[speak] ThurmSpeaks::About Cyberwarfare

I decided to write about cyberwarfare after seeing the following headline on the front page of the 31 May 02012 Arizona Republic: "U.S. broadening cyberwar strategy".

02 June 2012 (today)

Headline from the front page of today's Arizona Republic: "U.S., Israel hit Iran with cyberattack".

01 June 2012

@yottagoo blog posting on 02012.06.01.

    Yesterday (02012.05.31) the front page of the Arizona Republic 
    had the following headline: "U.S. broadening cyberwar strategy". 
    Today the New York Times has a news story titled "Obama Order 
    Sped Up Wave of Cyberattacks Against Iran". My gut tells me 
    cyberwarfare, which I think is in progress, is going to be 
    uglier than ugly.
31 May 2012

@compufoo tweeted the following on 02012.05.31.

   Headline seen on the front page of today's (5/31) Arizona Republic: 
   "U.S. broadening cyberwar strategy" #DigitalBattlefields #CyberWarfare

   ... followed by ...

   #Flame #sKyWIper RT @NatureNews Uncovered spyware may have been at 
   work for years http://bit.ly/LDMoDY

Security Watchdog Blog Postings

The following are Security Watchdog blog postings that have been posted during the 21st century. The postings are listed in newest-to-older order. The oldest posting is from 9 March 02001.

09 April 2012

On 7 April 2012, the Arizona Republic had an interview with Janet Napolitano (U.S. secretary of Homeland Security). The following was the highlighted quote.

   "We're really at only the beginning stages of what could be
    a very serious time in cyberspace. ... Cyber is the evolving
    threat that most concerns me right now." -- Janet Napolitano
    via the Arizona Republic on 7 April 2012
28 August 2011

I found the eWeekEurope.co.uk headline difficult to understand... "RSA: Cyber War Mass Hysteria Is Hindering Security"

On the same day I saw the following.

   "Cyber war is a terrible metaphor," said the US government's 
    cybersecurity czar Howard Schmidt. "Don't make it something 
    it's not." Internet attacks from hackers, spies and terrorist 
    groups deserves serious attention, he said, but this should 
    not be "to the extent of mass hysteria."

Computing security guru Bruce Schneier fears we are on the "verge of an IT arms race. "We haven't seen offensive cyber weapons companies, but they are coming," he said. "Big defence contractors are working on this -- you know they would be dumb not to."

Wired.com::"Cyberwar Issues Likely to Be Addressed Only After a Catastrophe"

22 July 2010

@compufoo retweeted the following on 2010.07.22.

   RT @TheOfficialACM Tech News: Cyberwarrior Shortage Threatens 
   U.S. Security http://n.pr/aICIr6 (via NPR) 

@nanofoo received the following tweet from @SchneierBlog on 2010.07.20.

   New GAO Cybersecurity Report: From the U.S. Government Accountability 
   Office: "Cybersecurity: Key Challenges Need ... http://bit.ly/dAeXZ6

@nanofoo received the following tweet from @SchneierBlog on 2010.07.19.

   Embedded Code in U.S. Cyber Command Logo: This is excellent. 
   And it's been cracked already.... http://bit.ly/99iI24

And finally with respect to cyber-attacks on private networks...

   "[they are] comparatively easy to launch, cheap to launch, the amount 
    you can steal is enormous, and the chances of getting caught are 
    miniscule." -- Larry Clinton, president of the 
                   Internet Security Alliance,
06 July 2010

I agree.

   "Cyberspace has become the fifth domain of warfare, 
    after land, sea, air and space."

Question: Will the U.S. have to engage in politically correct cyberwarfare? I hope the answer isn't "yes."

21 February 2010

According to PopSci.com... "we are not prepared."

09 February 2010

Is it FUD?

I don't think so; therefore, it probably is.

@nanofoo tweeted the following on 2010.01.30.

   "Obama said nothing in his State of the Union address about 
    the state of the Union w/respect to cyberwarfare preparedness."
04 February 2010

TechNews.ACM.org had a posting titled "In Cyber War, Most of U.S. Must Defend Itself" on 2010.02.10 and it started with the following.

   "There are concerns that the United States is extremely 
    vulnerable to a full-scale cyberattack, and the U.S. 
    Cyber Command is not in a position to protect U.S. 
    civilian computer networks [...]"

The TechNews.ACM.org posting included the following.

   "Meanwhile, U.S. military networks are under constant 
    cyberattack because they are such an appealing target, 
    according to Deputy Defense Secretary William Lynn. 
    'And the frequency and sophistication of attacks are 
    increasing exponentially,' he notes.

I believe this is true because we're living in exponential times.

More from the TechNews.ACM.org posting titled "In Cyber War, Most of U.S. Must Defend Itself."

   "McAfee hints at the possibility that countries are 
    competing in a quiet cyber arms race, and communications 
    systems, banks, and power grids are just as likely to be 
    targets as military networks."

Note: McAfee is an "antivirus software and computer security company headquartered in Santa Clara, California."

@nanofoo tweeted the following on 2010.02.07.

China & Russia dominate 2010 ACM Intl. Collegiate 
Programming Contest http://bit.ly/cVLdpz

@nanofoo tweeted the following on 2010.01.30.

Obama said nothing in his State of the Union address about 
the state of the Union w/respect to cyberwarfare preparedness.

The House voted 422-5 in favor of H.R. 4061 -- The Cybersecurity Enhancement Act of 2009.

   "The bill requires the Obama administration to conduct an 
    agency-by-agency assessment of cybersecurity workforce skills 
    and establishes a scholarship program for undergraduate and 
    graduate students who agree to work as cybersecurity specialists 
    for the government after graduation."  
    [source: NYTimes.com via Slashdot.org]

Yikes! politician Michael Arcuri said, "Nearly every high school hacker has the potential to hamper our unfettered access to the Internet. Just image what a rogue state could do."

FYI to Arcuri: Kids not yet in high school can be crackers.

29 September 2009

The headline read: "Cybersecurity debate touches a nerve."

The AP (Associated Press) report started with...

   "There's no kill switch for the Internet, no 
    secret on-off button in an Oval Office drawer."

The AP report included the following quote by Melissa Hathaway, former White House cybersecurity adviser: "We need a system to identify, isolate and respond to cyberattacks at the speed of light."

In the computing world, speed of light implies real-time.

29 August 2009

It appears as though North Korea wants to gain some experience in cyberwarfare. The US government currently has 32 czars, but no cybersecurity czar (yet).

09 July 2009

My heart rate exponentially increases every time I read about politicians considering bills that are related to computing. It appears that at this point and time, the definition for "cybersecurity emergency" gives the President of the United States of America way too much power.

29 May 2009

I agree with Obama with respect to the following...

   "America's economic prosperity in the 21st century will 
    depend on cyber-security."--Barack Obama

Obama is also correct when he says, "acts of terror could come from a few keystrokes on a computer."

It was also refreshing to read that Obama continues to "remain firmly committed to net neutrality."

10 January 2009

This is the first time I've ever hear the term cybergeddon.

   "Cyber attacks pose the greatest threat to the United States 
    after nuclear war and weapons of mass destruction, and they 
    are increasingly hard to prevent, FBI experts say."
    --ABC News (Australian Broadcasting Corp.)
21 November 2008

PCWorld.com reported that the the U.S. Department of Defense took an "estimated 1,500 computers offline Wednesday after a security breach within the Office of the Secretary of Defense (OSD)."

"I don't do e-mail," said Secretary of Defense Robert Gates. "I'm a very low-tech person."

Our next Secretary of Defense must be a very high-tech person because cyber-warfare, bio-warfare, nano-warfare and robo-warfare could be stark reminders that the United States of America has been asleep at the wheel.

   "September 11 was essentially a collision of early 20th-century 
    technology: the airplane and the skyscraper. We don't want to 
    see a collision of 21st-century technology."--Bill Joy in 02006

The United States needs to say 02008 is the 01958 of the 21st century; therefore, DARPA's current annual budget of approximately $3.2 billion needs to be increased at least ten-fold.

05 May 2008

This is bad news for the United States of America. With each attack, China gets better and better at cyberwarfare.

   "China's cyber warfare army is marching on, and India is 
    suffering silently. Over the past one and a half years, 
    officials said, China has mounted almost daily attacks 
    on Indian computer networks, both government and private, 
    showing its intent and capability."

Cyberwarfare is beyond ugly.

04 February 2008

Quoting Bill Joy: "September 11 was essentially a collision of early 20th-century technology: the aeroplane and the skyscraper. We don't want to see a collision of 21st-century technology."

I suspect Joy was referencing bioterrorism (near term) and nanowarfare (next 2-3 decades), but cyberwarfare has probably already started. Simple attack: crack banking systems and multiple every positive account balance by zero. When the masses don't have any money, then what?

09 June 2008

Cyberwarfare is going to be uglier than ugly.

09 July 2007

An InformationWeek.com article posted on 7 July 2007 started as follows.

   "A British court last week handed down prison sentences of 
    up to 10 years to three Muslim men it called 'cyber-jihadis' 
    and convicted of using the Internet to urge Muslims to wage 
    holy war on non-Muslims. And the U.S. Computer Emergency 
    Readiness Team reported politically motivated cyberattacks 
    in Russia."

I've said it before on this blog and I'll say it again: Cyberwarfare is not going to be fun.

Bill Joy is infinitely more expert than me when it comes to this stuff. Here is a quote from Joy that is in my quote collection.

   "September 11 was essentially a collision of early 20th-century 
    technology: the aeroplane and the skyscraper. We don't want to 
    see a collision of 21st-century technology."
21 June 2007

China is going to a major power when it comes to cyberwarfare.

   "China is seeking to unseat the United States as the dominant 
    power in cyberspace, so says a U.S. Air Force general leading 
    a new push in this area."

The general was quoted saying:

   "They're the only nation that has been quite that blatant about 
    saying, 'We're looking to do that.'" 

The following blurb was noteworthy.

   "The Defense Department said in its annual report on China's 
    military power last month that China regarded computer network 
    operations -- attacks, defense and exploitation -- as critical 
    to achieving 'electromagnetic dominance' early in a conflict."

   "China's People's Liberation Army has established information 
    warfare units to develop viruses to attack enemy computer systems 
    and networks, the Pentagon said."

Bottom-line: Cyberwarfare is going to suck. Bill Joy was right when he said we don't want to experience 21st century warfare.

01 December 2006

Cyberwarfare will be ugly. It would be chaos if a majority of Americans woke up one morning and all their savings and investment accounts had been set to zero.

   "The U.S. government warned American private financial services 
    on Thursday of an al-Qaida call for a cyber attack against online 
    stock trading and banking Web sites beginning on Friday."
    [Friday was 1 December 2006]

In a nutshell, the attack, if any, will try to wipe out financial databases. Cracking databases is hard, but denial of services attacks, which don't access data, could prevent access to data.

CNet News.com::"U.S. warns of possible Qaida financial cyber attack"

16 April 2005

University of California, Berkeley, will "lead an ambitious multi-institution center to protect the nation's computer infrastructure from cyberattacks while improving its reliability." The center is called the Team for Research in Ubiquitous Secure Technology (TRUST) and it is a collaboration of academic partners "Carnegie Mellon University, Cornell University, Mills College, San Jose State University, Smith College, Stanford University and Vanderbilt University." TRUST also includes non-academic partners such as "Bellsouth, Cisco Systems, ESCHER (a research consortium that includes Boeing, General Motors and Raytheon), Hewlett Packard, IBM, Intel, Microsoft, Oak Ridge National Laboratory, Qualcomm, Sun Microsystems and Symantec."

TRUST has an outreach program that includes education programs for "K-12 schools, undergraduate students and institutions serving underrepresented populations." UC Berkeley's press release says the education outreach "will lay the groundwork for training new scientists and engineers who, center leaders say, will develop the next generation of trustworthy systems. The program includes a focus on outreach to women-only institutions, exemplified by the partnerships with Mills and Smith colleges."

Berkeley.edu::"UC Berkeley to Lead $19 Million NSF Center on Cybersecurity Research"

22 May 2005

GCN reported that the "United States Naval Academy beat out the four other service academies in the annual Cyber Defense Exercise, designed to equip students with the ability to protect the nation's critical information systems." {"Navy Academy Knows Its Cybersecurity"}

15 October 2005

After Hurrican Katrina, the FEMA (Federal Emergency Management Agency) had undergone significant ridicule. In a nutshell, many think FEMA is joke. Declan McCullagh equates the current state of computer security with FEMA. Declan, we'd be better off if computer security was on par with FEMA.

CNET News.com::"U.S. cybersecurity due for FEMA-like calamity?" [by Declan McCullagh]

03 December 2005

From a homeland security perspective, the following news reported from Financial Times is bothersome. {FT.com:: US 'relying on private companies to counter cyber-terrorism' }

28 December 2005

Becoming a computer security guru probably offers a great long-term career, but only if you are good. Getting a graduate degree certified by SANS will not be easy, but then nothing's easy.

GCN.com::"SANS to offer graduate degrees in cybersecurity"

30 April 2004

I have written about being "drafted" to become an esoldier. I wouldn't be a general, but I could probably make an okay sargent. It appears as though the West Point Military Academy is looking for a view good hackers to help defend our computer systems against the crackers of this world.

09 April 2004

How do wars start? You hit me; I hit you; we have war. This is okay if you and I are in a room by ourselves, but it becomes a problem when Internet resources are used to deliver payloads. Here is a yucky quote: "Rules of engagement for information warfare." I doubt anybody is going to be interested in a collection of rules when it comes to cyberwarfare.

14 February 2003

I have had numerous people laugh and dismiss me because I keep pondering the responsibilities of being an esoldier. Cyberwarfare is a difficult topic to discuss publicly.

25 October 2002

Here are some quotes spoken on on Monday, 14 October 2002 by Howard Schmidt, cyber-security adviser for President Bush.

   "We have a great deal of focus nowadays on weapons of mass destruction 
    but we need to be aware of the proliferation in cyberspace of weapons 
    of mass disruption." [...]"

   "Cyber crime is costing the world economy billions of dollars and it 
    is still on the increase. The more we depend on the system, the more 
    we use the system, the more they will exploit it." [...]

   "What we are concerned about is reducing vulnerability whether the 
    threat is from the Mideast or the Midwest." [...]

Great quotes, but let's consider the source: Howard Schmidt is a former chief security officer at Microsoft.

27 June 2002 (Facebook status update on 02 June 2012)

I hope it never comes true, but someday I could see myself being an esoldier. [Not as a General, but as a Private.] On 27 June 2002, WashingtonPost.com posted a story titled Cyber-Attacks by Al Qaeda Feared.

09 March 2001

Time and time again we have indicated how awful cyberwar will be. Corrupting data can be an effective way to " drop bombs" on all citizens of a country. I would not be happy to wake up some morning and have no money in my checking account. I want to thank SeanJ for providing a resource that introduces us to the idea of Information Warfare.

Creator: Gerald Thurman [gthurman@gmail.com]
Created: 02 June 2012
Last Modified: Saturday, 05-Jan-2013 11:15:48 MST