# Cyber attacks/defence/incdents (merged)



## GAP (17 May 2007)

An update on Christian Science Monitor earlier article

This might also become another facet of the Global Terror War, not by Russia, but by others. Once the door is open and they see how successful they can be.......
Estonia accuses Russia of 'cyberattack'
By Arthur Bright | csmonitor.com 
Article Link

NATO is investigating siege on Estonian government, media, and banking websites, but Russia denies involvement. 

Estonia accused Russia of launching a barrage of "cyberattacks" that are shutting down Estonian government, newspaper, and banking websites. 

The Guardian reports that the attacks began in late April, coinciding with Estonia's decision to move a Soviet World War II memorial, the Bronze Soldier, from a central location in Tallinn, the Baltic nation's capital. Though Estonians saw the memorial as a reminder of Soviet oppression, Russia viewed the decision to move it as an affront, prompting riots by ethnic Russians in Tallinn and condemnations and sanctions from Moscow. The cyberattacks have continued since then. 

The crisis unleashed a wave of so-called DDoS, or Distributed Denial of Service, attacks, where websites are suddenly swamped by tens of thousands of visits, jamming and disabling them by overcrowding the bandwidths for the servers running the sites. The attacks have been pouring in from all over the world, but Estonian officials and computer security experts say that, particularly in the early phase, some attackers were identified by their internet addresses - many of which were Russian, and some of which were from Russian state institutions. ... 

The attacks have come in three waves: from April 27, when the Bronze Soldier riots erupted, peaking around May 3; then on May 8 and 9 - a couple of the most celebrated dates in the Russian calendar, when the country marks Victory Day over Nazi Germany, and when President Vladimir Putin delivered another hostile speech attacking Estonia and indirectly likening the Bush administration to the Hitler regime; and again this week. 

The Guardian notes that Estonia is a pioneer of "e-government" and one of the most wired countries in Europe, making it that much more vulnerable to cyberattacks. In order to stop the attacks, Estonia has shut down foreign access to the sites under siege. 

Estonian Foreign Minister Urmas Paet accused the Kremlin of direct involvement in the cyberattacks, saying they were an attempt to paralyze Estonian businesses and government offices, writes The Times of London. 

"When there are attacks coming from official IP addresses of Russian authorities and they are attacking not only our websites but our mobile phone network and our rescue service network, then it is already very dangerous," Mr Paet said. 

"It can cost lives. I hope they will stop it but the attacks are continuing. They are sending huge levels of stuff through the networks so that our different servers will crash. 

"The largest part of these attacks are coming from Russia and from official servers of the authorities of Russia."
More on link


----------



## Falange (18 May 2007)

Not surprising, specially taking into consideration how ethnic Russians that live outside the Rus. Federation have become in a major interest for the foreing policy-makers in Moscow. First Georgia, now the Baltics. Actually I beleive that was a big source for confrontation in the last EU - Russia summit.


----------



## JackD (19 May 2007)

When you consider the history of these regions - it is no wonder Baltic, Black Sea region, Central European countries are not exactly enamored of Russia... whether it be the Russian Empire, or the USSR. Basically the residual effect of 18th-19th century power politics. It certainly does make one appreciate being bordered by the Eagle rather than the Bear... Actions as shown here also - i think - portray national characteristics. Live in Europe long enough and you'd see that a United Europe is a Utopian dream. It is quite tribal.


----------



## geo (19 May 2007)

these cyber attacks were, for all intents and purposes, "denial of service" assaults on the major servers of this small country.

Did the Russians do it? possible = but it could easily be the work of the proletariat.
North America has certainly suffered through some small localised denial of service attacks before.....
Doing it on a national scale (albeit a small coutry) is a simple progression...


----------



## Dare (22 May 2007)

geo said:
			
		

> these cyber attacks were, for all intents and purposes, "denial of service" assaults on the major servers of this small country.
> 
> Did the Russians do it? possible = but it could easily be the work of the proletariat.
> North America has certainly suffered through some small localised denial of service attacks before.....
> Doing it on a national scale (albeit a small coutry) is a simple progression...


I'd have to agree it was likely the citizenry who conducted this. However, I would not put it off the table that the Russians may have funded (purchased) this attack. It has been done many times and will be done again.


----------



## Richie (14 May 2008)

<a href="http://news.bbc.co.uk/2/hi/europe/7401260.stm">BBC NEWS</a>

*Estonian cyber defence hub set up*

Seven Nato nations have backed a new cyber defence centre in Estonia, which last year blamed Russia for weeks of attacks on its internet structure.

Germany, Slovakia, Latvia, Lithuania, Italy and Spain will staff and fund the hub in the Estonian capital Tallinn.

Estonia came under cyber attack in 2007 after its decision to remove the bronze statue of a Red Army soldier from the centre of Tallinn.

Moscow denied involvement in the flood of data which crashed computers.

"We have seen in Estonia that a cyber attack can swiftly become an issue of national security," Nato spokesman James Appathurai said after a signing ceremony in Brussels.

"Cyber attacks can cripple societies."

The US will initially send an observer to the project, which will have some 30 staff when fully operational in August.

The centre will provide research, consultation and training on the development of cyber defences for participating national governments.

Story from BBC NEWS:
http://news.bbc.co.uk/go/pr/fr/-/2/hi/europe/7401260.stm

Published: 2008/05/14 16:00:57 GMT

© BBC MMVIII


----------



## geo (15 May 2008)

Considering that the Internet has become a major part of how we communicate with each other, it's time has come.

Will be interesting to see how far they manage to take this initiative.


----------



## CougarKing (5 Oct 2009)

Reminds me of that anti-corruption agency that Singapore already has.



> *Singapore to Form National Cyber-security Agency*
> 
> http://tech.yahoo.com/news/pcworld/20090930/tc_pcworld/singaporetoformnationalcybersecurityagency
> 
> ...


----------



## The Bread Guy (13 Oct 2010)

Interesting concept, from _Marine Corps Times_:


> Marines pride themselves on being expeditionary, but a new career path could keep some of them at home, in front of a computer, for their entire time in the Corps.
> 
> Plans are in the works for a potential slate of new careers and enticements that would build a cadre of specialized computer warfare technicians who wouldn’t necessarily need to branch out to get promoted, the top general responsible for cyberwarfare told House lawmakers Sept. 23.
> 
> ...


If they're supporting Marines, shouldn't they have to know how Marines do their jobs _outside_ CONUS?  Maybe I'm a dinosaur, but I can't see how it wouldn't create a two-tier Corps.


----------



## TimBit (14 Oct 2010)

Out of curiosity, would you support it more for any of the three other services?

The only other option, really, is to heed the advice from some US Cyber Command senior officers and create a 5th service:

http://www.homelandsecuritynewswire.com/us-cyber-command-will-not-go-operational-today-planned


----------



## The Bread Guy (14 Oct 2010)

TimBit said:
			
		

> Out of curiosity, would you support it more for any of the three other services?


For the same reason, I'm leery about the idea elsewhere, too.  While the service rendered may be just as valuable (hell, could even be a one alternative for wounded warriors who can't deploy), those who would have to deploy wouldn't be wild about it.  That said....


			
				TimBit said:
			
		

> The only other option, really, is to heed the advice from some US Cyber Command senior officers and create a 5th service:
> http://www.homelandsecuritynewswire.com/us-cyber-command-will-not-go-operational-today-planned


.... I guess the alternative would be even more unruly, given the (at least potential) duplication of top-end stuff that I'm guessing comes with creation of new services.


----------



## GAP (14 Oct 2010)

The Marines operate on the premise that all Marines are Grunts first and are taught that right from basic....so, some exposure to the various combat branches, in addition to their initial training and requals every year, should give enough exposure to allow the cyber guys/gals operating assistance capability....along with experienced command for touchy situations....


----------



## TimBit (14 Oct 2010)

milnews.ca said:
			
		

> For the same reason, I'm leery about the idea elsewhere, too.  While the service rendered may be just as valuable (hell, could even be a one alternative for wounded warriors who can't deploy), those who would have to deploy wouldn't be wild about it.  That said........ I guess the alternative would be even more unruly, given the (at least potential) duplication of top-end stuff that I'm guessing comes with creation of new services.



The wounded warrior is exactly why this won't work. Cyber warfare is complicated and takes years to learn even for compu sci graduates. You can't just take a grunt and pop him in front of a computer and expect he will excel. Would you have an injured infantry soldier fly rescue helicopters because he can't run with a backpack anymore? Different jobs, different skill sets, different recruits. You can be re-trained, sure, but the future of cyber means you need to attract a special type who is computer literate and attracted to this job. I work in cyber, and I sure as hell don't want someone who dreams of shooting pop-up targets all day long when we talk shop. I agree 100% that there needs to be a specialist trade. Now, should they be deployable? Why? But then, were ICBM crews deployable? No. I think the Air Force is the way to go with Space Ops and Missile Ops already pretty much a ConUS environment.


----------



## The Bread Guy (14 Oct 2010)

TimBit said:
			
		

> The wounded warrior is exactly why this won't work. Cyber warfare is complicated and takes years to learn even for compu sci graduates. You can't just take a grunt and pop him in front of a computer and expect he will excel. Would you have an injured infantry soldier fly rescue helicopters because he can't run with a backpack anymore? Different jobs, different skill sets, different recruits.


True dat - that's why it may be _one_ alternative for _some_ (especially, as you say, given the nature of the training beast).



			
				TimBit said:
			
		

> Now, should they be deployable? Why? But then, were ICBM crews deployable? No. I think the Air Force is the way to go with Space Ops and Missile Ops already pretty much a ConUS environment.


Never thought of that as an analogy....  Based on that, the USAF could be the place to put it, given its experience in (what I'm guessing would be) similar working environments.


----------



## 57Chevy (16 Nov 2010)

I'm pretty sure the cyber threat mentioned applies here also :
One only has to look at 
Symantec Threat Monitor, powered by DeepSight to have an idea of what is going on out there :nod:
                  _____________________________________________________________

article link

WASHINGTON - The United States faces a major threat in the future from cyber technologies that will require civil-military co-ordination to shield networks from attack, Defense Secretary Robert Gates said on Tuesday.

"I think there is a huge future threat. And there is a considerable current threat," Gates told The Wall Street Journal CEO Council. "And that's just the reality that we all face."

The U.S. Defense Department estimates that over 100 foreign intelligence organizations have attempted to break into U.S. networks. Every year, hackers also steal enough data from U.S. government agencies, businesses and universities to fill the U.S. Library of Congress many times over, officials say.

The Pentagon's biggest suppliers — including Lockheed Martin Corp., Boeing Co and Northrop Grumman Corp. — are investing in the growing market for cyber technology, estimated at up to $140 billion a year worldwide.

Gates said the U.S. military had made considerable progress protecting its own sites and was working with its private-sector partners "to bring them under that umbrella."

But how to allow Pentagon know-how to be applied to protecting domestic infrastructure can be tricky for legal reasons, including fear of violating civil liberties.

"The key is the only defense that the United States has against nation-states and other potential threats in the cyber-world is the National Security Agency," Gates said, referring to the super-secretive Defense Department arm that shields national security information and networks, and intercepts foreign communications.

"You cannot replicate the National Security Agency for domestic affairs. There isn't enough money. There isn't enough time. And there isn't enough human talent."

Last month, President Barack Obama's administration announced steps to allow greater co-operation between the NSA and the Department of Homeland Security. That includes stationing the DHS' privacy, civil liberties and legal personnel at the NSA.

"So you have the domestic security agency, DHS, being able to reach into NSA in a real-time way to get the kind of protection we need," Gates said.

"And my hope is that over time that will lead to better protections for both '.gov' and '.com.'"

                           (Reproduced under the Fair Dealings provisions of the Copyright Act)


----------



## 57Chevy (18 Nov 2010)

NATO mobilizes for cyber warfare

BRUSSELS - In 1989, before the Internet revolution, Suleyman Anil was the lone man in charge of the security of NATO’s IT system, armed with a single computer.

Two decades later, with the threat of cyber attacks on the rise, Anil oversees two teams tasked with protecting the networks of the alliance’s political headquarters in Brussels and operations command in Mons, Belgium.

The threat is constant, with as many as 100 attempted cyber attacks on NATO every day, but it could take just "one in a day to be dangerous," said Anil, a Turkish IT expert who heads NATO’s Cyber Defence and Countermeasures Branch.

NATO leaders meeting at a summit in Lisbon on Friday and Saturday will enshrine cyber security as one of the 28-nation alliance’s priorities when they endorse a "strategic concept" to guide its strategy for the next decade.

A message seen on a computer in a NATO office makes the threat clear: "Computer viruses pose a risk to our organisation, varying from anonymous to outright dangerous."

The warning seeks to discourage employees from using USB keys, which can serve as a Trojan horse to plant viruses. But such worms are not the only threat.

The vulnerability of its servers to "professional" and "amateur" hackers was highlighted in 1999 when Serbs flooded NATO with thousands of emails to protest the alliance’s bombing campaign in Kosovo, Anil said.

The turning point for NATO came at a summit in Prague in 2002, when leaders asked NATO to improve the security of its computer networks, he told AFP in an interview.

Cyber warfare is one of five sections within a new NATO division against emerging security threats that was created in August.

A costly cyber strike against Estonia in 2007 and the Stuxnet computer worm attack in Iran this year gave new urgency to the need to protect networks.

Following the attack on the Baltic NATO member, the alliance established a research and development centre in Tallin called the Cooperative Cyber Defence Centre of Excellence.

It also decided to establish a rapid reaction team that would be deployed to help any NATO member following a cyber attack.

Although NATO has taken huge strides towards cyber security, it still has work to do.

The transatlantic military organisation will have to wait until 2013 to have 100 percent protection coverage for all its structure following a programme that was launched five years ago.

"We are not yet at the level where we would like to be," Anil said.

There are also legal challenges to linking up cyber defences between allied nations.

Since last year, NATO has signed a memorandum of understanding with seven alliance members on data sharing and procedures to follow in case of a cyber attack. Four other nations will follow suit.

US Admiral James Stavridis, the Supreme Allied Commander Europe, noted earlier this year the difficulty of governing cyberspace, comparing it to the 10 years it took to establish an international law of the sea.

Meanwhile, the alliance is gearing up for cyberwarfare.

Last year, the United States created its own Cyber Command to respond to computer threats and launch its own offensives.

NATO is in the midst of its third cyber defence exercise since 2008 which began Tuesday and ends Thursday. It involves 24 of 28 alliance members plus Austria.

The "Cyber Coalition 2010" exercise simulates "multiple simultaneous cyber attacks" against NATO and alliance members to test their strategic decision-making process.
article link
                          (Reproduced under the Fair Dealings provisions of the Copyright Act)


----------



## 57Chevy (24 Nov 2010)

China 'hijacked' Internet to divert government and military data

China "hijacked" 15 per cent of the world's Internet traffic earlier this year, according to a report to the U.S. Congress, in what could be a new form of cyber terrorism.

A state-run telecoms firm is accused of diverting traffic including data from U.S. military and government websites, and some in Britain, via Chinese servers.

Experts fear that the authorities could have carried out "severe malicious activities" as a result of the 18-minute operation, even harvesting sensitive data from emails or implanting viruses in computers worldwide.

The report by the U.S.-China Economic and Security Review Commission says it raises the prospect that China might seek to "assert some level of control over the Internet".

Carolyn Bartholomew, vice-chairman of the commission, said Chinese efforts to penetrate U.S. networks were becoming more sophisticated, adding: "The massive scale and the extensive intelligence and reconnaissance components of recent high-profile, China-based computer exploitations suggest that there continues to be some level of state support for these activities."

It is the latest sign that governments are apparently seeking to attack computer networks or defend themselves from such attacks.

The U.S. military has a Cyber Command, while Israel is suspected of being behind a computer worm that may have damaged Iran's nuclear facilities. Earlier this year, Google said that Chinese hackers had tried to access the email accounts of human rights activists in the country, while the government has blocked popular websites such as Wikipedia and BBC News.

The new report provides previously unpublished details about a suspected "hijack" of almost one-seventh of Internet traffic. The report said it was unclear whether the incident was intentional, but added that "computer security researchers have noted that the capability could enable severe malicious activities".

The attack took advantage of the way that data are sent via computer servers. When an Internet user in, for example, California wants to look at a website based in Texas, the data make several "hops" on the way via servers.

Data are meant to travel by the most efficient route, but this can be manipulated as servers in China can suddenly announce that they provide the quickest route.

For 18 minutes on April 8, the state-owned China Telecom advertised "erroneous" network routes which led to traffic for 15 per cent of all Internet destinations being sent via servers in China.

These involved U.S. websites covering the Senate, army, navy, marine corps and Nasa as well as companies such as Microsoft, IBM and Yahoo. A handful of websites based in Britain were also affected.

Wang Yongzhen, a senior press official with China Telecom, said: "China Telecom has never done such an act."

                          (Reproduced under the Fair Dealings provisions of the Copyright Act)


----------



## 57Chevy (25 Nov 2010)

Iran Suspends Nuclear Enrichment;Stuxnet Virus Suspected

Major technical problems in Iran's nuclear program have forced the temporary shutdown of thousands of centrifuges enriching uranium at Iran's Natanz plant, diplomats told The Associated Press on Monday.

 The diplomats said the problems have caused Iranian experts to “briefly power down” the machines they use for enrichment.

The sources said they did not have further details but suspicions focused on the Stuxnet worm, the computer virus which has recently plagued Iran's nuclear program, and is believed by many observers to have been unleashed by the US or Israel. 

Experts said last week that the Stuxnet worm was designed to destroy centrifuges by sending them spinning out of control.

“There have been hints that the program is beset by technical problems,” AP reported. “Even a brief shutdown of the thousands of enriching machines would be the strongest documentation to date that the program – Iran's nuclear cornerstone and a source of national pride – is in trouble.”
article continues here
             _________________________________________________________________


The Stuxnet worm at war in Iran

The intrigue and mystery read like the stuff of a spy novel, updated for the digital age.

There’s theories of state-sponsored sabotage, coded biblical messages, and a real computer worm called Stuxnet.

Security experts around the globe have unearthed evidence that Stuxnet was able to penetrate industrial plants in Iran and may have been deliberately crafted to destabilize that country’s controversial nuclear-enrichment operations.
                     __________________________________________________________

And in China: (other thread link, reply 1506)
Malware that infected Iran's nuclear industry has now infected Chinese industry as well.
              __________________________________________________________________
What is the Stuxnet worm?

Stuxnet (wikipedia)
Stuxnet is a Windows-specific computer worm first discovered in June 2010 by VirusBlokAda, a security firm based in Belarus. Stuxnet does not affect GNU/Linux or Unix operating systems such as BSD. It is the first discovered worm that spies on and reprograms industrial systems,[1] the first to include a programmable logic controller (PLC) rootkit,[2] and the first to target critical industrial infrastructure.[3] It was specifically written to attack Supervisory Control And Data Acquisition (SCADA) systems used to control and monitor industrial processes.[4] Stuxnet includes the capability to reprogram the PLCs and hide its changes.[5]

The worm's probable target has been said to have been high value infrastructures in Iran using Siemens control systems.[6][7] According to news reports the infestation by this worm might have damaged Iran's nuclear facilities in Natanz[8][9] and eventually delayed the start up of Iran's Bushehr Nuclear Power Plant.[10] Siemens has stated, however, that the worm has not in fact caused any damage.[11]

Russian digital security company Kaspersky Labs released a statement that described Stuxnet as "a working and fearsome prototype of a cyber-weapon that will lead to the creation of a new arms race in the world." Kevin Hogan, Senior Director of Security Response at Symantec, noted that 60% of the infected computers worldwide were in Iran, suggesting its industrial plants were the target.[12] Kaspersky Labs concluded that the attacks could only have been conducted "with nation-state support", making Iran the first target of real cyberwarfare
                __________________________________________________________
                         (Reproduced under the Fair Dealings provisions of the Copyright Act)


----------



## a_majoor (30 Nov 2010)

More on the worm and the alleged damage it has done to the Iranian nuclear program:

http://nextbigfuture.com/2010/11/stuxnet-is-game-changing-weaponized.html#more



> *Stuxnet is a game changing weaponized computer virus*
> 
> Intelligence agencies, computer security companies and the nuclear industry have been trying to analyze the worm since it was discovered in June by a Belarus-based company that was doing business in Iran. And what they've all found, says Sean McGurk, the Homeland Security Department's acting director of national cyber security and communications integration, is a “game changer.”
> 
> ...


----------



## 57Chevy (8 Dec 2010)

'Cry Stuxnet And Let Slip The Dogs Of War?' The Potentially Deadly Viruses Of Cyber Warfare

The most recent battle in the New Cold War is being waged as you read this. It is a battle over nuclear weapons.

 Claiming that more than 30,000 of their computers have been compromised by a nasty piece of malware dubbed Stuxnet, the Iranians say that electronic warfare is being waged against their state. Considered by many experts to be the best cyber virus ever, the Stuxnet virus plaguing Iran is a complex piece of malware-a short term for "malicious software," created to infiltrate surreptitiously and take control of certain aspects of a computer system.

Michael Scheidell, Chief Technology Officer of SECNAP Network Security and a nationally recognized expert on cyber-infrastructure security, acknowledges that "Stuxnet's complexity, multi-layered design, and range of technically disparate elements suggest that a large, well-funded team is responsible for its creation-possibly a nation-state. Some analysis also points to a highly specific target-a nuclear plant in Iran. So you could conclude that a powerful entity, organization or country created Stuxnet in retaliation against Iran. We may find another scenario at the end of the day, but this one looks good, given what we know now."

As the world becomes increasingly interconnected and reliant on computers to run everything from our coffeemakers to our nuclear plants, cyberspace has emerged as the fifth domain of warfare, after Land, Sea, Air, and Space.

A cyberattack launched by one nation against another raises many questions. After a cyberattack, will there be retaliation? In what form: Another cyberattack? A more traditional military attack or an asymmetrical terror attack?

What of treaties? NATO's lynchpin is that an attack on one member is an attack on all members. If a member of NATO is harmed via cyber-attack, does it trigger the obligation of fellow NATO members to declare war? The implications of cyber warfare are grave.

STUXNET: A POWERFUL, INDUSTRIAL-GRADE VIRUS

Stuxnet focuses on Supervisory Control and Data Acquisition (SCADA) systems which control the processes in many industrial and factory settings. Though it was first developed more than a year ago, Stuxnet was discovered in July 2010, when a Belarus-based security company found the worm on computers belonging to an Iranian client.

The Stuxnet virus is initially installed on a Microsoft workstation via the use of a USB memory stick, after which it immediately begins to search for a workstation running Siemens SIMATIC WinCC software.

Siemens, which boasts on its website that it is a "global powerhouse in the industry, energy and healthcare sectors," is the manufacturer of the software that Stuxnet targets. Siemens will not confirm how many customers it has in Iran. However, earlier this year, Siemens said it planned to wind down its Iran

ian business-a 290-employee unit that netted $562.9 million in 2008, according to the Wall Street Journal. Critics say the company's trade there has helped feed Iran's nuclear development effort in spite of the U.S. embargo on Iran.

Stuxnet is highly complex malware that is capable of infecting equipment isolated from the Internet and which targets industrial processes employed in the energy, transportation and healthcare sectors. It specifically, targets the systems of a single manufacturer criticized for assisting Iran in its nuclear development efforts.

The suspicions of a pre-emptive military fifth domain attack may or may not be true, but they are certainly not far-fetched.

THE CONVERGENCE OF TECHNOLOGY

Two decades ago, in an attempt to save money in the growing software-based process control and automation industry, companies began to explore the logistics, implications and benefits of converging the pathways that control desktops, servers and industrial equipment. Stuxnet takes advantage of the inherent flaws in this convergence strategy.

One of the flaws in convergence is the introduction of USB Memory Sticks (the same ones you may carry on your keychain) to the factory floor. Industrial equipment rarely has USB ports, but because of convergence these devices, which now share networks with office-grade equipment, are integrated (knowingly or unknowingly) with desktop computers. As a result of this convergence, power plants, pipeline networks, refineries, mass transit, high-rise HVAC, elevator systems, water and sewage plants, grain elevators, communications networks and other large-scale SCADA applications are susceptible to USB stick-borne viruses, even if the network is completely isolated from the Internet.

Stuxnet leveraged the widespread appeal of convergence to infiltrate factories and, perhaps, nuclear facilities.

IT'S ALL CONNECTED

The world is crisscrossed by networks of wires, cables, waves, pulses and signals. The computer systems that operate this world are all around us, yet just under the surface. Driven to design simplicity and ease of use into most systems, developers have learned to cleverly disguise the fact that you are even using a computer. But computers they are, in every imaginable size, supporting every conceivable application-and it is all connected. Just consider:
Smartphones, laptops, mobiles, desktops
ATMs, store barcode scanners, credit card swipe machines
Telephone systems, television systems
High-rise elevator and HVAC system controls
Ordering systems, payment systems, money moving systems
Factory production systems, assembly lines
Food processing and packaging systems
City water systems, sewage systems, rail lines, traffic signals
Electric and gas utility processing/production and distribution

Imagine these systems infiltrated by malware, crashing, rendered useless, at least temporarily. The data grid falls. The power grid falls. The communication grid fails. The transportation grid fails. Imagine the potential for panic-financial and otherwise-in the face of cascading network failures.

FIRST CYBERATTACK OF THE NEW COLD WAR

The first shots in the cyberspace Cold War were fired by the Russians against Estonia and Georgia in 2007 and 2008. At that time, the cyber infrastructure in Georgia was suffering from the type of cascading system failure described above. This took place as Russian tanks were advancing across the Caucasus in 2008.

Perhaps it was a coincidence. We have never been able to trace the cyber denial of service (DoS) attacks directly back to the Russians. Regardless, due to widespread system failure the established government in Georgia was unable to coordinate any defense, and was isolated from the rest of the world to gain assistance.

Destabilizing a nation's cyber-infrastructure is not an exact science. The results are not foreseeable or controllable necessarily. And neither is the potential for retaliation. However, forcing a nation-state into chaos without an identifiable adversary is a perfect tool for the asymmetric attacks of terrorists. There is little lead time. There is little chatter. Assembling the devices necessary rarely requires embargoed or highly regulated materials.

Was the United States or its allies behind the Stuxnet virus? We may never know. But we are no less a combatant in the New Cold War. The damage threatened in this war is tremendous to our country and way of life. We must continue to exert our influence in all domains-not only air, sea, land and space-but cyberspace as well.

U.S. DEFENSE AGAINST CYBER WARFARE

Our vulnerabilities are considerable in this country. But so are our defenses and our resilience. Despite economic woes, the Department of Homeland Security is spending significantly to bolster critical infrastructure. Rules regulating private industry are being revamped to require strong defenses of critical processes and data. These reforms are also being pushed by private industry, healthcare, the accounting and legal professions, and the financial industry. Federal regulation and those who enforce and interpret it are assisting our industries in bolstering their defenses.

As the most computer-reliant country in the world, the United States recognizes the threat posed by cyber warfare.

Twenty-five percent of all malware discovered this year is propagated through the use of USB sticks. Given the flaws of convergence, and the prevalence of USBs, it is not surprising that the Pentagon and Central Command were "hacked" via USB-borne malware in 2008. Since that time, the military has substantially bolstered its cyber defenses. The Federal Government has likewise taken giant steps in bolstering cyber security for non-military branches of government.

However, our government currently takes no official role in protecting private business and, outside of Homeland Security dollars, assumes no acknowledged role in protecting critical quasi-government infrastructure-such as power plants, pipeline networks, refineries, communications networks and other large-scale applications.

Cyber Command Chief General Keith Alexander has confirmed publicly that Cyber Command does not work with private industry. Recently, however, Alexander's position seems to be morphing toward a more robust government involvement in protecting strategic infrastructure such as water, gas and electricity. The Cyber Command Chief envisions a team approach to security involving the Department of Defense, the Department of Homeland Security and the FBI. The FBI would investigate computer hacking, Homeland Security would work with industry and other critical areas. Alexander has emphasized that it will be critical for private industry and contractors to be involved if the proposed program is to be effective.

History is rife with the stories of new technologies that turned the tide in favor of one side in warfare. You don't need to look back to the Longbow's effect on the Hundred Year's War in the 1400s for examples. You don't even need to look back to World War II. The technology-driven unmanned drone program currently in use in Iraq and Afghanistan is exceedingly effective. The best technology often wins wars. And we are a nation at war. The responsibility to defend our nation is ours, on all fronts.

                       (Reproduced under the Fair Dealings provisions of the Copyright Act)


----------



## 57Chevy (19 Dec 2010)

'Stuxnet virus set back Iran’s nuclear program by 2 years' 
article link
Top German computer consultant tells 'Post' virus was as effective as military strike, a huge success; expert speculates IDF creator of virus. 

The Stuxnet virus, which has attacked Iran’s nuclear facilities and which Israel is suspected of creating, has set back the Islamic Republic’s nuclear program by two years, a top German computer consultant who was one of the first experts to analyze the program’s code told The Jerusalem Post on Tuesday.

“It will take two years for Iran to get back on track,” Langer said in a telephone interview from his office in Hamburg, Germany. “This was nearly as effective as a military strike, but even better since there are no fatalities and no full-blown war. From a military perspective, this was a huge success.”

article continues....
                         (Reproduced under the Fair Dealings provisions of the Copyright Act)

 to add related thread:
U.S. sees "huge" cyber threat in the future


----------



## 57Chevy (29 Dec 2010)

Iran's nuclear ambition is dented:

Iran no longer has the capability to create a nuclear weapon on its own, Israel's deputy prime minister, said Wednesday.

The assessment would seem to make military action less likely in the near future and suggests the program has been seriously damaged by sabotage, sanctions or both.

It lends weight to the theory that a highly sophisticated computer worm, called Stuxnet, was inserted last year into Iran's uranium enrichment program and forced the replacement of 1,000 uranium enrichment centrifuges by making them spin too fast and, therefore, break.

Previously, reports had suggested the regime may have been able to build a bomb in about a year.

Moshe Yaalon said Western pressure would force Iran to consider whether its nuclear program was worth pursuing. "I believe that this effort will grow, and will include areas beyond sanctions, to convince the Iranian regime that, effectively, it must choose between continuing to seek nuclear capability and surviving," he told Israeli radio.

"I don't know if it will happen in 2011 or in 2012, but we are talking in terms of the next three years."

Analysts say Stuxnet was so complex it was probably written by a "state actor" rather than an amateur hacker.

article limk

                        (Reproduced under the Fair Dealings provisions of the Copyright Act)


----------



## 57Chevy (4 Jan 2011)

Canada ill-prepared for attacks on critical energy infrastructure: Study
article link

OTTAWA — Nearly a decade after the 9/11 attacks, Canada still hasn't developed a reliable strategy for protecting such critical energy infrastructure as refineries, power plants and offshore petroleum platforms, according to a new study commissioned by the Defence Department.

Inaction by the federal government has left key energy assets vulnerable to a range of threats, from terrorism and natural disasters to the emerging danger of a cyberattack, says the study quietly released last month but now reported for the first time by Postmedia News.

An attack that disrupts or damages energy infrastructure would not only have major social and economic impacts, but could also stoke "cross-border tensions" with the United States, which looks to Canada as a dependable supplier within increasingly integrated North American energy markets.

"The protection and resilience of critical infrastructure have often been described as major priorities for the government, yet the reality appears rather different from the rhetoric," writes Angela Gendron, a senior fellow at the Canadian Centre of Intelligence and Security Studies at Carleton University in Ottawa. Her study was commissioned by Defence R&D Canada, the research arm of the Department of National Defence.

Canada urgently needs to develop a national plan — and ideally appoint a central body to enforce it — to replace the patchwork of rules and safeguards currently being implemented by provinces and private industry, Gendron warns.

One of the diplomatic cables recently released by WikiLeaks contains a list compiled by the U.S. State Department of infrastructure around the world that Washington considers critical to American security, economic and public-health interests. Canadian sites include the James Bay hydroelectric power project in Quebec, the Seven-Mile dam in British Columbia, AECL's medical isotope-producing nuclear reactor in Chalk River, Ont., and the network of natural-gas pipelines operated by TransCanada Gas of Calgary.

However, Canada has yet to publicly identify the exact sites it considers critical to the nation's interests.

In the wake of the Sept. 11, 2001 attacks, the federal government created the department of Public Safety and Emergency Preparedness to oversee Canada's national-security efforts.

A Public Safety spokesman noted that the department released a national critical-infrastructure strategy in May that paves the way for the federal government and the provinces to develop and test plans for protecting key sectors. The department has made significant progress in implementing the strategy, such as through the publication of a "risk-management guide" for critical sectors, the spokesman said in an emailed statement.

But Gendron says the strategy is too "reactive" and relies too much on the voluntary participation of the private sector, which has been reluctant to share data with the government.

Energy assets in Canada tend to be concentrated in certain regions of the country and, increasingly, integrated with U.S. distribution networks. While that has worked to Canada's economic advantage, it has also made such assets "high-value" targets for an attack and heightened the potential impact of a natural disaster such as an earthquake.

The domino effect of a major network failure can be crippling, a reality that hit home in the summer of 2003, when problems at a power utility in Ohio left about 50 million people in Ontario and eight U.S. states in the dark. The blackout cost about $6 billion in economic losses.

Gendron notes that al-Qaida has called on its recruits to strike any petroleum interests that supply the U.S. as part of an "economic jihad" against the Americans.

"As both a target in its own right and as a means of striking at American oil dependency, which al-Qaida has identified as America's greatest strategic vulnerability, Canada is susceptible to a major attack," writes Gendron, who says such an attack should be considered a "low probability/high impact" risk.

If terrorists strike, it might not be a direct "physical" attack.

"Much of Canada's critical energy infrastructure and processes are today managed remotely from central control rooms which use computers and communications networks to control the flow of energy supplies (gas, oil, electricity) through pipelines or grids," says Gendron.

That makes modern energy networks vulnerable to cyberattacks that can be even more difficult to deter than conventional threats, according to Gendron.

"Sophisticated state-led cyber espionage or warfare is a serious issue but easier to deter when the adversary is a state with an easily identifiable government and location than when cyberattacks are carried out by surrogates, criminals, terrorists and hackers who cannot readily be traced."

                                (Reproduced under the Fair Dealings provisions of the Copyright Act)


----------



## 57Chevy (21 Jan 2011)

good deduction Watson  ;D
______________________________
Western power created virus to sabotage Iran's nuclear plans
The Stuxnet computer virus, which was created to sabotage Iran's nuclear program, was built jointly by at least one Western power and the Israeli secret service, a British security expert claims.

Tom Parker, a U.S.-based security researcher who specialized in tracing cyber attacks, spent months analyzing the Stuxnet code and found evidence that the virus was created by two separate organizations. His evidence supported the claims of intelligence sources that it was a joint, two-step operation.

"It was most likely developed by a Western power, and they most likely provided it to a secondary power, which completed the effort," he said.

The malicious software, which was first detected in June last year, was almost certainly designed to make damaging, surreptitious adjustments to the centrifuges used at Natanz, Iran's uranium enrichment site. While Mahmoud Ahmadinejad, Iran's president, played down its impact, he confirmed that the country's nuclear ambitions had suffered setbacks.

Separate investigations by U.S. experts discovered that Stuxnet worked by increasing the speed of uranium centrifuges to breaking point for short periods. At the same time the virus shut off safety monitoring systems, deceiving operators into thinking that all was normal.

Mr Parker said this part of the attack must have been conceived by "some very talented individuals", and the other by a less talented, or more rushed, group of developers.

The element written by the first group, which was activated after Stuxnet reached its target and was known as the "payload", was complex, well designed and effective, according to Mr Parker's analysis. He believed that this was evidence of the involvement of a major Western power or powers because they had both the expertise and access to the nuclear equipment necessary to test the virus.

In contrast, the way Stuxnet was distributed and its "command and control" features, which allowed it to be remotely altered, included many errors and were poorly protected from surveillance.

"It's a bit like spending billions on a space shuttle and then launching it using the remote control from a pounds 15 toy car," said Mr Parker.

His criticisms of Stuxnet's distribution mechanism were supported by other experts, including Nate Lawson, a computer encryption consultant. "Either the authors did not care if the payload was discovered by the public, they weren't aware of these techniques or they had other limitations, such as time," he said.

Ensuring the virus reached Natanz would have required secret co-operation inside the Iranian nuclear program, a field of state espionage in which Israel's Mossad agency was acknowledged as unrivalled.

— Iran was under pressure on Friday to hold a bilateral meeting with the United States on the first day of talks in Istanbul between the six world powers over its disputed nuclear program, a Western official said.


                               (Reproduced under the Fair Dealings provisions of the Copyright Act)


----------



## 57Chevy (21 Jan 2011)

57Chevy said:
			
		

> poorly protected from surveillance.



Of course....it had to be discovered



			
				57Chevy said:
			
		

> this part of the attack must have been conceived by "some very talented individuals", and the other by a less talented, or more rushed, group of developers.



The possible intended discovery after the attack makes both parties more talented than you may think


----------



## Edward Campbell (21 Jan 2011)

It's a bit odd, but my guess is that the "first part," the "payload" which was described as being _"complex, well designed and effective_ [and showed the designers had] _both the expertise and access to the nuclear equipment necessary to test the virus"_ was, likely made in Israel. The placing and execution processes, which _"included many errors and were poorly protected from surveillance"_ smacks of the CIA.


----------



## Cloud Cover (21 Jan 2011)

E.R. Campbell said:
			
		

> It's a bit odd, but my guess is that the "first part," the "payload" which was described as being _"complex, well designed and effective_ [and showed the designers had] _both the expertise and access to the nuclear equipment necessary to test the virus"_ was, likely made in Israel. The placing and execution processes, which _"included many errors and were poorly protected from surveillance"_ smacks of the CIA.


Placing= installation subroutines which seems to mean they buried it into some other application that was known as a certainty to be installed or more likely an update to existing software. 
Poorly protected from surveillance- the encryption was probably somehow compromised, perhaps even the key was in the open or the implementation algorithim was dated.
It is likely they they used a telecommunications spyware company to send the payload, similar to what SS8 and the government of the United Arab Emirates tried to do 2 years  ago to encrypted BlackBerry smartphones. [In the case of SS8, while it worked, the spyware rapidly and simultaneously drained the batteries of tens of thousands of BlackBerry's, thus alerting the users to the fact their devices were constantly forwarding data off the device.]


----------



## SeaKingTacco (21 Jan 2011)

A while back I had read (can't remember where) an article where it was speculated that stuxnet was introduced to the area of Iran where the enrichment plant is located, embedded in another piece of common software.  Since Iran maintains an air gap around the computers controlling the centrifuge's (that is to say- totally unconnected to the internet or any other network), the perpetrators simply waited for the natural to happen- someone carried it into work on a stick and infected the control system by accident.

An interesting theory, but it sure leaves a lot to chance.


----------



## Cloud Cover (21 Jan 2011)

SeaKingTacco said:
			
		

> someone carried it into work on a stick and infected the control system by accident.



We've been given free 8GB media cards, USB sticks, wireless mouses, usb reading lights, usb powered personal fans etc by media companies, journalists, law firms, vendors, telecom companies, recruiters and headhunters etc. We generally regift these in places like India and Saudi Arabia     

I was once given a coffee mug which in the bottom held a retractable USB cord to plug in to a computer to keep coffee warm [a java java so to speak.]     When our hardware guy took the mug apart it had not one but 2 microphones, a memory card containing key logging software, and some other malware.   We put it back together, ran it through the dishwasher and sent it back to the TRA a Star of David sticker decal inside it.


----------



## OldSolduer (21 Jan 2011)

This sounds like Tom Clancy stuff....wow...intriguing....

I'm infantry so anything shiny intrigues me.


----------



## 57Chevy (21 Jan 2011)

whiskey601 said:
			
		

> We've been given free 8GB media cards, USB sticks, wireless mouses, usb reading lights, usb powered personal fans etc



Photo:
How the stuxnet virus spread

                               (Reproduced under the Fair Dealings provisions of the Copyright Act)


spelling


----------



## 57Chevy (17 Feb 2011)

U.N: Iran nuke plant recovered from attack
The Iranian nuclear plant at Natanz recovered quickly from a computer attack that led to major equipment breakdown, the U.N. nuclear watchdog says.

The Washington Post said Wednesday it has obtained a draft copy of a report by the International Atomic Energy Agency in Vienna. The report is expected to say production at the Natanz enrichment plant is now above what it was before the attack.

The plant was attacked by a computer worm, Stuxnet, that appears to have been designed to spread harmlessly from computer to computer until it reached machines configured like those at Natanz. IAEA cameras installed at the plant show that about 10 percent of the centrifuges had to be replaced.

"While it has delayed the Iranian centrifuge program at the Natanz plant in 2010 and contributed to slowing its expansion, it did not stop it or even delay the continued buildup of low-enriched uranium," the Institute for Science and International Security said in the report.
                                                    __________________________
More detailed article: 
Iran Nuclear Facility Recovers From Cyberattack
                                   (Reproduced under the Fair Dealings provisions of the Copyright Act)

Photo:
The Siemens Simatic S7-300 PLC CPU a target of the virus


----------



## a_majoor (16 Sep 2016)

While we have been hearing warnings about possible terrorist or other threat attacks against our infrastructure, this is taking cyberwar to a much higher level. Rather than attacking infrastructure through delivering malware (much like SUXNET was used to temporarily cripple Iranian nuclear ambitions, and how "smart grids" and the Internet of Things" is potentially very vulnerable to hacking), this article suggests the very infrastructure of the Internet itself could be targeted for attack. Workarounds if the Internet is crippled could be difficult to impossible depending on the system:

https://www.schneier.com/blog/archives/2016/09/someone_is_lear.html



> *Someone Is Learning How to Take Down the Internet*
> 
> Over the past year or two, someone has been probing the defenses of the companies that run critical pieces of the Internet. These probes take the form of precisely calibrated attacks designed to determine exactly how well these companies can defend themselves, and what would be required to take them down. We don't know who is doing this, but it feels like a large nation state. China or Russia would be my first guesses.
> 
> ...


----------



## MilEME09 (16 Sep 2016)

It's just like the internet has two planes of existance, the main stream internet as we know it, and then there is the deep, and dark web. There is much online we don't know about, and much to fear about whos lurking in the dark parts of the internet


----------



## a_majoor (22 Oct 2016)

The massive cyber attack that took down large internet sites on 21 Oct 2016 could well have been a bonnet attack from unsecured devices on the "Internet of Things". The question is still "who" is behind this?

http://www.popularmechanics.com/technology/infrastructure/a23504/mirai-botnet-internet-of-things-ddos-attack/



> *Hackers Wrecked the Internet Using DVRs and Webcams*
> Hackers Took Down A Huge Chunk Of The Internet This Morning
> By Eric Limer
> Oct 21, 2016
> ...



edit to add:

http://gizmodo.com/todays-brutal-ddos-attack-is-the-beginning-of-a-bleak-f-1788071976



> *Today's Brutal DDoS Attack Is the Beginning of a Bleak Future*
> William Turton
> 
> This morning a ton of websites and services, including Spotify and Twitter, were unreachable because of a distributed denial of service (DDoS) attack on Dyn, a major DNS provider. Details of how the attack happened remain vague, but one thing seems certain. Our internet is frightfully fragile in the face of increasingly sophisticated hacks.
> ...


----------



## The Bread Guy (27 Jun 2017)

Here we go again ...

_*"Global ransomware attack causes chaos"*_ (BBC)
_*"Another Massive Ransomware Outbreak Is Going Global Fast"*_ (Forbes)
_*"New Cyberattack Spreads From Russia to the United States"*_ (_NY Times_)
_*"Massive cyber attack spreads across the globe"*_ (FOX Business)
_*"Here’s a list of companies attacked by ransomware Petya"*_ (AFP)
_*"Cyberattacks do not disrupt operation of Russian banks — regulator"*_ (TASS)
_*"Kremlin says its computers not affected by hacker attack"*_ (TASS)
More via Google News


----------



## The Bread Guy (28 Jun 2017)

Statement by CSE on latest attacks ...


> CSE continues to closely monitor the recent global cyber/ransomware attacks. As we have seen in recent attacks, today’s attacks continue to indiscriminately target both organizations and individuals.
> 
> Our dynamic cyber defence security systems remain ready to defend Government of Canada systems and help protect against future types of similar attacks.
> 
> ...


----------



## The Bread Guy (29 Jun 2017)

A possible NATO Article 5?  This from the SecGen at a NATO news conference yesterday ...


> ... The cyber attacks we saw in May but also, we have seen this week just underlines the importance of strengthening our cyber defenses, and that’s exactly what NATO is doing. We are implementing our cyber defense pledge which is ensuring that we are strengthening the cyber defenses of both NATO networks but also helping NATO allies to strengthen their cyber defenses. We exercise more, we share best practices and technology and we also work more and more closely with all allies looking into how we can integrate their capabilities, strengthening NATO’s capability to defend our networks. _*We have also decided that a cyber attack can trigger Article 5 and we have also decided and we are in the process of establishing cyber as a military domain meaning that we will have land, air, sea and cyber as military domains*_. All of this highlights the advantage of being an alliance of 29 allies because we can work together, strengthen each other and and learn from each other ...


----------



## The Bread Guy (13 Jul 2017)

_"Mass GPS Spoofing Attack in Black Sea?"_ ...


> An apparent mass and blatant, GPS spoofing attack involving over 20 vessels in the Black Sea last month has navigation experts and maritime executives scratching their heads.
> 
> The event first came to public notice via a relatively innocuous safety alert*** from the U.S. Maritime Administration:
> 
> ...


*** - Alert attached.


----------



## a_majoor (29 Jul 2017)

Doing it the old fashioned way: getting _Kompromat_ on key people to gain access and physically stealing the devices for downloading. Given the connections that Debbie Wasserman-Schultz had too the various unsavoury goings on during the Democrat primaries, outside of access to secret and sensitive materials, it isn't difficult to speculate the case officer (wherever he is) has all kinds of dirt on a lot of the Washington political establishment. No wonder the media seems determined to avoid this story at all costs:

http://www.nationalreview.com/article/449983/debbie-wasserman-schultz-pakistani-computer-guys-bank-fraud



> *Debbie Wasserman Schultz and the Pakistani IT Scammers*
> by ANDREW C. MCCARTHY	July 29, 2017 4:00 AM
> 
> There’s more than bank fraud going on here. In Washington, it’s never about what they tell you it’s about. So take this to the bank: The case of Imran Awan, Debbie Wasserman Schultz’s mysterious Pakistani IT guy, is not about bank fraud.
> ...


----------



## The Bread Guy (29 Jul 2017)

At a more tactical level ...


> *Allies to hold training against N. Korea GPS attacks*
> Yonhap News Agency
> 2017/07/30 07:00
> 
> ...


More @ link


----------



## The Bread Guy (8 Aug 2017)

A bit of Canada's contribution to the fight - shared under the Fair Dealing provisions of the _Copyright Act (R.S.C., 1985, c. C-42)_ ......


> *White House Says Russia’s Hackers Are Too Good to Be Caught but NSA Partner (Canada) Called Them “Morons”*
> Sam Biddle, The Intercept
> August 2 2017, 1:07 p.m.
> 
> ...


----------



## The Bread Guy (12 Aug 2017)

milnews.ca said:
			
		

> _"Mass GPS Spoofing Attack in Black Sea?"_ ...*** - Alert attached.


A bit more on that from newscientist.com ...


> Reports of satellite navigation problems in the Black Sea suggest that Russia may be testing a new system for spoofing GPS, New Scientist has learned. This could be the first hint of a new form of electronic warfare available to everyone from rogue nation states to petty criminals.
> 
> On 22 June, the US Maritime Administration filed a seemingly bland incident report. The master of a ship off the Russian port of Novorossiysk had discovered his GPS put him in the wrong spot – more than 32 kilometres inland, at Gelendzhik Airport.
> 
> ...


More @ link


----------



## Kirkhill (16 Aug 2017)

From Salon - commenting on an article published the The Nation.

http://www.salon.com/2017/08/15/what-if-the-dnc-russian-hack-was-really-a-leak-after-all-a-new-report-raises-questions-media-and-democrats-would-rather-ignore/



> TUESDAY, AUG 15, 2017 05:00 AM MST
> What if the DNC Russian “hack” was really a leak after all? A new report raises questions media and Democrats would rather ignore
> A group of intelligence pros and forensic investigators tell The Nation there was no hack— the media ignores it
> 
> ...


----------



## The Bread Guy (17 Aug 2017)

More on what looks like a UKR link to the Russian hacking (hint:  don't take any tea or soup from any Russians, buddy) ...


> *In Ukraine, a Malware Expert Who Could Blow the Whistle on Russian Hacking*
> By ANDREW E. KRAMER and ANDREW HIGGINS, NY Times, AUG. 16, 2017
> 
> The hacker, known only by his online alias “Profexer,” kept a low profile. He wrote computer code alone in an apartment and quietly sold his handiwork on the anonymous portion of the internet known as the dark web. Last winter, he suddenly went dark entirely.
> ...


More @ link


----------



## MarkOttawa (17 Aug 2017)

Canadian Forces...



> *Communications and Electronics Association Cyber Symposium*...proud to announce the first annual Cyber Symposium.  The objective of the symposium is to bring together leading cyber experts to explore a wide range of topics in this dynamic field...Date: 26 October 2017
> Location: Residence Inn, Kingston, Ontario
> Theme: Cyber – Government, Academia, Industry – Our Collective Challenge and Opportunity’...
> 
> ...



Mark
Ottawa


----------



## The Bread Guy (14 Sep 2017)

_*"Trump administration orders purge of Kaspersky products from U.S. government"*_ (Reuters) - more via Google News here, and from DHS below:


> After careful consideration of available information and consultation with interagency partners, Acting Secretary of Homeland Security Elaine Duke today issued a Binding Operational Directive (BOD) directing Federal Executive Branch departments and agencies to take actions related to the use or presence of information security products, solutions, and services supplied directly or indirectly by AO Kaspersky Lab or related entities.
> 
> The BOD calls on departments and agencies to identify any use or presence of Kaspersky products on their information systems in the next 30 days, to develop detailed plans to remove and discontinue present and future use of the products in the next 60 days, and at 90 days from the date of this directive, unless directed otherwise by DHS based on new information, to begin to implement the agency plans to discontinue use and remove the products from information systems.
> 
> ...


----------



## MarkOttawa (26 Jul 2018)

New release from US Director of National Intelligence on report by US National Counterintelligence and Security Center (NCSC) (Canadian gov't should be taking all this a whole lot more seriously):



> 2018 Foreign Economic Espionage in Cyberspace
> 
> FOR IMMEDIATE RELEASE
> July 26, 2018
> ...



Mark
Ottawa


----------



## Retired AF Guy (26 Jul 2018)

MarkOttawa said:
			
		

> New release from US Director of National Intelligence on report by US National Counterintelligence and Security Center (NCSC) (Canadian gov't should be taking all this a whole lot more seriously):
> 
> Mark
> Ottawa



You mean like this:  National Cyber Security Strategy (Released June 2018)


----------



## MarkOttawa (26 Jul 2018)

Retired AF Guy--a relevant tweet--funding per year is pretty pitiful:
https://twitter.com/OpenCanada/status/1010211060576497666



> OpenCanada
> ‏ @OpenCanada
> 
> The Canadian government’s pledge to invest $508 million over five years to support its updated #cybersecurity strategy is welcome news, although probably still insufficient given the magnitude of both cyber threats and opportunities.
> https://www.opencanada.org/features/better-late-never-updated-cyber-security-strategy-canada/



Mark
Ottawa


----------

