Welcome!

@BigDataExpo Authors: Liz McMillan, Elizabeth White, Scott Allen, Roger Strukhoff, Pat Romanski

Blog Feed Post

January Cyber War and Cyber Conflict Link Roundup

By

Wow, what a month. Two big stories to note: USCC is seeking to grow over 5x to 4900 people, and the NYTimes (and WSJ it seems) have been hacked, purportedly by the Chinese over their China coverage. In other news, a new discovery of the ‘Red October’ campaign filled the headlines, although by now these sorts of things feel standard issue. On a related note, DARPA is getting ready to issue a BAA for their CAT program, using big data to tackle targeted attacks.

An upcoming event to note in the DC area: Suits and Spooks, next week (February 8 and 9).

News

Israel launches cyber warfare training program

Israel is developing a national program that trains young people for cyber warfare to boost its ability to deal with the increasing number of online attacks.
According to The Jerusalem Post’s report Wednesday, the program named “Magshimim Le’umit” has been in development for the past three years and targets outstanding pupils aged between 16 and 18 to join up.
Israel Prime Minister Binyamin Netanyahu said the country’s computer systems are facing attacks from Iran and other countries, and such attacks are set to increase in the digital age. The goverment is also bolstering its ability to deal with these threats through the Israel National Cyber Bureau (INCB), he added.

Nations prepare for cyber war

In 2012, large-scale cyberattacks targeted at the Iranian government were uncovered, and in return, Iran is believed to have launched massive attacks aimed at U.S. banks and Saudi oil companies. At least 12 of the world’s 15 largest military powers are currently building cyberwarfare programs, according to James Lewis, a cybersecurity expert at the Center for Strategic and International Studies.

‘Red October’ cyber-attack found by Russian researchers

A major cyber-attack that may have been stealing confidential documents since 2007 has been discovered by Russian researchers.
Kaspersky Labs told the BBC the malware targeted government institutions such as embassies, nuclear research centres and oil and gas institutes.
It was designed to steal encrypted files – and was even able to recover files that had been deleted.

MPs Unsettled By Potentially ‘Fatal’ Government Cyber Warfare Strategy

MPs have complained about government ‘complacency’ in their assessment of when military forces should involve themselves in cyber warfare, pointing to a potentially fatal reliance on inadequately protected systems.
In a report released today, the Defence Committee said the government did not appear to have a fully-constructed plan for dealing with a major cyber attack. Meanwhile, the ever-changing threat landscape, coupled with a major reliance on IT, made for a potentially lethal brew for the UK military as it prepares for cyber warfare.

Cyber War Stakes Rising

U.S. intelligence officials have warned as nation-sponsored cyber warfare goes mainstream this year, attacks on U.S. installations and institutions could result not just in damage and theft but in fatalities.
They believe fatalities could occur and “that is the best estimate at this point,” said the former senior intelligence official.
Currently 12 of the world’s 15 largest military powers are building cyber warfare programs, these intelligence sources told ISSSource, adding the number of intrusions and attacks has increased dramatically over the last several years.

PENTAGON CYBERWARRIORS TO UNLOAD SOME DEFENSIVE TASKS TO BIG DATA

The Defense Department hopes to offload some of the work of analyzing network vulnerabilities to a machine, Pentagon officials said on Friday.
The Cyber Targeted Attack Analyzer is intended to reduce the workload for the department?s short-handed cyber forces by organizing information from ‘disparate network data sources’ to more easily see computer abnormalities, according to the Pentagon’s laboratory. Information technology development efforts will kick off with a briefing for prospective contractors on Jan. 30, Defense Advanced Research Projects Agency officials said. DARPA expects to release a solicitation for project proposals within a few weeks afterward.
The trick will be reeling in all that intelligence from devices that are not necessarily compatible.

DoD Proposes Cyber Targeted-Attack Analyzer (CAT) Program

The Pentagon has announced the initiation of a program to develop an integrated threat analysis system that will significantly improve the Defense Department?s ability to identify network security vulnerabilities by leveraging the power of Big Data analytics. The Defense Advanced Research Projects Agency (DARPA) Information Innovation Office (I2O) will host an informative briefing on January 30th in a run-up to a Broad Agency Announcement (BAA) in a few weeks that will include a Request for Information (RFI) that will officially commence the process for accepting proposals from vendors for the development of the Cyber Targeted-Attack Analyzer (CAT) Program, according to a Special Notice released by DARPA, the DoD’s research and development branch.

Hacker hits on U.S. power and nuclear targets spiked in 2012

The number of attacks reported to a U.S. Department of Homeland Security cybersecurity response team grew by 52% in 2012, according to a recent report from the team. There were 198 attacks brought to the agency’s attention last year, several of which resulted in successful break-ins.
An earlier report from DHS sketched in details on some of those successes. An unidentified group of hackers targeting natural gas pipeline companies gained access to the corporate systems of several of their targets and “exfiltrated” — that’s security-speak for “stole” — data on how their control systems work.

DoD Looking to ‘Jump the Gap’ Into Adversaries’ Closed Networks

The Army’s Intelligence and Information Warfare Directorate, known as I2WD, hosted a classified planning day Nov. 28. Representatives from 60 companies and labs attended to discuss what can be done in the realm of electronic warfare and cyber, according to a source familiar with the program.
The roughly half-dozen objectives of the Tactical Electromagnetic Cyber Warfare Demonstrator program are classified. (The TECWD program is pronounced ‘techwood’ by participants.) The source said the program is designed to demonstrate ready-made systems, dubbed ‘boxes,’ that can perform a variety of tasks. Some are somewhat typical fare, like systems aimed at the improvised explosive device threat.
But among the objectives are these: inserting and extracting data from sealed, wired networks.

Air Force’s cyber commander says Iran is next big ‘Net menace

General William Shelton, commander of the US Air Force Space Command, told reporters in a press briefing for the Defense Writers Group that he believes Iran’s growing “cyber” capabilities will be a “force to be reckoned with,” thanks in part to Iran’s response to the Stuxnet attacks on its nuclear facilities in 2010.

In Syria, the Cyberwar Intensifies

The front pages have been dominated for more than a year by photos of young Syrian rebel fighters, armed and proud, battling an increasingly isolated Syrian military.
But amid the shooting, the atrocities and the bombings, there is a parallel war – a sophisticated cyber insurgency battling a shadowy team working on behalf of the Assad regime. The Syrians’ online conflict may be the most active cyberwar in recent memory, with extraordinary efforts by both sides to sabotage, disrupt and destroy. It may even foreshadow the way cyber battles will play out in future conflicts.

Iran cyber police uncovers hacking of US bank: Report

The Head of FETA (Iran’s cyber police) says the police has identified the source of attack to US Citibank, and denies that Iranians have a role in attack, Mehr News Agency reported from Tehran on Sunday.
“The attack sources have not been located inside Iran and even Iranian users have been victimized,” says Brigadier General Seyed Kamal Hadianfar, the head of Iranian Cyber Police in an interview to Mehr News.

John Kerry: Foreign Hackers Are ’21st Century Nuclear Weapons’

Sen. John Kerry (D-Mass.) on Thursday likened the threat posed by foreign hackers to “modern-day, 21st century nuclear weapons” and pledged to use diplomacy to avert cyber attacks against the nation?s power grid, transportation system and financial networks.

FSB’s Cyber Silver Bullet

President Vladimir Putin recently ordered the Federal Security Service to create a system to allow the state to detect, prevent and disable cyberattacks in Russia and at diplomatic stations abroad. It is an ambitious goal and one that the FSB is well-equipped to tackle with the help of its Information Security Center and Communications Security Center. But the FSB might very well go beyond its immediate mandate to neutralize hacker attacks against Russia and expand its cyberspace presence among members of the Commonwealth of Independent States, or CIS, perhaps even gaining access to information on hacker attacks waged around the world.

Pentagon to boost cybersecurity force

The Pentagon has approved a major expansion of its cybersecurity force over the next several years, increasing its size more than fivefold to bolster the nation’s ability to defend critical computer systems and conduct offensive computer operations against foreign adversaries, according to U.S. officials.

Hackers in China Attacked The Times for Last 4 Months

SAN FRANCISCO — For the last four months, Chinese hackers have persistently attacked The New York Times, infiltrating its computer systems and getting passwords for its reporters and other employees.
After surreptitiously tracking the intruders to study their movements and help erect better defenses to block them, The Times and computer security experts have expelled the attackers and kept them from breaking back in.

Blogs & Opinion Pieces

Cyber and Drone Attacks May Change Warfare More Than the Machine Gun

But information warfare, warfare pursued with information technologies, distorts concepts like “necessity” and “civilian” in ways that challenge these ethical frameworks. An attack on another nation’s information infrastructure, for instance, would surely count as an act of war. But what if it reduced the risk of future bloodshed? Should we really only consider it as a last resort? The use of robots further complicates things. It’s not yet clear who should be held responsible if and when an autonomous military robot kills a civilian.

My Infosec Wish for 2013: A Balanced Cyberwarfare Debate

I can already hear the chuckling. ‘Cyber warfare’ Balanced? And I’d like partisanship in Washington to end, a double date with Mila Kunis and Scarlett Johansson, and some fries with that!? Yes, my desire is utopian, but the fact that I would have to qualify it with a self-deprecating remark suggests the distance that we have yet to travel before we can get more value out of our present conversation on the topic of cyber warfare.

Industry’s Vital Role in National Cyber Security
by James P. Farwell

Yet, 90 percent of US critical cyber infrastructure is owned by the private sector. Melissa Hathaway, who served as the cyber coordination executive for the Director of National Intelligence (DNI), has rightly pointed out that corporate and political leaders “appear to be paralyzed about meeting the needs for our cyber infrastructures and enterprises.” This current deadlock undercuts American security interests, and Congress must strike a balance between competing policy perspectives for cyber security. The dilemma is that earning a profit motivates industry, while protecting national security motivates the USG. Although often complementary, these agendas do compete. What is required is a confluent approach that removes legislative obstacles to stronger cyber security, forges robust partnerships between the public and private sectors, and better manages risk in the global supply chain. A review of current US strategy and the threat matrix is instructive in framing a new approach.

Towards a coherent international cyberspace policy for the EU
Global Cyber Security Conference
SPEECH/13/82 by Neelie Kroes in Brussels, 30 January 2013
Vice-President of the European Commission responsible for the Digital Agenda

As more people come to rely on the Internet, they rely on it to be secure. And as the online world becomes a part of everything we do, securing that world is essential to ensuring a society that remains secure, prosperous and free.

Events

Suits and Spooks DC 2013

Some of the most important discussions that will take place in 2013 will be around the need for the private sector to become more aggressive in the defense of their systems. These questions and more will be examined and debated at Suits and Spooks DC to be held at the Waterview Conference Center in Arlington, VA on February 8-9, 2013. We?ll be inviting industry veterans, government officials, hackers, lawyers, Special Operations Forces personnel, and security researchers to join in the discussion along with our registered attendees.

Read the original blog entry...

More Stories By Bob Gourley

Bob Gourley writes on enterprise IT. He is a founder and partner at Cognitio Corp and publsher of CTOvision.com

@BigDataExpo Stories
SYS-CON Events announced today that Pulzze Systems will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Pulzze Systems, Inc. provides infrastructure products for the Internet of Things to enable any connected device and system to carry out matched operations without programming. For more information, visit http://www.pulzzesystems.com.
I'm a lonely sensor. I spend all day telling the world how I'm feeling, but none of the other sensors seem to care. I want to be connected. I want to build relationships with other sensors to be more useful for my human. I want my human to understand that when my friends next door are too hot for a while, I'll soon be flaming. And when all my friends go outside without me, I may be left behind. Don't just log my data; use the relationship graph. In his session at @ThingsExpo, Ryan Boyd, Engi...
The Transparent Cloud-computing Consortium (abbreviation: T-Cloud Consortium) will conduct research activities into changes in the computing model as a result of collaboration between "device" and "cloud" and the creation of new value and markets through organic data processing High speed and high quality networks, and dramatic improvements in computer processing capabilities, have greatly changed the nature of applications and made the storing and processing of data on the network commonplace.
In his general session at 18th Cloud Expo, Lee Atchison, Principal Cloud Architect and Advocate at New Relic, discussed cloud as a ‘better data center’ and how it adds new capacity (faster) and improves application availability (redundancy). The cloud is a ‘Dynamic Tool for Dynamic Apps’ and resource allocation is an integral part of your application architecture, so use only the resources you need and allocate /de-allocate resources on the fly.
Using new techniques of information modeling, indexing, and processing, new cloud-based systems can support cloud-based workloads previously not possible for high-throughput insurance, banking, and case-based applications. In his session at 18th Cloud Expo, John Newton, CTO, Founder and Chairman of Alfresco, described how to scale cloud-based content management repositories to store, manage, and retrieve billions of documents and related information with fast and linear scalability. He addres...
From wearable activity trackers to fantasy e-sports, data and technology are transforming the way athletes train for the game and fans engage with their teams. In his session at @ThingsExpo, will present key data findings from leading sports organizations San Francisco 49ers, Orlando Magic NBA team. By utilizing data analytics these sports orgs have recognized new revenue streams, doubled its fan base and streamlined costs at its stadiums. John Paul is the CEO and Founder of VenueNext. Prior ...
SYS-CON Events announced today that Tintri Inc., a leading producer of VM-aware storage (VAS) for virtualization and cloud environments, will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Tintri VM-aware storage is the simplest for virtualized applications and cloud. Organizations including GE, Toyota, United Healthcare, NASA and 6 of the Fortune 15 have said “No to LUNs.” With Tintri they mana...
IoT offers a value of almost $4 trillion to the manufacturing industry through platforms that can improve margins, optimize operations & drive high performance work teams. By using IoT technologies as a foundation, manufacturing customers are integrating worker safety with manufacturing systems, driving deep collaboration and utilizing analytics to exponentially increased per-unit margins. However, as Benoit Lheureux, the VP for Research at Gartner points out, “IoT project implementers often ...
SYS-CON Events announced today the Enterprise IoT Bootcamp, being held November 1-2, 2016, in conjunction with 19th Cloud Expo | @ThingsExpo at the Santa Clara Convention Center in Santa Clara, CA. Combined with real-world scenarios and use cases, the Enterprise IoT Bootcamp is not just based on presentations but with hands-on demos and detailed walkthroughs. We will introduce you to a variety of real world use cases prototyped using Arduino, Raspberry Pi, BeagleBone, Spark, and Intel Edison. Y...
SYS-CON Events announced today that Bsquare has been named “Silver Sponsor” of SYS-CON's @ThingsExpo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. For more than two decades, Bsquare has helped its customers extract business value from a broad array of physical assets by making them intelligent, connecting them, and using the data they generate to optimize business processes.
There are several IoTs: the Industrial Internet, Consumer Wearables, Wearables and Healthcare, Supply Chains, and the movement toward Smart Grids, Cities, Regions, and Nations. There are competing communications standards every step of the way, a bewildering array of sensors and devices, and an entire world of competing data analytics platforms. To some this appears to be chaos. In this power panel at @ThingsExpo, moderated by Conference Chair Roger Strukhoff, Bradley Holt, Developer Advocate a...
Identity is in everything and customers are looking to their providers to ensure the security of their identities, transactions and data. With the increased reliance on cloud-based services, service providers must build security and trust into their offerings, adding value to customers and improving the user experience. Making identity, security and privacy easy for customers provides a unique advantage over the competition.
SYS-CON Events announced today that Niagara Networks will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Niagara Networks offers the highest port-density systems, and the most complete Next-Generation Network Visibility systems including Network Packet Brokers, Bypass Switches, and Network TAPs.
SYS-CON Events announced today that Secure Channels will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. The bedrock of Secure Channels Technology is a uniquely modified and enhanced process based on superencipherment. Superencipherment is the process of encrypting an already encrypted message one or more times, either using the same or a different algorithm.
If you’re responsible for an application that depends on the data or functionality of various IoT endpoints – either sensors or devices – your brand reputation depends on the security, reliability, and compliance of its many integrated parts. If your application fails to deliver the expected business results, your customers and partners won't care if that failure stems from the code you developed or from a component that you integrated. What can you do to ensure that the endpoints work as expect...
So, you bought into the current machine learning craze and went on to collect millions/billions of records from this promising new data source. Now, what do you do with them? Too often, the abundance of data quickly turns into an abundance of problems. How do you extract that "magic essence" from your data without falling into the common pitfalls? In her session at @ThingsExpo, Natalia Ponomareva, Software Engineer at Google, provided tips on how to be successful in large scale machine learning...
Enterprise IT has been in the era of Hybrid Cloud for some time now. But it seems most conversations about Hybrid are focused on integrating AWS, Microsoft Azure, or Google ECM into existing on-premises systems. Where is all the Private Cloud? What do technology providers need to do to make their offerings more compelling? How should enterprise IT executives and buyers define their focus, needs, and roadmap, and communicate that clearly to the providers?
SYS-CON Events announced today that eCube Systems, a leading provider of middleware modernization, integration, and management solutions, will exhibit at @DevOpsSummit at 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. eCube Systems offers a family of middleware evolution products and services that maximize return on technology investment by leveraging existing technical equity to meet evolving business needs. ...
SYS-CON Events announced today that Commvault, a global leader in enterprise data protection and information management, has been named “Bronze Sponsor” of SYS-CON's 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Commvault is a leading provider of data protection and information management solutions, helping companies worldwide activate their data to drive more value and business insight and to transform moder...
The many IoT deployments around the world are busy integrating smart devices and sensors into their enterprise IT infrastructures. Yet all of this technology – and there are an amazing number of choices – is of no use without the software to gather, communicate, and analyze the new data flows. Without software, there is no IT. In this power panel at @ThingsExpo, moderated by Conference Chair Roger Strukhoff, panelists will look at the protocols that communicate data and the emerging data analy...