Analysis & Commentary on the Week’s Cyber Security Issues
The “so what” factor feeds and aggregators don’t give you.
Cybercrime market sells servers for $8 to launch attacks
A major underground marketplace acting like an eBay for criminals is selling access to more than 70,000 compromised servers. It offers access to hacked computers owned by governments, companies and universities in 173 countries. Access goes for as little as $8 for a compromised server pre-equipped with software to mount DoS attacks, spam campaigns, illicit bitcoin mining or compromise online or retail payment systems. Low prices, searchable feature lists that advertise attack capabilities, together with services to protect illicit users from becoming detected attract buyers from entry-level cybercriminals to state-sponsored espionage groups. (Financial Review)
Why cyber security is losing, in a nutshell. What is our answer to such illicit marketplaces? What about our approach is going to change in response to the economically superior approach of our adversaries? The short answer is: nothing. Or viewed the other way: everything, as long as you can afford it. Cyber security has become a racket. It wasn’t intended to be, no one started out to be a war profiteer, but this is where we find ourselves and this is where we’re remain until we can figure out how to compete on price.
FBI approach to investigations puts security at risk, experts say
In an essay to be published on June 17, 2016 in Science magazine Susan Landau, professor of cybersecurity policy at Worcester Polytechnic Institute (WPI), argues that the FBI’s recent and widely publicized efforts to compel Apple Computer to write software to unlock an iPhone used by a terrorist in California reflects an outdated approach to law enforcement that threatens to weaken the security of all smartphones, potentially putting the private information of millions of smartphone users at risk and undermining the growing use of smartphones as trusted authenticators for accessing online information. (Science Daily)
The benefit of the rapid growth/use/evolution IT is the ability to come up with new ways to do things. Law enforcement, like most governmental organs, can only seem to shoe-horn old ways into modern contexts. Poorly.Better investigative solutions that leverage technology in novel ways is more likely to come from an engineer, not a special agent, which is problematic in an agency that treats anyone not a special agent as a second-class citizen. Developing new investigative tactics, techniques and procedures that keep pace with advances in IT can help investigative agencies avoid the sticky legal, political and social problems they’re dealing with now. Success will depend not so much on technical expertise, but forward thinking leadership that is willing to blaze a trail vice trod well worn ground.
A massive cyber attack could trigger NATO response
A major cyber attack could prompt a collective response by NATO, according to secretary general Jens Stoltenberg. “A severe cyber attack may be classified as a case for the alliance. Then NATO can and must react. How, that will depend on the severity of the attack.” In 2014 the US-led alliance assessed that cyber attacks could potentially trigger NATO’S mutual defense guarantee, or Article 5. That means NATO could potentially respond to a cyber attack with conventional weapons, although the response would be decided by consensus. (IT News)
What constitutes a “severe cyber attack” isn’t defined, which is important because recovering from a cyber attack can be a relatively trivial thing when compared to recovering from an airstrike. The more severe the impact of a physical weapon the less analogous they become to digital ones. All the usual means and mechanisms for proving and confirming adversary action in meat space quickly fall away in cyber space. In the time it takes to achieve a high level of confidence in a perpetrator, and get sufficient support to act, and get agreement on what a proportional response is, the enemy has achieved its goal.
Inside the Pentagon’s secretive preparations for a ‘cyber 9/11’
The massive coordinated cyber attack began with rolling blackouts throughout the electrical grid stretching across the Midwest. Then came the inexplicable malfunction at a large oil refinery in Texas. In southern California, the attack shut down several major ports by disabling hydraulic systems. Attacks on DOD networks threatened the systems that monitor North American airspace and the radars on which the U.S. military relies.This fictitious scenario was laid out for nearly 1,000 military, government and private sector personnel at this year’s Cyber Guard exercise, the nation’s largest test of its network defenses. (Military Times)
China-Based Hacking Incidents See Dip, Cybersecurity Experts Say
Chinese hacking of corporate and government networks in the U.S. and other countries appears to be declining, according to computer-security experts at companies hired to investigate these breaches. The drop-off is stark and may date back two years. (WSJ)