Cyberwar, Security Assessments

Major cyber security events of 2011

I just read an article in the Financial Post (a Canadian paper) highlighting some of the major cyber security events of 2011.  Clearly these are not all the events and perhaps they are not even the most significant in some cases…but they serve to remind us of the pervasive and ubiquitous nature of the threats we face.  “Shields up, Mr. Spock.”


  Dec 28, 2011 – 8:29 AM ET

Early January — Canadian Department of Finance/Treasury Board
Hackers believed to have been based in China breached the security of Canada’s two primary economic nerve centres, gaining access to classified data before they were discovered. The same hackers were also believed to be responsible for failed attempts made against the systems of several noted Bay Street law firms several months later.

Early February — Nasdaq Stock Exchange
America’s largest electronic stock exchange was revealed to have been repeatedly penetrated by computer hackers over 12 months. While the trading platform itself was never breached, subsequent investigations found relatively lax security allowed hackers to gain access to other Nasdaq systems.

February/March — Online dating and travel advice sites
Plenty of Fish and eHarmony, among the world’s two largest sources of people digitally searching for dates, had some of their user accounts exposed over a two-week period, allegedly by the same hacker. Weeks later, TripAdvisor, the world’s largest travel Website, had email addresses belonging to some of its 20 million-strong user base stolen.

April/May — Sony PlayStation Network
More than 100 million users of Sony Corp.’s online gaming platform had their accounts breached in what remains the most widespread cyber attack of the year. The potential cost to Sony has been estimated to range as high as US$24-billion.

Late May — Weapons producers
Lockheed Martin Corp., the world’s largest producer of military-grade weaponry, narrowly managed to thwart what it described as a “significant and tenacious” attack on its systems. Other major defence contractors such as General Dynamics Corp, Northrop Grumman Corp and Raytheon Co. were also targeted.

May 26 — U.S.-Stuxnet connection made
William Lynn, deputy Secretary of Defence of the United States, refused to deny U.S. involvement in the creation of the Stuxnet worm used against the Iranian nuclear program in 2010 during an interview on CNBC.

Early June — International Monetary Fund
A cyber attack described as “sophisticated” and “very major” by senior IMF officials struck the global economic stabilizer at some point over the last several months, the New York Times first reported on June 12. The Washington D.C.-based fund contains a treasure trove of highly sensitive economic data.

Early August — Operation Shady RAT exposed
McAfee Labs uncovered details of a coordinated five-year cyber warfare campaign against the networks of 72 organizations including the United Nations, governments and companies around the world. Dubbed ‘Operation Shady RAT’, the company called it the ‘biggest series of cyber attacks’ in history and many fingers pointed to China as the culprit.

Late October — “Nitro Attacks” revealed
Symantec Corp. released details on a series of attacks launched against “multiple” Fortune 100 companies involved in the industrial chemical production sector. A total of 48 companies around the world were believed to have been victimized by that single coordinated attack. The world’s largest maker of security software also revealed a survey finding controllers of critical infrastructure were growing complacent with their own security procedures.

Early November — Biggest cyber criminal takedown in history
Working with members of the Estonian police, the U.S. Federal Bureau of Investigation executed what has since become known as the rgest single takedown of a cybercrime syndicate in the history of the Internet, arresting the alleged ringleaders of a US$14-million cyber crime spree. Known as ‘Operation Ghost Click’, the victory was heralded as a sign law enforcement was finally beginning to overcome a key obstacle in digital crime investigations: Actually tracking down the perpetrators in the real world.

Mid-November — Canada commits nearly half-a-billion to cyber defence
Recognizing the growing digital threat, made clear and brought close to home by the attacks against two federal departments in early 2011, Ottawa earmarked $477-million for access to U.S. cyber defence capabilities. Known as Global Mercury, the new capabilities are expected to come into force before the start of 2012.

Security Management

2011 USSTRATCOM Cyber and Space Symposium

USSTRATCOM has just released the symposium videos from the speaker and panel presentations.  If you missed the symposium, I encourage you to view some of the videos.  Video files and presentations from the featured speakers and panel sessions are available at

One panel that I found to be most enlightening (maybe because I have been saying some of the same things!), was the Cyber Industry panel.  It is all very good, but if you are in a hurry, listen to Scott Montgomery speak (minutes 44 to 48) on this clip:

What do you think?  How do we integrate/use/capitalize on all the newest concepts and still maintain sound security practices?

Security Education, Security Management

Blueprint for a Secure Cyber Future: The Cybersecurity Strategy for the Homeland Security Enterprise

Fresh off the press:  The Department of Homeland Security (DHS) has published and released strategy guidelines for the enforcement of cybersecurity. It provides a road map for cybersecurity efforts while observing the need to preserve civil liberties, protect privacy, bolster national security, and provide the ability for the private sector to effectively operate and innovate in cyberspace. The full text of the Blueprint for a Secure Cyber Future: The Cybersecurity Strategy for the Homeland Security Enterprise can be found here:


I think it is a sound document that is probably worth taking the time to read, especially for cybersecurity professionals whether working in government or private sectors.   Let’s face it, we all share the same cyber “ecosystem.” 

One area in the blueprint caught my attention:

…10. Develop the Cyber Workforce in the Public and Private Sectors: Maintain a strong cadre of cybersecurity professionals to design, operate, and research cyber technologies, enabling success against current and future threats.

Core capabilities for the homeland security enterprise are:

Development of a rigorous cybersecurity and software assurance curriculum, and sustained enrollment in targeted fields of study. Relevant disciplines include science, technology, engineering, and math. The National Initiative for Cybersecurity Education (NICE) will strengthen formal cybersecurity education programs and use competitions to develop skill sets from kindergarten through 12th grade, and in higher education and vocational programs. Additionally, four-year colleges and graduate-level universities may apply to be designated as a National Center of Academic Excellence in Information Assurance Education.

There are two points I would like to highlight from this quote:

1.  The fact that you are reading this blog on the Center for Cybersecurity Education website means that you are making an effort to increase your knowledge on cybersecurity issues.  Good job!

2.  Bellevue University is very serious about developing the rigorous curriculum described above.  In fact, BU is in the process of applying to be designated as a National Center of Academic Excellence in Information Assurance Education.  We should know the results in the next few months.

 So, what are your thoughts about the blueprint? Is it relevant or useful?