Tag Archives: cyber warfare

Hi all!

A great many computer security events occur around the world all the time, but the RSA Conference is one of the most important of all of them. What exactly it’s all about here I’ll not go into; instead I’ll just share with you some pics from the gig. The photos were taken the day before it started while the stands were still being set up, so though all the installations aren’t ready, at least you can see the near-completed scene without throngs of visitors getting in the way…

Stylish stands

More: Jam of resurrection Joes…

On Tuesday, President Obama issued a long awaited Executive Order on cyber security intended to expand and deliver more robust information sharing between government and the private sector.  The Executive Order also requires the development of a voluntary cyber framework and standards to improve protection of the U.S. critical infrastructure.  The Executive Order rightly focuses on a risk-based approach.  Resources are limited and prioritization to secure those areas most at risk is smart policy.  The sophistication of threats and targeted attacks on key economic sectors around the world stresses the urgency that action be taken to better secure critical infrastructure.  This effort by President Obama is a positive step to address a real gap in the protection of critical assets necessary to the well being of the United States.

The risk to critical infrastructures is real, and an international challenge that must be addressed by governments and the private sector together.  As we see more threats to the national and economic security of countries, action must be taken to better protect those critical national infrastructures.  Attacks like Stuxnet, Flame, Gauss and Shamoon are becoming commonplace and keep growing in sophistication.

I believe this executive order is a move in the right direction as it seeks to increase digital defenses of critical infrastructure, and tries to facilitate the exchange of threat information between the government and private sector.  Better cooperation between governments around the world and their private sectors to improve sharing of timely and relevant cyber threat information is essential. Likewise, operators of the critical infrastructures must work to implement flexible performance based standards to secure their assets.

We are at a critical juncture on cyber security protection, and leadership in the U.S. and around the world is essential.  We hope that other nations and unions will follow this example and take steps to better protect their national critical infrastructures.

We’re ready to support and assist in national and international cyber defense efforts with our research, technologies and people.

Hi all!

Today I’d like to talk about the future. About a not-so-glamorous future of mass cyber-attacks on things like nuclear power stations, energy supply and transportation control facilities, financial and telecommunications systems, and all the other installations deemed “critically important”. Or you could think back to Die Hard 4 – where an attack on infrastructure plunged pretty much the whole country into chaos.

Alas, John McClane isn’t around to solve the problem of vulnerable industrial systems, and even if he were – his usual methods of choice wouldn’t work. So it comes down to KL to save the world, naturally! We’re developing a secure operating system for protecting key information systems (industrial control systems (ICS)) used in industry/infrastructure. Quite a few rumors about this project have appeared already on the Internet, so I guess it’s time to lift the curtain (a little) on our secret project and let you know (a bit) about what’s really going on.

But first – a little bit of background about vulnerable industrial systems, and why the world really needs this new and completely different approach of ours.

More: The defenselessness of industrial systems …

Prologue

The history of social networks is pretty much like Star Wars. Really! Social networks started out obscure and mysterious, with folks saying, “There’s this new type of site, with enormous capabilities and hidden business opportunities, which no one can estimate at present, but in the future will truly make all people truly connected, free and equal!” It’s pure Eastern-spirituality-influenced George Lucas – about “bringing balance to the Force.” And so it came to pass – social networks became a perfect communication ground for all – ordinary folks, companies, and the media.

Of course, with such a boring script you’re hardly going to get a blockbuster movie :-). Let’s face it, you can’t have folks living happily ever after (and all with equal rights, opportunities, etc., etc.) at the start of a film, can you?! The story needs an insidious infernal plan pursued by dark forces to arise. And – voila! – that’s what we got. Social networks became the medium of choice for games played by the world’s intelligence services and manipulation of public opinion – about which I’ve written and talked plenty before.

So, Star Wars: A New Hope has finished. The next chapter has begun:

The Empire Strikes Back

“Forming public opinion” via social networks has for several years already been practiced rather successfully by governments of many countries, no matter their political traditions or leanings. With so much open and free (no cost) information on the surface – no digging necessary – folks themselves tell all about their news, interesting information, whereabouts, lists of colleagues, friends and professional contacts. And the bizarre thing is that anyone who can access that data – private individuals, companies, criminals, members of a cross-stich embroidery group… (you get the point). The data lies about on the surface and people continue (despite warnings) to put more and more such data on the Internet. But with the many APIs crisscrossing social networks acting as mutagens that speed up the evolution, information uploaded one day on just one network is the next day forever (literally: eternally) indexed in search engines.

At the same time the intelligence services have happily joined social networks – becoming “users” themselves – but with their own agenda, naturally. For ordinary folks social networks are mostly a source of reading matter; for companies they’re a source of – or tool for – sales and marketing; but for intelligence services social networks represent a vital means for protecting state interests, and can also be used as weapons against potential opponents.

More: The vicious circle and Return of the Jedi …

I recently found myself wondering how many interviews with the press I do every month. Of course the totals fairly helter skelter between months, but in the busier periods the number can get anywhere up to 70! And that’s only spoken interviews, i.e., those done in person or over the phone. If I were to also include e-mail interviews – the number would be just silly.

But I don’t complain. In fact just the opposite – I love interviews! Which reminds me of Richard Branson and his simple rule about interviews: “If CNN rings me up and wants to do an interview with me, I’ll drop everything to do it.” I also follow this rule – to the letter – and not without good reason.

Most interviews are what you’d expect. I get asked lots of questions, I answer them as best I can, and that’s about it.

But in a very few rare instances I get interviewed by a really well read-up journalist, meticulous to the point of hair-splitting, who not only knows all about me and KL and what we do, but also all about the particular narrow topic the interview’s about. By the end of the allotted hour I’m exhausted, the mind’s pretty much frazzled, and I feel like my very soul’s been extracted together with my long-winded answers to the sophisticated questions.

These are the trickiest and most trying kinds of interviews, but also the most useful. Why? Because during such intense sessions the gray matter inside the skull shifts up a gear or three and really gets to work, thinking in new ways and approaching familiar topics from fresh standpoints – to such an extent that after the end of the interview the momentum keeps the ideas coming, leading to all sorts of new insights. All really quite fascinating how creative cognition comes about. And all kicked-off by super-sharp reporters doing their job masterfully. Respect due. And a thank you!

Curiously, what unites such “special” interviews with regular ones is an inevitable question about the most pressing IT Security issues today – something like: “What keeps you up at night (in terms of IT Security hazards)?”! And I don’t get asked this all the time just by journalists in interviews. The question pops up at practically every IT conference I speak at.

And so: as promised earlier, here I’m presenting my List of the Five Main Issues Facing IT Security, in the broad sense of the term.

I should say straight away that I don’t have prescriptions for solving all five issues. The aim of this post is more to identify the problems, let you start to muse on them, and hopefully draw you into the fold of their ongoing discussion by raising your interest, empathy and/or sympathy!

Right, here’s my list:

1. Privacy
2. Internet Passports
3. Social Networks
4. Cybercrime
5. Cyberwarfare

More: getting into details …

I’ll never forget Oktoberfest 2010 for as long as I live. Yes, I like beer, especially the German stuff, and especially at Oktoberfest. But I don’t even remember the beer, and that’s not because I had too much of it :) It was at that time we received the first news of a very unpleasant trend, which I had feared for a number of years. That’s right, it was the first time Stuxnet reared its ugly head – the first malware created with state backing and designed to fulfill a specific military mission. This is exactly what we had talked about at our Oktoberfest press conference: “Welcome to the age of cyber warfare!” It was already obvious then that Stuxnet was just the beginning.

Indeed, little has changed since that September right up to the present day. Everybody had a pretty good idea where Stuxnet came from and who was behind it, although not a single state took responsibility; in fact, they distanced themselves from authorship as much as possible. The “breakthrough” came at the end of May when we discovered new malware which also left little doubt as to its military origins and aims.

Yes, I’m talking about Flame.

More: How can malware stop me from eating a fresh croissant in the morning? …

Top o’ the day to ye!

It’s fair to say I’m a bit of an IT-paranoiac, and most of you will know by now I’m not one to hold my tongue about my fears of possible future Internet catastrophes, or the greed and degeneracy of cyber-wretches – plus the massive size of the threat they represent – and so on.

Because of this tendency for speaking openly and plainly I constantly get accused of purposefully frightening everyone (and in my own self-interest). But I don’t mind, even though it’s nonsense. So I’ll keep on calling a spade a spade – telling people what I think is right – regardless!

The evolution of cyber-Armageddon is moving in the predicted trajectory (proof it’s not just a matter of my frightening folk just for the sake of it); this is the bad news. The good news is that the big-wigs have at last begun to understand – to the extent that often in discussions on this topic are heard my horror stories of old practically word-for-word. Looks like the Cassandra metaphor I’ve been battling for more than a decade is losing its mojo – people are listening to the warnings, not dismissing and/or disbelieving them.

More: Five main problems for IT security …

A big hello from Munich!

More news, and this time I’d call it ‘The big Euro freeze’.

Europe is slowly icing over as a result of Siberian freezing weather blasting across the continent. Eastern Europe (Romania and Bulgaria) has been buried under meters of snow, the cold in Germany is bitter; in France it’s biting; England has also had its fair share and has cancelled a number of flights. I can only guess what is happening in Scandinavia and Poland. In Munich today it’s -9C, and it’s supposed to get down to -19C tonight, but the Bavarians are undaunted!

The photos are not mine, seeing as how I was at the Munich Security Conference all day. I’m a newbie here – I’ve never been involved at this level before (well, if you discount the London Conference on Cyberspace and Davos), but everything seemed to go well! I was on the roundtable, a few meetings and interviews. Here is my observations of the proceedings.

Read more: Big geopolitical players talk cyber security

Costin Raiu, one of our top generals in the war against malware, recently published an interesting post on the ten most significant events in the security field in 2011. I liked it; and the idea of a top-ten; so much so I decided to come up with my own. It mostly matches Costin’s report, but somehow this is a slightly different view. It’s not just regarding the past year – it’s a little broader: tendencies in the security market and about security in general. An “unofficial”, non-hoity-toity view of the important stuff – both that’s with us now, or that will be soon…

And so here’s my top-ten:

1. Hacktivism
2. Militarization of the Internet and Cyber Weapons
3. Social Networks and Politics
4. The Duqu Cyber-Bomb
5. Widely Publicized Hacks and Industrial Espionage
6. Certification Authorities: the Beginning of the End
7. Cybercrime: as Romantic as Sewage
8. Android Malware
9. Mac Malware
10. Intel Taking Over McAfee – Intel-ligent Move or Epic McFail?

Read More: And now in detail…

What is the difference between a nuclear missile and malware?

It’s not a trick question – malware can seize control of a missile, but a missile can’t be used to destroy malware. With the right tools a missile can be diverted by malware, but no amount of firepower can divert rogue software once it is active.

Unlike traditional weaponry, malware can replicate itself ad infinitum. And while a missile can often be controlled in some way, malware tends to attack indiscriminately: nobody knows who it will harm, which corners it will worm its way into. On the inscrutable trajectories of the web, as soon as some black hat launches a malicious program to make some quick cash anything can happen. It’s impossible to calculate what effect it will have, what might be affected by accident and how it could even boomerang back to harm its creators. People tend to make mistakes in everything they do – and writing code, malicious or otherwise, is no exception. There are numerous examples of this kind of “collateral damage” – read my previous post about the fortunes of the Internet .

At least we are now seeing some joint efforts to combat cybercriminals.

The security industry is tightening the screws on them, and the big boys like Microsoft are getting involved. Other different non-commercial and intergovernmental organizations are joining in as well. Governments are beginning to understand that the Internet can be a highway to hell, and are waking up to the need to do something about it. So we are seeing some progress.

However, I’m more concerned about another side of Internet security. The tricks of a cybercriminal will seem trifling compared to a large-scale cyberwar on the web. Yes, you read it correctly – a web cyberwar! This is where things start getting much more complicated and murky.

These are the facts.

More > The military is gradually turning the Internet into one big minefield