Commander Krill
New Member
ADMIN/MOD's - I can't post links until I have a greater post count, and I don't think a single paragraph would be sufficient to try and show people what exactly I'm talking about. If it's not possible to leave the thread open I will make sure I save it and post it in the future when I have a higher post count and can post links.
A news article;
" The US is set to publish plans that will categorise cyber-attacks as acts of war, the Pentagon says.
In future, a US president could consider economic sanctions, cyber-retaliation or a military strike if key US computer systems were attacked, officials have said recently.
The planning was given added urgency by a cyber-attack last month on the defence contractor, Lockheed Martin.
A new report from the Pentagon is due out in a matter of weeks.
"A response to a cyber-incident or attack on the US would not necessarily be a cyber-response. All appropriate options would be on the table," Pentagon spokesman Col Dave Lapan told reporters on Tuesday.
Col Lapan confirmed the Pentagon was drawing up a cyber defence strategy, which would be ready in two to three weeks.
Cyber-attacks from foreign nations that threaten widespread US civilian casualties, like cutting off power supplies or shutting down emergency-responder networks, could be treated as an act of aggression under the new policy.
But the plan does not mention how the US may respond to cyber-attackers, such as terrorists, who are not acting for a nation state.
'All necessary means'
The Pentagon's planning follows an international strategy statement on cyber-security, issued by the White House on 16 May.
Continue reading the main story
Analysis
image of Adam Brookes Adam Brookes BBC News, Washington
American strategists are wrestling with the big, new questions of cyber war. What constitutes cyber attack? What laws, definitions and principles should governments use to formulate their response?
How do you tell the difference between a virtual annoyance perpetrated by criminals and hackers and an act of war perpetrated by a nation state? This question is perhaps the biggest difficulty facing those who are charged with writing the doctrine of cyber war.
It's often referred to as the "attribution problem". When an American entity - a government department, the military or a corporation - becomes aware they are under cyber-attack when their networks start malfunctioning, how do they know who is doing the attacking?
Savvy Computer Network Defence (CND) specialists may be able to track the attack to a specific country, even to a specific internet address. But who is operating the computer terminal? An operative of a rival state acting under orders? Or a hacker acting on her own initiative? Or something in between?
"Whose fingers are on the keyboard?" ask the CND specialists. When you don't know who your attacker is, finding a legal and ethical response becomes very difficult.
The US would "respond to hostile acts in cyberspace as we would to any other threat to our country", stated the White House in plain terms.
"We reserve the right to use all necessary means - diplomatic, informational, military, and economic - as appropriate and consistent with applicable international law, in order to defend our nation, our allies, our partners and our interests."
The Wall Street Journal quoted a military official as saying: "If you shut down our power grid, maybe we will put a missile down one of your smokestacks."
White House officials said consideration of a military response to a cyber-attack would constitute a "last resort", after other efforts to deter an attack had failed, the New York Times newspaper reported.
Sophistication of hackers
One of the difficulties strategists are grappling with is how to track down reliably the cyber-attackers who deliberately obscure the origin of their incursions.
The sophistication of hackers and frequency of the attacks came back into focus after an attack on arms-maker Lockheed Martin on 21 May.
Lockheed said the "tenacious" cyber-attack on its network was part of a pattern of attacks on it from around the world.
The worst cyber-attack against the US military occurred in 2008, when malicious software on a flash drive commandeered computers at US Central Command.
The US defence department estimates that more than 100 foreign intelligence organizations have attempted to break into American networks.
The US is also accused of using cyber warfare against other nations. In 2010 Iran accused the US of helping to develop Stuxnet, a software worm aimed at controlling systems in Iranian nuclear plants. "
Furthermore;
" The targeted attack used by hackers to compromise e-mail accounts of top US officials is reaching 'epidemic' proportions, say security experts.
The scam, known as spear phishing, was used in a bid to get passwords of Gmail accounts so they could be monitored.
Via a small number of customised messages it tries to trick people into visiting a web page that looks genuine so users type in login names.
Such attacks are often aimed at top officials or chief executives.
Such attacks are not new, say security professionals, but they are becoming more commonplace.
"What is happening more and more is the targeting of a couple of high value individuals with the one goal of acquiring valuable information and valuable data," said Dan Kaminsky, chief scientist at security firm DKH.
"The most interesting information is concentrated in the accounts of a few people," he said. "Attackers using information to impersonate the users is at epidemic proportions and why computer security is in the state it is in."
In March, security firm RSA was hit by a sophisticated spear-phishing attack that succeeded despite only two attacking e-mails being sent. The phishing e-mail had the subject line "2011 Recruitment Plan" and contained a booby-trapped spreadsheet.
Total access
Google said it uncovered the deception through a combination of cloud based security measures, abuse detections systems and user reports. It also cited work done by a website called contagio dump.
The founder of the site is technologist and researcher Mila Parkour who said the method used in this attack was "far from being new or sophisticated".
SecurID token, RSA The RSA attack involved two e-mails sent to a small group of high-value individuals.
She told the BBC she was first alerted to the problem by one individual back in February. She would not reveal their name or position.
Google said that among those targeted were senior US government officials, military personnel, journalists, Chinese political activists and officials in several Asian countries, predominately South Korea.
"Someone shared the incident with me," she said. "I did a mini research and analysis and posted the findings as I heard it happened to other people in the military and US government. I just wanted them to be aware and be safe."
Ms Parkour said attackers got access to the entire mailboxes of victims.
"I did not read the contents of the mailbox so not sure if anything extra interesting was there," she said. "I hope not."
Chinese connection
Cyber attacks originating in China have become common in recent years, said Bruce Schneier, chief security technology officer at telecoms firm BT.
"It's not just the Chinese government," he said. "It's independent actors within China who are working with the tacit approval of the government."
F-35 Lightning, Reuters defence firm Lockheed Martin was also hit by a cyber attack aimed at stealing secrets
China has said repeatedly it does not condone hacking, which remains a popular hobby in the country, with numerous websites offering cheap courses to learn the basics.
In 2010 Google was the victim what it called a "highly sophisticated and targeted attack on our corporate infrastructure originating from China" that it said resulted in the theft of intellectual property.
Last year, US. investigators said there was evidence suggesting a link between the Lanxiang Vocational School in Jinan and the hacking attacks on Google and over 20 other firms. The school denied the report.
Easy access
Security experts said spear phishing attacks were easy to perpetrate because of the amount of information people put on the internet about themselves on social networking sites such as Facebook and Twitter.
The mountain of data lets canny hackers piece together enough information to make e-mails they concoct appear convincing and genuine.
In this attack, some Gmail users received a message that looked like it came from a work colleague or was linked to a work project.
On Ms Parkour's site, she shows some of the spoof e-mails indicating how easy it was for people to be hoodwinked.
"It makes sense these bad guys would go that way given the amount of time, effort and investment they have to make in orchestrating an attack," said Dr Hugh Thompson, chief security strategist at People Security who also teaches at Columbia University.
People tend to trust messages that look like they come from people bearing details of where they last met or what they did, he said.
"I can then point you to a site that looks very much like Gmail and you are not going to question that because I already have your trust," he said.
Steve Durbin, head of the Information Security Forum, said phishing attacks were a well-established attack method and e-mail had long been a favourite among criminals keen to winkle out saleable data.
"Whether you are a government official with access to sensitive or secret information, or the average e-mail user, everyone must be on their guard and become more security savvy," he said.
Organisations needed to educate users about the real and potential risks they face.
Mr Kaminsky said some of the fault for such security lapses lay at the feet of the outdated technologies we use.
"Passwords don't work as an authentication technology," said Mr Kaminsky.
"They are too flexible, too transferable and too easy to steal," he said. "However, we are stuck with them for now due to technical limitations and because users find them easy to use."
What can we learn from this? No doubt the U.S are tracing and profiling the people that made these cyber attacks probing for information against the officials mentioned. But what then? If there is proven government involvement from the Chinese side, would this be seen as a provocation or even a means for war?
I personally think that if it is found out to be government affiliated then there things will be A LOT messier than trade sanctions.
What are your views?
A news article;
" The US is set to publish plans that will categorise cyber-attacks as acts of war, the Pentagon says.
In future, a US president could consider economic sanctions, cyber-retaliation or a military strike if key US computer systems were attacked, officials have said recently.
The planning was given added urgency by a cyber-attack last month on the defence contractor, Lockheed Martin.
A new report from the Pentagon is due out in a matter of weeks.
"A response to a cyber-incident or attack on the US would not necessarily be a cyber-response. All appropriate options would be on the table," Pentagon spokesman Col Dave Lapan told reporters on Tuesday.
Col Lapan confirmed the Pentagon was drawing up a cyber defence strategy, which would be ready in two to three weeks.
Cyber-attacks from foreign nations that threaten widespread US civilian casualties, like cutting off power supplies or shutting down emergency-responder networks, could be treated as an act of aggression under the new policy.
But the plan does not mention how the US may respond to cyber-attackers, such as terrorists, who are not acting for a nation state.
'All necessary means'
The Pentagon's planning follows an international strategy statement on cyber-security, issued by the White House on 16 May.
Continue reading the main story
Analysis
image of Adam Brookes Adam Brookes BBC News, Washington
American strategists are wrestling with the big, new questions of cyber war. What constitutes cyber attack? What laws, definitions and principles should governments use to formulate their response?
How do you tell the difference between a virtual annoyance perpetrated by criminals and hackers and an act of war perpetrated by a nation state? This question is perhaps the biggest difficulty facing those who are charged with writing the doctrine of cyber war.
It's often referred to as the "attribution problem". When an American entity - a government department, the military or a corporation - becomes aware they are under cyber-attack when their networks start malfunctioning, how do they know who is doing the attacking?
Savvy Computer Network Defence (CND) specialists may be able to track the attack to a specific country, even to a specific internet address. But who is operating the computer terminal? An operative of a rival state acting under orders? Or a hacker acting on her own initiative? Or something in between?
"Whose fingers are on the keyboard?" ask the CND specialists. When you don't know who your attacker is, finding a legal and ethical response becomes very difficult.
The US would "respond to hostile acts in cyberspace as we would to any other threat to our country", stated the White House in plain terms.
"We reserve the right to use all necessary means - diplomatic, informational, military, and economic - as appropriate and consistent with applicable international law, in order to defend our nation, our allies, our partners and our interests."
The Wall Street Journal quoted a military official as saying: "If you shut down our power grid, maybe we will put a missile down one of your smokestacks."
White House officials said consideration of a military response to a cyber-attack would constitute a "last resort", after other efforts to deter an attack had failed, the New York Times newspaper reported.
Sophistication of hackers
One of the difficulties strategists are grappling with is how to track down reliably the cyber-attackers who deliberately obscure the origin of their incursions.
The sophistication of hackers and frequency of the attacks came back into focus after an attack on arms-maker Lockheed Martin on 21 May.
Lockheed said the "tenacious" cyber-attack on its network was part of a pattern of attacks on it from around the world.
The worst cyber-attack against the US military occurred in 2008, when malicious software on a flash drive commandeered computers at US Central Command.
The US defence department estimates that more than 100 foreign intelligence organizations have attempted to break into American networks.
The US is also accused of using cyber warfare against other nations. In 2010 Iran accused the US of helping to develop Stuxnet, a software worm aimed at controlling systems in Iranian nuclear plants. "
Furthermore;
" The targeted attack used by hackers to compromise e-mail accounts of top US officials is reaching 'epidemic' proportions, say security experts.
The scam, known as spear phishing, was used in a bid to get passwords of Gmail accounts so they could be monitored.
Via a small number of customised messages it tries to trick people into visiting a web page that looks genuine so users type in login names.
Such attacks are often aimed at top officials or chief executives.
Such attacks are not new, say security professionals, but they are becoming more commonplace.
"What is happening more and more is the targeting of a couple of high value individuals with the one goal of acquiring valuable information and valuable data," said Dan Kaminsky, chief scientist at security firm DKH.
"The most interesting information is concentrated in the accounts of a few people," he said. "Attackers using information to impersonate the users is at epidemic proportions and why computer security is in the state it is in."
In March, security firm RSA was hit by a sophisticated spear-phishing attack that succeeded despite only two attacking e-mails being sent. The phishing e-mail had the subject line "2011 Recruitment Plan" and contained a booby-trapped spreadsheet.
Total access
Google said it uncovered the deception through a combination of cloud based security measures, abuse detections systems and user reports. It also cited work done by a website called contagio dump.
The founder of the site is technologist and researcher Mila Parkour who said the method used in this attack was "far from being new or sophisticated".
SecurID token, RSA The RSA attack involved two e-mails sent to a small group of high-value individuals.
She told the BBC she was first alerted to the problem by one individual back in February. She would not reveal their name or position.
Google said that among those targeted were senior US government officials, military personnel, journalists, Chinese political activists and officials in several Asian countries, predominately South Korea.
"Someone shared the incident with me," she said. "I did a mini research and analysis and posted the findings as I heard it happened to other people in the military and US government. I just wanted them to be aware and be safe."
Ms Parkour said attackers got access to the entire mailboxes of victims.
"I did not read the contents of the mailbox so not sure if anything extra interesting was there," she said. "I hope not."
Chinese connection
Cyber attacks originating in China have become common in recent years, said Bruce Schneier, chief security technology officer at telecoms firm BT.
"It's not just the Chinese government," he said. "It's independent actors within China who are working with the tacit approval of the government."
F-35 Lightning, Reuters defence firm Lockheed Martin was also hit by a cyber attack aimed at stealing secrets
China has said repeatedly it does not condone hacking, which remains a popular hobby in the country, with numerous websites offering cheap courses to learn the basics.
In 2010 Google was the victim what it called a "highly sophisticated and targeted attack on our corporate infrastructure originating from China" that it said resulted in the theft of intellectual property.
Last year, US. investigators said there was evidence suggesting a link between the Lanxiang Vocational School in Jinan and the hacking attacks on Google and over 20 other firms. The school denied the report.
Easy access
Security experts said spear phishing attacks were easy to perpetrate because of the amount of information people put on the internet about themselves on social networking sites such as Facebook and Twitter.
The mountain of data lets canny hackers piece together enough information to make e-mails they concoct appear convincing and genuine.
In this attack, some Gmail users received a message that looked like it came from a work colleague or was linked to a work project.
On Ms Parkour's site, she shows some of the spoof e-mails indicating how easy it was for people to be hoodwinked.
"It makes sense these bad guys would go that way given the amount of time, effort and investment they have to make in orchestrating an attack," said Dr Hugh Thompson, chief security strategist at People Security who also teaches at Columbia University.
People tend to trust messages that look like they come from people bearing details of where they last met or what they did, he said.
"I can then point you to a site that looks very much like Gmail and you are not going to question that because I already have your trust," he said.
Steve Durbin, head of the Information Security Forum, said phishing attacks were a well-established attack method and e-mail had long been a favourite among criminals keen to winkle out saleable data.
"Whether you are a government official with access to sensitive or secret information, or the average e-mail user, everyone must be on their guard and become more security savvy," he said.
Organisations needed to educate users about the real and potential risks they face.
Mr Kaminsky said some of the fault for such security lapses lay at the feet of the outdated technologies we use.
"Passwords don't work as an authentication technology," said Mr Kaminsky.
"They are too flexible, too transferable and too easy to steal," he said. "However, we are stuck with them for now due to technical limitations and because users find them easy to use."
What can we learn from this? No doubt the U.S are tracing and profiling the people that made these cyber attacks probing for information against the officials mentioned. But what then? If there is proven government involvement from the Chinese side, would this be seen as a provocation or even a means for war?
I personally think that if it is found out to be government affiliated then there things will be A LOT messier than trade sanctions.
What are your views?
