STUXNET CYBER FALSE FLAG LAUNCHED DURING THE PLANNED CYBER STORM MILITARY DRILL

[Dig]

False Flag Cyber Attack Could Takedown The Internet - AJ 7/21/10
http://forum.prisonplanet.com/index.php?topic=180655.0

Gen. Renuart: "World Govt. will be the only solution to our Cyber False Flags"
http://forum.prisonplanet.com/index.php?topic=172572.0

[Dig]

Cyber Storm III participants include:

o Administration-Wide—Seven Cabinet-level departments including Commerce, Defense, Energy, Homeland Security, Justice, Transportation and Treasury, in addition to the White House and representatives from the intelligence and law enforcement communities.

o Eleven States—California, Delaware, Illinois, Iowa, Michigan, Minnesota, North Carolina, New York, Pennsylvania, Texas, Washington, as well as the Multi-State Information Sharing and Analysis Center (ISAC).

o 12 International Partners—Australia, Canada, France, Germany, Hungary, Italy, Japan, the Netherlands, New Zealand, Sweden, Switzerland, and the United Kingdom.

o 60 Private Sector Companies—DHS worked with representatives from the Banking and Finance, Chemical, Communications, Dams, Defense Industrial Base, Information Technology, Nuclear, Transportation, and Water Sectors, as well as the corresponding Sector Coordinating Councils and ISACs, to identify private sector participants.

Cyber Storm III also represents the first major exercise testing the new National Cybersecurity and Communications Integration Center (NCCIC)—which serves as the hub of national cybersecurity coordination and was established in October of 2009.

[Dig]

“The technotronic era involves the gradual appearance of a more controlled society. Such a society would be dominated by an elite, unrestrained by traditional values. [...] The capacity to assert social and political control over the individual will vastly increase. It will soon be possible to assert almost continuous surveillance over every citizen and to maintain up-to-date, complete files, containing even most personal information about the health or personal behavior of the citizen in addition to more customary data. These files will be subject to instantaneous retrieval by the authorities.”
https://www.mega.nu/ampp/privacy.html
-Zbigniew Brzezinski

[citizenx]

Here is the deal...

The code attacks backdoors in Siemens and other software that the manufacturers put in on purpose. In other words this was a team effort to create backdoors in the corporate software in the first place along with the appearance of a hack to "compromise" it. It was done by design with 10th generation tech... In other words this is a 100% inside job involving the corporate manufacturers as well.

Agreed.

[Optimus]

This article comes from a site called "The New New Internet". WTF?


Australia Unleashes ‘Cyber Storm’ in Preparation of Cyber Attack

This was written by Camille Tuutti on Monday, September 20, 2010, 12:16.

Australia is scheduled to unleash Cyber Storm, an official exercise aimed at testing how businesses, government departments and spy agencies would respond in the event of a coordinated cyber attack, The Age reports.

Approximately 50 organizations are expected to participate in the Australian arm of the exercise, the third and biggest in a series testing national responses to major cyber attacks.

Officials were concerned about maintaining the drill’s security and would not reveal when the exercise will begin, a department spokesman told The Age.

The exercise, organized by the U.S. Department of Homeland Security, would be the third Cyber Storm released. Cyber Storm I was based on a scenario in which a coalition of anti-globalization activists paralyzed U.S. and Canadian computer systems by cutting power supplies, and disrupting ports and airlines, and compromising intelligence communications.

More...

[Dig]

Agreed.

And now that we see the extension of the 2 year planned drill, there is absolutely no doubt.

[SUPREMEMASTER]

This article comes from a site called "The New New Internet". WTF?

About

The New New Internet (TNNI) seeks to stay abreast of the rapidly developing field of cybersecurity. The site looks to connect the developments in the national and international arena with informative analysis that places the disparate ideas surrounding this still nascent market in dialogue with one another. We encourage you to follow our updates, and welcome your feedback on our articles and content.


Our readers can anticipate regular, objective and timely news updates on developments in cybersecurity spanning the public and private sectors. In practice, we do not focus on specific technologies, but instead cover broader policy developments, key players and cyber incidents, along with broad innovations in cybersecurity context.


The New New Internet intends to support a safer world of the Internet’s next generation. We will focus beyond the realm of the new internet of Web 2.0 into the promise of what will be The New, New Internet.

WTF?

A website ENTIRELY focused on "Cyber Security"?!

As if this is OFFICIALLY now and forever an issue of large significance?

[Dig]

WTF?

A website ENTIRELY focused on "Cyber Security"?!

As if this is OFFICIALLY now and forever an issue of large significance?

There are over 1,000 websites focused on cyber security. Part of the Stimulus plan and the over $3 Trillion we have spent on genocide in the Middle East and fighting ghosts.

From 1984:

"Oceania has no capital, and its titular head is a person whose whereabouts nobody knows."
- George Orwell, 1984, Book 1, Chapter 9

[SUPREMEMASTER]

There are over 1,000 websites focused on cyber security. Part of the Stimulus plan and the over $3 Trillion we have spent on genocide in the Middle East and fighting ghosts.

From 1984:

"Oceania has no capital, and its titular head is a person whose whereabouts nobody knows."
- George Orwell, 1984, Book 1, Chapter 9

That's a gigantic news flash for me as I have been living under a rock, so to speak, without having much time to do much research about the gigantic "Cyber Security" fraud--

At first I suspected "Maybe there's 2 or 3 other websites besides this one that propagandizes the same thing" -- but thanks for pointing that out because I was clueless earlier that there were not just a couple but over a thousand of websites that entirely fear-mongered about the whole Cyber Security thing.

It's almost intimidating.. I mean they really are throwing everything including the kitchen sink at the general public in psych. warfare to get them to believe that "the current Internet can be used against society so therefor it must be gotten rid of"..

It's so obvious that they are doing this ONLY to silence those who were using the Internet as a means of alerting the public of the world to what was going on...

[Optimus]

DHS Launches Cyber Attack Exercise

Cyber Storm III, the largest simulated cyber attack to date, aims to test a new national cyber response plan and stretch the limits of collaborative cybersecurity.

By J. Nicholas Hoover
InformationWeek
September 28, 2010 12:01 AM

For three or four days this week, the Internet will come under a virtual attack from an unknown adversary, and it will be up to the government and private sector's coordinated efforts to root out the cause and work together to keep systems up and running -- at least within the simulated confines of the Department of Homeland Security's Cyber Storm III exercise, which begins Tuesday.

The Cyber Storm series of exercises simulates large cyber attacks on critical infrastructure and government IT assets in order to test the government's preparedness. Specifically, this year's exercise will be the first time DHS will test both the draft National Cyber Incident Response Plan (an effort to provide a coordinated response to major cybersecurity incidents) that will be publicly released later this year and the new National Cybersecurity and Communications Integration Center (the hub of DHS' cybersecurity coordination efforts).

With cybersecurity continuing to heat up as a national defense priority, Cyber Storm III will give the government a chance to see how ready it's processes and people really are in protecting the nation and Internet against malicious hackers. "So much of the cyber mission space is about collaboration, and every once in a while you've got to kick the tires to see how well it works," Bobbie Stempfley, director of DHS' National Cyber Security Division, said in a meeting with reporters last week.

This year's exercise will be the largest yet, including representatives from seven cabinet-level federal departments, intelligence agencies, 11 states, 12 international partners and 60 private sector companies in multiple critical infrastructure sectors like banking, defense, energy and transportation. High-level officials, including federal cybersecurity coordinator Howard Schmidt and deputy homeland security secretary Jane Holl Lute, will be among those taking part.

More...

[Optimus]

Exercise Will Affect Both Uptime And Integrity
http://www.informationweek.com/news/government/security/showArticle.jhtml;jsessionid=KSLWJNKDZLTSPQE1GHPSKH4ATMY32JVN?articleID=227500797&pgno=2&queryText=
(Page 2 of 2) September 28, 2010 12:01 AM

However, the scenario won't use a virtual network. Instead, the exercise will be controlled from the Secret Service headquarters, where organizers from various agencies will be sending out "exercise injects," information that a player will receive that indicates that a certain event has taken place as part of the narrative set up by the organizers. This goes a bit beyond a paper narrative, including fake log data, drives that may contain fake malware, and fake event history, and is dynamic, meaning that it can change dependent on the actions the players take.

[Dig]

INSLAW Affair/PROMIS/Riconosciuto/"Octopus"/Casolaro MASTER ARCHIVE
http://forum.prisonplanet.com/index.php?topic=187740.0

[Anti_Illuminati]

http://www.sovasec.com/2009/06/15/

June 15th, 2009

CyberWar is a Racket
Monday, June 15th, 2009

Inspired by ‘War is a Racket’ by Maj. Gen. Smedly Darlington Butler U.S.M.C

Under the threat of war, the cost of defense is never too high.
A nation is under significant obligation to protect its investments where ever they may be.
What we see now, is the transition from physical to electronic defense.

The United States is returning to Cold War status. In preparation for this the advancement of technology and the power of the intelligence community is of the foremost importance. In order to maintain a position of dominance, the government must sustain its partnership with wartime industry. Through a metamorphosis of the “military industrial complex”, into a new “intelligence industrial complex”, this accomplishment can be witnessed. The ever present fear of terrorism will still be used as justification for sustained engagement. The new terrorist threat comes from what the media refers to as hackers.

The United States’ trade deficit is in the trillions of dollars. The nation must possess assets for which they use to back the value of money sent overseas. China, for example, has accumulated a surplus of US currency. The deficit exists due to the lack of goods being sold in return. These dollars are then stockpiled or used to buy fuel. The oil cartel uses this petro-dollar as the international rate of exchange. There is already discussion to take the world off of this standard. The dollar has already been abandoned in places where once it was used it as a common currency. The United States needs to be ready to compete in the global market, or in default will continue to forfeit property as payment. If the international oil standard were to shift from the dollar, the American economy could be crushed. Places like China would have no reason to continue accepting currency from the United States as a form of trade. In order to continue doing global business, and maintain the standard of living for most Americans, the United States would need to find an acceptable financial solution. It would be necessary to provide a product or service which can be sold on the international market.

With a shift of strategy by the public-private sector, there is the beginning of what could be a record breaking transition. The same corporations, agencies, and institutions which traditionally have been government contractors understand this move, and are shifting production accordingly. International finance, which in the past has funded one or more sides of various conflicts, is already buying into this new deal. With the new President and his many supporters, the official war should be concluded soon. Although there will always be justification for troops stationed around the globe, much funding for war expenses would no longer be necessary.

The companies which produced the equipment, supplied the fuel for the machinery, and paid the workers, would be looking at a massive drop in revenue.  To compensate they will begin to offer services in line with the new focus on infrastructure protection. War profits can be an increase of 7856% over peace time.

That is a real historical figure of seven-thousand eight-hundred and fifty-six percent. Profit is the only motivation for the existence of a corporation. Existing funding could be redirected towards new projects and a new war.

A nation needs a real or fabricated threat to justify taxation to its people, for the necessity of its defenses.

In Orwell’s 1984 we saw Emmanuel Goldstein as the fictional ‘enemy of the people’. The character was a phantom used to justify the actions of the state. Some would say there is a modern analogue to the Goldstein character.

It is claimed that Tim Osman, in only 30 years, was partly responsible for the near collapse of not one, but two world empires. He has never been permanently detained despite a concerted global effort. In fact, he taunts the world by sending recordings of himself to media outlets, which use his image as a rallying symbol of fear comparable to Orwell’s construct. It is hard to imagine how a person in need of regular medical attention, can evade the worlds most advanced intelligence gathering network, and continue to avoid capture.

A sufficiently disruptive electronic attack would be an excellent pretense to create a new phantom enemy.

Sophisticated attacks on domestic infrastructure by unknown foreign entities, could easily be sold to the people as ‘the cost of war hitting home’, against enemies which must be defeated ‘at any cost’. Create a little fear, combined with nationalism, and a popular charismatic leader, and one can accomplish almost anything through the mob mentality.

Operation Cyberstorm has introduced us to the next generation of hypothetical threats.

These new terrorists are individuals and groups of technically skilled people. United by a popular voice of dissent, these groups have formed a loosely knit alliance with a common goal of disrupting the global economy. There are individual actors, the known unknowns, who may assist and possibly increase the severity of an electronic attack. To defend the global financial system and domestic infrastructure, the federal government partnered with private industry, and is spear heading the effort to crack down on criminal activity within these groups. It is not an eAl-Queada, or the iTaliban, the new terrorists are hackers. They are the poltergeist in the machine, whenever there is a disruption in internet service, or a random power outage, or any other system the public has come to depend on is interrupted, there will be the suspicion and speculation as to the root cause. If a server catches fire in Phoenix, or suzie1865 can not get to her mytwitterface account, someone is going to cry wolf. When this occurs the justification for more funding is shown to be necessary, the cycle of funding continues. Operation Cyberstorm was not focused on international state sponsored crime, or independent groups of foreign nationals conducting espionage. Though these are the fears represented in the recent legislation and government reviews.

The very intangible nature of cyber-bogeymen provides the vagueness needed to justify any measure of prevention, or manner of retaliation.

It is possible that we could see the war funding re-purposed for the improvement of infrastructure, the advancement of technology, and the defense of communications networks. These billions of dollars will continue to flow into the same hands.

The nature of security allows the defender to only divulge knowledge when it is to their advantage. The knowledge of potential threats, or even past incidents, is just another form of information which could be released for profit. When the industry shifts from traditional combat to electronic engagement, the resources allocated would create a world class institution. The heavy corporate involvement will open up the opportunity for those holding a large number of dollars to trade them in. The sale of data, proprietary and patented new technologies, and accompanying services, would create an outlet for stockpiled petro-dollars.

However this is not the end of physical combat. With industry there is the necessity for natural resources, the foreign and domestic sources of these materials would continue to require physical protection. To prevent against supply line attacks involving sabotaged materials, increased international oversight would be required at these facilities, which produce today’s high-tech components. Government contractors will supply both electronic and physical security to protect their assets. Tax money is used to fund corporations which are not interested or obligated to protect people’s rights. By partnering with the private sector, the government has relieved itself of much responsibility to the people. This responsibility is transferred to the private sector, which only has the single minded goal of increasing its own profit. This could explain why corporate representatives testify before congress to the need for the very services they provide. The agencies which use their services sit alongside them in agreement. This gives the illusion of a clear and present threat which must be eliminated as soon as possible.

The corporations are lined up with their hands out for increasingly larger slices of the federal pie. Sadly, with the lack of resistance and competition, there will be no organic incentive for innovation. Like a pack of wolves they will only destroy each other fighting over the scraps. Those who rely on the contracts to continue operation are forced into compliance for their ration, forever submitting to the alpha of the pack.

The market would not be free, and likely would eventually create a situation where it will be too hollow to support itself and collapse, leading to a very real threat to national security.

On the other hand there is a great risk for the continued creation of a technocratic fascist state. In which we would see constant and holistic surveillance to protect against foreign or domestic threats, among which the government themselves admit, is public dissent.

America was founded on the principle of dissent against tyranny. It is a patriotic duty to question the motivations of government. Technology can be the key that sets us free, or the yoke under which the many exist to serve the few.

With the end of the war, the media will further turn its attention to programming which numbs the mind. Without the constant reminder of the hellish nature of war the protesters will slowly go away. When the international terrorist computer criminals allegedly cripple some piece of critical infrastructure, and the justification for increased spending be comes a reality, the new victims of war will not draw the public sympathy as do dead and dieing solders in the field. When the power grid is compromised, or restrictions are placed on internet usage, even the anti-war crowd will stand behind the government looking for justice against the terrorists, which have caused their inconvenience. The intelligence assurance community, a government and corporate body, would expand as protectorate of the national electronic infrastructure.

Anyone who operates critical equipment, including networks of computers, will be biometricly catalogued. Some existing uses, of similar government systems, also employ operators in real time remote connection monitoring, as a security measure to ensure the validity of the information transfer, and that standard protocols are being observed. Most domestic communications are intercepted and recorded by the intelligence agencies at various points in the network. Private companies index this information, protecting it from Freedom of Information Act requests. Like so many baseball cards, profiles are bought, sold, and traded.

Information is the new currency.

The data centers are the new vaults, the processing facilities the new banks. Where there are banks there will always be robbers. Where there are robbers there will always be lawmen to make pursuit. In their way are things like privacy, the Constitution, and international boundaries.

The intelligence agencies are more then willing to put themselves above the law when it suits them. Their collaboration with the private sector gives them special access to infrastructure, which they have already shown the willingness to abuse.  Unlike land, gold, and oil, persons and their information are renewable resources, so this new market has infinite growth potential.

[Satyagraha]

Alex mentioned this yesterday.. here's the article:

US Planted Malware on Printers shipped to Iraq ....
The cyberterrorists are US "Cyber Warriors"....

Clinton and China Armed Iraq
http://www.freerepublic.com/focus/news/833154/posts
Clinton and China Armed Iraq
Charles R. Smith
Thursday, Jan. 30, 2003

In 1991 U.S. intelligence forces detected a shipment of French-made printers
bound for Iraq. The printers were to be used by computers that ran the
French-made Kari air defense network sold to dictator Saddam Hussein during the
late 1980s. Unknown to the Iraqis,

U.S. cyber-warriors acquired access to the printers as
they were being trans-shipped through Jordan.

It was here that the first seeds of information warfare began.

American intelligence agents substituted a U.S.-made chip inside the computer
printers. The little chip gave allied forces an unfair advantage later in the
skies of Iraq.

The special chip did not contain any virus codes or destructive programs. All it
could do was squeak.

The special chip was designed to give off a high-frequency radio signal whenever
the printer was in use. Each time the Iraqis used their new printers, the chip
would squeak. The signal gave allied warplanes the exact position of the
computer in the Iraqi air defense system.

Each time the Iraqis would power up a new defense center, the telltale squeak
would give away its position, and the allied aircraft would strike.

The squeaky chip was a great idea but not entirely foolproof. One night U.S. war
fighters detected a squeak from a previously unused Iraqi bunker in downtown
Baghdad. The F-117s quickly struck the site with two laser-guided bombs.

The next day, the allies were horrified to discover that the Iraqi bunker had
actually been full of civilians hiding from the bombing raids. Apparently, one
of the civilians had decided to power up a computer printer during the night, a
move that would later prove to be fatal.

Tiger Song

The next battle between Iraq and allied armed forces will not be so easy. Iraq
has updated its Kari air defense network with a Chinese-made fiber-optic system
code-named "Tiger Song."

The Tiger Song system is best described as an Internet for surface-to-air
missiles. Previous generations of air defense systems had to directly link radar
sites to missile batteries.

The classic pattern of Soviet-style air defense missile sites took the form of a
six-pointed star. Each point of the star contained one missile launcher, and the
radar itself was located at the center along with the command control unit.

Today, using the Tiger Song fiber optic communications system, Iraqi air defense
missile sites are spread out, mobile and difficult to detect. Missile launchers,
radars and command centers can be placed anywhere as long as they can hook up to
the fiber-optic network. Radars, computers, and missiles now share the whole
picture carried live over the Tiger Song network.

Allied war fighters have already had a difficult time with Tiger Song. The
system allows radars that were previously associated with a specific missile or
gun system to trade information. Radar sites for anti-aircraft guns that could
not reach high-flying allied planes can now pass target information to large
missile launchers, which can reach altitudes over 80,000 feet.

In addition, the Chinese network allows Iraqi missile batteries to move quickly.
The network has many hidden prepared positions, ready to be hooked up to a
waiting radar, command center or missile launcher. The units are then able to
move from position to position, hooking up to the network when necessary.

Clinton Exports to Chinese Army

The ultimate irony is that the Tiger Song system is made from U.S.-manufactured
parts and equipment exported to China during the Clinton administration. In
1994, Chinese Gen. Ding Henggao obtained the advanced fiber-optic system through
his contacts inside the Clinton administration.

According to documents obtained using the Freedom of Information Act, Ding was a
close friend of Clinton Secretary of Defense William Perry. In 1994, Ding had
risen to command the Chinese army's military research bureau "COSTIND," or the
Commission on Science Technology and Industry for National Defense.

COSTIND, according to the General Accounting Office, "oversees development of
China's weapon systems and is responsible for identifying and acquiring
telecommunications technology applicable for military use."

Stanford professor John Lewis, a close friend and a paid Defense Department
consultant to Perry, was the key board member of the project. In 1994 John Lewis
teamed with Gen. Ding to buy an advanced AT&T fiber-optic communications system
for "civilian" use inside China.

Defense Department officials initially objected to the proposed sale and would
not allow the export to take place. According to the Far Eastern Economic
Review, Lewis had his friend Secretary Perry write a letter on his behalf to
U.S. government officials, favoring the fiber-optic export to China.

The communications system slipped past U.S. exports laws as a joint U.S.-Chinese
commercial venture called "Hua Mei." The Chinese part of the venture was run by
a newly formed firm named "Galaxy New Technology."

Democrats and Chinese Generals


Dr. Lewis located Adlai Stevenson III, the former Democrat senator from
Illinois, to lead the American side of the joint venture. Gen. Ding's wife,
Madam Nie Li, headed the joint project as the Chinese co-chairman.

Lewis then contracted AT&T to ship the secure communication system directly to a
Chinese army unit using Galaxy New Technology as a front. AT&T officials who
sold most of the equipment and software were adamant that there was no need to
check the Chinese firm because a "civilian," Madam Nie Lie, ran the company.

The export took place through Ron Brown's Commerce Department, using a special
license waiver that had never been issued before and has never been issued
since.

However, the so-called civilian firm Hua Mei was actually packed with Chinese
army officers and experts. Madam Nie Lie was not only the wife of Gen. Ding
Henggao; Madam Nie was actually Lt. Gen. Nie Lie of the Chinese army.

Another so-called civilian member of New Galaxy Technology, according to a
Defense Department document, was Director and President "Mr. Deng Changru." Deng
was actually Lt. Col. Deng Changru of the People's Liberation Army, head of the
Chinese communications corps.

Still another Chinese army officer on the Galaxy New Technology staff was
Co-General Manager "Mr. Xie Zhichao," better known in military circles as Lt.
Col. Xie Zhichao, director of the Chinese army's Electronics Design Bureau.

In August 1994, Dr. Lewis and Secretary of Defense Perry traveled to Beijing to
meet with Gen. Ding. According to the official list of attendees, Lewis
accompanied Perry as his paid "personal" consultant. Thus, Lewis, Perry and Ding
met together as the deal for the fiber-optic system was being executed.

Paid by Chinese Army and U.S. Defense Department

In fact, Lewis drew three paychecks for the deal. The documents show that Lewis
worked for Stanford University, the Chinese army and for the U.S. Defense
Department as Perry's consultant, all at the same time. Neither Perry nor Lewis
deny the allegations that they assisted the Chinese army.

In 1994, the Chinese spymaster Gen. Ding personally penetrated the U.S. Defense
Department at the highest levels, using his contacts with Secretary Perry to
obtain a secure fiber-optic network.

The Clinton Department of Justice, led by the inept Attorney General Janet Reno,
refused to investigate the Hua Mei deal despite repeated protests from Congress
and the Defense Department.

Instead, the General Accounting Office (GAO) wrote a scathing report noting the
military links of the Hua Mei deal and of the failures of the Clinton
administration.

"The equipment was exported to Hua Mei without Commerce review, even though the
company was partially controlled by several high-level members of the Chinese
military," states the GAO report.

In addition, the GAO clearly noted the military value of the Hua Mei deal
included, "sharing of intelligence, imagery and video between several locations,
command and control of military operations using video-conferencing, and medical
support and telemedicine between the battlefield and remote hospitals."

"When used in a military application, both types of equipment requires
encryption devices to protect communications from interception," stated the GAO
report.

Thanks, Clinton

Thanks to Bill Clinton and his Defense Secretary William Perry, the Chinese
army's Electronics Design Bureau modified the American fiber-optic communication
system, changing it into the Tiger Song secure air-defense system. The Chinese
army then exported the newly modified system to Iraq.

Today, Tiger Song stands ready to kill U.S. pilots.

Thank you, Bill Clinton and William Perry, for your services to the Chinese
People's Liberation Army and to the Iraqi armed forces that now protect Saddam
Hussein.

[Dig]

Who are the cyberterrorists? What is their agenda?
http://forum.prisonplanet.com/index.php?topic=187100.0

[Dig]

EVIDENCE OF PSYCHOSIS: Deputy Secretary of Defense is a psychotic maniac!

Pentagon may apply preemptive warfare policy to the Internet
http://www.rawstory.com/rs/2010/0829/pentagon-weighs-applying-preemptive-warfare-tactics-internet/
By Stephen C. Webster
Sunday, August 29th, 2010 -- 11:39 pm


Grappling with matters of law and policy governing the United States military's cyber-warfare capabilities, Pentagon planners are eying ways of making preemptive strikes across the Internet part of America's toolbox. In a piece for Foreign Affairs, the publication of globalist policy group The Council on Foreign Relations, Deputy Secretary of Defense William J. Lynn III paints a picture of dire threat to American infrastructure, disclosing for the first time details of a devastating cyber-attack on U.S. infrastructure. While not giving many specifics, Lynn described how malicious code on a USB thumb drive managed to spread across the Department of Defense network, establishing a "digital beachhead" that could siphon key data. "It was a network administrator's worst fear: a rogue program operating silently, poised to deliver operational plans into the hands of an unknown adversary," he wrote. "This previously classified incident was the most significant breach of U.S. military computers ever, and it served as an important wake-up call. The Pentagon's operation to counter the attack, known as Operation Buckshot Yankee, marked a turning point in U.S. cyberdefense strategy." However, "Operation Buchshot Yankee," commenced in 2008 and lasting some 14 months, saw the Department of Defense scramble over what was essentially a very minor security threat that caught their network experts completely by surprise.

CFR has issued the directive.

THIS IS A ROCKEFELLER INITIATIVE!!!!!!!!!!!

Coming out next month: OCTOBER SURPRISE:

Defending a New Domain
The Pentagon's Cyberstrategy
By William J. Lynn III
http://www.foreignaffairs.com/articles/66552/william-j-lynn-iii/defending-a-new-domain

Summary:  Right now, more than 100 foreign intelligence organizations are trying to hack into the digital networks that undergird U.S. military operations. The Pentagon recognizes the catastrophic threat posed by cyberwarfare, and is partnering with allied governments and private companies to prepare itself.

In 2008, the U.S. Department of Defense suffered a significant compromise of its classified military computer networks. It began when an infected flash drive was inserted into a U.S. military laptop at a base in the Middle East. The flash drive's malicious computer code, placed there by a foreign intelligence agency, uploaded itself onto a network run by the U.S. Central Command. That code spread undetected on both classified and unclassified systems, establishing what amounted to a digital beachhead, from which data could be transferred to servers under foreign control. It was a network administrator's worst fear: a rogue program operating silently, poised to deliver operational plans into the hands of an unknown adversary.

This previously classified incident was the most significant breach of U.S. military computers ever, and it served as an important wake-up call. The Pentagon's operation to counter the attack, known as Operation Buckshot Yankee, marked a turning point in U.S. cyberdefense strategy.  Over the past ten years, the frequency and sophistication of intrusions into U.S. military networks have increased exponentially. Every day, U.S. military and civilian networks are probed thousands of times and scanned millions of times. And the 2008 intrusion that led to Operation Buckshot Yankee was not the only successful penetration. Adversaries have acquired thousands of files from U.S. networks and from the networks of U.S. allies and industry partners, including weapons blueprints, operational plans, and surveillance data.

As the scale of cyberwarfare's threat to U.S. national security and the U.S. economy has come into view, the Pentagon has built layered and robust defenses around military networks and inaugurated the new U.S. Cyber Command to integrate cyberdefense operations across the military. The Pentagon is now working with the Department of Homeland Security to protect government networks and critical infrastructure and with the United States' closest allies to expand these defenses internationally. An enormous amount of foundational work remains, but the U.S. government has begun putting in place various initiatives to defend the United States in the digital age.

THE THREAT ENVIRONMENT

Obama Nominee For Control Over Weapons is Raytheon Lobbyist
http://voices.washingtonpost.com/washingtonpostinvestigations/2009/01/president_barack_obamas_strict.html
POSTED: 01:03 PM ET, 01/23/2009 by Derek Kravitz

President Barack Obama's strict new lobbying rules for cabinet members have put his administration in a difficult spot when it comes to one of its top nominees. William J. Lynn III, a former Pentagon official under President Bill Clinton and Obama's choice for deputy secretary of the Defense Department, spent the better part of the past two years lobbying for defense contractor Raytheon, federal records show. Obama's ethics rules state that ex-lobbyists in his administration cannot work on issues they lobbied on for two years:

"2. Revolving Door Ban All Appointees Entering Government. I will not for a period of 2 years from the date of my appointment participate in any particular matter involving specific parties that is directly and substantially related to my former employer or former clients, including regulations and contracts.

"3. Revolving Door Ban Lobbyists Entering Government. If I was a registered lobbyist within the 2 years before the date of my appointment, in addition to abiding by the limitations of paragraph 2, I will not for a period of 2 years after the date of my appointment:

(a) participate in any particular matter on which I lobbied within the 2 years before the date of my appointment;
(b) participate in the specific issue area in which that particular matter falls; or
(c) seek or accept employment with any executive agency that I lobbied within the 2 years before the date of my appointment.

That rule complicates matters for Lynn. It also affects William V. Coor, the nominee for deputy secretary for the Department of Health and Human Services, who has lobbied for the nonprofit Campaign for Tobacco-Free Kids. But Coor has pledged not to work on any tobacco issues in his new job. Lynn, however, lobbied the Pentagon on so many Raytheon projects -- acquisitions policy, space, intelligence and command and control, among others -- that it might be hard to find an area within the department that was untouched by his previous work.

2009-             Dept of Defense, Obama               Deputy Secretary of Defense
2002-2008   Raytheon Co    Lobbyist
2001-2002   DFI International                           Exec VP
1997-2001   Dept of Defense, Clinton                Undersec (Comptroller)
1993-1997   Dept of Defense, Clinton                Dir, Prgrm Analysis & Evaluation
1987-1993   Kennedy, Edward M                       Legislative Counsel
1985-1986   Institute for Defense                      Analyses Prof Staff   
1982-1985   Center for Strategic & Intl Studies    Exec Dir, Defense Project

http://www.opensecrets.org/revolving/rev_summary.php?id=31517

COUNCIL ON FOREIGN RELATIONS
The age of nations is over.
The United States is Dead.
The new age has begun.
BY PARAG KHANNA | SEPT. / OCT. 2010
http://www.foreignpolicy.com/articles/2010/08/16/beyond_city_limits

The 21st century will not be dominated by America or China, Brazil or India, but by the city. In an age that appears increasingly unmanageable, cities rather than states are becoming the islands of governance on which the future world order will be built. This new world is not -- and will not be -- one global village, so much as a network of different ones.

Time, technology, and population growth have massively accelerated the advent of this new urbanized era. Already, more than half the world lives in cities, and the percentage is growing rapidly. But just 100 cities account for 30 percent of the world's economy, and almost all its innovation. Many are world capitals that have evolved and adapted through centuries of dominance: London, New York, Paris. New York City's economy alone is larger than 46 of sub-Saharan Africa's economies combined. Hong Kong receives more tourists annually than all of India. These cities are the engines of globalization, and their enduring vibrancy lies in money, knowledge, and stability. They are today's true Global Cities.

Columbia University scholar Saskia Sassen has done the most to contribute to our thinking about how urban advantage translates into grand strategy. As she writes in The Global City, such places are uniquely suited to translate their productive power into "the practice of global control." Her academic work has traced how Europe's largely autonomous Renaissance cities such as Bruges and Antwerp innovated the legal frameworks that enabled the first transnational stock exchanges, setting the stage for international credit and the forerunners of today's trading networks. Then as now, nations and empires did not restrain cities; they were merely filters for cities' global ambitions. The supply chains and capital flows linking global cities today have similarly denationalized international relations. As Sassen argues, in cities we can't make trite divisions between the government and private sector; either they work together or the city doesn't work at all. Even massive national investments in telecommunications or other infrastructure don't equalize the balance of power between cities and the rest; they ultimately reinforce the power of cities to conduct their own "sovereign" diplomacy.

Just like clockwork...32% of US Tax funded weapons systems can now be sold to enemies of the sovereignty of the United States of America thanks to Henry Kissinger and Zbigniew Brzezinski

(don't anyone dare blame the bullshit failed Soetoro puppet for this one - he does not have the power to do this and everybody knows it)

Council on Foreign Relations moves to remake US weapons controls
http://rawstory.com/news/afp/Obama_moves_to_remake_US_weapons_co_08302010.html
Published: Monday August 30, 2010

President Barack Obama will on Tuesday move to reform US export rules, hoping to boost trade while hampering the sale of sensitive technology. Capping a year-long review of weapons controls, Obama will tell a Washington non-proliferation conference that previous rules were fractured, making it difficult for some legitimate firms to do business. "These reforms will focus our resources on the threats that matter most," Obama said in recorded video remarks. "They'll help us not just increase exports and create jobs, but strengthen our national security as well." The reforms will include more specific definitions of goods that need export licenses and restructuring how requests are dealt with. The move is expected to result in around 32 percent of items on the munitions list being "decontrolled."

Is it even possible to be even more of a nazi than Jay Rockefeller?


Experts Caution Against Federal Web Regulations
http://www.courthousenews.com/2010/08/26/29911.htm
By AVERY FELLOW

     WASHINGTON (CN) - The federal government is "flirting with killing the goose that laid the golden eggs" by contemplating stricter Internet regulations, an ACLU director cautioned Thursday.
     At the conservative think tank the Heritage Foundation, Jay Stanley, public education director of the American Civil Liberties Union, acknowledged that it's important for the government to set Internet security standards for facilities such as power plants and public schools. But he said federal officials should be wary of violating personal liberties by implementing stifling Internet regulations.
     Much of the wealth in the United States is based on the Internet, Stanley said. Strict government regulation threatens to "kill the goose that has laid many golden eggs," he said.
     "The Constitution is not a suicide pact," added the Heritage Foundation's Paul Rosenzweig, quoting the oft-used phrase. "We cannot allow a virus to take down the entire electric grid in fear of violating personal liberties."
     He said government intelligence agencies should work hard to balance Internet security and personal liberties.
     Stanley said he fears that the latest embodiment of the government effort to protect its computer networks, dubbed Einstein 3, will employ "threat-based decision making," making pre-emptive calls on who poses an Internet threat.
     The new system might include personally identifiable information, using a database of signatures to attack malicious code, Stanley said. The system could be placed on the servers of private Internet providers, blurring the line between government and private industry.
     President Obama has promised that the government will not monitor private traffic as part of its cybersecurity initiative, but Stanley remained skeptical.
     "We don't trust that that will remain true," he said. "Security imperatives and security dynamics have a life of their own."
     He added, "What we don't want is watch lists for the Internet." Stanley compared Internet watch lists to "Kafka-esque" no-fly lists in the airline industry that are "based on sloppy lists and questionable computer algorithms."
     Stanley also objected to the notion of needing a license to use the Internet, saying it would eliminate useful discussions in which people can anonymously voice opinions about those in power.
     "We do not want to ruin all that," he said.
     He said giving the government the power to shut down the Internet in the case of an emergency would pose the greatest risk to the freedom of speech and association. Right now, Stanley said, it is easier to see how that kind of power could be abused than how it may prove useful. If it were employed, he added, it would require well-defined parameters as well as checks and balances.
     Rosenzweig said there was no way to stop people or companies from creating profiles based on Internet users' search, travel and shopping data.
     "It's a lost cause," he said.
     With increasing computer power and storage space, Rosenzweig said, "the half-life of secrets is plummeting dramatically."
     Even if the United States shut down analytical capacity, he said, countries such as China or India might continue to create profiles for U.S. consumers.
     "The game's over," Rosenzweig said.

Raytheon's Presentation on C4ISR

Cool, huh?

Expect these outside everybody's window

"THE PREEMPTIVE STRIKE IS JUSTIFIED ON 100 MILLION AMERICAN CITIZENS" Said former Raytheon lobbyist.

We are coming for you!

"Without a trace...Raytheon can make sure your false flag goes off without a hitch!"

"Remember, it is all legal because the CFR and Jay Rockefeller said so."

"Operation Cyber-Northwoods in Full Effect!"

"Wow, we can see everybody's naked body from up here"

"Quick, call THE FINDERS and FRANKLIN...we got a few more for the CIA Special Ops"

If you see these on your streets do not worry...

Raytheon is planning a pre-emptive strike after gathering up over 1,000 hours of video evidence on every person in the city they are illegally monitoring.

Bombshell from London, Al-Qaeda threats are part of Military Industrial Complex Ponzi Scheme
Eric Margolis  The Toronto Sun September 14, 2010

THE London-based International Institute for Strategic Studies (IISS), is the world's leading think tank for military affairs. It represents the top echelon of defence experts, retired officers and senior military men, spanning the globe from the United States and Britain to China, Russia and India.

I've been an IISS member for over 20 years. IISS's reports are always authoritative but usually cautious and diplomatic, sometimes dull. However, two weeks ago the IISS issued an explosive report on Afghanistan that is shaking Washington and its Nato allies.

The report, presided over by the former deputy director of Britain's foreign intelligence agency, MI-6, says the threat from al-Qaeda and Taliban has been "exaggerated" by the western powers. The US-led mission in Afghanistan has "ballooned" out of all proportion from its original aim of disrupting and defeating al-Qaeda. The US-led war in Afghanistan, says IISS, using uncharacteristically blunt language, is "a long-drawn-out disaster".

for the rest of the article:

http://www.thetruthseeker.co.uk/article.asp?ID=13432
or
http://www.thesundaily.com/article.cfm?id=51732

[citizenx]

US testing its cyber-defences
Tuesday, 28 September 2010

The United States is launching its first test of a new plan for responding to an enemy cyber-blitz, including any attack aimed at vital services such as power, water and banks.

Thousands of cyber-security personnel from across the government and industry are to take part in the Department of Homeland Security's Cyber Storm III, a three- to four-day drill starting today.

     Related articles
     Has the West declared cyber war on Iran?

The goals are to boost preparedness; examine incident response and enhance information-sharing among federal, state, international and private-sector partners.

"At its core, the exercise is about resiliency - testing the nation's ability to cope with the loss or damage to basic aspects of modern life," said a release made available at DHS's National Cybersecurity and Communications Integration Center in Arlington.

for the rest of the article:
 http://www.independent.co.uk/life-style/gadgets-and-tech/news/us-testing-its-cyberdefences-2091748.html

[citizenx]

Has the West declared cyber war on Iran?
Experts say the computer virus found in a nuclear plant is the work of a foreign power
By Rhodri Marsden
Tuesday, 28 September 2010

Computers can go wrong, and everyone is used to it. But that's at home. We assume that the machines controlling the infrastructure that makes everything tick – power stations, chemical works, water purification plants – have rock-solid defences in place to deal with unexplained crashes or virus attacks by malicious strangers.

Now, though, a new kind of online sabotage has reached its zenith with a self-replicating "worm" that started on a single USB drive and has spread rapidly through industrial computer systems around the world.

So sophisticated that many analysts believe it can only be part of a state-sponsored attack, the Stuxnet worm - or "malware" – is the first such programming creation designed with the specific intention of causing real world damage. And if the experts are right, it could herald a new chapter in the history of cyber warfare.

for the rest of the story:
http://www.independent.co.uk/life-style/gadgets-and-tech/news/has-the-west-declared-cyber-war-on-iran-2091320.html
---------------------------------------------------------------------------------------------------------------------------

Funny, it's from the "lifestyle" section.

I guess cyberwar is just an alternative lifestyle!

[AlphaM]

http://www.symantec.com/connect/blogs/stuxnet-infection-step-7-projects

Stuxnet’s ability to infect project files and run when they are opened is yet another propagation vector to add to the list. While we advise operators and programmers to be wary of project files from untrusted sources – Internet forums, for instance – the most likely source of infection is likely to be a trusted party whose systems have been compromised by the threat. Infected projects restored from backups may reintroduce the infection to previously cleaned machines so administrators should exercise caution when restoring files in this manner.

Even when you think it's gone from a cleaned Windows PC...

[Optimus]

Emergency workshop prepares people for world without power
   
Reported by: Erica Moffitt

2nd Paragraph:
That was the exact topic at a conference Tuesday in Cumberland County. Organizers of the conference at the Army War College said there's no better time to get prepared.

Paragraphs 5, 6 & 7:
"You're looking at people living without electricity for a year. It's not hype, it's a strong possibility. It could occur and it takes a multifaceted approach to address the planning for these," said Carlisle Mayor Kirk Wilson.

The workshop is aimed at getting the conversation going on how communities can prepare for an electromagnetic pulse caused either naturally by sunspot activity, a high-altitude nuclear explosion or during a cyber-attack.

"Cyber-weapons, cyber-issues are growing in intensity and in sophistication, and we are concerned about the possibilities of adversarial countries or groups getting involved in trying to take down our infrastructure," said Waddell.

Entire Article

[Dig]

General Electric...what a lovely company...

Fascism should more appropriately be called Corporatism because it is a merger of state and corporate power.
-Benito Mussolini (father of fascism)

General Electric
http://www.warprofiteers.com/article.php?list=type&type=16

GE has designed 91 nuclear power plants in 11 countries, yet its nuclear reactors around the world have a fatal flaw. In the event of a nuclear meltdown, there is a 90 percent chance that radiation from GE-designed reactors would be discharged directly into the atmosphere. While the US Nuclear Regulatory Commission is aware of the problem, it continues to license GE nuclear reactors. GE’s history with nuclear power is an ugly one.


Military contracts 2005: $2.2 billion
The world’s largest company by market share, General Electric’s revenues in 2003 totaled $134.2 billion. GE was run until 2001 by “Neutron” Jack Welch, who made it a matter of principle to lay off 10% of his workers per year.
General Electric makes household appliances, plastics, water treatment systems, lighting, medical equipment, and commercial financial services. It also makes aircraft engines and nuclear reactors, and keeps criticism at bay with its ownership of media giants NBC, CNBC, Telemundo, Bravo, and, in partnership with Microsoft, msnbc.com. GE’s recent partnership with Vivendi added Universal Studios, USA, Trio and Sci-fi cable channels to its $43 billion media empire.

General Electric is one of the world’s top three producers of jet engines, supplying Boeing, Lockheed Martin and other military aircraft makers for the powering of airplanes and helicopters. The “war on terrorism” has seen GE’s military contracts rise substantially. But the company’s “defense” side has been doing well for a while. GE and other military contractors got a big boost under the Clinton administration from Presidential Directive 41 which stated that it was the job of US diplomats to promote arms sales abroad in order to safeguard American jobs; this directive tied the promotions of diplomats to how effectively they hocked US armaments.

In the 1940s-1960s the company ran experiments on humans with radiation, including irradiating the reproductive organs of prison inmates in Walla Walla, Washington, without warning them of the risk of cancer. Other tests were run on the elderly and hospital patients. General Electric intentionally released large amounts of radiation into the air from the Hanford Nuclear Reservation in Richland, in order to see the distance it would travel. These atrocities were revealed in hearings in 1986 held by Representative Edward Markey of Massachusetts.

The company has also been accused of knowingly poisoning its workers at the Knolls Atomic Power Laboratory in Schenectady, New York with radiation and asbestos.

General Electric is currently attempting to overturn the US Superfund Law of 1980, which allows the government to hold polluters responsible for cleaning up their toxic chemicals. GE argues that it is “unconstitutional” for the Environmental Protection Agency to force the company to pay $500 million for the cleanup of the Hudson River, where GE dumped carcinogenic PCBs, or polychlorinated biphenyls, over three decades. In March 2004, a federal appeals court has revived GE’s lawsuit. It shouldn’t come as a surprise that GE is trying to change the Superfund Law: the company is responsible for 78 Superfund sites around the US. It’s clearly not safe to be a worker for GE either. The US government’s Occupational Safety and Health Administration, or OSHA, has cited the company for 858 workplace safety violations from 1990-2001.

General Electric has been involved in so many cases of fraud that in the 1990s the Pentagon's Defense Contract Management Agency created a special investigations office specifically for the company, which indicted GE on 22 criminal counts and recovered $221.7 million. In one case, in 1992, GE entered a guilty plea to criminal and civil charges for defrauding the Pentagon in a case where money was funneled to the Israeli military. GE was fined $69 million for violation of the Foreign Corrupt Practices Act.

GE’s financial division has been another area ripe for fraud. GE was fined $100 million for trying to get bankrupt creditors to pay without informing the bankruptcy courts, in effect paying debts that they no longer legally owed. Not surprisingly, General Electric is the financial backer of WorldCom, the telecom company whose massive fraud and creative accounting led to the largest bankruptcy in US history.The company has been involved in countless scandals, but strangely enough, they don’t seem to affect General Electric’s ability to win government contracts – but then, this is typical of all military contractors. According to a survey by the Center for Public Integrity, from 1990-2002, 30 of the US government’s top contractors were found guilty of fraud in 400 cases, leading to settlements and fines amounting to at least $3.4 billion. General Electric paid $982.9 million for 63 cases in this period.

Such repeated behavior and continued contracts wouldn’t be possible without friends in high places, of which General Electric. GE spent more than $31 million in 2001 and 2002 lobbying lawmakers; in 2000 it spent $16 million. Reigning CEO Jack Welch had enormous influence and was consistently ranked CEO of the Year by the slavish business press; he was major Republican donor as well. GE director Sam Nunn was senator for Georgia for 27 years, and also sits on the boards of ChevronTexaco. GE’s Senior Vice President and General Counsel and Secretary, Benjamin W. Heineman, used to work for the US government’s Department of Health, Education and Welfare. General Electric's defense sector gave $221,200 to political campaigns in the 2004 election cycle, with 50 percent going to Democrats and 50 percent to Republicans. *Source: opensecrets.org

[Anti_Illuminati]

CYBER-"TERROR", BROUGHT TO YOU BY:







Sit back and grab your favorite drink and enjoy the show as I show you classical New World Order conditioning of the masses for "Cyber attacks" that would in fact be carried out by the very individuals, corporations, governments, firms, etc. whom you are told to believe are protecting IT/Cyber/Network/Communications Infrastructure.  Starting pre - Black OP in NY carried out via Ptech, (the "golden thread" of the NWO's subsequent and future C4ISR/DoDAF black op foundation) used to carry out all other alleged "attacks" against the Internet, power grids, et.al.

Keep your mind sharp while reading this to historically cross-reference this wicked disinfo chronologically to other propaganda that you are aware of to develop a picture of the full-spectrum bullshit the NWO has tried, and is continually attempting to inundate your brain with.
_____________________________________________________________
http://news.bbc.co.uk/2/hi/sci/tech/specials/washington_2000/648429.stm
Tuesday, 22 February, 2000, 12:27 GMT
Cyber-terrorists wield weapons of mass disruption [INSERT: LMFAO]



By BBC News Online's Kevin Anderson in Washington DC

Terrorists are not just exploring weapons of mass destruction but also weapons of mass disruption, said the director of the Global Organised Crime Project on Friday.

Arnaud de Borchgrave, is at the US Centre for Strategic and International studies, [INSERT: LMFAO, THE NWO [CSIS (Kissinger, Brzezinski, Schlesinger, et.al.) warned us of threats, just like they are still doing today] and joined other experts at the American Association for the Advancement of Science meeting to assess the threat of cyber-terrorism.

Extremists used to work in relative isolation, but they can now use the internet to recruit like-minded people, he said.

And in the digital age, the old-fashioned wiretap may be ineffective against terrorists using strong encryption, he added.

In testimony before Congress this week, FBI Director Louis Freeh said: "Convicted terrorist Ramzi Yousef, the mastermind of the World Trade Centre bombing, stored detailed plans to destroy United States' airliners on encrypted files on his laptop computer."

"Hacktivists" are using their computer cracking skills to deface websites and to make a point.

In his testimony, Mr Freeh also said: "A group calling itself the Internet Black Tigers conducted a successful "denial of service" attack on servers of Sri Lankan Government embassies. Italian sympathisers of the Mexican Zapatista rebels attacked web pages of Mexican financial institutions."

Access denied

The global nature of the internet and of these attacks highlights the challenges facing law enforcement, several of the experts said.

The recent attacks against Yahoo, eBay and several other high-profile websites could have been launched from anywhere in the world.

To trace the attack back to its source would require following the original command back hop through hop through the internet, according to Scott Charney, who before joining PricewaterhouseCoopers worked for the US Justice Department as part of the Computer Crime Initiative.

In the US, many Internet Service Providers are not keeping log data because there is no commercial incentive to do so, and in the European Union, several privacy directives call on providers to delete data on customers' activities after their monthly bill is paid, Mr Charney said.

This effectively erases the electronic trail, and the maze of regulations governing electronic search warrants around the world may delay law enforcement long enough for the electronic trail to go cold.

Daniel O'Connor with the National Infrastructure Protection Centre said, "Anyone who is sophisticated knows to bounce through a foreign country. It makes our jobs much more difficult."

Information warfare

But it is not simply terrorists or individual hackers but also foreign governments that might attempt to exploit computer network vulnerabilities to disrupt the technology-dependent United States.

"No country can match the US in terms of conventional weapons so cyber-terrorism becomes a credible alternative," Mr de Borchgrave said. "China has conducted war games designed to cripple and confuse a nation's computer power."

FBI Director Freeh said in his testimony that foreign countries perceive the US reliance on information technology to control critical government and private sector systems as the country's Achilles' heel.

"For example, two Chinese military officers recently published a book that called for the use of unconventional measures, including the propagation of computer viruses, to counterbalance the military power of the United States," Mr Freeh said.

Cyber-terrorism sceptic

But at least one panellist was sceptical about the threat of cyber-terrorism.

Kevin Poulsen knows about hacking. In 1982, he gained access to a dozen computers on Arpanet, the forerunner of today's internet, using a TRS-80 colour computer. He was 17 years old at the time.

Mr Poulsen now works for SecurityFocus.com, a security clearinghouse website, and he said information systems have become more secure, not less, over time.

And he dismissed the idea of an "Electronic Pearl Harbor," a term used often in information warfare circles to describe a potentially crippling and deadly cyber-attack.

"At Pearl Harbor, we lost the Pacific Fleet. We haven't even had an information Grenada," he said, referring to the US invasion of the Caribbean island in the 1980s.

He was careful to say that although he believes the threat posed by cyber-terrorism to be overblown that it does not mean that he is not concerned about security on the Internet.

But he added, "We don't need to invent an enemy to protect our networks."
_____________________________________________________________
Original link no longer works.

http://www.gyre.org/news/us-enemies-plotting-computer-blitz-clinton-aide

U.S. enemies plotting computer blitz: Clinton aide -- Reuters  -- Toronto Star  -- June 19, 2000

A top aide to President Bill Clinton said Monday unspecified hostile countries are studying U.S. computer networks for ways to spark mayhem if war breaks out. 'This is not theoretical. It's real,' said Richard Clarke, White House National Security Council staff co-ordinator for security, infrastructure protection and counter-terrorism.
_____________________________________________________________
Original link no longer works.

http://www.gyre.org/node/751/

Cyberterror: How to Counter an Unseen, Unpredictable Enemy? -- James Gordon Meek  -- APBNews.com  -- August 30, 2000

Who are America\'s cyberenemies? Don\'t ask the White House, it doesn\'t know -- but it insists they\'re out there. Watchdogs and experts in the computer security field say there is a real threat of hostile hackers penetrating sensitive government and private computer systems, and intrusions are detected constantly.
_____________________________________________________________
http://archive.salon.com/tech/feature/2001/04/04/cyberterrorism/index1.html

The phantom cyber-threat [INSERT:  Phantom like "Phantom Flight 11", isn't that right "General" Eberhard (now Renuart), TRAITORS, and enemy commander(s) of NORAD-USNORTHCOM?

We should stop worrying about computer terrorism and learn who our real enemies are.

- - - - - - - - - - - -
By Caroline Benner

April 4, 2001 | Are you under 30? If so, jokes former National Security Advisor Anthony Lake in his book "Six Nightmares," chances are you have enough technical know-how to be a cyber-threat. And if you don't, says Lake, you can find everything you need, including cyber-attack tools and their instruction manuals, on the Internet. Armed with these tools, "millions of computer-savvy individuals could wreak havoc against the United States."

Lake isn't the only policy wonk warning us of our own vulnerability. On March 22, National Security Advisor Condoleezza Rice and Richard Clarke, who heads U.S. counter-terrorism efforts, issued a warning against computer attacks that could disrupt vital services in the United States. "It is a paradox of our times," said Rice, "that the very technology that makes our economy so dynamic and our military forces so dominating also makes us more vulnerable."

But vulnerable to what? If the alarmists are right, we have some terrifying scenarios ahead of us: large-scale attacks on critical infrastructure such as the food supply, emergency services, government agencies, power grids, communication systems, air traffic control and financial systems. Lake, whose chapter "e-Terror, e-Crime" is a veritable case study in cyber-attack alarmism, worries that cyber-attackers could crash planes; tamper with food or medicines to poison populations; or disrupt the economy by shutting down electrical and communication systems. "The genie is well outside the bottle," he claims, now that attackers have jammed 911 lines in Miami, overwhelmed the e-mail system at an Air Force base and infiltrated an unclassified Pentagon computer.

To an extent, their fears are legitimate. In the last 20 years, the number of people with computer skills has grown dramatically; there are thousands of computer viruses and hundreds of millions of potential targets. An Associated Press story on Rice's announcement cited $400 million in financial losses due to computer attacks over the last year. But just because there are plenty of cyber-savvy individuals out there doesn't mean that the attacks we're likely to face are going to be as damaging as Lake and others fear. And no one among them is offering a careful analysis of what the threat may be and where it will come from.

Part of the problem is that Lake and other alarmists don't distinguish between the resources it takes to cause an expensive nuisance -- like last year's denial-of-service attacks on Yahoo and eBay -- and the skills, time and access one needs to create a devastating attack, like crashing an airplane. In "Six Nightmares," Lake doesn't consider the checks that protect infrastructure from such threats. He also fails to ask an obvious question: If there are so many malicious hackers at work (19 million, by Lake's count), why have their attacks been, by and large, fairly innocuous?

"Certainly the large majority of attacks demonstrate no more than script-kiddie skill level," says Tim Shimeall, a senior member of the technical staff with the CERT Analysis Center, a center for Internet security at Carnegie Mellon University.

Script kiddies, or unskilled criminal programmers, perform simple exploits against underprotected systems using software tools and instructions created by skilled programmers. They take a tool and run it against multiple targets, hoping to hit one of them. These tools can crack passwords, steal files, install malicious software in a target or cause a denial-of-service attack, but are unlikely to cause large-scale damage. "Script kiddies are getting their clickers on more sophisticated tools, but they have little ability to do more than launch them," says John Arquilla, associate professor of information technology at the Naval Postgraduate School in Monterey, Calif.

Tools like these don't automate large-scale attacks on critical infrastructure as much as reproduce attacks that more proficient troublemakers have carried out in the past. And so what expert cyber-terrorists don't do routinely -- widespread attacks on the electrical grid, for instance -- just isn't an option for the vast majority of maliciously minded delinquents.

Major acts of cyber-terrorism are considerably more difficult than Lake and other alarmists suggest. Many tools -- which are usually designed to attack popular operating systems and common network protocols -- don't work against some critical infrastructures which run on proprietary operating systems and protocols. Moreover, a new attack tool can lose potency within weeks as patches for the newfound vulnerability are created and applied by alert system administrators. Challenges like these are enough to knock most script kiddies out of the running. Large-scale destruction requires the ability to create or modify tools, or to know how to use combinations of tools. The vast majority of script kiddies just don't have those skills.

"To carry out a large-scale attack against critical infrastructure requires significant expertise," says Edward Felten, director of the Secure Internet Programming Lab at Princeton University. A December 1999 study from the Naval Postgraduate School, "Cyberterror: Prospects and Implications," elaborates on the sort of expertise that might be necessary to execute attacks such as a "sustained total interruption of some component of the national critical infrastructure across a substantial customer base." Attackers would likely need sophisticated programming skills as well as mastery of operating systems, network and computer architectures, and security measures. They would need time to fully analyze a target system, which may require insider knowledge. They may also need organizational skills to employ multiple simultaneous attacks from different locations.

A major cyber-attack takes skill and motive and so far, says Frank Cilluffo, an editor of "Cybercrime, Cyberterrorism, Cyberwarfare," "we haven't yet seen the marriage of the intent with the capability."

Lake believes that malicious hackers, or "crackers," could wreak havoc against the United States just for the challenge of it, or to gain prestige among their peers. But is this sufficient motivation (especially given the criminal penalties) for real destruction? Arquilla confirms that there have been instances when hackers were in a position to do enormous damage and chose not to. He notes that most hackers are looking for an intellectual challenge and their interests are served better by a healthy information infrastructure than a broken one.

Terrorists -- those with ample political motivation to carry out such an attack -- are hindered by a lack of skills. According to the Naval Postgraduate School study, large-scale acts by foreign terrorist groups are likely a thing of the future since it takes a while to develop the skill set necessary for such attacks. Purchasing outside expertise is a possibility, but doing so introduces security risks for the terrorist group.

When and if they do strike, cyber-attackers will find many of their targets well guarded. Critical infrastructure systems are not sitting ducks, waiting to be taken out by a skilled and motivated attacker. Most systems have elaborate security measures in place, which may not be foolproof, but do provide a measure of security. For starters, critical infrastructure systems often have limited connections to external networks, making them less susceptible to attack than more open systems. Humans are also monitoring systems more closely than they used to, which means that strange behavior is more likely to be noticed quickly. Non-human checks tend to be effective too: Banks back up their transactions daily and store the information offline.

Lake and other alarmists consistently ignore these and other countermeasures against cyber-terrorism and overestimate the likelihood of large-scale cyber-attacks. Take, for example, one of Lake's nightmare scenarios, borrowed from James Adams' book "The Next World War":

"A cyber-terrorist will remotely access the processing control systems of a cereal manufacturer, change the levels of iron supplement, and sicken and kill the children of a nation enjoying their food."

According to a standard medical text, a lethal dose of iron for a child is between five and 10 grams. However, given that cereal generally has less than one-half milligram of iron per serving, one serving of cereal would need to contain 10,000 to 20,000 times the normal amount of iron to kill the child eating it, an amount that would render the cereal inedible. But it's hard to imagine the cereal would ever even reach the breakfast table: Manufacturers routinely test their products before shipping them to stores and, even prior to that, would notice an increase in iron consumption.

While Lake and other alarmists fret over highly unlikely scenarios such as that, they gloss over far more feasible and more likely attacks.

We've seen the damage that ILOVEYOU-type viruses can do; they're difficult to guard against and can have a significant economic impact. But those viruses could be manipulated into far more damaging strains. Information theft -- from credit card information to government secrets -- continues to be a real threat. Small-scale attacks on critical infrastructure, say, temporarily overwhelming a 911 system, could be especially dangerous when combined with a physical strike, like a subway bombing. Lake lumps threats like these in with major attacks on infrastructure, making little distinction between likely, smaller-scale threats and full-scale cyber-attacks.

Lake, Rice and Clarke have good reason to warn us of the danger of cyber-attacks: There are people with the skills to cause real problems and we don't have the experience to know how likely some of the devastating attacks might be. But before our current spate of minor-grade cyber-attacks graduates into serious threats, we should be more realistic about what the damage is likely to be and from where we can expect it to come. As Cilluffo points out, we have a window of time to prepare for the threat. Let's at least understand the threat, before it's too late.
_____________________________________________________________
http://www.heise.de/tp/r4/artikel/7/7469/1.html
On the Eve of Cold War II

John Horvath 26.04.2001
Computer networks are feeding a new Cold War mentality
It's an irony of history that while George Bush Sr. oversaw the demise of the Soviet Union and the end of the Cold War, his son, George W. Bush Jr., is on the threshold of overseeing the start of a second Cold War. And like its predecessor, we can expect it to last a long time. Moreover, the decreased sense of personal security and the restriction of individual liberty which accompanies such conflicts -- be they cold or hot -- will likewise be a part of our lives for a while.

Although the incident which brought the present state of affairs to the fore -- the collision of an American spy plane with a Chinese fighter jet -- is recent, the foundations of the Second Cold War has long been in place. Indeed, some would argue that the original Cold War did not end, and that present tensions are merely an extension of this conflict, one which is slowly coming out of hibernation.

In many ways, the past ten years have been a difficult one for the US. Policy makers have been busy trying to properly focusing on who the "enemy" really is in a post Cold War world. At the same time, it has been a challenge to convince the home population of the continued need to maintain large military expenditures. This is because America's industrial-military complex is based on a conceptual framework of perpetual war for perpetual peace. Hence, the demise of the Soviet Union did not spell an end to this framework, but merely a realignment of its strategic objectives.

Although present tensions between the US and China may eventually ease, what the spy plane incident nevertheless demonstrated is how the US is already on a war-footing, and that it's ready to quickly adapt to circumstances. The mass media in the US is a case in point. All media outlets in the US adopted the same line regarding the incident. In addition to this, they were crucial in setting the tone for the demonizing rhetoric against China.

For example, in an April 15th interview with two American servicemen on Meet the Press, host Tim Russert went at great lengths to introduce the notion that China "threatened" the crew, even though the two servicemen were reluctant to revert to such strong language. This notion was based on reports that the crew might go on trial in China after an investigation into the incident was completed.

The line of questioning which produced this "fact" merely followed the tone Russert wanted to set: that is, the Chinese authorities were aggressive. But it was not an easy job. Throughout the interview, Russert's plans were being foiled. When he tried to establish that the crew were "interrogated" while in custody, the two servicemen were clearly uneasy at the use of the term, and preferred to say that they were "questioned" (meanwhile, the crew were not "interrogated" or "questioned" by US authorities upon their release but "debriefed"). To make matters worse for Russert, the servicemen conceded to not being mistreated by their "captors".

Even more apparent than this, is how the military has evolved into a hallowed institution in the US since the end of the Vietnam War. No-one dares to question why "surveillance" is necessary; it's accepted as a simple matter of fact, that there is a need on the part of the US to spy against "enemies" even though China has not been formerly identified as one (at least not yet).

While there are many similarities between the Cold War of the days of Bush Sr. and that of his son, there is one main difference: in the past, concern over the Cold War heating up was on the use of nuclear weapons; nowadays, it's on the crashing of computer networks.

This fear is plain to see in the US. As in the heyday of McCarthyism when the paranoia was about a communist hiding under every bed, in digital age America it is "cyber-terrorism"; that is, there is a hacker lurking behind every IP address. The "threat" is considered real enough that President Bush Jr. has made a point of earmarking more money to combat it. Meanwhile, security experts continue to warn that computer networks in the US are full of holes that cannot be repaired.

The establishment of anti-US sites in wake of the spy plane incident further justifies this fear. In retaliation for the death of the pilot killed in the incident, some Chinese sites have started a "Hack the USA" movement pointing out vulnerable targets and offering information and help to get the job done. These include [extern] KillUSA and [extern] SOHU.

The fear over cyber-terrorism driving American insularity and paranoia is misplaced, however. The premise for "cyber-terrorism" is that an attack would harm "extremely sensitive" data that couldn't be quickly replaced and would have far-reaching effects. What is more, it would encompass multiple strikes and would be so devastating that it would cause infrastructure to shut down.

One would have to wonder why major infrastructure or "extremely sensitive" data would be on the public Internet in the first place, rather than private intranets. Not only this, if you really want to attack the US you would hit the country where it hurts most: in the pocket. Spoiling e-commerce is all you need: no need to worry about the military, utilities, transport, etc ...; just crash the stock market and you have brought America (and most of the western world) to its knees.

The hacktivism that goes on is obviously less inclined to go after huge infrastructure, or even extremely sensitive data for that matter. What is more, the most disruptive attacks to date, such as last year's DoS attacks and the "I Love You" worm were the work of script kiddies; in other words, they were the result of new forms of juvenile delinquency as opposed to the rise of cyber-terrorism.

Still, most analysts believe that hacking is a viable weapon. As a result, laws are being passed which infringe on fundamental rights and civil liberties for the sake of "national security" (the UK's cyber-terrorism bill being a case in point). Not only this, e-commerce has been elevated to such importance that to negatively affect it in any way is considered to be a terrorist act.

Thus, far from the promise of promoting social discourse and bringing the world together as a global village, computer networks are feeding a new Cold War mentality, one which threatens to fragment them into disjointed spheres of influence.
_____________________________________________________________
http://www.janes.com/security/international_security/news/jir/jir010925_1_n.shtml
Malicious Internet activity increases following 11 September attacks

25 September 2001

Following the devastating terrorist attacks in the United States on11September, there have been numerous reports, some well founded and some not, on cyber activism directed against those connected with the atrocities.

Firstly, media were quick to report the existence of a new Internet worm, called ‘W32.Nimda.A@mm’ which supposedly circulated as a result of the suicide attacks in Washington D.C. and New York. Arriving in the form of an attachment called ‘readme.exe’, it infects computers running the Microsoft Outlook and Outlook Express e-mail clients. In some circumstances the attachment does not even need to be opened to become effective. Experts became worried as the worm began to propagate very quickly exactly one week after the attacks, hunting for vulnerable web servers. The National Infrastructure Protection Center, (NIPC), an agency run by the Federal Bureau of Investigation (FBI), held a press conference on the worm and Attorney General John Ashcroft concluded that there was no apparent connection with the attacks.

However, there were at least three other hacking incidents that were related to the events of 11 September. Soon after New York and Washington were hit, the NIPC issued an advisory warning concerning a group calling themselves ‘The Dispatchers’, who claim to have corralled over 1,000 computers for a Distributed Denial of Service (DDoS) attack against unnamed internet sites. At least two Iranian websites were also defaced on the weekend following the devastation and it is thought that ‘The Dispatchers’ has also erroneously attacked a site that had offices in the World Trade Center. Websites belonging to the Special Risks Terrorism Team, a business unit of Chicago-based risk management company Aon Corporation, were defaced by the group. The company had a number of individuals working inside the World Trade Center when it was hit. It is not known why they were attacked, but their web addresses (www.terrorism.uk.com and www.terrorismteam.uk.com) seems to suggest that some form of automated tool was involved. The site of the official Taleban delegation to the United Nations (www.taleban.org) was also defaced, with a message informing viewers of the reward for information concerning the whereabouts of Osama bin Laden, a full description of the man and his aliases and a message urging people to visit the FBI terrorism web-pages. The Iranian Interior Ministry site was defaced with a picture of Osama bin Laden in flames, and the home website of the Iranian Payame Noor University was also attacked by a group identifying itself as ‘Medanhacking’. The message left on the Iranian Ministry’s website said that the hackers intended to target ‘every place that poses a possible threat to our safety and security’. Their targets included those who support terrorism, ‘… including but not limited to Israel, Palestine and Afghanistan’. In Germany veteran computer hacker gang the Chaos Computer Club (CCC) issued a message about the need for restraint, appealing to hackers worldwide to hold back from attacking Islamic websites and communication systems. A spokesman for the gang said that he had seen an e-mail circulating hackers urging them to attack websites representing Islamic fundamentalism and terrorist organisations.

These events can be placed in a wider trend of calls for action by cyber activists in retaliation for real world events. Witness the large-scale Palestinian-Israeli cyber war and the numerous proclamations from the hacker underground concerning the need for online retaliation after the ‘spyplane incident’ in China. It is unlikely that these incidents, so soon after the recent terrorist attacks in the US, will be the only ones. The only question is the scale of any future activity.
_____________________________________________________________
http://query.nytimes.com/gst/fullpage.html?res=9F0CE5DD1E3DF937A35753C1A9679C8B63

Securing the Lines Of a Wired Nation

By JOHN SCHWARTZ
Published: October 4, 2001

IN the hours of torment and confusion after the attacks on the World Trade Center and the Pentagon, many people making phone calls to or from the affected cities encountered the grating ''All circuits are busy'' recording. E-mail messages, however, seemed to sail through the crisis to their destinations. The smooth traffic was hailed by many experts as testament to the underlying strength of the Internet.

But hold on just one nanosecond. Are we talking about the Internet, referred to by so many other experts as a famously vulnerable, fragile network that can be brought to its knees by college students in the Philippines or a teenager in Canada, with estimates of damage in the billions of dollars?

It is indeed the same Internet, ever a combination of flaky and robust. Fred Cohen, the computer security researcher who first applied the word ''virus'' to malicious software, said that the individual elements of the network were fragile but that the network over all was resilient. ''It's easy to tear a piece of paper,'' he said. ''Try tearing a phone book in half.'' Still, David J. Farber, a computer scientist and former chief technologist at the Federal Communications Commission, said that the Internet's success on Sept. 11 could largely be attributed to the fact that ''nobody attacked it.''

Experts in the emerging field of cyberterrorism say that with such an inviting target, terrorists are bound to take up the hackers' wares. What will happen when an attacker with real resources and a deep desire to do harm grabs the keyboard?

It may not take long to find out, and the vulnerability may go far beyond Web sites or e-mail.

According to a report last week by the Institute for Security Technology Studies, founded last year at Dartmouth, ''U.S. retaliatory strikes for the tragic Sept. 11 events may result in cyberattacks against the American electronic infrastructure.'' While such attacks may amount to no more than familiar nuisances -- like hackers' defacing Web pages or tying up sites by overwhelming them with traffic -- ''the potential exists for much more devastating cyberattacks,'' the report said.

Those who watch trends in computer crime and terrorism say that the two are coming together with potentially catastrophic results. Richard A. Clarke, who will head cyberterrorism efforts for the Bush administration's Homeland Security Council, said in a speech last December that the government had to make cybersecurity a priority or face a ''digital Pearl Harbor.''

In 1997, the President's Commission on Critical Infrastructure Protection noted that telephone networks and the Internet were increasingly the bonds of the world's economy, for everything from financial operations to the supply of water and power.

Consequently, it said, ''a computer can cause switches or valves to open and close, move funds from one account to another, or convey a military order almost as quickly over thousands of miles as it can from next door, and just as easily from a terrorist hideout as from an office cubicle or military command center.''

For Tom Marsh, who was the commission's chairman, the worst-case scenarios are nightmarish: a determined coalition of hackers, he said, could disrupt 911 service, air traffic control, the power-switching centers that move electricity around the country, rail networks and more. ''It's a major undertaking,'' said Mr. Marsh, a retired Air Force general, ''but it's not beyond the realm of possibility.'' The complexity of the attacks on the World Trade Center and the Pentagon, he said, showed that ''even terrorist organizations can conduct very well-organized and sophisticated attacks.''

''We said in our report we didn't foresee an electronic Pearl Harbor, and I still don't,'' he said. ''But I do believe that as cybercrime progresses, over time the terrorists are going to get more and more interested in it and see it as a very possible opportunity to cause major disruption.''

Those who have worked in cyberintelligence say that the attention to the subject is timely. ''Up until the 11th, people like me would talk in terms of the growing threat of transnational attack -- the prospect of new forms of terrorism -- and the basic reaction was, 'Yeah, yeah, yeah, but that's theoretical,' '' said Jeffrey A. Hunker, dean of the Heinz School of Public Policy and Management at Carnegie Mellon University and formerly the senior director for protection of critical infrastructure at the National Security Council.

Since the attacks, he said, it has become clear that ''there are clearly transnational organizations that are incredibly capable of executing sophisticated operations and are enormously creative and innovative.'' That, in turn, ''makes much more real the possibility of new techniques or new types of terrorist attacks,'' including cyberterror, he said. ''We're sitting on a cyber time bomb,'' he said.

Some experts have warned, for example, that systems accessible to the Internet like power grids could be brought down by a determined hacker, though as Mr. Farber put it, ''it's a lot easier to throw a hand grenade down the highway south of San Jose and take out a major power station'' than to do so by modem. And most would put cyberattacks in a different category from the weapons of mass destruction associated with visions of catastrophic terrorism; these are not nuclear arms, nerve gas or germs. Instead, many experts now call them weapons of mass disruption.

''People aren't going to be killing us with computers,'' Mr. Hunker said, ''but our life may be hell because of computer attacks.''

The likeliest use of the technology, he said, would be to complicate matters further after a real-world attack, a tactic he describes with the military phrase ''force multiplier.'' That could involve planting false information on the Web to create a panic or taking down crucial computers in the financial or communications sectors.

The ripple effects of the World Trade Center attacks on everything from the travel industry to supply chains in manufacturing show the potential for havoc. ''Besides the fact of the horrendous loss of life, it was really an attack on the critical infrastructures,'' said Mary J. Culnan, a professor of management and information technology at Bentley College in Waltham, Mass., and a member of the presidential commission that issued the 1997 report.

The Clinton administration started the first major national effort to upgrade computer security in government and business against cybercrime and terrorist attack. President Bill Clinton issued an order in May 1998 creating the National Infrastructure Protection Center, a collaborative effort of law enforcement, military and intelligence organizations to shore up defenses against computer crime. The center also developed an information-sharing network with major industrial sectors.

Such activities will presumably be brought under the umbrella of the new Homeland Defense Council that President Bush has appointed Gov. Tom Ridge of Pennsylvania to run. Mr. Clarke will oversee cyberdefense initiatives for the council as head of its Office of Cyber Security.

Michael Vatis, the head of the Dartmouth cybersecurity group and a former head of the National Infrastructure Protection Center, said the stereotype of computer intruders as thrill-seeking teenage loners was misleading. Talented intruders who are motivated -- and perhaps banding together with criminal or ideological motives -- can go far, he said, citing little-publicized attacks on business and Pentagon computer networks by hackers who may be linked to organized crime in Russia. The attacks, beginning in 1998, are the focus of a federal investigation. ''The type of access they were able to gain,'' he said, and ''the amount of information and the types of information they were getting means they could do lots of stuff to those systems,'' both purloining data and disrupting operations.

Even more dangerous than outsiders, potentially, are insiders with specialized knowledge, according to the 1997 report of the President's Commission on Critical Infrastructure Protection. That report estimated that by this year 19 million people worldwide would have the skills to engage in malicious hacking and 1.3 million people would have advanced knowledge of the systems that control the nation's telecommunications infrastructure.

Whatever the nature of the attack, the tools are easy to acquire and the knowledge to use them even more so. A reasonably competent programmer who is willing to delve into the arcana of computer operating systems and networks can cobble together viruses or other destructive computer code from software posted online. Similarly, tools for examining computer systems for security holes and the programs that can be used to take advantage of them to gain unauthorized entry are also easy to find online, and computer vandals are happy to share their knowledge in Internet forums.

So what is to be done? Most of the measures that experts recommend, like keeping up with the latest antivirus software, using strong passwords to protect computers and networks and installing intrusion-detection software, are painfully obvious but still ignored by many businesses, government agencies and consumers. The Dartmouth report also recommends increasing protection at Web sites and keeping backups of their important data, with special attention to the potential for Web page defacement.

That report also recommends vigilance, and appropriate software, to prevent or detect the surreptitious commandeering of computer systems for use in denial-of-service attacks. (A guide to the best security practices can be found at www.cert.org /security-improvement.)

Informal networks for intrusion detection are beginning to form among those who hope to find security in numbers. One such network, AirCert, has been developed by the CERT Coordination Center at Carnegie Mellon's Software Engineering Institute. The fledgling AirCert project places Internet-based security sensors on participating sites; those sensors automatically send data on intrusion attempts to a central CERT knowledge base that is able to analyze the information and share it quickly.

The idea has been suggested before. A network for intrusion detection in government computers, called Fidnet, was proposed late in the Clinton administration but never created because of assertions that the system might be used as a large-scale monitoring network for citizens' online communications. Government officials insist that was never the intention, but Mr. Vatis said that they did not make their case well.

Making that case may now be easier, but Professor Culnan, at Bentley College, said that mounting an effective deterrent to cyberterror was no small task. ''It's a gigantic problem making this work,'' she said. ''But at least we've started thinking about it.''
_____________________________________________________________
http://news.bbc.co.uk/2/hi/science/nature/1593018.stm
Thursday, 11 October, 2001, 09:10 GMT 10:10 UK
Doomsday fears of terror cyber-attacks


Fears that services like fire brigade could be at risk
By BBC News Online's Alfred Hermida

Computer experts have painted a chilling picture of the potential threat from a combined terror and cyber-attack on the United States.

They told Congress that terrorists could target computer networks critical to power supplies, telecommunications and financial systems and wreak havoc on the country.

"What if the terrorists were also able to impact our communications system, thus hampering the rescue and recovery efforts?" asked Ms Benzel, vice president of computer security firm Network Associates.

"What if the attackers were able to compromise systems monitoring the water supply for Manhattan? What if power to parts of the northeast corridor could have been brought down through a cyber-attack on key systems?

"We must prepare now to prevent this from happening," she urged.

Her fears were echoed by committee chairman Sherwood Boehlert. He warned that research and development on computer security had not kept pace with the threat.

"To put it simply, we need more people to be doing more creative thinking about computer security. That's what our adversaries are doing," he said.

Vulnerable networks

An official report released the day after the September attacks highlighted the vulnerability of America's computer networks.

"Recent reports and events indicate that these efforts are not keeping pace with the growing threats and that critical operations and assets continue to be highly vulnerable to computer-based attacks," said the US Government report.

"Despite the importance of maintaining the integrity, confidentiality, and availability of important federal computerised operations, federal computer systems are riddled with weaknesses that continue to put critical operations and assets at risk," it said.

Experts have been warning for some time about what has been described as an Electronic Pearl Harbour - a computer-based attack that would cause massive amounts of destruction and loss of life.

In a worst-case scenario, such an attack would target power distribution, financial services, emergency call services and air traffic control systems.

Shortly after the shocking events of 11 September, an influential US thinktank warned that cyber-attacks could become part of any future conflict.

'Nuisance attacks'

"The vast majority of previous politically related cyber-attacks have been nuisance attacks, and it is extremely likely that such attacks will follow any US-led military action," said the report by the US-based Institute for Security Technology Studies.

"The potential exists for much more devastating cyber-attacks following any US-led retaliation to the 11 September terrorist attacks on America. Such an attack could significantly debilitate US and allied information networks".

The Bush administration has acted to address the issue with the appointment of Richard Clarke as special White House advisor for cyberspace security.

Mr Clarke has a long record in counter-terrorism and cyber-security, most recently serving as national co-ordinator for security, infrastructure protection and counter-terrorism on the National Security Council.

But some are sceptical about the idea of dramatic assault on computer networks in the US. Computer security expert Richard Forno said cyber-attacks were more of a nuisance than viable terrorist tactics, warning against any knee-jerk measures.

Fears of a cyber-assault on the US have been heightened following the 11 September attacks.

President Bush has already moved to head off any danger by appointing a computer security veteran as special White House advisor for cyberspace security.

'Beyond frightening'

Speaking before the House Science Committee, computer security expert Terry Benzel said the potential for an attack on America's computer networks was "beyond frightening".
_____________________________________________________________
http://www.washingtonpost.com/ac2/wp-dyn/A3409-2003Jan30
Feds Building Internet Monitoring Center

By Brian Krebs
washingtonpost.com Staff Writer
Friday, January 31, 2003;

The Bush administration is quietly assembling an Internet-wide monitoring center to detect and respond to attacks on vital information systems and key e-commerce sites.

The center, which has been in development for the past 15 months, is a key piece of the White House's national cybersecurity strategy and represents a major leap in the federal government's effort to achieve real-time tracking of the Internet's health.

 The "Global Early Warning Information System," (GEWIS, pronounced "gee-whiz") is being built by the National Communications System (NCS), a Defense agency established in 1962 to ensure that the government has access to adequate communications systems during national emergencies. It is unrelated to the Total Information Awareness program, a planned Defense Department program that would actively mine databases worldwide to uncover terrorist and other threats.

The NCS started building the GEWIS system shortly after the Sept. 11, 2001, terrorist attacks, when it began asking major Internet and telecommunications providers to sell "real-time" data about the status of their networks, said NCS Deputy Manager Brent Greene.

The NCS has spent an undisclosed sum of money to buy data from the members of the National Coordinating Center for Telecommunications, an NCS information sharing group established during the Clinton administration that includes some the largest telecom and Internet service providers in the world, including WorldCom, Verizon, Sprint, SBC Communications, Qwest and BellSouth.

Greene said the agency now receives data from several key telecom and Internet service providers, and in the next two months hopes to launch the first stage of its pilot project, which will combine the information into a graphical view of the health of the Internet.

The White House believes the monitoring center is necessary because no single entity in the government or private sector has more than a limited view of the global communications network.

"Nowhere do you see everything that is happening on the Internet," said White House cybersecurity adviser Richard Clarke at a recent public appearance in Washington. "Nowhere do you see the big board."

With Clarke's help, the NCS secured $5 million in 2002 for the GEWIS program.

The NCS is co-managed by the White House and the head of the Defense Information Systems Agency, which is responsible for guarding the communications infrastructures of the military and intelligence communities. On March 1, the NCS will be folded into the Department of Homeland Security, along with four other federal cybersecurity divisions.

Privacy Problems Resolved?

GEWIS has proven a tough sell for some ISPs, in part because of the way the government initially pitched its request for data. NCS first asked about the possibility of receiving live feeds from ISPs, with few restrictions on the amount or scope of data requested, according to several providers.

"We were led to believe that some contractors [working on GEWIS] may have gotten a little over-enthusiastic about what kinds of information they could get," said Stewart Baker, a former deputy director for the National Security Agency, and currently an attorney representing several ISPs. "Exactly what will be pulled together by GEWIS and what will be the role of companies asked to participate is all still up in the air."

The program has left other ISPs wondering how GEWIS differs from the "network operations center" outlined in the Bush administration's draft cybersecurity plan. The center, which would be run by the private sector, would link the network security operations of numerous telecommunications providers for the purpose of sharing information on specific cyber threats.

Clarke's deputy, Howard Schmidt, said GEWIS is a far less ambitious program than the network operations center. Instead, GEWIS would give the government the ability to spot cyberattacks before they become a worldwide problem and would use aggregate data to model the effects of a virus or cyberattacks on key systems, Schmidt said.

"GEWIS is merely a tool that would be looking at the Internet from the government's perspective," he said. "The effort mentioned in the cyber plan asks what are the bigger things that government may not need to know about but that the private sector should do a better job coordinating on?"

The NCS's Greene said the government is taking steps to ensure that the center does not collect personal information from ISPs. He said ISPs can use "software tools" to limit the amount of information transmitted to NCS while still allowing the agency to spot major problems with the Internet, such as denial-of-service attacks and computer viruses capable of crippling government and commercial activity online.

"We certainly don't want to get into the level of detail where we create the perception of government getting into stuff that a lot of people don't want the government to see," Greene said. "We think this is very doable, but it can only be done in a partnership with industry, and we have to be careful not to do anything to undermine that."

The NCS already receives real-time data from Verisign Corp., which oversees two of the Internet's 12 root servers that tell computers around the world how to reach key Internet domains. The company gave the government a software tool that allows the NCS to monitor the health of all 12 root servers for free.

The NCS also contracted to receive information from Keynote, a company that monitors the performance of major e-commerce Web sites. In addition, Lumeta Corp., a Somerset N.J.-based Bell Labs spinoff, sold the NCS large amounts of data pinpointing thousands of the most crucial routers on the Internet. Lumeta chief scientist Bill Cheswick helped create the first map of the Internet, which has been used to study Internet routing problems and distributed denial-of-service attacks.

One of the first companies successfully approached by the NCS was Boston-based Akamai Technologies, a company that makes software to monitor Web traffic for suspicious events. The company also sells a product that identifies the geographic location and network origin of visitors accessing customers' Web sites. Akamai CEO George Conrades is a board member of the Internet Corporation for Assigned Names and Numbers (ICANN), the company that manages the Internet's worldwide addressing system.

To build on that level of industry cooperation, the NCS has recast its approach and plans to hold a workshop in March to address industry concerns about GEWIS. Greene said that GEWIS's goal is "not to become a secretive place that holds terabytes of data that we're off doing analysis on."

The administration hopes that GEWIS will benefit from the level of trust that the NCS has gained in developing a related project known as the Cyber Warning Information Network (CWIN).

Under construction since early 2001, CWIN will be a separate data network that government and leaders in the telecom and Internet industries can use as a hotline to share information or stay in touch in the event of crisis or attack that takes out the World Wide Web.

Developed under contract by AT&T Corp., CWIN terminals have recently been installed at several major telecom and Internet service providers. NCS hopes to build the network out to small and regional service providers in the coming months.

Many service providers that expressed uneasiness over GEWIS view CWIN as an essential step toward a more cooperative approach between the government and the private sector.

"This boils down to a trust question: How much does the government trust industry to manage these systems effectively, and to what degree does industry trust the government to handle all this data?" said Cristin Flynn, spokeswoman for WorldCom.

"I think there's an inclination on the part of ISPs to participate in that in good faith without setting off the alarm bells that some of the more ambitious proposals set off," Flynn said. "We think CWIN is a good way to build that trust, sort of like dating before we get married."

Mark Rasch, former head of the Justice Department's Computer Crime division, questioned the need for GEWIS. With most Internet attacks, he said, by the time you notice a huge spike in traffic, it's already too late to head off disruptions.

"Slammer made that fact very clear," Rasch said of the Internet worm that infected nearly 200,000 computers within a few short hours early Saturday morning.

[Anti_Illuminati]

I missed a few somehow, have to back up chronologically for a bit (back to 2001, and 02.  Note:  I'm not going to post every article in full-the really long ones I will just leave a link in the interest of not bogging down the entire thread and boring the hell out of most people, but this has to be done somewhat to discredit these bastards):

http://archives.cnn.com/2001/TECH/ptech/10/21/black.ice.idg/index.html
'Power backup only lasts so long'
Utah's 'Black Ice': Cyber-attack scenario

By Dan Verton October 21, 2001

(IDG) -- A little-known exercise held last year to help federal, state and local officials in Utah prepare for a possible terrorist attack during the 2002 Winter Olympics may hold some of the most important lessons for infrastructure protection in the aftermath of the September 11 terrorist attacks, according to a key official involved in the exercise.

Next month marks the one-year anniversary of the first regional such exercise known as "Black Ice" -- no connection to the commercially available computer-security software of the same name. Sponsored by the Department of Energy (DOE) and the Utah Olympic Public Safety Command, Black Ice demonstrated how the effects of a major terrorist attack or natural disaster could be made significantly worse by a simultaneous cyber-attack.

"The terrorists in the September 11 event had the patience to plan (and) the foresight and the understanding of the infrastructure that could be used to simultaneously or sequentially disrupt the infrastructure electronically and that could cause a major regional failure in this country," says Paula Scalingi, director of the DOE's Critical Infrastructure Protection Office and a central figure in planning the exercise. "There's no question that that's doable."

The Energy Department is preparing a report detailing the impact of the September 11 terrorist attacks in New York on various critical infrastructure sectors. Despite a few minor differences between the Black Ice scenario and the real-world scenario that unfolded on September 11, the exercise proved to officials that future terrorist attacks could be far worse if they include a major cyberdisruption.

The Black Ice scenario takes place on February 14, during the second week of the Olympics. A major ice storm topples power lines across seven counties and disrupts microwave communications in the Salt Lake City area. It also damages the high-voltage bulk transmission lines in several states, including transmission lines north and south of Salt Lake City.

The damage to the transmission system isn't extensive, but the ability to import electricity to the seven-county area is hindered significantly. The lack of power generation forces authorities to conduct rolling blackouts.

That's when the Supervisory Control Data Acquisition systems, which control the power grid, are further damaged by a cyber-attack. The source of the disruption is unknown; it could be a hacker, a terrorist, an insider or the result of storm damage. Regardless, the failure begins to ripple throughout the rest of the regional infrastructure.

"Communications were one of the first things to go," says Scalingi. "What was discovered is that if you have a prolonged power outage that goes on for several hours, your infrastructure starts to degrade. Power backup only lasts so long."

And it's not just telecommunications. Water systems rely on electric power, as does the natural gas industry and the natural gas-powered electric utilities in the region. Emergency responders struggle through the chaos that results from Internet outages, cell phone overload and telephone failures.

"You get the idea," says Scalingi.

The ice storm could easily have been replaced with scenarios of multiple bombs, hijackings or other physical catastrophes, she says. The important lesson is that Black Ice showed how interdependent are the various infrastructure systems -- including telecommunications, utilities and banking -- and how major might be the combined effects of cyber- and physical attacks, she says.

"The infrastructure system providers didn't understand the interdependencies among their systems," Scalingi says. "If you talk to state and local government and local utilities, they'll tell you they have great response plans. The problem is, they write them in isolation."

One recommendation was to develop a template for private-sector owners of critical infrastructure systems to use to identify the various levels of interdependency among their systems. Utah emergency planners also proposed developing a secure database to store information provided by the various infrastructure owners. However, concerns about the security of proprietary industry data put the project on hold, says Scalingi. A report on the lessons learned and recommendations on how to prepare for such disaster was released in May.

The database would have included geographic information system technology that would have enabled officials to view a graphic representation of the status of various infrastructure systems and how they connect, she says. Getting protection from Freedom of Information Act requests remains a key concern to most infrastructure companies and a main sticking point in information sharing, says Scalingi.

"It would have been real useful to have that database," she says. "You have to be able to share information with the other infrastructures. That's exactly where we need to go in the post-September 11 world."
__________________________________________________________________
http://au.groups.yahoo.com/group/the_new_crusade/message/3

RPT-Special Report-U.S. prepares for cyberwar-the war next time
11/12/01 01:13 PM
Source: Reuters

By Jim Wolf

WASHINGTON, Nov 8 (Reuters) - Even as it fights in Afghanistan with bombs and guns and allies on horseback, the U.S. military is gearing up to use computers and code as potentially decisive weapons in the next phases of its campaign.

The goal would be to disable air defense systems, scramble enemy logistics and perhaps infect software through tactics being honed by a joint task force set up in 1999 under the Colorado Springs, Colorado-based U.S. Space Command.

The U.S. military has been working on tools that could wreak electronic havoc on countries accused of harboring terrorists as well as on ways of defending global networks against cyberattack.

"Transformation cannot wait," Defense Secretary Donald Rumsfeld said last week, using military jargon for souping up U.S. forces to meet 21st-century threats and to cash in on high-tech covert capabilities.

"We must act now to prepare for the next war, even as we wage the current war against terrorism," he wrote in a Nov. 1 Washington Post guest column.

After the Sept. 11 blitz that turned civilian airliners into missiles, killing some 4,800 people, the United States must plan for new and different foes who will rely on "surprise, deception and asymmetric weapons," or those meant to overcome the lopsided U.S. edge in conventional arms, Rumsfeld said.

"To deal with those future surprises, we must move rapidly now to improve our ability to protect U.S. information systems and ensure persistent surveillance, tracking and rapid engagement of an adversary's forces and capabilities," he said. CYBERARMS JOIN U.S. ARSENAL

The Defense Department has been readying to make cyber blitzes on enemy computer networks a standard tool of war, Air Force Gen. Richard Myers, now chairman of the Joint Chiefs of Staff, said earlier this year as he left the Space Command.

Army Gen. Henry Shelton, Myers's predecessor as the top U.S. military officer, confirmed that the United States had jabbed electronically into Serbian computer networks throughout the 78-day NATO bombing campaign over Kosovo in 1999.

"We only used our capability to a very limited degree," Shelton said on Oct. 7, 1999.

At the same time, unspecified hostile countries have probed U.S. computer networks for ways to spark mayhem in wartime, Richard Clarke, the White House National Security Council staff coordinator for security, infrastructure protection and counter-terrorism, said in June.

"This is not theoretical. It's real," Clarke said at the time. He was tapped by President George Bush on Oct. 16 to head a new senior advisory board on critical infrastructure protection -- in other words, the country's vital communications, transportation, food and health care systems.

CIA and Pentagon war games already feature foes using bits and bytes, not bombs or ballistic missiles, to attack U.S. financial institutions, communications hubs and spy satellites. SAT OUT Y2K

If Afghanistan were home to anything but one of the world's least computer-reliant societies, U.S. forces might have kicked off the campaign they began Oct. 7 with keyboard-launched strikes to disrupt the Taliban militia's command and control.

But a cyberblitz would have had scant impact on Afghanistan, one of only a handful of nations that never even bothered to touch base with a United Nations network that prepped governments for feared Year 2000 computer disruptions.

"They're just not connected," said information security strategist Bruce McConnell, who tried unsuccessfully to include the Taliban in the International Y2K Cooperation Center he headed under U.N. aegis.

Since the start of the U.S.-led campaign against Afghan protectors of terror suspect Osama bin Laden, "We've seen absolutely no indication of terrorists attacking via cyberspace," Space Command spokesman Army Maj. Barry Venable said.

But guerrilla forces are bound to turn to cyber weapons to wage their battles in an increasingly networked future, just as political activists have used denial-of-service attacks and Web page defacements to amplify their messages.

"As we harden our bridges, airports and other infrastructure, terrorists are going to seek the path of least resistance," said Steven Roberts, a computer security expert at Georgetown University. "That means they're likely to embrace information warfare tools such as viruses, Trojan Horses and password crackers." LEGAL ISSUES

From the standpoint of international law, there are two big questions to tackle before unleashing any kind of military response, whether it is clubs and spears or bits and bytes.

The first is whether a strike -- including one in cyberspace -- amounts to a "use of force" or an "armed attack" under international law, said Thomas Wingfield of Falls Church, Virginia-based Aegis Research Corp., a national security consultancy that has worked on the issue for U.S. government clients.

If so, four distinct tests would have to be met before the use of cyber weapons or other arms would be considered lawful self-defense.

The first is discrimination -- targeting combatants and not civilians. The second is necessity -- using no more force than required to accomplish a mission nor using inhumane means such as chemical or biological weapons.

The third is proportionality, or balancing the military advantage against harm to civilians, said Wingfield, a naval intelligence officer turned national security lawyer.

Finally comes the age-old principle of chivalry. It permits "ruses of war" to trick a foe but not "perfidy" -- defined as treacherous deceit about the legal status of the combatants.

"Tactical deception: OK. Legal deception: war crime," he said. "And all of these things extend into cyberspace."

Because these are the newest weapons in the U.S. arsenal, many of the questions surrounding their use are being confronted for the first time.

"They will have to be resolved on a case-by-case basis, much as new legal doctrines were developed for aircraft at the beginning of the last century," Wingfield said.

Copyright 2001, Reuters News Service
__________________________________________________________________
http://www.criminology.fsu.edu/transcrime/articles/Experts%20Say%20Key%20Internet%20Servers%20Vulnerable%20to%20Attack.htm
November 13, 2001
Experts Say Key Internet Servers Vulnerable to Attack

By REUTERS

MARINA DEL REY, Calif. (Reuters) - It would not take much for a malicious hacker to shut down the Internet, researchers at a meeting of the body that oversees Web address allocation warned on Tuesday.

An attack designed to flood the Web's master directory servers with traffic ``is capable of bringing down the Internet,'' Paul Vixie, a speaker at the Internet Corporation for Assigned Names and Numbers (ICANN) annual meeting, told Reuters.

After the September 11 attacks on New York and Washington, non-profit corporation ICANN pushed other agenda items aside to concentrate the discussion on ways to keep the Internet safe.

Adding to the impetus for the change in focus were the Code Red and Nimda Internet worms, which cast more attention on network security issues.

Researchers said they were worried malicious hackers could attack the 13 ``root'' servers that direct computers to Web addresses, or domain names, or the 10 top-level domain servers, all of which serve as a kind of directory for the Internet.

To mount a so-called denial-of-service attack a malicious hacker would break into numerous PCs or Web servers and instruct them to send so much traffic to a target server that it would overload it, preventing people from accessing the Web. Such attacks are attempted all the time but usually to single Web sites and not on a scale that seriously interferes with overall Internet traffic, experts said.

Another trouble spot is security at registrars, the companies which sell domain names, or Web addresses, experts said.

``Registrars are the weakest link,'' Steven Bellovin, an AT&T fellow, said during his presentation. ``If the registrar is hacked and the database tampered with,'' it would be difficult for a domain name owner to prove ownership of a domain.

Researchers would also like to prevent attacks that redirect Web traffic to a dummy site and e-mail to someone other than the intended recipient, said Paul Mockapetris, the inventor of the Domain Name System protocol and chairman of Nominum, which handles directory services for registrars.

INTERNET IS FRAGILE

``The Internet is very fragile,'' said Vixie, who was one of the developers of the Berkeley Internet Name Domainsoftware that translates Web server names into numerical Internet Protocol addresses. ``It would be very easy for an angry teenager with a $300 computer to create almost unlimited pain for anyone on the Internet and not get caught. We've got to have attention focused on this.''

At the sessions engineers said they have taken steps to secure the computers that run the Internet. They have contingency plans for outages at the root servers -- the 13 master domain name computers around the world -- and are keeping them safe from unauthorized physical access, said Lars-Johan Liman, a senior systems specialist at Autonomica AB in Stockholm.

The operators of the root server in Japan also are stepping up security according to Kenji Kosaka, a senior vice minister at the posts and telecommunications ministry.

``I was unpleasantly surprised to learn that ICANN decided to hold a meeting focused on the security of the Internet only after the tragic events of September 11,'' Kosaka said during his keynote speech.

There was also scrutiny of security at VeriSign Inc (news/quote), the sole overseer of the .com, .net and .org master databases and provider of authentication technology to the root servers and most other registries of top-level domains.

``I am deeply troubled by the complacency of the ICANN leadership on the subject of security,'' Paul-Jean Jouve, president of Los Angeles-based network security company Brinx Corp, wrote in a letter to ICANN directors. ``It took worldwide fears to stimulate the dialogue on this issue.''

REFOCUSED AGENDA

While some criticized ICANN for taking so long to make security a priority, others said the subject should be left to engineers and not bureaucrats.

Switching the focus to security ``is opportunistic,'' Rodney Joffe, chairman and chief technical officer at Ultra DNS, which provides Internet directory services to companies, told Reuters.

``It's relevant in general, but I don't think ICANN needs to focus on it,'' Joffe said. ``Security is, after all, a technical issue, not an administrative one.''

ICANN Chairman Vint Cerf dismissed the concerns, saying board members need to hear about the technical issues from engineers to know what recommendations to make.

``For policymakers this is a valuable opportunity to have access to this kind of primary source input,'' Cerf said.

In addition to engineers, other attendees and even Cerf said they were concerned about ICANN going beyond its scope, with some asking the group to formally restate its mission and even restructure.   
__________________________________________________________________
http://www.gyre.org/news/source/National%20Infrastructure%20Protection

Original link no longer works.

Cyber Protests Related to the War on Terrorism: The Current Threat -- Staff  -- National Infrastructure Protection  -- November 22, 2001

Since the terrorist attacks on September 11, 2001 the speculation of the potential for cyber attacks has varied, from low-level nuisances to an all out "cyber war." What has been seen thus far is on the low side of the threat spectrum. Both pro-U.S. protesters and anti-U.S. protesters have been active.

Related article from 03'  http://www.heritage.org/Research/HomelandSecurity/HL812.cfm  Preparing Responders to Respond: The Challenges to Emergency
__________________________________________________________________
Purdue University Prof. Eugene Spafford warns that policymakers are paying insufficient attention to the threat of cyberterrorism.

December 22, 2001

http://www.interesting-people.org/archives/interesting-people/200201/msg00014.html
__________________________________________________________________
Information-Age "De-Terror-ence"

January 1, 2002

http://fmso.leavenworth.army.mil/documents/de-terror/de-terror.htm

by Mr. Timothy L. Thomas, Foreign Military Studies Office

__________________________________________________________________
Worries of Cyberattacks on U.S. Are Aired

April 25, 2002

U.S. officials warned yesterday that the Chinese military may be searching for ways to attack defense and civilian computer networks in the United States and Taiwan. But they said intelligence analysts have concluded that China so far lacks the ability to cause much disruption.

http://www.apdip.net/documents/access/security/wfs_cybersecurity082003.pdf
__________________________________________________________________
05/05/2002 - Updated 07:30 PM ET

http://www.usatoday.com/news/washington/2002/05/06/cyberterror.htm

Cyberspace full of terror targets

By Tom Squitieri, USA TODAY

WASHINGTON — Government and private computer networks are facing new threats of terrorist attacks, ranging from an attempt to bring havoc to a major city to nationwide disruptions of finances, transportation and utilities. But people with knowledge of national intelligence briefings say little has been done to protect against a cyberattack.

Some of the threats come from individuals who might have connections to Osama bin Laden's al-Qaeda network in Pakistan and elsewhere, those who have been briefed say.

The specific threats, in part, prompted a meeting April 18 of government intelligence and information-technology officials to discuss protecting the nation's computer networks.

"This threat is growing," Sen. Jon Kyl, R-Ariz., says. "It's a big threat, because it is easy to do and can cause great harm."

Congress is trying to reduce the threat. Legislation has been proposed to create a national "cybersecurity defense team" to identify areas most vulnerable to attack and determine how to reduce the danger.

Other legislation would make it easier for companies to share information without being subject to antitrust or freedom-of-information laws. Such communication could alert the government to a terrorist attack, as opposed to more common cases of computer hackers targeting a company or agency. It could also help companies defend against attacks.

The vast array of potential targets and the lack of adequate safeguards have made addressing the threat daunting. Among the recent targets that terrorists have discussed, according to people with knowledge of intelligence briefings:

    * The Centers for Disease Control and Prevention, based in Atlanta. It is charged with developing the nation's response to potential attacks involving biological warfare.
    * The nation's financial network, which could shut down the flow of banking data. The attack would focus on the FedWire, the money-movement clearing system maintained by the Federal Reserve Board.
    * Computer systems that operate water-treatment plants, which could contaminate water supplies.
    * Computer networks that run electrical grids and dams.
    * As many targets as possible in a major city. Los Angeles and San Francisco have been mentioned by terrorists, intelligence officials say.
    * Facilities that control the flow of information over the Internet. Richard Clarke, the White House special adviser on cybersecurity, says such sites, of which there are 20 to 25, are "only secure in their obscurity."
    * The nation's communications network, including telephone and 911 call centers.
    * Air traffic control, rail and public transportation systems.

Officials are most concerned that a cyberattack could be coupled with a conventional terrorist attack, such as those on Sept. 11, and hinder rescue efforts.

"Cyberterrorism presents a real and growing threat to American security," says Rep. Jane Harman, D-Calif., top Democrat on the House Intelligence Committee's panel on terrorism and homeland security. "What I fear is the combination of a cyberattack coordinated with more traditional terrorism, undermining our ability to respond to an attack when lives are in danger."

The Bush administration is seeking about $4.5 billion in its 2003 budget request to protect federal computer systems. That's about 8% of its information technology budget.

Clarke warned lawmakers earlier this year that the threat of a cyberattack was greater than previously imagined. He says it could take three or four years to markedly improve the government's ability to prevent such attacks.

Long before Sept. 11, officials warned of the nation's vulnerability to cyberattack. The Pentagon and many large companies have experienced limited attacks. Hackers calling themselves the "Deceptive Duo" recently infiltrated Pentagon computers and left a message indicating that the attacks were made to show "how sad our cyber-security really is."

In 2001, cyberattacks caused $12 billion in damage and economic losses.

Such attacks were successful in penetrating security systems at an airport in Massachusetts and a dam in Arizona, causing shutdowns of both facilities but no loss of lives or long-term damage.

"The principal myth that you will hear is that nobody can actually change the operation of a physical system through computers," says Alan Paller, director of the System Administration, Networking and Security Institute, which teaches people how to protect computer systems. "There have been people who have already demonstrated how that can be done."
__________________________________________________________________
Cyber-Attacks by Al Qaeda Feared
Terrorists at Threshold of Using Internet as Tool of Bloodshed, Experts Say

By Barton Gellman
Washington Post Staff Writer
Thursday, June 27, 2002; A1

http://www.washingtonpost.com/wp-dyn/content/article/2006/06/12/AR2006061200711_pf.html
__________________________________________________________________
Al-Qaeda cyber alarm sounded

http://www.usatoday.com/tech/news/computersecurity/2002-07-26-fcw-attacks_x.htm

July 25, 2002

By William Matthews
From Federal Computer Week

There is a 50% chance that the next time al-Qaeda terrorists strike the United States, their attack will include a cyberattack, Rep. Lamar Smith R, Texas, warned.

In closed-door briefings for members of Congress, Smith said officials from federal law enforcement and intelligence-gathering agencies disclosed that al-Qaeda operatives have been exploring U.S. Web sites and probing the electronic infrastructure of American companies in search of ways to disable power and water supplies, disrupt phone service and damage other parts of the critical infrastructure.

A successful cyberattack could cause billions of dollars in damage and lead to thousands of deaths, Smith told a gathering of congressional staffers and technology industry representatives July 23.

Al-Qaeda members seem especially interested in how they might disable the systems that provide electricity to California, Smith said. If it were to succeed, hospitals could be left powerless, causing patients to die, and commerce and much other activity would come to a halt, causing billions of dollars of economic damage.

Such a cyberattack could be used to dramatically increase the damage done by a physical attack, said Smith, who is chairman of the House Judiciary Committee's Crime, Terrorism and Homeland Security Subcommittee.

About 90% of the nation's critical infrastructure is privately owned, and much of it remains vulnerable to cyberattacks, according to the Business Software Alliance, a technology industry association.

A June survey by the BSA showed that 74% of the technology professionals asked thought it was "nearly certain" that there will be a cyberattack against American financial institutions in the next 12 months. Respondents said that attacks also are likely against communications systems, transportation infrastructure, water systems, dams and power plants, the survey concluded.

Fifty-nine percent of those surveyed said they expect a major cyberattack against the federal government in the next 12 months. And they said there is a gap between the likelihood of an attack and the government's ability to respond to it. The findings prompted BSA president Robert Holleyman to call for creation of a Cyber Security Agency within the Homeland Security Department.

In Congress, the House this month passed Smith's Cyber Security Enhancement Act, but the bill focuses more on catching, prosecuting and punishing cybercriminals than on strengthening systems to withstand cyberattacks.

Copyright © 2002, fcw.com. All rights reserved
__________________________________________________________________
Mock cyberwar fails to end mock civilization
http://www.theregister.co.uk/2002/08/30/mock_cyberwar_fails_to_end/

Posted in Security, 30th August 2002 14:25 GMT
__________________________________________________________________
Q&A: Security expert says cyberterrorism is exaggerated

October 2, 2002  (Computerworld) -- Bruce Schneier, designer of the popular Blowfish encryption algorithm, CTO of Counterpane Internet Security Inc. and renowned security expert, spoke with Computerworld Canada during his recent visit to Toronto.

http://www.computerworld.com/securitytopics/security/story/0,10801,74791,00.html
__________________________________________________________________


http://www.spacedaily.com/news/cyberwar-02n.html

Detecting Cyberattacks By Profiling "Normal" Computer Habits

Anaheim - Oct 11, 2002
An early version of a new software system developed by University at Buffalo researchers that detects cyberattacks while they are in progress by drawing highly personalized profiles of users has proven successful 94 percent of the time in simulated attacks.

The "user-level anomaly detection system" was described Oct. 10, 2002 at the military communications conference known as MILCOM 2002 in Anaheim, CA.

"We have developed a new paradigm, proactively encapsulating user intent where you basically generate a profile for every single user in the system where security is a major concern," said Shambhu Upadhyaya, Ph.D., associate professor of computer science and engineering at UB and co-author of the paper.

In addition to the paper presentation, MILCOM invited Upadhyaya to give a half-day tutorial on the new intrusion detection system at the meeting.

Upadhyaya directs UB's Center of Excellence in Information Systems Assurance Research and Education, one of 36 in the U.S. chosen by the National Security Agency to develop new programs to conduct research and train students to protect the nation's information technology systems from cyberterrorism.

The new UB intrusion detection system is being developed for application in highly secure facilities, such as those in the military.

"Existing approaches look at a past record of computer activity because those systems produce audits of activity for every user," he explained. "Our methodology is a marriage of two known techniques: misuse and anomaly detection. We use an assertion/rule-based approach to precisely capture the initial bracket of activity and then fine-tune this profile to reflect ongoing activity, making highly personalized and accurate profiles possible.

"Also, since users are being constantly monitored, this system can detect intrusions or attacks on-the-fly."

The UB system generates a user profile according to data about standard operations and commands that each user follows to carry out specific tasks.

The system is designed to detect significant deviations from procedures followed by normal users.

While some commercially available computer security packages already feature user-profiling, Upadhyaya noted that they are based on "low-level" methods -- meaning they seek out deviations on the basis of huge amounts of data, so they end up creating many false alarms.

"User modeling is computationally hard," said Upadhyaya. "Since many of these existing systems treat this problem purely statistically, any deviation from the norm is signaled as an anomaly, but it is often the case that an intrusion has not occurred.

"It's a nuisance because an alarm can go off as often as every five minutes," he said.

By contrast, the system he developed with co-authors Rankumar Chinchani, a doctoral candidate in the UB Department of Computer Science and Engineering, and Kevin Kwiat of the Air Force Research Laboratory in Rome, N.Y., is based on the idea that the computation habits of normal users generally are well-defined and that he or she will work within those bounds.

"The normal behavior of computer users has been very well characterized," said Upadhyaya. "Normal users stick within well-defined parameters. Intruders or hackers, on the other hand, will not be able to carry out their intended operations within such well-defined parameters, and so will make the scope of his or her activities overly permissive," said Upadhyaya. "Our system is based on detecting that kind of behavior."

The key to the UB system's success and its "scalable" feature is that its monitoring system operates at a high level, examining commands that users execute to perform certain operations. This is in contrast to the low-level monitoring that many existing packages perform, which examine commands as basic as the ones and zeroes of which email messages are composed.

"Our system is looking for a sequence of operations that falls within certain 'normal' parameters," he explained.

"For example, if you want to make a document, you do certain things in a certain order, you create the document, you use a word processing program, you may run Spellcheck. Our system knows what to look for in the normal sequence that is necessary to accomplish this job. Any deviations from that are assumed to be potential cyberattacks."

The work was funded by the Air Force Research Laboratory in Rome, N.Y.
__________________________________________________________________
Here's an NWO site:
http://www.iwar.org.uk/


October 18, 2002

http://www.mail-archive.com/infocon@infowarrior.org/msg00284.html
A deadly cocktail of cyber and physical attack
__________________________________________________________________
http://www.washingtonmonthly.com/features/2001/0211.green.html

November 2002

The Myth of Cyberterrorism
__________________________________________________________________
http://www.wired.com/politics/law/news/2002/11/56382

11.14.02

Study Makes Less of Hack Threat
__________________________________________________________________
Terrorists on the Net? Who Cares?
Noah Shachtman 12.20.02

http://www.wired.com/techbiz/it/news/2002/12/56935
__________________________________________________________________
http://www.infoworld.com/articles/hn/xml/03/01/03/030103hncyberthreat.html

Cyberthreats not to be dismissed, warns Clarke

By DAN VERTON, Computerworld
January 3, 2003 3:42 pm PT

THE U.S. HAS ignored warning signs before: two attempts by al-Qaeda in 1994 to use airplanes as weapons, as well as public statements in 2000 about terrorists being trained as pilots.  [INSERT: LOL?]

Now Richard Clarke, chairman of the President's Critical Infrastructure Protection Board, is trying to prevent new warning signs from being ignored -- signs that al-Qaeda's brand of terrorism has a growing cyber element and that the nation's economy is at risk.

Before taking his current post in October 2001, Clarke advised two presidents on cybersecurity and served as the country's first counterterrorism coordinator. Most of his time now is spent raising awareness of the changing nature of terrorism and the increasing relevance of cyberterrorism to the stated goals of groups such as al-Qaeda.

"Cyberspace still is underappreciated as a threat, and the solutions aren't as obvious as they are with physical security," said Clarke during an exclusive interview with Computerworld late last month. "We have no clue as a country how to protect our cyberspace. It is a totally different kind of issue."

Clarke said vulnerabilities in the nation's critical infrastructure stem mainly from unknown security holes in widely deployed software and from the constant influx of new technologies that often have unintended consequences for security.

One of his biggest concerns is the growing use of wireless technologies, he said. There have already been cases in Spain and Japan in which PC-based worms have infected hundreds of next-generation cell phones, tricking them into dialing local 911 emergency systems, Clarke added.

"Now, if you're a terrorist, the first thing you might want to do before an attack is take down the 911 system," he said.

According to Clarke, the Sept. 11 terrorist attacks were a turning point for the national effort to protect cyberspace.

"Before Sept. 11, [al-Qaeda] was interested in killing as many people as possible," he said. "After Sept. 11, [Osama bin Laden] starts talking about destroying the American economy. And he starts to talk about going after the economic infrastructure of the United States. You could drive around a lot of truck bombs and really not do a lot of damage to the economic infrastructure because it's so diverse and dispersed. But if you do it in cyberspace, you might have the ability to hit the entire financial services network simultaneously."

Clarke said he's aware that many people doubt the willingness and ability of terrorist organizations to carry out strategic cyberattacks against the U.S. But he said it's his job to think differently about the future -- and to do what some officials failed to do in the months leading up to Sept. 11.

"There are a lot of different people who can conduct cyberwarfare," Clarke said. "There are countries that are creating cyberwarfare units. There are criminal groups engaging in cybercrime. There are also some terrorist groups we know are looking at using cyberattack tools. But I don't spend a lot of time trying to figure out who's going to be the next attacker."

Eliminating al-Qaeda, for example, "won't end the threat to us from cyberspace," he said.

And therein lies the challenge, according to Clarke. The U.S. needs to take the target of cyberspace away from its enemies by eliminating vulnerabilities, he said.
__________________________________________________________________
Cyber terrorism 'overhyped'
By Mark Ward
BBC News Online technology staff in Hanover

Friday, 14 March, 2003

http://news.bbc.co.uk/2/hi/technology/2850541.stm
__________________________________________________________________
http://www.independent.co.uk/news/science/the-new-breed-of-cyberterrorist-480479.html

Cyber-nightmare
Robert Lenzner and Nathan Vardi, 09.20.04

http://www.forbes.com/global/2004/0920/104.html

The new breed of cyber-terrorist

Could a ruthless new breed of cyber-terrorist cause meltdown at the click of a mouse? Jimmy Lee Shreeve reports

Wednesday, 31 May 2006
__________________________________________________________________
http://www.nytimes.com/2007/01/07/technology/07net.html

Attack of the Zombie Computers Is Growing Threat

January 7, 2007
__________________________________________________________________
Sources: Staged cyber attack reveals vulnerability in power grid

http://www.cnn.com/2007/US/09/26/power.at.risk/index.html

From CNN's Jeanne Meserve

WASHINGTON (CNN)  -- Researchers who launched an experimental cyber attack caused a generator to self-destruct, alarming the federal government and electrical industry about what might happen if such an attack were carried out on a larger scale, CNN has learned.

Sources familiar with the experiment said the same attack scenario could be used against huge generators that produce the country's electric power.

Some experts fear bigger, coordinated attacks could cause widespread damage to electric infrastructure that could take months to fix.

CNN has honored a request from the Department of Homeland Security not to divulge certain details about the experiment, dubbed "Aurora," and conducted in March at the Department of Energy's Idaho lab

In a previously classified video of the test CNN obtained, the generator shakes and smokes, and then stops.

DHS acknowledged the experiment involved controlled hacking into a replica of a power plant's control system. Sources familiar with the test said researchers changed the operating cycle of the generator, sending it out of control. Video Watch the generator shake and start to smoke »

The White House was briefed on the experiment, and DHS officials said they have since been working with the electric industry to devise a way to thwart such an attack.

"I can't say it [the vulnerability] has been eliminated. But I can say a lot of risk has been taken off the table," said Robert Jamison, acting undersecretary of DHS's National Protection and Programs Directorate.

Government sources said changes are being made to both computer software and physical hardware to protect power generating equipment. And the Nuclear Regulatory Commission said it is conducting inspections to ensure all nuclear plants have made the fix.

Industry experts also said the experiment shows large electric systems are vulnerable in ways not previously

 "What people had assumed in the past is the worst thing you can do is shut things down. And that's not necessarily the case. A lot of times the worst thing you can do, for example, is open a valve -- have bad things spew out of a valve," said Joe Weiss of Applied Control Solutions.

"The point is, it allows you to take control of these very large, very critical pieces of equipment and you can have them do what you want them to do," he said.

Adding to the vulnerability of control systems, many of them are manufactured and used overseas. Persons at manufacturing plants overseas have access to control system schematics and even software program passwords, industry experts say.

Weiss and others hypothesize that multiple, simultaneous cyber-attacks on key electric facilities could knock out power to a large geographic area for months, harming the nation's economy.

"For about $5 million and between three to five years of preparation, an organization, whether it be transnational terrorist groups or nation states, could mount a strategic attack against the United States," said O. Sami Saydjari of the nonprofit Professionals for Cyber Defense.

Economist Scott Borg, who produces security-related data for the federal government, projects that if a third of the country lost power for three months, the economic price tag would be $700 billion. [INSERT: COINCIDENCE? THAT THAT'S THE SAME CITED FIGURE AS THE 1ST "BAILOUT"?]

"It's equivalent to 40 to 50 large hurricanes striking all at once," Borg said. "It's greater economic damage than any modern economy ever suffered. ... It's greater then the Great Depression. It's greater than the damage we did with strategic bombing on Germany in World War II." [INSERT:  WHAT ABOUT THE "BAILOUTS" TODAY?]

Computer experts have long warned of the vulnerability of cyber attacks, and many say the government is not devoting enough money or attention to the matter.

"We need to get on it, and get on it quickly," said former CIA Director James Woolsey on Tuesday.

Woolsey, along with other prominent computer and security experts, signed a 2002 letter to President Bush urging a massive cyber-defense program.

"Fast and resolute mitigating action is needed to avoid a national disaster," the letter said.

But five years later, there is no such program. Federal spending on electronic security is projected to increase slightly in the coming fiscal year, but spending in the Department of Homeland Security is projected to decrease to less than $100 million, with only $12 million spent to secure power control systems.

Despite all the warnings and worry, there has not been any publicly known successful cyber-attack against a power plant's control system. And electric utilities have paid more attention to electronic risks than many other industries, adopting voluntary cyber-standards.

"Of all our industries, there are only a couple -- perhaps banking and finance and telecommunications -- that have better cyber-security or better security in general then electric power," Borg said.

And DHS notes that it uncovered the vulnerability discovered in March, and is taking steps with industry to address it.

While acknowledging some vulnerability, DHS's Jamison said "several conditions have to be in place. ... You first have to gain access to that individual control system. [It] has to be a control system that is vulnerable to this type of attack."

"You have to have overcome or have not enacted basic security protocols that are inherent on many of those systems. And you have to have some basic understanding of what you're doing. How the control system works and what, how the equipment works in order to do damage. But it is, it is a concern we take seriously."

"It is a serious concern. But I want to point out that there is no threat, there is no indication that anybody is trying to take advantage of this individual vulnerability," Jamison said. [INSERT: EXCEPT YOU!!!!!!!!]

 Borg notes that industry will have to remain forever vigilant at protecting control systems.

"It will always be an ongoing problem. It's something we will have to be dealing with [for] lots of years to come," he said.
__________________________________________________________________
CIA Says Hackers Have Cut Power Grid

http://www.pcworld.com/article/141564/cia_says_hackers_have_cut_power_grid.html

January 19, 2008

Robert McMillan, IDG News Service

Criminals have been able to hack into computer systems via the Internet and cut power to several cities, a U.S. Central Intelligence Agency analyst said this week.

Speaking at a conference of security professionals on Wednesday, CIA analyst Tom Donahue disclosed the recently declassified attacks while offering few specifics on what actually went wrong.

Criminals have launched online attacks that disrupted power equipment in several regions outside of the U.S., he said, without identifying the countries affected. The goal of the attacks was extortion, he said.

"We have information, from multiple regions outside the United States, of cyber intrusions into utilities, followed by extortion demands," he said in a statement posted to the Web on Friday by the conference's organizers, the SANS Institute. "In at least one case, the disruption caused a power outage affecting multiple cities. We do not know who executed these attacks or why, but all involved intrusions through the Internet."

"According to Mr. Donahue, the CIA actively and thoroughly considered the benefits and risks of making this information public, and came down on the side of disclosure," SANS said in the statement.

One conference attendee said the disclosure came as news to many of the government and industry security professionals in attendance. "It appeared that there were a lot of people who didn't know this already," said the attendee, who asked not to be identified because he is not authorized to speak with the press.

He confirmed SANS' report of the talk. "There were apparently a couple of incidents where extortionists cut off power to several cities using some sort of attack on the power grid, and it does not appear to be a physical attack," he said.

Hacking the power grid made front-page headlines in September when CNN aired a video showing an Idaho National Laboratory demonstration of a software attack on the computer system used to control a power generator. In the demonstration, the smoking generator was rendered inoperable.

The U.S. is taking steps to lock down the computers that manage its power systems, however.

On Thursday, the Federal Energy Regulatory Commission (FERC) approved new mandatory standards designed to improve cybersecurity.

CIA representatives could not be reached immediately for comment.
__________________________________________________________________
http://www.nytimes.com/2008/08/24/world/europe/24sicily.html

At Conference on the Risks to Earth, Few Are Optimistic

By ANDREW C. REVKIN
Published: August 23, 2008


Dr. Antonino Zichichi, a physicist, ran a conference in Sicily to discuss global risks like cyberterrorism and climate change.

ERICE, Sicily — This ancient hilltop town, rife with Roman, Greek, Norman and other influences, is hosting a very modern gathering: a conference on global risks like cyberterrorism, climate change, nuclear weapons and the world’s lagging energy supply.

More than 120 scientists, engineers, analysts and economists from 30 countries were hunkered down here for the 40th annual conference on “planetary emergencies.” The term was coined by Dr. Antonino Zichichi, a native son and a theoretical physicist who has made Erice a hub for experts to discuss persistent, and potentially catastrophic, global challenges.

The participants were not particularly optimistic. They presented data showing that the boom in biofuels was depleting Southeast Asian rain forests, that “bot herders” — computer hackers for hire — were hijacking millions of computers, and that the lack of progress over handling nuclear waste was both hampering the revival of nuclear energy and adding to terrorism risks.

The meetings, which end Sunday, were sponsored by the Erice-based Ettore Majorana Foundation and Center for Scientific Culture and by the World Federation of Scientists in Geneva. Both organizations are led by Dr. Zichichi with what the physicist Dr. Richard L. Garwin, a longtime Erice conference participant and expert on nuclear weapons, affectionately called “imperious” zeal.

Dr. Zichichi, 78, controls every aspect of the sessions, including the seating in the seminars and the wine selections at the nightly dinners.

His goal is to foster what he calls “a science without secrets and without borders,” mixing disciplines and cultures, and to laud veterans and emerging talents in hopes of propelling breakthroughs.

He said past successes included focusing attention on the need to reduce nuclear stockpiles and developing the first detailed analysis of flood risks along the Yellow River in China.

The threat of cyberattacks was also a focus of this year’s meeting. In a session on information security, Hamadoun I. Touré, the secretary general of the International Telecommunication Union, warned that pervasive computer use, while offering the prospect of a global “knowledge society,” also made billions of individuals into potential superpowers.

“Every single brain on earth is equal and can trigger an attack,” he said.

Jody R. Westby, the chief executive of Global Cyber Risk, a Washington-based consulting company, warned that governments were not doing enough to anticipate attacks. She said that the United States, while investing heavily in classified work on communications networks, had only one small program doing advanced research on the vulnerabilities in the private networks that handle the brunt of government communications and information management.

In a workshop on the northward spread of mosquito-borne ailments, participants discussed the growing gap between wealthier and poorer nations in dealing with health risks.

After presentations on recent outbreaks of the tropical chikungunya virus in Italy, Baldwyn Torto of the International Center of Insect Physiology and Ecology in Nairobi, Kenya, suggested that too much of the discussion was focused on girding Europe against further outbreaks. A better approach, he said, would be to attack such diseases in the tropical spots where they originate.

At a final gathering on Saturday, Bill Fulkerson of the University of Tennessee, Knoxville, said that meetings in the next several years would likely concentrate on the technological and scientific needs of developing countries that are trying to expand their economies without diminishing resources.

The daunting nature of the problems did not seem to blunt the experts’ determination to look for answers.

“What option do I have?” said Richard Wilson, 82, a Harvard physicist and an expert on nuclear power and environmental risk. “I could go down to Hilton Head and take a little club and knock a ball around the course, but I don’t find that a very attractive thought.”
__________________________________________________________________
Cybercrime toll threatens new financial crisis

http://www.newscientist.com/article/dn16092-cybercrime-toll-threatens-new-financial-crisis.html

14:50 20 November 2008 by New Scientist staff and Reuters


International regulation must be improved to avoid internet crime causing global catastrophe, some of the world's top crime experts have warned.

Damage caused by cybercrime is estimated at $100 billion annually, said Kilian Strauss, of the Organization for Security and Cooperation in Europe (OSCE).

"These criminals, they outsmart us 10, or a hundred to one," said Strauss.

Such online criminal organisations operate in a regulatory vacuum, committing crimes such as espionage, money laundering, and theft of personal information, experts told the European Economic Crime conference in Frankfurt.

"We need multilateral understanding, account and oversight to avoid, in the years to come, a cyber crisis equivalent to the current financial crisis," said Antonio Maria Costa, executive director of the United Nations Office on Drugs and Crime.
Growing sophistication

The conference also heard warnings that internet crime is a threat to national security. After apparently politically motivated cyber attacks on Georgia and Estonia, foreign policy chiefs are concerned cybercriminals can now wield power on the international stage.

Calls for greater government oversight of the internet come at a time when strengthened regulation is more attractive than ever to policymakers who once preferred more laissez-faire strategies.

As well as financial watchdogs getting more powerful as the global economic crisis continues, regulators in areas outside finance are expected to get more powerful too.

The president of Interpol, Khoo Boon Hui, said tech-savvy gangs from China, India, Eastern Europe and Africa were coming up with ever more sophisticated ways of swindling money from vulnerable people.

The developing world is seen as one of the most important fronts for tougher oversight. As poor countries become more technologically connected, they become an ever-richer source of computers to hijack and cheap cybercrime labour.

[Optimus]

Stuxnet 'cyber superweapon' moves to China
Sep 30 07:16 AM US/Eastern

A computer virus dubbed the world's "first cyber superweapon" by experts and which may have been designed to attack Iran's nuclear facilities has found a new target -- China.

The Stuxnet computer worm has wreaked havoc in China, infecting millions of computers around the country, state media reported this week.

Stuxnet is feared by experts around the globe as it can break into computers that control machinery at the heart of industry, allowing an attacker to assume control of critical systems like pumps, motors, alarms and valves.

It could, technically, make factory boilers explode, destroy gas pipelines or even cause a nuclear plant to malfunction.

More...

[trailhound]

Smart phones shutting down power on the eastern seaboard? I'm calling bullshit on that...

[citizenx]

Umm..where did that come from?  Who said that?

[citizenx]

Oh, OK, you are talking about the exercise itself.  I had to go back and re-read Route's article. Yes, the exercise does seem highly unrealistic and sensationalist.

I think it was intentionally over-the-top.  They also use these exercises to draw attention to problems they are trying to hype, like cybersecurity.  I see what you are saying now, I think.

[Dig]

Stuxnet 'cyber superweapon' moves to China
Sep 30 07:16 AM US/Eastern

A computer virus dubbed the world's "first cyber superweapon" by experts and which may have been designed to attack Iran's nuclear facilities has found a new target -- China.

The Stuxnet computer worm has wreaked havoc in China, infecting millions of computers around the country, state media reported this week.

Stuxnet is feared by experts around the globe as it can break into computers that control machinery at the heart of industry, allowing an attacker to assume control of critical systems like pumps, motors, alarms and valves.

It could, technically, make factory boilers explode, destroy gas pipelines or even cause a nuclear plant to malfunction.

More...

[citizenx]

Speaking of China --

Was this U.S. retaliation against China for (repeated) claims of cyberwarfare?

Or just collateral damage from what appears to be a U.S./Israeli cyberwarfare move against Iran (in synch with these two year planned exercises for maximum effect on domestic audiences)?

Seems far too coincidental, indeed.

[Dig]

Speaking of China --

Was this U.S. retaliation against China for claims of cyberwarfare?

Or just collateral damage from what appears to be a U.S./Israeli cyberwarfare move against Iran (in synch with these two year planned exercises for maximum effect on domestic audiences)?

Seems far too coincidental, indeed.

It is the creation of a cover story. A fog of cyber war.

Last time they did this was 9/11 with Ptech/PROMIS/Octopus. There was no cover story so everyone knows they purposefully put in the system to create a super-control "overseer" which they used to run the 9/11 terrorist attacks.

Now they have the same system (but more advanced) throughout infrastructure using Siemens/IBM/General Electric/etc. Smart Grid and Remote Access Netcentric insanity.

The plans to create their destruction was laid out years ago when they thought they had us with Global Warming bullshit. So they felt the ends justified the means by creating these sabatoges (the BP sabatoge, the PG&E, etc.). People can now see all of it is to limit resources and energy so they need their cover story.

This controlled attack is being run with some level of sophistication and they have mockingbird media saying it has grown out of control (we have been conditioned for the past 50 years of cinema to accept such insanity).

IMO I think they are running a bitch move on us. They are giving us this cover story (which has truth to it) just like they flew the planes into the buildings. But 2 planes cannot blow up 3 buildings of over 250 floors in less than 25 seconds and this crap cannot cause precision facilities to instantly destruct as the Bilderbird doo doo heads have been planning for decades.

Chernyobl was sabotage from the inside, workers and engineers were told to push it beyond maximum for days. The China Syndrome movie goes into how these things are done. They are all inside jobs. You need to be the manufacturer + you need to put in the right pieces in the right places + you need to have years of analysis of the operations with hundreds of agents all over. Bilderberg/CFR are the only ones close to having this power. Their fingerprints are everywhere and they know it.

I think they want to scare the shit out of us to try and get rampant panic because anything they do is exposed instantly.

It is like 7 billion people have IBM predictive analysis powers and we now see all of the elite's thought crimes before they even happen.

And this is nothing new, the rights of man has given us this predictive power since before the Declaration of Independence as expressed by Burke in 1775:

“In other countries [than the American colonies], the people . . . judge of an ill principle in government only by an actual grievance; here they anticipate the evil, and judge of the pressure of the grievance by the badness of the principle.  They augur misgovernment at a distance and snuff the approach of tyranny in every tainted breeze.”

— Edmund Burke, On Moving His Resolutions for Conciliation with the Colonies, Speech to Parliament, Mar. 22, 1775.

[citizenx]

A fog of cyber war.

Apt expression. I think you are right.

Several levels of deception going on there (Pentagon/Tel Aviv).

All to undoubtedly try to create a sense of panic on behalf of their globalist masters for the cybersecurity/national security state (internationally).

I think the outer goals were: for the U.S. military, a hit on China; for the Israelis, a hit on Iran.  The inner goals were to create the atmosphere for more intense cybersecurity control, internationally.

[jerryweaver]

This appears to be widely exposed on the net as US Israeli.  
Whats up with that? Where is the usual disinfo ? Are the masks not needed? Are the gloves coming off?

[citizenx]

Good question.

[Dig]

This appears to be widely exposed on the net as US Israeli.  
Whats up with that? Where is the usual disinfo ? Are the masks not needed? Are the gloves coming off?

Well that is odd because the manufacturer is German and the scenario selections, high level planning, and Tavistock narratives are uncannily Saxe-Coburg and Gotha. The fact that Chertoff's outfit only blamed Israel while he knew that a multinational drill called Cyber Storm III was going on is wholesale bullshit. This is a tens of thousands of person drill...going on right now, when the "virus" was systematically introduced.

derrrrrrrrrrrrr deeeeeeee derrrrrrrrrrrrrrrrrr

who has the power to control multinational operations like this?

Bilderberg

NATO

CFR

Very small list.

[citizenx]

the manufacturer is German

That's a fact.

[Dig]

Apt expression. I think you are right.

Several levels of deception going on there (Pentagon/Tel Aviv).

All to undoubtedly try to create a sense of panic on behalf of their globalist masters for the cybersecurity/national security state (internationally).

I think the outer goals were: for the U.S. military, a hit on China; for the Israelis, a hit on Iran.  The inner goals were to create the atmosphere for more intense cybersecurity control, internationally.

those are all minor compared to basically saying they can enact all of the scenarios in "Live Free or Die Hard" which is basically what these Bilderberg articles are saying.

They are laying a cover story so that people will think some guy in a caravan with some asian chick, a few geeks, and a few hampster jumpers can bring down the world's infrasructure.

Did we forget a 20 nation, over 100,000 person drill is going on dealing with a multi-national cyber terror threat RIGHT NOW. This was planned and in the books over 2 years ago and the whole thing is being run out of the US Secret Service office which is either an outright lie or the most f*cked up shit I have heard all week (an d this has been one hell of a week). Is anyone under the impression this is a coincidence?

In case they are...

THIS IS A DRILL THIS IS A DRILL THIS IS A DRILL THIS IS A DRILL THIS IS A DRILL THIS IS A DRILL THIS IS A DRILL THIS IS A DRILL THIS IS A DRILL THIS IS A DRILL THIS IS A DRILL THIS IS A DRILL THIS IS A DRILL THIS IS A DRILL THIS IS A DRILL THIS IS A DRILL THIS IS A DRILL THIS IS A DRILL THIS IS A DRILL THIS IS A DRILL

[jerryweaver]

http://www.telegraph.co.uk/news/worldnews/middleeast/israel/8034987/Israeli-cyber-unit-responsible-for-Iran-computer-worm-claim.html

"Computer experts have spent months tracing the origin of the Stuxnet worm, a sophisticated piece of malicious software, or malware, that has infected industrial operating systems made by the German firm Siemens across the globe."

The virus event happened months past. We are witnessing the news event. Apparently. 

[birther truther tenther]

Before you read this BOMBSHELL link on Stuxnet,  I think Stuxnet will be become big enough to deserve its own Child board under the "Cyberterrorism is a racket" Board in General Discussion.


Here it goes...


Stuxnet worm could have been inside job!
Read article here: http://www.v3.co.uk/v3/news/2270771/stuxnet-worm-inside-job

Quote from article:

“The message I got was that it appears to have been written by someone with inside knowledge of how Siemens systems work,” he said.

[Dig]

http://www.telegraph.co.uk/news/worldnews/middleeast/israel/8034987/Israeli-cyber-unit-responsible-for-Iran-computer-worm-claim.html

"Computer experts have spent months tracing the origin of the Stuxnet worm, a sophisticated piece of malicious software, or malware, that has infected industrial operating systems made by the German firm Siemens across the globe."

The virus event happened months past. We are witnessing the news event. Apparently. 

7/12/2010

http://www.nationaldefensemagazine.org/blog/Lists/Posts/Post.aspx?ID=154

Almost like they attacked exactly the points discussed in this exact article which came out in July. And the Cyber Storm III drill was created 2 years ago to be in full force in September 2010.

Derrrrrr

Oh yeah...and the movie 2010 had a cyber ghost which could travel through the cyber world to even communicate with his wife.

THIS IS A DRILL

[birther truther tenther]

Defense Update admits Problem-Reaction-Solution and False Flag scenarios regarding  Stuxnet!

Please Read the entire article here:
http://defense-update.com/wp/20100930_stuxnet_cyber_terror_weapon.html

Selected excerpt:

Blitzblau describes an act of ‘Advanced Industrial Espionage’ a deliberate cyber sabotage launched by someone against Siemens – this could be a competitor or service-provider, seeking to exploit the situation for business opportunities – first create the problem and then – help fixing it. But there are also other aspects to the attack that could tell a different story. “This could also be a ‘general test’, prior to a planned attack, or a proof of concept, initiated by an academic group – in the past we witnessed such attacks, for example, one attack was launched from Japan, on video drivers.” According to Blitzblau a military test going out of control is not an option here. “Military offensive cyber ops are not conducted this way and even when an intelligence agency conducts such tests they will go a long way to ensure that the test is limited to a specific volume and not spread it worldwide.” He said.