Is Cyberwar Unlikely?

Photo: USAF

Why Cyberwar Is Unlikely -- Live Science

In this last of a three-part series, LiveScience's sister site SecurityNewsDaily explores truths, distortions, confusions and likelihood of cyberwar. Click for Part 1: Cyberwar: Definition, Hype and Reality and Part 2: What Cyberwar Would Look Like.

Even as more and more countries invest in the idea of cyberwarfare, cyberspace remains largely peaceful insofar as actual war is concerned.

In the two decades since cyberwar first became possible, there hasn't been a single event that politicians, generals and security experts agree on as having passed the threshold for strategic cyberwar.

Read more ....

How Stuxnet Has Given Hackers A Blueprint For Sophisticated New Malware

Epic Fail Malicious programs could blow up factories and sabotage power grids Jamie Sneddon

What Could Possibly Go Wrong: Industrial Cyber-Sabotage -- Popular Science

Stuxnet gives hackers a blueprint for sophisticated new malware.

Computers already do so much of our work that it seems natural to let them take care of our sabotage, too. This might have been the line of thinking that led to Stuxnet, the first known malware worm designed to disrupt industrial processes.

Read more ....

My Comment: I suspect that this is just the start of something bigger .... hence we are now having governments proposing the need for Cyberwar protocals.

Cyber War Rules Of Engagement Being Proposed

Proposal For Cyber War Rules Of Engagement -- BBC

The world needs cyber war "Rules of Engagement" to cope with potentially devastating cyber weapons, Russian and US experts will tell world leaders at a security conference on Friday.

The cyber proposal, seen exclusively by Newsnight, comes from the influential EastWest Institute in New York.

It describes "rendering the Geneva and Hague conventions in cyberspace".

Cyber security is on the agenda at the annual Munich Security Conference for the first time this year.

Read more ....

More News On Proposals For Cyber War Rules Of Engagement

Calls for Geneva Convention in Cyberspace -- Wall Street Journal
Calls for 'rules of engagement' for cyber conflict -- BBC
Britain wants international rules on cyberspace -- Reuters
Cyber war rules of engagement drawn up -- The Telegraph
Hague bids to prevent 'cyber war' -- Press Association
World leaders meet to discuss cyberwar rules of engagement -- The Register
Real Cyber Warfare: Carr’s Top Five Picks -- Jeffrey Carr, Forbes

Europe Simulates Total Cyber War

From The BBC:

Essential web services have come under simulated attack as European nations test their cyber defences.

The first-ever cross-European simulation of an all out cyber attack was planned to test how well nations cope as the attacks slow connections.

The simulation steadily reduced access to critical services to gauge how nations react.

The exercise also tested how nations work together to avoid a complete shut-down of international links.

Read more ....

Who Launched A Cyber Attack Against Iran?

Graph shows concentration of Stuxnet-infected computers in Iran as of August.
Photograph: Symantec

Web Virus Aimed At Nuclear Work, Says Tehran -- Financial Times

An internet virus that has damaged computer systems in Iran was designed by foreign governments to undermine the country’s nuclear ambitions, according to Tehran.

As western governments continued to analyse the origins and impact of the Stuxnet malware, which has affected at least 30,000 IP addresses in Iran, an official stressed the sophisticated nature of the virus.

Read more ....

More News On The Stuxnet Malware Attack Against Iran

Worm affects Iran nuclear plant -- BBC
Stuxnet worm rampaging through Iran: IT official -- AFP
Stuxnet Compromise at Iranian Nuclear Plant May Be By Design -- PC World
Report: Stuxnet Worm Attacks Iran, Who is Behind It? -- PC Magazine
Iran admits Stuxnet worm infected PCs at nuclear reactor -- Computer World
Pentagon Silent on Iranian Nuke Virus -- FOX News
Stuxnet worm mystery: What's the cyber weapon after? -- Christian Science Monitor
Could Iran Retaliate for Apparent Cyber Attack? -- FOX News/Reuters
Implications of Iran cyber attack affect all -- Globe And Mail/Reuters

Plans To Fight Cyberwar Are A 'Recipe For Disaster'

Michael Chertoff, former Secretary at the US Department of Homeland Security

From The Guardian:

Senior security experts have criticised the west's approach to online threats, suggesting that not enough is being done to stem the growing tide of cyberattacks.

Michael Chertoff, a former secretary at the US Department of Homeland Security, said on Wednesday that current cybersecurity policies were a "recipe for disaster" that could inadvertently encourage a virtual attack equivalent to "the next Pearl Harbour".

Read more ....

More News On Cyberwar

A New Age for US Cybersecurity -- Tech News World
Former Intelligence Chief: U.S. Would Lose Cyberwar -- Information Week
U.S. would lose a cyber war, former intell chief warns -- Government Computer News
Cyberwar Hype Intended to Destroy the Open Internet -- Threat Level
US cyber defense strategy details hit the Internet -- France 24
China's Hacker Army -- Foreign Policy
Is Iran's Cyberwar Sustainable? -- National Journal
The Real Meaning Of Cyberwarfare -- Forbes
Cyberwar hype was cooked up to sell Internet-breaking garbage to the military -- Boing Boing

U.S. Wargamers Wrap Up Massive Cyberattack Drill: "We Are Not Prepared"

West Wing Situation Room Planning for a hopefully better tomorrow Christopher Morris/White House Museum

From Popular Science:

Washington insiders recently sweated out a real-time war game where a cyberattack crippled cell phone service, Internet and even electrical grids across the U.S. The unscripted, dynamic simulation allowed former White House officials and the Bipartisan Policy Center to study the problems that might arise during a real cyberattack emergency, according to Aviation Week's Ares Defense Blog.

Read more ....

"Cyber ShockWave": The U.S. Fails In Cyberwar Game

West Wing Situation Room Planning for a hopefully better tomorrow Christopher Morris/White House Museum

U.S. Wargamers Wrap Up Massive Cyberattack Drill: "We Are Not Prepared" -- Popular Science

Washington insiders recently sweated out a real-time war game where a cyberattack crippled cell phone service, Internet and even electrical grids across the U.S. The unscripted, dynamic simulation allowed former White House officials and the Bipartisan Policy Center to study the problems that might arise during a real cyberattack emergency, according to Aviation Week's Ares Defense Blog.

Read more ....

More News On The Recent Cyberattack Drill

War game reveals U.S. lacks cyber-crisis skills -- Washington Post
Cyberattack Drill Shows U.S. Unprepared -- Information Week
U.S. Government Defends Against Simulated Cyberattack on U.S. Targets -- Daily Tech
Washington Group Tests Security in ‘Cyber ShockWave’ -- Wall Street Journal
War game simulates cyberattack -- Politico
Cyber ShockWave cripples computers nationwide (sorta) -- Christian Science Monitor
Security Experts Wrestle With Cyberattack Scenario -- PC World
U.S. Isn’t Prepared for Massive Cyber Attack, Ex-Officials Say -- Business Week
US Cybersecurity Hypothetically Pathetic -- Tech News World
Simulated Cyberwar Hits DC -- Ares/Aviation Week
Unconstrained Cyberspace Domain -- Defense Tech
3 Ways Cyber Warriors Could Cripple the U.S. -- Atlantic Wire
Is The U.S. Ready For A Cyberwar? -- NPR
In a doomsday cyber attack scenario, answers are unsettling -- L.A. Times

Google, China, And The Coming Threat From Cyberspace

Utilities are increasingly using mainstream software and connecting parts of their operations to the Internet, which can make them vulnerable to hackers. Getty Images

From Christian Science Monitor:

Cyberspace attacks are set to increase. Here’s why – and here’s what we can do to stop them.

The recent cyberespionage attacks on Google and that company’s subsequent announcement that it would reconsider its search engine services in China gripped the world’s focus and set off a debate about China’s aggressive cybersecurity strategy.

The apparent scope of the attacks – more than 30 companies affected, Gmail accounts compromised, human rights groups targeted – took many by surprise. Some observers believe the attacks were highly sophisticated in nature, employing never-before-seen techniques. Many reports concluded that the Chinese government undertook the attacks.

Read more ....

Update: Is Our Nation's Infrastructure Under Cyber Attack? -- Discovery News

My Comment: I think this is just the tip of the iceberg. As our infrastructure becomes more dependent on stable communication and network platforms, the opportunity for hackers/state sponsored groups/terrorists/etc. to conduct attacks and cyber disruptions will be a temptation that they cannot ignore.

More Cyber Attacks From China?

Iraq's Rumaila oil field: A key target of 2008 cyberattacks on US oil and gas companies ExxonMobil, ConocoPhillips, and Marathon was exploration 'bid data' that provides critical details about new energy discoveries. Atef Hassan/Reuters

US Oil Industry Hit By Cyberattacks: Was China Involved? -- Christian Science Monitor

MONITOR EXCLUSIVE: Breaches show how sophisticated industrial espionage is becoming. The big question: Who’s behind them?

At least three US oil companies were the target of a series of previously undisclosed cyberattacks that may have originated in China and that experts say highlight a new level of sophistication in the growing global war of Internet espionage.

The oil and gas industry breaches, the mere existence of which has been a closely guarded secret of oil companies and federal authorities, were focused on one of the crown jewels of the industry: valuable “bid data” detailing the quantity, value, and location of oil discoveries worldwide, sources familiar with the attacks say and documents obtained by the Monitor show.

Read more ....

More News On China And Cyber Attacks

Google cyberattacks stoke fears of stealth hackers -- Seattle Times/New York Times
Hack Attacks Test Google's Link to China -- CBS News
Chinese Government Denies Involvement In Google Attack -- The Atlantic
Google negotiating ways to keep presence in China -- Washington Post
Google: China Dispute Could Be Resolved in Weeks -- ABC News
Chinese Sites Report Cyber Attacks -- Wall Street Journal
China rights groups hit by cyberattacks: activists -- AFP
Microsoft beefs up security due to China hack -- National Business Review
Internet Explorer 'hit with new set of security flaws' -- The Telegraph
China Hacks Inspire Copycats -- PC World
Cybercriminals use China attacks on Google as lure -- Computer Weekly
The top 10 Chinese cyber attacks (that we know of) -- The Cable/Foreign Policy
What's really at stake in Google vs. China -- Fareed Zakaria, CNN opinion

The Internet's Irregular Troops -- A Book Review

From The New Scientist:

It's 8 August 2008. Russian tanks roll into Georgia. Over the next two days, Russian jets and warships bomb the former Soviet republic's cities and block its ports. The familiar images of war - bloodied civilians and ruined buildings - hit TV screens around the world.

Meanwhile, a less well-known form of conflict was also under way - in cyberspace. Georgian government servers were flooded with incoming signals, rendering many websites useless, including those of the parliament and foreign ministry. It was the first time that online attacks had coincided so clearly with a real-world conflict.

Read more ....

McAfee: China Attacks A 'Watershed Moment'

From CNET:

The China-based cyber attacks on Google and other companies were "a watershed moment in cybersecurity," according to an executive at computer security company McAfee.

"I believe this is the largest and most sophisticated cyberattack we have seen in years targeted at specific corporations," McAfee Chief Technology Officer George Kurtz wrote on his blog Sunday. "While the malware was sophisticated, we see lots of attacks that use complex malware combined with zero day exploits."

Read more ....

Chinese Attack On Google Among the Most Sophisticated Cyberattacks Ever, Experts Say

Google Bai Bai AP

From Popular Science:

No one has claimed responsibility, but a U.S. Internet security firm points at the Chinese government.

A Chinese cyber-assault on Google and more than 30 other U.S. companies was the most sophisticated online attack ever seen outside of the defense industry, according to experts from anti-virus firm McAfee interviewed by Wired. Google announced on Tuesday that it would no longer censor information on its search portal per Chinese government rules, and may stop doing business in China entirely.

Read more ....

Google Is Not The Only Internet Site Attacked By China

Google China Cyberattack Part Of Spy Campaign -- MSNBC/Washington Post

Dozens of companies, human rights groups targeted in sophisticated strike.

Computer attacks on Google that the search giant said originated in China were part of a concerted political and corporate espionage effort that exploited security flaws in e-mail attachments to sneak into the networks of major financial, defense and technology companies and research institutions in the United States, security experts said.

At least 34 companies — including Yahoo, Symantec, Adobe, Northrop Grumman and Dow Chemical — were attacked, according to congressional and industry sources. Google, which disclosed on Tuesday that hackers had penetrated the Gmail accounts of Chinese human rights advocates in the United States, Europe and China, threatened to shutter its operations in the country as a result.

Read more ....

Google said it would stop bowing to Chinese Internet censors after
"highly sophisticated" cyber attacks on its systems. Photo AFP

More News on China's Attack Against Google And Other Websites

Security experts dissect Google China attack -- The Register
Chinese hackers force US showdown -- Sydney Morning Herald
Yahoo Also Targeted By Chinese Cyber Attacks -- Barrons
China defends web censorship after Google threat -- AFP
After Google Threat, China Defends Internet Policies -- Wall Street Journal
China's Google Dilemma: Soften on Censorship or Anger Millions of Internet Users -- Washington Post
A Heated Debate at the Top -- Wall Street Journal
Google Upgrades Security on Gmail -- New York Times
Little future for Google in China without search -- Reuters
Soul Searching: Google's position on China might be many things, but moral it is not -- Washington Post/Tech Crunch
What's the real battle in the fight between China and Google? -- The Telegraph
In Google’s Rebuke of China, Focus Falls on Cybersecurity -- Reuters
Google exit from China could change face of Internet -- National Post

China's Popular Search Engine Hacked By Iranian Hackers

Image: Visitors to the site were greeted with this message.

Baidu Hacked By 'Iranian Cyber Army' -- The BBC

China's most popular search engine, Baidu, has been targeted by the same hackers that took Twitter offline in December, according to reports.

A group claiming to be the Iranian Cyber Army redirected Baidu users to a site displaying a political message.

The site was down for at least four hours on Tuesday, Chinese media said.

Last year's attack on micro-blogging service Twitter had the same hallmarks, sending users to a page with an Iranian flag and message in Farsi.

Read more ....

Rise In Cyber Crime

Watch CBS News Videos Online

Senate Panel: 80 Percent of Cyber Attacks Preventable

From Threat Level:

If network administrators simply instituted proper configuration policies and conducted good network monitoring, about 80 percent of commonly known cyber attacks could be prevented, a Senate committee heard Tuesday.

The remark was made by Richard Schaeffer, the NSA’s information assurance director, who added that simply adhering to already known best practices would sufficiently raise the security bar so that attackers would have to take more risks to breach a network, “thereby raising [their] risk of detection.”

Read more ....

My Comment: There is a lot of meat in this story .... read it all.

Four Ways to Fight Back Against Cyber Attacks

From Popular Mechanics:

This week, prosecutors indicted notorious hacker Albert Gonzalez. He's accused of having masterminded a scheme to steal more than 130 million credit card numbers. Gonzalez may be behind bars, but his trial underscores the fact that your personal and financial information are vulnerable to attack from thieves in cyberspace. Here are four ways to fight back.

Read more ....