China’s Silent Warfare

From IntelliBriefs: The recent discovery of Chinese cyber warfare attacks on foreign computers, on communication computers of visiting dignitaries, and espionage activities to assist a friendly country is building weapons of mass destruction (WMDI) has refocused international attention on the developing spectrum of China’s military doctrine. Read the rest of this entry »

The Kyrgyzstan Cyber Attack That No One Is Talking About

 

From IntelFusion:

“A colleague alerted me a couple of days ago to a massive DDOS attack against Kyrgyzstan ISPs www.ns.kg andwww.domain.kg which essentially shut them down on January 18, 2009. There are only 4 ISP providers for the entire country so this attack was clearly sending a message. Since the attacking IPs were Russian, and since the Russian government supports the current Kyrgyzstan President, I’m thinking that its a message to the opposition party.” … Read the rest of this entry »

Cyber News in December

These are some cyber news I must read:  from IntelFusion : Cyber Archive / from IntelliBriefs: Evolving Cybersecurity Faces a New Dawn

Chinese Hacker Methodology Flowchart

from IntelliBriefs:

The Dark Visitor blog

This Chinese hacker intrusion flowchart above, taken from Stuhack, clearly demonstrates Chinese hackers have developed a methodology to their attacks.
The first thing that popped into my head when I saw the chart was the Police song, “Murder by Numbers.”
Is this intrusion chart unique? Probably not. Could they have taken it from someone else? Sure.
As always, many thanks to Jumper for helping me to get the correct terminology. I really had some of them botched.

Commercial satellites alter global security

WASHINGTON — The secretive National Geospatial-Intelligence Agency is rushing to get the latest, high-definition satellite photos of Afghanistan into the hands of U.S. ground troops as they ramp up operations in the country’s tangled terrain.

Read the rest of this entry »

OSINT project assigned to students

College students get plenty of assignments, but this one was different.

It came from the Office of the Director of National Intelligence as a challenge to think tanks, security companies, collegiate teams and veterans of the U.S. intelligence community. Read the rest of this entry »

ThreatsWatch: Relevant discussion about OSINT

From ThreatsWatch.org: Open source intelligence (OSINT) is, for lack of a universally-accepted formal definition, information of value that you don’t have to steal with spies or technical means.

Read the rest of this entry »

Report: Counterterrorism should focus on open source intelligence

The new administration must broaden the scope of its counterterrorism activities, including a focus on collection of domestic and open source intelligence as well as traditional foreign intelligence, the Defense Science Board said in a report outlining the key priorities for incoming leaders. Read the rest of this entry »

Top Five National Security Research Challenges/Opportunites for the Next Adminstration

From ZIA – “These are merely a reflection of my own opinions and biases, and I welcome additional suggestions in the comments or e-mail.

1. Quantum Cryptography - Quantum computing will completely change all aspects of information technology; however, its deepest consequence for national security could be in cryptography. Read the rest of this entry »

World faces growing risk of conflict

WASHINGTON (AFP) – The world faces a growing risk of conflict over the next 20 to 30 years amid an unprecedented transfer of wealth and power from West to East, the US intelligence chief has said. Read the rest of this entry »

Terrorism Risk Modeling for Intelligence Analysis and Infrastructure Protection

The Department of Homeland Security (DHS) has adopted a focused approach to risk reduction. DHS is moving increasingly to risk analysis and risk-based resource allocation, a process that is designed to manage the greatest risks instead of attempting to protect everything. This report applies a probabilistic terrorism model that is broadly applied in the insurance industry to assess risk across cities, to assess risks within specific cities, and to assist intelligence analysis. Among the authors’ conclusions: Terrorism risk is concentrated in a small number of cities, with most cities having negligible relative risk, so terrorism estimates such as those described in the report should be incorporated into the grant allocation assessment process. DHS should consider funding the development of city profiles of major metropolitan areas receiving DHS preparedness grants. It should also develop descriptions of terrorist attack planning and operations that can be used to translate estimates from risk models of likely attack scenarios into detailed recommendations. Finally, DHS should develop tabletop exercises to test the scenarios and provide feedback.
Download the report
Source: Rand.org

Learning to live with Big Brother

IT USED to be easy to tell whether you were in a free country or a dictatorship. In an old-time police state, the goons are everywhere, both in person and through a web of informers that penetrates every workplace, community and family. They glean whatever they can about your political views, if you are careless enough to express them in public, and your personal foibles. What they fail to pick up in the café or canteen, they learn by reading your letters or tapping your phone. The knowledge thus amassed is then stored on millions of yellowing pieces of paper, typed or handwritten; from an old-time dictator’s viewpoint, exclusive access to these files is at least as powerful an instrument of fear as any torture chamber. Only when a regime falls will the files either be destroyed, or thrown open so people can see which of their friends was an informer.

These days, data about people’s whereabouts, purchases, behaviour and personal lives are gathered, stored and shared on a scale that no dictator of the old school ever thought possible. Most of the time, there is nothing obviously malign about this. Governments say they need to gather data to ward off terrorism or protect public health; corporations say they do it to deliver goods and services more efficiently. But the ubiquity of electronic data-gathering and processing—and above all, its acceptance by the public—is still astonishing, even compared with a decade ago. Nor is it confined to one region or political system.

In China, even as economic freedom burgeons, millions of city-dwellers are being issued with obligatory high-tech “residency” cards. These hold details of their ethnicity, religion, educational background, police record and even reproductive history—a refinement of the identity papers used by communist regimes.

Britain used to pride itself on respecting privacy more than most other democracies do. But there is not much objection among Britons as “talking” surveillance cameras, fitted with loudspeakers, are installed, enabling human monitors to shout rebukes at anyone spotted dropping litter, relieving themselves against a wall or engaging in other “anti-social” behaviour.

more…The Economist

The SANS Top 20 Internet Security Vulnerabilities

Four years ago, the SANS Institute and the National Infrastructure Protection Center (NIPC) at the FBI released a document summarizing the Ten Most Critical Internet Security Vulnerabilities. Thousands of organizations used that list, and the expanded Top-20 lists that followed one, two, and three years later, to prioritize their efforts so they could close the most dangerous holes first. The vulnerable services that led to worms like Blaster, Slammer, and Code Red have been on these lists. This SANS Top-20 2005 is a marked deviation from the previous Top-20 lists. In addition to Windows and UNIX categories, we have also included Cross-Platform Applications and Networking Products. The change reflects the dynamic nature of the evolving threat landscape. Unlike the previous Top-20 lists, this list is not “cumulative” in nature. We have only listed critical vulnerabilities from the past year and a half or so. If you have not patched your systems for a length of time, it is highly recommended that you first patch the vulnerabilities listed in the Top-20 2004 list. We have made a best effort to make this list meaningful for most organizations. Hence, the Top-20 2005 is a consensus list of vulnerabilities that require immediate remediation. It is the result of a process that brought together dozens of leading security experts. They come from the most security-conscious government agencies in the UK, US, and Singapore; the leading security software vendors and consulting firms; the top university-based security programs; many other user organizations; and the SANS Institute. A list of participants may be found at the end of this document. The SANS Top-20 is a living document. It includes step-by-step instructions and pointers to additional information useful for correcting the security flaws. We will update the list and the instructions as more critical threats and more current or convenient methods of protection are identified, and we welcome your input along the way. This is a community consensus document — your experience in fighting attackers and in eliminating the vulnerabilities can help others who come after you. Please send suggestions via e-mail to top20@sans.org.

Source: The SANS Institute via Defense Tech