CyberArms is Back! Security News, Book Reviews and More

I’ve been out of town for almost two months sans internet and had a long time to think about this blog, among other things. So I figured it was well and about time to kick some new life into it and get it spun up again.

Yes!

I haven’t posted on CyberArms consistently for a long time, yet I still amazed at the constant flood of visitors that still check in every day. So, I have decided to begin posting regularly again. Yup, security news, computer tips and even some cool military stuff!

New Ethical Hacking Book!

Though I haven’t been posting, I have been fairly busy on other projects. The biggest one is the release of my new book, “Basic Security Testing with Kali Linux“:

Basic Security Testing with Kali Linux

Over 300 pages packed full with hands-on step by step Ethical Hacking tutorials. An E-Book version will be out later this week!

Navy Base Visit

During my two month “vacation”, I was able to visit one of our top Navy bases. I met some great people, got to see numerous Naval Warships and even got a tour of a Super Carrier!

I also watched the movie “Lone Survivor” on the base. It was a powerful movie, and watching it surrounded by our men and women in the Navy was an experience that I will never forget.

Vice Adm. Rogers Cyber Command Nomination

I was delighted to hear that Vice Admiral Michael Rogers was nominated to be the future leader of both Cyber Command and the NSA. I have had the honor of meeting Vice Adm. Rogers and his wife at a Navy function (non-cybersecurity related) a few years ago.

He was down to Earth, professional, competent and truly seems to be a man of integrity.

I cannot think of a man more qualified to man the helm of our nations Cyber War and Signals Intelligence forces.

Books

I was able to catch up on some reading during my vacation too. Here are two of my favorites:

Information Warfare” is an older book by Winn Schwartau, the Second Edition was published in 1996! I was reading a computer book about 20 years old, yet the content and information still seems very pertinent today.

Bravo Two Zero” is a first hand account of a British SAS unit in Iraq during the First Gulf War that evolved into one of the longest Escape and Evasion treks in history. If you liked the movie Lone Survivor, you will love this book.

Coming Soon

Security news & tutorials, military news, computer tips and some news on more upcoming books.

Stay tuned!

 

Destructive Cyber Attacks, the NSA and Personal Privacy

What I think we really need to be concerned about is when these transition from disruptive to destructive attacks — and I think those are coming.” Gen. Keith B. Alexander (Director of the NSA and commander of US Cybercomand) said at the American Enterprise Institute on Monday.

The US is the largest user of online technology and as Gen Alexander said, “we are the most vulnerable and we need to do something about it.

But as concerns of terrorists attacks and cyber attacks that could affect public infrastructure flood the media, many are concerned that civil liberties will be effected. In March, Wired.com had an article on the NSA’s new $2 Billion dollar “Data Center”.

According to the article:

Flowing through its servers and routers and stored in near-bottomless databases will be all forms of communication, including the complete contents of private emails, cell phone calls, and Google searches, as well as all sorts of personal data trails—parking receipts, travel itineraries, bookstore purchases, and other digital “pocket litter.”

If the NSA is gathering all of this information, is public privacy at risk, and why does the NSA need all of this information?

“If the critical infrastructure community is being attacked by something, we need them to tell us at network speed,” the General said. “It doesn’t require the government to read their mail or your mail to do that. It requires them — the Internet service provider or that company — to tell us that that type of event is going on at this time. And it has to be at network speed if you’re going to stop it.”

The government is not interested in reading our e-mail sent to our great grandma, nor our FarmVille usage. They are looking for attack signatures – “We’re not talking about giving our personal e-mails to the government.” The agency wants only attack signatures and IP addresses. “It doesn’t require reading the e-mail,” Gen. Alexander said.

And according to his speech, the NSA does not even store civilian messages:

We don’t hold data on U.S. citizens,” he said. He said his agency does not have the resources to deal with the estimated 30 trillion e-mails sent every year and that it is focused on gathering foreign intelligence. “That’s what NSA does“.

But many are still concerned, especially with numerous government agencies involved with fighting cyber threats. Agencies that include the NSA, FBI, and the Department of Homeland security. Add this to the ever increasing volume of cyber threats and it would seem that the concerns are very much warranted.

Rest assured though, Gen. Alexander is well aware of this and feels that the US can protect both our personal privacy and our critical infrastructure – “We can protect civil liberties and privacy, and cybersecurity.”

An Anatomy of US Cyber Command

United States Cyber Command (USCYBERCOM) is America’s answer to cyber warfare, but who are they and what groups make this elite team up?

Mission Statement

USCYBERCOM plans, coordinates, integrates, synchronizes and conducts activities to: direct the operations and defense of specified Department of Defense information networks and; prepare to, and when directed, conduct full spectrum military cyberspace operations in order to enable actions in all domains, ensure US/Allied freedom of action in cyberspace and deny the same to our adversaries.” – 9ec4c12949a4f31474f299058ce2b22a

The Backbone

When you think of USCYBERCOM, the Air Force comes to mind immediately. Since the beginning, the Air Force has been a driving force behind US Cyber War. But there is another group that is more responsible for the creation of USCYBERCOM and actually forms the Command’s backbone. According to Richard A. Clarke’s book “Cyber War: The Next Threat to National Security and What to Do About It”, this shadowy group had already fully infiltrated foreign Internet infrastructure before the command even existed.

We will take a quick look at the military groups involved in USCYBERCOM and finally learn about the shadow group behind it all.

The Units

Cyber Command is a part of the US Strategic Command and each of the four major military branches are represented and are led by General Keith B. Alexander. The units consist of:

Air Force Cyber Command

The 24th Air Force consists of the 67th Network Warfare Wing, the 688th Information Operations Wing, and the 689th Combat Communications Wing. The 67th is of most interest here. They are the wing responsible for network defense, attack and exploitation.

Navy Fleet Cyber Command

The “Phantom” Fleet, or 10th Fleet coordinated and supervised all Navy Anti-Submarine Warfare in WWII. Originally the unit consisted of no ships, never put to sea, and had about 50 intelligence operators. The fleet was disbanded after WWII but was re-activated in January of 2010 as the U.S. Fleet Cyber Command/U.S. Tenth Fleet.

Their mission is to “execute the full spectrum of cyber, electronic warfare, information operations and signal intelligence capabilities and missions across the cyber, electromagnetic and space domains.” Navy Cyber Command is led by Vice Admiral Michael Rogers. I had the absolute honor of meeting Vice Adm. Rogers at a recent military event and he is an exceptional person.

Marine Corps Cyber Command

Marine Forces Cyber Command (MARFORCYBER) originally consisted of about 800 personnel tasked with the job of protecting Marine Corps cyber space.

Army Cyber Command

The new guys on the block, Army Cyber Command, Second Army was activated in 2010, and has over 20,000 personnel tasked with defending Army systems from cyber-attack. Army Cyber Command consists of the 9th signal command, 1st Information Operations Command, and the U.S. Intelligence and Security Command.

NSA

The “Backbone” of Cyber Command. The NSA is the shadowy cryptologic intelligence organization that could just be the driving force or more accurately stated, the reason, for the creation of US Cyber Command. It all began with the “Title 50 verses Title 10” battle. The NSA already had strong communications surveillance & cyber capabilities and many thought that they should be US Cyber Command. But according to Richard Clarke’s book, some in the military brought up the fact that the NSA is technically a civilian organization and could not legally fight wars. Under Title 10, the NSA is restricted to gathering information only and cannot participate in battle.

Thus instead of re-creating the wheel, the Director of the NSA became a four star general, and continued to lead the NSA but also became the commander of the newly formed US Cyber Command.

The NSA just built a $286 million dollar complex in Georgia, and is building a $2 Billion facility in Utah. The facility should be completed in 2013 and according to Wired.com, it will be used to collect and analyze international electronic traffic:

Flowing through its servers and routers and stored in near-bottomless databases will be all forms of communication, including the complete contents of private emails, cell phone calls, and Google searches, as well as all sorts of personal data trails—parking receipts, travel itineraries, bookstore purchases, and other digital “pocket litter.”

Conclusion

Paring one of the nation’s foremost intelligence gathering & analysis organizations with very capable military units and placing them under the same commander has made US Cyber Command one of the most power cyber forces on Earth. Now if we can just unravel the legalese that has handcuffed them and keep them focused on terrorists and foreign threats, we will be all set.

Cyber Cold War and the need for an Offensive Cyber Special Forces Group

I was speaking to a veteran the other day that has about 20 years of service and has been in more countries than I can remember. As we talked about the war in Afghanistan, possible future war with Iran and other current military affairs, he told me, “Things are changing. They are after military websites, online accounts and even Facebook pages of active duty troops. It is a Cyber Cold War now.”

International websites are under siege by everyone from political hacktivists to cyber-crime organizations, to Nation State backed hackers. But what is the real threat?

  • Political Hacktivists – The current Anonymous leak of the intercepted FBI call concerning Anonymous told me everything I needed to know about how serious a threat political hacktivism is taken. During the call, FBI agents and British agents joke around and laugh up to the point where a senior agent joins the conference call. Then it was all business. Denial of service threats and the releasing of credit card info is a nuisance, but not really a threat, especially when compared to the other heavy crime that the FBI is used to dealing with.
  • Cyber Crime – This is a lot more serious than political hacktivism. International cyber-crime is booming, and recently more money was stolen through cyber-crime than was made in the illicit drug trade. But this really is an extension of organized crime and not cyber war.
  • Nation State Hackers – This is where the threat really lies. From the release of counterfeit network equipment that could be backdoored to industrial sabotage to military based espionage. This is where our military level cyber forces should be focused.

In essence we are in a Cyber Cold War. Nation State hackers are very active in attacking and compromising military, government and defense contractor sites. Terrorists are using social media sites to recruit, train and spread their poison.  It is very representative of the espionage, politics and spread of communism during the Cold War.

Is our current military cyber force capable of dealing with this threat? I think when our cyber command was created, it had in mind the threats they were facing and had the desire to be both offensive and defensive. Blocking the threats and counter-attacking in the cyber realm. But before cyber command even got off the ground, it was hamstrung by the legal and political ramifications of offensive operations.

What then is needed?

We need a Cyber Special Forces group.

After the failed Bay of Pigs invasion, President John F. Kennedy realized that the US was facing a new battle with the spread of communism. He made it a priority to get Special Forces groups created and active to face this threat.

Troops were selected that were intelligent, capable and willing to learn. They were put through intense training that allowed them to move undetected in enemy territory and engage the enemy on their own terms.

As Special Forces groups evolved, their peacetime missions became two fold. They were sent into countries to train allied or somewhat friendly forces, but at the same time to gather intelligence about countries that at some point in the future may not be allied with US intentions.

Right now, our Cyber Command seems more defensive oriented. Instead of just monitoring and detecting threats, a capable offensive unit is needed. One that can not only counter-hack, assess potential targets, train friendly nations, and stop electronic threats. But also be able to put boots on the ground and physically shut down terror cells and any other physical threats that arise from intelligence gained.