Few people would dispute that the United States is in the cross-hairs when it comes to cyber attacks. After all, the U.S. is the country that is the most dependent on the Internet as a component of our critical infrastructure.
Cyber attacks on our critical infrastructure have evolved over the years and pose a substantial threat that should concern everyone. Keep reading →
Just recently, nCircle conducted a survey of 181 IT security professionals at Blackhat’s annual conference.
That survey found that 36 percent of those surveyed admitted to returning cyber fire. That is out-right retaliatory hacking! But that should not be a surprise to anyone involved in this area. Keep reading →
We have entered a new age of modern conflict. This new age is different from those we have experienced in the past and perhaps even more challenging. The military has dubbed cyber as the 5th domain and have embarked on establishing the capabilities for offensive, defensive and intelligence collection and analysis in this domain.
However, many are attempting to address this threat as they did traditional forms of conflict. Some have gone as far as to compare what has been called a cyber arms race to the cold war. Recent conversations and witnessed actions are cause for concern. Keep reading →
Intelligence organizations are racing to collect cyber intelligence in efforts to identify and monitor the development, use and sale of offensive cyber capabilities by individual actors, criminal organizations, terrorist groups and nation states. This is a formidable undertaking to say the least. Consider the facilities and infrastructure needed to make a tank. Now think about the facilities and infrastructure needed to make a cyber weapon. All you need is ambition coupled with a laptop, Internet connection, programming skills, a search engine for research and maybe a couple of books – all of which are openly available. Add to that the hacker underground and black-market for malicious code and sale of newly discovered vulnerabilities and you have everything needed for the development and sale of cyber weapons. Keep reading →
Cyber investigators looking at the Stuxnet code determined that on June 24th the sophisticated cyber weapon would stop operating and remove itself from the systems it had infiltrated.
This function was identified long ago and cyber researchers have patiently waited to see what if any implications this will have on the tens of thousands of computers in more than 155 countries the sophisticated cyber weapon had infected. By all accounts this is a self-destruction, an unusual function not often seen embedded within malicious code. The inclusion of this function is a strong indicator that those behind this cyber attack did not believe that Iran would discover the malicious code. Keep reading →
You can tell when a market is heating up by the projections of analysts and forecasts by market report writers. That is certainly the case when it comes to the cyber security market. Some research suggests that the 2012 global market for cybersecurity products and services ranges between a pessimistic view of about $55 billion USD and an optimistic view of nearly $70 billion USD with an average annual increase of $5 billion USD. With 26 million new strains of malware identified in 2011 it is easy to justify this level of security product and service sales. Keep reading →
The big news reverberating through cybersecurity circles last week, reported by the New York Times, that the U.S. was behind the Stuxnet cyber attack on Iranian nuclear enrichments back in 2010 has set off a new firestorm of concern about the likelihood of retaliation.
The news report was based on information provided by “unnamed participants in the program.” In the article it states that the information in the piece was called an “account of the American and Israeli effort to undermine the Iranian nuclear program is based on interviews over the past 18 months with current and former American, European and Israeli officials involved in the program, as well as a range of outside experts.” Keep reading →
In a move that suggests the incendiary impact of malicious software, Iran has now publicly threatened the United States over the Flame malware incident that has gained worldwide attention in recent days.
Flame has been dubbed the “utlimate spy” and for good reason. Iran was the country hit the hardest by the state-of-the-art piece of malware. Keep reading →
In recent years, Joint Special Operations Forces (JSOF) around the world have experienced a fair amount of growth. This growth has resulted in a rapid increase in their ranks, a boost in their budgets and an expansion of the scope of their missions.
This growth was further accelerated by the widely publicized Special Operations Forces that were used in the killing of Osama bin Laden. In a press conference from the Pentagon President Obama with Defense Secretary Leon Panetta articulated their vision of the future military.
The new vision states that “we will continue to build and sustain tailored capabilities appropriate for counter terrorism and irregular warfare.” That vision, which was reinforced in a blog post by Army Gen. Martin E. Dempsey, chairman of the Joint Chiefs of Staff, means growth for JSOF, but does that mean growth into cyber?
Secretary of Defense Panetta made it clear that the Defense Department must invest more in cyber capabilities saying, “Modern armed forces cannot conduct high-tempo, effective operations without reliable information and communication networks and assured access to cyberspace.”
While he did not mention offensive cyber capabilities you can be sure that is a critical capability that will see additional investment.
What if cyber becomes an increased focus and capability of our JSOFs?
As a general principal, our military must protect critical cyber assets while attacking the enemy’s cyber capabilities. Integrating cyber with JSOFs makes allot of sense and will only increase the weaponry and ultimately the value they provide.
Full integration of cyberspace operations into the traditional air-land-sea battle space is not an option! The covert missions carried out by JSOF are among the riskiest and are of the greatest value in the pursuit of national security.
A Joint Special Cyber Operations capability is not an option. Rather, it is a necessity in the highly contested domain of cyber space.
The European Network and Information Security Agency (ENISA) just released a new study this month that looks at protecting the security of industrial control (or SCADA) systems (ICS).
The study recognizes that industrial control systems are truly a strategic asset and must be protected against the rising potential of cyber terrorist attacks with Keep reading →