answers to these complex challenges"

These have come up over and over again in plansreviewsinitiatives, and laws for cybersecurity.

The bottom line is that today it's cyber insecurity that is prevailing, since we cannot reliably protect cyber assets and lives as we desperately race against the clock searching for real world solutions to cyber threats. 

Three priorities here...

1) Build an incredibly effective intrusion protection system
2) Be able to positively tag and identify the cyber attackers 
3) Wield a powerful and credible offensive deterrent to any threats ;-)

(Source Photo: Andy Blumenthal)
Share/Save/Bookmark

June 25, 2015

18 Million--Change The SSNs

So, maybe one of the most detrimental hysts of information from the Federal government in history. 

Now involving over 18 million current and former federal employees, including military and intelligence personnel. 

No getting around it, but we are major screwed here--this is a treasure trove of personal and privacy information ready to use for identity theft, blackmail, assassination/decapitation attacks at home and work addresses, kidnapping of family members, and literally attacking our national security apparatus from the very inside out--it's people. 

Imagine, if at the time of its choosing, an adversary attacks our nation, but preempts this with sophisticated and coordinated attacks on our critical government personnel--generals, spy masters, political kingpins, and other key decision makers--thereby distracting them from their duties of safeguarding our nation. 

This is our new Achilles Heel and overall a security disaster bar none!

Well, we can't go back and put the genie back in the bottle--although wouldn't it be nice if such critical information (if not encrypted--already unforgivable) would have a self-destruct mechanism on it that we could at least zap it dead.

But for the people whose personal identities are at risk--whose social security numbers (SSNs) and dates of birth (DOBs) have been compromised what can we do? 

While we can't very well change people DOBs, why not at least issue them new SSNs to help thwart the adversaries peddling in this information in the black markets. 
 
If we can put a man on the moon, surely we can issue some 18 million new SSNs and mandate government and financial institutions to make the necessary updates to the records. 

This is not rocket science, and certainly we owe this much to our people to help protect them.

Will our government be there for it's own employees and patriots? ;-)

(Source Photo: here with attribution to Donkey Hotey)
Share/Save/Bookmark

June 5, 2015

People Are Our Greatest Asset, Goodbye!

The Chinese are smart and talented, and there is a cyberwar going on. 

They are suspected are having just stolen the personnel information of 4 million federal government workers.

And there are 4.2 million active, including 1.5 million military personnel. 

So if as they are apt to say, "people are our greatest asset"...

...then we just sort of lost the CROWN JEWELS in terms of highly personal, sensitive, and critical information on the people that handle everything from defense and diplomacy to the economy, energy, the environment, justice, and health and wellbeing. 

Oops!

This is getting scary folks. 

When the adversary through cyber (and other) espionage can know our people, our technology, our communications, virtually everything...then we got some big vulnerabilities!

If we can't defend ourselves adequately (at least for now), I hope at least we are doing okay on the offense! ;-)

(Source Photo: Andy Blumenthal)
Share/Save/Bookmark

March 2, 2015

Metro Wide Open

I took this photo in the Washington, D.C. Metro today. 

What do you think it is?

Lots of electronics, wires, lights--and in front of it and holding the door open is a "caution" pylon. 

This is one of the faregates to get into the metro system for the Capital region. 

Now how "smart" is it to leave the door wide open to this contraption. 

Usually the basics of physical security is gates, guards, and guns--in this case, the gates part is broken. 

The Department of Homeland Security was provided another week of funding to work out the immigration mess pitting Congress against the President...

But even with DHS still up and running, security is looking a little too wide open again. ;-)

(Source Photo: Andy Blumenthal)
Share/Save/Bookmark

January 26, 2015

Safeguarding D.C.

I took this photo the other day of a truck loaded from front to back with compressed gas cylinders in downtown, Washington, D.C.

I understand that there are strict safety regulations for this. 

Although with this truck just sitting out on the street, appapently not moving or even attended as far as I could see, I was a little concerned. 

At the same time, coming to work today, there was someone marching down the street yelling "Allah"--again and again--sort of talking to themselves yet screaming something that wasn't intelligible, at least to me. 

Not that there is anything wrong with freedom of expression, but it just seemed a little wild and scary on the darkened streets. 

I couldn't help think about this gas truck with all these gas containers from the other day...and are we keeping things as safe as they need to be. 

We take a lot for granted in terms of our security, but are we perhaps getting a little overconfident so many years after 9/11 now. 

Hopefully, we're all good, but we need to be careful, vigilant, and safe! ;-)

(Source Photo: Andy Blumenthal)
Share/Save/Bookmark

December 16, 2014

Chaos On Metro

Sheer chaos on the Washington, D.C. Metro this morning. 

A water main break suspended the running of the Orange, Blue, and Silver lines.

The Metro spokeperson told me pointing with his hand up to his the neck that the water was filling the tunnels and getting way up there--nice!

At the same time, disabled trains on the Red line brought things to a "Major Delay," followed by the offloading of crowded trains because the conductors couldn't get the doors shut.

At the stations themselves, numerous escalators were out of commission, you can see them at boths ends of the station here, and the people were backed up all along the platforms. 

At one point, I got caught on the edge of a platform with a huge crowd pushing up against me, and had to tell the person behind me to please take a step back (that I didn't want to end up on the tracks, why thank you, and believe it or not, some not-so-nice people actually laughed at that!). 

Ufortunately, it didn't take much to see how most of the city can be brought to a snarl or taken right out of commission. 

After 9/11, one has to ask, what have we learned as the Capital of the nation that our basic infrastructure and support systems cannot endure the ups and downs of weather and age, let alone G-d forbid another attack on our soil. 

Hopefully, someone will wake up and step up the planning and preparations here, rather than just spending trillions abroad and with what results. ;-)

(Source Photo: Andy Blumenthal)
Share/Save/Bookmark

September 13, 2014

6 D's Of Cyberwar

Popular Science had a interesting article that spelled out the six D's of Cyberwar:

On the offensive side, you want to destroy, deny, degrade, disrupt, and deceive.

"Unlike World War II code breaking, cyber attacks offer the potential to not just read the enemy's radio, but to seize control of the radio itself."

- Step 1: Infiltrate the enemy's networks and communications and gather/exfiltrate information.

- Step 2:  Compromise the enemy's information either by:

1) Corrupting the enemy's information, planting misinformation, sewing erroneous reports, and causing poor decision-making. 
2) Taking control of their networks, disabling or jamming them, and disrupting their command and control or harming their critical infrastructure and causing mass confusion, destruction, and death.

Examples are "not merely to destroy the enemy's tanks, but to make them drive in circles--or even attack each other" or to cyber attack an enemies control systems for electricity, dams, transportation, banking, and so on. 

With the ability to steal information, sow misinformation, seize control, or even stop the information flow altogether, cyberwar is not just another weapon in our arsenal, but "a tool to help achieve the goals of any given operation."

On the flip side, you want to defend against the enemy's use of cyberspace to hurt us.

We need to continue to get serious about cyberwarfare and cybersecurity and become the masters in the information domain, and quickly. ;-)

(Source Photo: Andy Blumenthal)
Share/Save/Bookmark