Tom Olzak

Posts Tagged ‘Cyber-warfare’

MIT Report Troubling

In Business Continuity, China, Cyber-warfare, Government, Risk Management on March 1, 2013 at 18:17

In a recent report (MIT Report: U.S. Manufacturing Hits a Wall When It’s Time to Scale), Curt Woodward writes that a group of MIT researchers discovered an almost impassable chasm when looking for investment dollars.  The investment dollars were for needed for 150 production companies wanting to move to full-scale production, and they were only available from foreign investors or if moved off-shore.

Why is this a security issue?  Because it has been clear for a long time that no one wants to build manufacturing plants in the US.  I’m not talking about steel mills; rather, the 150 companies (many started or supported by MIT students, professors, etc.) focused primarily on hi-tech products.  Just what we need… move all hi-tech production–the kind of production that is crucial to our economy and our national security–off-shore or make it vulnerable to the whims of foreign investors.

I don’t care whose fault this is; we spend far too much time in this country pointing fingers when we should be sitting down together to solve problems.  China is laughing is collective butt off as it steals our intellectual property and increasing builds our technology.  I just don’t think it’s that funny…

YAWN!!!!

In Application Security, Business Continuity, Cyber Espionage, Cyber-warfare, Cybercrime, Government, Network Security, Regulation, Security Management on February 10, 2013 at 19:44

Another article from AP today about the U.S. vulnerability to cyber attacks.  No longer news, this kind of information is simply depressing.  Mike Rogers, a member of the House of Representatives, believes that 95% “of private sector networks are vulnerable and most have already been hit.”  Maybe, but nowhere does the article offer actual statistics or source research.  Further, no mention is made of the porous security protecting government agencies.  Figures…

Rogers contends that all the government has to do is share classified threat information and all will be well.  What is he smoking?  Everyone already knows what is needed to protect our national infrastructure.  This looks like a good copout by Republicans: protecting business by doing something useless while convincing the gullible they are doing something worthwhile.  Compromising national security isn’t necessary; all we have to do is start forcing the slackers to meet minimal security requirements.  The Feds should start with their own minimal security guidelines included in FIPS PUB 200.

In my opinion, this grandstanding by legislators needing another law passed to prove their value (God knows something has to) is not helpful.  What is helpful is applying meaningful efforts to identify weaknesses–can anyone say public utilities–and apply the necessary pressure to remove them.  This must happen without whining about cost to affected businesses and industries.  My MBA helps be understand the business side, but my common sense and sense of insecurity drive me to scream, “ENOUGH!!”

The Picture Says It All

In China, Cyber Espionage, Cyber-warfare, Government on March 29, 2009 at 11:44

Once again, the Chinese have been caught with their hands in other people’s computers.

Canadian researchers have revealed an extensive Chinese spying operation, which involved the hacking of over 1000 computers in 103 countries, according to reports in several leading newspapers today.

The new report from the Information Warfare Monitor, a group comprising researchers from Ottawa-based think tank SecDev Group and the University of Toronto’s Munk Centre for International Studies, was originally set up to investigate allegations of Chinese snooping on Tibetan exiles.

Source: Massive Chinese cyber hack revealed, Phil Muncaster, vnunet.com, 29 March 2009

This shouldn’t be a surprise to anyone following the exploits of the Chinese in cyberspace over the past few years.  And I imagine the Chinese government’s response will be the same as in the past, a response characterized by the image below (from the Muncaster article, caption is mine).

The 3 Monkeys Approach to Chinese Deniability

The 3 Monkeys Approach to Chinese Deniability

Maybe we should use the threat of space aliens next

In Business Continuity, Cyber Terrorism, Risk Management on March 14, 2009 at 04:00

I read a shload of feeds every day, and the one thing I can always count on is reading some of the old tired assertions over, and over, and over…  Take, for example, the following:

Traditional security systems may be ineffective and become obsolete in warding off Web attacks launched by countries, according to Val Smith, founder of Attack Research. New attack trends include blog spam and SQL injections from Russia and China, Smith said during his talk at the Source Boston Security Showcase on Friday.

“Client-side attacks are where the paradigm is going,” Smith said. “Monolithic security systems no longer work.”

Hackers use Web browsers as exploitation tools to spread malware and collect sensitive information. Smith used examples from clients of his company, which analyzes and researches computer attacks, to demonstrate the threat posed by blog spam and SQL attacks.

Source: Foreign Web Attacks Change Security Paradigm, Fred O’Connor, CIO, 13 March 2009

Read the rest of this entry »

%d bloggers like this: