Cybercrime expert Mikko Hypponen talks us through three types of online attack on our privacy and data — and only two are considered crimes.
[Image Source]
NEW DELHI: In almost the last three years, 117 government websites have been hacked by various groups, parliament was informed on Wednesday. “As per the information tracked and reported to the Indian Computer Emergency Response Team a total of 90,119,252 and 117 government websites were hacked in the year 2008, 2009, 2010 and 2011 (till June) by various hacker groups,” Minister of State for Communications and IT Milind Deora said.
BIO: Mikko Hypponen is the Chief Research Officer for F-Secure. He has worked with F-Secure in Finland since 1991. Mr. Hypponen, born in 1969, was selected among the 50 most important people on the web by the PC World magazine. He also received the Virus Bulletin Award, awarded every ten years, as “Best in industry”.
PENTAGON CONTEMPLATES CYBER WAR OFFENSE FIRST STRIKE
The Defense Advanced Research Projects Agency, or DARPA, held its first-ever symposium to discuss how the U.S. military can better protect itself from foreign-backed hackers. DARPA’s director, Regina Dugan, told conference members the agency will work to develop offensive cyber capabilities.
Hostile governments can now cripple power grids, water supplies, even nuclear facilities without firing a single shot. Creating a national catastrophe has never been easier. And the new weapon of choice for the world’s terrorists is the humble laptop.
[Via: Forbes.com]
SO WHAT IS THE PENTAGON DOING ABOUT IT, THIS REPORT EXPLORES?
“US intelligence officials are investigating the presence of Chinese telecom firms in the country. It marks growing concern in the United States that the Chinese regime is carrying out cyber espionage through major Chinese firms.
US lawmakers are looking into the expansion of Chinese telecom firms. The House Intelligence Committee last week announced it will investigate if two major companies, Huawei and ZTE Corporation, pose a security threat to the United States through telecommunications infrastructures.
Huawei is China’s largest provider of telecom equipment, and has aggressively expanded overseas in recent years. Its operations in the United States have faced opposition from those concerned about its possible ties to the Chinese regime’s military. Huawei’s founder was an engineer in the army, but the private company says he left 25 years ago, and has no links with the Chinese regime.
Former Chinese intelligence officer Li Fengzhi says this does not rule out Huawei and other Chinese firms from engaging in intelligence work in the United States.
[Li Fengzhi, Former Chinese Intelligence Officer]:
“They will register a company in the target country, like the US by a private individual, or a branch of a large private enterprise, or something with government backing. They can then place intelligence workers here who look for opportunities to obtain important or sometimes trivial intelligence, including military intelligence.”
Earlier this month, US intelligence officials accused the Chinese regime of being the biggest perpetrator of economic espionage. Representative Mike Rogers, who chairs the House Intelligence Committee, echoed those claims last week. His committee launched an investigation to find out whether Chinese telecom firms in the US give the Chinese regime “an opportunity for greater foreign espionage.”
The Chinese regime denies being involved in cyber espionage, and says the US is politicizing trade issues. Both Huawei and ZTE Corporation, China’s second-largest mobile-equipment maker, maintain they pose no security threat to the United State”
The book argues that computer security has evolved from a technical discipline to a strategic concept. The world’s growing dependence on a powerful but vulnerable Internet – combined with the disruptive capabilities of cyber attackers – now threatens national and international security.
Strategic challenges require strategic solutions. The author examines four nation-state approaches to cyber attack mitigation:
• Internet Protocol version 6 (IPv6)
• Sun Tzu’s Art of War
• Cyber attack deterrence
• Cyber arms control
The four threat mitigation strategies fall into several categories. IPv6 is a technical solution. Art of War is military. The third and fourth strategies are hybrid: deterrence is a mix of military and political considerations; arms control is a political/technical approach.
The Decision Making Trial and Evaluation Laboratory (DEMATEL) is used to place the key research concepts into an influence matrix. DEMATEL analysis demonstrates that IPv6 is currently the most likely of the four examined strategies to improve a nation’s cyber defense posture.
There are two primary reasons why IPv6 scores well in this research. First, as a technology, IPv6 is more resistant to outside influence than the other proposed strategies, particularly deterrence and arms control, which should make it a more reliable investment. Second, IPv6 addresses the most significant advantage of cyber attackers today – anonymity.
NB! The author will give a keynote at HITB2011KUL in October 2011.
About the Author Kenneth Geers, PhD, CISSP, is the U.S. Naval Criminal Investigative Service (NCIS) Cyber Subject Matter Expert. He was the first U.S. Representative to the NATO CCD COE in Tallinn, Estonia.
“The Obama administration is proposing to scale back a long-standing ban on tracking how people use government Internet sites with “cookies” and other technologies, raising alarms among privacy groups.”
It’s the cyberspace equivalent of a private detective from a major retailer such as Sears or Walmart getting in a car and following you around for the rest of your life after you leave their store, watching and recording your every move by car, transit, bike or foot. Where you go, who you see, what you do, where and how you spend your money, what you buy.
A video discussing how tracking cookies work and what they mean for your Web privacy. From the Symantec Security Response blog:
