Public Intelligence

A document detailing investigative tools and materials utilized by the FBI when conducting cyber investigations. The document was distributed by the Oklahoma Bankers Association after being provided by a local branch of the FBI Cyber Division.

A presentation on recent cyber attacks on the U.S. financial industry included in a collection of documents provided to banks and financial institutions by a local branch of the FBI Cyber Division office and distributed by the Oklahoma Bankers Association.

Threats posed by cyber-attacks on computer networks and the Internet are escalating from large-scale theft of data and strikes designed to disrupt computer operations to more lethal attacks that destroy entire systems and physical equipment. “That’s our concern about what’s coming in cyberspace — a destructive element,” Gen. Alexander, who is also the director of the National Security Agency, the electronic spying agency, said in a speech at a conference on cyberwarfare. Gen. Alexander said two cases illustrate what could happen in an attack.

U.S. District Court of Northern California indictment of sixteen people filed July 13, 2011 in connection with Anonymous DDoS attacks on PayPal.

The United States may seriously want to consider creating a new Internet infrastructure to reduce the threat of cyberattacks, said Michael Hayden, President George W. Bush’s CIA director. Several current federal officials, including U.S. Cyber Command chief Gen. Keith Alexander, also have floated the concept of a “.secure” network for critical services such as banking that would be walled off from the public Web. Unlike .com, .xxx and other new domains now proliferating the Internet, .secure would require visitors to use certified credentials for entry and would do away with users’ Fourth Amendment rights to privacy. Network operators in the financial sector, for example, would be authorized to scan account holders’ traffic content for signs of trouble. The current Internet setup would remain intact for people who prefer to stay anonymous on the Web.

The Pentagon has developed a list of cyber-weapons and -tools, including viruses that can sabotage an adversary’s critical networks, to streamline how the United States engages in computer warfare. The classified list of capabilities has been in use for several months and has been approved by other agencies, including the CIA, said military officials who spoke on the condition of anonymity to describe a sensitive program. The list forms part of the Pentagon’s set of approved weapons or “fires” that can be employed against an enemy. “So whether it’s a tank, an M-16 or a computer virus, it’s going to follow the same rules so that we can understand how to employ it, when you can use it, when you can’t, what you can and can’t use,” a senior military official said.

The US has given the broadest hint yet that a cyber-attack on one Nato country will be regarded as an attack on all. It is a potentially dangerous development, as cyber-attacks are increasingly common, with the Pentagon reporting millions of probes a day and actions by more than 100 foreign intelligence agencies. In 2007, Estonia was almost crippled by a cyber-attack thought to originate in Russia. At the time, Estonia, a member of Nato, said it did not know if the alliance covered cyber-attacks, and the US, Britain and others danced round the issue. The development is contained in a report by the Obama administration, International Strategy for Cyberspace, in which the US for the first time sets out a strategy for dealing with the expansion of the internet and what it describes as “arbitrary and malicious disruption”. It notes the growing threats by individual hackers, companies and hostile states, and offers broad proposals on how to tackle these.

Digital infrastructure is increasingly the backbone of prosperous economies, vigorous research communities, strong militaries, transparent governments, and free societies. As never before, information technology is fostering transnational dialogue and facilitating the global flow of goods and services. These social and trade links have become indispensable to our daily lives. Critical life-sustaining infrastructures that deliver electricity and water, control air traffic, and support our financial system all depend on networked information systems. Governments are now able to streamline the provision of essential services through eGovernment initiatives. Social and political movements rely on the Internet to enable new and more expansive forms of organization and action. The reach of networked technology is pervasive and global. For all nations, the underlying digital infrastructure is or will soon become a national asset.

HBGary Northern California Infragard “Anatomy of a Cyber Terrorist Attack on the Nation’s Hospital Infrastructure” from October 19, 2010.

The U.S. government has launched a full-scale simulated cyberattack to gauge how the country might fare in the real thing. Sponsored by the Department of Homeland Security, Cyber Storm III kicked off yesterday for a three-day series of simulated events designed to exploit holes in the nation’s cybersecurity system. Specifically, the exercise will “inject” more than 1,500 different types of threats to examine the ability of the people involved to prepare for cyberattacks, make the correct decisions to respond to them, and share sensitive information with the right parties.

This paper presents a comprehensive open source assessment of China’s capability to conduct computer network operations (CNO) both during peacetime and periods of conflict. The result will hopefully serve as useful reference to policymakers, China specialists, and information operations professionals.

Opening Statements
▼Never before has it been possible for one person to potentially affect an entire Nation‟s security.
▼In 1999 (10 years ago), two Chinese Colonels published a book called “Unrestricted Warfare” that advocated “not fighting” the U.S. directly, but “understanding and employing the principle of asymmetry correctly to allow us [the Chinese] always to find and exploit an enemy’s soft spots.”
▼The idea that a less-capable foe can take on a militarily superior opponent also aligns with the views of the ancient Chinese general, Sun Tzu. In his book “The Art of War,” the strategist advocates stealth, deceptionand indirect attackto overcome a stronger opponent in battle.

The Obama administration’s top intelligence officials on Tuesday described it as “certain” that al-Qaeda or its allies will try to attack the United States in the next six months, and they called for new flexibility in how U.S. officials detain and question terrorist suspects. The officials, testifying before the Senate intelligence committee, also warned of increased risk of cyber-attacks in the coming months, saying that therecent China-based hacking of Google’s computers was both a “wake-up call” and a forerunner to future strikes aimed at businesses or intended to cause economic disruption.
“Al-Qaeda maintains its intent to attack the homeland — preferably with a large-scale operation that would cause mass casualties, harm the U.S. economy or both,” Director of National Intelligence Dennis C. Blair told the committee in a hearing convened to assess threats against the country.

Google threatened late Tuesday to pull out of its operations in China after it said it had uncovered a massive cyber attack on its computers that originated there. As a result, the company said, it would no longer agree to censor its search engine in China and may exit the country altogether. Google said that a primary goal of the attackers was accessing the Gmail accounts of Chinese human right activists, but that the attack also targeted 20 other large companies in the finance, technology, media and chemical sectors. In a blog posting by David Drummond, the corporate development and chief legal officer, Google said that it had found a “highly sophisticated and targeted attack on our corporate infrastructure originating from China.”

The National Cyber Security Division (NCSD) United States Computer Emergency Readiness Team (US-CERT) is a partnership between the Department of Homeland Security (DHS) and the public and private sectors. Established in 2003 to protect the nation’s internet infrastructure, US-CERT coordinates defense against and responses to cyber attacks across the nation. The organization interacts with federal agencies, state and local governments, industry professionals, and others to improve information sharing and incident response coordination and to reduce cyber threats and vulnerabilities.

A wave of cyberattacks aimed at 27 American and South Korean government agencies and commercial Web sites temporarily jammed more than a third of them over the past five days, and several sites in South Korea came under renewed attack on Thursday. The latest bout of attacks, which affected service on one government and six commercial Web sites in South Korea, was relatively minor, and all but two of the sites were fully functional within a few hours, said an official from the state-run Korea Communications Commission.