Tag Archives: Cyber

US eyes cyber ‘deterrence’ to stop hackers

The US military is looking to flex its muscles in cyberspace as a “deterrence” to hackers eying American targets, the nation’s top cyber-warrior said Tuesday.

Admiral Mike Rogers, who heads the Pentagon’s Cyber Command as well as the National Security Agency, evoked a policy often put forward for avoiding nuclear warfare, because holding powerful weapons is seen as a deterrent.

Rogers said that as part of his role as the head of Cyber Command, he wants to send a message to potential cyber-attackers that there are consequences for their actions.

“Right now, if you are a nation-state, if you are a group, if you are an individual, my assessment is that most (hackers) come to the conclusion that it is incredibly low-risk, that there is little price to pay for the actions that they are taking,” Rogers told a cybersecurity conference at the US Chamber of Commerce in Washington.

“I’m not saying I agree with that but I believe most look at that and in light of that feel that they can be pretty aggressive. That’s not in our best interests in the long term as a nation to have that perception. We need to try to change that over time.”

Offensive tools in cyberspace
Rogers said the US military has a “legal framework” for the use of any offensive cyber-weapons, noting that a decision to use these tools needs approval from the president and secretary of defense.

But he said US officials are in the midst of discussions on defining offensive military actions in cyberspace and how to implement them.

“What I hope we can develop over time is a set of norms and rules that get us into an area where we can get a better definition of what is acceptable and what is not acceptable (in cyberspace), and even into the idea of deterrence,” he told the conference.

The comments came the same day that security researchers, in two separate reports, said the Russian and Chinese governments are likely behind widespread cyber-espionage that has hit targets in the United States and elsewhere.

One team of researchers led by the security firm Novetta Solutions said it identified a hacker group believed to act “on behalf of a Chinese government intelligence apparatus.”

A separate report by the security firm FireEye said a long-running effort to hack into US defense contractors, Eastern European governments and European security organizations is “likely sponsored by the Russian government.”

The Chinese group, which was dubbed Axiom, “is a well-resourced, disciplined and sophisticated cyber-espionage group operating out of mainland China,” Novetta chief executive Peter LaMontagne said in a statement released with the study.

The report said the firms went beyond simply collecting information and cooperated on a “coordinated, effective remediation and disruption” of the Chinese networks.

“Novetta feels that the unified approach… provides the highest level of visibility and establishes the foundation necessary to effectively counter a threat of this nature,” the report said.

Striking back?
Rogers did not specifically comment on Axiom but said he is generally cautious on the use of “cyber-mercenaries” who retaliate against hackers.

“I would urge you to be very careful about going down that road,” he told the conference.

“I often get asked this question about ‘cyber-mercenaries,’” or private-sector players who seek to take out hacking threats.

“My input to you would be to be very careful about that,” Rogers said. “It really potentially opens you up for a whole range of complications.”

Related Topic Tags

Related Defense, Military & Aerospace Forum Discussions

View the Original article

Advertisements

Comments Off on US eyes cyber ‘deterrence’ to stop hackers

Filed under Defence Talk

Army National Guard activates first cyber protection team

The Army National Guard’s first cyber protection team received its new shoulder sleeve insignia here, Oct. 7, during a ceremony conducted by U.S. Army Cyber Command/Second Army.

Lt. Gen. Edward C. Cardon, commanding general, U.S. Army Cyber Command, cited the ceremony as a major milestone for Army cyberspace operations, Guard and Reserve forces and for the Army.

“It is another indication of the tremendous momentum that the Army is building to organize, train and equip its cyberspace operations forces,” Cardon said. “Army Cyber Command is taking a Total Force approach to building and employing the Army’s cyber force.”

Army Maj. Gen. Judd H. Lyons, acting director of the Army Guard, joined Army Lt. Gen. Edward C. Cardon, commanding general of U.S. Army Cyber Command/Second Army, and Col. Jayson M. Spade, commander of the 1st Information Operations Command (Land), to present the patches on a drizzly afternoon.

For many, the ceremony represented something larger than the presentation of a uniform item.

“It’s symbolic of the integration of the Reserve forces into the active forces in the common defense of our networks,” said Maj. Hung Diep, team chief of the 1636th Cyber Protection Team, and an Iraq war veteran. “The team represents one of the most diverse forces that we have in the (Army) National Guard. We represent 19 states and two territories.”

The ceremony also represented a number of firsts for the Army.

“Today this cyber protection team represents another first―the first Army National Guard/active duty cyber protection team,” said Cardon. “The Army plans to build 10 additional Army National Guard cyber protection teams in the future.”

Cardon cited the experience that Army Guard Soldiers bring with them from both the military and civilian sectors as being beneficial to the mission.

“They bring a wide range of experience, not only from serving in the Army National Guard, but also from working in industry, state government or other government agencies,” he said. “They are experienced, educated, and motivated.”

The team will be an invaluable part of the cyber force, said Cardon, adding that the teams will be responsible for conducting defensive cyberspace operations, readiness inspections and vulnerability assessments as well as a variety of other cyber roles and missions.

For Lyons, cyber operations tie into the Guard’s heritage and are the next step forward in the Guard’s history.

“Since 1636, the Army National Guard has been called upon to respond to floods, wildfires, storms and threats far from our shores,” he said. “The cyber threat is no less real, and it is absolutely in keeping with the finest traditions of the National Guard that Guard Soldiers will be fully integrated into the cyberspace force.”

The cyber threat, said Lyons, is synonymous with other key moments in history.

“In 1775, the ‘shot heard round the world’ signaled the start of the American Revolutionary War,” he said. “Today, 239 years later, we face a world in which the first shots of the next war may be fired in cyberspace. And unlike the shots fired in 1775, those shots may indeed be heard around the world, in a very real sense, as systems and components thousands of miles away are instantaneously disabled by a keystroke.”

Protecting against that is critical.

“The billions of lines of code, massive server farms and cloud-based assets that govern our power, water, fuel, communications, transportation, and national defense must be protected,” Lyons said.

The 1636th Cyber Protection Team is just one part of a larger force.

“Today’s ceremony may seem like a small step,” Lyons said. “The men and women here are relatively few in number compared to those who man our divisions, brigades and battalions. But they are true pioneers of the Army Guard; the vanguard of a larger force yet to be built.”

The team is just as important as those larger brigades and divisions.

“Their role is just as essential as that played by our combat units on the front line,” said Lyons. “They defend the nation on a different front – vigilant in ensuring our enemies never get the chance to fire the next ‘shot heard round the world,’ against our nation.”

Related Topic Tags

Related Defense, Military & Aerospace Forum Discussions

View the Original article

Comments Off on Army National Guard activates first cyber protection team

Filed under Defence Talk

US Army Standing Up Cyber Brigade, Possible Cyber Branch

The Army is activating a Cyber Protection Brigade today, and discussing a new cyber branch that could be established as early as next month.

Command Sgt. Maj. Rodney D. Harris, Army Cyber Command, said the branch announcement could come as early as the second week of October, during the Association of the U.S. Army’s annual meeting.

The Cyber Protection Brigade is being activated by the U.S. Army Network Enterprise Technology Command at Fort Gordon, Georgia. It’s the first brigade of its kind in the Army and the nucleus of the new unit will be its cyber protection teams, according to the command.

Over the last two years, Army Cyber Command has been standing up teams at Fort Gordon and across the force with initial operating capability. However, the Army needs twice as many teams as it now has, Harris said.

The Army needs to double the amount of Soldiers in the cyber career field, over the next two years, according to Harris. He said a conference in August focused on planning a new career management field for cyber warriors, which will be referred to as CMF 17. This conference at Fort Meade included key stakeholders from Fort Gordon, the intelligence field and the U.S. Army Combined Arms Center at Fort Leavenworth, Kansas.

Conference attendees discussed new military occupational specialties such as the proposed 17C cyber warfare specialist and the 17A cyber warfare officer. The 17 series will blend signal intelligence and military intelligence skills, Harris said.

“These Soldiers are so unique, and they’re so skilled and they’re so few,” Harris said. “The chief of staff of the Army has asked us to focus hard on what we’re doing for talent management” to recruit and retain cyber Soldiers.

That’s why the Army needs a 17 series that will be just cyber, Harris emphasized.

It takes three years of training to grow a network operations NCO, he explained. Two six-month courses are required, along with a two-year apprentice program, in order to be certified as a journeyman.

“There’s very few other jobs in the Army — in the non-commissioned officer corps, that require three years of training,” Harris said. “They are highly sought-after technicians.”

After serving a short tour, the network operations NCOs might go back to signal or military intelligence jobs, or on to higher-paid civilian positions. Harris said that wouldn’t happen as often with establishment of a Cyber CMF.

A package of re-enlistment incentives is also being staffed for cyber Soldiers, Harris said.

The number and sophistication of attacks on the nation’s cyber networks is increasing, officials said, adding that’s why it’s important to have more effective and coordinated efforts for conducting cyberspace operations.

The Cyber Protection Brigade and cyber teams will help provide a more agile and responsive cyberspace force, officials said.

The cyber teams will be roughly platoon-sized, but vary depending on their mission. The combat-mission or offense teams are larger, Harris said. The network defense or cyber-protection teams are mid-size.

“There are also support elements that are somewhat smaller and national teams that will support other government agencies,” said Harris.

The teams include Soldiers, NCOs, officers, warrant officers and Army civilian employees.

“We’re not unlike any other maneuver elements,” Harris said, explaining that the difference is his teams maneuver across the cyberspace domain instead of ground, air or sea.

Weapon systems are all computers, Harris said. Any system connected to a network can be targeted by cyber teams, he said, and need protected by cyber teams.

“Many of our weapons systems today are enabled. If it’s a computer system that’s run by software – it can be targeted.”

Related Topic Tags

Keywords:

b s f uideo download

Related Defense, Military & Aerospace Forum Discussions

View the Original article

Comments Off on US Army Standing Up Cyber Brigade, Possible Cyber Branch

Filed under Defence Talk

Cyber failures spark search for new security approach

With cybersecurity’s most glaring failures in the limelight, many experts say it’s time for a new approach.

In recent weeks, the security community has been rocked by news of a massive breach at online giant eBay affecting as many as 145 million customers, following another that hit as many as 110 million at retailer Target.

A US indictment earlier this month accused members of a shadowy Chinese military unit for allegedly hacking US companies for trade secrets, a charge denied by Beijing.

The incidents highlight huge gaps in cybersecurity, or the ease in which malicious actors can break into a single computer and subsequently penetrate a network or cloud.

“The old model (for cybersecurity) doesn’t work,” said James Lewis of the Center for Strategic and International Studies.

“It is getting worse and getting out of control… One of the dilemmas is that when people have a choice between security and utility, they often choose utility.”

A survey released Wednesday by the security firm Trustwave said it identified 691 breaches across 24 countries last year, with the number of incidents up 53.6 percent over 2012.

“As long as criminals can make money by stealing data and selling that sensitive information on the black market, we don’t expect data compromises to subside,” the report said.

Much of the problem stems from so-called “phishing” attacks in which emails are disguised as coming from a trusted person.

When links are opened, hackers can install malicious software allowing them to control a computer, and potentially an entire network.

A report by security firm Symantec found a 91 percent increase in targeted “spearphishing” attacks in 2013 and said more than 552 million identities were exposed via breaches.

IBM recently unveiled a new cyber defense system aimed at thwarting attacks before they happen, with predictive analytics.

Symantec suggests a similar approach touting its platform “that aggregates and correlates unfiltered alerts from a diverse set of technologies, harnessing global threat intelligence to detect traffic patterns associated with malicious activity,” according to a blog post by Symantec’s James Hanlon.

Hardware security approach
But others in the cybersecurity community dispute that approach.

The idea of predicting and halting attacks “is utter nonsense,” said Simon Crosby co-founder of the security firm Bromium, which uses a hardware-based solution that isolates computers to prevent the spread of an infection.

Crosby told AFP he views as unlikely “the ability to pick through the noise to find a bad guy before he does bad thing.”

He said Bromium offers a better solution “by making the system defend itself by design.”

Johannes Ullrich, a researcher with the SANS Institute, said hardware isolation “is a solid approach,” but just one of many new options being explored.

Ullrich said that in hunting for malware, “you cannot come up with a list of everything that is bad, but what you can do is enumerate what is supposed to be there.”

This “white list” approach has a higher chance of success, Ullrich said.

‘Hunting ghosts’

The old notion of using anti-virus software, which updates itself based on new malware “signatures,” is rapidly losing credence.

A 2012 study by the security firm Imperva said most software only detected around five percent of malware. Another firm, FireEye, concluded last year that 82 percent of malware disappears after one hour and 70 percent exists just once.

“With the half-life of malware being so short, we can draw the conclusion that the function signature-based AV (anti-virus) serves has become more akin to ghost hunting than threat detection and prevention,” said a blog post by FireEye’s Zheng Bu and Rob Rachwald.

Ullrich said that over time, companies need to invest more in information security and develop strategies before the problems subside.

“Security will never prevent every single breach,” he said. “You want to keep it at a manageable level, to stay in business. That’s what security is all about.”

Related Topic Tags

Related Defense, Military & Aerospace Forum Discussions

View the Original article

Comments Off on Cyber failures spark search for new security approach

Filed under Defence Talk

Xi wants China to be ‘cyber power’

Chinese President Xi Jinping has called for his country to become a “cyber power,” state media reported Thursday after he chaired a meeting of a special group focused on Internet security.

“Efforts should be made to build our country into a cyber power,” he said, according to Xinhua, which cited a statement it said was released after the group’s first meeting earlier in the day.

“We should be fully aware of the importance and urgency of Internet security and informatization,” he said.

Xi heads the “leading group,” Xinhua said, with Premier Li Keqiang and Liu Yunshan — who along with Xi and Li is a member of the Communist Party’s powerful politburo standing committee — the deputy heads.

At the meeting, Xi emphasised that Internet security is a key strategic and security issue for China, Xinhua reported.

Xi’s call comes as the question of large-scale cyber espionage has become a key point of contention for China and the United States, the world’s two biggest economies and which both possess large militaries.

In a report released in February last year, security firm Mandiant said China was devoting thousands of people to a military-linked unit that has pilfered intellectual property and government secrets.

In November, the US-China Economic and Security Review Commission said in its annual report to Congress that China has not curbed rampant spying on American interests.

The report accused China of “directing and executing a large-scale cyber espionage campaign,” penetrating the US government and private industry. China has vehemently denied accusations of cyber espionage.

Beijing has also cited leaks by former American intelligence contractor Edward Snowden — revealing mass US electronic surveillance programmes — as evidence that the United States is guilty of double standards when it comes to online espionage.

US President Barack Obama said last year that he and Xi had “very blunt conversations” about cyber-hacking when they met for a summit in June in California.

Xi insisted at a joint press appearance during the meeting that China itself was a victim of cyber theft.

Related Topic Tags

Related Defense, Military & Aerospace Forum Discussions

View the Original article

Comments Off on Xi wants China to be ‘cyber power’

Filed under Defence Talk

BAE Systems: 60% of US Businesses Have Increased Cyber Security Budget

Majority of American companies view targeted cyber attack as a top 3 business risk. Organized groups of fraudsters viewed as presenting greatest cyber threat. Grasp of vulnerabilities and threat intelligence named as best tools to help Boards tackle threat

BAE Systems Applied Intelligence today quantifies the extent of the impact on US businesses of the wave of recent high-profile cyber attacks in December 2013 and January 2014. New research conducted this month reveals that the attacks on international businesses, including banks and retail giants such as Target, led to a significant 60% of US businesses surveyed increasing their cyber security budget. Of those businesses planning to increase their cyber security budget over the next 12 months, a resounding 78% cited the recent attacks as having a significant influence on their decision.

The international research also found that 53% of US companies surveyed now regard the threat from cyber attacks as one of their top three business risks, mirroring the recent warning from the World Economic Forum that cyber attacks are among the 5 biggest threats facing the world in 2014.1 The research details business concerns and opinion around cyber and indicates a strong demand from major global companies for greater intelligence about the nature of new cyber threats and a better understanding of business vulnerability.

The new findings come as BAE Systems Applied Intelligence releases “Business and the Cyber Threat: the rise of Digital Criminality”, which found that the majority of US respondents (82%) expected the number of targeted cyber attacks to increase over the next two years.2 It was immediately striking that organized groups of fraudsters were identified by the highest number of respondents in both the US (52%) and across the survey group as a whole (55%), as the group considered most likely to mount attacks. This would seem to point to a concern around the potential damage of cyber-enabled fraud attacks of precisely the nature experienced by Target and others.

The research also showed that businesses believe that their increasing exposure to cyber threats, caused by new ways of working, poses a risk as they adapt business practices to keep pace with the hyper-connected world. For example, 72% of North American respondents thought the cyber risk posed by mobile technologies was a significant risk but only 61% were confident they understood the risks.3

Faced with these challenges, it was alarming to note that a significant proportion of respondents – around a third (31% in the US and 30% globally) – still did not believe that their Board of Directors fully understood the risks presented by cyber. To investigate further, the research then explored which tools respondents believed would help their Boards to take greater action to prevent cyber attacks. Having a clearer understanding of vulnerabilities (advocated by 53% of respondents in the US and 50% overall) and having intelligence about upcoming threats (44% in the US and 47% overall) proved the most popular responses.

Martin Sutherland, Managing Director, BAE Systems Applied Intelligence, said:

“What this research clearly shows is that US businesses are increasingly aware of the cyber threat and have a range of counter measures in place. However, digital crime as a whole – a dangerous combination of organized groups of criminals using cyber techniques to carry out financial crime – is also a major concern, particularly since the most recent wave of high-profile attacks.

“And as the number of avenues open to criminals in a hyper-connected world increases, we are seeing a genuine hunger from businesses for a clearer understanding of their own vulnerabilities and up to the minute cyber threat intelligence.”

Further US findings:

  • Cost: 29% of respondents estimated a successful cyber attack would cost their organisation more than US$75 million, a further 20% said more than US$15 million.
  • Cause of attacks: The group identified as most likely to mount target attacks by the highest number of US respondents was organised groups of fraudsters (55% of respondents). Americans were more concerned about those involved in industrial espionage than any other market (47% compared to 40% in Canada, 37% in the UK and 35% in Australia).
  • Concern: When asked what they would be most concerned about in the event of a successful attack, the most common response in the US was loss of customer data (61%). The second ranking concern amongst US respondents was theft of intellectual property – with Americans noticeably more concerned about IP theft than other markets (47% or respondents compared to 38% in Canada, 35% in the UK, and 43% in Australia).
  • Confidence: A substantial majority (88%) were confident in their organisation’s ability to prevent targeted cyber attacks. A smaller, but still large majority (77%), were confident in their sector’s ability to prevent attacks.
  • Crisis Plans: 28% of US organisations surveyed still did not have, or were unaware of, crisis plans in the event of a cyber attack on their company. Of those respondents who did have crisis plans, 56% thought these were well publicised. In Canada 70% of those surveyed said they had crisis plans, but only 37% of those with plans said they were well publicized.
  • Convergence: Of those respondents who had encountered cyber-enabled fraud, 55% of US respondents and 50% of Canadian respondents expect cyber to play an increasing role in financial fraud.

Martin Sutherland, Managing Director, BAE Systems Applied Intelligence, continued:

“The recent attacks demonstrate that there is no ‘silver bullet’ and a combination of robust processes, and controls, user awareness and vigilant security operations all have to play a part in protecting the enterprise. However, these approaches are only as good as the information used to implement them.

“In order to adapt to the ever evolving threat landscape, companies will also need to develop holistic threat intelligence management programs supported by security platforms that not only provide the raw intelligence data but also the ability to process and analyze large amounts of complicated information as quickly and clearly as possible.”

BAE Systems Applied Intelligence continues to develop ground breaking analytics tools that enable businesses to make the best possible use of all the threat data and intelligence they receive in order to defend themselves and their customers from digital criminality and keep one step ahead of an increasingly sophisticated group of adversaries.

Related Topic Tags

Related Defense, Military & Aerospace Forum Discussions

View the Original article

Comments Off on BAE Systems: 60% of US Businesses Have Increased Cyber Security Budget

Filed under Defence Talk

US prepares for cyber warfare with mass production of 3D-printed drones

Cyber warfare tools, guided munitions, and mass production of 3D-printed, automated drones are future military technologies that the US will be focusing on in the near future, according to a report from national security think-tank, according to the Center for a New American Security, the CBS reports.

The US is preparing for war in the robotic age, when unmanned aircraft and fleets of 3D-printed, remote-controlled drones stealthily would be flying over battlefields, suggest the CNAS study, “Process Over Platforms: A Paradigm Shift in Acquisition through Advanced Manufacturing.”

The remotely-piloted Unmanned Aircraft Systems employed over the past decade in Afghanistan, Iraq and other locations will soon be replaced by “increasingly autonomous systems” on land, sea, undersea, air and space, the report states.

According to the authors of the report, the US will be using these unmanned systems “out of operational necessity” along with the rising “costs of personnel” and the “unsustainable pace” of training soldiers.

“Technological superiority over potential state adversaries is now considered a foundational aspect of any US defense strategy,” write the authors.

“If we do not innovate boldly, others will. There is no reason to believe that other countries less friendly to the US will be unable to surprise the US by introducing militarily useful robotic system.”

Recently, Congress passed the federal budget bill for 2014, approving $497 billion for the Defense Department, which is about the same as 2013. In addition, the Pentagon will also receive $85.2 billion for war expenses, or nearly $6 billion more than was requested.

Related Topic Tags

Related Defense, Military & Aerospace Forum Discussions

View the Original article

Comments Off on US prepares for cyber warfare with mass production of 3D-printed drones

Filed under Defence Talk