Click here to close now.

Welcome!

Big Data Journal Authors: Michael Jannery, Marty Puranik, Amit Gupta, Pat Romanski, Jnan Dash

Blog Feed Post

January Cyber War and Cyber Conflict Link Roundup

By

Wow, what a month. Two big stories to note: USCC is seeking to grow over 5x to 4900 people, and the NYTimes (and WSJ it seems) have been hacked, purportedly by the Chinese over their China coverage. In other news, a new discovery of the ‘Red October’ campaign filled the headlines, although by now these sorts of things feel standard issue. On a related note, DARPA is getting ready to issue a BAA for their CAT program, using big data to tackle targeted attacks.

An upcoming event to note in the DC area: Suits and Spooks, next week (February 8 and 9).

News

Israel launches cyber warfare training program

Israel is developing a national program that trains young people for cyber warfare to boost its ability to deal with the increasing number of online attacks.
According to The Jerusalem Post’s report Wednesday, the program named “Magshimim Le’umit” has been in development for the past three years and targets outstanding pupils aged between 16 and 18 to join up.
Israel Prime Minister Binyamin Netanyahu said the country’s computer systems are facing attacks from Iran and other countries, and such attacks are set to increase in the digital age. The goverment is also bolstering its ability to deal with these threats through the Israel National Cyber Bureau (INCB), he added.

Nations prepare for cyber war

In 2012, large-scale cyberattacks targeted at the Iranian government were uncovered, and in return, Iran is believed to have launched massive attacks aimed at U.S. banks and Saudi oil companies. At least 12 of the world’s 15 largest military powers are currently building cyberwarfare programs, according to James Lewis, a cybersecurity expert at the Center for Strategic and International Studies.

‘Red October’ cyber-attack found by Russian researchers

A major cyber-attack that may have been stealing confidential documents since 2007 has been discovered by Russian researchers.
Kaspersky Labs told the BBC the malware targeted government institutions such as embassies, nuclear research centres and oil and gas institutes.
It was designed to steal encrypted files – and was even able to recover files that had been deleted.

MPs Unsettled By Potentially ‘Fatal’ Government Cyber Warfare Strategy

MPs have complained about government ‘complacency’ in their assessment of when military forces should involve themselves in cyber warfare, pointing to a potentially fatal reliance on inadequately protected systems.
In a report released today, the Defence Committee said the government did not appear to have a fully-constructed plan for dealing with a major cyber attack. Meanwhile, the ever-changing threat landscape, coupled with a major reliance on IT, made for a potentially lethal brew for the UK military as it prepares for cyber warfare.

Cyber War Stakes Rising

U.S. intelligence officials have warned as nation-sponsored cyber warfare goes mainstream this year, attacks on U.S. installations and institutions could result not just in damage and theft but in fatalities.
They believe fatalities could occur and “that is the best estimate at this point,” said the former senior intelligence official.
Currently 12 of the world’s 15 largest military powers are building cyber warfare programs, these intelligence sources told ISSSource, adding the number of intrusions and attacks has increased dramatically over the last several years.

PENTAGON CYBERWARRIORS TO UNLOAD SOME DEFENSIVE TASKS TO BIG DATA

The Defense Department hopes to offload some of the work of analyzing network vulnerabilities to a machine, Pentagon officials said on Friday.
The Cyber Targeted Attack Analyzer is intended to reduce the workload for the department?s short-handed cyber forces by organizing information from ‘disparate network data sources’ to more easily see computer abnormalities, according to the Pentagon’s laboratory. Information technology development efforts will kick off with a briefing for prospective contractors on Jan. 30, Defense Advanced Research Projects Agency officials said. DARPA expects to release a solicitation for project proposals within a few weeks afterward.
The trick will be reeling in all that intelligence from devices that are not necessarily compatible.

DoD Proposes Cyber Targeted-Attack Analyzer (CAT) Program

The Pentagon has announced the initiation of a program to develop an integrated threat analysis system that will significantly improve the Defense Department?s ability to identify network security vulnerabilities by leveraging the power of Big Data analytics. The Defense Advanced Research Projects Agency (DARPA) Information Innovation Office (I2O) will host an informative briefing on January 30th in a run-up to a Broad Agency Announcement (BAA) in a few weeks that will include a Request for Information (RFI) that will officially commence the process for accepting proposals from vendors for the development of the Cyber Targeted-Attack Analyzer (CAT) Program, according to a Special Notice released by DARPA, the DoD’s research and development branch.

Hacker hits on U.S. power and nuclear targets spiked in 2012

The number of attacks reported to a U.S. Department of Homeland Security cybersecurity response team grew by 52% in 2012, according to a recent report from the team. There were 198 attacks brought to the agency’s attention last year, several of which resulted in successful break-ins.
An earlier report from DHS sketched in details on some of those successes. An unidentified group of hackers targeting natural gas pipeline companies gained access to the corporate systems of several of their targets and “exfiltrated” — that’s security-speak for “stole” — data on how their control systems work.

DoD Looking to ‘Jump the Gap’ Into Adversaries’ Closed Networks

The Army’s Intelligence and Information Warfare Directorate, known as I2WD, hosted a classified planning day Nov. 28. Representatives from 60 companies and labs attended to discuss what can be done in the realm of electronic warfare and cyber, according to a source familiar with the program.
The roughly half-dozen objectives of the Tactical Electromagnetic Cyber Warfare Demonstrator program are classified. (The TECWD program is pronounced ‘techwood’ by participants.) The source said the program is designed to demonstrate ready-made systems, dubbed ‘boxes,’ that can perform a variety of tasks. Some are somewhat typical fare, like systems aimed at the improvised explosive device threat.
But among the objectives are these: inserting and extracting data from sealed, wired networks.

Air Force’s cyber commander says Iran is next big ‘Net menace

General William Shelton, commander of the US Air Force Space Command, told reporters in a press briefing for the Defense Writers Group that he believes Iran’s growing “cyber” capabilities will be a “force to be reckoned with,” thanks in part to Iran’s response to the Stuxnet attacks on its nuclear facilities in 2010.

In Syria, the Cyberwar Intensifies

The front pages have been dominated for more than a year by photos of young Syrian rebel fighters, armed and proud, battling an increasingly isolated Syrian military.
But amid the shooting, the atrocities and the bombings, there is a parallel war – a sophisticated cyber insurgency battling a shadowy team working on behalf of the Assad regime. The Syrians’ online conflict may be the most active cyberwar in recent memory, with extraordinary efforts by both sides to sabotage, disrupt and destroy. It may even foreshadow the way cyber battles will play out in future conflicts.

Iran cyber police uncovers hacking of US bank: Report

The Head of FETA (Iran’s cyber police) says the police has identified the source of attack to US Citibank, and denies that Iranians have a role in attack, Mehr News Agency reported from Tehran on Sunday.
“The attack sources have not been located inside Iran and even Iranian users have been victimized,” says Brigadier General Seyed Kamal Hadianfar, the head of Iranian Cyber Police in an interview to Mehr News.

John Kerry: Foreign Hackers Are ’21st Century Nuclear Weapons’

Sen. John Kerry (D-Mass.) on Thursday likened the threat posed by foreign hackers to “modern-day, 21st century nuclear weapons” and pledged to use diplomacy to avert cyber attacks against the nation?s power grid, transportation system and financial networks.

FSB’s Cyber Silver Bullet

President Vladimir Putin recently ordered the Federal Security Service to create a system to allow the state to detect, prevent and disable cyberattacks in Russia and at diplomatic stations abroad. It is an ambitious goal and one that the FSB is well-equipped to tackle with the help of its Information Security Center and Communications Security Center. But the FSB might very well go beyond its immediate mandate to neutralize hacker attacks against Russia and expand its cyberspace presence among members of the Commonwealth of Independent States, or CIS, perhaps even gaining access to information on hacker attacks waged around the world.

Pentagon to boost cybersecurity force

The Pentagon has approved a major expansion of its cybersecurity force over the next several years, increasing its size more than fivefold to bolster the nation’s ability to defend critical computer systems and conduct offensive computer operations against foreign adversaries, according to U.S. officials.

Hackers in China Attacked The Times for Last 4 Months

SAN FRANCISCO — For the last four months, Chinese hackers have persistently attacked The New York Times, infiltrating its computer systems and getting passwords for its reporters and other employees.
After surreptitiously tracking the intruders to study their movements and help erect better defenses to block them, The Times and computer security experts have expelled the attackers and kept them from breaking back in.

Blogs & Opinion Pieces

Cyber and Drone Attacks May Change Warfare More Than the Machine Gun

But information warfare, warfare pursued with information technologies, distorts concepts like “necessity” and “civilian” in ways that challenge these ethical frameworks. An attack on another nation’s information infrastructure, for instance, would surely count as an act of war. But what if it reduced the risk of future bloodshed? Should we really only consider it as a last resort? The use of robots further complicates things. It’s not yet clear who should be held responsible if and when an autonomous military robot kills a civilian.

My Infosec Wish for 2013: A Balanced Cyberwarfare Debate

I can already hear the chuckling. ‘Cyber warfare’ Balanced? And I’d like partisanship in Washington to end, a double date with Mila Kunis and Scarlett Johansson, and some fries with that!? Yes, my desire is utopian, but the fact that I would have to qualify it with a self-deprecating remark suggests the distance that we have yet to travel before we can get more value out of our present conversation on the topic of cyber warfare.

Industry’s Vital Role in National Cyber Security
by James P. Farwell

Yet, 90 percent of US critical cyber infrastructure is owned by the private sector. Melissa Hathaway, who served as the cyber coordination executive for the Director of National Intelligence (DNI), has rightly pointed out that corporate and political leaders “appear to be paralyzed about meeting the needs for our cyber infrastructures and enterprises.” This current deadlock undercuts American security interests, and Congress must strike a balance between competing policy perspectives for cyber security. The dilemma is that earning a profit motivates industry, while protecting national security motivates the USG. Although often complementary, these agendas do compete. What is required is a confluent approach that removes legislative obstacles to stronger cyber security, forges robust partnerships between the public and private sectors, and better manages risk in the global supply chain. A review of current US strategy and the threat matrix is instructive in framing a new approach.

Towards a coherent international cyberspace policy for the EU
Global Cyber Security Conference
SPEECH/13/82 by Neelie Kroes in Brussels, 30 January 2013
Vice-President of the European Commission responsible for the Digital Agenda

As more people come to rely on the Internet, they rely on it to be secure. And as the online world becomes a part of everything we do, securing that world is essential to ensuring a society that remains secure, prosperous and free.

Events

Suits and Spooks DC 2013

Some of the most important discussions that will take place in 2013 will be around the need for the private sector to become more aggressive in the defense of their systems. These questions and more will be examined and debated at Suits and Spooks DC to be held at the Waterview Conference Center in Arlington, VA on February 8-9, 2013. We?ll be inviting industry veterans, government officials, hackers, lawyers, Special Operations Forces personnel, and security researchers to join in the discussion along with our registered attendees.

Read the original blog entry...

More Stories By Bob Gourley

Bob Gourley, former CTO of the Defense Intelligence Agency (DIA), is Founder and CTO of Crucial Point LLC, a technology research and advisory firm providing fact based technology reviews in support of venture capital, private equity and emerging technology firms. He has extensive industry experience in intelligence and security and was awarded an intelligence community meritorious achievement award by AFCEA in 2008, and has also been recognized as an Infoworld Top 25 CTO and as one of the most fascinating communicators in Government IT by GovFresh.

@BigDataExpo Stories
One of the biggest impacts of the Internet of Things is and will continue to be on data; specifically data volume, management and usage. Companies are scrambling to adapt to this new and unpredictable data reality with legacy infrastructure that cannot handle the speed and volume of data. In his session at @ThingsExpo, Don DeLoach, CEO and president of Infobright, will discuss how companies need to rethink their data infrastructure to participate in the IoT, including: Data storage: Understand...
Since 2008 and for the first time in history, more than half of humans live in urban areas, urging cities to become “smart.” Today, cities can leverage the wide availability of smartphones combined with new technologies such as Beacons or NFC to connect their urban furniture and environment to create citizen-first services that improve transportation, way-finding and information delivery. In her session at @ThingsExpo, Laetitia Gazel-Anthoine, CEO of Connecthings, will focus on successful use c...
The true value of the Internet of Things (IoT) lies not just in the data, but through the services that protect the data, perform the analysis and present findings in a usable way. With many IoT elements rooted in traditional IT components, Big Data and IoT isn’t just a play for enterprise. In fact, the IoT presents SMBs with the prospect of launching entirely new activities and exploring innovative areas. CompTIA research identifies several areas where IoT is expected to have the greatest impac...
Roberto Medrano, Executive Vice President at SOA Software, had reached 30,000 page views on his home page - http://RobertoMedrano.SYS-CON.com/ - on the SYS-CON family of online magazines, which includes Cloud Computing Journal, Internet of Things Journal, Big Data Journal, and SOA World Magazine. He is a recognized executive in the information technology fields of SOA, internet security, governance, and compliance. He has extensive experience with both start-ups and large companies, having been ...
The industrial software market has treated data with the mentality of “collect everything now, worry about how to use it later.” We now find ourselves buried in data, with the pervasive connectivity of the (Industrial) Internet of Things only piling on more numbers. There’s too much data and not enough information. In his session at @ThingsExpo, Bob Gates, Global Marketing Director, GE’s Intelligent Platforms business, to discuss how realizing the power of IoT, software developers are now focu...
Operational Hadoop and the Lambda Architecture for Streaming Data Apache Hadoop is emerging as a distributed platform for handling large and fast incoming streams of data. Predictive maintenance, supply chain optimization, and Internet-of-Things analysis are examples where Hadoop provides the scalable storage, processing, and analytics platform to gain meaningful insights from granular data that is typically only valuable from a large-scale, aggregate view. One architecture useful for capturing...
SYS-CON Events announced today that Vitria Technology, Inc. will exhibit at SYS-CON’s @ThingsExpo, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. Vitria will showcase the company’s new IoT Analytics Platform through live demonstrations at booth #330. Vitria’s IoT Analytics Platform, fully integrated and powered by an operational intelligence engine, enables customers to rapidly build and operationalize advanced analytics to deliver timely business outcomes ...
Thanks to Docker, it becomes very easy to leverage containers to build, ship, and run any Linux application on any kind of infrastructure. Docker is particularly helpful for microservice architectures because their successful implementation relies on a fast, efficient deployment mechanism – which is precisely one of the features of Docker. Microservice architectures are therefore becoming more popular, and are increasingly seen as an interesting option even for smaller projects, instead of bein...
The explosion of connected devices / sensors is creating an ever-expanding set of new and valuable data. In parallel the emerging capability of Big Data technologies to store, access, analyze, and react to this data is producing changes in business models under the umbrella of the Internet of Things (IoT). In particular within the Insurance industry, IoT appears positioned to enable deep changes by altering relationships between insurers, distributors, and the insured. In his session at @Things...
SYS-CON Events announced today that Open Data Centers (ODC), a carrier-neutral colocation provider, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place June 9-11, 2015, at the Javits Center in New York City, NY. Open Data Centers is a carrier-neutral data center operator in New Jersey and New York City offering alternative connectivity options for carriers, service providers and enterprise customers.
In his session at DevOps Summit, Tapabrata Pal, Director of Enterprise Architecture at Capital One, will tell a story about how Capital One has embraced Agile and DevOps Security practices across the Enterprise – driven by Enterprise Architecture; bringing in Development, Operations and Information Security organizations together. Capital Ones DevOpsSec practice is based upon three "pillars" – Shift-Left, Automate Everything, Dashboard Everything. Within about three years, from 100% waterfall, C...
Even as cloud and managed services grow increasingly central to business strategy and performance, challenges remain. The biggest sticking point for companies seeking to capitalize on the cloud is data security. Keeping data safe is an issue in any computing environment, and it has been a focus since the earliest days of the cloud revolution. Understandably so: a lot can go wrong when you allow valuable information to live outside the firewall. Recent revelations about government snooping, along...
The explosion of connected devices / sensors is creating an ever-expanding set of new and valuable data. In parallel the emerging capability of Big Data technologies to store, access, analyze, and react to this data is producing changes in business models under the umbrella of the Internet of Things (IoT). In particular within the Insurance industry, IoT appears positioned to enable deep changes by altering relationships between insurers, distributors, and the insured. In his session at @Things...
Data-intensive companies that strive to gain insights from data using Big Data analytics tools can gain tremendous competitive advantage by deploying data-centric storage. Organizations generate large volumes of data, the vast majority of which is unstructured. As the volume and velocity of this unstructured data increases, the costs, risks and usability challenges associated with managing the unstructured data (regardless of file type, size or device) increases simultaneously, including end-to-...
The excitement around the possibilities enabled by Big Data is being tempered by the daunting task of feeding the analytics engines with high quality data on a continuous basis. As the once distinct fields of data integration and data management increasingly converge, cloud-based data solutions providers have emerged that can buffer your organization from the complexities of this continuous data cleansing and management so that you’re free to focus on the end goal: actionable insight.
When it comes to the Internet of Things, hooking up will get you only so far. If you want customers to commit, you need to go beyond simply connecting products. You need to use the devices themselves to transform how you engage with every customer and how you manage the entire product lifecycle. In his session at @ThingsExpo, Sean Lorenz, Technical Product Manager for Xively at LogMeIn, will show how “product relationship management” can help you leverage your connected devices and the data th...
With several hundred implementations of IoT-enabled solutions in the past 12 months alone, this session will focus on experience over the art of the possible. Many can only imagine the most advanced telematics platform ever deployed, supporting millions of customers, producing tens of thousands events or GBs per trip, and hundreds of TBs per month. With the ability to support a billion sensor events per second, over 30PB of warm data for analytics, and hundreds of PBs for an data analytics arc...
The Internet of Things (IoT) is causing data centers to become radically decentralized and atomized within a new paradigm known as “fog computing.” To support IoT applications, such as connected cars and smart grids, data centers' core functions will be decentralized out to the network's edges and endpoints (aka “fogs”). As this trend takes hold, Big Data analytics platforms will focus on high-volume log analysis (aka “logs”) and rely heavily on cognitive-computing algorithms (aka “cogs”) to mak...
Operational Hadoop and the Lambda Architecture for Streaming Data Apache Hadoop is emerging as a distributed platform for handling large and fast incoming streams of data. Predictive maintenance, supply chain optimization, and Internet-of-Things analysis are examples where Hadoop provides the scalable storage, processing, and analytics platform to gain meaningful insights from granular data that is typically only valuable from a large-scale, aggregate view. One architecture useful for capturing...
Companies today struggle to manage the types and volume of data their customers and employees generate and use every day. With billions of requests daily, operational consistency can be elusive. In his session at Big Data Expo, Dave McCrory, CTO at Basho Technologies, will explore how a distributed systems solution, such as NoSQL, can give organizations the consistency and availability necessary to succeed with on-demand data, offering high availability at massive scale.