DISA seeks a faster track
10/08/07
By John Rendleman and Wyatt Kash
Officials explore better ways to deploy new technologies
Defense Information Systems Agency leaders are looking for new approaches to increase the speed with which they can get new information technology products into the field.
As the agency responsible for the operation, maintenance and protection of the Defense Department’s IT systems and networks — and DOD’s lead procurement agency for computing systems and network services — DISA puts a lot of emphasis on how quickly it delivers services and technologies.
The agency will turn to readily available products whenever it can, DISA officials said late last month, borrowing and adapting capabilities from other government agencies or buying commercial products.
“What we’re trying to do is to take a more strategic and horizontal view” of what products and services DOD needs and the various types of suppliers capable of meeting DOD’s needs, said John Garing, DISA’s chief information officer and director of its strategic planning and information directorate. He spoke at DISA’s Forecast to Industry in
Capability broker
The agency wants to emulate the private sector’s ability to respond almost instantly to new technology trends and the fast pace at which private companies are able to identify new technologies they want, buy them and deliver them to the workforce. Garing said he has a faster broadband connection at home than most DOD workers get at work and added that he found it repugnant that he can’t make comparable broadband network connections available throughout DOD.
One way DISA leaders think they could help is to establish an independent technology capability broker to help agency officials match DOD’s needs with the universe of possible sources for solutions.
The concept, Garing explained, is to help DISA more systematically identify best-of-class technologies and services outside the defense sector that could have potential military IT applications. Agency officials said a decision on whether to proceed with the idea is imminent.
Garing cited the need to keep abreast of private-sector technologies that DISA might consider adapting but don’t routinely come to the agency’s attention. He pointed to General Motors’ OnStar system, which can retrieve vehicle diagnostic information, as an example of the kind of IT tool that could offer widespread benefits for military vehicle fleet managers.
Agency leaders want to “look for technologies that aren’t necessarily known to the defense industry,” said David Bennett, deputy director of command and control capabilities at DISA.
DISA officials recently described how they believe the concept of capability brokers would operate and asked for the public’s feedback on the idea in a request for information. DISA will decide whether to formally pursue the concept once the responses are analyzed, Bennett said.
If DISA officials decide to move forward with the concept, he said, the agency likely would issue a request for proposals soon, in the first quarter of fiscal 2008.
The agency also is considering whether that role would be filled by an internal position or team or by an outside group. If it went to an outside entity, “it would require there is no conflict of interest,” Bennett said.
A central aspect of the concept of a capability broker is to reduce the time it takes to identify how technologies are being applied outside the defense industry and test their applicability for DISA customers, Lt. Gen. Charles Croom Jr., DISA’s director, told GCN.
When the presidents of the world's remaining superpower and the nation fast challenging for the title, George Bush of the
Now, even if not on the formal agenda, both sides are likely to be considering the prickly issue of cyber warfare, following the revelation that the Pentagon suffered a major breach by hackers reportedly working for the Chinese military earlier this year.
Disclosure by the Financial Times that the People's Liberation Army, or PLA, assaulted part of the Pentagon's system used by policy advisers to the defence secretary, Robert Gates, is the latest and potentially most serious breach and set alarm bells ringing across the
The Pentagon reportedly resisted the PLA onslaught for several months, but was finally penetrated, forcing a shutdown of that part of its network for a week. A spokesman would not comment on the assault or its source, but emphasised that any information obtained would have been unclassified. The timing of the attack, and the apparent involvement of the PLA, points to an escalation of anxiety in governments across the world.
Cyber warfare began with individuals, spread to criminal gangs, and is now reaching the realm of nation states.
The Chinese government denied the allegations but, tomorrow's presidential meeting aside,
The German chancellor's objections followed a report in Der Spiegel magazine that Chinese spying software had been found widely scattered through the networks of
Internet security experts have been tracking Chinese cyber warfare for several years. In 2005, US officials revealed that sweeps of
Last November, the
The threat of state-sponsored hacking is dominating the thoughts of security officials around the world. Some suggest as many as 120 countries are actively pursuing cyber warfare.
The extent of cyber warfare was underlined earlier this year when the Guardian revealed that Estonia had been almost overwhelmed by an attack believed to have originated inside Russia which rendered a number of government websites useless and was described by officials as a "very serious disturbance".
The US is particularly vulnerable, both because of the extent of interest in its activities around the world, and because of the sheer size of its systems. The Pentagon operates 3.5m computers across 65 countries, including 35 internal networks.
Its most sensitive network, Siprnet, is for secret information, and is thought never to have been hacked. Non-classified information passes through the less secure Niprnet; it is in one segment of this network the Chinese operation is believed to have pierced.
Though the Pentagon stressed that any emails intercepted would be unclassified, that does not inherently rule out disruption. Sami Saydjari, who worked as a Pentagon cyber expert for 13 years and now runs a private company, Cyber Defence Agency, said: "If someone is able to attack information that is needed by decision makers, or that is crucial to organising logistics and supply lines of an army on the ground, that means they can induce chaos in a nation."
It is not clear exactly how the hackers gained access to the Pentagon. It may be they deployed the principle of "elevating privilege", said Dan Haagman of the computer forensics company 7Safe. That would involve breaking into a single, unsecured computer used for mundane administrative tasks, then using its flaws to step across to other computers higher up the chain of command.
The pattern would be similar to that used by the British hacker Gary McKinnon, currently fighting extradition to the US after allegedly breaking into Pentagon and Nasa computers. In the German case, Der Spiegel said a so-called Trojan program implanted in Microsoft Word documents and PowerPoint files had been used to infect systems .
Other ways include viruses, worms, and "denial of service", where a computer system is bombarded with so much information it becomes inoperable. "We have gone well beyond teenagers who want their egos boosted. We're now into the organised kind of state activity that is truly serious," said Jody Westby, at CyLab based at Carnegie Mellon University.
The US strategic commander, General James Cartwright, this year gave a frank assessment in which he said that the military's defence against cyber warfare was disjointed, passive and "dysfunctional".
Army sets sights on targets in space and cyberspaceJonathan
The People's Liberation Army strategists have made little secret of their desire to establish cyber warfare units capable of mounting just such sorts of mission as the hacking of international government targets.
From a satellite-killing missile test in January to reports of spyware in German government computers last month, there are growing concerns that
For more than a decade the Chinese military has been aware of the potential of information warfare. Army journals and generals' speeches have emphasised the importance of securing "electromagnetic dominance" in the early stages of any conflict. Although the
The
This test heightened fears of the "
The technological prowess of
Chinese censors use some of the world's most sophisticated internet filters. The so-called Great Firewall of China restricts information about the Dalai Lama,
While
In
China-based hackers have also been blamed for attempted attacks on offices in the Houses of Parliament in
Invisible arms race: The internet balance of power
Claims that
Published: 06 September 2007
Somewhere here in
Their fellow scientists in the dusty city of
It's hard to believe in the 30-degree-plus heat of
The experts tell of how cyber spies breach supposedly unbreachable firewalls as smoothly as a skilled jewel thief, before swooping on a hard drive, snatching the secret files, and sending them to a third country, usually somewhere in Asia such as South Korea or Hong Kong. Then they make good their escape, often leaving no trace of the raid.
The secret agents and operatives are bleary-eyed computer whizzkids, cranked on cigarettes and coffee as they snoop through computer networks at Western military bases, armaments companies and aerospace giants. They hang out in online chatrooms rather than barrack rooms or smoky bars in communist enclaves, but they are just as hard to track as their Cold War counterparts.
Their methods may be hi-tech but the strategy is ancient – Trojan Horse software developed by the PLA's computer whizzes, disguised as PowerPoint or Word programmes, which find their way into computer systems in the corridors of power of London, into the Foreign Ministry and other government departments, even into the House of Commons. They redirect the programmes via South Korean networks or Taiwanese servers to disguise where they came from.
"There's a huge amount of cyber warfare going on here aimed at gathering intelligence and probing networks. There is also a huge amount of cyber espionage to access information about intellectual property rights and trade matters," said one security expert who did not wish to be named.
The US House of Representatives has said that intelligence gained through cyber espionage has allowed
And traditional espionage is also on the rise as global competition intensifies for new products. Defectors tell of plans to obtain hush-hush industrial information through operatives working at embassies, and post-graduate students or private individuals employed by companies for years. Pure John Le Carré territory.
At times, cyber espionage and good-old fashioned spying overlap – the greater use of laptop computers has led to more people having their secrets stolen from beside them on the evening train home or from their hotel room on business trips. German businessmen travelling to
Cyber espionage costs British companies billions of pounds every year, not only in the direct effects of stolen secrets, but in the loss of competitive advantage. There have long been reports that China operates a web of operatives throughout Europe, who penetrate all levels of key industries. "As cyber warfare grows, so does cyber espionage. There have been significant advances in China but I still think China is playing catch-up on the West in this game – the West has a lot more to spend – just look at the Chinese military budget and compare it to the American spending on defence," said the analyst.
Chinese cyber warfare and cyber espionage have been in the news since the German magazine Der Spiegel ran a report about Chinese hackers breaking into IT systems in the Chancellery using Trojans – just as Ms Merkel's plane was touching down at Beijing airport.
The timing of the report was embarrassing for the Chinese government, forcing Premier Wen Jiabao to stress China's anti-hacker credentials and pledge that China would co-operate closely with Germany to prevent such activity.
"The Chinese government attaches great importance to the hacker attack on the German government networks," he said, promising "determined" and "forceful" measures to combat it.
The news of cyber warfare from China was followed by reports that cyber warriors had penetrated the computer systems of the Pentagon in June.
Computer security experts say the key to the success of the cyber wars was deniability. The cyber spies use third-party computers in other countries as a way of covering their tracks. There could easily be a Trojan Horse sitting on your computer, creating a network right now, without your knowledge.
News of a security compromise is normally confined to officials with high security clearance, and not for public consumption, which has made some commentators sceptical that the Government would ever reveal any information about security breaches, unless it had sound political reasons for doing so.
"Ultimately, if Whitehall's secret networks were accessed, then there was a weakness there, so we'll never know how deeply the security breach went because no government will ever reveal that kind of weakness.
"A lot of this is a kneejerk reaction. If the alarm system in your house was compromised and someone broke into your house, would you publicise it?" said a security analyst.
One internet commentator points out how the US controls the domain name system (DNS), and could do a lot of damage to China by simply removing the "cn" domain.
The webheads speculate about just how the hackers were tracked, given that the routes they took are supposedly untraceable. And they say that spammers and organised gangs using automated penetration tools are a much greater threat than the Chinese army.
Other security experts believe that China is as much a victim as it is a perpetrator in this conflict and that the Chinese are being scapegoated for what is a much wider problem.
Around 60 per cent of attacks on US national defence systems are said to emanate from within America itself, said the analyst. That leaves 40 per cent for the rest of the world, which means that it can't all be China.
Russians are no slouches when it comes to hacking. In May this year, Estonia's websites were the victims of the world's biggest online assault by cyber vigilantes from Russia. Government ministries, banks and newspapers had their websites jammed after Estonia caused offence by re-burying a Russian soldier from the Second World War.
"Every government does it and no government is beyond accusation. The manner in which these breaches were supposed to have been carried out shows it was extremely clever programming. And at the end of the day, totally deniable."
A Chinese Foreign Ministry spokesman, Jiang Yu, said the accusations were groundless and reflected a Cold War mentality. "China and the US are now devoted to constructive relations and co-operation. The bilateral military ties enjoy a sound momentum of development. Under this backdrop, some people make wild accusations against China, suggesting that the PLA made cyber raids against the Pentagon," said Jiang. "Hacking is a global issue and China is a frequent victim in this regard. China is ready to enhance co-operation with other countries including the US in countering internet crimes".
Since the 9/11 attacks on US targets, officials have become much more aware of cyber espionage and the growing threat of China has been noted. In
Beijing is keen to match its growing economic strength with political and diplomatic influence in the Asian region, but regularly emphasises that the country is undergoing a "peaceful rise". China's defence budget has been increasing by double-digit percentages for several years, stepping up fear in self-ruled Taiwan, which Beijing sees as a renegade province, that China will invade if it ever tries to declare independence from the mainland.
At the National People's Congress in March, China said it would boost defence spending by 17.8 per cent, to £22bn, this year, though the US says the figure could reach £63bn.
Beijing points out that Washington spends £244bn a year on its military, not including Iraq and Afghanistan.
To some extent this is a form of asymmetric warfare, where countries which do not possess the same level of military power as their bigger enemies adopt dissimilar tactics to wage conflict. While China has 2.3 million soldiers, 800,000 reservists, and a People's Armed Police of 1.5 million, its military still lags that of many Western powers. So China's confronting Whitehall's and the Pentagon's IT installations is a way of undermining Western military might with clever computer hacking skills.
A key driver in the sudden interest in cyber warfare by the Americans was the confirmation in January this year that the Chinese had successfully shot down one of its own satellites. The test was criticised by the US, Japan, Canada and Australia and read as a sign that China was flexing its military muscle, a way of showing that it is capable of taking out spy satellites should the US follow up on its pledge to assist Taiwan in the event of a military escalation across the straits.
The test also came as a shock to military commanders in the West, a revelation about the level which Chinese technology had attained and they were surprised by the developments. If the reports are true of breaches in Whitehall, Berlin and the Pentagon, it is a sign that China's technological progress is taking place even faster than expected.
Sep 5, 2007
Several nations and groups are trying to break into the
The Chinese military’s cyberattack was carried out in June following months of efforts, the London-based Financial Times reported Tuesday, citing unnamed current and former U.S. officials.
Officials had told the paper the attack was by China’s People’s Liberation Army (PLA) and that it led to the shutdown of a computer system serving the office of Defense Secretary Robert Gates.
Patrick Ryder, a U.S. Defense Department spokesman, declined to comment on the reported Chinese attack but said the Pentagon “aggressively monitors its networks for intrusions and has appropriate procedures to address†them.
“We know that a number of nations and groups are actively developing these capabilities,†he told AFP.
“We have seen attempts by a variety of state- and nonstate-sponsored organizations to gain unauthorized access to, or otherwise degrade, [Department of Defense] information systems,†he said without identifying them.
Ryder said the department would not comment specifically on investigations underway or incidents for obvious reasons.
It also would not discuss details of the potential impact to its networks, operations or protection efforts and strategies.
Without referring to the Chinese attack, Ryder said that late last spring — around the time the reported Chinese military hacking took place — the “unclassified†e-mail system at Gates’ office was briefly taken offline due to a “detected penetration.â€
“All precautionary measures were taken, and the system was restored to service soon afterward,†he said.
The department, he said, had back-up systems in place, and there was no damage done to its operations.
“There were some minor administrative disruptions and personal inconveniences.â€
One senior
“The PLA has demonstrated the ability to conduct attacks that disable our system,†the paper quoted a former U.S. official as saying.
While denying the accusations, Chinese foreign ministry spokeswoman Jiang Yu in
Reports of
The German weekly Der Spiegel reported that espionage programs traced to the PLA had been detected in computer systems at Merkel’s office, the foreign ministry and other government agencies in
Chinese military hacked into US defence secretary's office: Pentagon
10 September 2007
The cyber attack in June that targeted the office of
The
The Pentagon cyber attack was particularly disquieting, apparently, as it involved not just passive snooping, but disruption of networks as well. The FT quoted a former official as saying that: "The PLA has demonstrated the ability to conduct attacks that disable our system." The Pentagon had to close parts of its unclassified computer system in June to deal with the attacks.
The
This is not the first allegation about the Chinese PLA's cyber snooping and hacking abilities. Earlier, German newspapers reported about of the insertion of spyware, by the PLA, into German government computers at the Chancellery and three ministries.
The British government also seems to have suffered similar attacks. Eliza Manningham-Buller, former head of MI5, is supposed to have privately told a group of businessmen last year that the UK government had been the target of hacking attacks from China that were suspected to be state sponsored. The Guardian recently reported that parliament and the Foreign Office had been attacked by hackers.
Targets are not limited to governments, but include private companies too. However, some experts point out that while
They say the Pentagon is concerned because cyberspace is the one domain where the Chinese can challenge
Chinese military strategy places increasing emphasis on space and cyberspace as key domains in modern wars, where the information that flows over networks is central to the battle effort. Not so long ago,
But
Chinese hackers preparing attack on US carrier fleet: Pentagon
8 Sep, 2007
According to a Pentagon report obtained by The Times, the blueprint for such an assault, drawn up by two hackers working for the People's Liberation Army (PLA), is part of an aggressive push by
Describing what is in effect a new arms race, a Pentagon assessment states that China's military regards offensive computer operations as "critical to seize the initiative" in the first stage of a war.
The plan to cripple the
The revelation of this new plan comes in the wake of reports that Chinese hackers have already hacked key government institutions in
President Bush, without referring directly to Beijing, said this week that "a lot of our systems are vulnerable to attack," and indicated that he would raise the subject with Hu Jintao, the Chinese President, when they met in Sydney at the APEC Summit.
Hu is in a state of denial about the hacking allegations.
Larry M. Wortzel, the author of the US Army War College report, said: "The thing that should give us pause is that in many Chinese military manuals they identify the US as the country they are most likely to go to war with. They are moving very rapidly to master this new form of warfare."
The two PLA hackers produced a "virtual guidebook for electronic warfare and jamming" after studying dozens of US and NATO manuals on military tactics, according to the document.
The Pentagon logged more than 79,000 attempted intrusions in 2005, of which about 1,300 were successful, including the penetration of computers linked to the Army's 101st and 82nd Airborne Divisions and the 4th Infantry Division.
Chinese hackers also disrupted the US Naval War College's network in November 2005, forcing the college to shut down its computer systems for several weeks.
The Pentagon uses over five million computers on 100,000 networks in 65 countries.
Jim Melnick, a recently retired Pentagon computer network analyst, told The Times that the Chinese military holds hacking competitions to identify and recruit talented members for its cyber army.
He described a competition held two years ago in Sichuan province, southwest China. The winner now uses a cyber nom de guerre, "Wicked Rose".
Chinese hackers cyber-attacking British government networks
Chinese computer hackers are infiltrating British government networks, giving them access to secret information, according to media reports on Thursday.
The reports in The Times and The Independent newspapers come a day after US President George W. Bush said he may bring up the issue of suspected Chinese cyber-attacks on the
"
Another senior government source, meanwhile, told The Independent: "Governments throughout the West have been aware of this for a number of years. It has been an ongoing practice by the Chinese. They are trying it all the time. The firewalls that need to go in are going in."
Both the Foreign Office and the Ministry of Defence have declined to comment on the reports.
In
Unanmed officials told the Financial Times the attack was by
·Ñ¡ÉÔ³ÊÃéÒ§ Official Thaksin Website
ÊÃØ»¹Ó: à¾×è͹æºÍ¡ÁÒÇèÒ àǺΌæ·Ñ¡ÉÔ³µÍ¹¹ÕéÁÕà»ç¹ÊÔºæáÅéÇ·ÑèÇâÅ¡ ¶éÒ·Ñ¡ÉÔ³à»Ô´ Official Website ¢Öé¹ÁÒ äÁèµÒ¡ѹËÁ´àÅÂËÃ×Í ¤×ͨР“áË駡Ãͺ” à¾ÃÒÐäÁèÁÕ¢éÍÁÙÅäÁèÁÕÍÐäÃãËÁèÁÒàÅÕé§ “¼Á¹ÕèÃÑ¡·Ñ¡ÉÔ³¨ÃÔ§æ¹Ð” áµèàÍÒÍÕ¡áÅéÇ ·ÕèÅéÁ令ÃÒÇ·ÕèáÅéÇ¡çÍÂèÒ§¹ÕéËÅÐ “¤×ÍÊÒµçµÑ´¾èͤéÒáÁé¤éÒ¤¹¡ÅÒ§ÍÍ¡ËÁ´” ¨¹¤¹à¢ÒäÁèÁÕ·ÕèàÅ蹡ѹ ¡ÅÒÂÁÒà»ç¹ÈѵÃ١ѹä»ËÁ´ ÁÒ¤ÃÒǹÕé ¶éÒ ÇÍÃìÃÙÁ àÅç§äÇé¶Ù¡ Official Website ¹Õè ŧ·Ø¹¡Ñ¹à»ç¹ÊÔºæÅéÒ¹ àÃÕ¡ÇèÒ¤§¨ÐÍÍ¡ÁÒÊØ´ÂÍ¡ ª¹Ô´ “àǺ” ΌÍ×è¹æµÒÂËÁ´
ÇÍÃìÃÙÁ “»Ù´¢éÍÁÙÅ” ·Ñ¡ÉÔ³ãªé 50 ÅéÒ¹ ÊÃéÒ§àǺ
¹ÒÂ
ÅѡɳйÕéµéͧÁաͧºÃóҸԡÒèѴ·Ó¢éÍÁÙÅ·Ñé§ÀÒÉÒä·ÂáÅÐÀÒÉÒÍѧ¡ÄÉ ÃÇÁ·Ñ駤èҨѴ·ÓáÅШ´·ÐàºÕ¹ µéͧãªé§º»ÃÐÁÒ³äÁèµèÓ¡ÇèÒ 50 ÅéÒ¹ºÒ· áµè¤§äÁèãªèàÃ×èͧãËèÊÓËÃѺÍÀÔÁËÒàÈÃÉ°ÕáʹÅéÒ¹ÍÂèÒ§ ¾.µ.·.·Ñ¡ÉÔ³
à¼Âãªé·ÕÁÍ´ÕµºÔ꡷÷.·ÓàÇçº"·Ñ¡ÉÔ³"
ÃÒ§ҹ¢èÒǨҡ¡ÅØèÁä·ÂÃÑ¡ä·Â á¨é§ÇèÒ ËÅѧ¨Ò¡·Õè ¾.µ.·.·Ñ¡ÉÔ³Êè§ÊÑÒ³¼èÒ¹¹ÒÂ
¡àÅÔ¡ ¤»¤ ©ºÑºËéÒ “àǺ·Ñ¡ÉÔ³©ÅØ”
¨ÐäÁèÁÕ¡ÒÃÊÑè§ãËé»Ô´àÇçºä«´ì´Ñ§¡ÅèÒÇà¹×èͧ¨Ò¡ä´é¡àÅÔ¡»ÃСÒÈ ¤³Ð»¯ÔÃÙ»¡Òû¡¤Ãͧã¹Ãкͺ»ÃЪҸԻäµÂÍѹÁÕ¾ÃÐÁËÒ¡ÉѵÃÔÂì·Ã§à»ç¹»ÃÐÁØ¢ ËÃ×Í ¤»¤.©ºÑº·Õè 5 áÅéÇ ÍÂèÒ§äáçµÒÁ ¡ÒÃà»Ô´àÇçºä«µì¢Í§ ¾.µ.·.·Ñ¡ÉÔ³ ¨ÐäÁè·ÓãËéà¡Ô´¤ÇÒÁÊѺʹáÅлÃЪҪ¹¹èÒ¨Ðà¢éÒã¨
¼Ùé¨Ñ´¡Òú͡à»Ô´àǺ ¤×Í “·Ñ¡ÉÔ³ ËéÒÇ”
“·Ñ¡ÉÔ³” ËéÒÇ˹ѡàµÃÕÂÁà»Ô´àÇçºä«´ì¾ÔàÈɾÃéÍÁÇÕ´ÕâͤÅÔº ËÇѧ»ÅØ¡ÁçͺÊÁع㹻ÃÐà·Èä·Â ¾ÃéÍÁãËé¢éÍÁÙŵͺâµé·Ø¡¤´Õ “¹¾´Å” ´Ñ¡¤Í ¤Áª. ÍÂèÒµÃÐ˹ѡ¶Ö§¡ÑºÊÑè§ãËéäÍ«Õ·ÕºÅçͤàÇçºä«´ì ÍéÒ§ä´éäÁèà»ç¹¡ÒÃà¤Å×è͹äËÇ·Ò§¡ÒÃàÁ×ͧ à¼Â “à¨ê˹èÍ”ÊÒµçÃÒ§ҹ¤ÇÒÁ¢Ñ´áÂ駡Ѻ “¨ÒµØùµì” ã¹ ·Ã·.áµèÅÙ¡¾ÕèäÁèʹ¶×Íà»ç¹àÃ×èͧ»¡µÔ ´éÒ¹ “¨ÒµØùµì” Âѧ¡éÁ˹éÒ¡éÁµÒà´Ô¹Ë¹éÒÊÅÒ¡ÅØèÁ-¡êǹ ÃѺµÑ駤³Ð¼ÙéºÃÔËÒÃäÁèä´é¶ÒÁà¨éÒµÑÇ ÍéÒ§ “ÊÃÍÃö” ÁÒ»ÃЪØÁ ·Ã·.ºè֧ͨãËéà¡ÕÂõÔáµè§µÑé§
á¹Ç¤Ô´·Ñ¡ÉÔ³ “à¹é¹Ê×èÍÊÒáѺΌæ”
¹ÒÂ
·Ñ¡ÉÔ³¨ÐµÍº¡ÃзÙé·Ò§àǺ
ÃÇÁ·Ñ駨ÐÁÕàÇ绺ÍÃì´ à»ç¹¾×é¹·ÕèÊÓËÃѺãËé¾.µ.·.·Ñ¡ÉÔ³µÍº¤Ó¶ÒÁ·Õè¼Ùéà¢éÒªÁàÇç»Ê觨´ËÁÒ ËÃ×ÍáÊ´§¤ÇÒÁ¤Ô´àËç¹¼èÒ¹¡ÃзÙé ÃÇÁ·Ñ駨ÐÁÕ¡ÒöèÒ·ʹÀÒ¾áÅÐàÊÕ§¼èÒ¹·Ò§ ÇÕ´ÕâͤÅÔ» «Ö觨зÓãËé»ÃЪҪ¹·Õèµéͧ¡ÒÃÃѺ·ÃÒº¢éÍÁÙÅ¢éÍà·ç¨à¡ÕèÂǡѺ ¾.µ.·.·Ñ¡ÉÔ³ÍÂèÒ§Ãͺ´éÒ¹ ÊÒÁÒöà¢éÒÃѺªÁä´é·Ø¡àÇÅÒ áÅÐÁÕ·Ñé§ÀÒÉÒä·ÂáÅÐÀÒÉÒÍѧ¡ÄÉ·Õè¨Ð·ÓãËé»ÃЪҪ¹·ÑèÇâÅ¡ÊÒÁÒöà¢éÒªÁàÇç»ä«µì´Ñ§¡ÅèÒÇä´é
ÅèÒÊØ´¡ÓÅѧ¨Í§ª×èÍ
·Ñ駹Õé ÅèÒÊØ´¡ÒèѴàµÃÕÂÁàÇç»ä«µì´Ñ§¡ÅèÒÇ¡ÓÅѧÍÂÙèã¹¢Ñ鹵͹¢Í§¡Òâͨͧª×èÍ àǻ䫵ì â´Â¨Ðãªéª×èͧ͢ ¾.µ.·.·Ñ¡ÉԳ㹡ÒèѴµÑé§àÇç»ä«µì´Ñ§¡ÅèÒÇ´éÇ «Ö觤ҴÇèÒ¨ÐÊÒÁÒöà»Ô´µÑÇàÇç»ä«µì´Ñ§¡ÅèÒÇä´éã¹àÃçÇæ ¹Õé ÍÂÒ¡½Ò¡ ¤Áª.ÇèÒÍÂèÒµ×è¹µÃÐ˹¡ ¨¹à¡Ô¹à赯 áÅÐÊÑ觡ÒÃãËé¡ÃзÃǧäÍ«Õ·ÕÁÒºÅçͤàÇç»ä«µìà¾ÃÒСÒôÓà¹Ô¹¡Òôѧ¡ÅèÒÇ äÁèãªè¡ÒÃà¤Å×è͹äËÇ·Ò§¡ÒÃàÁ×ͧà¾×èÍ·ÓÅÒ¡ѹ áµèà»ç¹´Óà¹Ô¹¡ÒÃÍÂèÒ§¶Ù¡µéͧ µÒÁ¡®ËÁÒÂáÅÐäÁèä´éÁÕ¢éÍÁÙÅ·ÕèÊÃéÒ§¤ÇÒÁàÊÕÂËÒÂãËé¡Ñº¼Ùéã´
¹Ò¹¾´Å ¡ÅèÒÇÇèÒ ¾.µ.·.·Ñ¡ÉÔ³ µéͧ¡ÒÃà«ç»ä«µì·Õè¨Ð¨Ñ´·Ó¢Öé¹à»ç¹ áËÅ觢éÍÁÙÅ ãËé»ÃЪҪ¹áÅÐàÂÒǪ¹ä´é·ÃÒºãËé¢éÍÁÙÅ¢éÍà·ç¨¨ÃÔ§à¡ÕèÂǡѺµÑÇ·èÒ¹ µÅÍ´¨¹ä´éÃѺ·ÃÒº¢éÍÁÙÅ à¡ÕèÂÇ¢éÍ¡ÅèÒÇÍÂèÒ§¤Ãº·Ø¡´éÒ¹ ¢³Ðà´ÕÂǡѹ¡ç¨Ðà»ç¹àÇç»äǵì·ÕèÁÕÊÕÊѹà»ç¹ªèͧ·Ò§Ê×èÍ áººÊͧ·Ò§¡Ñº»ÃЪҪ¹ â´Â¾.µ.·.·Ñ¡ÉÔ³¡ç¨Ð¹Ó¤ÇÒÁÃÙé¢Í§·èҹ㹴éÒ¹µèÒ§æ äÁèãªèá¤è¡ÒÃàÁ×ͧâ´Â¨ÐÁÕ·Ñé§ Êèǹ¢Í§¡ÕÌÒ ÇÔÊÑ·ÑÈ¹ì »ÃÐʺ¡Òóì㹡Ò÷ӧҹ ¡ÒÃàÁ×ͧ áÅÐá¹Ð¹Ó˹ѧÊ×Í
àǺ¨ÐãËé¤ÇÒÁÃÙéàÃ×èͧ»ÃЪҸԻäµÂ
¢³Ðà´ÕÂǡѹ¡çãËé¤ÇÒÁÃÙéàÃ×èͧ»ÃЪҸԻäµÂ à¾×èÍàµÃÕÂÁ¤ÇÒÁ¾ÃéÍÁãË餹ä·Â ã¹Í¹Ò¤µâ´Âã¹àÃçÇæ ¹ÕéàÃÒ¡ç¨ÐËÒªèͧ·Ò§¡ÒÃÊ×èÍÊÒÃÍ×è¹æ à¾ÔèÁÍÕ¡ «Öè§Çѹ¹ÕéàÃÒ¡çÂѧàª×èÍÇèÒ ¡ÒÃàÅ×Í¡µÑ駤ÃÑé§Ë¹éÒ¹Õé¨Ðà»ç¹¨Ø´à»ÅÕè¹à»ç¹âÍ¡ÒÊãË餹ÃÑ¡·Ñ¡ÉÔ³ÃÑ¡»ÃЪҸԻäµÂä´éáÊ´§à¨µ¨Ó¹§ã¹¡ÒÃäÁèÃѺ༴稡ÒÃâ´Â¼èÒ¹¡ÒÃàÅ×Í¡µÑé§áÅÐàÅ×Í¡ ¾Ãää·ÂÃÑ¡ä·Â â´Â¤Áª.àͧ¡çµéͧÃѺ»Ò¡ÇèÒàÁ×èͼšÒÃàÅ×Í¡µÑé§ÍÍ¡¡ÁÒáÅéÇä·ÂÃÑ¡ä·Â¡ÅѺÁÒÍÕ¡¡çÍÂèÒ¡ÅѺÁÒÂÖ´ÍÓ¹Ò¨ÍÕ¡
·Ñ¡ÉÔ³¨ÐãªéàǺ “ᨧ¢éÍ¡ÅèÒÇËÒ”
¾Å.Í.
¾Å.Í.
¼ÙéÊ×èÍ¢èÒǶÒÁ¶Ö§¡Ã³Õ·Õè ¾.µ.·.·Ñ¡ÉÔ³ÍéÒ§à˵ØäÁèà´Ô¹·Ò§¡ÅѺà¢éÒ»ÃÐà·Èà¾ÃÒÐà¡Ã§äÁè»ÅÍ´ÀÑÂ㹪ÕÇÔµáÅзÃѾÂìÊÔ¹ ¾Å.Í.ÊØÃÂØ·¸ì¡ÅèÒÇÇèÒ ä´éàÃÕ¹ÂéÓËÅÒ¤ÃÑé§áÅéÇÇèÒã¹°Ò¹ÐËÑÇ˹éÒ½èÒºÃÔËÒà à»ç¹Ë¹éÒ·Õè¢Í§µ¹â´ÂµÃ§·Õè¨Ðµéͧ´ÙáÅàÃ×èͧ¤ÇÒÁ»ÅÍ´ÀÑ ¡ç¢ÍãËé¤ÓÁÑè¹ÇèҨдÙáÅÍÂèÒ§àµçÁ·Õè
ÂѹäÁèºÅçͤàÇçº"·Ñ¡ÉÔ³"ᨧÊÙ餴Õ
¾Å.Í.ÊØÃÂØ·¸ì¡ÅèÒǵèÍÇèÒ Êèǹ·Õè ¾.µ.·.·Ñ¡ÉÔ³¨Ðà»Ô´àÇçºä«µìÊÙé¹Ñé¹ ¡ç¶×Íà»ç¹àÃ×èͧ·Õè·Óä´é áµè¤Ô´ÇèÒÊÔ觷Õè¨ÐªÕéᨧä´é´Õ·ÕèÊØ´¤×Íà¢éÒÁÒÍÂÙè㹡Ãкǹ¡ÒÃÂصԸÃÃÁ ¨Ðä´é´Ù¡Ñ¹·Ñé§ 2 ´éÒ¹·Ñ駼Ùé¡ÅèÒÇËÒáÅмÙé¶Ù¡¡ÅèÒÇËÒ ÁÕ¡ÒõÃǨÊͺ àÃÒ¨Óà»ç¹µéͧÂ×¹ÍÂÙ躹ËÅÑ¡¢Í§¤ÇÒÁà»ç¹¸ÃÃÁ
"áµèÂ×¹ÂѹÇèÒÃÑ°ºÒŨÐäÁèÊÑ觺Åçͤ ËÃ×ͻԴ¡Ñé¹àÇçºä«µì áÅТ³Ð¹ÕéÃÑ°ºÒÅä´é¡àÅÔ¡»ÃСÒȤ³Ð»¯ÔÃÙ»¡Òû¡¤Ãͧã¹Ãкͺ»ÃЪҸԻäµÂÍѹÁÕ¾ÃÐÁËÒ¡ÉѵÃÔÂì·Ã§à»ç¹»ÃÐÁØ¢ (¤»¤.) ©ºÑº·Õè 5 «Öè§ãËéÍÓ¹Ò¨ÃÑ°Á¹µÃÕÇèÒ¡ÒáÃзÃǧ෤â¹âÅÂÕÊÒÃʹà·ÈáÅСÒÃÊ×èÍÊÒà (äÍ«Õ·Õ) 㹡ÒûԴàÇçºä«µìä»áÅéÇ ¹Ñ蹡çà»ç¹¤ÇÒÁµÑé§ã¨¢Í§ÃÑ°ºÒÅ·Õè¨Ð·ÓãËéà¡Ô´¤ÇÒÁâ»Ãè§ãÊ"
¼ÙéÊ×èÍ¢èÒǶÒÁÇèÒ ËÒ¡àÇçºä«µì´Ñ§¡ÅèÒÇÁÕà¹×éÍËÒ·Õè·ÓãËé»ÃЪҪ¹ÊѺʹáÅÐÍÒ¨à¡Ô´¤ÇÒÁÇØè¹ÇÒ ¨Ð¾Ô¨ÒóÒÍÂèÒ§äà ¹Ò¡ϡÅèÒÇÇèÒ ¤Ô´ÇèÒ»ÃЪҪ¹¤§à¢éÒã¨
"ºØÃÍ´"ªÕéà»Ô´àÇ纻èǹ"äÍ«Õ·Õ"ÊÑ觻Դä´é
·Õè¡ÃÁ¡Òâ¹Ê觷ËÒú¡ (¢Ê.·º.) ¾Å.Í.
¼ÙéÊ×èÍ¢èÒǶÒÁÇèÒ ·ÓäÁ ¾.µ.·.·Ñ¡ÉÔ³äÁèÂÍÁ¡ÅѺÁÒµèÍÊÙ餴յÒÁ¡Ãкǹ¡ÒÃÂصԸÃÃÁ ¾Å.Í.ºØÃÍ´¡ÅèÒÇÇèÒ à¤ÂºÍ¡áÅéÇÇèÒ¤ÇèСÅѺÁÒµèÍÊÙ餴յÒÁ¡Ãкǹ¡ÒÃÂصԸÃÃÁ ¶éÒËÒ¡ÁÑè¹ã¨ÇèÒµÑÇàͧºÃÔÊØ·¸Ôì áÅÐÁÕâÍ¡ÒÊ·Õè¨Ð¡ÅѺÁÒ·Ó§Ò¹·Ò§¡ÒÃàÁ×ͧã¹ÀÒÂÀҤ˹éÒä´é áµèµÍ¹¹Õé ¾.µ.·.·Ñ¡ÉÔ³¡ÅÑÇ·Õè¨Ð¡ÅѺÁÒÁÒ¡¡ÇèÒ ´Ñ§¹Ñé¹ ¨Ö§µèÍÊÙéÍÂÙè¢éÒ§¹Í¡
¾Å.Í.Í.ªÅÔµ ¾Ø¡¼ÒÊØ¢ ¼ÙéºÑªÒ¡Ò÷ËÒÃÍÒ¡ÒÈ (¼º.·Í.) Ãͧ»Ãиҹ¤³ÐÁ¹µÃÕ¤ÇÒÁÁÑ蹤§áËè§ªÒµÔ (¤Áª.) ¡ÅèÒǶ֧¡Ã³Õà´ÕÂǡѹÇèÒ ¤§ä»ËéÒÁäÁèä´é »ÃЪҪ¹¨Ð¾Ô¨ÒóÒàͧÇèÒ¨Ðàª×èͶ×ÍËÃ×ÍäÁè ¤Áª.¤§äÁè仺ѧ¤ÑºäÍ«Õ·Õ ¡ç¤§àʹ͹Ò¡ÏãËé仾ٴ¤Ø¡ѺÃÑ°Á¹µÃÕäÍ«Õ·Õ
¡Ãзº¤ÇÒÁÁÑ蹤§ “»Ô´·Ñ¹·Õ”
¾Å.Í.
»»ª àÁÔ¹ àǺ·Ñ¡ÉÔ³
¹ÒÂ
A world wide web of terror
Al-Qaeda's most famous web propagandist is jailed, but the internet remains its best friend
Among the material recovered from Mr Bektasevic's flat, police found 19kg of explosives, weapons, a video with instructions for making a suicide vest and a video recording of masked men proclaiming their membership of “al-Qaeda in northern
Two days later, British police raided a flat in a terraced house in west
The trial of Mr Tsouli and his co-defendants—Waseem Mughal, a British-born graduate in biochemistry (aka Abuthaabit), and Tariq al-Daour, a law student born in the United Arab Emirates—came to an end this month when they belatedly pleaded guilty to charges of incitement to murder and conspiracy to murder. The court also heard that Mr al-Daour ran a £1.8m credit-card fraud and used the funds to buy equipment for jihadi groups. Mr Tsouli and Mr Mughal used stolen credit-card numbers to set up jihadi websites. Mr Tsouli was sent to jail for ten years; the others received shorter sentences.
There have been several arrests in
Past technological innovations, such as telephones or fax machines, have quickly been exploited by terrorists. But the information revolution is particularly useful to them. To begin with, encrypted communications, whether in the form of e-mail messages or, better still, voice-over-internet audio, make it much harder for investigators to monitor their activity. Messages can be hidden, for instance, within innocuous-looking pictures.
Of jihad and camels
The internet's decentralised structure, with its origins in military networks designed to survive nuclear strikes, now gives jihadi networks tremendous resilience. Jihadi websites constantly come and go, sometimes taken down by service providers only to reappear elsewhere, sometimes shifted deliberately to stay ahead of investigators. As one expert put it: “It's like the old game of Space Invaders. When you clear one screen of potential attackers, another simply appears to take its place.”
One of the most prolific al-Qaeda strategists is Abu Musab al-Suri. He is now in American custody, but his 1,600-page opus, “The Global Islamic Call to Resistance”, survives. It advocates the creation in the West of self-starting, independent terrorist cells, not directly affiliated to existing groups, to stage spectacular attacks.
A world wide web of terror
Al-Qaeda's most famous web propagandist is jailed, but the internet remains its best friend
Among the material recovered from Mr Bektasevic's flat, police found 19kg of explosives, weapons, a video with instructions for making a suicide vest and a video recording of masked men proclaiming their membership of “al-Qaeda in northern
Two days later, British police raided a flat in a terraced house in west
The trial of Mr Tsouli and his co-defendants—Waseem Mughal, a British-born graduate in biochemistry (aka Abuthaabit), and Tariq al-Daour, a law student born in the United Arab Emirates—came to an end this month when they belatedly pleaded guilty to charges of incitement to murder and conspiracy to murder. The court also heard that Mr al-Daour ran a £1.8m credit-card fraud and used the funds to buy equipment for jihadi groups. Mr Tsouli and Mr Mughal used stolen credit-card numbers to set up jihadi websites. Mr Tsouli was sent to jail for ten years; the others received shorter sentences.
There have been several arrests in
Past technological innovations, such as telephones or fax machines, have quickly been exploited by terrorists. But the information revolution is particularly useful to them. To begin with, encrypted communications, whether in the form of e-mail messages or, better still, voice-over-internet audio, make it much harder for investigators to monitor their activity. Messages can be hidden, for instance, within innocuous-looking pictures.
Of jihad and camels
The internet's decentralised structure, with its origins in military networks designed to survive nuclear strikes, now gives jihadi networks tremendous resilience. Jihadi websites constantly come and go, sometimes taken down by service providers only to reappear elsewhere, sometimes shifted deliberately to stay ahead of investigators. As one expert put it: “It's like the old game of Space Invaders. When you clear one screen of potential attackers, another simply appears to take its place.”
One of the most prolific al-Qaeda strategists is Abu Musab al-Suri. He is now in American custody, but his 1,600-page opus, “The Global Islamic Call to Resistance”, survives. It advocates the creation in the West of self-starting, independent terrorist cells, not directly affiliated to existing groups, to stage spectacular attacks.
The Chinese government is an infamous enforcer of digital apartheid; when its citizens try to access prominent international Web sites like Wikipedia and Flickr, they hit a filter that blocks politically sensitive material. In the West, that information blockade is often described as the "Great Firewall of China."
But in Mandarin, it is called jindun gongcheng, the Golden Shield. As that name implies,
"
In the
Sizing up threats in a hypothetical cyber-war is still based on educated guesswork and speculation, but no longer mere science-fiction: A political dispute in May over a U.S.S.R. memorial in Estonia led to massive attacks on the country's government Web sites; state servers were paralyzed with "distributed denial of service" attacks, which use tens of thousands of simultaneous requests for information to overwhelm Web-connected computers.
The threat of an information-based war with
The first shots may have already been fired: In August and September 2006, Chinese computers penetrated the State Department and the U.S. Department of Commerce's Bureau of Industry and Security. The attack, known as "Titan Rain," forced the government to replace hundreds of computers and take others offline for a month. While that attack couldn't be traced to any official source, the U.S.-China Economic and Security Review commission subsequently claimed that
If
Chinese cyber-attacks might take the same form as the denial of service attacks that rattled
The exact anatomy of the shield is known only to the Chinese government, but most security professionals believe it's capable of not only filtering for certain politically charged keywords, but also examining the structure and origin of information moving into and out of the country's networks. That means botnet attacks could be deflected more easily than in the
Still, the shield's effectiveness as a defense in cyber-warfare is far from clear: Bruce Schneier, the founder and chief technology officer of security firm BT Counterpane, argues that no single strategy can stop determined hackers.
"It's a pipe dream to think that a country can secure its cyber-borders," says Schneier. He points out that in general, security vulnerabilities are much easier to find than they are to patch. "If you look at what's happening now in the computer security field, the bad guys are winning, and they're just criminals," says Schneier. "Imagine if militaries got involved."
If
"It's true that it's impossible to completely defend against denial of service attacks and still be accessible," says Marcus Ranum, chief security officer of Tenable Security. "But if you're willing to go off the air completely, you could disrupt the enemy's command and control." Ranum suggests that
If China made itself immune from outside attack, it could still be vulnerable to botnets run from within the country, says Allan Paller, director of research at the SANS Institute. "Installing malware on computers within the country would be the real key to an Internet Cold War," he says. Military enemies could launch denial of service attacks that begin and end within
To grab control of those computers, Paller imagines CIA agents working in Chinese Internet cafes or other domestic access points. Timed botnet attacks could also be organized to launch automatically, without an external go-ahead.
At the end of 2006,
Whether of note the
There are tools that end users will find useful in their day-to-day work without thinking of the security side. - Craig Schmugar
Since becoming a threat researcher for McAfee’s Avert Labs in 2000, Craig Schmugar has analyzed malicious software and potentially unwanted programs, developed virus definition files, created virus descriptions, and invented antivirus-related technologies. He has discovered and named hundreds of viruses and Trojans, including the infamous Mydoom and Sasser. During the past few years, Schmugar has seen the trend in information technology security threats shift from high-profile, high-volume attacks to more targeted, under-the-radar attacks, while motivation has shifted from bragging rights to financial gain. Although the profile of the attacks may be lower, the stakes continue to grow, and security administrators are finding that traditional signature-based tools no longer are adequate for protecting networks and applications.
GCN: What significant shifts have you seen recently in threats?
SCHMUGAR: We are just now starting to see some more selective targeting. Typically, attacks in e-mail were often blasted to many people within an organization, whereas now we are starting to see C-level executives targeted, a continuation of the low-noise threats which we have been seeing for some time, trying to keep them out there longer. In Web compromises, we are seeing more examples of automation to inject malicious code into every page that a Web server has access to. It challenges the whole concept of trusted sites. Secondary targets are being used more, so maybe instead of someone directly going after your bank account with a phishing attack, they might go after your MySpace account or something that is likely to have less repercussion for the attacker. People might not be as much on their guard for phishing attacks against something like a networking site, but it is likely that a significant percentage of credentials used on these sites would also be used elsewhere.
GCN: New functionality, such as instant messaging or wireless networking, often is introduced into an enterprise informally and becomes a business application by default rather than by plan. How can enterprises protect themselves against the vulnerabilities created by this process?
SCHMUGAR: That is a challenge for a lot of organizations. Having good business policies in place and controls that make it more difficult for people to experiment with and adopt applications that might put the environment at risk can help. The other side of that is that the organization needs to have some flexibility and responsiveness to the needs of their users. When people are finding a business reason to have a new application, there needs to be some ability to do research and find a tool that can satisfy everybody and creates less of a security risk that can be run in a more controlled manner and be monitored; something that can be run on the IT organization’s terms.
GCN: What new applications or functionalities should administrators now be paying attention to?
SCHMUGAR: There are tools that end users will find useful in their day-to-day work without thinking of the security side. Google Desktop is one example, or desktop search tools in general, depending on how they function. Yes, it might make it easier for the user to access data more quickly, but it could potentially allow hackers to access it more quickly. Web 2.0 applications where the user base en masse is adding content to the site can pose a concern, [as can] sites such as Second Life.
GCN: What are the new vectors for malicious code in terms of new endpoint devices that people should be worrying about now?
SCHMUGAR: There is a sense of what is old is new again, such as parasitic malware coming back or a rise in targeting USB drives instead of network drives. If the malicious code is run on one box that has a USB stick in it, it will copy itself to the USB stick so that when it is put in another box it could autorun again. A lot of these newer devices that have wireless capability don’t have to use that wireless access to be connected to the network. If it’s a USB stick that has no networking ability at all, when you put that in a box on the network, code can run from there to the network.
GCN: Is radio frequency identification a valid security concern at this time?
SCHMUGAR: It is a valid concern. That is not to say there are widespread attacks. Numerous and effective proof of concepts have been publicized. We know there are weaknesses. How frequently those are being exploited are less significant than a lot of other things. For an organization that was using the technology heavily, it would be higher up on their radar. There are lots of different threats out there, and RFID would be hard to place above a lot of these other concerns.
GCN: Windows
SCHMUGAR: People have been trying to poke holes in it, with some success. There have been a fairly low number of vulnerabilities disclosed for it. It is early in the adoption phase. But on the other hand, the security improvements have made it more resilient. Out of the box, it is configured to be more secure.
Whether the number of vulnerabilities we are seeing is a direct result of that is unclear. In all likelihood, yes. On the other hand, we have seen some vulnerabilities and we’re likely to see more. We didn’t see the same explosion of attention for
GCN: Have threats emerged from this attention to the iPhone?
SCHMUGAR: Nothing really definitive. There have been a couple of passwords that have been cracked to gain root access, but at this point, I haven’t seen anything that people have been able to do with that password. People are trying to unlock the phone so they could potentially use it on other carriers, and one of the hurdles there is the activation process that requires iTunes. There has been some progress made in trying to spoof that iTunes activation process. At this point I’m not aware of anything conclusive, but clearly there are a number of people looking at it and making some headway.
Air Force Draws Weekend Cyberwarriors From Microsoft, Cisco
If the U.S. Air Force is ever ordered into a cyberwar with a foreign country or computer-savvy terrorist group, the 100-plus citizen cybersoldiers at the Air National Guard's 262nd Information Warfare Aggressor Squadron will boast an advantage other countries can't match: They built the very software and hardware they're attacking.
That's because the 262nd, based at McChord Air Force Base outside
"We ... must capitalize on the talent and expertise of our Guard and Reserve members who may have direct ties and long experience in high-tech industry," wrote Secretary of the Air Force Michael W. Wynne in a recent issue of the Air and Space Power Journal, an Air Force publication. "We must be prepared to defeat our enemies by using combined arms -- air, ground, sea, space, and cyber weapons systems."
Created out of a combat communications squadron in 2002, the 262nd was commissioned to carry out simulated cyberattacks within the Air Force. But the Air Force's determination to develop an offensive cyberwarfare capability has been well-known since December 2005, when the service formally revised its mission statement to announce that airmen and airwomen would henceforth "fly and fight in air, space and cyberspace."
The military's new focus on recruiting talent from high-tech companies raises a potential conflict of interest. Cisco's routers and switches are considered the nervous system of the internet worldwide. Microsoft and Adobe products are used by hundreds of millions across the planet, and have suffered from programming errors that make them vulnerable to attack -- which sometimes remain a secret inside the company for weeks or months before they're patched.
In the hands of an offensive cyberwar unit, advance knowledge of serious vulnerabilities could be devastating, says Robert Masse, a reformed hacker who founded Montreal-based computer security firm GoSecure. Cyberwarfare is "all about knowing exploits no one else knows about," says Masse. "You need the exploits to break in.... The people with the most exploits win."
Some countries -- notably
But the company is mum on whether it sees ethical problems in its engineers working part time for a military unit dedicated to hacking its products.
"Microsoft does not hold specifics about employees that are supporting the 262nd," says a Microsoft spokeswoman. "So to this end, there really is no comment on the types of work they are doing." Cisco and Adobe also declined to comment.
Cybersecurity expert Richard Forno, who runs infowarrior.org, praised the recruitment effort. "The whole idea of an offensive information warfare unit, particularly a computer network attack unit, is to build capabilities for possible exploitation down the road," says Forno. "It just so happens the
Guardsmen and reservists serve one weekend a month and two weeks a year, and are subject to being called to active or full-time duty for stints ranging from a handful of months to several years.
Even though the 262nd is named an "aggressor squadron," much of its work is defensive in nature, says Maj. Philip Osterli, a public information officer representing the unit.
"They do look at adversarial threat packages from all across the board," he says. "We do not have a charter allowing us to conduct CNA (computer network attacks)."
In addition to the 262nd, the Air National Guard draws from tech companies to staff the 177th Information Aggressor Squadron in
For this year's defense budget, Congress approved $800,000 for the planning and design of a new training and operations facility for the 262nd.
The Blogosphere for Killers
Tech-savvy terrorists use the Web for propaganda and incitement.
BY DANIEL HENNINGER
Thursday, July 12, 2007 12:01 a.m. EDT
Living as we do now afloat the incoming and outgoing tides of media, perhaps the aborted London and Glasgow car bombings of a fortnight ago are worth another thought before these attempted mass murders drift away on the sea of bad memories. What about those doctors? The apparent complicity of U.K.-resident Muslim physicians in the attempted murder of innocent British civilians had many in the West asking why. The short answer is that these trained M.D.s somehow convinced themselves that these British people didn't deserve to live--that it would be morally good to kill them. That's insane. Why would they think that?
The best answer I have seen in a long time is found in a new study of Islamic media propaganda by a research team from Radio Free Europe/Radio Liberty. "Iraqi Insurgent Media: The War of Images and Ideas" by Daniel Kimmage and Kathleen Ridolfo (with Radio Free Iraq correspondents, two of whom were abducted and murdered this year) is an astounding compilation of the high-tech methods being used by the insurgency in Iraq to propagate the ideology of the Islamic jihadist movement. This is the blogosphere for killers.
There is no more unchallenged verity in our times than that the World Wide Web, the Internet, is a boon to mankind. But as with nuclear or biological warfare, the Web is a dual-use technology. Technically adept Muslims, using out-of-the-box PC software and hardware, are outputting an electronic torrent of slick Web sites, discussion forums, videos, e-magazines and long-form movies, all with one purpose--to incite Muslims to join the jihad against the enemies of Islam in
As always with the Web, anything done in the analog past--the propaganda of World War II or the Cold War--can be ramped up exponentially by Islamic jihadists on the Internet. In March, at least 11 self-identified insurgency groups posted 966 "statements" on the Web about battles and engagements, looking much like those put out by the U.S. Army. Their casualty claims often have no basis in reality, but that's not the point. The point is to convince credulous minds in their world that they are a potent, thriving force.
Example: Over March 26-27 this year, a
The language is invariably religious. There's no effort here to appeal to nationalistic sentiment; thus, for a global audience, the Islamic argument becomes wholly religious. Those produced for Islamic State of Iraq/Al-Qaeda (primarily by the Al-Furqan Institute for Media Production) refer to "martyrdom-seeking operations."
Many of the sites offer graphically attractive texts explaining "Who We Are" or "Our Creed." The texts can be shared on the Internet via free upload and download services such as sendspace.com or archive.org, using Microsoft Word or Adobe Acrobat. There are downloadable, full-color e-magazines with opinion pieces and jihadist articles ("The Courage of a Boy"). The Mujahidin Shura Council regularly produces elaborately formatted, full-color "biographies of martyrs."
According to the RFE study's authors, the utility of the written word is well understood by the jihadists: "The written word everywhere remains the preferred medium of record and authority. . . . Texts are also the traditional medium of ideological discourse." Nearly all this material, incidentally is "branded" with the group's unique logo floating in the corner of the screen.
They often embed audio clips from jihadist leadership in the texts. Audio polemics and hate speech are commonplace across the Islamic Web. Or they'll include links to attack videos, as noted in the "Top 20" graphic nearby. "Top 20's" seven-minute compilation of 20 attacks on
A 28-minute film by Ansar al-Sunnah, "Just Vengeance," records the kidnapping, interrogation and execution of Shiite policemen. Another video of a suicide bomber's truck exploding reveals the centrality of distributable media: It was filmed from three different camera angles. Jihadist video comes in several file sizes: high resolution (up to 500 megabytes), medium (8 megabytes) or in highly compressed files for downloading to mobile phones, popular in PC-deficient Iraq. They enable free uploads of the videos via Windows Media Player, RealPlayer and DivX.
The reach of insurgent and jihadist propaganda increases exponentially when it is picked up by Arab TV--Al-Jazeera, of course, or the Al-Rafidayn satellite channel in Cairo or even the Iraqi Al-Zawra, which claims to be operating from a satellite truck in Iraq.
In an interview this week, RFE's Mr. Kimmage said they have presented the media study to both the House and Senate intelligence committees and to government national security agencies. Reactions range from "wow" to "we already know all that." In any event, what would they do? This is propaganda on an unprecedented scale.
If you are a young Muslim male, even a doctor, with a PC in Egypt, the Gulf states, Somalia, Morocco or Glasgow, as always with the Web you are marinating your mind in its content, and the content here is homicide on a mass scale. The answer--technical or political--is not obvious to me. But the one unacceptable answer is doing nothing.
Mr. Henninger is deputy editor of The Wall Street Journal's editorial page. His column appears Thursdays in the Journal and on OpinionJournal.com.