Syrian Internet Is Off The Air –and UPDATE

By James Cowie on November 29, 2012 8:31 AM |
Click for latest update: 01:00 GMT Friday.
Starting at 10:26 UTC on Thursday, 29 November (12:26pm in Damascus), Syria's international Internet connectivity shut down. In the global routing table, all 84 of Syria's IP address blocks have become unreachable, effectively removing the country from the Internet.
We are investigating the dynamics of the outage and will post updates as they become available.

Update (15:45 UTC) Looking closely at the continuing Internet blackout in Syria, we can see that traceroutes into Syria are failing, exactly as one would expect for a major outage. The primary autonomous system for Syria is the Syrian Telecommunications Establishment; all of their customer networks are currently unreachable. Now, there are a few Syrian networks that are still connected to the Internet, still reachable by traceroutes, and indeed still hosting Syrian content. These are five networks that use Syrian-registered IP space, but the originator of the routes is actually Tata Communications. These are potentially offshore, rather than domestic, and perhaps not subject to whatever killswitch was thrown today within Syria.

ISIS Europe Publications – November 2012

European Union (Photo credit: Wikipedia)

Posted on 26/11/2012
ESR no 62 – The impact of climate change on international security: prospect for an environmental dimension in CSDP missions
Climate change has until now only received limited attention from national governments, EU policymakers and analysts in the framework of international security. A European Parliament report entitled “The Role of the CSDP in case of climate driven crises and natural disasters” was adopted on 23 October 2012. This is a timely moment to provide some clarification and insight on how climate change can impact international security and to describe the position of the international community, especially the European Union (EU).The present Security Review focuses on the definition of a new challenge for international and regional cooperation, military and civilian, in order to target the main problems and thus, to find adequate political, strategic and institutional responses. The impact of climate change is not a problem the international community has to tackle in the future but today.

Iran dismisses severity of Narilam malware

The Search Results that showed every page had malware (Photo credit: mary hodder)

Summary: Government officials say Symantec's report on the recently discovered Narilam malware, targeting Iran, shows "some misunderstanding" and play down significance and severity of the worm.
By Ellyne Phneah | November 27, 2012 -- 08:55 GMT (00:55 PST)
Iraninan authorities have played down the severity of the Narilam malware for which Symantec issued a warning last week. 
A blog post by the U.S. security giant warned organizations of potential "chaos" posed by the W32.Narilam malware, and posted a map identifying Iran as the main victim of the threat. The malware reportedly copies itself on infected machines, adds registry keys and spreads through removable drives and network shares. It has been likened to previous high profile virus, Stuxnet, which hit several networks in the Middle East, particularly, Iran.

Putting Cyber Warfare Into Perspective

A Venn diagram illustrating one of the weaknesses of the Turing test. (Photo credit: Wikipedia)

By Oliver Rochford on November 19, 2012
The Greatest Problem With the Perception of Cyberwar is That it is a Separate Thing to Conventional Warfare. That is Just the Novelty Factor.
As we celebrated what would have been Alan Turings one hundredth Birthday this year, much focus was placed on his contributions to computing. Google’s homage on June 23 cites his work on the Turing Machine and the Turing Test in particular. Yet the impact of his work at Bletchley Park during World War II was summarized with “His work deciphering secret codes drastically shortened World War II”.
This pattern was repeated in many of the blogs, articles and obituaries that were published in honor of Turing. There seemed to be a definite bias in the industry and community on the technical details of his mathematical and computing work, as opposed to their actual impact at the time. I am not sure if many of his compatriots that lived through and fought in the war would have agreed with this value judgement. His efforts not only saved countless lives – but may have actually contributed to the allies winning the war. It is difficult to assess how history would have played out without him, and although such speculation is beyond the scope of this article, it is worth mentioning as it highlights a bias in the information security community regarding war and warfare. Most of us are not war nerds; we are techies at heart.

Bullets, Pirates and Risk Management

November 14, 2012
Piracy off the coast of Somalia has dropped off dramatically in 2012. Successful hijackings of American and other ships has decreased from 31 in 2011 (and 49 in 2010) to only four so far in 2012.
Unsuccessful attacks have also decreased, falling from 199 reported attacks in the first nine months of 2011 to 70 attacks over the same span in 2012 — a 65 percent drop.
However, diminished activity has not resulted in a decrease in the cost of sailing around the Horn of Africa.
Pressure continues to mount on International trade partners to increase the security of their vessels passing through these once heavily pirated trade routes. The risks of shipping goods through these waters increased to a point where excessive defensive means were necessary, both politically and militarily.
But risk avoidance has come at a high cost.
Many factors have contributed to the decrease in pirate hijackings in 2012. One factor is that shipping companies have begun equipping their ships with countermeasures, namely armed guards.

Turn Big Data into Meaningful Data to Prevent Cyber Attacks

English: A candidate icon for Portal:Computer security (Photo credit: Wikipedia)

Posted by Bill Gerneglia Contributed By GlobalDataGuard.com 
Advanced Behavioral Analysis and Correlation can deliver risk-based, prioritized, actionable insight to handle Advanced Persistent Threats
Using big data analytics for network security requires monitoring and analyzing massive amounts of data to discover hard-to-detect, suspicious network activity to deter increasingly complex Advanced Persistent Threats (APTs).  These APTs are carried out patiently over time by professional cyber-thieves who maneuver around traditional defenses, such as firewalls, intrusion prevention and anti-virus software, to steal valuable or sensitive data.
However, using big data – the mountain of info on the order of petabytes typically captured from computer network log files, flow data, and IP traffic – is only a means to an end.  The goal is to turn that mass of information into risk-based, prioritized, actionable insight that can be used to improve network security now and into the future.  This includes meeting the challenges of new and evolving intrusion techniques.

Workshop on Cyber Risk Management, including The Impact of the Recent SEC Advisory on Material Cyber Risk

English: The Risk Management Process for IT Systems according to ENISA, following ISO 27005 (Photo credit: Wikipedia)

Saturday, 10 November 2012
Workshop on Cyber Risk Management, including
The Impact of the Recent SEC Advisory on Material Cyber Risk
Announcing a workshop in NY focused on discussing the
Cyber Risk Management Best Practices of Financial Services – Brought to you by:
Internet Security Alliance, Aerospace Industries Association, National Association of Manufacturers,
Union of Concerned Cybersecurity Leaders, & the Financial Services Information Sharing and Analysis Center
Abstract: It is well known that corporate assets and systems are increasingly being subjected to cyber attacks based on a multitude of motives, ranging from profit, competitive advantage, revenge, punishment, and even conflict advantage.

Symantec: Madware, Ransomware Threats to Watch in 2013

English: The diagram of DuQu from Symantec. (Photo credit: Wikipedia)

Web and mobile security services vendor Symantec released its predictions for security trends in 2013. Find out below what the company has to say on madware, "the new scareware," the looming threat to social networks, and more.
1. Cyber conflict becomes the norm.
In 2013 and beyond, conflicts between nations, organizations, and individuals will play a key role in the cyber world.
Espionage can be successful and also easily deniable when conducted online. Any nation state not understanding this has been given many examples in the last two years. Nations or organized groups of individuals will continue to use cyber tactics in an attempt to damage or destroy the secure information or funds of its targets. In 2013, we will see the cyber equivalent of saber rattling, where nation states, organizations, and even groups of individuals use cyber attacks to show their strength and "send a message."
Additionally, we expect more attacks on individuals and non-government organizations, such as supporters of political issues and members of minority groups in conflict.

Creating Cyber Warfare Warriors

Headquarters of the NSA at Fort Meade, Maryland. Español: Instalaciones generales de la NSA en Fort Meade, Maryland. Русский: Штаб-квартира АНБ, Форт-Мид, Мэриленд, США (Photo credit: Wikipedia)

By Shawn Neisteadt
Published: November 9, 2012, 10:00 PM  MADISON, SD -
Cyber warfare isn't just a Hollywood plot line. It's real. The United States is ramping up protection against a growing number of attacks on federal defense and security networks. If successful, foreign attackers could severely cripple those networks, leaving the nation vulnerable.
A quiet basement computer lab on the campus of Dakota State University in Madison doesn't look all that exciting.  But those who use this room affectionately call it the "hacker lab" and they don't mind being called hackers.

Blackout Bottlenecks

Where the Internet is stored (Photo credit: debs)

November 8, 2012: The recent four day blackout in lower Manhattan (New York City) brought to light a little known Internet bottleneck. The eleven fiber optic cables from Europe to the United States all pass through two facilities in the blackout area. One facility is at 16th Street and 8th Avenue and the other is three kilometers (two miles) to the south on Hudson Street. These places also contain servers for many major Internet sites. Both facilities had backup generators and fuel supplies to keep them going until the power was turned back on. If both facilities were knocked off line, most Internet users in the United States would notice momentary difficultly in reaching web sites in Europe and, until those two sites were back in operation, everyone would find that it took longer (seconds or more) to reach web sites outside the United States.

Future of war: bioweapons, cyber-warfare, mind-control and more

English: This was the most up-to-date DARPA logo as of January 2009. It is obsolete now. (Photo credit: Wikipedia)

Dick Pelletier  Ethical Technology

In The American Way of War, historian Russell Weigley describes a grinding strategy of destruction employed by the U.S. military over the last 150 years. To end the Civil War, Grant felt he had to destroy lee’s soldiers; in World War I, Pershing relentlessly bombarded and wore down Germany’s proud fighting machine; and the Army Air Corps pulverized major German and Japanese cities to win World War II.
These wars were not won by tactical or strategic brilliance but by the sheer weight of numbers; the awesome destructive power only a fully mobilized and highly industrialized democracy can bring to bear. In these conflicts, U.S. armies suffered and inflicted massive casualties. Our ability to both inflict and endure such casualties more effectively than could our adversaries ultimately resulted in victory.