Preparing for Cybergeddon.
In January 2009 FBI agents rated the possible consequences arising from cyber warfare attacks second only to those expected from weapons of mass destruction Weapons that are capable of a high order of destruction and/or of being used in such a manner as to destroy large numbers of people. Weapons of mass destruction can be high explosives or nuclear, biological, chemical, and radiological weapons, but exclude the means of transporting or . The level of this electronic threat is illustrated by the recent attacks on Estonian and Georgian national networks by Russian hackers--combine this with the fact that the world's defence architectures and economies are linked and controlled by computers.
A cyber attack is normally understood to mean a malicious intrusion into a computer network, but some military services augment this definition by including wireless networks, radar systems or other electronic warfare Noun 1. electronic warfare - military action involving the use of electromagnetic energy to determine or exploit or reduce or prevent hostile use of the electromagnetic spectrum
military action, action - a military engagement; "he saw action in Korea" (EW) invasion.
The US Air Force Cyber Command The Air Force Cyberspace Command (AFCYBER) is the newest United States Air Force major command whose development was announced by the Secretary of the Air Force on November 2, 2006. (AFCyber), which was scheduled to stand up in October 2008 but is as yet a provisional entity, defines cyberspace thus: << ... the cyber domain is characterized by use of electronic systems and the electromagnetic spectrum electromagnetic spectrum
Total range of frequencies or wavelengths of electromagnetic radiation. The spectrum ranges from waves of long wavelength (low frequency) to those of short wavelength (high frequency); it comprises, in order of increasing frequency (or decreasing . This includes all energy that flows through the electromagnetic spectrum--radio waves, microwaves, x-rays, gamma rays Gamma rays
Electromagnetic radiation emitted from excited atomic nuclei as an integral part of the process whereby the nucleus rearranges itself into a state of lower excitation (that is, energy content). and directed energy An umbrella term covering technologies that relate to the production of a beam of concentrated electromagnetic energy or atomic or subatomic particles. Also called DE. See also directed-energy device; directed-energy weapon. . If an electronic system emits, transmits or reflects, it is operating in cyberspace and we [AFCyber] are there to take military action.>>
Nato recognised the threat quite early on, according to according to
1. As stated or indicated by; on the authority of: according to historians.
2. In keeping with: according to instructions.
3. Major General Georges d'Hollander of Nato's Consultation, Command and Control Staff. Almost as soon as the Internet became an established method of doing business, Nato elected to avoid having its 'Secret' network connected to it and at the same time began to develop responses at the headquarters and agency levels. Centralisation, in this case, undoubtedly helps to improve protection levels and at the Prague Summit in November 2002 ministers agreed that the alliance needed a formal response to the developing threat. This was the seed that gave birth to the Nato Computer Incident Response Centre (NCIRC NCIRC NATO Computer Incident Response Capability ), but the individual nations were not ready to agree on a policy until they were motivated by the Estonian incident in 2007, which gave concrete form to the fears expressed by many observers. Sweden's Emergency Management Agency was so concerned by the attack on Estonia's infrastructure that it issued a detailed public report, indicating that such an attack on Sweden might easily have crippled the state, given the higher degree of networking existing in Swedish governmental and commercial circles.
To cut a long story short, this has eventually led to the creation of the Cyberdefence Management Authority (CMA CMA - Concert Multithread Architecture from DEC. ) to be headquartered in Estonia. The real challenge for this agency is that a response needs to be mounted in minutes--even seconds, in some cases--in order to prevent a cyber attack escalating to a potentially catastrophic point. A cyber threat propagates at the speed of light. There is thus little or no time in which to implement the multinational consultation process so familiar to observers of Nato's sometimes-ponderous machinations. The necessity will undoubtedly be to take immediate action without taking the time to seek the approval of the North Atlantic Council--a potential policy that will be extremely controversial in some quarters. This provides even more motivation for the involved nations to collaborate closely and for the CMA to develop standards, protocols and procedures agreed in advance that would be automatically triggered by a specific sequence of events. An added issue for the CMA is that--at this point in time there are very few people who have reached a sufficiently advanced level of competence that they can be regarded as experts in this field.
Cyber warfare is a part of the arsenal of asymmetric warfare Asymmetric warfare originally referred to war between two or more actors or groups whose relative power differs significantly. Contemporary military thinkers tend to broaden this to include asymmetry of strategy or tactics; today "asymmetric warfare" can describe a military and can provide a nation-destabilising effect for very little capital outlay capital outlay
See capital expenditure. . There is little public domain evidence for terrorists having espoused this method of attack as yet-but the threat is frighteningly real though difficult to grasp because it has no perceivable kinetic or destructive effect until it is far too late to identify it.
Another challenge facing the CMA and similar agencies elsewhere is both an operational and a technological one. Attacks will undoubtedly become more intelligently conceived and directed as perpetrators gain experience and technology provides more tools. There is therefore a requirement extant to be permanently improving defences. In addition, because a cyber attack is likely to be a cross-border event, if not worldwide, teamwork is the only viable response, according to General d'Hollander. That is why centralisation of experts and expertise is seen as the first step in evolving a credible solution, and why Nato sees the NCIRC as a central clearing house for information exchange and discussion.
Is Encryption Enough?
In light of the overcrowding overcrowding
overcrowding of animal accommodation. Many countries now publish codes of practice which define what the appropriate volumetric allowances should be for each species of animal when they are housed indoors. Breaches of these codes is overcrowding. in today's digitised battlespace, one wonders if password protection, voice scrambling, biometric controls or strong encryption An encryption method that uses a very large number as its cryptographic key. The larger the key, the longer it takes to unlawfully break the code. Today, 256 bits is considered strong encryption. As computers become faster, the length of the key must be increased. algorithms are enough to thwart a cyber attack. Simple denial-of-service attacks-the overloading of a system or network with useless or repetitive traffic--have already proven effective, but what technologies the next major attack incorporate is open for conjecture.
French Rafale fighters were grounded in January 2009 due to a Microsoft Windows See Windows.
(operating system) Microsoft Windows - Microsoft's proprietary window system and user interface software released in 1985 to run on top of MS-DOS. Widely criticised for being too slow (hence "Windoze", "Microsloth Windows") on the machines available then. worm that had infected some of the ground support systems' software.
The Conflicker virus affected the French Army's ability to repel an attack. Although the situation was quickly remedied the damage was done. Both on a physical (software included) level and psychologically, proving that even high-level government systems can be vulnerable.
A great deal of intellectual capital has been invested in developing a layered approach to cyber defence and there are some fundamental steps that can be taken, although implementing some of them may require a great deal of effort to change current mindsets and impose new standards of personal and organisational behaviour. One senior observer of efforts now being launched in the United Kingdom opines Opines are low molecular weight compounds found in plant crown gall tumors produced by the parasitic bacterium Agrobacterium. Opine biosynthesis is catalyzed by specific enzymes encoded by genes contained in a small segment of DNA (known as the T-DNA, for 'transfer DNA') that the entire process would take a huge step forward if individuals could be persuaded to be serious about using robust system passwords--and changing them regularly. It is a frighteningly real fact that a large percentage of passwords at the individual user or terminal level are still ... 'password'!
The Sat Threat
Thrane & Thrane has recently released its Explorer 727 Broadband Global Area Network A Broadband Global Area Network or BGAN for short, is a form of Satellite internet and telephony provided by INMARSAT. The system uses two geostationary satellites with additional satellites planned to be launched in 2007/2008 to increase coverage to global. terminal and antenna for on-the-move satcom-equipped vehicular units. The 727 unit uses spot beam A spot beam, in telecommunications parlance, is a satellite signal that is specially concentrated in power (i.e. send by a high-gain antenna) so that it will cover only a limited geographic area on earth. handover n. 1. The act of relinquishing property or authority etc. to another; as, the handover of occupied territory to the original posssessors; the handover of power from the military back to the civilian authorities s>. technology to maintain a continuous signal as it switches between satellite beams. Such developments bring an enhanced level of operation and protection to mobile satellite systems, but considering the intelligence level of cyber terrorists, their motivation and their financial rewards (and backing), any system emitting or receiving data via airborne or hardwired propagation is at risk.
Boeing recently built a software program for the US Department of Defense's Transformational Satellite Communications System--one that will allow all Tsat space and ground-based systems to work together, thereby eliminating the requirement for multiple programs to run different operations. The Tsat (as seen in our title photo) is an integral part of the US military's global communication network. Along with such prominence comes a note of (possible) vulnerability, as those searching for a substantial target could eventually realise that one well-placed worm or Trojan horse See Trojan.
hollow horse concealed soldiers, enabling them to enter and capture Troy. [Gk. Myth.: Iliad]
See : Deceit
(application, security) Trojan horse activated at the optimum juncture could, in fact, bring such a system to its knees.
In January 2009 the US Army Biometrics Task Force awarded Raytheon's Intelligence and Information Systems a $ 497 million contract under the Biometrics Operations and Support Services--Unrestricted (Boss-U) programme to enhance the US Department of Defense's infrastructure, architecture and standards for biometric defence capabilities.
In November 2008 Visiongain released a report titled Cyberwarfare Market 2008-2018, which is an analysis of both defensive and offensive cyber warfare capabilities. The publication details the growth of the market and how the lion's share of spending is devoted to cyber defence, and the increasing attention of nations to focus their security assets in developing cyber warfare capabilities as <<a natural progression in defence>>.
To illustrate the above mention, in October 2008 Lockheed Martin For the former company, see .
Lockheed Martin (NYSE: LMT) is a leading multinational aerospace manufacturer and advanced technology company formed in 1995 by the merger of Lockheed Corporation with Martin Marietta. established a new Center for Cyber Security Innovation (CCSI CCSI Computer & Control Solutions, Inc
CCSI Cisco Certified Systems Instructor (training qualification)
CCSI Canadian Centre for Swine Improvement
CCSI Contemporary Control Systems, Inc
CCSI Channel Coding with Side Information ) as an evolution of the company's cyber security capabilities. The centre will integrate present and developing cyber security technologies for designing, analysing and employing real-time protection Real-time protection, on-access scanning, background guard, resident shield, autoprotect, and other synonyms refer to the automatic protection provided by most antivirus, antispyware, and other antimalware programs, which is arguably their most important and 'attack management' to its internal communication network, and this service will be extended to the centre's customers.
Northrop Grumman Northrop Grumman Corporation (NYSE: NOC) is an aerospace and defense conglomerate that is the result of the 1994 purchase of Grumman by Northrop. The company is the third largest defense contractor for the U.S. , through a Darpa contract awarded in January 2009, will provide the use of its High-fidelity Test Range as a platform for the Defense Advanced Research Projects Agency's National Cyber Range; a part of the US National Cybersecurity Initiative designed to improve the nation's defence against electronic attacks through evaluating a variety of cyber scenarios. The project is designed to test and analyse new concepts and technologies to recognise and counter a host of cyber warfare threats. The range will consist of a closed laboratory with which to duplicate a full-scale telecommunications infrastructure with hundreds of computers running a variety of operating systems Operating systems can be categorized by technology, ownership, licensing, working state, usage, and by many other characteristics. In practice, many of these groupings may overlap. in a highly controlled environment. These networks are then hacked from other computers, with the results analysed and recorded.
For the research and development sector of the National Cyber Range, Darpa has awarded an $ 8.6 million contract to Cobham to provide cutting-edge solutions for the protection of cyber resources. Included in this award are L-3 Communications
L-3 Communications Holdings, Inc. (NYSE: LLL) is a company that supplies command, control, communications, intelligence, surveillance and reconnaissance (C3ISR) systems and , Juniper Networks Juniper Networks, Inc. (NASDAQ: JNPR) is an information technology company based in Sunnyvale, California and founded in 1996. The company designs and sells Internet Protocol network products and services. , Breakaway, Sandpiper sandpiper, common name for some members of the large family Scolopacidae, small shore birds, including the snipe and the curlew. Sandpipers are wading birds with relatively long legs and long, slender bills for probing in the sand or mud for their prey—all Software and Skaion.
The definition of cyber warfare extends to protection from external to internal threats from compromised applications and hackers. Defence applications and networks are exposed to daily risks on an unprecedented level due in part to inexperienced users and those who can capitalise on those openings.
Qinetiq and Secerno have created a partnership to offer database control and managed security to government departments and industry through the use of Secerno's Datawall product coupled to Qinetiq's Managed Intrusion Detection See IDS and IPS. Service. Datawall uses micro-perimeter security that places a security barrier next to the database. The Datawall creates a model of user behaviour to 'understand' normal database intent and allows only operations within these parameters.
With the Datawall, Qinetiq hopes to offer enhanced database policy enforcement and auditing services by logging, alerting, blocking or substituting every suspect query to the database without blocking legitimate activities.
Cyber defence will improve at all levels, as it must. The replacement of existing network cabling with fibre optic links will be an enormous boon, since the latter medium is far less vulnerable--though by no means impervious--to attack. At the communications level, more robust cryptography can be used to protect system integrity and at the information level better password security and the introduction of such mechanisms as biometric security will have a beneficial effect. At the network levels--local, wide area and Internet--better conceived authentication and identification procedures--some of which will incorporate security hardware as well as middleware and software--will bolster other efforts to retain an adequate degree of control over networks in times of crisis. And perhaps the ultimate defence will be the ability--and the intestinal fortitude--to 'pull the plug' on the network and take it out of the system at the first signs of attack.