Showing posts with label Cyber Attacks. Show all posts
Showing posts with label Cyber Attacks. Show all posts

July 30, 2023

We're Not Prepared

Please see my new article in The Times of Israel called "We're Not Prepared."

Whether it is our inability to imagine what can happen, our disbelief in it actually occurring, or our ineffectiveness or corruption to really prepare, we may be in serious peril from future threats that invariably await us. When that earthquake that we know is overdue hits the west coast hard, or a nuclear ICBM from North Korea or Iran hits somewhere in our mainland, or the next bio-weapon from China strikes our masses, or Russia cripples our satellites and Internet with one of their hidden Trojans or a zero-day cyber-attack, we can all shake our heads in utter disbelief again at how unprepared we are for the "next one."

Certainly, no one is invulnerable to tragedy, no preparation will ever be perfect, and we can never get everything right in responding to and recovering when disaster strikes, but if we don't stop the endless denial and infighting, allocate our limited resources with foresight and good cause, and make a determined and continued effort to get ready for what we know with virtual certainty looms large and threatens us, then we are unfortunately complicit in the tragic downfall that awaits.

(Credit Photo: Hitesh Choudhary via https://www.pexels.com/photo/man-pouring-water-from-dipper-on-blue-and-grey-house-1739855/)
Share/Save/Bookmark

January 12, 2020

EMP Attack-->Danger, Danger, Danger

Saw the Movie E.M.P. over the weekend.  

Everyone needs to see this!

The explosion of a nuke(s) in the atmosphere over the country causes an electromagnetic pulse that fries all our electronics. 

Nothing would work!!!

Think cyberattack on steroids with everything out of commission and basically little to no chance of recovery. 

Prognosis is for mass riots, starvation, and illness that wipes out most of the population. 

Easy then for the enemy to swoop in and conquer the country with no resistance and the basic infrastructure still intact for them to build on. 

Just having mutually assured destruction is not enough!

We need to genuinely be able to counter these threats and not just say: "You'll die if we die." 

How stupid and immature is that thinking?

There are more than a share of radical nuts out there who don't care if they die as long as they take us down.

These are the threats we need to pay attention to before...before...before...it's too late. ;-)

(Credit Photo: Andy Blumenthal)
Share/Save/Bookmark

December 26, 2018

Tired Of All The Whining About China

I don't know about you, but I am so tired about all the whining about China. 

- They are stealing our intellectual property. 

- They are hacking into our systems. 

- They are unfairly forcing us to transfer technology to them.

- They aren't opening up their market to us. 

OMG stop the complaining already!

If you don't like what they are doing, then do something about it. 

Tariffs are a start, but just a small one. 

Seriously, if you can't incentivize them to stop the harassment and unfair trade practices by adding them to the World Trade Organization, investing in them, and partnering with them, then you need to actually compete with China. 

- They steal our sh*t--you help yourself to a generous serving of theirs.  

- They break into our systems--you find your way into their systems.

- They try to unfairly take away our markets and jobs--you take away theirs big time.  

Everyone knows that to deal with bully, you must fight back!

The more we are scared into inaction, the worse it gets.

This doesn't mean that we should get into a military exchange with China, but we do need to get into a confrontation over what economic and global partnership should mean and look like. 

China is an old and truly great nation and their people should be highly respected.

However, the USA should also be treated right, and if that means it's time for a heart to heart and some evening up of the playing field then that is what has to happen. 

We have to restore respect to America, not by becoming bullies ourselves, but by standing up to them when we are being taken advantage of.  ;-)

(Source Photo: Andy Blumenthal)
Share/Save/Bookmark

February 13, 2018

Cyber Attacks Typology

Saw this acronym to describe the types of cyber threats and thought it was useful.

STRIDE

Spoofing - Falsifying identity to gain systems access

Tampering - Making unauthorized changes to data or systems

Repudiation - Forging identify of actions to data or system to deny responsibility or even blame a 3rd party

Information Disclosure - Stealing (exfiltrating) information and disclosing it to unauthorized individuals

Denial of Service - Depriving legitimate users access to data or systems

Elevation of Privilege - Transforming user account to allow it to exceed legitimate user privileges (e.g. admin account or superuser)

Funny-sad enough, these six types of cyber attacks can cause any information security officer to lose their stride. ;-)

(Source Photo: Andy Blumenthal 
Share/Save/Bookmark

October 23, 2017

Cybersecurity Vulnerabilities Database

There is a very useful article in Bloomberg about how the U.S. is taking too long to publish cybersecurity vulnerabilities. 

And the longer we take to publish the vulnerabilities with the patch/fix, the more time the hackers have to exploit it!

Generally, the U.S. is lagging China in publishing the vulnerabilities by a whopping 20-days!

Additionally, China's database has thousands of vulnerabilities identified that don't appear in the U.S. version. 

Hence, hackers can find the vulnerabilities on the Chinese database and then have almost three weeks or more to target our unpatched systems before we can potentially catch up in not only publishing but also remediating them. 

Why the lag and disparity in reporting between their systems and ours?

China uses a "wider variety of sources and methods" for reporting, while the U.S. process focuses more on ensuring the reliability of reporting sources--hence, it's a "trade-off between speed and accuracy."

For reference: 

The Department of Commerce's National Institute of Standards and Technology publishes the vulnerabilities in the National Vulnerability Database (NVD).

And the NCD is built off of a "catalog of Common Vulnerabilities and Exposures (CVEs) maintained by the nonprofit Mitre Corp."

Unfortunately, when it comes to cybersecurity, speed is critical.

If we don't do vastly better, we can be cyber "dead right" before we even get the information that we were vulnerable and wrong in our cyber posture to begin with.  ;-)

(Source Photo: Andy Blumenthal)
Share/Save/Bookmark

October 19, 2017

Never Ever More Vulnerable

So we have never been more technology advanced. And at the same time, we have never been more vulnerable

As we all know, our cybersecurity have not kept near pace with our ever growing reliance on everything technology.

There is virtually nothing we do now-a-days that does not involve networks, chips, and bits and bytes. 

Energy
Transportation
Agriculture
Banking
Commerce
Health
Defense
Manufacturing
Telecommunications

If ANYTHING serious happens to cripple our technology base, we are toast!

From a crippling cyberattack that disables or hijacks our systems, steals or locks down our data, or creates massive chaotic misinformation flow to a EMP blast that simply fries all our electronic circuitry--we are at the mercy of our technology underpinnings. 

Don't think it cannot happen!

Whether it's Wannacry ransonware or the Equifax breach of our privacy data or the Kaspersky Labs hidden backdoor to our top secret files or North Korea threatening to hit us with an EMP--these are just a few of the recent cyber events of 2017!

Technology is both a blessing and a curse--we have more capability, more speed, more convenience, more cost-effectiveness than ever before, but also there is greater vulnerability to complete and utter death and destruction!

This is not just a risk that life could become more difficult or inconvenient--it is literally an existential threat, but who wants to think of it that way?

People, property, and our very society is at risk when our cybersecurity is not what it must be.

It's a race of defensive against offensive capability. 

And we can't just play defense, we had better actually win at this! ;-)

(Source Photo: Andy Blumenthal)
Share/Save/Bookmark

June 28, 2017

At The Doorstep...WMD

With a new threat again of a chemical weapons attack in Syria...

The U.S. is sending clear warnings to the Assad regime--Don't do it!

Generally, the threat of using weapons of mass destruction--chemical, biological, radiological, and nuclear--have become all too blase!

- Syria uses chemical weapons on its own people. 

- Iraq used chemical weapons on Iran and the Kurds

- Terrorists used chemical weapons in Japan and have threatened similar in UK

- Russia threatens use of nukes over Crimea or in a conflict with NATO.

- North Korea threatens preemptive nuclear strike on the U.S. 

- Iran has threatened attacks on Israel over nukes.

- Biological weapons such as Anthrax have been used against the U.S. and bioterror has been threatened in India

This list is far from comprehensive--and how very commonplace this is becoming is exactly the problem!

It is one thing (already scary bad) to have weapons that can do the unthinkable, and it is quite another to actually use or threaten to use them in such blase fashion like taking out the garbage or something!

I would add that these days, we also need to add cyber attacks and EMPs to the threats of mass casualty and destructive events. 

If we don't ensure that cooler and more stable heads prevail at the notorious red buttons around the world, then the risk of someone eventually doing something very stupid and dangerous to millions--or even billions--of lives is no longer just in the realm of science fiction anymore, but becomes so very ominous and real a disastrous possibility. ;-)

(Source Photo: Andy Blumenthal)
Share/Save/Bookmark

February 25, 2017

The Trouble With Our Security

So the problem with our security is that we value our openness more than we do our security.

And perhaps, we fear war more than we desire true peace. 

This was a photo from Summer 2015 when the Pope was in DC.

And despite a "massive" security apparatus set up to protect the Pope, the "largest security operation in U.S. history"...


Check out this photo of a colleague who was able to literally run up to the Fiat car where you can see the Pope waving from. 

Our security is full of holes--if this guy had a gun, molotov cocktail, or bomb then the top Christian leader in the world could've been taken out, just across the street from the U.S. State Department. 

As a democracy, we value openness and freedom to say what we want, do what we want, protest what we want, carry guns as we want, but when is open too open?

Again, whether it comes to cybersecurity or physical security, unless we start to get serious about what massive and large security really means, it is just a matter of time before something really terrible happens, G-d forbid. 

We've got to do a better job balancing security and openness. 

No one should be getting right up to the Pope's car like this!

No one should be smashing windows, burning cars, and attacking police and pedestrians in Washington, DC or anywhere.  

No one should be buzzing our battleships and jets!

No one should be hacking into our sensitive cyber systems, taking down and crippling them and stealing our secrets!

No one should be recruiting, plotting, and carrying out increasing and devastating terrorist attacks right under our noses in this country or elsewhere. 

No one should be using chemical weapons around our red lines in population centers or in airports!

No one (Iran, North Korea, Russia) should be developing, testing, and aiming nuclear ballistic missiles at the West!

War is a last resort, but this is not peace.

It is time to rethink our security posture...it is past time. ;-)

(Source Photo: A Colleague)
Share/Save/Bookmark

February 9, 2017

Drumbeats Of War

My bet is that we are looking at a semi-major international confrontation over the next few years. 

The bend over backwards for our enemies is over. 

Terrible and unenforceable deals are shameful history.

Cyberattacks and hacking will not be treated as the cost of doing business in the 21st century. 

Buzzing of our ships and planes won't be tolerated anymore.

Letting other nations take what they want in Georgia, Crimea, Syria, and the South China Sea is finished. 

Watching helplessly the nuclear proliferation and buildup of the means to deliver weapons of mass destruction by Iran and North Korea won't go unanswered.

Radical Islamic terrorism is not a dirty word anymore and we will bring the fight to the enemy in a bigger and more serious way. 

Our defense and that of our allies won't be treated lightly and we will not retreat in the face of evil. 

No one wants war, everyone wants peace, but unless we stop the aggression against us once and for all, the drumbeats of war will only get louder and more ominous. 

Set the boundaries and enforce them before the all the red lines are crossed and a real and highly dangerous confrontation becomes inevitable. 

Peace through strength is far preferable than war because of disengagement, weakness, and leadership from behind. 

(Source Photo: Andy Blumenthal)
Share/Save/Bookmark

January 14, 2017

Our Assets Are Compromised

So in the games that nations play, spy games is #1 on the hit parade.

Of course, it's about using information to get a strategic advantage. 

It runs the gamut from pure espionage in terms of stealing state secrets and intellectual property to conducting stealthy subversive acts to undermine enemies and competitors. 

Whatever spies do, it's all about compromising assets...whether they be human, information, or critical infrastructure. 

From turning patriots into traitors, words into info warfare, or critical infrastructure in trojan horses ready to im/explode...whatever leads to getting the upper-hand or advantage. 

What one nation comes to rely on for their sustainment and survival is instead exploited and turned against them like a trojan horse or modern-day malware.

And with people, using money, sex, ideology, compromising material (Kompromat), or threats against loved ones--it's simply about appealing to either opportunism or extortion. 

So truly defense means protecting not only what before one's eyes, but also what in the rear and at the flanks. 

When the over 21 million personnel records and background investigations where stolen from OPM on virtually all federal employees (civilian, military, and intelligence personnel) a door was left open and the demon is still hiding and waiting to cross the threshold, infiltrate, exfiltrate, and compromise. 

As an society that meaningfully values an open and transparent democracy, we can perhaps too easily become lured or lax to common sense safeguards and vigilance, but that does not excuse negligence, incompetence or stupidity.

Rich people and countries around the world can unknowingly falter by becoming overly comfortable and full of themselves...to the point where many don't fully care about their jobs or their country, as they sit in their mansions, designer clothes, and with busting bellies.

From the need to vastly improve our competencies in cyberwarfare to defending ourselves from a tidel wave of global terrorism to upgrading the U.S. nuclear triad against resurgent superpowers and dangerous rogue dictators, we have let our guard down to compromise. 

Is expelling 35 Russian diplomats an effective strategy against their technical attempts to subvert our free and democratic elections or does it just underscore how vulnerable we continue to be?

When as a country and with our leadership, we decide to get serious rather than stay scared and war weary then we will not only stand firm again, but fight against weakness and compromise of ourselves. ;-)

(Source Photo: Rebecca Blumenthal)
Share/Save/Bookmark

December 20, 2016

Just Cut It Out

What a way to handle global leadership...all you have to say is,  just "Cut it out!" and your job is done. 

- Cyber attacking the U.S. democratic election, invasion of Crimea, and encroaching on NATO with nuclear capable missiles...just cut it out! 

- Vast destruction of Aleppo including hospitals, schools, and markets, killings, refugees, and humanitarian crisis, and the dangerous use of chemical weapons on civilians...just cut it out!

- China stealing our drone and militarizing the South China Sea...just cut it out!

- North Korea testing advanced nukes and ballistic missiles capable of reaching Europe and America and threatening to use them...just cut it out!

- Iran taking our sailors captive, humiliating them, buzzing our warships, and violating the nuclear arms deal...just cut it out!

- Abandoning our friends and allies and befriending our enemies sworn to kill us and not even being able to say the words, "Radical Islamist"...just cut it out!

- Spiraling divisiveness, rioting in our inner cities, and cycles of racial and police violence...just cut it out!

- An unsustainable Obamacare with double digit rising rates and decreasing insurance choices (many localities with only 1)...just cut it out!

- Doubling of the U.S. national debt by another $10 trillion and enacting regulations that are strangling business...just cut it out!

- Endless ISIS and other terrorist attacks (yesterday on Berlin, Zurich, Turkey and more) and calls it "workplace violence" or a traffic accident...just cut it out!

Anyone who says that now "We're feeling what not having hope feels like," truly must be referring to where we come from and not where we are going.

(Source Photo: Andy Blumenthal)
Share/Save/Bookmark

December 17, 2016

Returning The US Drone

So I love and respect China, and think they are one of the greatest nations of the world.

However, it is wrong that their military stole a US drone in international waters. 

Bullying and theft is a violation of the rule of law and a challenge to America on the international stage. 

So far, our leadership from behind approach has again done virtually nothing, except like a child, ask for it back (after they have already taken whatever they wanted from it). 

Moreover, this is not the first time China has captured our assets and people--less than 6 years ago, they collided into one of our EP-3E surveillance aircraft and captured, interrogated , and held the crew for 11 days!

And hence our planes and ships keep getting buzzed, our citizens captured and humiliated, our assets confiscated illegally, and our secret intellectual property unabashedly hacked and copied.

Moreover, we are seeing a resurgent Russia in Georgia, Ukraine and Syria; a militarized China expanding and weaponizing the South China Sea, a belligerent North Korea with ever further reaching ballistic nukes, and an Iran that violates their nuclear deal at will and now runs amuck with military operations from Iraq to Syria, Lebanon, Yemen, and more. 

Oh, and surely let's not forget ISIS and the global wave of Islamic terrorism that is unabated from Paris to Orlando. 

Despite our outspending the next leading 8 nations combined on the military, we continue to be the laughing stock internationally with world leaders calling our Presidents everything from the devil to an SOB

No one would dare do this with Putin's Russia!

Why? Because they know the ridiculous price they would pay. 

We have long since passed the time when we should've stopped the whining, begging, and acting the victim, and instead start to do something real to defend ourselves and once again establish a no-nonsense deterrent, rather than a joke of red lines and hollow threats.

Our Commander-in-chief, instead of laying blame at the doorstep of Congress or world leaders doing the wrongdoing, should start to act his position. 

Perhaps, just perhaps, it's a single phone call to whoever has our drone that says something like, "You have exactly 2 hours to return the drone unharmed or the ship that was responsible for stealing it will pay the consequences--and the clock starts ticking now!"

The funny-sad thing is that bullies don't stop bullying until you stand up to them once and for all. 

A real Commander In Chief protects his nation and his people and doesn't let them be victimized in a endless cycle of violence and shame...and he does it before something really bad can happen. ;-)

(Source Photo: Andy Blumenthal)
Share/Save/Bookmark

November 15, 2016

Why Can't We Keep Our Secrets

Well after the now notorious email scandal and other information security mishaps galore, this advertisement in Washington, DC is really quite the rage. 
"Keeps classified data classified."

As parents tell their children about keeping private things private:
"If you can't keep it a secret, then how do you expect the other kids to keep it to themselves?"

There are lots of secrets in DC, but there are also a lot of big mouths, security negligence, and even corruption. 

This gives our adversaries the opportunities they need to get our countries vital information. 

We work too hard to develop the best intellectual property for national security and our economy as well as the critical policies for advancing human rights and democracy around the world to let it just be easy fodder for others to help themselves too. 

Technology won't solve the gap in certain big mouths and sloppy Joes around town. 

Only vigilant, smart people can protect the nations vital information that is the fuel for our success and survival. ;-)

(Source Photo: Andy Blumenthal)
Share/Save/Bookmark

October 6, 2016

Preventing Cyber Disaster

So I liked this ad from Palo Alto Networks on the side of the bus, over the windows:
"Dinosaurs react.
Professionals prevent."

That's some very good marketing for a cyber security company.

It's almost a daily occurrence now to hear about the infiltrations into our networks and exfiltrations or manipulations of data that is taking place across government and industry.

Just today again, another NSA contractor accused of stealing highly classified computer code.

The day before Guccifer 2.0 and Wikileaks releases trove of stolen documents from the Clinton Foundation

And again, J&J reveals that it's insulin pump is vulnerable to hacking following allegations in August that St. Jude heart devices were subject to life-threatening hacking. 

Certainly, we can't afford to sit back and wait to react to the next attack...damage control and remediation is much harder than getting out in front of the problem in the first place. 

Prevention and deterrence is really the only solution...keep the hackers out and make sure they know that if they mess with us and our systems that we can identify who they are, find them, and take them out. 

These are the capabilities we need and must employ to dominate the cyber realm. 

In the presidential debates, candidates struggled to articulate how to deal with cybersecurity

But this is not a game of cyberopoly, rather national security, critical infrastructure, vital intellectual property, and our economy is at risk. 

Giving away Internet control and trying to plug leaks after the fact on a sinking cyber ship is no way to manage our vital technology resources.

It's high time for the equivalent Cold War determination and investment that ensures we win a free and safe cyberspace with all our networks and data intact. 

This is the only way that we don't go the way of the dinosaurs. ;-)

(Source Photo: Andy Blumenthal)
Share/Save/Bookmark

December 22, 2014

Peace To All Mankind

I liked this post in downtown Washington, D.C. inscribed with the following:

"May Peace Prevail On Earth."

It left me wondering, if Earth includes:

1) ISIS advances into large swathes of Syria and Iraq
2) Taliban attacks in Afghanistan and Pakistan including the one that left 132 children dead in a Peshawar school last week.
3) Boko Haram kidnappings and killings in Nigeria including the hundreds of children taken and given as wives to their captors 
4) Al-Shabaab fighting in Somalia including attacks in the capital, Mogadishu
5) Hamas in Gaza and their barrage of rocket attacks on and terror tunnels into Israel
6) Hezbolah in Lebanon as a proxy for Iran-sponsored terror
7) Iran's pursuit of nuclear weapons and threats to annihilate Israel off the face of the map.
8) Russia in Ukraine and Georgia and ongoing threats to Eastern Europe/NATO.
9) China's military build-up, including nukes, submarines, and anti-satellite weapons.
10) North Korea cyber attack on Sony and threatening "the White House, the Pentagon, and the whole U.S. mainland."

Peace is more than a wish, right now it seems like a dream. ;-)

(Source Photo: Andy Blumenthal)
Share/Save/Bookmark

November 23, 2014

Data 4 Ransom

The future of cybercrime will soon become the almost routine taking of your personal and corporate data as hostage. 

Once the hacker has control of it, with or without exfiltration, they will attach malware to it--like a ticking time bomb.


A simple threat will follow:


"I have your data. Either you pay for your data back unharmed OR your data will become vaporware! You have one hour to decide. If you call the authorities, you data is history."


So how valuable is your data to you?  


- Your personal information--financial, medical, legal, sentimental things, etc.


- Your corporate information--proprietary trade secrets, customer lists, employee data, more.


How long would it take you to reconstitute if it's destroyed?  How about if instead it's sold and used for identity theft or to copy your "secret sauce" (i.e. competitive advantage) or maybe even to surpass you in the marketplace? 


Data is not just inert...it is alive!


Data is not just valuable...often it's invaluable!


Exposed in our networks or the cloud, data is at risk of theft, distortion, or even ultimate destruction. 


When the time comes, how much will you pay to save your data?


(Source Comic: Andy Blumenthal)

Share/Save/Bookmark

November 22, 2014

Dire Warnings On CyberSecurity

This week Adm. Michael Rogers, the Director of the National Security Agency and head of U.S. Cyber Command issued a stark warning to the nation about the state of cybersecurity:

With our cybersecurity over the next decade, "It's only a matter of the 'when,' not the 'if,' that we are going to see something dramatic."

The Wall Street Journal reports that he gave " a candid acknowledgement that the U.S. ISN'T yet prepared to manage the threat!"

China and "one or two others" [i.e. Russia etc.] are infiltrating our SCADA networks that manage our industrial control systems, including our power turbines and transmission systems,.

The cyber spies from the nation states are "leaving behind computer code that could be used to disable the networks  in the future."

Can you imagine...you must imagine, you must prepare--not if, but when. 

(Source Photo: Andy Blumenthal)
Share/Save/Bookmark

March 8, 2014

Security Is A Joke!


Fascinating video with Dan Tentler on the Shodan Search Engine...which CNN calls the "scariest search engine on the Internet."

The search engine crawls the Internet for servers, webcams, printers, routers, and every type of vulnerable device you can imagine.

It collects information on more than 500 million devices per month and that was as of last year, so it's already probably a lot more.

Tentler shows the unbelievable amounts and type of things you can access with this, including our critical infrastructure for the country --from utilities to traffic lights, and power plants:

- Private webcams
- Bridges
- Freeways
- Data Centers
- Polycoms
- Fuel cells
- Wind farms
- Building controls for lighting, HVAC, door locks, and alarms
- Floor plans
- Power meters
- Heat pump controllers
- Garage doors
- Traffic control systems
- Hydroelectric plants
- Nuclear power plant controls
- Particle accelerators
- MORE!!!!

Aside from getting information on the IP address, description of the devices, locations (just plug the longitude and latitude into Google for a street location), you can often actually control these devices right from YOUR computer!

The information is online, open to the public, and requires no credentials.

- "It's a massive security failure!"

- "Why is this stuff even online?"

Where is our cyber leadership????

>>>Where is the regulation over critical infrastructure?

If there is a heaven for hackers, this is it--shame on us. :-(
Share/Save/Bookmark

March 7, 2014

We're Giving It All Away


Nice little video from Mandiant on "The anatomy of a cyber attack."

Despite the typical firewalls, antivirus, and intrusion detection system, cyber attacks can and do penetrate your systems.

This happens through social engineering (including phishing attempts), automated spam, and zero-day exploits.

Once inside your network, the cyber attacker takes command and control of your computers, surveys your assets, steals user names and passwords, hijacks programs, and accesses valuable intellectual property. 

Mandiant performs security incident response management (detecting breaches, containing it, and helping recovery efforts), and they are known for their report "APT1" (2013) exposing an alleged significant government-sponsored cyber espionage group that they state "has systematically stolen hundreds of terabytes of data from at least 141 organizations."

Another fascinating report on a similar topic of advanced persistent threats was done by McAfee on Operation Shady Rat (2011) that reveals over 70 organizations (governments, commercial entities, and more) that were targeted over 5 years and had terabytes of information siphoned off. 

The overall risk from cyber espionage is high and the McAfee report states:

- "Every company in every conceivable industry with significant size and valuable intellectual property and trade secrets has been compromised (or will be shortly), with the great majority of the victims rarely discovering the intrusion or its impact."

- "What we have witnessed...has been nothing short of a historically unprecedented transfer of [intellectual] wealth - closely guarded national secrets...disappeared in the ever-growing electronic archived of dogged adversaries."

In short we can't keep a secret--we're putting endless gobs and gobs of our information online and are not adequately protecting it in cyberspace, with the result that our adversaries are able to access, exfiltrate, disclose, modify, or destroy it.

In short, we're giving it all away - why? 
Share/Save/Bookmark

February 22, 2014

National State Of Cyber Insecurity


This video is a wake up call on the state of our national cyber insecurity. 

It is the opening statement (about 6 minutes) of Chairman Michael McCaul (R-TX) of the Homeland Security Subcommittee of Oversight, Investigations, and Management.

What he describes is quite grave and every American should listen carefully about the state of our cyber insecurity that poses a real and significant threat to our economy and national security.

We are under attack by cyber criminals, terrorists, and hostile nation states. 

Our adversaries seek to and can paralyze our critical infrastructure, steal our intellectual property, conduct espionage, and access our personal and financial information. 

The collapse of our military networks, financial system, energy, transportation, and electricity "is not science fiction."

The cyber attacks are "real, stealth, and persistent, and can devastate our nation." 

It is "not a matter of if, but when a Cyber Pearl Harbor will occur."

And "we have been fortunate that up until this point that cyber attacks on our country have not caused a cataclysmic event."

I read from the Center for Strategic and International Studies (2011) that cybersecurity has taken a back seat after 9/11 to the War on Terror as well as the economic fight after the recession of 2008, with the result that "the United States is unprepared to defend itself."

Chairman McCaul critically states at the end of his opening statement, "Let's do something meaningful [now] because it is not a tolerable situation!"
Share/Save/Bookmark