SourceAmit Yoran on DHS, federal cybersecurity, enterprise securityDecember 5th, 2008 by Dennis Fisher
Amit Yoran, the former cybersecurity czar at the Department of Homeland Security and a veteran security executive, joins Dennis Fisher to discuss the state of enterprise security, the Obama administration’s cybersecurity priorities
and why information sharing between the government and private sector hasn’t worked. http://securitywireweekly.blogs.techtarget.com/podpress_trac/web/239/0/Yoran12042008.mp3
From 2008 (this was NOT specified in 2007's Northcom Document, which shows their progression toward toward EVISCERATION of freedom and vicious attack now underway against the web.)"Homeland Defense and Security scenario vignettes cover a broad range of significant terrorist activities, to include cyber attacks directed at Canada and the U.S. as a result of CTF (Coalition Task Force) operations as well as several natural disasters."
From 2005 (Applies hugely moreso now because they've been planning this for years, and as you can see from above, only starting in 2008 did NORTHCOM/Booz Allen Hamilton ramp up their attack plans on this.)
See: PROMIS/Ptech/Choicepoint/Infragard/DIEBOLD=World ID/Carbon Tax/IP v6 http://forum.prisonplanet.com/index.php?topic=79634.0
Below excerpt sourced from:Source
Feb. 22, 2005
SAN FRANCISCO -- The federal government and several international partners will hold a cyber preparedness exercise in November, Homeland Security Department officials said here at the RSA Conference. Its purpose is to give federal agencies an opportunity to test their plans for responding to a direct or indirect attack on the computer networks that control the nation's critical infrastructure such as power plants and oil pipelines. The exercise will be unclassified, and the public will be informed, said Hun Kim, deputy director of the National Cyber Security Division at DHS.
Instead, Wilson said he suspects that sophisticated intruders would
quietly try to wreak havoc, causing a loss of confidence in the
interconnected system of networks and information systems on which the nation's economy and security now depends. "Somebody's going to figure out how to get across a low wall and get on the inside, and they're not going to go in a chat room and talk about it," Wilson said. "We're talking about a sophisticated adversary."Finding a hidden enemy and cleaning up the damage in such a scenario would be extremely difficult
, Wilson said. "You're going to have not only national security issues; you're going to have privacy issues. I'll leave it at that," he said.
__________________________________________________________SourceEurope to get cybercrime alert system Europe is getting a cybercrime alert system as part of a European Union drive to fight online criminals.
According to plans, European law enforcement body Europol will receive 300,000 euros ($386,430) to build an alert system that pools reports of cybercrime, such as online identification and financial theft, from across the 27 member states.Police will launch more remote searches of suspects' hard drives over the Internet, as well as cyberpatrols to spot and track illegal activity
, under the strategy adopted by the European Union's council of ministers Thursday. The strategy, a blueprint for fighting cybercrime in the EU over the next five years, also introduces measures to encourage businesses and police to share information on investigations and cybercrime trends.
"The strategy encourages the much-needed operational cooperation and information exchange between the member states," said Jacques Barrot, vice president of the European Commission. "If the strategy is to make the fight against cybercrime more efficient, all stakeholders have to be fully committed to its implementation. We are ready to support them, also financially, in their efforts." Plans for the EU alert system follow the recent establishments of the Police Central E-crime Unit and National Fraud Strategic Authority, which aim to fight cybercrime in the United Kingdom.
__________________________________________________________How might Obama's appointment to head the DHS turn things around for the department?
Experts weigh in.SourceCyber Threats Await Next Homeland Security Chief
Though it is charged with keeping America safe, the Department of Homeland Security (DHS) has also run up a record of high-profile failures during its short history. Its role in the response to Hurricane Katrina, followed by a series of cyber security breaches, led to Congressional criticism of DHS Secretary Michael Chertoff and its CIO, Scott Charbo. And several of its proposed programs have stalled.
It's a legacy that Arizona Gov. Janet Napolitano is poised to inherit, having been named on Monday as President-elect Barack Obama's pick for DHS secretary. And as a result of the DHS's troubles, information security experts have a laundry list of suggestions for Napolitano once she's confirmed.
First off, she should speed up the hiring process to better protect against future cyber security threats, according to Shannon Kellogg, director of information security policy at EMC (NYSE: EMC). Kellogg pointed out that the DHS has lost several employees involved in information security, including Greg Garcia, assistant secretary for cyber security and communications, who announced his departure this week.
Getting new people in quickly and retaining them will be important because US-CERT, the operational arm of the department's National Cyber Security Division and a key player in national and private sector Internet security, is building out broader capabilities and expanding quickly, Kellogg told InternetNews.com.
"That requires you hire people very quickly, but this is counter to how government hiring processes work," he added. US-CERT coordinates defenses against and responses to cyber attacks nationwide and issues security threat warnings. It developed software for the Einstein Program, an intrusion detection system in the federal government that is the result of the 2002 Homeland Security Act, the 2003 Federal Information Security Management Act (FISMA) and the Homeland Security Presidential Directive/Hspd-12, issued in August 2004. The first two versions of Einstein have been implemented in the Federal government.
EMC's Kellogg said that Einstein III is in the works. The project -- in which Kellogg called on Napolitano to continue investing -- will add real-time reporting capabilities to the system.
Clean up your own house
Napolitano should also make sure DHS deals with its own security vulnerabilities. The department suffered 844 security breaches during its fiscal 2005 and 2006, leading a House subcommittee on tech and cyber security to DHS CIO Scott Charbo of not doing his job, during a June 2007 hearing. The breaches also led to charges from a congressman that the IT vendor DHS contracted to build its networks, Unisys
, bore partial responsibility for the breaches. The company quickly denied the accusations' validity, but the incident later led to an FBI probe of Unisys (NYSE: UIS).
"I hope the new secretary will continue to emphasize the importance of information security in this environment," EMC's Kellogg said. "DHS should be an example for information security within the federal government." As a result, the DHS should take a proactive approach to security, Scott Crawford, research director at Enterprise Management Associates, told InternetNews.com.
"There is no national agenda for taking cyber security all that seriously at this point," he said. "The DHS is left to reacting to events as they occur and leaving events to the private sector." Also at issue is how the next director of homeland security will work with the tech czar that Obama has promised to appoint -- a position commonly thought of as a national CTO.
While details are scant on Obama's plans for the position, analyst Charles King of Pund-IT said he believes Napolitano should fight the idea of creating a single CTO position.
Instead, he thinks she should suggest a national council of CTOs, he told InternetNews.com in an e-mail. A long list of rumored candidates Obama's tech czar post has included names like that of Google CEO Eric Schmidt -- who later signaled his interest in remaining at the search giant -- as well as former FCC chair Reed Hundt, Apple CEO Steve Jobs, Amazon CEO Jeff Bezos and Julius Genachowski, an economic adviser to Obama and cofounder of venture capital firm Rock Creek Ventures.
But King thinks that's a bad idea. Napolitano should appoint working CTOs who have actually been involved in developing successful commercial projects, he said. He added that Napolitano ought to keep the national CTO on a tight leash, giving them three months to develop one-, two- and three-year plans for modernizing the nation's IT resources -- and refusing to extend the deadline.
All these suggestions will take time to flesh out. But one of the things Napolitano can do to score points quickly with the new administration is to have DHS establish a methodology to rate how well companies and agencies are communicating securely, one observer noted. "The DHS should enable agencies and the U.S. government to use a unified architecture
to communicate securely, and a rating system will motivate people to use best practices for secure communication," said Kelly Mackin, president and COO of DataMotion, told InternetNews.com.
According to Mackin, whose firm handles secure e-mail for a U.K. government department, there are 4.7 terabytes of e-mail data for every 1,000 employees in a company -- data that could pose a danger if not properly locked down. "Although 93 percent of employees think e-mail is a critical piece of how they do business, most of that e-mail is not secured, and DHS must address this problem," she said.
__________________________________________________________Voter Fraud Recount Revealed: AIPAC/Rockefeller!!!!!!!!!!!!http://forum.prisonplanet.com/index.php?topic=21681.msg83959#msg83959
"FBI INFRAGARD - Kill your neighbors with FBI/CACI intelligence!
Infragard--Join now and get your own license to kill!!!
InfowarCon Advisory Board: Dr. Dan Kuehl, National Defense University; Amit Yoran
, NetWitness; Mark Rasch, FTI; Dorothy Denning, DoD; Richard Forno, Infowarrior.org; Lars Nicander, CATS; Bruce Brody, CACI
InfowarCon Sponsors & Partners Include: The Department of Homeland Security (DHS), Mandiant, Netwitness
, Purifile, Secure Computing, Lincoln Group
, White Wolf Security, Department of Defense Cyber Crime Center (DC3), (ISC)2; Homeland Defense Journal, Government Security News, Homeland Defense Week, Officer.com, Continuity Insights, InfraGard National Members Alliance, ISSA NOVA, Terrorism Research Center and National Defense University.Source
Mossad: RSA Security & Ptech
Run US Govt Computers
Posted in the database on Monday, June 19th, 2006 @ 12:41:33 MST (818 views)
by Christopher Bollyn American Free Press
The most critical computer and communication networks used by the U.S. government and military are secured by encryption software written by an Israeli "code breaker" tied to an Israeli state-run scientific institution.
The National Security Agency (NSA), the U.S. intelligence agency with the mandate to protect government and military computer networks and provide secure communications for all branches of the U.S. government uses security software written by an Israeli code breaker whose home office is located at the Weizmann Institute in Israel.
A Bedford, Massachusetts-based company called RSA Security, Inc. issued a press release on March 28, 2006, which revealed that the NSA would be using its security software:
"U.S. Department of Defense Agency Selects RSA Security Encryption Software" was the headline of the company's press release which announced that the National Security Agency had selected its encryption software to be used in the agency's "classified communications project.
RSA stands for the names of the founders of the company: Ronald L. Rivest, Adi Shamir, and Leonard M. Adleman. Adi Shamir, the lead theoretician, is an Israeli citizen and a professor at the Weizmann Institute, a scientific institution tied to the Israeli defense establishment.
"My main area of research is cryptography – making and breaking codes," Shamir's webpage at the Weizmann Institute says. "It is motivated by the explosive growth of computer networks and wireless communication. Without cryptographic protection, confidential information can be exposed to eavesdroppers, modified by hackers, or forged by criminals."
The NSA/Central Security Service defines itself as America’s cryptologic organization, which "coordinates, directs, and performs highly specialized activities to protect U.S. government information systems and produce foreign signals intelligence information."
The fact that the federal intelligence agency responsible for protecting the most critical computer systems and communications networks used by all branches of the U.S. government and military is using Israeli-made encryption software should come as no surprise. The RSA press release is just the icing on the cake; the keys to the most critical computer networks in the United States have long been held in Israeli hands.
AFP inquired with the NSA about its use of Israeli-made security software for classified communications projects and asked why such outsourcing was not seen as a national security threat. Why is "America’s cryptologic organization" using Israeli encryption codes?
NSA spokesman Ken White said that the agency is "researching" the matter and would respond in the coming week.
American Free Press has previously revealed that scores of "security software" companies – spawned and funded by the Mossad, the Israeli military intelligence agency – have proliferated in the United States.
The "security" software products of many of these usually short-lived Israeli-run companies have been integrated into the computer products which are provided to the U.S. government by leading suppliers such as Unisys.
Unisys integrated Israeli security software, provided by the Israel-based Check Point Software Technologies and Eurekify, into its own software, so that Israeli software, written by Mossad-linked companies, now "secures" the most sensitive computers in the U.S. government and commercial sector.
The Mossad-spawned computer security firms typically have a main office based in the U.S. while their research and development is done in Israel.
The Mossad start-up firms usually have short lives before they are acquired for exaggerated sums of money by a larger company, enriching their Israeli owners in the process and integrating the Israeli directors and their Mossad-produced software into the parent company.
RSA, for example, an older security software company, acquired an Israeli-run security software company, named Cyota, at the end of 2005 for $145 million.
In January 2005, Cyota, "the leading provider of online security and anti-fraud solutions for financial institutions" had announced that "security expert" Amit Yoran, had joined the company's board of directors.
Prior to becoming a director at Cyota, Yoran, a 34-year old Israeli, had already been the national "Cyber Czar," having served as director of the Department of Homeland Security's National Cyber Security Division.
Yoran had been appointed "Cyber Czar" at age 32 by President George W. Bush in September 2003.
Before joining DHS, Yoran had been vice president for worldwide managed security services at Symantec. Prior to that, he had been the founder, president and CEO of Riptech, Inc., an information security management and monitoring firm, which Symantec acquired in 2002 for $145 million.
Yoran and his brother Naftali Elad Yoran are graduates of the U.S. Military Academy at Westpoint. Elad graduated in 1991 and Amit in 1993. Along with their brother Dov, the Yoran brothers are key players in the security software market. Amit has also held critical positions in the U.S. government overseeing computer security for the very systems that apparently failed on 9/11.
Before founding Riptech in 1998, Yoran directed the vulnerability- assessment program within the computer emergency response team at the US Department of Defense.
Yoran previously served as an officer in the United States Air Force as the Director of Vulnerability Programs for the Department of Defense's Computer Emergency Response Team and in support of the Assistant Secretary of Defense's Office.In June 2005, Yoran joined the board of directors of Guardium, Inc.
, another Mossad-spawned "provider of database security solutions" based in Waltham, Massachusetts.Guardium is linked with Ptech, an apparent Mossad "cut out" computer security company linked with the 9/11 attacks.
Ptech, a computer software company in Quincy, Mass., was supposedly a small start-up company founded by a Lebanese Muslim and funded by a Saudi millionaire.
Yet Ptech's clients included all the key federal governmental agencies, including the U.S. Army, the U.S. Air Force, the U.S. Naval Air Command, Congress, the Department of Energy, the Federal Aviation Administration, the Internal Revenue Service, NATO, the Federal Bureau of Investigation, the Secret Service and even the White House.
The marketing manager at Ptech, Inc. when the company started in the mid-1990s, however, was not a Muslim or an Arab, but an American Jewish lawyer named Michael S. Goff who had suddenly quit his law firm for no apparent reason and joined the Arab-run start-up company.
Goff was the company's information systems manager and had single-handedly managed the company's marketing and "all procurement" of software, systems and peripherals. He also trained the employees. Goff was obviously the key person at Ptech.
In the wake of 9/11, during the Citizens' Commission hearings in New York, Indira Singh, a consultant who had worked on a Defense Advanced Research Project, pointed to Ptech and MITRE Corp. being involved in computer "interoperability issues" between the FAA and NORAD. At this time Ptech's ties to Arabs was the focus, and Goff was out of the picture.
"Ptech was with MITRE Corporation in the basement of the FAA for two years prior to 9/11," Singh said. "Their specific job is to look at interoperability issues the FAA had with NORAD and the Air Force in the case of an emergency. If anyone was in a position to know that the FAA – that there was a window of opportunity or to insert software or to change anything – it would have been Ptech along with MITRE."
The Mossad-run Guardium company is linked with Ptech through Goff Communications, the Holliston, Mass.-based public relations firm previously run by Michael S. Goff and his wife Marcia, which represents Guardium. Since being exposed in AFP in 2005, however, Michael's name no longer appears on the company website.
Although he and his brother reportedly grew up in Pound Ridge, New York during the 1970s and 1980s, the heads of the Jewish community told AFP that they had never heard of him. One said that she had conducted a survey of the Jews living in the small village of Pound Ridge in the 1970s and she would have remembered if a wealthy Israeli family named Yoran had been found. Why did the locals in Pound Ridge NOT remember the Yorans?
Probably because they were NOT in Pound Ridge - but in Israel. The Pound Ridge address was used to give the appearance that the Yorans were Americans. I spoke with Elad and he has a distinctive Israeli accent - not what you would expect for a guy who grew up in a posh Yankee village.
So who are the Yorans? Who are their parents and why did they come to the United States? To raise a couple high-level moles to infiltrate the most sensitive U.S. computer networks? How could they have lived for 20 years in Pound Ridge and NOT be remembered.GET READY FOR THE NEW AMERIKA!! A BETTER INFORMED SOCIETY WILL RESULT IN A FREER ONE WITH OUR MACHINE GUNS AND CYBER POLICE THAT CAN'T GET ANY OTHER TYPE OF JOBS BECAUSE THAT'S THE ONLY JOBS WE'VE LEFT FOR YOU IN THE NAU!!! YOU PASS OUT ANTI-NWO MATERIAL, & PROTEST CLOUD COMPUTING? YOU'LL BE SHOT ON SIGHT!!! YOU WON'T EVEN HAVE TO GET ON THE TRAIN, BECAUSE THE SECRET THAT NO ONE HAS TOLD YOU IS THAT THE PUBLIC TRANSPORTATION, BUSES, ET.AL. WILL TAKE YOU TO THE FEMA CAMPS UNDER USTRANSCOM! NOW SHUT UP SLAVES!!!!