Deputy Secretary of Defense Lynn had a very informative presentation on Cybersecurity at the recent Council on Foreign Relations in New York City. He talked about the creation of cyber command, allied collaboration, cyber attack vectors, active defense and the current hurdles that the US is facing in cyberwar.
Secretary Lynn explains that the internet was not created with security in mind and that we live in a world where effective malware is about 175 lines of code compared to the millions of lines of the latest security programs. And a keystroke can travel around the world two times in the same time it takes you to wink. But the forensics of finding the source of the attack can take months or even years.
After the initial speech, Secretary Lynn enters into a very interesting question and answer section that is well worth hearing. One question that Secretary Lynn was asked was about the source of the 2008 USB attack against the US military, if we narrowed it down. Secretary Lynn answered saying that we did narrow it down and it was a foreign intelligence agency. He was then asked if he knew which one, in which Secretary Lynn answered, “We did figure it out, yes.”
It will be interesting how long it will take to find out who created Stuxnet, but like the 2008 attacks, the source may never be released to the general public.
Other Cybersecurity News from around the Net:
Army establishes Army Cyber Command
“Today is a historic day for the Army, Department of Defense and the nation,” Hernandez said during the ceremony. “Today, Army Cyber Command assumes the cyber mission and brings unprecedented unity of effort and synchronization of all Army forces operating within cyberspace.”
24th Air Force achieves full operational capability
The commander of Air Force Space Command declared full operational capability for 24th Air Force Oct. 1.
Lynn: Cyberwarfare Extends Scope of Conflict
Cyberdefenses need to be active, Lynn said. While computer hygiene and perimeter defenses will catch and stop about 80 percent of cyberthreats, he said, the final 20 percent need active defenses. So, DOD needs tools that search and hunt down cyberthreats inside networks, he added.
Obama Proclaims Cybersecurity Awareness Month
October is National Cybersecurity Awareness Month, and in a proclamation released today, Obama said all Americans must understand they have a responsibility to secure cyber networks.
Stop. Think. Create a Better DHS Cybersecurity Slogan
The Department of Homeland Security kicked off its new computer security campaign on Monday as part of National Cyber Security Awareness month. The campaign is called “Stop. Think. Connect.” Computer security is a nice thing and having more of it is good, but “Stop. Think. Connect.” easily counts as one of the most useless slogans ever created.
Online Voting System Pwned by Michigan Wolverines
After election officials in Washington, D.C., egged on hackers to have a go at their new internet voting system, they did just that. The result was Michigan’s fight song “Hail to the Victors” played to voters after they cast their ballots.
Iran nuclear plant shutdown due to ‘leak’
Delays in bringing Iran’s nuclear plant online at Bushehr are due to a “small leak” and nothing to do with the infamous Stuxnet worm, according to the country’s energy minister.
Iran arrests Stuxnet ‘spies’ who hit atomic work
Without saying how many people were arrested or when, Heydar Moslehi was quoted on state television’s website as saying Iran had “prevented the enemies’ destructive activity.”
Did The Stuxnet Worm Kill India’s INSAT-4B Satellite?
India’s Space Research Organization is a Siemens customer. According to the resumes of two former engineers who worked at the ISRO’s Liquid Propulsion Systems Centre, the Siemens software in use is Siemens S7-400 PLC and SIMATIC WinCC, both of which will activate the Stuxnet worm.
China hosting cybersecurity conference
Top cybersecurity analysts gathered in Beijing Wednesday for a two-day conference focusing on improving Internet security, a Chinese security society says.
Obama Wants to Wiretap the Internet
The Obama administration is drafting legislation to expand wiretap authority to intercept all Facebook, BlackBerry and Skype communications.