Wednesday, November 18, 2009

US and Chinese National cyberwar postures

Two fairly thorough analyses came out recently. One from National Journal Magazine describing the US cyberwar plan. Much of it repeats things heard in various places, but I hadn't seen one with the level of depth/coverage in one place (particularly the emphasis on the telecommunications aspect), and it was better written then much of the earlier work. I do have to take exception to the comment: "Mostly younger officers, who received their early combat education through video games and Dungeons & Dragons, wage these battles". I'm known plenty of commercial industry hackers and government officers and not necessarily a whole lot of D&D out there... nor is that even remotely relevant. Video games definitely, both prevalent in the industry and relevant if they are trying to make the point that GenX and later grew up with video games/PCs in the home and are more comfortable in the domain then many of their senior counterparts.

The second report is titled: "Capability of the People’s Republic of China to Conduct Cyber Warfare and Computer Network Exploitation" and was prepared for The US-China Economic and Security Review Commission. Again, it's an unclassified report describing what is available via open source collection, similar to James Mulvenon and other individuals work on the topic. I saw James brief some government people and he's got an interesting take on what's going on and has done his legwork. The Northrop Grumman report is definitely worth reading, it updates prior work to 2009 and includes some good depth in a few areas. I worked with George Bakos (one of the two SMEs) when he was at Dartmouth, he's a technically sharp guy who adds some credibility to their work.

Monday, November 9, 2009

Cyberwar: Power Grid, network attacks and supply chain

60 Minutes has an interesting video segment on cyberwarfare, particularly a focus on the electrical power grid and some discussion of network compromises at CENTCOM and supply chain vulnerabilities:  The report is based predominantly on an interview with Booz Allen Hamilton's Mike McConnell, who was until recently the DNI. (Director of National Intelligence).

You can read the text of the article here

Most interesting was the discussion of actual attacks. Particularly the attacks against Brazil that brought down their power grid for a while and the compromise of CENTCOM.

Another article came out today about the process of securing the supply chain

You can see the agenda of recently concluded 2009 session of the US working group trying to address the power grid/SCADA vulnerabilities online:  A number of people I know were participating or presenting there... the problem is being looked at, but is also far from solved.

The Aurora story and mentioned video can be seen at CNN among other places.

The "senior government intelligence official" that 60 minutes refers to is presumably Tom Donahue (CIA) and his comments presented at a SANS conference.

Update: Interesting response to the 60 minutes story (and the Tom Donahue one) where the author's believe it's all rumors, not true, and government motivated power grab. I don't buy the Errata rebuttal (he claims HE could easily bring down the power grid, but obviously all these other times must be false examples) but good reminder that rumors, even told 6+ times are still rumors.