GEN Keith Alexander, commander of the U.S. Cyber Command, reinforced his belief that the United States remains vulnerable to a massive cyberattack and that such an attack might take place at any time, during his Aug. 14 keynote speech at The Armed Forces Communications and Electronics Association (AFCEA) conference in Baltimore. In his remarks he hammered on the needs for more collaboration between the U.S. military, law enforcement, the government and private companies, which own more than 80 percent of the nation’s critical infrastructure. These remarks have become the foundation for most of his speeches.
What was new is his idea on a combined cyber force that integrates cyber intelligence, cyber defense and cyber offense into a single cohesive unit. This differs significantly from the current organizational design of most of our military operational units. He even said, "Our intelligence team is trained to a different standard, and we have an attack community, and everyone is trained to a different standard over here.”
His remarks focused on the criticality of a common training standard across the nation’s cyber forces. I hope his vision will extend beyond the military and intelligence communities into law enforcement and those organizations in the private sector that protect the nation’s critical infrastructure from cyberattacks.
It is clear that Alexander has a fairly detailed vision of what the United States needs to defend itself in the cyber domain. His remarks at the AFCEA event, at the recent DefCon conference and his statements that have appeared in the media all have a consistent theme--and he continues to reinforce this message. Let’s hope his vision becomes reality before we really need the resources.
Posted on Aug 23, 2012 at 1:12 PM1 comments
Syria is clearly in a state of civil war. It is hard to escape the massive coverage this unrest has received since the conflict began about 18 months ago. However, the cyber side of the conflict has not received anywhere near that level of coverage. There are so many cyber skirmishes taking place it would not be possible to cover all of the events, so here are a few of the more interesting cyber exchanges.
Most recently the two sides exchanged cyber fire in a dis-information campaign. The media giant Reuters became an unwilling participant in this exchange. One of the media giant’s blogs was accessed and inaccurate and unauthorized reports that rebel forces were gaining ground in Syria suddenly appeared. Then Reuter’s Twitter feed was used by hackers, it was renamed and began falsely tweeting about a rebel collapse in Aleppo. These cyberattacks were not very sophisticated, but that just shows the current state of cyber insecurity. Some feel these acts have undermined the media’s integrity, but the media companies found it and timely reported on it so the impact is marginal at best.
Particularly interesting is that on July 19, in a split second, Syria as a nation was disconnected from the Internet for 40 minutes. The cause of this is unknown and like most questions asked of the government have not been answered. But wait it gets better. The top cyber incident had to be when an account of a foreign diplomat was accessed and used to release a statement that Syrian President Bashar al-Assad was dead. What might come next is anyone’s guess.
It shouldn’t be surprising to anyone that the Syrian military and the rebel factions have developed or acquired cyber weapons and are using them. It's in line with modern military thinking and will be a part of modern conflict from this point on. Clearly, the exchange of cyber fire in Syria will undoubtedly continue for the foreseeable future. What is the most interesting aspect of all this was that Reuters, the unwilling participant, was the biggest loser in this battle.
Posted on Aug 16, 2012 at 7:37 AM2 comments
Brazil’s military took the plunge and recently established a military cyber command. Many have applauded this action as a big first step. After all, Brazil is in the top 10 countries when it comes to cyber crime, and some estimates have placed the country in the top 5 in that category.
Brazil's armed forces (Navy, Air Force and and Marine Corps) are the largest in Latin America with just more than 300,000 members and also more than 1 million reservists. The country’s armed forces’ budget is estimated to be between 1.7 percent and 1.85 percent (+/- $44.5 billion) of the country’s gross domestic product, which in 2011 was estimated at $2.324 trillion.
While the cyber group is limited in size and has a modest budget. Army General José Carlos dos Santos, commander of the Cyber Defense Center, anticipates the center’s staff to soon grow to about 100. In a published interview, he described cyber warfare as an asymmetric challenge and identified future challenges that he and his staff will focus on in the months ahead.
Brazil is re-skilling members of its military and supplementing them by hiring civilians with desired cyber skills. The new cyber center is constructing a modern situational awareness room to monitor cyber threats. The center’s monitoring efforts are said to focus on trends and statistics rather than monitoring individual users, and broader attention is being given to threats on social networks.
Brazil ranks 37 in the world in terms of cyber warfare capabilities in the Cyber Commander’s eHandbook and this move is expected to raise that ranking moderately.This comes as little surprise to those that monitor cyber threat activity globally. Brazil has been the target of hostile cyber activities. Some reports suggest the country receives thousands of cyberattacks each day. Some of the more harmful cyberattacks have been denied by Brazilian authorities.
Posted on Aug 09, 2012 at 12:21 PM0 comments
To some extent we are all shaped by the breadth and depth of our experiences in the cyber domain. These experiences are what shapes our mental models and drives our actions. The development of our mental models is influenced by related events we are exposed to whether directly or indirectly. These mental models have somewhat culminated around a set of key areas. An interesting question came up last week – based on the last decade of experience -- what would be the top 10 areas that contribute the most to cyber insecurity?
After careful consideration below is my list. (These are not in any specific order. )
--Egos and attitudes of users and security staff.
--Perception of immunity of software suppliers.
--Limited funding for cybersecurity programs.
--Failure to integrate cyber and physical security.
--Inability to keep up with malware production.
--Lack of global cooperation on cyber investigations.
--Global black market for zero-day threats.
--Overlapping, contradicting and confusing regulations.
.--Lack of cyber threat understanding by executives.
--Assignment of responsibility without authority.
Those who have different opinions and attitudes are coming from a different perspective. The warnings about the threats posed by cyberattacks from cleared security professionals are often harsher and express more concerns than those who are not experiencing the brunt or most advanced that cyber attackers have to offer. Based on my perception, the national security implication of these cyberattacks is huge and continues to get worse. The public and private-sector need to come together and address this critical issue before it is too late.
Posted on Jul 27, 2012 at 8:28 AM1 comments