Thursday, March 28, 2013

INTERNET - Spam or Not to Spam Cyber War

"Cyber War Over Spam Slows Access for Internet Users" PBS Newshour 3/27/2013


SUMMARY:  A dispute between an online company that sends spam emails and a company trying to mitigate spam has led to the one of the largest reporter cyber attacks in history, creating slow access to common sites like Netflix for millions of web users.  Hari Sreenivasan talks over the case with Nicole Perlroth of the New York Times.

HARI SREENIVASAN (Newshour):  One company fights spam; the other is said to be behind sending those pesky e-mails.  A dispute between the two has led to one of the largest reported cyber-attacks in Internet history, the result, widespread congestion that's slowing access for millions of users to sites like Netflix.

Nicole Perlroth has been covering the story for The New York Times, joins me now.

NOTE:  For users, this is what eMail client filters are for.  Delete spam eMails, or move spam to a [Spam] folder.

Tuesday, March 12, 2013

INTERNET - What Happens to Your Online 'Estate' After You Die?

"Law Lags Behind in Defining Posthumous Protocol for Online Accounts" PBS Newshour 3/11/2013


JEFFREY BROWN (Newshour):  Billions of people around the world now live part of their lives online, sharing photographs, information on relationships and careers, tweets and more.

But what happens when physical lives end and life in cyberspace goes on?  Of the one billion people who use the social network site Facebook, for example, an estimated three die every minute.  And that can lead to some painful problems.  For one thing, there's no one method or law on the books for how beneficiaries gain access to a deceased person's digital records.

Virginia dairy farmer Ricky Rash ran into that problem after his 15-year-old son Eric committed suicide in 2011.

RICKY RASH, Father:  It was a complete shock, as any suicide is.  But we had absolutely no warning.  Eric kissed his mom good night the night before.  He did his homework.  He Armor All-ed the seats in that Oldsmobile that was his.  He did everything under the sun to show us it was a normal night.

So, with no answers from home, no answers from school, we were just hoping that there may be something that would give us some insight as to why he chose to make the decision he did.  And Facebook was literally the last frontier that we had to investigate.

Monday, March 4, 2013

CYBERWAR - Pinning Down Motive For Hacking Against U.S.

"As Hacking Against U.S. Rises, Experts Try to Pin Down Motive" by NICOLE PERLROTH, DAVID E. SANGER, and MICHAEL S. SCHMIDT; New York Times 3/3/2013


When Telvent, a company that monitors more than half the oil and gas pipelines in North America, discovered last September that the Chinese had hacked into its computer systems, it immediately shut down remote access to its clients’ systems.

Company officials and American intelligence agencies then grappled with a fundamental question: Why had the Chinese done it?

Was the People’s Liberation Army, which is suspected of being behind the hacking group, trying to plant bugs into the system so they could cut off energy supplies and shut down the power grid if the United States and China ever confronted each other in the Pacific?  Or were the Chinese hackers just trolling for industrial secrets, trying to rip off the technology and pass it along to China’s own energy companies?

“We are still trying to figure it out,” a senior American intelligence official said last week.  “They could have been doing both.”

Telvent, which also watches utilities and water treatment plants, ultimately managed to keep the hackers from breaking into its clients’ computers.

At a moment when corporate America is caught between what it sees as two different nightmares — preventing a crippling attack that brings down America’s most critical systems, and preventing Congress from mandating that the private sector spend billions of dollars protecting against that risk — the Telvent experience resonates as a study in ambiguity.

To some it is prime evidence of the threat that President Obama highlighted in his State of the Union address, when he warned that “our enemies are also seeking the ability to sabotage our power grid, our financial institutions, our air traffic control systems,” perhaps causing mass casualties.  Mr. Obama called anew for legislation to protect critical infrastructure, which was killed last year by a Republican filibuster after intensive lobbying by the Chamber of Commerce and other business groups.

But the security breach of Telvent, which the Chinese government has denied, also raises questions of whether those fears — the subject of weekly research group reports, testimony and Congressional studies — may be somewhat overblown, or whether the precise nature of the threat has been misunderstood.

American intelligence officials believe that the greater danger to the nation’s infrastructure may not even be China, but Iran, because of its avowal to retaliate for the Stuxnet virus created by the United States and Israel and unleashed on one of its nuclear sites.  But for now, these officials say, that threat is limited by gaps in Iranian technical skills.

There is no doubt that attacks of all kinds are on the rise.  The Department of Homeland Security has been responding to intrusions on oil pipelines and electric power organizations at “an alarming rate,” according to an agency report last December.  Some 198 attacks on the nation’s critical infrastructure systems were reported to the agency last year, a 52 percent increase from the number of attacks in 2011.

Researchers at McAfee, a security firm, discovered in 2011 that five multinational oil and gas companies had been attacked by Chinese hackers.  The researchers suspected that the Chinese hacking campaign, which they called Night Dragon, had affected more than a dozen companies in the energy industry.  More recently, the Department of Energy confirmed in January that its network had been infiltrated, though it has said little about what damage, if any, was done.

But security researchers say that the majority of those attacks were as ambiguous as the Telvent case.  They appeared to be more about cyberespionage, intended to bolster the Chinese economy.  If the goal was to blow up a pipeline or take down the United States power grid, the attacks would likely have been of a different nature.

In a recent report, Critical Intelligence, an Idaho Falls security company, said that several cyberattacks by “Chinese adversaries” against North American energy firms seemed intended to steal fracking technologies, reflecting fears by the Chinese government that the shale energy revolution will tip the global energy balance back in America’s favor.  “These facts are likely a significant motivation behind the wave of sophisticated attacks affecting firms that operate in natural gas, as well as industries that rely on natural gas as an input, including petrochemicals and steel-making,” the Critical Intelligence report said, adding that the attack on Telvent, and “numerous” North American pipeline operators may be related.

American intelligence experts believe that the primary reason China is deterred from conducting an attack on infrastructure in the United States is the simple economic fact that anything that hurts America’s financial markets or transportation systems would also have consequences for its own economy.

COMMENT:  The REASON for hacking U.S. systems is in reality irrelevant.  The ABILITY to hack our systems is, or should be, the point.  Hacking methods used for economic reasons can be use for more destructive reasons.