Tuesday, March 27, 2012

China hacks every major US company; former CIA/NSA director's idea for "cyber mercenaries" should be revived.

Wow, a watershed day with three postings! The latest from ZDNet today, where Cyber War author Richard Clarke is reported as saying (see here) that every major U.S. company is being regularly hacked by China. Think I'm exaggerating? Here's the verbatim:
“I’m about to say something that people think is an exaggeration, but I think the evidence is pretty strong,” Clarke said during an interview with the Smithsonian. “Every major company in the United States has already been penetrated by China…"
All of which brings to mind a rather old (July 29, 2011) Aspen Security Forum video where former CIA/NSA director General Michael Hayden suggested that cyber mercenaries "might be one of those big new ideas in terms of how we have to conduct ourselves in this new cyber domain." Granted, Hayden is just one of the old Beltway hacks trying to drum up business for his fellow pigs at the trough. But my Morgan Doctrine could be that "big new idea." Here's General Hayden's YouTube video:
Have a nice week.

My SECRET WEAPON for social media analytics: Free Quantum Leap Buzz

I've spent the last month looking at every social media analytics product I could find, trying to get my brain around the landscape. Net net: Quantum Leap Buzz (Free Edition) is really my workhorse dashboard. Not only do I get situational awareness dashboards that put me far ahead of the mainstream news media, but this sucker is free (as compared to products that cost tens of thousands of dollars and require a significant IT infrastructure).  AND I get text message alerts on my cell phone, no matter where I am.

So I figured I'd share my SOCIAL MEDIA ANALYTICS MATRIX with the world (and invite anyone with corrections to let me know). I count a total of 50 products, with dozens more not covered but which are more campaign marketing platforms.

Australia not the least bit PC concerning China cyber threats

This New York Times story pretty well sums up the continuing world concern over China's continuing threat to the cyber world. Looks like Huawei will not be allowed to bid on Australia's $38 billion nationwide broadband network. Thirteen months ago, I suggested a way for Huawei (and China) to get out ahead of this dilemma (see here). A month before that I even got poetic about China attacks on my Linux server (see here). And on 11 November 2010, I even published the IP addresses of Chinese attack servers (see here).

The good news in all this? Globalization has made China and the United States rather co-dependent on many levels. But the bad news is that Australia can't truly use the same umbrella of protection. Which is why their terribly politically incorrect "bearding of the lion in his own den" could have consequences. So maybe my 27 October 2010 premise that Australia could get first-mover advantage as a sponsor for licensed and bonded cyber privateers (see my story here) might get some new legs.

Dear Australia: I have said before (see here), simply "playing defense" is a surefire guarantee you will eventually lose the war.

Monday, March 19, 2012

15 months ago, I predicted the authorship of Stuxnet & Duqu

Egads, 15 months ago—on December 6, 2010—I posted the following:
I BELIEVE THE STUXNET VIRUS was created by a lone male individual who is at least 60 years old and is working for British Intelligence, supported by U.S., German and Israeli intelligence. One of the features of any A.I. inference engine is the ability to ask it "why" it made such an inference. So in keeping with that protocol, I'll answer the "why" question. Of course, you'll see just how fuzzy my logic truly is. First, the location and frequency of countries following this blog leads me to those players: the USA, the UK, Israel and Germany, in that order. Of course, hackers from other countries could be using compromised servers in my suspect countries to make their queries, but I'm placing my bet on these four main players. My second reason for asserting that a single individual wrote Stuxnet is my long experience in the software business. Nothing truly genius ever came out of a committee or even a team. Nothing. And by all accounts, Stuxnet is not just good. It's genius. The kind of genius, by the way, that had to evolve with the industry since the beginning of the minicomputer revolution. Which would make my virus genius at least 60 years old. Finally, my assertion of male gender. Sorry ladies, but I have yet to see, meet or hear about a decent female hacker. And certainly not a world-class hacker. If I'm wrong, let me know and I'll make a public and abject apology. As my mother never said (but should have), I'm frequently wrong but never in doubt.
Either it's a slow news day, or the media is recycling old stuff because they don't have a new story. Computerworld reports today that a Kaspersky Labs researcher says Duqu may have been written by "experienced, old school programmers." I may have been wrong about an old-school Brit being the author, as the time-out of both Stuxnet and Duqu smacks (according to Richard Clarke) of American Congressional legal oversight, but "old school" rings true. Heck, my greatest programming achievements were in assembly language, and I don't think the new generation has the least appreciation of the real genius that can be unleashed by a gifted bit-diddler who's "gone native" with assembly language.

My old buddy Joseph from Spain is on the case. He solved the FBI's "unsolvable problem." It's only a matter of time before this Genius of the First Waters unveils the Duqu "old guys." Eh, Joseph?

Monday, March 12, 2012

"10 scariest hacks" from BlackHat don't even begin to cover the threat landscape

With due respect to Network World reporter Tim Greene, his summary today on the "10 scariest hacks from Black Hat and Defcon" don't even begin to cover the real threat of NOT articulating a guaranteed-response Morgan Doctrine to cyber miscreants. The "twitterverse" top influencer (as illustrated by my QuantumLeapBuzz.com cyberwar dashboard) says it all:

Friday, March 9, 2012

Duqu "alien architecture" still a mystery

As I wrote on January 7th, the Duqu virus seems to spring out of the guts of target computers like an Alien monster. That's probably because it was created with an alien architecture. In today's Computerworld Security online alert, a telling paragraph raises a question that seems to have an obvious answer:
"When we checked Duqu it looked totally unknown and that was very curious, because it's unclear why something very custom was developed and used," said Vitaly Kamluk, chief malware expert with Kaspersky Lab's global research & analysis team.
The key statement: "…it's unclear why something very custom was developed and used…" Nothing unclear about it. As I've said on repeated occasions, the Holy Grail of the perfect virus is principle #7, Black Box Portability. Net net:

  1. A "Black Box" is an alien architecture.
  2. An alien architecture will take government-level resources to develop and maintain and evolve.
  3. The vision of cracking all future architectures is critical to future world dominance.
Given Joseph from Spain's previous success in unravelling a mystery the FBI's "best and brightest" couldn't hack, maybe he'll come up with an answer to this conundrum. Who is the architect and what is the alien architecture? Joseph? Answers?