October 28, 2011

Boeing. (2011, October 25). Boeing opens cyber engagement center in Maryland. Retrieved from http://boeing.mediaroom.com/index.php?s=43&item=1986 [press release / related Reuters article].

Boeing today opened a new Cyber Engagement Center (CEC) in Annapolis Junction. The 32,000-square-foot facility will provide a collaborative environment where security experts work together to address current and evolving cybersecurity challenges.  "The risks to industry and government cybersecurity grow every second of every day," said John Hinshaw, vice president and general manager, Boeing Information Solutions. "We've established this center to work collaboratively with our customers to help defend their critical infrastructure -- as well as our own."

Cobb, J. (2011). Centralized execution, decentralized chaos: How the Air Force is poised to lose a cyber war. Air and Space Power Journal, 26(2), 81-86. Retrieved from http://www.dtic.mil/cgi-bin/GetTRDoc?AD=ADA544693&Location=U2&doc=GetTRDoc.pdf

In the current state of cyber warfare, massive centralized networks are at best fragile and often indefensible. The Air Force’s network operations paradigm relies on centralized control of the service’s cyberspace; although arguably adequate for maintenance and counterintelligence in “cyber peacetime,” it could fail spectacularly if ever tested by a serious cyber attack.

Grant, J. A. (2011, November / December).The National Strategy for Trusted Identities in Cyberspace: Enhancing online choice, efficiency, security, and privacy through standards. IEEE Internet Computing, 15(6), 80-84. [Full text available in IEEE Computer Society Digital Library database.]

Password-centric attacks are increasingly common, and reliance on weak password technology has been a growing attack vector that threatens to erode confidence in the online world. Alternative technologies are needed to replace passwords as the primary method of online authentication. The US government's National Strategy for Trusted Identities in Cyberspace focuses on working in partnership with the private sector to remove the barriers that have precluded most of the country from easily adopting online identification technologies that are secure and trusted and looks to technologies such as the Common Access Card to securely manage identities.

Miles, D. (2011, October 20). Doctrine to establish rules of engagement against cyber attacks. Armed Forces Press Service.  Retrieved from http://www.defense.gov/news/newsarticle.aspx?id=65739

New doctrine under review by the Joint Staff will lay out rules of engagement against an attack in cyberspace, the commander of U.S. Cyber Command said today.  The doctrine, once adopted, will help to define conditions in which the military can go on the offensive against cyber threats and what specific actions it can take, Army Gen. Keith B. Alexander told reporters at an International Systems Security Association conference here.  It will support the Defense Department’s strategy for operating in cyberspace, released in July, and President Barack Obama’s international cyberspace strategy, the general added.

October 21, 2011

Finkle, J. (2011, October 20). Nasdaq hackers spied on company boards.  Retrieved from http://www.reuters.com/article/2011/10/20/us-nasdaq-hacking-idUSTRE79J84T20111020 

Hackers who infiltrated the Nasdaq's computer systems last year installed malicious software that allowed them to spy on the directors of publicly held companies, according to two people familiar with an investigation into the matter.  The new details showed the cyber attack was more serious than previously thought, as Nasdaq OMX Group had said in February that there was no evidence the hackers accessed customer information.

Georgia Tech Information Security Center. (2011). Emerging cyber threats report 2012. Retrieved from http://bit.ly/pnxp3E 

In the past year, we have witnessed cyber attacks of unprecedented sophistication and reach. These attacks demonstrate that malicious actors have the ability to compromise and control millions of computers that belong to governments, private enterprises and ordinary citizens. If we are going to prevent motivated adversaries from attacking our systems, stealing our data and harming our critical infrastructure, the broader community of security researchers—including academia, the private sector and government—must work together to understand emerging threats and to develop proactive security solutions to safeguard the Internet and physical infrastructure that relies on it. [Related article from Scientific American /  Video of 2011 Georgia Tech Cyber Security Summit, featuring remarks from Admiral William J. Fallon, Equifax's Tony Spinelli, and others.] 

Mell, P., & Grance, T. (2011, September). The NIST definition of cloud computing.  NIST Special Publication 800-145. Retrieved from http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf  

This publication describes how cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This definition characterizes important aspects of cloud computing and is intended to serve as a means for broad comparisons of cloud services and deployment strategies, and to provide a baseline for discussion from what is cloud computing to how to best use cloud computing [released 10/20/11.] 

Symantec. (2011, October 20). W32.Duqu: The precursor to the next Stuxnet.  Retrieved from http://bit.ly/ohGb1b

Duqu is essentially the precursor to a future Stuxnet-like attack. The threat was written by the same authors, or those that have access to the Stuxnet source code, and appears to have been created after the last Stuxnet file we recovered. Duqu’s purpose is to gather intelligence data and assets from entities such as industrial infrastructure and system manufacturers, amongst others, in order to more easily conduct a future attack against another third party. The attackers are looking for information such as design documents that could help them mount a future attack on various industries, including industrial control system facilities.

October 14, 2011

Arquilla, J. (2011, October). From blitzkrieg to bitskrieg: The military encounter with computers.  Communications of the ACM, 54(10), 58-65. doi:10.1145/2001269.2001287 [Full text available in ACM Digital Library database.]

The age of computers in battle that has unfolded over the past 70 years has
proved similar to earlier eras in military history, with these new informational
tools pointing to new practices. Today, computers serve not only to guide weapons and break codes but also to winnow vast amounts of battle-related information in the search for insight while facilitating lateral communications, or contact with fellow field units, not just with distant commanders. It is this super-empowerment of those who actually conduct the fighting that most distinguishes our era of informational advances from earlier ones.

Montalbano, E. (2011, October 14). SEC mandates cyber incident reporting. Information Week. Retrieved from http://www.informationweek.com/news/government/policy/231900861 [disclosure guidance from SEC].

The Securities and Exchange Commission has issued its first official guidance for how companies should report cybersecurity incidents that could have a negative impact on operations or their financial status.  ... The SEC long has required companies to report any incidents that could impact their financial performance, but to date has not outlined requirements for disclosing cybersecurity or other cyber incidents in particular.

Osawa, J. (2011, October 13). PlayStation takes new hit - Sony suspends 93,000 user accounts after suspicious activity on network. Wall Street Journal, p. B9. Retrieved from http://www.wallstreetjournal.com [Full text available in Wall Street Journal database.]

Setting back its efforts to repair its reputation regarding online security, Sony Corp. said it was forced to suspend about 93,000 user accounts after discovering a "large" number of unauthorized sign-in attempts on its PlayStation Network and other online entertainment services.

October 7, 2011

Bei, Y., Kesterson, R., Gwinnup, K., & Taylor, C. (2011, October). Cyber defense competition: A tale of two teams. Journal of Computing Sciences in Colleges, 27(1),  171-177.  Retrieved from http://ac-support.europe.umuc.edu/~meinkej/ccsc/JCSC27_1.pdf#page=182

Collegiate Cyber Defense Competitions have recently grown in popularity as a means of providing real-world experiences to students learning computer security at the college level. Preparation and training for these competitions focuses students on essential skills needed to defend networks against real threats and better prepares them for the problems and conditions they may encounter outside the protection of university run labs. This paper highlights the benefits of Cyber Defense Competitions and documents the experiences of two teams that trained and competed in the Northwest regional cyber defense competition. Both teams benefited from participating in the competition with students expressing positive learning experiences. Recommendations for other schools that may be interested in competing or setting up in-house cyber defense exercises will be presented.

Lewis, J. A., & Timlin, K. (2011, October). Cybersecurity and cyberwarfare: Preliminary assessment of national doctrine and organization. Retrieved from http://www.unidir.org/pdf/ouvrages/pdf-1-92-9045-011-J-en.pdf 

Overview of cybersecurity policies and organizations in 133 countries, including military command (with an assessment of offensive capabilities) from the Center for Strategic and International Studies. 

Rogers, M. (2011, October 4). [Video of comments before the House Intelligence Committee RE: Chinese "cyberespionage".] Retrieved from http://intelligence.house.gov/video/rogers-opening-statement-october-4-2011-hearing-cyber-threats-and-ongoing-efforts-protect [Related NextGov article / Rogers speaking RE: China on CNN.]

The United States and its allies in Europe and Asia need to band together and confront China's campaign of cyberespionage, House Intelligence Committee Chairman Mike Rogers , R-Mich., said on Tuesday.  Although governments have long spied on each other, China has gone beyond that by engaging in "brazen and wide-scale theft" of intellectual property from commercial competitors around the world, Rogers said.

United States. Government Accountability Office. (2011, October).  Information security: Weaknesses continue amid new federal efforts to implement requirements. GAO-12-137. Retrieved from http://www.gao.gov/new.items/d12137.pdf

Weaknesses in information security policies and practices at 24 major federal agencies continue to place the confidentiality, integrity, and availability of sensitive information and information systems at risk. Consistent with this risk, reports of security incidents from federal agencies are on the rise, increasing over 650 percent over the past 5 years. Each of the 24 agencies reviewed had weaknesses in information security controls. An underlying reason for these weaknesses is that agencies have not fully implemented their information security programs. As a result, they have limited assurance that controls are in place and operating as intended to protect their information resources, thereby leaving them vulnerable to attack or compromise. In reports for fiscal years 2010 and 2011, GAO and agency inspectors general have made hundreds of recommendations to agencies for actions necessary to resolve control deficiencies and information security program shortfalls. Agencies generally agreed with most of GAO’s recommendations and indicated that they would implement them.