Welcome!

Linux Containers Authors: Elizabeth White, Cloud Best Practices Network, Yeshim Deniz, Liz McMillan, Harry Trott

Blog Feed Post

A Storify Dialog on Cyber Hurricane Katrina

By

Editor’s note: What follows is extracted from a storify post . This is a first post in this format for the CTOvision blog. Let us know what you think  on any aspect of this, including format in your browser, format in your newsletters and of course content- bg.

The Foreign Policy Research Institute recently held a webinar on Why “Cyber Pearl Harbor” Won’t Be Like Pearl Harbor At All…

I listened in.

First: I expressed some skepticism at the flashy premise of the webinar, as WWII metaphors are a tad overdone in security circles

The webinar opened with a lecture/powerpoint by Edward Turzanksi, whose name I finally got right on the 10th try. He started describing in some detail the different direct impacts of Pearl Harbor & 9/11, and of US immediate response…

…then immediately broke from the flashy title to point out that cyber is very different from conventional war.

The answer to why Cyber isn’t just signals intelligence? Cyber can directly attack infrastructure, not just communications.

a bit unfair of me here.^ Cyber attacks, as described for this presentation, have a political goal. Criminal networks don’t; disruptive though they may be, they are less about attacking states and instead focus on being left alone by them.

Using carpet bombing to describe cyber will always be a stretch, but the actual point of infrastructure being targeted at war holds.

the book described above? Unrestricted Warfare, published in 1999 but featuring a very misleading cover depicting the 9/11 attacks.

Of course, STUXNET itself played with gradual disruption, but the way this was described reminded me of nothing so much as this.

that clip? Children stomping bugs from Starship Troopers. Turzanski actually recommended stomping unknown flash drives as a way to stop them creating/exploiting vulnerabilities. I recommend we term this “boot-gapping.”

Shamoon was targeted specifically at Aramco, and was apparently the work of amateurs.

Husick addressed this later, noting that the invisible hand is really bad at addressing vulnerabilities present in the commons.

The actual problem here was not Windows software itself, which can update and be corrected, but that pirated/unlicensed Windows systems are paygapped from those updates despite those unauthorized copies being, according to Turzanski, 40% of operating systems. Here is a direct example of private sector poorly correcting a vulnerability opened up in the commons.

That above link is to a piece written for CTOVision, about how old-fashioned detective work, human intelligence, and boots on the ground caught a hacker who hid himself well online. Boots & detectives aren’t a quality we usually think of for countering cyber, but they absolutely should be.

The possibility of Estonia invoking NATO Article V for a cyber attack was brought up. Estonia has a stronger claim to this than most – incredibly tech-dependent and was clearly under a coordinated cyber attack. But incredibly unlikely anyone will start a shooting war over it, which calls into the question of cyberwar as a concept itself.

as a post-K New Orleans resident for four years, this metaphor seemed to match what I learned of people’s experience: misplaced investment, clear vulnerabilities shoved just a bit too hard, and then a long slow rebuilding in the directly-damaged area with unclear revision to response capability or actual resilience. A clear failure, but a contained failure.

That was not the actual answer. I paraphrased for space constraints, but the gist was the same.

Here an example was given of a 2003 rail failure, as one freight company linked it’s operational control computers to the internet proper and subsequently suffered a malware attack that left them blind, stranding all trains east of the Rockies for I believe he said 13 hours.

Redteaming: it works.

Maybe bootgapping is a viable strategy?Next we went to the Q & A, which was surprisingly infomative, despite it being a Q & A session.

Also mentioned in the response above was a modified nuke designed to EMP. Either would destroy solid-state drives, making it a destructive attack for which kinetics are a perfectly appropriate response, but also outside the realm of cyber security proper. This seems like the fundamental problem with terming Cyber things cyberwar – when they clearly cause war-like damage, that’s just war. When they don’t, they are crime or covert action. “Cyberwar” seems to be so thin a line that it is nonexistent.

Besides responding with overwhelming force, Farraday cages are a way to protect something from an EMP. Here’s instructions on a DIY version.

As a category, dark web is just what can’t be found conventionally online. In the above context, it refers to internet channels that won’t be effected if something like Google goes down.

The tragedy of the cyber commons was alluded to earlier – it makes little economic sense for anyone using the commons to devote resources to securing it from cyber attacks, and is especially unlikely for everyone to do so at once. (The second part of that tweet? Academia tangent: Mark Vail was a former professor of mine, whose work focused a lot on how European welfare states sought to solve the problems of the commons)

This lack of motivation to fix the problem is perhaps the best reason to start using “Cyber Hurricane Katrina” instead of “Cyber Pearl Harbor.”

It’s really, really hard to negotiate an arms treaty (of sorts) or a rule of battlefield ethics (which is what this would be) when the arms are rapidly evolving, can be designed and wielded by nonstate actors, and the actual battlespace is as broadly defined as any computer that could potentially be exposed to an attack. Compounding this are nations justifiably wanting to develop weapons in secret. My guess for a Cyber Geneva Convention? Only after a major problem reveals them to be both deadlier and less useful than anyone wants, like post-WWI chemical weapons.

Husick specifically mentioned that Saudi would label Pat Robertson’s website itself a work of cyber war. Layer that on top of the problems already expounded above, and Cyber Geneva Convention seems nigh-impossible.

Here we should be looking at cyber as covert action/spycraft/crime, where the channels of communication are important to maintain. The follow-up to this was that the US might expect cyber attacks on our allies, as China is less worried about severing economic ties with them. And, yes, the continued ability to steal US intellectual property was given as a reason for why China would not cyber-attack the US.

This led really well into the next point – STUXNET was able to disrupt Iranian centrifuges in a way that made Iran question it’s own equipment until they figured out, months and months and months later and after actually sitting around watching the centrifuges, that it was a virus at work.

Point referenced here is one from Gartenstein-Ross’s book Bin Laden’s Legacy, and very subtly illustrated by the burning dollar bill on the cover. An attack that yields a massively disproportionate expenditure in response is one that has succeeded in causing economic harm, whatever else it’s objective.

Read the original blog entry...

More Stories By Bob Gourley

Bob Gourley writes on enterprise IT. He is a founder and partner at Cognitio Corp and publsher of CTOvision.com

@ThingsExpo Stories
Web Real-Time Communication APIs have quickly revolutionized what browsers are capable of. In addition to video and audio streams, we can now bi-directionally send arbitrary data over WebRTC's PeerConnection Data Channels. With the advent of Progressive Web Apps and new hardware APIs such as WebBluetooh and WebUSB, we can finally enable users to stitch together the Internet of Things directly from their browsers while communicating privately and securely in a decentralized way.
"Matrix is an ambitious open standard and implementation that's set up to break down the fragmentation problems that exist in IP messaging and VoIP communication," explained John Woolf, Technical Evangelist at Matrix, in this SYS-CON.tv interview at @ThingsExpo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
"A lot of times people will come to us and have a very diverse set of requirements or very customized need and we'll help them to implement it in a fashion that you can't just buy off of the shelf," explained Nick Rose, CTO of Enzu, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
Web Real-Time Communication APIs have quickly revolutionized what browsers are capable of. In addition to video and audio streams, we can now bi-directionally send arbitrary data over WebRTC's PeerConnection Data Channels. With the advent of Progressive Web Apps and new hardware APIs such as WebBluetooh and WebUSB, we can finally enable users to stitch together the Internet of Things directly from their browsers while communicating privately and securely in a decentralized way.
Who are you? How do you introduce yourself? Do you use a name, or do you greet a friend by the last four digits of his social security number? Assuming you don’t, why are we content to associate our identity with 10 random digits assigned by our phone company? Identity is an issue that affects everyone, but as individuals we don’t spend a lot of time thinking about it. In his session at @ThingsExpo, Ben Klang, Founder & President of Mojo Lingo, discussed the impact of technology on identity. Sho...
"Operations is sort of the maturation of cloud utilization and the move to the cloud," explained Steve Anderson, Product Manager for BMC’s Cloud Lifecycle Management, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
"I think that everyone recognizes that for IoT to really realize its full potential and value that it is about creating ecosystems and marketplaces and that no single vendor is able to support what is required," explained Esmeralda Swartz, VP, Marketing Enterprise and Cloud at Ericsson, in this SYS-CON.tv interview at @ThingsExpo, held June 7-9, 2016, at the Javits Center in New York City, NY.
The buzz continues for cloud, data analytics and the Internet of Things (IoT) and their collective impact across all industries. But a new conversation is emerging - how do companies use industry disruption and technology enablers to lead in markets undergoing change, uncertainty and ambiguity? Organizations of all sizes need to evolve and transform, often under massive pressure, as industry lines blur and merge and traditional business models are assaulted and turned upside down. In this new da...
Bert Loomis was a visionary. This general session will highlight how Bert Loomis and people like him inspire us to build great things with small inventions. In their general session at 19th Cloud Expo, Harold Hannon, Architect at IBM Bluemix, and Michael O'Neill, Strategic Business Development at Nvidia, discussed the accelerating pace of AI development and how IBM Cloud and NVIDIA are partnering to bring AI capabilities to "every day," on-demand. They also reviewed two "free infrastructure" pr...
With major technology companies and startups seriously embracing IoT strategies, now is the perfect time to attend @ThingsExpo 2016 in New York. Learn what is going on, contribute to the discussions, and ensure that your enterprise is as "IoT-Ready" as it can be! Internet of @ThingsExpo, taking place June 6-8, 2017, at the Javits Center in New York City, New York, is co-located with 20th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry p...
It is one thing to build single industrial IoT applications, but what will it take to build the Smart Cities and truly society changing applications of the future? The technology won’t be the problem, it will be the number of parties that need to work together and be aligned in their motivation to succeed. In his Day 2 Keynote at @ThingsExpo, Henrik Kenani Dahlgren, Portfolio Marketing Manager at Ericsson, discussed how to plan to cooperate, partner, and form lasting all-star teams to change the...
SYS-CON Events announced today that delaPlex will exhibit at SYS-CON's @CloudExpo, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. delaPlex pioneered Software Development as a Service (SDaaS), which provides scalable resources to build, test, and deploy software. It’s a fast and more reliable way to develop a new product or expand your in-house team.
SYS-CON Events announced today that IoT Now has been named “Media Sponsor” of SYS-CON's 20th International Cloud Expo, which will take place on June 6–8, 2017, at the Javits Center in New York City, NY. IoT Now explores the evolving opportunities and challenges facing CSPs, and it passes on some lessons learned from those who have taken the first steps in next-gen IoT services.
The explosion of new web/cloud/IoT-based applications and the data they generate are transforming our world right before our eyes. In this rush to adopt these new technologies, organizations are often ignoring fundamental questions concerning who owns the data and failing to ask for permission to conduct invasive surveillance of their customers. Organizations that are not transparent about how their systems gather data telemetry without offering shared data ownership risk product rejection, regu...
SYS-CON Events announced today that WineSOFT will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Based in Seoul and Irvine, WineSOFT is an innovative software house focusing on internet infrastructure solutions. The venture started as a bootstrap start-up in 2010 by focusing on making the internet faster and more powerful. WineSOFT’s knowledge is based on the expertise of TCP/IP, VPN, SSL, peer-to-peer, mob...
The Internet of Things can drive efficiency for airlines and airports. In their session at @ThingsExpo, Shyam Varan Nath, Principal Architect with GE, and Sudip Majumder, senior director of development at Oracle, discussed the technical details of the connected airline baggage and related social media solutions. These IoT applications will enhance travelers' journey experience and drive efficiency for the airlines and the airports.
With billions of sensors deployed worldwide, the amount of machine-generated data will soon exceed what our networks can handle. But consumers and businesses will expect seamless experiences and real-time responsiveness. What does this mean for IoT devices and the infrastructure that supports them? More of the data will need to be handled at - or closer to - the devices themselves.
SYS-CON Events announced today that Dataloop.IO, an innovator in cloud IT-monitoring whose products help organizations save time and money, has been named “Bronze Sponsor” of SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Dataloop.IO is an emerging software company on the cutting edge of major IT-infrastructure trends including cloud computing and microservices. The company, founded in the UK but now based in San Fran...
Big Data, cloud, analytics, contextual information, wearable tech, sensors, mobility, and WebRTC: together, these advances have created a perfect storm of technologies that are disrupting and transforming classic communications models and ecosystems. In his session at @ThingsExpo, Erik Perotti, Senior Manager of New Ventures on Plantronics’ Innovation team, provided an overview of this technological shift, including associated business and consumer communications impacts, and opportunities it m...
In his keynote at @ThingsExpo, Chris Matthieu, Director of IoT Engineering at Citrix and co-founder and CTO of Octoblu, focused on building an IoT platform and company. He provided a behind-the-scenes look at Octoblu’s platform, business, and pivots along the way (including the Citrix acquisition of Octoblu).