Archive for the cyber security Category
The U.S. government is expanding a cybersecurity program that scans Internet traffic headed into and out of defense contractors to include far more of the country’s private, civilian-run infrastructure.
As a result, more private sector employees than ever before, including those at big banks, utilities and key transportation companies, will have their emails and Web surfing scanned as a precaution against cyber attacks.
Under last month’s White House executive order on cybersecurity, the scans will be driven by classified information provided by U.S. intelligence agencies — including data from the National Security Agency (NSA) — on new or especially serious espionage threats and other hacking attempts. U.S. spy chiefs said on March 12 that cyber attacks have supplanted terrorism as the top threat to the country.
The Department of Homeland Security will gather the secret data and pass it to a small group of telecommunication companies and cyber security providers that have employees holding security clearances, government and industry officials said. Those companies will then offer to process email and other Internet transmissions for critical infrastructure customers that choose to participate in the program.
In a blunt admission designed to prod action, Defense Secretary Leon Panetta Thursday night told business executives there has been a sudden escalation of cyber terrorism and that attackers have managed to gain access to control systems for critical infrastructure.
In a speech in New York City, Panetta said the recent activities have raised concerns inside the U.S. intelligence community that cyber terrorism might be combined with other attacks to create massive panic and destruction on par with the Sept. 11, 2001 attacks.
“These attacks mark a significant escalation of the cyber threat. And they have renewed concerns about still more destructive scenarios that could unfold,” he said. “For example, we know that foreign cyber actors are probing America’s critical infrastructure networks.
“They are targeting the computer control systems that operate chemical, electricity and water plants, and those that guide transportation throughout the country,” he added. “We know of specific instances where intruders have successfully gained access to these control systems. We also know they are seeking to create advanced tools to attack these systems and cause panic, destruction, and even the loss of life.”
Current and former U.S. officials tell the Washington Guardian that U.S. investigators have growing evidence that Iran was behind a recent wave of cyber attacks, particularly those that temporarily paralyzed energy interests in two Middle East countries that are key U.S. allies.
Panetta stopped short in his speech of formally accusing Iran but left no doubt America has strong suspicions about Tehran. “Iran has also undertaken a concerted effort to use cyberspace to its advantage,” he declared.
Panetta’s speech came as the Obama administration is pressing ahead with its own cyber security measures using executive powers after reaching a stalemate with congressional Republicans and their business allies over sweeping legislation to change the nation’s cybersecurity posture.
“This is a pre-9/11 moment,” Panetta told the business executives, referring to the period before the terror attacks 11 years ago when signs of a mounting threat were overlooked. “The attackers are plotting. Our systems will never be impenetrable, just like our physical defenses are not perfect. But more can be done to improve them. We need Congress, and we need all of you, to help in that effort.”
Panetta, who has been sounding alarm for month about the potential for a “Cyber Pearl Habor”, gave unusually blunt description of three recent attacks — one against U.S. financial interests and two against Middle East energy interests – that have raised the alarm. Defense officials said classified information was declassified so Panetta could give specific details about the nature of the attacks.
The defense secretary, who previously served as President Obama’s CIA director, said consecutive attacks on Saudi Arabia’s ARAMCO oil company and Qatar’s Ras Gas known launched by a virus known as Shamoon were “probably the most destructive attack that the private sector has seen to date. “
“Shamoon included a routine called a ‘wiper,’ coded to self-execute. This routine replaced crucial system files with an image of a burning U.S. flag. It also put additional “garbage” data that overwrote all the real data on the machine. The more than 30,000 computers it infected were rendered useless, and had to be replaced,” Panetta explained.
The defense secretary offered an assessment of possible future doomsday scenarios feared by U.S. intelligence in which cyber terrorism could be combined with waves of attacks.
“An aggressor nation or extremist group could gain control of critical switches and derail passenger trains, or trains loaded with lethal chemicals. They could contaminate the water supply in major cities, or shut down the power grid across large parts of the country.,” he said.
“The most destructive scenarios involve cyber actors launching several attacks on our critical infrastructure at once, in combination with a physical attack on our country,” he added. “Attackers could also seek to disable or degrade critical military systems and communications networks.”
According to Techland Time: CISPA, a bill that would essentially nullify current privacy laws and set companies up to share data about users with the government without the need for court orders. CISPA would amend the National Security Act of 1947 — responsible for merging the Department of Navy and War, splitting the Air Force from the Army and creating both the Central Intelligence Agency (CIA) and National Security Council (NSC) — by adding provisions that would apply to cybercrime. It aims “[to] provide for the sharing of certain cyber threat intelligence and cyber threat information between the intelligence community and cybersecurity entities,” as well as “other purposes.”
What qualifies as a “cyber threat” according to the latest draft of the bill?
…information in the possession of an element of the intelligence community directly pertaining to a vulnerability of, or threat to, a system or network of a government or private entity, including information pertaining to the protection of a system or network from (A) efforts to degrade, disrupt, or destroy such system or network; or (B) efforts to gain unauthorized access to a system or network, including efforts to gain such unauthorized access to steal or misappropriate private or government information.
Congress has attempted to sneak legislation that could change the face of the Internet as we know it, and all in the name of national security. First there was SOPA, the Stop Online Piracy Act, but now CISPA (Cyber Intelligence Sharing Protection Act) is threatening the privacy and freedom of US citizens. No online activity will be safe when it comes to these bills because as of now what’s considered a cyber security threat is a large grey area, but David Seaman, journalist and host of The DL Show, joins us to take a closer look at CISPA.
Vodpod videos no longer available.
11/30/2011–Introduced.Cyber Intelligence Sharing and Protection Act of 2011 – Amends the National Security Act of 1947 to add provisions concerning cyber threat intelligence and information sharing. Defines “cyber threat intelligence” as information in the possession of an element of the intelligence community directly pertaining to a vulnerability of, or threat to, a system or network of a government or private entity, including information pertaining to the protection of a system or network from:
(1) efforts to degrade, disrupt, or destroy such system or network; or
(2) theft or misappropriation of private or government information, intellectual property, or personally identifiable information. Requires the Director of National Intelligence to:
(1) establish procedures to allow intelligence community elements to share cyber threat intelligence with private-sector entities, and
(2) encourage the sharing of such intelligence. Requires the procedures established to ensure that such intelligence is only:
(1) shared with certified entities or a person with an appropriate security clearance,
(2) shared consistent with the need to protect U.S. national security, and
(3) used in a manner that protects such intelligence from unauthorized disclosure. Provides for guidelines for the granting of security clearance approvals to certified entities or officers or employees of such entities. Authorizes a cybersecurity provider (a non-governmental entity that provides goods or services intended to be used for cybersecurity purposes), with the express consent of a protected entity (an entity that contracts with a cybersecurity provider) to:
(1) use cybersecurity systems to identify and obtain cyber threat information in order to protect the rights and property of the protected entity; and
(2) share cyber threat information with any other entity designated by the protected entity, including the federal government. Regulates the use and protection of shared information, including prohibiting the use of such information to gain a competitive advantage and, if shared with the federal government, exempts such information from public disclosure. Prohibits a civil or criminal cause of action against a protected entity, a self-protected entity (an entity that provides goods or services for cybersecurity purposes to itself), or a cybersecurity provider acting in good faith under the above circumstances. Directs the Privacy and Civil Liberties Oversight Board to submit annually to Congress a review of the sharing and use of such information by the federal government, as well as recommendations for improvements and modifications to address privacy and civil liberties concerns. Preempts any state statute that restricts or otherwise regulates an activity authorized by the Act.
H/T IT World
Former White House cybersecurity advisor Richard Clarke has made a career out of issuing security warnings.
His most famous, of course, was his alert to Bush Administration officials in July 2001 — 10 weeks before 9/11 — that “something really spectacular is going to happen here, and it’s going to happen soon.”
Clarke was talking about an attack on U.S. soil by Al-Qaida, the terrorist group he had been warning the new administration about — to virtually complete indifference — since that January.
Now Clarke, author of the book Cyber War, is issuing an alert via Smithsonian magazine that the U.S. is defenseless against a cyberattack which could take down major parts of the nation’s infrastructure, including civilian, military and commercial networks.
What makes the U.S. especially vulnerable, Clarke says, is that its aggressive “cyberoffense” — “the U.S. government is involved in espionage against other governments,” he tells Smithsonian — isn’t matched by an effective, or even competent, cyberdefense, making the nation particularly vulnerable to blowback.
Clarke says he’s concerned that hackers on the Chinese government payroll are threatening the U.S. economy.
“I’m about to say something that people think is an exaggeration, but I think the evidence is pretty strong. Every major company in the United States has already been penetrated by China,” Clarke says in the Smithsonian interview:
Clarke claims, for instance, that the manufacturer of the F-35, our next-generation fighter bomber, has been penetrated and F-35 details stolen. And don’t get him started on our supply chain of chips, routers and hardware we import from Chinese and other foreign suppliers and what may be implanted in them—“logic bombs,” trapdoors and “Trojan horses,” all ready to be activated on command so we won’t know what hit us. Or what’s already hitting us.
To Clarke this is a more insidious and dangerous attack than some high-profile, real-time assault on commercial and government networks.
“My greatest fear is that, rather than having a cyber-Pearl Harbor event, we will instead have this death of a thousand cuts. Where we lose our competitiveness by having all of our research and development stolen by the Chinese,” Clarke tells Smithsonian. “And we never really see the single event that makes us do something about it. That it’s always just below our pain threshold. That company after company in the United States spends millions, hundreds of millions, in some cases billions of dollars on R&D and that information goes free to China….After a while you can’t compete.”
It’s easy to dismiss this as alarmism, but the man has a track record of being right.
Senate Majority Leader Harry Reid, following a recent anti-piracy legislative debacle with SOPA and PIPA, will lead his second effort of 2012 to push Internet-regulating legislation, this time in the form of a new cybersecurity bill. The expected bill is the latest attempt by the Democrats to broadly expand the authority of executive branch agencies over the Internet.
Details about the bill remain shrouded in secrecy. Clues available to the public suggest that the bill might be stronger than President Barack Obama’s cybersecurity proposal, which was released in May 2011. Reid said that he would bring the bill — expected to come out of the Senate Homeland Security and Government Affairs Committee, chaired by Connecticut independent Sen. Joe Lieberman — to the floor during the first Senate work period of 2012.
A classified meeting behind closed doors in October 2011 between key Senate committee leaders with jurisdiction over cybersecurity and White House officials, took place at the request of the Obama administration. Lieberman, in an interview with The Hill in October, said that past Senate cybersecurity bills were considerably stronger than the White House proposal.
The White House proposal recommended that the Department of Homeland Security be given broad regulatory authority for cybersecurity matters over civilian networks. The White House proposal also recommends that the DHS program be “developed in consultation with privacy and civil liberties experts and with the approval of the Attorney General.”
Read Rest here: http://dailycaller.com/2012/02/06/democrats-to-continue-internet-coup-with-new-cyber-bill/