North Korea recently demonstrated its cyber-related capabilities by jamming the Global Positioning System (GPS) navigation systems in the area of the border between North and South Korea. This obviously is part of what North Korea referred to in its pledge to carry out “special actions” against South Korea. The attack, which lasted nearly a week, began in late April and carried into early May. The attack affected GPS capabilities in passenger vehicles, aircraft, ships and other navigation systems. Most GPS systems displayed an error message due to the hostile activities.
The effect was said to be negligible, and no accidents, injuries or deaths were reported due to the GPS disruption. However, one has to conclude that the safety of those who depend on the GPS systems had to have been put at some minimal level of risk. One intelligence source stated that it believes Russian companies have been providing fairly powerful GPS jamming equipment to the North Korean military for some time now. This is the second time GPS systems were the target of a hostile action. The previous attack occurred back in March of 2011 and lasted 10 days.
We researched GPS jamming devices shortly after the 2011 attack and found a few available online. We ordered and tested one and for under $500 and free shipping. It jammed the GPS signal for about 150 feet around the jammer. While the North Korean jamming capability was much greater, this experiment demonstrated the ease with which this could be done by anyone with some funding.
Posted on May 17, 2012 at 9:20 AM0 comments
President Barack Obama continuing with his efforts to reduce the impact of cyberattacks on our nation recently commissioned a national preparedness report. The report has been published, and the news is not good when it comes to cybersecurity.
The Federal Emergency Management Agency's National Preparedness Report was constructed to assess our country’s preparedness to respond to a wide range of crises, including cybersecurity. As many professional in the field of cybersecurity already know, this is an area that requires immediate action. In the assessment of core capabilities, cybersecurity came in dead last.
One of the key findings stated that cybersecurity and recovery-focused core capabilities are national areas for improvement. Interestingly enough, more than 60 percent of the states had identified cybersecurity as a high-priority capability. Even though cybersecurity is a high priority in more than 60 percent of the states, the average cyber capability level determined by this study was only 42 percent (an F), and 45 percent (another F) had not implemented a formal cyber risk management program. A possible contributing factor for this finding is that cyber-related grants have been minimal.
The most alarming disclosure in the report was that only 50 percent of owners and operators at high-priority facilities participating in the survey said that they report cyber incidents to external parties. The Security and Exchange Commission (SEC) recently released guidance to publicly traded companies about the required disclosure of cyber incidents. In fourth quarter 2011, the SEC issued CF Disclosure Guidance: Topic No. 2 (Guidance) related to the obligations regarding cybersecurity risks and cyber incidents for public companies. Given the SEC’s actions and many other contributing factors, many critical infrastructure providers now identify cybersecurity as a priority issue and executive management has become involved.
This is not a new threat and the vulnerability of our critical infrastructure has been known for some time now. It is mind boggling how slow this sector has moved to address the rapidly evolving threat of cyberattacks.
Posted on May 10, 2012 at 12:13 AM0 comments
The age of cyber diplomacy and cyber policy enforcement is upon us. These and other related topics have been recently covered in the popular press and now seem to have made their way from print into reality. In recent weeks Iran was hit be a series of cyberattacks that impacted its ability to refine and export its oil and gas. As one would expect, Iranian officials have downplayed the attacks and insisted they hadn’t affected oil production or exports. If the main facility of the National Iranian Oil Company was disrupted it would have an economic impact of about $200 million a day.
As you may recall, the United States and the European Union sought to pressure Iran to end its nuclear enrichment and imposed sanctions on the nation, which is one of the top three crude producers in the world. Recently, the effectiveness of the sanctions came into question, even though President Mahmoud Ahmadinejad acknowledged in November 2011 that they were having an impact. Despite the economic impact produced by these sanctions, the Iranian leadership shows no indications that it is scaling back or intends to scale back its nuclear enrichment program.
Did forces yet to be named (Iran says they know who was behind the cyberattacks) use cyberattacks to enhance the impact of the existing sanctions and put further pressure on the country’s leadership to curb its nuclear enrichment program? One could certainly see how world leaders might use the soft-power projection capabilities of cyberattacks. As one insider put it, “Use of ‘cyber sanctions’ is a viable alternative to the alternative bombings.” This is the latest tool in 21st-century diplomacy.
Posted on May 03, 2012 at 7:04 AM0 comments
As soon as the term spying comes up, most people conjure up the mental image of James Bond, the spy of all time. That image of spying is in dire need of an update. Today, spying does not just target governmental, diplomatic and military secrets. Spying is now just as much about the next generation of products and technological innovation.
It was recently disclosed that losses from open cases of corporate espionage under investigation by the FBI total $13 billion. It was a shock to me that industry organizations in countries such as South Korea and Israel are often said to be the recipients of illegally obtained secrets. I thought they were our allies. Of course, the largest offender is said to be China, which should not surprise anyone.
What about our defenses? Have we taken this problem seriously and put the proper level of protection in place? I took a look at one multibillion dollar organization on which I had detailed information, and came up with the following:
- Breach risk dollars: The estimated total dollar risk of a breach is about $263.8 million. (That’s the total records containing personal information times $194, the average per record breach cost.)
- Security team load: Cybersecurity team revenue protection burden of more than $136 million. (That’s the total dollars of revenue divided by the number of security team full-time equivalents.)
The back-of-the-envelope metrics surprised the heck out of me. Those two metrics would seem to indicate a significant amount of responsibility for each individual member of the security team. Does this sound reasonable?
Posted on Apr 26, 2012 at 12:08 PM1 comments