Swedish Air Space Infringed, Aircraft Not Required →
News, via Aldrimer, of the Kingdom of Sweden's airspace, and the violation thereof - without aircraft. Todays Must Read and Hat Tip to Firewall Consultants.
Ukranian SCADA Systems Malware Infection Discovered →
News, of reportedly SCADA malware infections have been published via Motherboard; in which, those infections (also reportedly) point to cyberattack vectors).
'“The fact that malware was recovered from the network at all, and the fact that it's newer, gives a high confidence assessment that the cyberattack on Ukraine was legitimate,” Lee told Motherboard in a phone interview. Lee said the malware was “unique,” implying that it likely wasn't something that just happened be on the grid network during the outage.' - Robert M. Lee, a former US Air Force cyber warfare operations officer as well as the founder and CEO of Dragos Security, wrote on the SANS ICS Security Blog
US to Train Iran in Nuclear Security Best Practice - Including Cybersecurity
Likely one of the more blatantly misguided stipulations in the corporeal abomination known as the 'Joint Comprehensive Plan of Action', lies a component of the agreement, in Annex III. Within the Civil Nuclear Cooperation area, and in Section D that apparently commits the United States of America to enter unilateral defense training (think cybersecurity folks) of the Islamic Republic of Iran against all others (in this case the all others would be defined as to the State of Israel):
'10. Co-operation in the form of training courses and workshops to strengthen Iran's ability to prevent, protect and respond to nuclear security threats to nuclear facilities and systems as well as to enable effective and sustainable nuclear security and physical protection systems;' - Joint Comprehensive Plan, Annex III, Civil Nuclear Cooperation, Section D, within Nuclear Safety, Safeguards and Security
Read This
And perhaps note what similarities exist between and betwixt this young 2nd LT at the United States Military Academy recently branched to the Cyber Command and your career... Absolutely outstanding. Via The Cyber Defense Review.
Title: 'An Emotional Response to Being One of the First Cadets to Branch Cyber.'
Author: 2LT Daniel Brown
Date: Jun 11, 2015
I have been asked multiple times what my emotions were the night I learned that I would be branching cyber. The night was like any other branch night at West Point with all of the First Class cadets anxiously awaiting their fate as army officers. The only difference with this branch night as opposed to the previous decades of them was the inclusion of the new branch, Cyber, to the list of possibilities. I knew going into this night that there were roughly forty to fifty cadets that were competing for Army Cyber slots. All of us had put in work through a selection process known as the Cyber Leader Development Program in which our talents, experiences and skills were assessed by a mentor. I thought my chances were decent because I had put hours into my application packet and had done everything I had been asked to do. I knew I would branch either Army Signal or Army Cyber. My grandpa had been an officer in the Army Signal Corps so I had a historical connection to Army Signal, but my hope and dream was to branch Army Cyber.
As the night progressed we were finally given our envelopes with our branch inside and the first thing every firstie did was feel the envelope to figure out what branch they had gotten. I can say with complete honesty that I had no idea what mine was. We then waved the envelopes above our heads, as per tradition, and awaited the order to open our branches. When the order came I ripped open the envelope and confirmed my hopes and dreams. I had branched Army Cyber. The moment was surreal and was shared with several of my classmates. Cadet Ames Evans, a fellow cyber cadet, told me that he was ecstatic as well and that it was one of the greatest days of his life. Cadet Braxton Musgrove informed me he was happy, but was not incredibly surprised. This lack of surprise was an emotion that was shared by several cyber cadets who were confident in their abilities. This demonstrates one aspect of branching cyber that differentiates it from the other branches. Not only do cadets have to be sufficient in all three pillars, but even more importantly, prospective cyber soldiers have to possess a certain set of skills that separates them from their peers. To branch cyber means that you are a member of a profession. The hours and time it takes to become proficient in the skills necessary to be an effective cyber officer set cyber soldiers apart. It could be compared to learning several foreign languages, proficiently; learning to think analytically as well as logically work through incredibly complicated problems that utilize everything from cryptographic algorithms to complicated arithmetic equations. I knew that night that I was joining the ranks of such soldiers, and that was what made it one of the greatest nights of my life.
Cyberwarfare, Not Game of Thrones... →
Israel To Create New Military Branch, Cybersecurity Focused →
Israel Hayom is reporting the Israel Defense Forces (IDF) plans to create an entirely separate and new branch of the State of Israel's primary military defense targeting cyberwarfare. The decision to create a separate military service targeting electronic warfare appears to be one of the first of it's kind worldwide, and significantly forward-thinking.
'The new branch will join the Israeli Air Force, Navy, and GOC Army Headquarters as a main service branch that will oversee the military's cyberwarfare strategy, as well as its proactive cyber efforts, which are currently headed by Military Intelligence, and its cyberdefense efforts, currently headed by the C4I Corps.' - via Israel Hayom's Lilach Shoval and Israel Hayom Staff.
Tallinn 2.0 and the PRC →
If you read anything today focusing on warfare in the electronic realm, read the Lawfare blog's Ashley Deeks posting on this year's Tallinn-based NATO CCDCoE's CyCon 2015 confab. In particular, a Chinese academics' take on cyber jus ad bellum and jus ad bellum criteria to wage war, as targeted by Tallinn 2.0. Fascinating.
Estonia, Creates Volunteer Cyberwarrior Brigade
Considering the country's highly systems-literate populis, this is one of the more interesting cases of a so-called Cybernational Guard, this time, stationed at the K5 Barracks (NATO Cyber Defense Center, Tallinn, Estonia), in quite likely one of the most astoundingly beautiful countries on our planet - Estonia!
Researched Research on Anti-Drone Research
News, via Aliya Sternstein, writing at NextGov, details research regarding anti-drone activities fueled by published research. A drone research conundrum, of sorts...
Alexanders' Warning: Catastrophic Attacks on Energy Sector in the Offing
via David Bisson, writing at Tripwire's State of Security blog, comes a particularly dire warning from Keith Alexander, GEN (RET) USA (RET), holder of a Bronze Star and the 16th Director of the United States National Security Agency, focusing on the security bulwarks of the embattled Energy Sector.
DARPA's CyberOps Visualized Revolution →
via Sara Sorcher, writing at the Christian Science Monitor, for the Monitor's new Passcode department, comes the story of Plan X, the Defense Advanced Research Projects Agency's (DARPA) push into proper management of the cyberwar battlespace.
National Cybersecurity Center of Excellence Issues Call for Comments
Earlier this month (in April 2015 if you are reading this post in the far distant future...) the National Institute of Standards and Technology (NIST) released NIST Draft NISTIR 8050; in which, an interesting summary appears of a technical workshop held at Stanford University in conjuction with the Presidents' Cybersecurity Summit.
Pursuant to completeing the draft cycle of the document, the National Cybersecurity Center of Excellence NNCoE (a Center of Excellence and a component of NIST) has issued a Call for Comments, focusing on the content of that document. In this instance, related to your agency, company, buereau, department, country or other organizations' information and/or cybersecurity issues. I've included a link to NISTIR 8050 to assist in fulfilling the Call for Comments. Enjoy.
US CRS Report to Congress: Cyberwar and Cyberterrorism →
via the eponymous United States Naval Institute, comes news of last months United States Congressional Research Service report entitled Cyberwarfare and Cyberterrorism: In Brief. A fascinating analysis, and todays' MustRead.
One Million Attacks Per Day
Meanwhile, in astounding-security-attack-numbers-per-diem news, comes a remarkable litany of the resilience within the State of Israel's power grid, from Israel Electric Corporation Chairman Yiftah Ron-Ta. He describes the nearly one million attacks the utility fended off daily basis during the Summer 2014's Israeli Defense Forces (IDF) Operation Protective Edge.
London Hosts Staged Cyberwar Exercises →
News, of the fifth edition of the Masterclass, a UK cyberwarfare exercise, held on board the HMS Belfast (one of the United Kingdom's five Imperial War Museums, and of course, in this case a former ship of the line, anchored on the Thames) comes to us by way of Ars Technica independent writer Emiko Jozuka.
"The competition, known as the Masterclass and developed by a group of cyber experts led by BT, is now in its fifth year and aims to plug the skills shortage currently affecting both governments and UK businesses. The competition essentially invites participants to put their skills to the test and experience a dramatized version of events faced by regular cybercrime fighting professionals. It also allows sponsors of the competition such as BT, Lockheed Martin, and Airbus, to hover on the sidelines and cherry pick the next cybercrime busting whizz kids." - Ars Technica's Emiko Jozuka