critical infrastructure

We’ve heard national security leaders at the highest levels say it repeatedly: we are not prepared for cyber war.

Gen. Keith Alexander, director of the National Security Agency and commander of U.S. Cyber Command, made it clear when he rated America’s readiness for addressing a catastrophic cyber attack “three on a scale of ten.” Homeland Security Secretary Janet Napolitano has discussed the imminent threats of a breach that “shuts down part of the nation’s infrastructure in such a fashion that it results in a loss of life.” And Secretary of Defense Leon Panetta has often been quoted saying that a large-scale attack on our critical infrastructure could wreak havoc on a scale “equivalent to Pearl Harbor.” Keep reading →

Warning after warning has been given by military officials, intelligence agencies and private sector cybersecurity aspects about the growing national security threats emanating from cyber space.

Most recently, U.S. Secretary of Defense Leon Panetta delivered what has been referred to as the first major policy speech on cyber security by a defense secretary. His speech, delivered in New York last week, has been called a call to (cyber) arms, declaring that the United States was facing the possibility of a “cyber-Pearl Harbor.” Keep reading →


On the heels of a well publicized distributed denial of service (DDoS) attack on U.S. financial institutions came a warning about another coordinated and planned cyber attack against this critical infrastructure sector.

Cyber intelligence uncovered a fairly large, coordinated cyber attack that is said to use fraudulent wire transfers as the means of attack. This cybersecurity attack is said to leverage session hijacking in a man-in-the-middle cyber attack.

Man-in-the-middle cyber attack is defined as a compromise where the attacker is able to insert themselves between its target and the system or service in which the target is trying to access or use. An attacker accomplishes this by impersonating the system or service that the target is attempting to connect with by falsely rerouting the traffic to and from the service or by hijacking session data.

This attack is known to be initiated by spam and phishing emails, keystroke loggers as well as Trojans with remote access. A high attack concentration has been seen in the small and medium sized organizations and the transfer amounts have ranged from $400,000 to $900,000.

Multiple cyber intelligence sources have warned that an estimated 30 U.S. based financial services institutions may be the targets of an organized cyber criminal gang that is said to be the entity behind this attack.

Just recently the FBI issued a warning about this threat. Their warning stated that the criminals behind this cyber attack were using multiple techniques to obtain customer log-in credentials. Once the criminals have these credentials, they initiate international wire transfers.

For additional information you should monitor the FBI, in association with the Financial Services Information Sharing and Analysis Center (FS-ISAC) and the Internet Crime Complaint Center (IC3).

Kevin G. Coleman is a long-time security technology executive and former Chief Strategist at Netscape. He is Senior Fellow with the Technolytics Institute weekly blog for Breaking Gov on the topic of cyber intelligence. Keep reading →

Commercial industry needs to step up and share more information about cyber attacks on its networks with Federal agencies responsible for cyber defense government officials said at a cybersecurity event in Washington this week.

Cyber attacks are showing increasing sophistication across the board – from basement hackers to foreign intelligence agencies, said Sean Kanuck, national intelligence officer for the National Intelligence Council during a daylong INSA Cyber Innovation Symposium Sept. 26. Keep reading →

A top National Security Agency executive argued today that if the nation is to defend against escalating cyber threats, it will be increasingly important for individuals, corporations and institutions, including government, to be held more accountable for their contributions to, and their actions within, cyber space.

At the same time, there are limits to what actions private enterprises can take in protecting their networks, said NSA Deputy Director Chris Inglis, speaking at an Intelligence and National Security Alliance forum in Washington. Keep reading →

For several days, Bank of America’s systems had problems. The problems – primarily denial of service disruptions – hit their web site and reportedly their mobile banking services.

For BofA, the nation’s largest bank based on assets, this was not the first issue or attack they experienced in the past year. Nor in fact, was BofA the only U.S. financial institution that has been experiencing what appears to be a series of directed cyber attacks. JPMorgan Chase and Citigroup also are reported to have been struck by similar related aggressive cyber activities, beginning last year. Keep reading →

Recently I was with a CISO of a multi-billion dollar critical infrastructure provider in the private sector.

We were conducting a security scan and compiling a list of issues and areas that needed to be addressed as part of his overall security program. While at one of the facilities he received a notification that he shared with me. The message was that they had traced back the source of a breach that had occurred a few months back. Keep reading →

For weeks now rumors have been circulating about the White House working to draft an executive order, which will put in place cybersecurity measures to protect the critical infrastructure of the United States.

A glimpse of the draft’s intent was released in news reports in recent days, including a Washington Post report, which among other points, noted that the plans called for voluntary standards. Keep reading →

Ever consider the massive amount of intelligence that the United States collects and uses in the defense of the country and our allies? It is surely massive given the scope of our collection effort.

Many people do not realize that the U.S. intelligence community is comprised of 16 separate agencies, not including the Office of the Director of National Intelligence which is responsible for leading intelligence integration. These agencies are tasked with foreign and domestic intelligence collection, analysis support of military planning, and in some cases performing acts of espionage:

  1. Central Intelligence Agency (CIA)
  2. Air Force Intelligence, Surveillance and Reconnaissance Agency (AFISRA)
  3. Army Intelligence and Security Command (INSCOM)
  4. Defense Intelligence Agency (DIA)
  5. Marine Corps Intelligence Activity (MCIA)
  6. National Geospatial-Intelligence Agency (NGA)
  7. National Reconnaissance Office (NRO)
  8. National Security Agency (NSA)
  9. Office of Naval Intelligence (ONI)
  10. Office of Intelligence and Counterintelligence (OICI)
  11. Office of Intelligence and Analysis (I&A)
  12. Coast Guard Intelligence (CGI)
  13. Federal Bureau of Investigation (FBI)
  14. Office of National Security Intelligence (DEA/ONSI)
  15. Bureau of Intelligence and Research (INR)
  16. Dept of Treasury’s Office of Terrorism and Financial Intelligence (TFI)

Source: Wikipedia

Now we have to add U.S. Cyber Command to that list.

In addition, we have to add all the private sector organizations that have established their own security intelligence and cyber intelligence gathering and analysis capabilities as well as those in industry protecting against cybersecurity threats as well.

Oh – we should not forget the state and local law enforcement intelligence units that exist around the country.

Now let’s add the black-ops (clandestine) intelligence community members.

Add them all up and that paints a reasonable picture of the intelligence coverage we have in place. It sounds like allot, but given the number of kinetic and non-kinetic threat we face, it’s not!

One has to wonder how much more effective our intelligence efforts could be if regulations requiring separation did not exist and a collaborative/sharing environment along with the systems required for collaborative support were in place.

While those regulations were probably put in place for good reason when they were enacted, times have changed. Maybe it is time to revisit the restrictions.

Kevin G. Coleman is a long-time security technology executive and former Chief Strategist at Netscape. He is Senior Fellow with the Technolytics Institute where he provides consulting services on strategic technology and security issues. He writes a weekly blog for Breaking Gov on the topic of cyber intelligence.


As we approach the 2012 presidential election, concerns are being raised about the likelihood of cyber attacks leading up to and during that event. There are many individuals, groups and rogue nation states that would like nothing better than to disrupt this year’s election.

Several months ago, a video was posted by those claiming to be from the well know hacktivist group Anonymous that alluded to plans for launching cyber initiatives that target the 2012 presidential election. Keep reading →

Page 1 of 3123