Slashdot Mirror
FBI Warns of Sweeping Global Threat To US Cybersecurity
GovIT Geek writes "The FBI's newly appointed chief of cyber security warned today that 'a couple dozen' countries are eager to hack US government, corporate, and military networks. While he refused to provide country-specific details, FBI Cyber Division Chief Shawn Henry told reporters at a roundtable that cooperation with foreign law enforcement is one of the Bureau's highest priorities and added the United States has had incredible success fostering overseas partnerships."
Where have I heard that before? Oh yeah.
But the second quote happened at the beginning of a horrible paranoia based on a real external threat. We still have the apparatus of that paranoia, though most of it was outlawed in the late 1970s and the only credible external threat is now our largest trade partner and "most favorable nation." Today we have secret "terrorist" blacklists with more than a million names. Domestic spying, especially web based spying, has jumped to levels that would make the freedom loving senator from Wisconsin angry. Anti-death penalty and peace groups are among those watched. Shame, isn't it?
Shoring up the nation's IT against spying is as easy as dumping the prevalent non free software used by most big dumb companies. This would also save the country hundreds of billions of dollars in licensing fees and other headaches unique to non free software. The problem is that it would make wiretapping very difficult or impossible.
Friends don't help friends install M$ junk.
I'm now worried that mine's at risk.
News Flash: Guy in new job declares new job important!
A little inaccuracy sometimes saves tons of explanation.
Don't worry, if McCain wins he'll make Joe the Plumber his special advisor on such issues.
Trolling is a art,
and here come the cries from the government "Quick we pass these laws to protect us!!!" Yeah right...
If this is news to you then you need to wake-up.
Threats against cybers? Uh-oh. I've been cybering all morning. Heck, I even did cam to cam once. No global sweepers have threatened me yet, but now I'm scared. I hope they don't hurt me.
So use protection.
Or top truncating titles into something ambiguous, I guess.
Since when is it the FBI's mandate to protect online sex chatting?
Modern copyright is theft of culture from everyone and it retards the progress of the useful arts and sciences.
. While he refused to provide country-specific details[...]
He then hinted that an announcement[...]
Henry would not comment in detail[...]
He shied away from commenting[...]
So a newly appointed government official announces something that we in the network world have known for years and suddenly it is news? I think that anyone who has any amount of experience in computers would know this by now. If I had a dollar for every attack on my network from Asia, I'd take us all to lunch.
I guess that's what the turboterrorists and hyperextremists are superthreatening to megaattack and ultrasuperdestabilize with their megaultrasupercyberweapons.
"the United States has had incredible success fostering overseas partnerships." Of course they have. If you are friends and are given access to the US networks you don't have to hack. Far easier to shake a hand in a photo than it is to wait for a ssh keygen to work.
United States has had incredible success fostering overseas partnerships.
Ha ha! Aaaaahahaha! Heh. Heh... What?
Of course he will talk up the threat - that's his job. Since there's no way that these intangibles can ever be measured, he's on pretty secure ground too. If no threats materialise it's because of his vigilance and the skill of his team - not because there were never any real threats to begin with.
If a threat does turn into a real attack - well, he needs more money, powers and curtailed freedoms to ensure it doesn't happen again.
politicians are like babies' nappies: they should both be changed regularly and for the same reasons
There is no doubt there are bad people that would like to do bad things to others in the world, but why anyone takes this kind of propaganda seriously is beyond me.
It's more than likely the amount of funding he gets is directly proportional to the amount of fear mongering produced.
http://www.maxineudall.com/2010/02/should-economists-be-sued-for-malpractice.html
FBI Cyber Division Chief says other countries are trying to hack in to their systems.. if we disband the government we won't have any threat!
We win both ways.. we don't have the paranoid threat of having to deal with terrorists attacking "our government", nor do we have to worry about "our government" attacking us... again.
Aight, I put on my robe and wizard hat.
-Peter
http://defensesystems.com/Articles/2008/10/Air-Force-demotes-Cyberspace-Command.aspx The Air Force announced last week that it has backed off even further from its grand plan to establish a cyberspace command as the military entity primarily responsible for securing and conducting offensive operations in cyberspace. The Air Force launched a provisional Cyberspace Command more than a year ago and scheduled a formal command launch for Oct. 1. However, officials delayed that effort after the departures of Air Force Chief of Staff T. Michael "Buzz" Moseley and Air Force Secretary Michael Wynne, who were fired for incidents involving the mishandling of nuclear detonators and weapons.
Nice way to get more budget, "OMG the terrorists are going to control our nukes from their iPhones!!!11!! You must give us lot of money to protect you".
I know there are threats, and I know that a lot needs to be done about them, but this kind of scaremongering is getting boring after nearly a decade.
This is a real problem, there is no need to exaggerate it. You use unsupported hyperbole at your peril, after a while no-one will take you seriously. Especially now, when budgets are under so much scrutiny.
In many ways these financial problems could be great for civil liberties, constructing a surveillance society costs real money. Just take a look at the UK ID scheme, it will cost billions.
Paul Leader
China is at the top of the list of countries that want to see us thrown on the trash heap of history. Feel better now? The biggest threat we face, practically speaking, is from people on our own soil.
One of the major problems we face is Chinese nationals who are now "citizens" (quotes used to denote legal status with no inner patriotism) of the United States. Some of our biggest security violations on classified and controlled technologies have come from people of Chinese descent who have basically retained their loyalty to China, even though they carry citizenship.
What do we do about this? I think the answer is pretty clear. Most Chinese who become Americans are loyal, so the clear answer is to just leave them alone and viciously punish people who trade in controlled technologies to foreign governments. If we executed a few people who sold classified warplane technology to foreign governments, it might make the filthy lucre their governments are offering look nowhere near as enticing.
Most Americans just don't get that in much of the world, ethnicity actually means something pretty profound to the average person. It's one of biggest reasons why people on our own soil betray our trust to foreign governments. The only way we can override that in most cases is to stop being so limp-wristed toward people who break our espionage and export laws, and start seriously ruining the lives of people who break these laws.
The beauty of a deterrence policy based on the certainty that betraying any technology classified Secret or higher will carry at least life in prison without parole, is that it will make preventative surveillance less necessary.
Al Qaeda is on AOL chat rooms asking A/S/L ?
I want to delete my account but Slashdot doesn't allow it.
Anyone who has trouble explaining exactly what "FUD" is to a parent or whatnot should just send them to this tidbit - it's about as clear-cut an example of Fear, Uncertainty, and Doubt that I've ever seen...
I'm sure there's hackers trying to break in to the FBI's computing system all the time, it's just now it's probably gotten so easy and there are so many holes and loose ends to tie up with security, and even if there are people who know what they're doing there, there is no real grand plan for their computer system or security and nobobdy knows how to bring it all together. They're probably also concerned with illegally hacking into other nations' computers and our own. Why should we care about what's wrong with their security (I mean, there are a few things we want to know as well), and how could they even fix it anyway?
Twinstiq, game news
You are inferior. Man will be reborn as Cybermen, but you will perish under maximum deletion. Delete, delete, delete, DELETE!
What they ment to say was that any US Cybrans would be at risk. If you are Aeon or UEF, you have nothing to worry about.
Carry on Supreme Commander!
"Quote me as saying I was mis-quoted." -Groucho Marx
They are not Christians, and the Iternete belongs to GOD. Jesurs!
Sheesh, I didn't know there were that many CDC Cybers out there still in use to cause panic.
The implication of a government person saying we have a problem, is that the government should do something about it. And for the military and other government networks, that's fine.
But why do we ("we" being the government) need to do anything to protect corporate (or any other private) computers? The owner/operators of computers can protect them on their own. Just stop running foreign code.
This isn't like physical security, where, say, IBM can't (and shouldn't have the means) to protect themselves from nuclear ICBM attack. It makes sense to put government in charge of securing the country against certain threats, and that job (if stated broadly enough) is arguably the only reason we need government to exist at all. But cyber-security isn't one of those situations, because individuals and groups can protect themselves, without putting anyone else at risk.
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
Stay tuned for FBI: Cyber Division - coming this fall to FOX.
this criminal.
Cordially,
ÐsÐÐÐÐ¾Ñ ÐÑÐÑfÑ
Slashdot needs to accept other alphabets. Morons.
That guy knows how to fix a series of tubes!
USA! USA! USA!
"When information is power, privacy is freedom" - Jah-Wren Ryel
The implication of a government person saying we have a problem, is that the government should do something about it. And for the military and other government networks, that's fine.
But why do we ("we" being the government) need to do anything to protect corporate (or any other private) computers? The owner/operators of computers can protect them on their own. Just stop running foreign code.
This isn't like physical security, where, say, IBM can't (and shouldn't have the means) to protect themselves from nuclear ICBM attack. It makes sense to put government in charge of securing the country against certain threats, and that job (if stated broadly enough) is arguably the only reason we need government to exist at all. But cyber-security isn't one of those situations, because individuals and groups can protect themselves, without putting anyone else at risk.
If you're premise was correct your position would have some merit, but because you're probably thinking very narrowly about the problem you've missed some very big issues.
First, much of our infrastructure is run by private companies. Think about how effective inter agency communication isn't when phones and cell phones don't work (think Katrina and 9-11). Our utilities are almost completely under private control and that includes nuclear reactors, dams, and the electrical grid. The Nuclear Regulatory Commission sets standards for security, but computer systems and security (both virtual and real) are all handled by private companies, most often contractors.
Second, even non-infrastructure companies can be hugely disruptive. Think what could happen if someone gained control over the automated systems that report on the prices of stocks, commodities, bonds, and other financial mechanisms. Creating a run on a bank, Wall Street, or a huge fluctuations in the value of the Dollar would be trivial if someone just had access for a short time period. If someone had undetected access and a more subtle mindset the damage could be both much longer term and much worse.
Finally, even companies and organizations that don't control infrastructure or financial systems can have a huge impact if their systems are compromised. Your example of IBM's being able to protect themselves without risk to others is also critically flawed. Last year IBM did $1.43 billion in consulting work for the US government. (1.4% of total 2007 revenue) You don't suppose that in that some of the work is classified? I know some of it is and further, given continued access, I could see the new stuff as the contracts are awarded to Big Blue. This also ignores the disruption that they could create because they are a well trusted ASN on the Internet. The sheer number of workstations and servers they have would also make them attractive to operate as part of a bot net.
In short, there are lots of ways that any large company can hurt the rest of us if they aren't responsible with their security. Now, I'm not buying into the idea that the government being responsible for everyone's network security, they couldn't if they wanted to, but right now network security is something that a lot of companies haven't taken seriously and they _can_ harm us with their negligence.
You mean to tell me that somewhere in the world there are nations that aren't fond of America?! This is big news; we'd better firewall the cybers with extra Norton's or they're likely to steal all of our webs.
First worry about individuals and groups of individuals, that are already doing some damage. Worms, spam, virus, botnets, exploiting vulnerabilities, social engineering, phishing... you dont need to have a country's government behind those threats.
And part of the solution is not "attacking", but defending having things right in your side. Detect infected and vulnerable sites and pcs and warn/educate owners/vendors about that, as they are the perfect source for i.e. a big DDos or other kind of attacks. That US is the biggest source of spam and probably botnet activity of the world is a good warning sign.
Fair enough on that. I'm ok with government demanding authority (or certain standards) over private computer security as a term in government contracts. As long as someone can Just Say No (i.e. don't take the lucrative government business) then surrendering this power isn't hurting anyone.
Infrastructure that is already high-regulated, most of which has some sort of monopoly given by government? Hmm.. ok there too, for the same reason.
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
rofl, troll? wtf kind of moderating are we getting these days?
Riiiiggghhht. And then all the focus of the "evil-doers" gets put on those oh-so-free operating systems and we'll be right back in the same boat.
People and businesses need to hammer all of the the OS manufacturers and get them to fix their damn software.
Free systems aren't any better, it's just that no one is using them to the same degree. They ALL stink as far as security is concerned.
much of our infrastructure is run by private companies.
So, basically privatization leads to nationalization?
Interesting.
was wondering when we'd get our daily dose. please pass it down, i'm starting to feel a little better about things and don't really want to....
or maybe "duh."
enemies who want to get you in the weak points. who woulda thought it?
any bilged-out 2nd lieutanant would appear to be smarter than the head of cyber security in this regard, since the military academies exist to study this stuff. and the first place to start is not to put critical systems on the web, maybe, you think?
this fella probably wants to go back to tubes to avoid EMP.
if this is supposed to be a new economy, how come they still want my old fashioned money?
Fu*k the FEDS! There the Evil ones. There doing more damage to the USA then any other foreign nation, or hacker. Asswipes.
Soo people want to Hack the government, alright.. well your chief of the FBI, you better get on that.. why would I care if they want to hack the FBI.
If I were president I would send every FBI, DHS, CIA, NSA, TSA, and DEA agent in America to guard ANWR Alaska against "terrorism".
Bringing liberty to the masses. - http://freetalklive.com/
n/t
http://slashdot.org/~SockDisclosure/journal/
Maybe we should let these "hackers" do their best, after all, what's the worst they could do? Fix our government? I don't see how they can do anymore damage then has already been done!
First off, MOST countries don't like us. That comes with distrust as well. By hacking into our stuff they learn of our plans/security layout. So lets look at this point by point.
(1) There is a something called the internet.
(2) There are people who know how to store data made available on the internet.
(3) People know how to steal data from places where the internet is used.
(4) People are VERY good at #3.
(5) For every security tool we have put in, they have a tool that will get past it in time.
Now given all of that, how are we surprised people want/are trying to break into our databases?
...are eager to punch George W. Bush in the face. News at 11.
Contrary to the popular belief, there indeed is no God.
Most Americans just don't get that in much of the world, ethnicity actually means something pretty profound to the average person.
This is precisely why ethnic slurs offend. Ethnicity is a gestalt. Physical appearance, language, religion, ideology, and folkways are bound in an inseparable unity. To tamper with one part is to violate the integrity of the whole. The very process of naturalization requires the adoption of values different from one's nativity. For some, the resulting identity dissonance may be too great to handle in the long term. Therefore some may attempt to retain their native intentions. For some, this leads to the spectre of unnaturalized minds in naturalized bodies. For others, it leads to attempting to fit in by modifying one's body via surgery, such as rhinoplasty, epicanthoplasty, and blepharoplasty. In the process of trying to fit in, people who appear exceedingly different will excel and achieve greatly. If this were not so, would anyone be reading this on the Internet?
In the USA there is now a critical mass of those who are different who have risen to great heights. However, when they look in the mirror, they cannot help but be reminded that they come from a place that has values that differ, sometimes greatly from the ones that they adopted under oath. Enter human nature with respect to temptation resistance and the potential for disaster involving national security is great.
It's one of biggest reasons why people on our own soil betray our trust to foreign governments. The only way we can override that in most cases is to stop being so limp-wristed toward people who break our espionage and export laws, and start seriously ruining the lives of people who break these laws
This already has been happening to Jews in the USA (Jonathan Pollard and Julius and Ethel Rosenberg). Of course an Irredeemable Protocols Believer will say that these instances are merely for public consumption to dissuade belief in a Jewish conspiracy. However, this is beyond the scope of this posting.
I have been saying this for years that the oath of citizenship taken does not rewrite DNA. Where the Fourteenth Amendment says "and subject to the jurisdiction thereof" the judiciary would best serve by interpreting the clause as "and subject to the ideological jurisdiction thereof". The irony of citizenship apart from certifiable ideological naturalization has become ever more clear in U.S. v. Wong Kim Ark. It should be just as much a hassle to naturalize in the USA as most other nations so as to serve as an incentive to get ALL parts of one's mutable condition naturalized. Not all nations permit naturalization (especially in the Persian Gulf), and it is no accident that such nations have trade and budget surpluses pouring into sovereign wealth funds.
The nagging problem is that China holds a critical percentage of federal debt and an obscene trade surplus. This has impaired the sovereignty necessary to do what is proper from a national security perspective. Perhaps what is deeper still is that we are seeing a revisit of the clash of civilizations the likes of which has not been witnessed since the mingrations of Indo-European peoples from the grasslands of West Asia some several millenia ago.
The right to speak one's mind without retaliation from government does not exist in a political state of nature. Remember whence cometh the quote "The nail that sticks up gets hammered down".
Submission as evidence constitutes plaintiff and/or prosecutorial misconduct.
They just want more money in their budgets. If .gov or .mil computers on the interet are resulting in any serious threat to national security, then GET THEM OFF THE INTERNET! It's the people who insist on putting them ON the internet who are doing the real damage, not the hackers from Bogie Land.
Countries will only participate IFF the US provides reciprocity. Someone fleeing another country and landing in the US will be wanted by the other countries authorities. Requests sent to the US have typically resulted in very poor to null interest from US authorities. Information sharing is even worse. If the US wants others to "be friends", it has to be a friend. It can't all go one way.
When I read the title "FBI Warns of Sweeping Global Threat To US Cybersecurity" my first thought was "The FBI is complaining about the NSA?".
Cow Cube
blah blah blah blah blah blah blah blah and we have to monitor the whole Internet to keep you safe.
J
The actual meaning of "incredible" :
beyond belief or understanding;
wordnet.princeton.edu/perl/webwn
overused as a hyperbole for "good." It means "too improbable to believe":
www.iolani.honolulu.hi.us/Keables/KeablesGuide/PartThree/Letters/I.htm
Too implausible to be credible; beyond belief; unbelievable;
en.wiktionary.org/wiki/incredible
The Hawaii phrasing is particularly apt. So, by it's own words, the US Govt has had success "too improbable to believe" in fostering overseas partnerships. Since the tone of the article is of celebration that the US Govt has had a lot of success in fostering overseas partnerships, I deduce that this is coded speech by someone who knows how to use English and wants to say "the US Govt has had almost no success in fostering overseas partnerships". More specifically, the US govt has had far less success than it expects or hopes for.
Words have meanings ; people do, sometimes use those meanings.
Birds are not dinosaur descendants;birds are dinosaurs, for all useful meanings of "birds", "are" and "dinosaurs"