Showing posts with label Cybersecurity. Show all posts
Showing posts with label Cybersecurity. Show all posts

February 25, 2017

The Trouble With Our Security

So the problem with our security is that we value our openness more than we do our security.

And perhaps, we fear war more than we desire true peace. 

This was a photo from Summer 2015 when the Pope was in DC.

And despite a "massive" security apparatus set up to protect the Pope, the "largest security operation in U.S. history"...


Check out this photo of a colleague who was able to literally run up to the Fiat car where you can see the Pope waving from. 

Our security is full of holes--if this guy had a gun, molotov cocktail, or bomb then the top Christian leader in the world could've been taken out, just across the street from the U.S. State Department. 

As a democracy, we value openness and freedom to say what we want, do what we want, protest what we want, carry guns as we want, but when is open too open?

Again, whether it comes to cybersecurity or physical security, unless we start to get serious about what massive and large security really means, it is just a matter of time before something really terrible happens, G-d forbid. 

We've got to do a better job balancing security and openness. 

No one should be getting right up to the Pope's car like this!

No one should be smashing windows, burning cars, and attacking police and pedestrians in Washington, DC or anywhere.  

No one should be buzzing our battleships and jets!

No one should be hacking into our sensitive cyber systems, taking down and crippling them and stealing our secrets!

No one should be recruiting, plotting, and carrying out increasing and devastating terrorist attacks right under our noses in this country or elsewhere. 

No one should be using chemical weapons around our red lines in population centers or in airports!

No one (Iran, North Korea, Russia) should be developing, testing, and aiming nuclear ballistic missiles at the West!

War is a last resort, but this is not peace.

It is time to rethink our security posture...it is past time. ;-)

(Source Photo: A Colleague)
Share/Save/Bookmark

February 23, 2017

No Smartphone, No Life

So we are utterly and helplessly dependent on our smartphones and mobile communications.

If our enemies strike our communications networks, we are as good as dead. 

Can you imagine the panic and chaos that would ensue?

Cut off from family, friends, and colleagues.

Unable to get unto the Internet!

No eCommerce. 

No online Banking. 

No social networking.

No easily and readily available information.

No online music, videos, or gaming.


No online (fake) news. 

As you see in the photo, under the smashed smartphone...it says, "Disaster"!

We wouldn't know what to do with ourselves. 

And we wouldn't know how to conduct ourselves by ourself. 

We are completely dependent on mobile communications and connectivity to each other.

Without, we wither and die. 

And G-d created the marvels of the Heaven and Earth in 6 days. 

But we have become so tethered and dependent on our technology, we are toast in just a split second. 

If we don't get serious about cybersecurity, and fast, there is going to be hell on Earth to pay. 

And not a single shot needs to be fired. ;-)

(Source Photo: Rebecca Blumenthal)
Share/Save/Bookmark

November 29, 2016

A Failed Presidency?

Every day we are reminded about the dysfunctional state of our national affairs.

The dictum of the Hippocratic Oath of" first do no harm" that medical students are taught is the very minimum expectation, but has even this been met?

The Promise vs. The Delivery

1) Promised reset with Russia - Delivered a resurgent Russia in Ukraine, Syria, the Baltics, cybersecurity, and more.

2) Promised red lines in Syria - Delivered more than 5-year and counting deadly civil war with chemical weapons, more than 500,000 dead, and millions wounded, displaced, and fleeing as refugees.

3) Promised end of war in Iraq and Afghanistan - Delivered continued troops and war in both with not an end in sight. 

4) Promised good deal with a moderating Iran - Delivered bad deal with continued aggressive Iran violating the agreement and on the path to reaching nuclear weapons.

5) Promised easing of ties with an opening of Cuba - Delivered one-sided deal and a continued hard-line communist Cuba abusing political opponents and human rights.

6) Promised defeat of ISIS terrorism - Delivered continued ISIS global terror (and it's not workplace violence).

7) Promised closing of GITMO - Delivered GIMTO still open for business with dozens of dangerous terrorists. 

8) Promised a more unified America - Delivered a more divisive nation with raging inner city violence and civilian and police shootings.

9) Promised Obamacare affordable health insurance - Delivered unsustainable double digit premium growth and pending repeal and replacement.

10) Promised Dodd-Frank improved accountability financial reform - Delivered burdensome highly-regulated financial system stifling banking and lending leading to either significant scale back or complete repeal and replacement. 

11) Promised peace in the Middle East--Delivered a barrage of missiles, terror tunnels, shootings, stabbings, vehicular attacks, and arson for our friend and ally, Israel.

12) Promised government transparency to the American people - Delivered obscurity to the "media echo chamber" and devastating political email scandal and Benghazi fiasco. 

13) Promised fiscal and budgetary responsibility via Sequestration - Delivered a doubling of the national debt in 8 years to 20 trillion dollars! ;-)

(Source Photo: Andy Blumenthal via USA Today)

Share/Save/Bookmark

November 18, 2016

Telling The Next Guy

This was one for the books today.

Obama tells Trump that he needs to stand up to Putin (i.e. don't wimp out)!

Uh, who's the guy who has been in office the last 8 years? 

An during those years, our standing and national security has suffered from disengagement and utter weakness at virtually every turn of the globe. 

- We let red lines be violated in Syria and watched our Ambassador murdered in Libya

- Russia expanded into Georgia, Ukraine, and Syria, and now it's looking to Cuba and Vietnam.

- China has been rapidly militarizing into the South China Sea and expanding it's economic influence in Africa.

- We made the "worst deal in history" in Iran that allows them to eventually go nuclear!

- North Korea continues to expand it's nuclear arsenal and ballistic missile technology. 

- The Philippines told the President to "go to h*ll" and threatens to break from the U.S. militarily. 

- U.S. backed off support for democracy in Egypt after the military coup that overthrew Morsi

- Venezuela expelled our top diplomat and 2 other embassy officials ratcheting up hostilities with the U.S. 

- Cyberattacks have plagued the U.S. and we haven't been able to defend ourselves. 

- ISIS has demonstrated success and our strategy has not made them less dangerous and lethal. 

- After years of mounting terrorism, our leaders still refuse to even say the words, "radical Islam."

I'm not sure why people are so tempted to give advice and preach to others, when they themselves have so many failings. 

I think it's certainly okay to humbly share our experiences and lessons learned if we have any. 

But perhaps when you don't have the best record on something, as they old saying goes, you should refrain from throwing large stones in your very fragile glass houses!

(Source Photo: Andy Blumenthal)
Share/Save/Bookmark

October 6, 2016

Preventing Cyber Disaster

So I liked this ad from Palo Alto Networks on the side of the bus, over the windows:
"Dinosaurs react.
Professionals prevent."

That's some very good marketing for a cyber security company.

It's almost a daily occurrence now to hear about the infiltrations into our networks and exfiltrations or manipulations of data that is taking place across government and industry.

Just today again, another NSA contractor accused of stealing highly classified computer code.

The day before Guccifer 2.0 and Wikileaks releases trove of stolen documents from the Clinton Foundation

And again, J&J reveals that it's insulin pump is vulnerable to hacking following allegations in August that St. Jude heart devices were subject to life-threatening hacking. 

Certainly, we can't afford to sit back and wait to react to the next attack...damage control and remediation is much harder than getting out in front of the problem in the first place. 

Prevention and deterrence is really the only solution...keep the hackers out and make sure they know that if they mess with us and our systems that we can identify who they are, find them, and take them out. 

These are the capabilities we need and must employ to dominate the cyber realm. 

In the presidential debates, candidates struggled to articulate how to deal with cybersecurity

But this is not a game of cyberopoly, rather national security, critical infrastructure, vital intellectual property, and our economy is at risk. 

Giving away Internet control and trying to plug leaks after the fact on a sinking cyber ship is no way to manage our vital technology resources.

It's high time for the equivalent Cold War determination and investment that ensures we win a free and safe cyberspace with all our networks and data intact. 

This is the only way that we don't go the way of the dinosaurs. ;-)

(Source Photo: Andy Blumenthal)
Share/Save/Bookmark

February 9, 2016

Cybersecurity Lost In Unknowns

Today unveiled is a new Cybersecurity National Action Plan

This in the wake of another Federal data breach on Sunday at the Department of Justice where hackers stole and published online the contact information for 9,000 DHS and 20,000 FBI personnel

And this coming on the heels of the breach at OPM that stole sensitive personnel and security files for 21 million employees as well as 5.6 million fingerprints.

While it is nice that cybersecurity is getting attention with more money, expertise, public/private poartnerships, and centers of excellence. 

What is so scary is that despite our utter reliance on everything cyber and digital, we still have virtually no security!

See the #1 definition for security--"the state of being free from danger or threat."

This is nowhere near where we are now facing threats every moment of every day as hackers, cybercriminals, cyber spies, and hostile nation states rapidly cycle to new ways to steal our secrets and intellectual property, commit identity theft, and disable or destroy our nation's critical infrastructure for everything from communications, transportation, energy, finance, commerce, defense, and more. 

Unlike with kinetic national security issues--where we regularly innovate and build more stealthy, speedy, and deadly planes, ships, tanks, surveillance and weapons systems--in cyber, we are still scratching our heads lost in unkowns and still searching for the cybersecurity grail:

- Let's share more information

- Let's throw more money and people at the problem.

- Let's seek out "answers to these complex challenges"

These have come up over and over again in plansreviewsinitiatives, and laws for cybersecurity.

The bottom line is that today it's cyber insecurity that is prevailing, since we cannot reliably protect cyber assets and lives as we desperately race against the clock searching for real world solutions to cyber threats. 

Three priorities here...

1) Build an incredibly effective intrusion protection system
2) Be able to positively tag and identify the cyber attackers 
3) Wield a powerful and credible offensive deterrent to any threats ;-)

(Source Photo: Andy Blumenthal)
Share/Save/Bookmark

January 8, 2016

We Just Keep Giving It All Away

How do these things keep happening to us?

We lost a high-tech Hellfire air-to- ground missile, accidentally sending it to Cuba, likely compromising critical sensor and GPS targeting technology to China, Russia, and/or North Korea. 

But it's not all that different from how many other examples, such as: 

- Chinese cyber espionage snared critical design secrets to the 5th generation F-35 Joint Strike Fighter.

- Iran captured and purportedly decoded an RQ-170 Sentinel high-altitude reconnaissance drone.

- Russian spies stole U.S. nuclear secrets helping them to build their first atomic bomb.

We are the innovator for high-tech bar none, which is beautiful and a huge competitive advantage. 

But what good is it when we can't protect our intellectual property and national security secrets. 

The U.S. feeds the world not only with our agricultural, but with our knowledge.

Knowledge Management should be a mindful exercise that rewards our allies and friends and protects us from our enemies--and not a free-for-all where we we can't responsibly control our information. ;-)

(Source Photo: here with attribution to James Emery)
Share/Save/Bookmark

November 8, 2015

Internet Divide And Conquer

Remember in the old Western's when the Indians were about to attack the town, and before they rode in with knives and flaming arrows--what would they do?  

The Indians would cut the telegraph lines--no calls for help out, and no communications in--the town and its people were completely cut off.

The very next scene would be the slaughter of everyone in the town including a bunch getting scalped. 

How have things changed in the 21st century?

Not so much so, as the New York Times reports today on the constant threats to our underground Internet lines being cut--with 16 cuts to the lines in the San Francisco Bay area alone in the last year. 

Similarly just a couple of weeks ago, the media was reporting about the U.S. being worried about Russian subs cutting the undersea Internet cables.

But isn't the Internet built like a spiders's web (i.e. the World Wide Web) with redundant routes so that it can withstand even a nuclear attack?

Apparently, if you take out key Internet Exchange Points (IXP) or major international cable lines then the Internet can be seriously disrupted. 

Similar to the impact of an EMP weapon that fries our electronic circuits...poof no more communications. 

If you can cut off our core communications ability--then it's a simple strategy of divide and conquer.  

Divided we are weak and can't communicate and organize ourselves to either know what's going on or to effectively respond. 

Like sitting ducks in the Old West surrounded and cut off--it was a slaughter. 

This is why it is so critical that we not only build redundancy in the cable lines, but that we create alternatives like satellite Internet or Google's Project Loon for balloon Internet access.

It's not just the military, law enforcement, and emergency management not that needs to be able to communicate--we all do!

With excellent communications, we can unify ourselves and we are strong--but if we are left in the dark, then divided we fall. ;-)

(Source Photo: Andy Blumenthal)
Share/Save/Bookmark

August 24, 2015

My Ashley Madison

So Ashley Madison is now a well-known adulterous website, particularly after hackers stole 37 million records on the site participants, and have released that information to the public.

These tens of millions of users seek companionship for loveless or sexless marriages or perhaps are just plain liars and cheaters--who knows? 

But yikes, now everyone knows!

Huffington reports that divorce lawyers are anticipating a deluge of new clients seeking divorces

And BBC reports that two people have already taken their lives in Canada as a result of the release. 

What is incredible as well are the 15,000 people who used their .gov or .mil accounts presumably to hide their infidelity from their spouses, but now are in potentially huge trouble with their government agencies.

I assume that Ashley Madison prided themselves on their discretion in handling their clients accounts, but lo' and behold the discretion is for naught compliments of some very naughty hackers. 

Privacy is becoming a very lonely and meaningless word whether you are faithful or a cheater--it's all open fodder on the net. ;-)

(Source Photo: Andy Blumenthal)
Share/Save/Bookmark

July 12, 2015

The "Real" OPM Data Breach

A lot has been made and should be made of the theft of over 21 million federal employees' sensitive personnel records and security clearances. 

Everyone rightly, although somewhat selfishly, is worried about identity theft and the compromised privacy of their information.

The government is worried about hostile nation states using the pilfered information to bribe or coerce military, intelligence, high-level politicals, and others to turn and work for them or otherwise to use against them. 

But what is grossly missing in this discussion is not what information presumably the Chinese stole and how they will use it against us, but rather what information they inserted, altered, or otherwise compromised into the OPM personnel and security databases when they got root access to it.

Imagine for a moment what could hostile nations or terrorists can do to this crown jewel database of personnel and security information:

- They could insert phony records for spies, moles, or other dangerous persons into the database--voila, these people are now "federal employees" and perhaps with stellar performance records and high level security clearances able to penetrate the depths of the federal government with impunity or even as superstars!

- They could alter personnel or security records taking prominent or good government employees and sabotaging them to have questionable histories, contacts, financial, drug or criminal problems and thereby frame or take-down key government figures or divert attention from the real bad guys out there and tie our homeland security and law enforcement establishment in knots chasing after phony leads and false wrongdoers and villains.

Given that the timeline of the hack of OPM goes back to March and December 2014, this was more than enough time for our adversary to not only do to our data what they want, but also for the backup tapes to be affected by the corrupt data entering the system. 

The damage done to U.S. national security is unimaginable. As is typically the case with these things, "An ounce of prevention is worth a pound of cure." Instead of investing in security, now we can invest in "credit monitoring and identity theft protection" for a very sparse three years, while federal employees will go a lifetime in information jeopardy, and the federal government will be literally chasing its tail on personnel security for decades to come. 

With the price so low to our adversaries in attacking our systems, it truly is like stealing and much more. ;-)

(Source Photo: Andy Blumenthal)
Share/Save/Bookmark

June 25, 2015

18 Million--Change The SSNs

So, maybe one of the most detrimental hysts of information from the Federal government in history. 

Now involving over 18 million current and former federal employees, including military and intelligence personnel. 

No getting around it, but we are major screwed here--this is a treasure trove of personal and privacy information ready to use for identity theft, blackmail, assassination/decapitation attacks at home and work addresses, kidnapping of family members, and literally attacking our national security apparatus from the very inside out--it's people. 

Imagine, if at the time of its choosing, an adversary attacks our nation, but preempts this with sophisticated and coordinated attacks on our critical government personnel--generals, spy masters, political kingpins, and other key decision makers--thereby distracting them from their duties of safeguarding our nation. 

This is our new Achilles Heel and overall a security disaster bar none!

Well, we can't go back and put the genie back in the bottle--although wouldn't it be nice if such critical information (if not encrypted--already unforgivable) would have a self-destruct mechanism on it that we could at least zap it dead.

But for the people whose personal identities are at risk--whose social security numbers (SSNs) and dates of birth (DOBs) have been compromised what can we do? 

While we can't very well change people DOBs, why not at least issue them new SSNs to help thwart the adversaries peddling in this information in the black markets. 
 
If we can put a man on the moon, surely we can issue some 18 million new SSNs and mandate government and financial institutions to make the necessary updates to the records. 

This is not rocket science, and certainly we owe this much to our people to help protect them.

Will our government be there for it's own employees and patriots? ;-)

(Source Photo: here with attribution to Donkey Hotey)
Share/Save/Bookmark

June 5, 2015

People Are Our Greatest Asset, Goodbye!

The Chinese are smart and talented, and there is a cyberwar going on. 

They are suspected are having just stolen the personnel information of 4 million federal government workers.

And there are 4.2 million active, including 1.5 million military personnel. 

So if as they are apt to say, "people are our greatest asset"...

...then we just sort of lost the CROWN JEWELS in terms of highly personal, sensitive, and critical information on the people that handle everything from defense and diplomacy to the economy, energy, the environment, justice, and health and wellbeing. 

Oops!

This is getting scary folks. 

When the adversary through cyber (and other) espionage can know our people, our technology, our communications, virtually everything...then we got some big vulnerabilities!

If we can't defend ourselves adequately (at least for now), I hope at least we are doing okay on the offense! ;-)

(Source Photo: Andy Blumenthal)
Share/Save/Bookmark

November 23, 2014

Data 4 Ransom

The future of cybercrime will soon become the almost routine taking of your personal and corporate data as hostage. 

Once the hacker has control of it, with or without exfiltration, they will attach malware to it--like a ticking time bomb.


A simple threat will follow:


"I have your data. Either you pay for your data back unharmed OR your data will become vaporware! You have one hour to decide. If you call the authorities, you data is history."


So how valuable is your data to you?  


- Your personal information--financial, medical, legal, sentimental things, etc.


- Your corporate information--proprietary trade secrets, customer lists, employee data, more.


How long would it take you to reconstitute if it's destroyed?  How about if instead it's sold and used for identity theft or to copy your "secret sauce" (i.e. competitive advantage) or maybe even to surpass you in the marketplace? 


Data is not just inert...it is alive!


Data is not just valuable...often it's invaluable!


Exposed in our networks or the cloud, data is at risk of theft, distortion, or even ultimate destruction. 


When the time comes, how much will you pay to save your data?


(Source Comic: Andy Blumenthal)

Share/Save/Bookmark

October 20, 2014

Shining A Light On Your Privacy


Check out this special report...

~Half a billion~ downloads of the top 10 Flashlights Apps--the ones we all have on our smartphones--and guess what?

All/most are malware/spyware from China, India, and Russia that are spying on you!

Your contacts, banking information, even your location, is being intercepted by hackers abroad,

The cybersecurity experts Snoopwall (that conducted this study and are offering a free opensource "privacy flashlight") are recommending that you don't just uninstall these flashlight apps, because they leave behind trojans that still are functioning behind the scene and capturing your information. 

So instead doing a backup of key information and then a factory reset of the smartphone is advised.

Pain in the you know what, but these flashlight apps are shining a light and compromising your personal information.

Snopes points out that the flashlight apps may be no more vulnerable to spyware than other apps you download and that perhaps the screening process from the app stores help to protect us somewhat.

When the cyber hackers decide to exploit those apps that are vulnerable, whether for political, military, or financial gain, it will likely be ugly and that flashlight or other app you use may prove much more costly than the download to get them. ;-)

(Thank you Betty Monoker for sharing this.)
Share/Save/Bookmark

September 13, 2014

6 D's Of Cyberwar

Popular Science had a interesting article that spelled out the six D's of Cyberwar:

On the offensive side, you want to destroy, deny, degrade, disrupt, and deceive.

"Unlike World War II code breaking, cyber attacks offer the potential to not just read the enemy's radio, but to seize control of the radio itself."

- Step 1: Infiltrate the enemy's networks and communications and gather/exfiltrate information.

- Step 2:  Compromise the enemy's information either by:

1) Corrupting the enemy's information, planting misinformation, sewing erroneous reports, and causing poor decision-making. 
2) Taking control of their networks, disabling or jamming them, and disrupting their command and control or harming their critical infrastructure and causing mass confusion, destruction, and death.

Examples are "not merely to destroy the enemy's tanks, but to make them drive in circles--or even attack each other" or to cyber attack an enemies control systems for electricity, dams, transportation, banking, and so on. 

With the ability to steal information, sow misinformation, seize control, or even stop the information flow altogether, cyberwar is not just another weapon in our arsenal, but "a tool to help achieve the goals of any given operation."

On the flip side, you want to defend against the enemy's use of cyberspace to hurt us.

We need to continue to get serious about cyberwarfare and cybersecurity and become the masters in the information domain, and quickly. ;-)

(Source Photo: Andy Blumenthal)
Share/Save/Bookmark

March 21, 2014

Safely Detonate That Malware


I like the potential of the FireEye Malware Protection System (MPS).

Unlike traditional signature-based malware protections like antivirus, firewalls, and intrusion prevention systems (IPS), FireEye is an additional security layer that uses a dynamic Multi-Vector Virtual Execution (MVX) engine to detonate even zero-day attacks from suspicious files, web pages, and email attachments. 

According to Bloomberg Businessweek, Target's implementation of FireEye detected the malware attack on Nov 30, 2013 and it alerted security officials, but allegedly "Target stood by as as 40 million credit card numbers--and 70 million addresses, phone numbers, and other pieces of personal information--gushed out of its mainframes"over two weeks!

In fact, FireEye could've been set to "automatically delete [the] malware as it's detected" without human intervention, but "Target's team apparently "turned that function off."

FireEye works by "creating a parallel computer network on virtual machines," and before data reaches its endpoint, they pass through FireEye's technology.  Here they are "fooled into thinking they're in real computers," and the files can be scanned, and attacks spotted in safe "detonation chambers."

Target may have been way off target in the way they bungled their security breach, but using FireEye properly, it is good to know that attacks like this potentially can be thwarted in the future. ;-)

[Note: this is not an endorsement of any product or vendor]
Share/Save/Bookmark

March 15, 2014

U.S. To Give Up U.S.?

This is just ridiculous already...I mean why do we even bother to try, if as a nation we are just resigned to give up.

1. Russia takes Crimea and the U.S. has "no options," instead of considering a variety of meaningful options--will Putin stop with Crimea, Georgia, Chechnya if there is virtually nothing standing in his way?

2. Syrian civil war goes on for almost 3 years and takes 150,000 lives and the U.S. has "few options," while Russia, Iran, Hezbollah, Saudi Arabia seem to have and be exploiting lots of options.

3. "U.S. to give up Web oversight" since other governments have complained over our "unique influence"--well darn it, we invented the Internet, why shouldn't we capitalize on it?

4. Serious "deficit reduction is dead" even though the national deficit continues to grow and threaten the national security of this country, but there are few acknowledged options for politicians that want to get re/elected, except to continue the runaway gravy train.

5. Space exploration to other planets--NASA shelves it--"Space, the final frontier...to boldly go where no man has gone before," but we're not really going!

6. Defense cuts threaten U.S. military as the "U.S. faces a more volatile, more unpredictable world," and even as China ramps up its military budget by 12.2%.

7. Despite the potentially catastrophic impact that a serious cyber attack would have on the U.S. national security and economy, "the U.S. military is not prepared for cyber warfare"-why are we waiting for the proverbial lights to go out?

8. Outsourcing jobs outside the U.S. has already become cliche--with top U.S. Corporations sending more than 2.4 million American jobs overseas between 2002-2011--as our own labor force participation is now at a 30-year low!

I don't understand what has happened to our national resolve to succeed, to lead, to be a good example in the world.

Why are we in global retreat--instead of steadfastly protecting and growing our national strategic interests in every domain?

We are innovators, entrepreneurs, skilled in every worldly affair, and lovers of freedom and human rights for all, yet we have become gun shy, afraid, and reticent to be ourselves and do what we do best--which is to do what's right, what needs to be done, and to be global leaders in progress toward the future.

If we can't do this, if we have just given up, if we have become ostriches with our heads in the sand--then we haven't just given up on this or that or the other thing--but we have given up on being the U.S. of A.

(Source Photo: Andy Blumenthal)
Share/Save/Bookmark

March 9, 2014

SCADA in Pictures




So SCADA are Supervisory Control and Data Acquisition systems.

They are a form of Industrial Control Systems (ICS) that monitor and control major industrial processes from power generation, transmission, and distribution, to water treatment, chemical production, air traffic control, traffic lights, building controls, and more. 

These are part of our nation's critical infrastructure. 

In the lab, we are able to use tools to capture and analyze communication packets and edit and re-use them to: 

- Turn on and off lights

- Open/close perimeter gates

- Control water and gas pipelines

- And even open and close a bridge

This was very scary!

No one, unauthorized, should be able to do this in real life, in the physical world. 

This is a major security vulnerability for our nation:

- SCADA systems should not be openly available online, and instead they should be able to be controlled only either locally or remotely through an encrypted virtual private network (VPN).

- SCADA systems should not be available without proper access controls--there must be credentials for user id and passwords, and even two-step authentication required. 

No one but vetted, cleared, authorized, and trained personnel should be able to monitor and control our critical infrastructure--otherwise, we are giving them the keys to disrupt it, destroy it, and use it for terror. 

We owe our nation and families better, much better. 

(Source Photos from lab: Andy Blumenthal)

Share/Save/Bookmark

March 8, 2014

Security Is A Joke!


Fascinating video with Dan Tentler on the Shodan Search Engine...which CNN calls the "scariest search engine on the Internet."

The search engine crawls the Internet for servers, webcams, printers, routers, and every type of vulnerable device you can imagine.

It collects information on more than 500 million devices per month and that was as of last year, so it's already probably a lot more.

Tentler shows the unbelievable amounts and type of things you can access with this, including our critical infrastructure for the country --from utilities to traffic lights, and power plants:

- Private webcams
- Bridges
- Freeways
- Data Centers
- Polycoms
- Fuel cells
- Wind farms
- Building controls for lighting, HVAC, door locks, and alarms
- Floor plans
- Power meters
- Heat pump controllers
- Garage doors
- Traffic control systems
- Hydroelectric plants
- Nuclear power plant controls
- Particle accelerators
- MORE!!!!

Aside from getting information on the IP address, description of the devices, locations (just plug the longitude and latitude into Google for a street location), you can often actually control these devices right from YOUR computer!

The information is online, open to the public, and requires no credentials.

- "It's a massive security failure!"

- "Why is this stuff even online?"

Where is our cyber leadership????

>>>Where is the regulation over critical infrastructure?

If there is a heaven for hackers, this is it--shame on us. :-(
Share/Save/Bookmark

March 7, 2014

We're Giving It All Away


Nice little video from Mandiant on "The anatomy of a cyber attack."

Despite the typical firewalls, antivirus, and intrusion detection system, cyber attacks can and do penetrate your systems.

This happens through social engineering (including phishing attempts), automated spam, and zero-day exploits.

Once inside your network, the cyber attacker takes command and control of your computers, surveys your assets, steals user names and passwords, hijacks programs, and accesses valuable intellectual property. 

Mandiant performs security incident response management (detecting breaches, containing it, and helping recovery efforts), and they are known for their report "APT1" (2013) exposing an alleged significant government-sponsored cyber espionage group that they state "has systematically stolen hundreds of terabytes of data from at least 141 organizations."

Another fascinating report on a similar topic of advanced persistent threats was done by McAfee on Operation Shady Rat (2011) that reveals over 70 organizations (governments, commercial entities, and more) that were targeted over 5 years and had terabytes of information siphoned off. 

The overall risk from cyber espionage is high and the McAfee report states:

- "Every company in every conceivable industry with significant size and valuable intellectual property and trade secrets has been compromised (or will be shortly), with the great majority of the victims rarely discovering the intrusion or its impact."

- "What we have witnessed...has been nothing short of a historically unprecedented transfer of [intellectual] wealth - closely guarded national secrets...disappeared in the ever-growing electronic archived of dogged adversaries."

In short we can't keep a secret--we're putting endless gobs and gobs of our information online and are not adequately protecting it in cyberspace, with the result that our adversaries are able to access, exfiltrate, disclose, modify, or destroy it.

In short, we're giving it all away - why? 
Share/Save/Bookmark