I feel that no matter how much you try to bypass the intermediary, it would continue to remain the place for anything auction - 0day vulnerabilities, Enigma encryption machines, and now a Titan 1 ICBM Missile Base, is for sale at Ebay for the N time. Bari Hotchkiss listed the characteristics of the underground fortress as :
- Hardened buildings built to withstand One megaton nuclear blast within three thousand feet
- Wall thicknesses up to fourteen feet
- Thousands of feet of connecting tunnels
- Paved roads. Security fencing
Trying to auction it again, as he seems to own the facility, it beats The Bunker in respect to a wide range of physical/electronic attack based security possibilities, and has the potential to turn into the perfect data center with enough space for war rooms on every level.
As Gene Spafford once put it :
"The only truly secure system is one that is powered off, cast in a block of concrete and sealed in a lead-lined room with armed guards - and even then I have my doubts."
and you would probably need a network connection of some kind to make use if it -- that means insecurities posed out of open and hard to control external networks.
I've once mentioned how nuclear weapons aren't the type of central military thinking problem the way they used to be during the Cold War's arms race, as there are many more emerging threats to consider, such as EMP, and Space warfare, but that's hell of an offer for a post-ColdWar underground complex, isn't it?
Some resources worth taking a look at :
19 Ways to Build Physical Security into a Data Center
Data Center : Securing Server Farms - Solution Reference Network Design
Data Center Security Associate Certificate Recommended Reading
Technorati tags:
Security, ICBM, Data Center, Missile Base
Tuesday, April 18, 2006
Would somebody please buy this Titan 1 ICBM Missile Base?
Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com
Friday, April 14, 2006
Fighting Internet's email junk through licensing
Just came across this story at Slashdot, interesting approach :
"China has introduced regulations that make it illegal to run an email server without a licence. The new rules, which came into force two weeks ago, mean that most companies running their own email servers in China are now breaking the law. The new email licensing clause is just a small part of a new anti-spam law formulated by China's Ministry of Information Industry (MII)."
While the commitment is a remarkable event given China's booming Internet population -- among the main reasons Google had to somehow enter China's search market and take market share from Baidu.com -- you don't need a mail server to disseminate spam and phishing attacks like it used to be in the old days. You need botnets, namely, going through CME's List, you would see how the majority of today's malware is loaded with build-in SMTP engine, even offline/in-transit/web email harvesting modules.
You can often find China on the top of every recently released spam/phishing/botnet trends summary, which doesn't mean Chinese Internet users are insecure -- just unaware. What you can do is educate the masses to secure the entire population, and stimulate the growth of the local security market that everyone is so desperately trying to tap into.
Moreover, I doubt you can regulate the type of Internet users still trying to freely access information, again with the wrong attitude in respect to security :
"..prohibiting use of email to discuss certain vaguely defined subjects related to 'network security' and ' information security', and also reiterate that emails which contain content contrary to existing laws must not be copied or forwarded. Wide-ranging laws of this nature have been used against political and religous dissenters in the past."
It's like legally justifying the country's censorship practices through introducing the law, whereas I feel "network security" and "information security" attacks outside the homeland get favored, compared to internal ones, don't you?
Forbidden fruits turn into dangerous desires on the majority of occasions, and you just can't control that, what's left to censor it.
Technorati tags:
Security, Malware, Spam, Phishing, China
"China has introduced regulations that make it illegal to run an email server without a licence. The new rules, which came into force two weeks ago, mean that most companies running their own email servers in China are now breaking the law. The new email licensing clause is just a small part of a new anti-spam law formulated by China's Ministry of Information Industry (MII)."
While the commitment is a remarkable event given China's booming Internet population -- among the main reasons Google had to somehow enter China's search market and take market share from Baidu.com -- you don't need a mail server to disseminate spam and phishing attacks like it used to be in the old days. You need botnets, namely, going through CME's List, you would see how the majority of today's malware is loaded with build-in SMTP engine, even offline/in-transit/web email harvesting modules.
You can often find China on the top of every recently released spam/phishing/botnet trends summary, which doesn't mean Chinese Internet users are insecure -- just unaware. What you can do is educate the masses to secure the entire population, and stimulate the growth of the local security market that everyone is so desperately trying to tap into.
Moreover, I doubt you can regulate the type of Internet users still trying to freely access information, again with the wrong attitude in respect to security :
"..prohibiting use of email to discuss certain vaguely defined subjects related to 'network security' and ' information security', and also reiterate that emails which contain content contrary to existing laws must not be copied or forwarded. Wide-ranging laws of this nature have been used against political and religous dissenters in the past."
It's like legally justifying the country's censorship practices through introducing the law, whereas I feel "network security" and "information security" attacks outside the homeland get favored, compared to internal ones, don't you?
Forbidden fruits turn into dangerous desires on the majority of occasions, and you just can't control that, what's left to censor it.
Technorati tags:
Security, Malware, Spam, Phishing, China
Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com
Thursday, April 13, 2006
Distributed cracking of a utopian mystery code
If you have missed the opportunity to buy yourself a portable Enigma encryption machine, or didn't know you could devote some of your CPU power while trying to crack unbroken Nazi Enigma ciphers, now is the time to consider another distributed computing cracking initiative I just came across to - "Assault on the Thirteenth Labour", part of the utopian Perplex City alternate reality game.
More on the story itself :
"The story centers on a fictional metropolis known as Perplex City. The Receda Cube, a priceless scientific and spiritual artefact, has been stolen and buried somewhere on Earth, and the game offers a real-life $200,000 reward to whoever can find it."
As a matter of fact, ever heard of Hive7? This is where the future is going, as I think virtual worlds intrigues result in a more quality real life, don't they? Still, it can also result in security problems with stolen virtual goods. The trend, given the popularity of these, will continue to emerge -- people, both rich and poor are putting hard cash into virtual properties and DoS attacks and phishing practices are already gaining popularity as well.
Technorati tags:
Security, Cryptography, Perplex City, Virtual Worlds, Distributed, New Media
More on the story itself :
"The story centers on a fictional metropolis known as Perplex City. The Receda Cube, a priceless scientific and spiritual artefact, has been stolen and buried somewhere on Earth, and the game offers a real-life $200,000 reward to whoever can find it."
As a matter of fact, ever heard of Hive7? This is where the future is going, as I think virtual worlds intrigues result in a more quality real life, don't they? Still, it can also result in security problems with stolen virtual goods. The trend, given the popularity of these, will continue to emerge -- people, both rich and poor are putting hard cash into virtual properties and DoS attacks and phishing practices are already gaining popularity as well.
Technorati tags:
Security, Cryptography, Perplex City, Virtual Worlds, Distributed, New Media
Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com
On the Insecurities of the Internet
Among the most popular stereotypes related to Cyberterrorism, is that of terrorists shutting down the Internet, or to put it in another way, denying access to the desperse and decentralized Internet infrastructure by attacking the Internet's root servers the way it happened back in 2002 -- knowing Slashdot's IP in such a situation will come as a handy nerd's habit for sure. Outages like these would eventually result in a butterfly effect, such as direct monetary losses and confidence in the today's E-commerce world.
In my previous "How to secure the Internet" I commented on the U.S's National Strategy to Security Cyberspace, moreover, I pointed out some issues to consider in respect to the monoculture that's affecting the entire population. While today's threatscape is constantly changing, it still points out key points points such as :
- Improve the Security and Resilience of Key Internet Protocols
"The Internet is currently based on Internet Protocol version 4 (IPv4). Some organizations and countries are moving to an updated version of the protocol, version 6 (IPv6). IPv6 offers several advantages over IPv4. In addition to offering a vast amount of addresses, it provides for improved security features, including attribution and native IP security (IPSEC), as well as enabling new applications and capabilities. Some countries are moving aggressively to adopt IPv6. Japan has committed to a fully IPv6 based infrastructure by 2005. The European Union has initiated steps to move to IPv6. China is also considering early adoption of the protocol."
In my previous "The current state of IP Spoofing" post, I mentioned that if you can spoof there's no accoutability, and you can even get DDoSed by gary7.nsa.gov. But until then we would have to live with the current situation, or keep building awareness on the issue of course.
- Secure the Domain Name System
"DNS serves as the central database that helps route information throughout the Internet. The ability to route information can be disrupted when the databases cannot be accessed or updated or when they have been corrupted. Attackers can disrupt the DNS by flooding the system with information or requests or by gaining access to the system and corrupting or destroying the information that it contains."
During March, Randal Vaughn and Gadi Evron released a practical study entitled "DNS Amplification Attacks" pointing out that :
"Our study is based on packet captures and logs from attacks reported to have a volume of 2.8Gbps. We study this data in order to further understand the basics of the reported recursive name server amplification attacks which are also known as DNS amplification or DNS reflector attacks. One of the networks under attack, Sharktech, indicated some attacks have reached as high as 10Gbps and used as many as 140,000 exploited name servers. In addition to the increase in the response packet size, the large UDP packets create IP protocol fragments. Several other responses also contribute to the overall effectiveness of these attacks."
It feels like a deja vu moment compared to Mixter's release of his award-winning "Protecting against the unknown" research and the emergence of DDoS attacks(read the complete story, and keep in mind that it's wasn't iDefense, but PacketStormSecurity offering $10k rewards back in 2000). VeriSign indeed detailed massive denial-of service attack, and Slashdot also picked up the story. Most importantly, the event also attracted the U.S government's attention, but what you should also keep in mind is that :
"In order to create an 8Gbps attack using carefully crafted zones, you need no more than 200 home PCs on basic DSL lines," Joffe said. That math assumes about 200 bots eating up a full 512Kbps connection with lots of 60-byte DNS queries, each of which is amplified 70x into a 4,200-byte reply against the attacker's target. To put that in perspective, Russian hacking crews advertise that they will place the malware of your choice on 1,000 bots for a mere $25, according to the Internet Storm Center."
No 0day necessary, but DDoS on demand/hire, and renting botnets are the practices worth mentioning the way I pointed them out in my Future trends of malware research.
-Border Gateway Protocol
"Of the many routing protocols in use within the Internet, the Border Gateway Protocol (BGP) is at greatest risk of being the target of attacks designed to disrupt or degrade service on a large scale. BGP is used to interconnect the thousands of networks that make up the Internet. It allows routing information to be exchanged between networks that may have separate administrators, administrative policies, or protocols."
Interdomain routing communications are like empowering assembly line workers with the ability to stop the line at anytime, or have a claim on it, a tricky option sometimes. A recently released research(2005) "A Survey of BGP Security" points out the bottom line these days :
"We centrally note that no current solution has yet found an adequate balance between comprehensive security and deployment cost." Still, IETF's Routing Protocol Security Requirements (rpsec) are worth the read.
What I truly hope, is that any of these guidelines wouldn't end up on a paper tiger's desk for years to come, namely they would eventually get implemented and Internet2 would end up dealing with a more advanced set of security problems compared to the current ones.
My point is that, while only the paranoid survive, seeing ghosts here and there is like totally missing the big picture -- Richard Clarke for instance once said that "If there's a major devastating cyberspace security attack, the Congress will slam regulation on the industry faster than anything you can imagine. So, it's in the industry's best interest to get the job done right before something happens." But when, and how it would affect the commercial side of the question, that is how visionary are the vendors themselves to anticipate the future in here?
No one would want to shut down the Internet as terrorists are actively using it for propaganda, communication, and open source intelligence. Still, the deceptive PSYOPS initiated by terrorist sympathizers or wannabe such is what will continue to hit the deadlines -- just don't miss the big picture!
UPDATE : The post just appeared at LinuxSecurity.com "On the Insecurities of the Internet"
Technorati tags:
Security, Information Security, Internet, Internet2, DDoS, Networking, IPv6, VeriSign
In my previous "How to secure the Internet" I commented on the U.S's National Strategy to Security Cyberspace, moreover, I pointed out some issues to consider in respect to the monoculture that's affecting the entire population. While today's threatscape is constantly changing, it still points out key points points such as :
- Improve the Security and Resilience of Key Internet Protocols
"The Internet is currently based on Internet Protocol version 4 (IPv4). Some organizations and countries are moving to an updated version of the protocol, version 6 (IPv6). IPv6 offers several advantages over IPv4. In addition to offering a vast amount of addresses, it provides for improved security features, including attribution and native IP security (IPSEC), as well as enabling new applications and capabilities. Some countries are moving aggressively to adopt IPv6. Japan has committed to a fully IPv6 based infrastructure by 2005. The European Union has initiated steps to move to IPv6. China is also considering early adoption of the protocol."
In my previous "The current state of IP Spoofing" post, I mentioned that if you can spoof there's no accoutability, and you can even get DDoSed by gary7.nsa.gov. But until then we would have to live with the current situation, or keep building awareness on the issue of course.
- Secure the Domain Name System
"DNS serves as the central database that helps route information throughout the Internet. The ability to route information can be disrupted when the databases cannot be accessed or updated or when they have been corrupted. Attackers can disrupt the DNS by flooding the system with information or requests or by gaining access to the system and corrupting or destroying the information that it contains."
During March, Randal Vaughn and Gadi Evron released a practical study entitled "DNS Amplification Attacks" pointing out that :
"Our study is based on packet captures and logs from attacks reported to have a volume of 2.8Gbps. We study this data in order to further understand the basics of the reported recursive name server amplification attacks which are also known as DNS amplification or DNS reflector attacks. One of the networks under attack, Sharktech, indicated some attacks have reached as high as 10Gbps and used as many as 140,000 exploited name servers. In addition to the increase in the response packet size, the large UDP packets create IP protocol fragments. Several other responses also contribute to the overall effectiveness of these attacks."
It feels like a deja vu moment compared to Mixter's release of his award-winning "Protecting against the unknown" research and the emergence of DDoS attacks(read the complete story, and keep in mind that it's wasn't iDefense, but PacketStormSecurity offering $10k rewards back in 2000). VeriSign indeed detailed massive denial-of service attack, and Slashdot also picked up the story. Most importantly, the event also attracted the U.S government's attention, but what you should also keep in mind is that :
"In order to create an 8Gbps attack using carefully crafted zones, you need no more than 200 home PCs on basic DSL lines," Joffe said. That math assumes about 200 bots eating up a full 512Kbps connection with lots of 60-byte DNS queries, each of which is amplified 70x into a 4,200-byte reply against the attacker's target. To put that in perspective, Russian hacking crews advertise that they will place the malware of your choice on 1,000 bots for a mere $25, according to the Internet Storm Center."
No 0day necessary, but DDoS on demand/hire, and renting botnets are the practices worth mentioning the way I pointed them out in my Future trends of malware research.
-Border Gateway Protocol
"Of the many routing protocols in use within the Internet, the Border Gateway Protocol (BGP) is at greatest risk of being the target of attacks designed to disrupt or degrade service on a large scale. BGP is used to interconnect the thousands of networks that make up the Internet. It allows routing information to be exchanged between networks that may have separate administrators, administrative policies, or protocols."
Interdomain routing communications are like empowering assembly line workers with the ability to stop the line at anytime, or have a claim on it, a tricky option sometimes. A recently released research(2005) "A Survey of BGP Security" points out the bottom line these days :
"We centrally note that no current solution has yet found an adequate balance between comprehensive security and deployment cost." Still, IETF's Routing Protocol Security Requirements (rpsec) are worth the read.
What I truly hope, is that any of these guidelines wouldn't end up on a paper tiger's desk for years to come, namely they would eventually get implemented and Internet2 would end up dealing with a more advanced set of security problems compared to the current ones.
My point is that, while only the paranoid survive, seeing ghosts here and there is like totally missing the big picture -- Richard Clarke for instance once said that "If there's a major devastating cyberspace security attack, the Congress will slam regulation on the industry faster than anything you can imagine. So, it's in the industry's best interest to get the job done right before something happens." But when, and how it would affect the commercial side of the question, that is how visionary are the vendors themselves to anticipate the future in here?
No one would want to shut down the Internet as terrorists are actively using it for propaganda, communication, and open source intelligence. Still, the deceptive PSYOPS initiated by terrorist sympathizers or wannabe such is what will continue to hit the deadlines -- just don't miss the big picture!
UPDATE : The post just appeared at LinuxSecurity.com "On the Insecurities of the Internet"
Technorati tags:
Security, Information Security, Internet, Internet2, DDoS, Networking, IPv6, VeriSign
Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com
Wednesday, April 12, 2006
Catching up on how to lawfully intercept in the digital era
In one of my previous posts "A top level espionage case in Greece" I blogged about two cases of unlawful interception -- good old espionage practices in modern environment. What's also worth mentioning is the rush for lawful interception in the post 9/11 world, that is free spirits get detained for singing or being nerds, activities you can hardly datamine at the bottom line, and then again, so what?
Last month, Australia extended its phone-tap laws to e-mails and SMS, OMG, good morning Vietnam. An excerpt from the news item :
"Australia has passed new laws that would allow police to intercept phone calls, e-mails, and text messages of people who are just suspected of a crime. Attorney-General Philip Ruddock says the new laws account for challenges posed by technology; in December 2005, Middle Eastern and white supremacist youth used SMS messages to coordinate during race riots. However, civil liberties groups warn that the laws could allow police to target the privileged conversations of lawyers and journalists or to target innocent people for investigation. Australia has been tightening security laws since the September 11, 2001, terrorist attacks in the US."
Whether compliance, or new revenue sources from a telecom/network giant's point of view, lawful interception has always been happening. A single vendor's box can easily monitor over 30,000 DSL connections, and while the problem still remains processing power and decentralized/encrypted communications, steganography as a concept has always been the biggest downsize of any approach from my point of view.
At the bottom line it would eventually provide the ECHELON's community with more information to take hold of, whereas retaining or trying to data mine it still remains an abstract concept whose only justification has been the contradictive Able Danger scenario. It is my opinion that erasing terrabytes of intelligence information on a terrorist group is a pure science-fiction scenario, they way there's a desperate need for a clear ROI in respect to CCTV cameras.
Don't over-empower the watchers for the sake of your Security, or you'll end up with a false feeling of it.
More resources on surveillance and lawful interception worth going through are :
International Campaign Against Mass Surveillance
Development of surveillance technology and risk of abuse of economic information
Legal Analysis of the NSA Domestic Surveillance Program
Wiretapping, FISA, and the NSA
Can the government track your cell phone's location without probable cause?
Attack Detection Methods for All-Optical Networks
2006 = 1984?
Privacy issues related to mobile and wireless Internet access
Lawful Interception of the Internet
Using MAC Addresses in the Lawful Interception of IP Traffic
Open Source Intelligence (OSINT)
Making Intelligence Accountable: Legal Standards and Best Practice for Oversight of Intelligence Agencies
What is Project ECHELON?
Surveillance and Society Journal
Cybercrime in New Network Ecosystem: vulnerabilities and new forensic capabilities
Strategies for Lawful Intercept
Summary - Lawful Interception plugtest
Whistle-Blower Outs NSA Spy Room
Technorati tags:
Security, Intelligence, Surveillance, Wiretapping, Privacy, Lawful Interception
Last month, Australia extended its phone-tap laws to e-mails and SMS, OMG, good morning Vietnam. An excerpt from the news item :
"Australia has passed new laws that would allow police to intercept phone calls, e-mails, and text messages of people who are just suspected of a crime. Attorney-General Philip Ruddock says the new laws account for challenges posed by technology; in December 2005, Middle Eastern and white supremacist youth used SMS messages to coordinate during race riots. However, civil liberties groups warn that the laws could allow police to target the privileged conversations of lawyers and journalists or to target innocent people for investigation. Australia has been tightening security laws since the September 11, 2001, terrorist attacks in the US."
Whether compliance, or new revenue sources from a telecom/network giant's point of view, lawful interception has always been happening. A single vendor's box can easily monitor over 30,000 DSL connections, and while the problem still remains processing power and decentralized/encrypted communications, steganography as a concept has always been the biggest downsize of any approach from my point of view.
At the bottom line it would eventually provide the ECHELON's community with more information to take hold of, whereas retaining or trying to data mine it still remains an abstract concept whose only justification has been the contradictive Able Danger scenario. It is my opinion that erasing terrabytes of intelligence information on a terrorist group is a pure science-fiction scenario, they way there's a desperate need for a clear ROI in respect to CCTV cameras.
Don't over-empower the watchers for the sake of your Security, or you'll end up with a false feeling of it.
More resources on surveillance and lawful interception worth going through are :
International Campaign Against Mass Surveillance
Development of surveillance technology and risk of abuse of economic information
Legal Analysis of the NSA Domestic Surveillance Program
Wiretapping, FISA, and the NSA
Can the government track your cell phone's location without probable cause?
Attack Detection Methods for All-Optical Networks
2006 = 1984?
Privacy issues related to mobile and wireless Internet access
Lawful Interception of the Internet
Using MAC Addresses in the Lawful Interception of IP Traffic
Open Source Intelligence (OSINT)
Making Intelligence Accountable: Legal Standards and Best Practice for Oversight of Intelligence Agencies
What is Project ECHELON?
Surveillance and Society Journal
Cybercrime in New Network Ecosystem: vulnerabilities and new forensic capabilities
Strategies for Lawful Intercept
Summary - Lawful Interception plugtest
Whistle-Blower Outs NSA Spy Room
Technorati tags:
Security, Intelligence, Surveillance, Wiretapping, Privacy, Lawful Interception
Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com
"IM me" a strike order
In my previous post "What's the potential of the IM security market? Symantec thinks big" I commented on various IM market security trends, namely Symantec's acquisition of IMLogic. It's also worth mentioning how a market leader security vendor was able to quickly capitalize on the growing IM market, and turn the acquisition into a valuable solution on the giant's portfolio of solutions. What's also worth mentioning is the military interest in instant communications in today's network centric warfare powered battlefield. Today I across an interesting recent development, namely that :
"The US Army, Navy, and Air Force have deployed protected interoperable instant messaging (IM) systems among the threebranches. Army Knowledge Online, Navy Knowledge Online, and theAir Force’s Knowledge Management Portal built the IM systems for 3.5 million users from Bantu's Inter-domain Messaging (IDM)gateway, a policy-driven with role-based access controls. The system will carry messages over sensitive and secret networks, and can populate a user's contact list with appropriate officials in the chain of command. Intelligence agencies will hook into the system to work with the military, and the Department of Homeland Security is also interested in the IM system."
Flexible military communications have always been of great importance, and flexibility here stands for securely communicating over insecure channels -- IP based communications. While you might have not heard of Bantu before, to me their real-time network for interagency communication sounds more like a security through obscurity approach -- temporary gain and possible long term disaster.
Could the instant communication finally solve the Intelligence Community's information sharing troubles?
In a relatively recent report I came across, "a survey was hosted on the Secret Internet Protocol Router Network (SIPRNET) so that personnel could respond to the survey from the convenience and privacy of their own workstations." in order to measure the communication requirements of various staff members, some of the findings worth mentioning :
MS Chat was used by at least 50% of all command groups
- 100% of Afloat Staffs, 86% of Carriers, 78% of Cruisers & Destroyers, 50% of Support
XIRCON was used by 28% - 50% of command groups
- 50% of Support, 41% of Carriers, 32% of Cruisers & Destroyers, 28% of Afloat Staffs
Lotus Sametime was used by 0 – 44% of command groups
- 44% of Afloat Staffs, 16% of Cruisers & Destroyers, 10% of Carriers, 0% of Support
mIRC was used by 13 – 33% of command groups
- 33% of Support, 23% of Carriers, 22% of Cruisers & Destroyers, 13% of Afloat Staffs
Lotus Sametime and mIRC seem to be only survirors, still the implications of using the above in respect to the powerful execution of various network centric warfare events, would definitely raise not just my eyebrows for sure. Two years ago, led by IMLogic a consortium on IM threats was established, the IM Threat Center, an indispensable early warning system for anything related to IM malware.
Would age-old IM threats re-introduce themselves on military networks like never before? Whatever the outcome, information overload wouldn't necessarily be solved through instant communications, but in a combination with powerful visualization concepts as well.
The post recently appeared at LinuxSecurity.com "IM me" a strike order"
Technorati tags:
Security, Military, IM, Technology, Symantec, Bantu
"The US Army, Navy, and Air Force have deployed protected interoperable instant messaging (IM) systems among the threebranches. Army Knowledge Online, Navy Knowledge Online, and theAir Force’s Knowledge Management Portal built the IM systems for 3.5 million users from Bantu's Inter-domain Messaging (IDM)gateway, a policy-driven with role-based access controls. The system will carry messages over sensitive and secret networks, and can populate a user's contact list with appropriate officials in the chain of command. Intelligence agencies will hook into the system to work with the military, and the Department of Homeland Security is also interested in the IM system."
Flexible military communications have always been of great importance, and flexibility here stands for securely communicating over insecure channels -- IP based communications. While you might have not heard of Bantu before, to me their real-time network for interagency communication sounds more like a security through obscurity approach -- temporary gain and possible long term disaster.
Could the instant communication finally solve the Intelligence Community's information sharing troubles?
In a relatively recent report I came across, "a survey was hosted on the Secret Internet Protocol Router Network (SIPRNET) so that personnel could respond to the survey from the convenience and privacy of their own workstations." in order to measure the communication requirements of various staff members, some of the findings worth mentioning :
MS Chat was used by at least 50% of all command groups
- 100% of Afloat Staffs, 86% of Carriers, 78% of Cruisers & Destroyers, 50% of Support
XIRCON was used by 28% - 50% of command groups
- 50% of Support, 41% of Carriers, 32% of Cruisers & Destroyers, 28% of Afloat Staffs
Lotus Sametime was used by 0 – 44% of command groups
- 44% of Afloat Staffs, 16% of Cruisers & Destroyers, 10% of Carriers, 0% of Support
mIRC was used by 13 – 33% of command groups
- 33% of Support, 23% of Carriers, 22% of Cruisers & Destroyers, 13% of Afloat Staffs
Lotus Sametime and mIRC seem to be only survirors, still the implications of using the above in respect to the powerful execution of various network centric warfare events, would definitely raise not just my eyebrows for sure. Two years ago, led by IMLogic a consortium on IM threats was established, the IM Threat Center, an indispensable early warning system for anything related to IM malware.
Would age-old IM threats re-introduce themselves on military networks like never before? Whatever the outcome, information overload wouldn't necessarily be solved through instant communications, but in a combination with powerful visualization concepts as well.
The post recently appeared at LinuxSecurity.com "IM me" a strike order"
Technorati tags:
Security, Military, IM, Technology, Symantec, Bantu
Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com
Subscribe to:
Comments (Atom)