Mar 08 2010

Nuke hack attack puts military on high alert

Category: CybercrimeDISC @ 2:56 pm

Chinese, North Koreans suspects in security breach
By Mike Maloof

WASHINGTON, D.C. – A message that North Korea had conducted a nuclear attack on the Japanese island of Okinawa turned out to be false, but the fact it was delivered via U.S. military communications has prompted a high alert, according to U.S. officials who asked to remain anonymous.

U.S. military channels were hacked either by the Chinese or North Koreans, the source said. Access to such communications – even unclassified military systems – suggests a serious breach of technology security.

A Pentagon spokesman declined comment.

A purportedly “U/FOUO” or “Unclassified but For Official Use Only” message claimed to have been put out Saturday by the Office of National Intelligence and prepared by the Defense Intelligence Agency. It said:

“Today, March 06, 2010 at 11.46 AM local time (UTC/GMT -5 hours),US seismographic stations recorded seismic activity in the area of Okinawa Island (Japan). According to (sic) National Geospatial-Intelligence Agency, Democratic People’s Republic of Korea has carried out an average range missile attack with use of nuclear warhead (sic). The explosion caused severe destructions (sic) in the northern part of the (sic) Okinawa island. Casualties among the personnel of the US military base are being estimated at the moment.”

An analyst noted the grammatical errors suggested the text was written by someone who has not yet mastered the English language use of articles.

The report included a long list of U.S. agencies that should be on alert, from the Central Intelligence Agency, the Department of State and the Department of Homeland Security to the Air Force, Army, Coast Guard, Marine Corps and Navy.

U.S. officials have expressed growing concern over cyber attacks, especially from China. The attacks have targeted not only Google and other Western companies but also the Pentagon.

Chip Gregson, assistant secretary of defense for Asian and Pacific affairs, said that in addition to their nuclear and space programs, the Chinese have undertaken an aggressive cyber assault that presents “an asymmetrical threat to our ways of doing business.”

The latest hacking effort follows urgent warnings that also have gone out through the North Atlantic Treaty Organization to protect all classified databases due to the recent surge of Chinese cyber attacks.

Last Friday, a U.S. report said that the number of cyber attacks on U.S. government agencies and Congress rose exponentially in the past year to an estimated 1.6 billon a month.

Only a few months ago, there were reports that a powerful cyber attack overwhelmed computers at U.S. government agencies and South Korean agencies for several days. The report said the attacks also targeted the White House, Pentagon and the New York Stock Exchange.

Tags: china hack, Chinese cyber attacks, Congress, cyber attacks, Defense Intelligence Agency, north korea hack, NYSE, Okinawa, Pentagon


Mar 12 2009

Cybersecurity and congressional hearing

Category: Information WarfareDISC @ 2:02 am

United States Central Command
Cybersecurity experts were at congress floor this week to discuss security strategy and threats to federal government infrastructure for not having an appropriate strategy and funding.

β€œWhere are we today in cyber security? From one perspective, we are in remarkably bad shape. In the last year, we have seen the networks of the two Presidential campaigns, secure networks at the U.S. Central Command and computer networks in Congress and other Federal agencies penetrated by outsiders.” Dr. Jim Lewis, Center for Strategic and International Studies

β€œBut in our rush to network everything, few stopped to consider the security ramifications of this new world we were creating. And so we find ourselves in an extremely dangerous situation today – too many vulnerabilities exist on too many critical networks which are exposed to too many skilled attackers who can inflict too many damages to our systems. Unfortunately, to this day, too few people are even aware of these dangers, and fewer still are doing anything about it.” Rep. Yvette Clarke, D-N.Y., who chairs the subcommittee

Amit Yoran said that research and development must be bolstered, standards for securing systems must be reformed, and a legal analysis of the governance, authority and privacy requirements is needed. cybersecurity focuses on monitoring adversaries, determining their methods and techniques, tracking their activities to a point of origin, and determination of compromise scope, intent and objective.

Copies of written testimony from 3/10 proceedings are available on the Committee on Homeland Security site.

Detection of cyber attacks and emergency response plan is a paramount to be successful against cybersecurity attacks. I think federal government needs a new proactive paradigm for cybersecurity, which inspect the packet (deep packet inspection) to distinguish malicious packet from normal packet. This way malicious packet can be dealt appropriately at perimeter before it create a havoc at inside network or at end user desktop.


httpv://www.youtube.com/watch?v=5rDEw3uSK54

Reblog this post [with Zemanta]

Tags: Amit Yoran, Barack Obama, Center for Strategic and International Studies, Computer security, Congress, Federal government of the United States, Security, United States