Skip to content

Bit9

← Back to Blog
1 Jun 2011

Cybersecurity warfare, email hacking and tornados, oh my!

Harry Sverdlove

Wow. What a week it is turning out to be  for cyber security. First, Lockheed Martin disclosed that last week it was subject to a targeted attack. Yesterday, it was reported that another defense contractor, L-3 Communications has also been targeted by similar attacks. Fox News is now reporting that Northrop Grumman may also have been attacked. All of these attacks are following on the heels of the RSA breach, and suggest a coordinated and multi-phase attack where information stolen months ago might be used to thwart RSA SecurID two-factor authentication at some of the nation’s most sensitive networks. Not coincidentally, the Pentagon is developing a new cyberwar “doctrine”, where cyberattacks could be considered acts of war.

Meantime, also this week, the PBS website was hacked (with a fake news story about late rapper Tupac Shakur), showing that while nation-state enemies may represent the most dangerous and sophisticated threat, hacktivists are also here to stay and make their voices known.

Are you keeping up yet? I’m driving home with tornado warnings (in New England!) and thinking, is it really only Wednesday?

Then, a few hours ago, Google posted a security warning on its blog. They were not hacked, but they are reporting that email accounts of very specific individuals were compromised. The passwords for personal email accounts of Chinese political activists, US government officials, and others were hacked and their email was being monitored. I was asked if this bodes poorly for cloud-computing, and the answer is definitively “no”. In fact, it was through the strength of correlation and analysis, made possible through cloud computing, that Google was able to identify not only the scope of the attack, but the source (if you guessed China, you win a gold star). Google is using this as an opportunity to educate consumers on how to best protect their accounts and their passwords.  Finally, a bit of news that comes with some recommendations and remedy on how to protect yourself. They included tips such as: Don’t use the same password for multiple accounts, and use strong passwords. I’ll add a tip: Don’t use your personal email accounts for anything business or government related, especially if you work with sensitive information.

I believe in the intelligence community, all of this would be called “increased chatter.” There is an increased awareness of the threats and costs of modern cyber attacks, an increased (but not yet sufficient) level of disclosure regarding those attacks, and an increase in the actual attacks occurring. We are witnessing the salvos in a cyber war that started with the dawn of the Information Age and will continue for years to come. If you use a computer (and if you’re reading this, that means you), you are on the frontlines of this war.

email

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

*

* Copy this password:

* Type or paste password here:

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Notify me of followup comments via e-mail. You can also subscribe without commenting.


Our Solutions

Our Products

  • Blog

+1 617-393-7400 US