Cyberweapons Power Up

In you haven't heard of Project Aurora, this is a wonderful segment from 60 Minutes on this cyberwar project. 

Faced with some of the worst case scenarios for cybergeddon, Idaho National Labs set out in 2007 to test what would happen to a 27-ton power generator if the researchers hacked into it from a mere laptop. 

The turbine was sent instructions that would essentially tear itself apart--and in the video you can see what happened--it shudders, shakes, smokes, and ultimately destroys itself. 

The test was a grand success demonstrating our capabilities to conduct cyberwar operations against an adversary.  

Interestingly, Reuters reported the Symantec researchers "uncovered a version of Stuxnet from the end of 2007 that was used to destroy two years later about 1,000 Iranian centrifuges used in their Natanz nuclear uranium enrichment facility for alleged development of weapons of mass destruction. 

The flip side of this cyberwar test is the realization of the potential blowback risk of cyberweapons--where adversaries can use similar technology over the Internet against our critical infrastructure--such as SCADA industrial control systems for the power grid, water treatment, manufacturing, and more--and cause potentially catastrophic events.

As stated toward the end of the video, this is a type of "pre 9/11 moment" where we identify a serious threat and our vulnerability and we need to act to prevent it--the question is will we? 

Cyberweapons Power Up

The Guardian Of Israel

"The Guardian of Israel neither slumbers or sleeps." (Psalms 121:4)

Much is being celebrated about Israel's new Iron Dome missile defense system with approximately 90% success rate for shooting down incoming missiles threatening populated areas and critical infrastructure.

However, Foreign Policy Magazine (20 November 2012) is touting another amazing advance by Israel, this time in robotic weapons systems.

It is called The Guardian Unmanned Ground Vehicle (UGV), and it is made by G-NIUS. 

It's a fully armored vehicle with 660 pounds of electronic sensors and weapons. 

The Guardian can autonomously "run patrol of predetermined routes" or it can be controlled via remote or mobile command center. 

- It can run at 50 miles per hour, has powerful off-road capability, and an robust obstacle detection and avoidance system. 

- Guardian can carry 1.2 tons of ammunition and supplies. 

- The robotic vehicle is outfitted with all-weather video and thermal cameras, microphones, loudspeakers, and electronic countermeasures. 

- It alerts to suspicious activity, identifies sources of fire, and by human operator can open fire with "auto-taret acquisition". 

This versatile weaponized robot can be used for force protection or to guard strategic assets, it can be used for perimeter, border or convey security, and for combat or logistical support missions. 

It is easy to see how UGVs like this, especially in concert with UAVs (Unmanned Aerial Vehicles) can take on the enemy and help keep the troops out of harm's way. 

For the future of UGVs and UAVs, think of a swarm, with masses of robots managing the battlefield both with and without human operators, and the vision of Star Wars on the ground and in space is just generations of robots away. 

The Guardian Of Israel

Just Hanging Out

I understand when someone says they are just going to hang out, but this is ridiculous--a lion hanging out of the window, overlooking a main thoroughfare in the Capital!

With all the intrigue about the emails and affairs the last few days--I think this feline, might just be feeling a little curious.

The father of one of the ladies involved said there is a lot more to the story...Mr. Lion here is watching and waiting with the rest of us to hear what's up.

Certainly, not our finest national moment--and as Ricky Ricardo would say, "Lucy! You got some 'splainin' to do!"  ;-)

(Source Photo: Andy Blumenthal)

Just Hanging Out

Amazing Internet Statistics 2012

So what happens in only 1 minute on the Internet--this cool magazine Ideas and Discoveries (October 2012) provides some amazing examples:

- Information Sharing--639,800 gigabytes of data are exchanged
- Information Generation--6 new Wikipedia articles are created
- Information Visualization--20,000,000 photo looked at on Flickr
- eMail--204,000,000 emails are sent
- eCommerce--$83,000 of sales on Amazon
- Social Networking--320 new users on Twitter and 100 on LinkedIn (wonder how many for Facebook...)
- Cyber Crime--20 new victims of identity theft

And in the same month, Harvard Business Review reported on the growing significance to commerce with the Internet contributing to GDP (in 2010) as much as:

- 8.3% in the UK
- 7.3% in South Korea
- 5.5% in China
- 4.7% in the US
- 4.7% in Japan
- 4.1% in India

Moreover in HBR, this is what was reported that people are willing to give up instead of the Internet for a year--and the numbers are pretty startling--check this out:

- 91% of UK would give up fast food
- 89% of Indonesians would give up smoking
- 86% of Japanese would give up chocolate
- 85% of Chinese would give up coffee
- 78% of Indonesians would give up their shower
- 60% of Japanese would give up exercise
- 56% of Chinese would give up their car
- 56% of Japanese would give up sex--go figure! ;-)

While this is all sort of light, there is also a very seriousness dimension to this. For example, in the Wall Street Journal today, it quotes Secretary of Defense, Leon Paneta warning that with Iran's digital assault on the U.S., the concerns of cyberwar are growing with the SecDef going so far as to say "Is there a cyberwar going on? It depends on how you define war."

Yes, the Internet is amazing for so many reasons and we can't take it for granted--we need to be vigilant and defend the Internet (cyber) with the same zeal and commitment as the other domains of war--land, sea, and air--all are vital to national security and for the preservation of life, liberty, and the pursuit of happiness.

This is a lesson we need to learn quickly and decisively--before the old Star Wars is passe and cyberwar turns deadly. 

(Source Photo: Andy Blumenthal)

Amazing Internet Statistics 2012

Choke Points to Checkpoints

This is some promising biometric technology from AOptix. 

Enrolling in the system is the first step and means just seconds of standing in the capture field of the slender tower, and the device scans both iris and face of the person. 

The scanning captures images within seconds and the software converts the images into binary code. 

It then subsequently scans and matches the person's biometrics against the database for positive identification. 

The beauty of this system is that it is simple and fast and can be used for passenger screening, immigration, or any other access control for entry/egress for a building, location, or even to a computer computer system and it's information.

According to Bloomberg Businessweek, the Insight Duo Towers sells for $40,000 each.

Eighty of these are currently in use at all air, land, and sea borders in Qatar.  Further, Dubai International Airport has been piloting this at a terminal that handles 40 million people per year, and it has cut immigration waiting times from 49 minutes to 22 seconds. 

This technology has obvious important applications for military, law enforcement, and homeland security, as well as even more generalized security use in the private sector.

And while very impressive, here are some concerns about it that should be addressed:

1) Enrollment of Biometrics and Personal Identification--registering for the system may only take a few seconds for the actual scan, but then verifying who you are (i.e. who those biometrics really belong to) is another step in the process not shown.  How do we know that those iris and face prints belong to Joe Schmo the average citizen who should be allowed through the eGate and not to a known terrorist on the watch list?  The biometrics need to be associated with a name, address, social security, date of birth and other personal information.

2) Rights versus Recognitions--rights to access and recognition are two different things. Just because there is iris and facial recognition, doesn't mean that this is someone who should be given access rights to a place, system or organization.  So the devil is in the details of implementation in specifying who should have access and who should not. 

3) Faking Out The System--no system is perfect and when something is advertised as accurate, the question to me is how accurate and where are the system vulnerabilities. For example, can the system be hacked and false biometrics or personal identification information changed?  Can a terrorist cell, criminal syndicate, or nations state create really good fake iris and facial masks for impersonating an enrollee and fooling the system into thinking that a bad good is really a good guy. 

4) Privacy of Personally Identifiable Information (PII)--not specific to AOptix, but to this biometric solutions overall--how do we ensure privacy of the data, so it is not stolen or misused such as for identity theft.  I understand that AOptix has PKI encryption, but how strong is the encryption,who long does it take to break, and what are the policies and procedures within organizations to safeguard this privacy data.

5) Big Brother Society--biometrics recognition may provide for opportunities for safe and secure access and transit, but what are the larger implications for this to become a "big brother" society where people are identified and tracked wherever they go and whatever they do. Where are the safeguards for democracy and human rights.

Even with these said, I believe that this is the wave of the future for access control--as AOptix's says, for changing choke points to checkpoints--we need a simple, fast, secure, and cost-effective way to identify friends and foe and this is it, for the masses, in the near-term.

Choke Points to Checkpoints

Military-Style ATV For Pleasure Or Kicking Butt

This is a very cool all-terrain vehicle (ATV) modeled after the Segway, that is built with military or extreme sports in mind.

According to Bloomberg Businessweek, the DTV Shredder runs on tank treads, has a motocycle throttle, and the mobility of a skateboard.

The Shredder is made by BPG Werks and can go up to 30 miles per hour, has a three-foot turning radius, can haul up to 800 pounds over rocky terrain, and costs only $4,000.

This is a cost-effective, energy-efficient, rugged transportation mule can carry people, equipment, or supplies through friendly or hostile terrain, and it can even be used through a remote controller. 

A precursor transit device from this company was the Uno--a very cool looking, self-balancing, all-electric unicycle--that won Intel's International Science and Engineering Fair (ISEF) in 2007, was on the cover of Popular Science Magazine (2008), and secured $1.25 million from angel investors. 

When we talk about mobile technology, everyone first thinks of smartphones and tablet computers, but new and improved modes of personal transportation can also be innovative and high-tech with applications for everything from snowmobiling to beach patrol and hunting to overseas deployments. 

End of the world scenarios come to mind too--with a mobile device like this...outmaneuver, outwit, outlast.  

Of course, having to stand for the whole ride can be a bummer, and an open ATV certainly does not imply all-weather, so practicality limits its usefulness, but this is still my cool gadget of the week for fighting or for fun. ;-)

Military-Style ATV For Pleasure Or Kicking Butt

Biosecurity--Where Every Moment Counts

A biological attack on the United States is a most frightening prospect and one that could present an existential threat to us. 

Just the very mention of bio-warfare agents such as anthrax, ebola, smallpox, bubonic plague, and others are enough to provoke sheer terror in most people. 

BioWatch is a program managed by the Department of Homeland Security (DHS) in partnership with the Centers for Disease Control (CDC) and the Environmental Protection Agency (EPA) to monitor for a biological attack.

According to Bloomberg Businessweek (21 June 2012) bio-surveillance is currently conducted in 30 metropolitan areas around the country using 600 air filters to detect pathogens, where samples are collected daily and taken to labs for analysis in what amounts to a 36 hour turnaround to determine if there is a hazard. 

A new technology made by Positive ID or Northrop Grumman collects samples four times a day and analyzes it on the spot for bateria, viruses, and toxins, and sends the results to officials by secure network in as little as two hours. 

The shorter time to detection will give more time to save lives by getting drugs and vaccines to the field sooner and prevent the spread from person to person.  

DHS wants to deploy 2,500 of these new sensors and the bio-attack alert system at a cost of approximately $5.7 billion, if Congress approves. 

If this bio-sensing system proves out functionally, then the price tag seems well worth it. 

Bioweapons like cyber-attacks can cause widespread panic as well as disruption to our everyday way of life, however a bio-attack has the added feature of making people symptomatic and infecting them with deadly and painful illnesses. 

Cyber attacks can infiltrate and take out our critical infrastructure, but biological attacks can directly destroy our physical bodies and the population itself. 

A bio-attack and a cyber-attack together could devastate us by attacking us while at the same time inhibiting our ability to deliver medication and quarantine those that are ill and so on. 

In addition to grossly improving on our cyber defensive (and offensive) capabilities, we must do everything we can to enhance our biosecurity--this mean upgrading our preparedness for bio-terrorism and bio-warfare using the latest technologies available to sniff out and identify a bio attack and alert us so we can respond timely, while we still can. 

(Source Photo: here with attribution to U.S. Department of Defense)

Biosecurity--Where Every Moment Counts

The H2O Coat

Awesome coat called the Raincatch that catches/stores rainwater and purifies it for drinking.

Designed by students at the Copenhagen Institute of Interaction Design (CIID). 

The collar of the coat catches the rainwater. 

The water passes through a charcoal and chemical filtration system. 

Purified water is then stored around the hips of the coat where it can be distributed and easily carried. 

A straw is built in and provided for easy drinking. 

I like this for its functionality as survival gear and its practicality as a user-centric product.

One thing I would add is a place to put the Coca-Cola syrup to give it a little extra pick me up. ;-)

Very cool--good job!

The H2O Coat

Raising The Bar On Cybersecurity

Good video by the The Washington Post (2 June 2012) on the importance and challenges of cybersecurity. 

There are 12 billion devices on the Internet today and this is projected to soar to 50 billion in the next decade.

Cybersecurity is paramount to protecting the vast amounts of critical infrastructure connected to the Internet.

There is a lot riding over the Internet--power, transportation, finance, commerce, defense, and more--and the vulnerabilities inherent in this is huge!

Some notable quotes from the video:

- "Spying, intrusions, and attacks on government and corporate networks occur every hour of every day."

- "Some sort of cyberwar is generally considered an inevitability."

- "Cyberwar although a scary terms--I think it is as scary as it sounds."

- "Right now the bar is so low, it doesn't take a government, it doesn't take organized crime to exploit this stuff--that's what's dangerous!"

We all have to do our part to raise the bar on cybersecurity--and let's do it--now, now, now.

Raising The Bar On Cybersecurity

We're In It Together

This is a cool vision by Tom Clancy of the "future soldier" from the Ghost Recon game series. 

The mixture of advanced weaponry, high-tech reconnaissance and surveillance, drones and robotics, future combat uniforms, and cloaking technology is just super.

If you have time and interest, there is another longer video here with footage that is particularly good starting at about the 3:40 marker. 

Like Star Trek paving the way for real-life advances in technology and space exploration, Clancy's future soldier will be another example of life imitating art.  

When we marry the vision and creativity of our entertainment industry, with the technical skills of our scientists and engineers, and the risk-taking of our entrepreneurs, we can do truly awesome things. 

"No one can do everything, but everyone can do something"--we're in it together! 

We're In It Together

Cyberwar, You're On

There was significant news this week about the U.S. and Israel making major inroads with cyberwar capabilities. 

First, the New York Times today (1 June 2011) writes about alleged Bush and Obama administrations' "increasingly sophisticated [cyber] attacks on the computer systems that run Iran's main nuclear enrichment facilities"--sabotaging as many as a 1000 centrifuges, delaying their deadly program by as much as 2 years, as well as conducting cyber espionage to strengthen our negotiating hand. 

The cyber offensive program code-named Olympic Games allegedly involved cyber weapons codeveloped by the United States' National Security Agency and Israel's advanced cyber corps, Unit 8200.

The malware included such programs such as Stuxnet, Duqu, and The Flame and according to Bloomberg BusinessWeek (30 May 2012) may date as far back to 2007.

These cyber attacks have been viewed as the best hope of slowing the Iranian's sinister nuclear program while economic sanctions have a chance to bite. 

Additionally cyber attacks were viewed preferentially over using traditional kinetic military options and potentially causing a regional war in the Middle-east. 

At the same time, the use of cyber weapons is a double-edged sword--if we use it on others, this may encourage cyber proliferation and it's eventual use on us--and as the NYT writes, "no country's infrastructure is more dependent on computer systems and thus, more vulnerable to attack than the United States."

Therefore, it was good to see in The Washington Post yesterday (30 May 2012) that the Pentagon's Defense Advanced Research Projects Agency (DARPA) is pursuing Plan X--"ambitious efforts to develop technologies to improve its cyberwarfare capabilities, launch effective attacks, and withstand likely retaliation."

"If they achieve it, they're talking about being able to dominate the digital battlefield just like they do the traditional battlefield."
The "five-year $110 million research program" is seeking to accomplish three major goals in arming U.S. Cyber Command at Fort Meade for cyber war:

1) Mapping Cyberspace--create realtime mapping of the entire cyberspace and all its devices for commanders to use in identifying targets and disabling them and seeing enemy attacks. 

2) Building A Survivable O/S--Just like DARPA invented the Internet as a survivable messaging and communication system, so too, they want to develop a battle-ready operating system for our computers (like a tank) "capable of launching attacks and surviving counterattacks."

3) Develop (Semi-)Autonomous Cyber Weapons--so cyber commanders can engage in "speed-of-light attacks and counterattacks using preplanned scenarios that do not involve human operators manually typing in code."

Just to be clear, with cyber warfare, we are not just talking about computers taking out other computers--and end there, but rather this is where computers take out computers that are controlling critical infrastructure such as the power grid, transportation systems, financial systems, supply chain, command, control, and communications, weapons systems, and more.

"Cyberwar could be more humane than pulverizing [targets]...with bombs," but I doubt it will be. 

Imagine, everything you know coming to a complete halt--utter disruption and pandemonium--as well as the physical effects of that which would ensue--that's what cyber war is all about--and it is already on the way. 

So as, Richard M. George, a former NSA cyberdefense official stated: "Other countries are preparing for a cyberwar. If we're not pushing the envelope in cyber, somebody else will."

It is good to see us getting out in front of this cyber security monster--let's hope, pray, and do everything we can to stay on top as the cyberspace superpower. 

(Source Photo: Andy Blumenthal taken of mural at National Defense University, Washington D.C.)

Cyberwar, You're On

Preparing For All Hell To Break Loose--The "Doomsday Plane"

Diane Sawyer from ABC News has a great piece here on the Flying Fortress, our Airborne Command Center, for the President and a 50-member entourage including the DefSec and the Joint Chiefs, to manage the United States response and retaliation should a worst-case situation happen--such as a nuclear, chemical, or biological attack. 

The plane has been referred to as The Doomsday Plane, Flying Fortress, Airborne White House, Airborne Arc, and The E-4B Nightwatch.

Located at Offutt Air Force Base in Omaha, Nebraska, this plane is on constant high-alert and ready 24 x 7 x 365--it is airborne within 5 minutes notice!  

According to Ideas and Discovery Magazine, there are actually 4 planes--the most-technologically advanced 747s in the world.

Built based on more than $2 billion in research, these planes are the most expensive in the world, fly 40 miles per hour faster than regular 747s, can stay in the air for about 3 days straight with in-air refueling, and are shielded from thermo-nuclear radiation and electromagnetic pulses.  

The planes are protected by 60 Air Force special forces troops, have their own on-board maintenance teams, and precision technical communication specialists. 

The planes have an area for battle staff to assess the situation and draw up action plans and a technical control facility for managing surveillance and command, control, and communications to issue encrypted commands on "virtually all frequencies" through 67 satellite dishes and antennas on the roof.

They can even communicate with submarines by dropping a 5 mile rope with a transceiver into the ocean below. 

These planes stand ready to evacuate the President and his staff in the case of a national emergency.

"The commander-in-chief can then send orders to troops and personnel, communicate with allied governments, or update the American people on the situation."

While it has far less amenities than Air Force One, this high-tech doomsday plane is very cool indeed. 

What I admire the most about this plane is not even the technology per se, but the planning and risk management that go into preparation for something "really bad" happening. 

While some people think emotionally that preparing for disaster is almost tantamount to pushing for one to actually occur, really that is an emotional reaction and denial of reality anchored in fear.   

Like insurance, you hope you never need it, but are really glad you have it, when all hell breaks loose! 

Perhaps, we can all learn something for ourselves here as well, that (disaster) preparedness can be scary and expensive, but we all need to have a plan and make it a good one.

Preparing For All Hell To Break Loose--The "Doomsday Plane"

Those In The Know, Sending Some Pretty Clear Warnings

There have been a number of leaders who have stepped up to tell people the real risks we are facing as a nation. 

They are not playing politics--they have left the arena. 

And as we know, it is much easier to be rosy and optimistic--let's face it, this is what people want to hear. 

But these leaders--national heros--sacrifice themselves to provide us an unpopular message, at their own reputational risk. 

That message is that poor leadership and decision-making in the past is threatening our present and future. 

Earlier this week (15 May 2011), I blogged about a documentary called I.O.U.S.A. with David Walker, the former Comptroller General of the United States for 10 years!

Walker was the head of the Government Accountability Office (GAO)--the investigative arm of Congress itself, and has testified before them and toured the country warning of the dire fiscal situation confronting us from our proclivity to spend future generation's money today--the spiraling national deficit.

Today, I read again in Fortune (21 May 2012) an interview with another national hero, former Admiral Mike Mullen, who was chairmen of the Joint Chiefs (2007-2011).

Mullen warns bluntly of a number of "existential threats" to the United States--nukes (which he feels is more or less "under control"), cyber security, and the state of our national debt. 

Similarly, General Keith Alexander, the Director of the National Security Agency (NSA) and the head of the Pentagon's Cyber Command has warned that DoD networks are not currently defensible and that attackers could disable our networks and critical infrastructure underpinning our national security and economic stability.

To me, these are well-respected individuals who are sending some pretty clear warning signals about cyber security and our national deficit, not to cause panic, but to inspire substantial change in our national character and strategic priorities.

In I.O.U.S.A., after one talk by Walker on his national tour, the video shows that the media does not even cover the event.

We are comfortable for now and the messages coming down risk shaking us from that comfort zone--are we ready to hear what they are saying?

(Source Photo: here with attribution to Vagawi)

Those In The Know, Sending Some Pretty Clear Warnings

Cyberwar--Threat Level Severe

!
This video is of an incredible opening statement by Rep. Michael McCaul (R-TX), Subcommittee Chairman on Oversight, Investigations, and Management on the topic--Cybersecurity Threats to the United States.

Some of the highlights from his statement:

- America's computers are under attack and every American is at risk.

- The attacks are real, stealthy, persistent, and can devastate our nation.

- Cyber attacks occur at the speed of light, are global, can come from anywhere, and can penetrate our traditional defenses.

- In the event of a major cyber attack, what could we expect? Department off Defense networks collapsing, oil refinery fires, lethal clouds of gas from chemical plants, the financial systems collapsing with no idea of who owns what, pipeliness of natural gas exploding, trains and subways derailed, a nationwide blackout. This is not science fiction scenarios. (Adapted from Richard Clark, former Senior Advisor of Cyber Security)

- It is not a matter of if, but when a Cyber Pearl Harbor will occur.  We have been fortunate [so far]. (Adapted from General Keith Alexander, Director of the NSA).

I believe we must address these threats and our vulnerabilities in at least five main ways:

1) Increase research and development for new tools and techniques--both defensive and offensive--for fighting cyberwar.

2) Establish a regulatory framework with meaningful incentives and disincentives to significantly tighten cybersecurity across our critical infrastructure.

3) Create a cybersecurity corps of highly trained and experienced personnel with expertise in both the strategic and operational aspects of cybersecurity.

4) Prepare nationwide contingency plans for the fallout of a cyberwar, if and when it should occur. 

5) Create a clear policy for preventing cyberattacks by taking preemptive action when their is a known threat as well as for responding with devastating force when attacks do occur. 

With cyberwar, just as in conventional war, there is no way to guarantee we will not be attacked, but we must prepare with the same commitment and zeal--because the consequences can be just, if not more, deadly.

Cyberwar--Threat Level Severe

Robot Firefighters To The Rescue

Meet Octavia, a new firefighting robot from the Navy's Laboratory for Autonomous Systems Research (LASR) in Washington, D.C.

Octavia and her brother Lucas are the the latest in firefighting technology. 

These robots can hear commands, see through infrared cameras, identify patterns, and algorithmically make decisions on diverse information sets.

While the current prototypes move around like a Segway, future versions will be able to climb ladders and get around naval vessels.
It is pretty cool seeing this robot spray flame retardant to douse the fire, and you can imagine similar type robots shooting guns on the front line at our enemies.

Robots are going to play an increasingly important role in all sorts of jobs, and not only the repetitive ones where we put automatons, but also the dangerous situations (like the bomb disposal robots), where robots can get out in front and safeguard human lives.

While the technology is still not there yet--and the robot seems to need quite a bit of instruction and hand waving--you can still get a decent glimpse of what is to come.

Robots with artificial intelligence and natural language processing will be putting out those fires all by themselves...and then some. 

Imagine a robot revolution is coming, and what we now call mobile computing is going to take on a whole new meaning with robots on the go--autonomously capturing data, processing it, and acting on it.

I never did see an iPhone or iPad put out a fire, but Octavia and brother Lucas will--and in the not too distant future!

Robot Firefighters To The Rescue

Which Big Brother

About a decade ago, after the events of 9/11, there was a program called Total Information Awareness (TIA) run out the Defense Advanced Research Projects Agency (DARPA).

The intent was develop and use technology to capture data (lots of it), decipher it, link it, mine it, and present and use it effectively to protect us from terrorists and other national security threats. 

Due to concerns about privacy--i.e. people's fear of "Big Brother"--the program was officially moth-balled, but the projects went forward under other names.  

This month Wired (April 2012) reports that the National Security Agency (NSA) has almost achieved the TIA dream--"a massive surveillance center" capable of analyzing yottabytes (10 to the 24th bytes) of data that is being completed in the Utah desert. 

According to the article, the new $2 billion Utah Data (Spy) Center is being built by 10,000 construction workers and is expected to be operational in a little over a year (September 2013), and will capture phone calls, emails, and web posts and process them by a "supercomputer of almost unimaginable speed to look for patterns and unscramble codes."

While DOD is most interested in "deepnet"--"data beyond the reach of the public" such as password protected data, governmental communications, and other "high value" information, the article goes on to describe "electronic monitoring rooms in major US telecom facilities" to collect information at the switch level, monitor phone calls, and conduct deep packet inspection of Internet traffic using systems (like Narus).

Despite accusations of massive domestic surveillance at this center, Fox News (28 March 2012) this week reported that those allegations have been dismissed by NSA. The NSA Director himself, General Keith Alexander provided such assurances at congressional hearings the prior week that the center was not for domestic surveillance purposes, but rather "to protect the nation's cyber security," a topic that he is deeply passionate about. 

Certainly new technologies (especially potentially invasive ones) can be scary from the perspective of civil liberties and privacy concerns.

However, with the terrorists agenda very clear, there is no alternative, but to use all legitimate innovation and technology to our advantage when it comes to national security--to understand our enemies, their networks, their methods, their plans, to stop them, and take them down before they do us harm.

While, it is true that the same technologies that can be used against our enemies, can also be turned against us, we must through protective laws and ample layers of oversight ensure that this doesn't happen. 

Adequate checks and balances in government are essential to ensure that "bad apples" don't take root and potentially abuse the system, even if that is the exception and not the rule. 

There is a difference between the big brother who is there to defend his siblings from the schoolyard bully or pulls his wounded brother in arms off the battlefield, and the one who takes advantage of them.

Not every big brother is the Big Brother from George Orwell's "1984" totalitarian state, but if someone is abusing the system, we need to hold them accountable. 

Protecting national security and civil liberties is a dual responsibility that we cannot wish away, but which we must deal with with common sense and vigilance.  

(Source Photo: here)

Which Big Brother

Taking Down The Internet--Not A Pipe Dream Anymore

We have been taught that the Internet, developed by the Department of Defense Advanced Research Projects Agency (DARPA), was designed to survive as a communications mechanism even in nuclear war--that was its purpose.

Last year, I learned about studies at the University of Minnesota that demonstrated how an attack with just 250,000 botnets could shut down the Internet in only 20 minutes. 

Again last month, New Scientist (11 February 2012) reported: "a new cyberweapon could take down the entire Internet--and there is not much that current defences can do to stop it."

Imagine what your life would be like without Internet connectivity for a day, a week, or how about months to reconstitute!

This attack is called ZMW (after its three creators Zhang, Mao, and Wang) and involves disrupting routers by breaking and reforming links, which would cause them to send out border gateway protocol (BGP) updates to reroute Internet traffic.  After 20 minutes, the extreme load brings the routing capabilities of the Internet down--" the Internet would be so full of holes that communication would become impossible."  

Moreover, an attacking nation could preserve their internal network, by proverbially pulling up their "digital drawbridge" and disconnecting from the Internet, so while everyone else is taken down, they as a nation continue unharmed. 

While The Cybersecurity Act of 2012, which encourages companies and government to share information (i.e. cybersecurity exchanges) and requires that critical infrastructure meet standards set by The Department of Homeland Security and industry are steps in the right direction, I would like to see the new bills go even further with a significant infusion of new resources to securing the Internet.  

An article in Bloomberg Businessweek (12-18 March 2012) states that organizations "would need to increase their cybersecurity almost nine times over...to achieve security that could repel [even] 95% of attacks."

Aside from pure money to invest in new cybersecurity tools and infrastructure, we need to invest in a new cyberwarrior with competitions, scholarships, and schools dedicated to advancing our people capabilities to be the best in the world to fight the cyber fight. We have special schools with highly selective and competitive requirements to become special forces like the Navy SEALS or to work on Wall Street trading securities and doing IPOs--we need the equivalent or better--for the cyberwarrior.

Time is of the essence to get these cyber capabilities to where they should be, must be--and we need to act now. 

(Source Photo of partial Internet in 2005: here, with attribution to Dodek)

Taking Down The Internet--Not A Pipe Dream Anymore

Cyber War - The Art of The Doable

CBS 60 Minutes had a great episode this past June called Cyber War: Sabotaging The System.

The host Steve Kroft lays the groundwork when he describes information or cyber warfare as computers and the Internet that is used as weapons and says that "the next big war is less likely to begin with a bang than with a blackout."

This news segment was hosted with amazing folks like Retired Admiral Mike McConnell (former Director of National Intelligence), Special Agent Sean Henry (Assistant Director of the FBI's Cyber Division), Jim Gosler (Founding Director of CIA's Clandestine Information Technology Office), and Jim Lewis (Director, Center for Strategic and International Studies).  

For those who think that cyber war is a virtual fantasy and that we are safe in cyberspace, it's high time that we think again.  

Here are some highlights:

- When Retired Admiral McConnel is asked "Do you believe our adversaries have the capability of bringing down a power grid?"  McConnell responds "I do." And when asked if the U.S. is prepared for such an attack, McConnell responds, "No."

- Jim Gosler describes how microchips made abroad are susceptible to tampering and could "alter the functionality" of let's say a nuclear weapon that needed to go operational, as well as how they "found microelectronics and electronics embedded in applications that shouldn't be there." 

- Special Agent Henry talks about how thieves were able to steal more than a $100 million from banks in less than half a year, not by holdups but through hacking. 

- Jim Lewis tells of the "electronic Pearl Harbor" that happened to us back in 2007, when terabytes of information were downloaded/stolen from our major government agencies--"so we probably lost the equivalent of a Library of Congress worth of government information" that year and "we don't know who it is" who broke in.  

The point is that our computers and communications and all the critical infrastructure that they support--including our defense, energy, water, transportation, banking, and more are all vulnerable to potentially lengthy disruption.

What seems most difficult for people to grasp is that the bits of bytes of cyberspace are not just ephemeral things, but that thy have real impact to our physical universe.   

Jim Lewis says that "it doesn't seem to be sinking in. And some of us call it 'the death of a thousand cuts.' Every day a little bit more of our intellectual property, our innovative skills, our military technology is stolen by somebody. And it's like little drops.  Eventually we'll drown. But every day we don't notice."

Our computer systems are vulnerable and they control virtually all facets of lives, and if the enemy strikes at our cyber heart, it is going to hurt more than most of us realize.  

We are taking steps with cyber security, but we need to quickly shift from a reactive stance (watching and warning) to a proactive posture (of prevention and protection) and make cyber warfare a true national priority.

Cyber War - The Art of The Doable

Underwear, It Can Go Either Way

While the title of this blog may be humorous, the subject matter is not.
Not since Superman has humankind been so intent on creating the perfect shielded clothing.
In superman's case, his bold blue and red outfit was lined with lead to protect him from the deadly radioactive Kryptonite, which came to earth in a meteorite from his exploded planet Krypton.
Today, the U.S. armed forces are creating their own ever superior protective suits for its warfighters.
In recent times, with the threats of improvised explosive devices in the wars overseas, the U.S. is seeking to enhance the protective armor of its underwear.
In fact, according to Bloomberg Businessweek, "In 2010, 259 service members in war zones were injured in the genital area."
The military's answer is a new protective bomb-resistant brief for men and women--sometimes called ballistic briefs or shrapnel shorts.
The bomb-resistant briefs being tested traditionally were made from materials such as Dupont's Kevlar, however, the Department of Defense is finding that tightly-woven silk is much more comfortable.
Due to the Berry Amendment of 1941 that requires the military to purchase food and uniforms from domestically produced material, the military is looking for a waiver in order to get the needed silk from Asia.
Interestingly enough, unlike the Underwear Bomber who tried to use his underpants as a hiding place for explosives in 2009 to blow up a Northwest Airlines flight, the ballistic briefs are intended to protect people from explosive devices.
The ballistic briefs are serious business--according to Bloomberg, the Army intends to buy 750,000 pairs and 250,000 cup protectors over the next 5 years.
The stopping power of the new protective underpants would even make Superman jealous, although the DoD version doesn't come in bright colored red.
(Source Photo: here)

Underwear, It Can Go Either Way

A Race To The Future

This last week, we learned of the new defense policy that shifts the U.S. from a full two war capability to a "win-spoil" plan, where we have the ability to fight one war, but still disrupt the military aspirations of another adversary elsewhere.
While we would all like to have unconstrained capabilities for both "guns and butter", budget realities do not permit limitless spending on anything or anytime.
The Wall Street Journal (7-8 January 2012) had an interesting editorial that cautioned against reduced military spending and latched on specifically to focusing too much on the Asia-Pacific region and somehow neglecting other danger spots around the globe.
Basically, the author says it is dangerous for us to put all our proverbial eggs in one basket. As he writes, this single-focus approach or "strategic monism" is predicated on our ability to accurately predict where the trouble spots will be and what defensive and offensive capabilities we will need to counter them.
In contrast, the author promotes an approach that is more multifaceted and based on "strategic pluralism," where we prepare ourselves for any number of different threat scenarios, with a broad array of capabilities to handle whatever may come.
What is compelling about this argument is that generally we are not very good at forecasting the future, and the author points out that "the U.S. has suffered a significant surprise once a decade since 1940" including Pearl Harbor (1941), North Korea's invasion of the South (1950), the Soviet testing of the Hydrogen bomb (1953), the Soviet resupply of Egypt in the Yom Kippur War (1973), the Iranian Shah's fall from power (1979), the Soviet Union collapse (1991), and the terrorist attacks of 9-11 (2001).
Similarly, Fortune Magazine (16 January 2012) calls out "the dangers inherent in...long-term forecasting" and points how almost comically "the 1899 U.S. patent chief declares that anything that can be invented has been."
The Fortune article goes on to say that a number of the experts interviewed for their Guide To The Future issue stated that "cyberterrorism, resource shortages, and political instability around the world are all inevitable."
In short, the potential for any number of catastrophes is no more relevant now in the 21st century, than at any other time in history, despite all our technological advances and maybe because of it.
In fact, Bloomberg Businessweek (19-25 December 2012) actually rates on a scale of low to high various threats, many of which are a direct result of our technology advancement and the possibility that we are not able to control these. From low to high risk--there is climate change, synthetic biology, nuclear apocalypse, nanotechnology weaponry, the unknown, and machine super intelligence. Note, the second highest risk is "unknown risks," since they consider "the biggest threat may yet be unknown."
So while risks abound and we acknowledge that we cannot predict them all or forecast their probability or impact accurately, we need to be very well prepared for all eventualities.
But unfortunately, being prepared, maintaining lots of options, and overall strategic pluralism does not come cheaply.
In fact, when faced with weapons of mass destruction, threats to our homeland, and human rights abuses is there any amount of money that is really enough to prepare, protect, and defend?
There is no choice but to take the threats--both known and unknown seriously--and to devote substantial resources across all platforms to countering these. We cannot afford to be caught off-guard or prepared to fight the wrong fight.
Our adversaries and potential adversaries are not standing still--in fact, they are gaining momentum, so how much can we afford to recoil?
We are caught between the sins of the past in terms of a sizable and threatening national deficit and an unpredictable future with no shortage of dangers.
While everyone has their pet projects, we've got to stop fighting each other (I believe they call this pork barrel politics) and start pulling for the greater good or else we all risk ending up on the spit ourselves.
There is no option but to press firmly on the accelerator of scientific and technological advancement and break the deficit bounds that are strangling us and leap far ahead of those who would do us harm.
(All opinions my own)
(Source Photo: here)

A Race To The Future