Category Archives: Security

A small victory for all U.S. citizens

With so much going wrong these days, at least all U.S. citizens and companies can breathe a sigh of relief at the following:

U.S. District Judge Jeffrey White in the Northern District of California rejected the Bush administration’s argument that no warrant was necessary to look through the electronic files of an American citizen who was returning home from a trip to South Korea.

Oh wait… that wasn’t the Bush administration that was claiming the right to seize a traveler’s laptop, keep in locked up for months, and examine it for contraband files without a warrant half a year later. That was the Obama administration. Fortunately the courts were there to prevent obscene abuse of executive power.

Read more here.

Hackers Announce Japan Nuked by N. Korea??!

Back in 2007, hackers broke in to a website for the Intelligence Community and made off 64,000 email addresses.

Now, using that same list, they sent out a fake news report apparently from an intelligence agency bulletin. The email is directly traceable to Georgia and Hungary, but likely misdirection from another country entirely…

What’s interesting is that it’s written intelligibly (as far as government-speak goes) and follows conventional structure. Pretty sophisticated for a link going to a weight-loss site!

From: SSC@dia.mil [mailto:SSC@dia.mil]
Sent: Sunday, March 07, 2010 11:17 AM
Subject: FOR OFFICIAL USE ONLY

Office of the Director of National Intelligence INTELLIGENCE BULLETIN UNCLASSIFIED//FOR OFFICIAL USE ONLY

(U//FOUO) DPRK has carried out nuclear missile attack on Japan

06 March 2010

(U//FOUO) Prepared by Defense Intelligence Agency

(U//FOUO) Today, March 06, 2010 at 11.46 AM local time (UTC/GMT -5 hours), US seismographic stations recorded seismic activity in the area of Okinawa Island (Japan). According to National Geospatial-Intelligence Agency, Democratic People’s Republic of Korea has carried out an average range missile attack with use of nuclear warhead. The explosion caused severe destructions in the northern part of the Okinawa island. Casualties among the personnel of the US military base are being estimated at the moment.

(U//FOUO) In connection with the occurred events, it is necessary for the personnel of the services listed below to be ready for immediate mobilization:

CENTRAL INTELLIGENCE AGENCY

DEFENSE INTELLIGENCE AGENCY

DEPARTMENT OF ENERGY:
OFFICE OF INTELLIGENCE AND COUNTERINTELLIGENCE

DEPARTMENT OF HOMELAND SECURITY:
OFFICE OF INTELLIGENCE AND ANALYSIS

DEPARTMENT OF STATE:
BUREAU OF INTELLIGENCE AND RESEARCH

DEPARTMENT OF THE TREASURY:
OFFICE OF INTELLIGENCE AND ANALYSIS

DRUG ENFORCEMENT ADMINISTRATION:
OFFICE OF NATIONAL SECURITY INTELLIGENCE

FEDERAL BUREAU OF INVESTIGATION
NATIONAL SECURITY BRANCH

NATIONAL GEOSPATIAL-INTELLIGENCE AGENCY

NATIONAL RECONNAISSANCE OFFICE

NATIONAL SECURITY AGENCY

UNITED STATES AIR FORCE

UNITED STATES ARMY

UNITED STATES COAST GUARD

UNITED STATES MARINE CORPS

UNITED STATES NAVY
________________

(U//FOUO) Additional information can be found in the following report:

[LINK REMOVED]
________________
Office of the Director of National Intelligence Washington, D.C. 20511

UPDATE: hundreds of visitors are seeking information about this from all over the country – from Maryland to Oklahoma; from outside consultants to intelligence agencies. Post a comment with your reaction. Did you click the link?

Why the Department of Defense Failed to Secure Our Computers

Every day, new viruses emerge that compromise the security of millions of computers – both personal and corporate. As government agencies increasingly rely upon commercial software for Top Secret computer systems, they found themselves facing a difficult dilemma: continue using their 80’s era software or upgrade to the latest commercial systems, while exposing themselves to the security vulnerabilities that plague everyday users.

From 1999-2001, Robert Meushaw, the director of the NSA’s Information Assurance Reserach Laboratory (NIARL), and his team worked on a solution that coul dgive hte best of both worlds. The system he developed, codenamed NetTop, uses a “sandbox” technique whereby inherently insecure software (such as Microsoft Windows and MS Office) is granted access to a limited portion of the computer. Even if one of the insecure applications was infected with a virus, it is unable to spread beyond the specific machine.

Unfortunately, the results were disappointing. Two crucial missteps ultimately led to its slow adoption within government agencies and by the general public.

The first problem was that NetTop compromised security for functionality. By being neither 100% secure, nor 100% functional, security experts were unsatisfied, and users were frustrated.

The second problem was around cost. Each “virtual” system required its own licenses. Thus, Top Secret computers that accessed six separate networks would require 6 licenses for Microsoft Windows on a single computer! Furthermore, the virtualization component was developed by a for-profit startup named VMWare (now publicly traded NYSE: VMW). As VMWare grew larger and more successful, Microsoft started to tamp down the competition by restricting its licensing terms to make virtualization even less cost-effective.

The end result has been another expensive government project with limited application and a dim future.

Hackers Target Intelligence Community Job Board

Dice Holdings (NYSE: DHX) subsidiary ClearanceJobs, an online job board for the Intelligence Community, has been hacked.

The Ukrainian-based  hackers stole the names and contact info (including email, phone and/or physical address) of members who possess active U.S. security clearance (including Top Secret / SCI for NSA and CIA).

The hackers sent the victims email messages that appeared to be an official ClearanceJobs communication. The messages included a document attachment (with a potential virus), and began as follows:

From: Pamela Jones <sales@clearancejobs.com>
Subject: Job offer-flexible schedule and high salary.ClearanceJobs

Hello, you have received this message because you have published your CV at ClearanceJobs and you meet our requirements.

Our company is one of the best in the field of e-currency. We specialize in purchasing, selling and exchanging electronic currencies for our clients all over the world. Our firm is ISO certificated. The company has been found in 1998 and by now we are one of the leaders in this market. Our main goal is: 100% customer satisfaction that is why we are looking for honest, confident and reliable employees.

Evan Lesser, founder of ClearanceJobs, indicated that the resultant “phishing scam” was similar to those that plagued Monster.com in August.

According to WashingtonTechnology, ClearanceJobs had 64,000 registered users in 2006.

From a strategic standpoint, the danger here is obvious. The Intelligence Community consists of a tight-knit group of professionals who are very discreet. In order to offer a service to these people, their primal need for secrecy must be understood, respected and protected.

Current trends on Security Software M&A Activity

I was recently asked to comment on the state of the Security Software industry. Here is how I responded:

Companies such as Symantec and McAfee are experiencing increased pressure from Microsoft, which has beefed up the built-in security capabilities in Vista. In an effort to counter this competition, the larger firms have made numerous acquisitions that will help differentiate their product portfolio and maintain product superiority. Acquisitions typically focus on two areas:

  1. Acquisitions with next-generation feature/functionality that can be incorporated into the core product suite
  2. Acquisitions that target a niche or highly specialized market that will remain impervious to any mass-market product that Microsoft introduces

As Symantec and McAfee reevaluate their portfolios over the next year, they are likely to continue acquisitions at a slower rate, as management fills gaps in the portfolio and focuses on integrating previously made acquisitions.

Whether consolidation in the industry is good or bad depends on who you are.

  • Consolidation reflects a defensive posture against Microsoft; however, it will not alter Microsoft’s slow entry into the market (nor will it alter Microsoft’s ineptness at developing secure products)
  • Symantec and McAfee will become larger and more stable, in a better position to hold off Microsoft
  • VC-backed startups will find it more difficult to scale organically to the size needed to generate 10x returns for their investors
  • Bootstrapped startups will continue to be able to find niche segments that are under the radar of the incumbents (even during and after this period of consolidation)
  • Customers will see fewer, more stable products and services with consistent levels of quality…for a price

Going digital: video surveillance and pulling teeth

Industries have moved into the digital age at different speeds. As information capture becomes digital, a massive amount of data goes “live” and can be parsed and analyzed in real-time. This leads to a host of new possibilities. Here are two examples:

First, in the world of physical security, digital video recorders (DVRs) are a relatively new phenomenon, only gaining mainstream support within the last five years or so. Initially, it was only large, sophisticated security companies that could develop such systems – for example, airport security could track individual passengers as they move throughout the terminal. (And can even detect if a passenger abandons a bag!) Now that digital systems are becoming more commonplace, startups such as Agent VI are able to enter the market as well and leverage the vast data made available by modern digital systems.

Second, the field of dental laboratories is about to change dramatically, as technology moves from physical casts of teeth (for crowns, implants, etc) to digital imaging and CAD/CAM fabrication technology.

The move towards digital technology leads to a wealth of information, which in turn enables secondary, value added services.