White House prepares Executive Order to ‘protect the country’ from Cyberattacks

By JENNIFER MARTINEZ | THE HILL | SEPTEMBER 7, 2012

The White House is circulating a draft of an executive order aimed at protecting the country from cyberattacks, The Hill has learned.

The draft proposal, which has been sent to relevant federal agencies for feedback, is a clear sign that the administration is resolved to take action on cybersecurity even as Congress remains gridlocked on legislation that would address the threat.

The draft executive order would establish a voluntary program where companies operating critical infrastructure would elect to meet cybersecurity best practices and standards crafted, in part, by the government, according to two people familiar with the document.

The concept builds off of a section in the cybersecurity bill from Sen. Joe Lieberman (I-Conn.) that was blocked last month by Senate Republicans, who called it a backdoor to new regulations.

The draft has undergone multiple revisions and is brief, spanning no more than five pages. It is still being worked on and is subject to change, the people familiar with the draft stressed.

It’s also unclear whether the final product will get the president’s approval to move forward.

A new draft of the executive order is expected to be shared with agencies next week.

White House counterterrorism adviser John Brennan first floated the idea of an executive order in a speech a few days after the Senate bill failed. He said the White House would consider taking action on the executive level to ensure key infrastructure such as the power grid, water supply and transportation networks are secure.

The momentum for cybersecurity legislation in Congress weakened after Lieberman’s bill failed to clear the Senate. Now industry groups and Congress are watching the White House for clues about what might be included in a executive order on cybersecurity.

A spokeswoman for the White House declined to comment on whether a draft for a executive order was being circulated, but said it is one of the options the administration is weighing.

Read Full Article →

U.S. Military Openly Admits to Conducting Cyberwarfare

Destroy, deny, degrade, disrupt, deceive, corrupt, or usurp the adversaries.

By NOAH SHACHTMAN | WIRED.com | AUGUST 29, 2012

There was a time, not all that long ago, when the U.S. military wouldn’t even whisper about its plans to hack into opponents’ networks. Now America’s armed forces can’t stop talking about it.

The latest example comes from the U.S. Air Force, which last week announced its interest in methods “to destroy, deny, degrade, disrupt, deceive, corrupt, or usurp the adversaries [sic] ability to use the cyberspace domain for his advantage.” But that’s only one item in a long list of “Cyberspace Warfare Operations Capabilities” that the Air Force would like to possess. The service, in its request for proposals, also asked for the “ability to control cyberspace effects at specified times and places,” as well as the “denial of service on cyberspace resources, current/future operating systems, and network devices.”

The Air Force says it will spend $10 million on the effort, mostly for short programs of three to 12 months; the service wants its Trojans and worms available, ASAP. And they should be available to both the top brass and to the “operational commander,” too. In other words, cyber strikes shouldn’t just be the prerogative of the president, to be launched at only the most strategically important moments. Malware should be a standard component of a local general’s toolkit.

These digital weapons could even be deployed before a battle begins. The Air Force notes that it would like to deploy “technologies/capabilities” that leave “the adversary entering conflicts in a degraded state.”

Such an open discussion — even one so vague — might seem like a bit of a surprise, considering the Obama administration is actively investigating leaks to the press about America’s online espionage campaign against Iran. The Senate Intelligence Committee considered the disclosure so dangerous, it passed a controversial bill last month that creates new punishments for leakers of classified information.

But this isn’t 2007, when the Pentagon was still insisting that it had a “defensive mindset” in cyberspace. New pieces of military-grade malware — apparently linked to the broader U.S. cyberspying push — are being discovered constantly on Middle Eastern networks. Besides, the Air Force is hardly alone in talking about its desire for — and use of — network attacks. They are becoming a regular part of the military conversation — so normal, in fact, that generals are even beginning to talk about their troops’ wartime hacking.

 Lt. Gen. Richard Mills, who led coalition forces in southwestern Afghanistan in 2010 and 2011, bragged at a technology conference last week that his troops had broken into militants’ communications. “I can tell you that as a commander in Afghanistan in the year 2010, I was able to use my cyber operations against my adversary with great impact,” Mills said. “I was able to get inside his nets, infect his command-and-control, and in fact defend myself against his almost constant incursions to get inside my wire, to affect my operations.”

Mills added that the Marines had recently put together a company of Marines, stationed at the headquarters of the National Security Agency, to give the Corps “an offensive capability.” A second company “will be designed to increase the availability of intelligence analysts, intelligence collectors and offensive cyber operations and place them in the appropriate unit, at the appropriate time, at the appropriate place, so that forward deployed commander in the heat of combat has full access to the cyber domain.”

The day before Mills’ talk, the Pentagon’s leading research division announced a new, $110 million program to help warplanners assemble and launch online strikes in a hurry and make cyber attacks a more routine part of U.S. military operations. The effort, dubbed “Plan X” by the Defense Advanced Research Projects Agency, isn’t supposed to formally get underway until Sept. 20. But Darpa has already awarded a no-bid, $600,000 contract to the Washington-area cybersecurity firm Invincea to start work on “Plan X.”

Invincea wasn’t immediately able to comment on the “Digital Battlefield Understanding Study and proof-of-concept demonstration” that it intends to produce for Darpa. But a military document justifying Invincea’s sole-source contract notes that the company submitted an “unsolicited proposal” for the project on June 26. Less than a month later, it was approved. “Invincea is the only source who possesses the particular commercial software and knowledge necessary to rapidly address technical insights in modeling a cyber battlespace and optimizing digital battle plans,” the document notes.

Invincea isn’t the only military contractor working on the tools of cyber war, however. These days, the build-up of America’s online arsenal has become the subject of all sorts of open talk and deal-making.

Another Cyber False-Flag to Lock down the Internet

First came Stuxnet, then Flame and Duqu. Now, prepare for Gauss

By LUIS MIRANDA | THE REAL AGENDA | AUGUST 13, 2012

The efforts to bring about full control of the free internet are about to receive another jolt, as a new cyber bug known as Gauss is fast spreading around the world collecting information from banking institutions, commercial transactions and other data.

Gauss was discovered by Kaspersky Lab, a Moscow-based computer security firm. According to its workers, Gauss is from the same making as Stuxnet and Flame, two computers viruses launched by the US and Israel to disrupt Internet services, especially in the Middle East.

Gauss is then a new form of cyber false-flag launched by governments that have an interest in kidnapping the web to make it of their own while curtailing access and free speech. The virus has been targeting banks, social networks and e-commerce, among others. It has been stealing login and password information as well as email and instant messaging data.

Gauss’s actions have been felt more strongly in the Middle East, in countries such as Lebanon, while in the West, the virus attacked computers at CitiGroup Inc.’s and Paypal. The specificity of the attacks already has many people buzzing about whether this virus could be used to create glitches that would cause a financial disaster, something of the kind seen in Wall Street, where financial transactions were affected by a ‘malfunction’ which caused great pain to investors. No need to emphasize that Wall Street is also connected to the World Wide Web, and that any strong attack on financial business could at the very least shut down the exchange.

People at Kaspersky Lab, among other computer technology companies are still trying to determine the reach that this virus has had so far and whether it is a bug carrying out surveillance in order to later execute a massive attack, or if it will start spreading its own poison around the financial world. The only information that has now been confirmed, is that Gauss is indeed a state- sponsored cyber-espionage tool. “Researchers from the security software manufacturer Symantec Corp, confirm Kaspersky Lab’s summation that Gauss is related to previous government-created cyber warfare viruses,” reports Occupy Corporatism.

Previous to Gauss, Stuxnet and Flame were used to attack technological infrastructure linked to the production of nuclear energy in Iran by entering the online systems and installing surveillance and .exe programs in an effort to slow down and destroy Iranian infrastructure. “After looking at Stuxnet, Duqu and Flame, we can say with a high degree of certainty that Gauss comes from the same ‘factory’ or ‘factories.’ All these attack toolkits represent the high end of nation-state-sponsored cyber-espionage and cyber war operations,” said Kaspersky Lab in a communiqué.

A common reason given by governments in order to justify these kind of attacks is the need to be vigilant when it comes to Middle East threats, especially movement of monies between what the US and Israel consider dangerous governments or traditional terrorist groups. Of course this is a lie, as the US government itself has, in numerous occasions authorized terrorist groups to carry out financial transactions in order to support their operations. This happened in Libya and is now happening is Syria, where the US Treasury has officially announced their support for the terrorist rebel groups who are fighting the Syrian Army.

While the US government congratulates itself for its fight against terrorism and money laundering — which is in itself questionable — its Treasury Department is publicly enabling terrorists in Syria to fund their operations against the local government. Back in November 2011, a report on Pravda revealed how US and other global baking entities were being used to hide dirty money from the drug trade. In that specific case, banks around the world allowed the circulation of $352 billion dollars in drug cartel money. According to the same report, billions more in drug money had been injected into the economy in previous years.

These cyber attacks are examples of double false-flags, not only because they cause disruption in transactions and commerce, but also because they have the intended purpose of being used as excuses to ramp up the corporate power-grab of the Internet. Something similar has been happening in the United States in the realm of the Second Amendment and gun rights in general, where two mass shootings have brought the calls for gun regulations back onto the main stream.

According to Kapersky Lab, the makers of Gauss went to a great deal of trouble to hide the purpose of the virus by using sophisticated encryption codes that may take a few months to break. International organizations interested in controlling the web, such as the United Nations, has warned governments worldwide about the threat posed by Gauss. Paradoxically, there isn’t anything more threatening to the Internet than the management of its infrastructure by one single entity, which is what the UN wants. The UN’s cyber security coordinator, Marco Obiso, said in a statement that “we don’t know what exactly it does. We can have some ideas. We are going to emphasize this.”

Parallel to the UN’s efforts to divert attention from its intent to manage the web all by itself, the United States Department of Homeland Security (DHS) is said to be studying any possible threat that Gauss may present to the country. “The department’s cyber security analysts are working with organizations that could potentially be affected to detect, mitigate and prevent such threats,” said DHS’ Peter Boogaard.

The same kind of attacks now being conducted by the US and Israel against other nations’ infrastructure, are the reasons why highly advanced technological states such as Russia, the United States and China have called for the adoption of harsher cybersecurity policies in order to defend their own countries. Is it because they intend to keep on causing cyber attacks in order to call for more Internet control, or is it because they know that their infrastructure will be the subject of attacks in response to their non-stop terror attacks on other nations?

One fact is clear. The only cyber attacks the world has witnessed so far haven’t come from fringe terrorist organizations, crazy individuals with the technology to send out a massive attack on sensible systems or rogue governments in the traditional sense. All of the major attacks have come from the collaboration of very advanced countries who publicly call themselves the victims of attacks, but that privately are the ones carrying out such attacks.

Could the next attack be one that will enable governments like the US, China or Israel to justify an even more dangerous attack on inoffensive nations? Or perhaps it will be a chance to cause a major financial attack in addition to imposing significant restrains on those who access the Internet and what can be uploaded or downloaded, for example. A worldwide attack of major proportions on the financial industry would certainly be a handy tool to carry out more financial terrorism of the kind being conducted right now against developed and developing nations.

We will have to wait and see. Meanwhile, it is clear that any attempt to curtail Internet freedom will not go unnoticed by the public because we already know the cyber terrorists’ modus operandi.

Egypt goes offline, U.S. gets internet ‘kill switch’ bill ready

China restricts news and discussion about social unrest

theage.com.au
January 31, 2011

As Egypt’s government attempts to crackdown on street protests by shutting down internet and mobile phone services, the US is preparing to reintroduce a bill that could be used to shut down the internet.

The legislation, which would grant US President Barack Obama powers to seize control of and even shut down the internet, would soon be reintroduced to a senate committee, Wired.com reported.

It was initially introduced last year but expired with a new Congress.

Senator Susan Collins, a co-sponsor of the bill, said that unlike in Egypt, where the government was using its powers to quell dissent by shutting down the internet, it would not.

“My legislation would provide a mechanism for the government to work with the private sector in the event of a true cyber emergency,” Collins said in an emailed statement to Wired. “It would give our nation the best tools available to swiftly respond to a significant threat.”

The proposed legislation, introduced into the US Senate by independent senator Joe Lieberman, who is chairman of the US Homeland Security committee, seeks to grant the President broad emergency powers over the internet in times of national emergency.

Last year, Lieberman argued the bill was necessary to “preserve those networks and assets and our country and protect our people”.

He said that, for all its allure, the internet could also be a “dangerous place with electronic pipelines that run directly into everything from our personal bank accounts to key infrastructure to government and industrial secrets”.

US economic security, national security and public safety were now all at risk from new kinds of enemies, including “cyber warriors, cyber spies, cyber terrorists and cyber criminals”.

Although the bill was targetted at protecting the US, many have said it would also affect other nations.

One of Australia’s top communications experts, University of Sydney associate professor Bjorn Landfeldt, had previously railed against the idea, saying shutting down the internet would “inflict an enormous damage on the entire world”.

He said it would be like giving a single country “the right to poison the atmosphere, or poison the ocean”.

The scale of Egypt’s crackdown on the internet and mobile phones amid deadly protests against the rule of President Hosni Mubarak is unprecedented in the history of the web, experts have said.

US President Barack Obama, social networking sites and rights groups around the world all condemned the moves by Egyptian authorities to stop activists using mobile phones and cyber technology to organise rallies.

“It’s a first in the history of the internet,” Rik Ferguson, an expert for Trend Micro, the world’s third biggest computer security firm, said.

Julien Coulon, co-founder of Cedexis, a French internet performance monitoring and traffic management system, added: “In 24 hours we have lost 97 per cent of Egyptian internet traffic”.

Despite this, many Egyptians are finding ways to get access, some using international telephone numbers to gain access to dial-up internet.

According to Renesys, a US Internet monitoring company, Egypt’s four main internet service providers cut off international access to their customers in a near simultaneous move at 2234 GMT on Thursday.

Around 23 million Egyptians have either regular or occasional access to the internet, according to official figures, more than a quarter of the population.

“In an action unprecedented in internet history, the Egyptian government appears to have ordered service providers to shut down all international connections to the internet,” James Cowie of Renesys said in a blog post.

Link Egypt, Vodafone/Raya, Telecom Egypt and Etisalat Misr were all off air but Cowie said one exception was the Noor Group, which still has 83 live routes to its Egyptian customers.

He said it was not clear why the Noor Group was apparently unaffected “but we observe that the Egyptian Stock Exchange (www.egyptse.com) is still alive at a Noor address.”

Mobile telephone networks were also severely disrupted in the country on Friday. Phone signals were patchy and text messages inoperative.

British-based Vodafone said all mobile operators in Egypt had been “instructed” Friday to suspend services in some areas amid spiralling unrest, adding that under Egyptian law it was “obliged” to comply with the order.

Egyptian operator ECMS, linked to France’s Telecom-Orange, said the authorities had ordered them to shut them off late Thursday.

“We had no warning, it was quite sudden,” a spokesman for Telecom-Orange told AFP in France.

The shutdown in Egypt is the most comprehensive official electronic blackout of its kind, experts said.

Links to the web were cut for only a few days during a wave of protests against Myanmar’s ruling military junta in 2007, while demonstrations against the re-election of Iranian president Mahmoud Ahmadinejad in 2009 specifically targeted Twitter and Facebook.

Egypt – like Tunisia where mass popular unrest drove out Zine El Abidine Ben Ali earlier this month – is on a list of 13 countries classed as “enemies of the internet” by media rights group Reporters Without Borders (RSF).

“So far there has been no systematic filtering by Egyptian authorities – they have completely controlled the whole internet,” said Soazig Dollet, the Middle East and North Africa specialist for RSF.

Condemnation of Egypt’s internet crackdown has been widespread.

Obama and Secretary of State Hillary Clinton called on Cairo to restore the internet and social networking sites.

Facebook, the world’s largest social network with nearly 600 million members, and Twitter also weighed in.

“Although the turmoil in Egypt is a matter for the Egyptian people and their government to resolve, limiting Internet access for millions of people is a matter of concern for the global community,” said Andrew Noyes, a Facebook spokesman.

Twitter, which has more than 175 million registered users, said of efforts to block the service in Egypt: “We believe that the open exchange of info & views benefits societies & helps govts better connect w/ their people.”

US digital rights groups also criticised the Egyptian government.

“This action is inconsistent with all international human rights norms, and is unprecedented in internet history,” said Leslie Harris, president of the Center for Democracy and Technology in the United States.

Governments Mask Internet Lock Down with ‘Convenience’

Obama readying Internet ID for Americans.  Will it be mirrored elsewhere?

By Luis R. Miranda
The Real Agenda
January 10, 2011

Efforts to accelerate internet control and ´harmonize´ standards has taken a leap forward.  United States president  Barack Obama has proposed that the Commerce Department head a cybersecurity initiative to come up with an internet ID for all Americans.

Although the government has called this proposal a way to decentralize security on the web, the White House Cybersecurity Coordinator, Howard Schmidt labeled it ‘the absolute perfect spot in the U.S. government’  to centralize policy to create an ‘identity ecosystem’.

In addition to masking this new attempt as a convenient measure for internet users, the U.S. government wants to divert attention by placing the Commerce Department at the forefront.  According to CNET.com, the fact it’s the Commerce Department and not Homeland Security or the National Security Agency the ones supervising the project, it means that the government does not intend to exercise control whatsoever, but instead it will play the role of an ‘organizer’.  But the move does not please anyone.  Government intervention has proven to be a bad idea in almost all matters.  The Internet has been successful due to the fact it is free.  What other proof do the controllers and their advocates need to understand it?

Government control over any aspect of the world wide web does not need to be direct or offensive in order to be effective.  But if more conclusive proof is necessary to show an explicit intention to control the web, skeptics need nothing more than to read the Cybersecurity Act.  Privacy and civil rights groups should be worried, and so does everyone else.  This seemingly mild initiatives are the start of what governments, politicians and private industry heads have been calling for:  complete control of the internet, its protocols and content.

‘The announcement came at an event today at the Stanford Institute for Economic Policy Research, where U.S. Commerce Secretary Gary Locke and Mr. Schmidt spoke,’ cites CNET.  With this announcement, it is clear the Obama administration is looking forward to implementing the directives contained in the Cybersecurity Act which include government control over who accesses, navigates, posts content and monitors the net.  The law also gives the president, whoever it is, the power to simply shut down the web if it considers it necessary to protect national security interests.

Commerce Secretary Gary Locke, says the government is not talking about a national ID card.   “We are not talking about a government-controlled system.  What we are talking about is enhancing online security and privacy and reducing and perhaps even eliminating the need to memorize a dozen passwords, through creation and use of more trusted digital identities.”

Another fallacy in regards to an Internet ID is that there will not be a centralized database.  The government already keeps databases and no-fly lists on anyone it wants.  Another database would not be a surprise.  The creation of an ID will be like the social security number for the Internet.  It will be the instrument by which all web-based activities will be registered and kept for further snooping.  All sales, purchases, exchanges and other activity will be stored.  This internet ID will be probably merged with the National and / or International ID Card to reveal a unique identity by which all people will be accounted for.

The statement that anonymity or pseudoanonimity will still be possible is hilarious.  It is not possible as things stand today.  Can anyone believe that the controllers in the Department of Homeland Security, the Defense Department and the NSA will let the Commerce folks pull the strings of the strongest beacon of liberty in the planet?  I doubt it.  There´s no need for public or private rivalry among government agencies for the public to notice who controls what.

In 2009, the director of Homeland Security’s National Cybersecurity Center, resigned saying that the NSA effectively controlled the cyber world though the use of , among other things, ‘technology insertions’.

Deceitful Speech

In an article posted on Wired.com, writer Ryan Singel begins his thoughts by saying that an internet ID will be useful to dodge the ‘nightmare of trying to control your online identity’.  Singel´s complete article is here.  What he labels as a better way to deal with internet threats and inconveniences, is nothing more than what search engines and known social networks have already implemented: The ability to use one password to access several websites and their services.  He cites Facebook, Twitter and Yahoo, among others.

But if this tool already exists, why do we need the government to create another one?  “One can also imagine having an identity provider that enables you to tie your home address, e-mail address and mobile phone number together so you could securely log in to the Social Security Administration and request a new Social Security card. The government would be able to mail the card to your house, with strong assurance you actually live at that address.”  If this does not spell centralization, I don’t know what would.

As many privacy advocates point out, the government does not have a way to pull this off by itself.  That is why private enterprises are the ones that offered it to consumers.  What the government’s inability means, is that private corporations will be empowered and legally enabled to collect, store and basically do whatever they want with any and all private information.  Not that this does not happen already.

Related Links:

Togel178

Pedetogel

Sabatoto

Togel279

Togel158

Colok178

Novaslot88

Lain - lain

Partner Links