CTOvision.com

Context for the CTO, CIO, CISO and Data Scientist

You are here: Home / Archives for Cyber War / Cyber Threats

Cyber Threats

The First Great Cyber Crime: 1994 Attack Against Citibank

In 1994 Vladimir Levin tricked computers at Citibank and several of Citibank’s customers into sending $10 million to himself. He was found out after accomplices were arrested at ratted him out. Citibank ultimately recovered most of the money, but still this case is important to study for a history of the threat. It should have underscored for us all that the criminal element will keep coming and coming and coming till they succeed. And that is exactly what has been happening.

The FBI summarized the case this way in their recap of criminal history:

The global dimensions of cyber crime, though, became apparent as early as 1994. That summer, from deep inside the heart of Russia, a young computer wiz named Vladimir Levin robbed a bank in the U.S. without ever leaving his chair. Over a two-month period, Levin—with the help of several conspirators—hacked into Citibank computers and transferred more than $10 million to accounts around the world using a dial-up wire transfer service. Working with Citibank and Russian authorities, FBI agents helped trace the theft back to Levin in St. Petersburg. Levin was soon lured to London and arrested.

 

For more on cyber threats see:

Soviet Cyber Espionage in 1986: The Cuckoo’s Egg

One of the most important books for understanding modern cyber threat’s is one of the first books on the dynamics of this new domain.  It is Clifford Stoll’s The Cuckoo’s Egg: Tracking a Spy Through the Maze of Computer Espionage. This book documents the steps taken by Stoll to track down what a mystery invader was doing inside the networks of Lawrence Berkeley Lab and is required reading since so many of the methods used by the hacker and the tracker remain important today. It is also important because it shows the value that foreign espionage agents place on using systems to acquire information.

From the book description:

Cliff Stoll was an astronomer turned systems manager at Lawrence Berkeley Lab when a 75-cent accounting error alerted him to the presence of an unauthorized user on his system. The hacker’s code name was “Hunter” — a mystery invader hiding inside a twisting electronic labyrinth, breaking into U.S. computer systems and stealing sensitive military and security information. Stoll began a one-man hunt of his own, spying on the spy — and plunged into an incredible international probe that finally gained the attention of top U.S. counterintelligence agents. The Cuckoo’s Egg is his wild and suspenseful true story — a year of deception, broken codes, satellites, missile bases, and the ultimate sting operation — and how one ingenious American trapped a spy ring paid in cash and cocaine, and reporting to the KGB.

For more see: The Cuckoo’s Egg: Tracking a Spy Through the Maze of Computer Espionage.

 

Other recommended reading:

Want to learn about the coming Internet of Things? Read about the Victorian Internet

There Will Be Cyberwar: How The Move To Network-Centric War Fighting Has Set The Stage by Richard Stiennon

The Future of Design and Manufacturing: Watch Elon Musk leverage Leap Motion, OculusVR and laser 3D printing

Meet the new Cyber Czar (a Putin pal who fights to limit US Cyber interests)

Friend and writer Noah Shachtman has produced a nice piece for Wired Magazine titled “Russia’s Top Cyber Sleuth Foils US Spies, Helps Kremlin Pals”  Most all in the cyber security and national security communities have heard about Kaspersky and I imagine you have familiarity with his software and company and connections to Russian intelligence services.  But Noah’s post gives a fantastic overview of that plus more.  It also dives into Kaspersky’s move into the global policy realm, and it probably comes as no surprise that the policies he pushes are very much aligned with Putin’s. In that regard that makes him into an actor of even more importance for the US national security community to track.

There is a good chance that because of the strange and at times dysfunctional governance processes we put over our systems and our inability to keep bad guys out, Kaspersky may have more influence over the security status of key US networks than US officials do. Which is why I believe Kaspersky deserves the title of Cyber Czar.

Noah writes very well and his research includes time with Kaspersky. Noah’s ending is a great metaphor for a question more people should be asking.

Anyway, I thought you would enjoy reading this as much as I did.

To read the full post visit: “Russia’s Top Cyber Sleuth Foils US Spies, Helps Kremlin Pals

Here is a snippet:

It’s early February in Cancun, Mexico. A group of 60 or so financial analysts, reporters, diplomats, and cybersecurity specialists shake off the previous night’s tequila and file into a ballroom at the Ritz-Carlton hotel. At the front of the room, a giant screen shows a globe targeted by crosshairs. Cancun is in the center of the bull’s-eye.

A ruddy-faced, unshaven man bounds onstage. Wearing a wrinkled white polo shirt with a pair of red sunglasses perched on his head, he looks more like a beach bum who’s lost his way than a business executive. In fact, he’s one of Russia’s richest men—the CEO of what is arguably the most important Internet security company in the world. His name is Eugene Kaspersky, and he paid for almost everyone in the audience to come here. “Buenos dias,” he says in a throaty Russian accent, as he apologizes for missing the previous night’s boozy activities. Over the past 72 hours, Kaspersky explains, he flew from Mexico to Germany and back to take part in another conference. “Kissinger, McCain, presidents, government ministers” were all there, he says. “I have panel. Left of me, minister of defense of Italy. Right of me, former head of CIA. I’m like, ‘Whoa, colleagues.’”

Kaspersky has 300 million customers. His geek squad uncovers US cyberweapons. And he has deep ties to the KGB’s successors in Moscow.

He’s bragging to be sure, but Kaspersky may be selling himself short. The Italian defense minister isn’t going to determine whether criminals or governments get their hands on your data. Kaspersky and his company, Kaspersky Lab, very well might. Between 2009 and 2010, according to Forbes, retail sales of Kaspersky antivirus software increased 177 percent, reaching almost 4.5 million a year—nearly as much as its rivals Symantec and McAfee combined. Worldwide, 50 million people are now members of the Kaspersky Security Network, sending data to the company’s Moscow headquarters every time they download an application to their desktop. Microsoft, Cisco, and Juniper Networks all embed Kaspersky code in their products—effectively giving the company 300 million users. When it comes to keeping computers free from infection, Kaspersky Lab is on its way to becoming an industry leader.

But this still doesn’t fully capture Kaspersky’s influence. Back in 2010, a researcher now working for Kaspersky discovered Stuxnet, the US-Israeli worm that wrecked nearly a thousand Iranian centrifuges and became the world’s first openly acknowledged cyberweapon. In May of this year, Kaspersky’s elite antihackers exposed a second weaponized computer program, which they dubbed Flame. It was subsequently revealed to be another US-Israeli operation aimed at Iran. In other words, Kaspersky Lab isn’t just an antivirus company; it’s also a leader in uncovering cyber-espionage.

Serving at the pinnacle of such an organization would be a remarkably powerful position for any man. But Kaspersky’s rise is particularly notable—and to some, downright troubling—given his KGB-sponsored training, his tenure as a Soviet intelligence officer, his alliance with Vladimir Putin’s regime, and his deep and ongoing relationship with Russia’s Federal Security Service, or FSB. Of course, none of this history is ever mentioned in Cancun.

What is mentioned is Kaspersky’s vision for the future of Internet security—which by Western standards can seem extreme. It includes requiring strictly monitored digital passports for some online activities and enabling government regulation of social networks to thwart protest movements. “It’s too much freedom there,” Kaspersky says, referring to sites like Facebook. “Freedom is good. But the bad guys—they can abuse this freedom to manipulate public opinion.”

These are not exactly comforting words from a man who is responsible for the security of so many of our PCs, tablets, and smartphones. But that is the paradox of Eugene Kaspersky: a close associate of the autocratic Putin regime who is charged with safeguarding the data of millions of Americans; a supposedly-retired intelligence officer who is busy today revealing the covert activities of other nations; a vital presence in the open and free Internet who doesn’t want us to be too free. It’s an enigmatic profile that’s on the rise as Kaspersky’s influence grows.

For more cyber threat context see:

The March and April 2000 Hack on Maroochy Shire: Cyber History Made

In October 2001 an Australian man was sent to prison for two years for what was probably the first hacker generated cyber attack against civilian infrastructure in history. This event at Maroochy Shire, Queensland, is worth study for several reasons, including the fact that it proved this sort of attack was possible. It was, at least it should have been, a great wake-up call alerting us all to the cyber threat.

Here is reporting from The Register:

 An Australian man was today sent to prison for two years after he was found guilty of hacking into the Maroochy Shire, Queensland computerised waste management system and caused millions of litres of raw sewage to spill out into local parks, rivers and even the grounds of a Hyatt Regency hotel.

“Marine life died, the creek water turned black and the stench was unbearable for residents,” said Janelle Bryant of the Australian Environmental Protection Agency.

The Maroochydore District Court heard that 49-year-old Vitek Boden had conducted a series of electronic attacks on the Maroochy Shire sewage control system after a job application he had made was rejected by the area’s Council. At the time he was employed by the company that had installed the system.

Boden made at least 46 attempts to take control of the sewage system during March and April 2000. On 23 April, the date of Boden’s last hacking attempt, police who pulled over his car found radio and computer equipment.

Later investigations found Boden’s laptop had been used at the time of the attacks and his hard drive contained software for accessing and controlling the sewage management system.

 

Now imagine a world where everything in your city is smart and connected.

Cyberwar is clearly here, and has been, for decades.

 

 

Protecting Your Campaign Against Cyber Threats

Even with best designed IT architecture, cyber incidents will undoubtedly impact your campaign at some point. Adversaries from hackers to industrial spies and foreign countries will try to access your valuable and confidential information. Fortunately, there are ways to reduce the impact of these attacks. CTOlabs analysts collaborated with community security professionals to produce this special report. It provides strategic guidance on how to improve your security and enhance your campaigns IT functionality to mitigate these threats. Download at: Protect Your Campaign Against Cyber Threats

An Assessment on the Cyber Threat

How would you describe the threat to the US information infrastructure? If you are a technologist or a national security expert or both I hope you would use your background and experience and expertise and produced a fused-all source assessment based on facts. But it is also ok to cite the masters, folks who really know what they are talking about and are paid to produce the most accurate possible reports. Below is an assessment I extracted from a source I know to be reliable, but to most of you technologists and national security professionals I hope this list will be seen as intuitive statements that ring true to your experience. Please look it over and let me know what you think (I’ll inject some thoughts at the end):

Judgements:

“The fact is that we are currently building an information infrastructure — the most complex systems the world has ever known — on an insecure foundation. We have ignored the need to build trust into our systems. Simply hoping that someday we can add the needed security before it is too late is not a strategy.”

Additionally:

  • We are growing increasingly dependent on information systems for commercial and government activities.
  • Our adversaries recognize this dependence and are developing tools to attack our information systems.
  • Protecting our systems will require an unprecedented level of cooperation between government and the private sector.
  • Protecting our critical information systems and the data on them will be key to our survival as the world’s leading economic power and as the world’s leader in information technology.
  • Our heavy and growing societal and strategic dependence on information technologies and information systems has created vulnerabilities — vulnerabilities to our economic institutions, to the systems that support public needs, to our privacy, and to our military capabilities.
  • The number of known potential adversaries conducting research on information attacks is increasing rapidly and includes intelligence services, military organizations and non-state entities such as terrorism groups.
    Technology will increase the sophistication of their capabilities and will continue to reduce the cost of attack and the risk if security remains where it is today.
  • And the attackers have enormous incentives.Trillions of dollars in financial transactions and commerce moving over a medium that has minimal protection and sporadic law enforcement. Increasing quantities of intellectual property residing on networked systems. And the opportunity to disrupt military effectiveness and public safety, with elements of surprise and anonymity.
  • The state sponsored terrorists and military Information Warfare people pose the greatest risk to our critical infrastructure because they have the greatest knowledge and resources.
  • Foreign governments and their military services are paying increasing attention to the concept of ”Information Warfare”. Foreign military writings discuss the importance of disrupting the flow of information in combat. The battlespace of the future also will extend to our domestic information infrastructure, such as our electric power grids and our telecommunications networks – in short, the very foundations of our economy.
  • We cannot keep building new capabilities on a poor foundation of security. We cannot ignore the need to build trust into our information systems any longer.
  • It is folly to hope that someday we can add needed elements before it’s too late. The longer we wait, the more our country is exposed, and the costlier it will be to address the problem.If we are going to lead the world in information technology we must recreate the trust that existed between our government and our industry that allowed us to lead the free world for over forty years. We still have the power to lead by our example, and we still have the time to do what is right.

I think the information and assessments and powerful thoughts above are right on and should be considered by anyone in the national security and technology space.

The source?  1998 speeches and testimony by then Director of Central Intelligence George Tenet.  I think he pretty much nailed what would happen with the assessment above (read more online at: https://www.cia.gov/news-information/speeches-testimony/1998/dci_speech_040698.html and https://www.cia.gov/news-information/speeches-testimony/1998/dci_testimony_062498.html

In fact, seems like he provided clear an unambiguous warning.

Since then, it seems like very leader in the national security, DoD and Intelligence Space that comes into office seems to muddle on oblivious to the cyber threat till some incident hits them, like Moonlight Maze or the series of intrusions into DoD and other nets over 2007 or the attacks vs Estonia or the attacks vs. Georgia or the attacks vs. Google.  And in each time you get folks saying something like “oh well that was a wake up call.”

Any thoughts on that?

Is there anything that can be done so 12 years from now we are not asking ourselves why people in key positions are still saying things like “oh that was a wake-up call!”?

For more on this topic see the even older warning by CIA Director John Deutch at: Leader Of U.S. Intelligence Community Delivers Clear and Unambiguous Warning of Cyber Threat

Related Posts:

We Have A Cyber Czar, and He Has Spoken

putin-320x486A debate has been running for months both among government thought leaders and the technical literati on whether or not the US should appoint a “Cyber Czar” who can exert authority over IT security in the federal space or perhaps even aspects of the nation’s IT defenses. This is a complex discussion that has had some of the greatest thinkers in and out of government involved.

Unfortunately for those who would like to still debate and discuss this issue, there is already a Cyber Czar who can accomplish most all his objectives in our networks. He is Russian Prime Minister Vladimir Putin. This former KGB operative now controls Russia with an iron fist and has shown others again and again he will exert influence anywhere he needs to in order to accomplish his objectives. He will use tanks when required and cyber when desired and combinations when it suits him. There are indications his agents are also in our networks now.  If our objectives are to keep players like him out, we cannot say we are accomplishing them. If his objectives are to get in, then we can say he is accomplishing them. Till this situation changes, we need to confront then this new reality:  Vladimir Putin is the Cyber Czar.

We have our own great technologists and wizards of cyber, of course. And we have great hero entrepreneurs of technology who have built the cyber world we all use today. One of those greats is Michael Dell, creator of an idea and corporation that develops, manufactures, sells and distributes personal computers we all depend on.

But he is someone who will now think twice before thinking he can interact as a peer to Cyber Czar Putin.  After listening to Putin’s speech at the 2009 World Economic Forum in Davos, Michael Dell praised Russia’s technical and scientific prowess and asked a nice, friendly question:  “How can we help.”  As a former govie CTO I would get asked that type of question all the time from industry and really appreciated it whenever a senior thought leader would ask that. But not Czar Putin. He did not appreciate that at all. Putin was offended by the assertion that the mighty Russia might need help in anything Cyber.

Fortune described the exchange this way:

“Putin’s withering reply to Dell: “We don’t need help. We are not invalids. We don’t have limited mental capacity.” The slapdown took many of the people in the audience by surprise. Putin then went on to outline some of the steps the Russian government has taken to wire up the country, including remote villages in Siberia. And, in a final dig at Dell, he talked about how Russian scientists were rightly respected not for their hardware, but for their software. The implication: Any old fool can build a PC outfit.”

Clearly cyber domination is personal with Putin. 

He is the Cyber Czar.

I think I should end with a plea to all who care about cyber freedom and all who know the potential positive contributions of IT:  Please don’t be pleased with this current situation. Please don’t just think the title of Cyber Czar I’ve now used to describe Putin is something we should be proud of.  It is not. We should continue to act till we are able to assert that we are masters of our own networks. Our nation’s intellectual property, including the intellectual property of all our companies and citizens, is too important to let it be given away without at least a cyber fight.

For more on these topics see:

Other key reports:

National Security:

Top Cybersecurity Context:

More Content

Cyber War

SciFi

Super Bowl Ads Indicate Big Businesses Think You Are Afraid of AI

Tom Loftus provided an insightful review of some of Super Bowl ads in the 4 Feb 2019 Wall Street Journal. Like AI parody in SNL, these ads really poked fun at computers: Seriously, did anyone catch the commercials? If the Super Bowl is the zeitgeist, then it is safe to say that America is not […]

HBO’s Westworld: The Man In Black is a special kind of Twitter user

HBO’s Westworld is a modern take on the Michael Crichton SciFi tale of a robotic amusement park. The HBO version has a new twist. The creators/writers were all exposed to years of Twitter, which has influenced every episode and the entire arch of two seasons of the show. Now that season two is wrapping up, […]