Earlier today I happened to see a short piece from the Bloomberg Businessweek "The Year Ahead: 2016" issue, titled The Best Places to Build Data Centers. The text said the following:
Cloud leaders including Amazon.com, Microsoft, Google, IBM, and upstart DigitalOcean are spending tens of billions of dollars to construct massive data centers around the world. Microsoft alone puts its total bill at $15 billion. There are two main reasons for the expansion: First, the companies have to set up more servers near the biggest centers of Internet traffic growth. Second, they increasingly have to wrestle with national data-privacy laws and customer preferences, either by storing data in a user’s home country, or, in some cases, avoiding doing just that.
The article featured several maps, including the one at left. It notes data centers in "Virginia" because "the Beltway has massive data needs." That may be true, but it does not do justice to the history of the Internet in Northern Virginia (NoVA), nor does it explain why there are so many data centers in NoVA. I want to briefly note why there is so much more to this story.
In brief, there are so many data centers in NoVA because, 25 years or so ago, early Internet companies located in the area and also decided to connect their networks in NoVA. Key players included America Online (AOL), which built its headquarters in Loudoun County in the early 1990s. About the same time, in 1992, Internet pioneers from several local companies decided to connect their networks and build what became known as MAE-East. A year later, the National Science Foundation awarded a contract designating MAE-East as one of four Network Access Points. Later in the 1990s Equinix arrived and contributed to the growth in data center and network connectivity that continues through the present.
Essentially, NoVA demonstrated real-life "network effects" -- with networks cross-connecting to each other in Ashburn and Loudoun County, it made sense for new players to gain access to those connections. Companies built data centers there because the network connections offered the best performance for their customers. The "Beltway" and its "massive data needs" were not the reason.
If you would like to know more, I recommend reading Andrew Blum's book Tubes: A Journey to the Center of the Internet. Yes, Blum is referring to those "tubes," which he investigates via in-person visits to notable Internet locations and refreshing historical research. Along the way, Blum charts the growth of NoVA as an Internet hub, in some ways, "the" Internet hub.
Watch Here - http://taosecurity.blogspot.in/2015/12/a-brief-history-of-internet-in-northern.html
Cloud leaders including Amazon.com, Microsoft, Google, IBM, and upstart DigitalOcean are spending tens of billions of dollars to construct massive data centers around the world. Microsoft alone puts its total bill at $15 billion. There are two main reasons for the expansion: First, the companies have to set up more servers near the biggest centers of Internet traffic growth. Second, they increasingly have to wrestle with national data-privacy laws and customer preferences, either by storing data in a user’s home country, or, in some cases, avoiding doing just that.
The article featured several maps, including the one at left. It notes data centers in "Virginia" because "the Beltway has massive data needs." That may be true, but it does not do justice to the history of the Internet in Northern Virginia (NoVA), nor does it explain why there are so many data centers in NoVA. I want to briefly note why there is so much more to this story.
In brief, there are so many data centers in NoVA because, 25 years or so ago, early Internet companies located in the area and also decided to connect their networks in NoVA. Key players included America Online (AOL), which built its headquarters in Loudoun County in the early 1990s. About the same time, in 1992, Internet pioneers from several local companies decided to connect their networks and build what became known as MAE-East. A year later, the National Science Foundation awarded a contract designating MAE-East as one of four Network Access Points. Later in the 1990s Equinix arrived and contributed to the growth in data center and network connectivity that continues through the present.
Essentially, NoVA demonstrated real-life "network effects" -- with networks cross-connecting to each other in Ashburn and Loudoun County, it made sense for new players to gain access to those connections. Companies built data centers there because the network connections offered the best performance for their customers. The "Beltway" and its "massive data needs" were not the reason.
If you would like to know more, I recommend reading Andrew Blum's book Tubes: A Journey to the Center of the Internet. Yes, Blum is referring to those "tubes," which he investigates via in-person visits to notable Internet locations and refreshing historical research. Along the way, Blum charts the growth of NoVA as an Internet hub, in some ways, "the" Internet hub.
Watch Here - http://taosecurity.blogspot.in/2015/12/a-brief-history-of-internet-in-northern.html
What is cyber security?
CYBER SECURITY: A 3 PART DEFINITION
Cyber security involves protecting information and systems from major cyber threats, such as cyber terrorism, cyber warfare, and cyber espionage. In their most disruptive form, cyber threats take aim at secret, political, military, or infrastructural assets of a nation, or its people. Cyber security is therefore a critical part of any governments’ security strategy. The U.S. federal government for example, has allotted over $13 billion annually to cyber security since late 2010.
Cyber Terrorism
Cyber terrorism is the disruptive use of information technology by terrorist groups to further their ideological or political agenda. This takes the form of attacks on networks, computer systems, and telecommunication infrastructures. For example, in response to the removal of a Russian WWII memorial in 2007, Estonia was hit with a massive distributed denial of service (DDoS) attack that knocked almost all ministry networks and two major bank networks offline. The rise in such cyber terrorism attacks is measureable: in the U.S., head of Military Cyber Command Keith B. Alexander stated that cyber attacks on facilities classified as critical infrastructure in the United States have increased 17-fold since 2009.
Cyber Warfare
Cyber warfare involves nation-states using information technology to penetrate another nation’s networks to cause damage or disruption. In the US and many other nation-states, cyber warfare has been acknowledged as the fifth domain of warfare (following land, sea, air, and space). Cyber warfare attacks are primarily executed by hackers who are well trained in exploiting the intricacies of computer networks and operate under the auspices and support of the nation-states. Rather than “shutting down” a target’s key networks, a cyber warfare attack may intrude networks for the purpose of compromising valuable data, degrading communications, impairing infrastructural services such as transportation and medical services, or interrupting commerce. For example, in the 2008 South Ossetia war, Russia’s initial attacks on Georgian soil were preceded by a synchronized cyber attack that crippled Georgian government websites.
Cyber Espionage
Cyber espionage is the practice of using information technology to obtain secret information without permission from its owners or holders. Cyber espionage is most often used to gain strategic, economic, political, or military advantage. It is conducted through the use of cracking techniques and malware. In the US, the Office of the National CounterIntellegence Executive released a report in 2011 officially acknowledging the legitimate threat of cyber espionage and its potential to damage the United States’ strategic economic advantage. In a subsequent opinion piece in the Wall Street Journal, former Director of Homeland Security Michael Chertoff elaborated on the economic impact of China’s cyber espionage of intellectual property, which he likens to the “source code” of today’s advanced economies. Through the utilization of its massive and inexpensive workforce, China has cheaply and efficiently driven a number of these ideas directly into production. As the fruits of costly investments in research and development from the hosting nation-states, the theft of these innovations is an immense strategic and economic loss to the targets.
With cyber threats in a state of rapid and continuous evolution, keeping pace in cyber security strategy and operations is a major challenge to governments. Cyber security is a serious concern to private enterprise as well, given the threat to intellectual property and privately-held critical infrastructure. Advisory organizations such as The National Institute of Standards and Technology (NIST) and the International Organization for Standardization (ISO) have recently updated guidelines to promote a more proactive and adaptive approach that prescribes continuous monitoring and real-time assessments. These guidelines are expatiated on in the NIST 800 and ISO 27002 publications.
Read More Here - https://www.paloaltonetworks.com/documentation/glossary/what-is-cyber-security
Cyber security involves protecting information and systems from major cyber threats, such as cyber terrorism, cyber warfare, and cyber espionage. In their most disruptive form, cyber threats take aim at secret, political, military, or infrastructural assets of a nation, or its people. Cyber security is therefore a critical part of any governments’ security strategy. The U.S. federal government for example, has allotted over $13 billion annually to cyber security since late 2010.
Cyber Terrorism
Cyber terrorism is the disruptive use of information technology by terrorist groups to further their ideological or political agenda. This takes the form of attacks on networks, computer systems, and telecommunication infrastructures. For example, in response to the removal of a Russian WWII memorial in 2007, Estonia was hit with a massive distributed denial of service (DDoS) attack that knocked almost all ministry networks and two major bank networks offline. The rise in such cyber terrorism attacks is measureable: in the U.S., head of Military Cyber Command Keith B. Alexander stated that cyber attacks on facilities classified as critical infrastructure in the United States have increased 17-fold since 2009.
Cyber Warfare
Cyber warfare involves nation-states using information technology to penetrate another nation’s networks to cause damage or disruption. In the US and many other nation-states, cyber warfare has been acknowledged as the fifth domain of warfare (following land, sea, air, and space). Cyber warfare attacks are primarily executed by hackers who are well trained in exploiting the intricacies of computer networks and operate under the auspices and support of the nation-states. Rather than “shutting down” a target’s key networks, a cyber warfare attack may intrude networks for the purpose of compromising valuable data, degrading communications, impairing infrastructural services such as transportation and medical services, or interrupting commerce. For example, in the 2008 South Ossetia war, Russia’s initial attacks on Georgian soil were preceded by a synchronized cyber attack that crippled Georgian government websites.
Cyber Espionage
Cyber espionage is the practice of using information technology to obtain secret information without permission from its owners or holders. Cyber espionage is most often used to gain strategic, economic, political, or military advantage. It is conducted through the use of cracking techniques and malware. In the US, the Office of the National CounterIntellegence Executive released a report in 2011 officially acknowledging the legitimate threat of cyber espionage and its potential to damage the United States’ strategic economic advantage. In a subsequent opinion piece in the Wall Street Journal, former Director of Homeland Security Michael Chertoff elaborated on the economic impact of China’s cyber espionage of intellectual property, which he likens to the “source code” of today’s advanced economies. Through the utilization of its massive and inexpensive workforce, China has cheaply and efficiently driven a number of these ideas directly into production. As the fruits of costly investments in research and development from the hosting nation-states, the theft of these innovations is an immense strategic and economic loss to the targets.
With cyber threats in a state of rapid and continuous evolution, keeping pace in cyber security strategy and operations is a major challenge to governments. Cyber security is a serious concern to private enterprise as well, given the threat to intellectual property and privately-held critical infrastructure. Advisory organizations such as The National Institute of Standards and Technology (NIST) and the International Organization for Standardization (ISO) have recently updated guidelines to promote a more proactive and adaptive approach that prescribes continuous monitoring and real-time assessments. These guidelines are expatiated on in the NIST 800 and ISO 27002 publications.
Read More Here - https://www.paloaltonetworks.com/documentation/glossary/what-is-cyber-security
Stopping the Next Cyber-Attack
Cybervandalism, cyberterrorism, cyberwarfare. No matter what you call the recent attacks against Sony Pictures, we weren't ready. And we won't be ready until our nation -- with the government and industry working together -- takes action to defend itself.
Cyber-attacks against the U.S. are certain to increase. Countries that cannot or would not attack us physically will turn to cyber as a viable and lucrative alternative. Such attacks are easy to deny and extremely difficult to attribute. Sony is the latest and most explosive example of this trend, but it won't be the last.
Cyber-attacks are also transitioning from disruptive to destructive. In 2012, more than 30,000 Saudi Aramco computers were destroyed by a wiper virus. Less than a year later, similar malware permanently deleted the data on thousands of computers belonging to South Korean media companies, financial institutions and government agencies.
These attacks are inexpensive and easy to pull off, yet the cost to the victims can easily reach hundreds of millions of dollars, not including reputational damage, loss of customer confidence, and increased scrutiny by regulators and oversight agencies.
The U.S. must learn from the attack on Sony, and use this opportunity to take the steps necessary to protect ourselves from such intrusions going forward. To that end, the country should focus on three major objectives in cyberspace: Improve our network infrastructure, pass cybersecurity legislation and work closely with our allies to defend against a global threat.
Our current approach to cyberdefense is like the Maginot Line: a costly illusion of security that's proving obsolete against sophisticated assaults. Attacks against companies from Target to eBay to JPMorgan Chase -- combined with intrusions at the White House, U.S. Postal Service, State Department and other government targets -- is clear evidence of this. We must invest in infrastructure that is designed from the ground up with cybersecurity in mind.
The first step is for corporations to have situational awareness of their networks, and better assessments of threats both within and among networks. Companies today typically have only a limited view of their networks, and seldom have a real-time awareness of their vulnerabilities -- which is why it takes an average of more than 220 days to detect a threat.
As threats change and evolve more rapidly, the current "signature-based" approach to security -- which basically relies on a database of known malicious threats -- is proving increasingly unreliable. What's needed instead are cyberdefenses that provide near real-time updates, employ behavioral models that automatically detect anomalous activity on a corporate network, and can automatically respond to potential attacks. (Full disclosure: My company, IronNet Cybersecurity, was founded to help businesses improve their defenses.)
Training and education must also be a priority, so that those charged with protecting corporate and government networks are qualified and well prepared.
Together, these elements will help create the foundation of a defensible architecture as cyberspace continues to develop.
The second major objective is to make it possible for industry and government to cooperate on cybersecurity. We would never expect companies to act alone in fending off physical attacks from nation states. We shouldn't expect them to act alone in cyberspace, either.
Unfortunately, current laws and policies impede this kind of cooperation. Companies can't easily share information with the government about cyber-attacks. And the government often can't assess attacks against companies and provide timely assistance.
To counter this, we need clear legislative guidelines for sharing cybersecurity information between the government and the private sector, and liability protection for companies that do so. Along these lines, a bipartisan bill introduced in the last Congress, known as the Cyber Intelligence and Sharing Protection Act, is a good start.
The third major objective is to overcome some of the recent international tensions over cybersecurity and to work more closely with our allies to identify threats and share information about attacks. The simple truth is that cyber-attacks don't recognize borders, and the more closely we work together, the stronger all our defenses will be.
In addition, we need to ensure that our companies aren't punished or put at a competitive disadvantage for doing what our governments ask them to do to improve cybersecurity. Following the leaks of NSA information by Edward Snowden last year, some companies were blamed for their lawful cooperation with the government. Corporations shouldn't stand alone when they work with the government for our common security.
For any of these steps to work, we also have to make sure that the public is confident that their privacy and civil liberties aren't being violated. That means having an open and transparent discussion about what protections are needed for any information-sharing plans between the public and private sectors, as well as the privacy risks the public now faces from cyber-attacks.
The attack against Sony was an attack against all of us. And our response should reflect this fact. We should use this opportunity develop our cybersecurity framework and pass legislation to improve our ability to defend against future attacks.
We are the nation that created the Internet, we should be the first to secure it and ensure the protection of those who use it.
See Here - http://www.bloomberg.com/view/articles/2015-01-13/how-we-can-prevent-the-next-sonystyle-attack
Pentagon to Open New Cyberfront in War Against ISIS
The Obama administration has authorized a new online campaign in its slow, grinding war against ISIS, The New York Times reported earlier this week. The Pentagon's Cyber Command will target ISIS in a way that essentially will get inside the heads of terrorist commanders to disrupt their military operations.
The goal appears to be to sow mistrust and confusion among ISIS leaders by interfering with their ability to pay their soldiers, execute operational orders, recruit new fighters, and communicate with one other.
The plan amounts to dropping cyberbombs on the enemy, Deputy Secretary of Defense Robert O. Work told the Times, which is something the U.S. never before has done in such a large-scale battlefield environment.
Shift in Strategy
The Cyber Command's primary focus has been on Russia, China, North Korea and Iran, Admiral Michael S. Rogers, commander of the unit, said in testimony before the Senate Armed Services Committee earlier this month.
Also known as "the Islamic State in the Levant," or "ISIL," ISIS has limited organic cyberwarfare capabilities, he told lawmakers, and it has used the Web primarily for recruiting, propaganda, radicalization and fundraising.
The Pentagon intends to use cyberwarfare as one tool in the toolbox, suggested Isaac Porche III, associate director of the Forces and Logistics Program at the Rand Arroyo Center.
Although he has no inside information on the Pentagon strategy, it appears that the aim is to break the will of the enemy, he told TechNewsWorld.
That type of effort is not used as a substitute for traditional counterterrorism or battleground campaigns, but in conjunction with them, Porche pointed out.
"Cyber is just one domain that we fight in, and all the domains have to be addressed," he emphasized. "No one domain is necessarily the place to take on an adversary. They understand it's a test of wills."
As a nation, the U.S. has to be prepared to respond to retaliatory attacks, Porche said.
One of the reasons there have been so few major attacks on the U.S. is that enemies know retaliation could come in a multitude of ways.
"The response from the U.S. would not necessarily be in cyber," Porche noted.
Domestic Concerns
In many ways, the U.S. is living in a pre-cyber-disaster world, observed GreatHorn CEO Kevin O'Brien. That is, it has not suffered a crippling large-scale cyberattack from a foreign entity.
"We have not yet seen a cyberattack take down the power grid, disrupt critical infrastructure, or -- so far as we know -- gain access to military secrets," O'Brien told TechNewsWorld. "However, it is likely a matter of time before we see one of these events take place. There are routes through our cyberdefenses that are largely unsecured."
For example, ISIS last year gained access to the Twitter accounts of U.S. Central Command, O'Brien noted.
"While this was essentially Web vandalism, one can imagine a scenario where instead of posting propaganda pictures, they used their access to begin a more sophisticated, longer-term, and insidious social engineering attack against targets both public and private," he suggested.
Federal prosecutors just last month charged seven Iranians working for two companies sponsored by the Iranian government, ITSECTeam and Mersad, with a series of crimes against U.S. financial institutions that resulted in losses of tens of millions of dollars.
The suspects between 2011 and 2013 allegedly used botnets and other malicious computer code to carry out distributed Denial of Service attacks on nearly 50 financial institutions, preventing victims from gaining online access to their bank accounts.
One of the suspects, Hamid Firoozi, allegedly gained access to the Supervisory Control and Data Acquisition systems of the Bowman Dam in Rye, N.Y., in 2013.
Separately, federal prosecutors last month charged three members of the Syrian Electronic Army, a pro-Assad hacker collective, with spearphishing attacks against U.S. media organizations, a U.S. Marine Corp recruitment site, and the Executive Office of the President.
The Defense Department did not respond to our request to comment for this story.
View Page Here - http://www.technewsworld.com/story/83429.html
The goal appears to be to sow mistrust and confusion among ISIS leaders by interfering with their ability to pay their soldiers, execute operational orders, recruit new fighters, and communicate with one other.
The plan amounts to dropping cyberbombs on the enemy, Deputy Secretary of Defense Robert O. Work told the Times, which is something the U.S. never before has done in such a large-scale battlefield environment.
Shift in Strategy
The Cyber Command's primary focus has been on Russia, China, North Korea and Iran, Admiral Michael S. Rogers, commander of the unit, said in testimony before the Senate Armed Services Committee earlier this month.
Also known as "the Islamic State in the Levant," or "ISIL," ISIS has limited organic cyberwarfare capabilities, he told lawmakers, and it has used the Web primarily for recruiting, propaganda, radicalization and fundraising.
The Pentagon intends to use cyberwarfare as one tool in the toolbox, suggested Isaac Porche III, associate director of the Forces and Logistics Program at the Rand Arroyo Center.
Although he has no inside information on the Pentagon strategy, it appears that the aim is to break the will of the enemy, he told TechNewsWorld.
That type of effort is not used as a substitute for traditional counterterrorism or battleground campaigns, but in conjunction with them, Porche pointed out.
"Cyber is just one domain that we fight in, and all the domains have to be addressed," he emphasized. "No one domain is necessarily the place to take on an adversary. They understand it's a test of wills."
As a nation, the U.S. has to be prepared to respond to retaliatory attacks, Porche said.
One of the reasons there have been so few major attacks on the U.S. is that enemies know retaliation could come in a multitude of ways.
"The response from the U.S. would not necessarily be in cyber," Porche noted.
Domestic Concerns
In many ways, the U.S. is living in a pre-cyber-disaster world, observed GreatHorn CEO Kevin O'Brien. That is, it has not suffered a crippling large-scale cyberattack from a foreign entity.
"We have not yet seen a cyberattack take down the power grid, disrupt critical infrastructure, or -- so far as we know -- gain access to military secrets," O'Brien told TechNewsWorld. "However, it is likely a matter of time before we see one of these events take place. There are routes through our cyberdefenses that are largely unsecured."
For example, ISIS last year gained access to the Twitter accounts of U.S. Central Command, O'Brien noted.
"While this was essentially Web vandalism, one can imagine a scenario where instead of posting propaganda pictures, they used their access to begin a more sophisticated, longer-term, and insidious social engineering attack against targets both public and private," he suggested.
Federal prosecutors just last month charged seven Iranians working for two companies sponsored by the Iranian government, ITSECTeam and Mersad, with a series of crimes against U.S. financial institutions that resulted in losses of tens of millions of dollars.
The suspects between 2011 and 2013 allegedly used botnets and other malicious computer code to carry out distributed Denial of Service attacks on nearly 50 financial institutions, preventing victims from gaining online access to their bank accounts.
One of the suspects, Hamid Firoozi, allegedly gained access to the Supervisory Control and Data Acquisition systems of the Bowman Dam in Rye, N.Y., in 2013.
Separately, federal prosecutors last month charged three members of the Syrian Electronic Army, a pro-Assad hacker collective, with spearphishing attacks against U.S. media organizations, a U.S. Marine Corp recruitment site, and the Executive Office of the President.
The Defense Department did not respond to our request to comment for this story.
View Page Here - http://www.technewsworld.com/story/83429.html
The Twenty Critical Security Controls for Cyber Security: Consensus Audit Guidelines
The 20 Critical Security Controls were developed, in the USA, by a consortium led by the Center for Strategic and International Studies (CSI). The history of the Security Controls describes how they have been widely adopted across the US Federal Government as well as by the UK’s CPNI (Centre for Protection of the National Infrastructure). The US State Department claims to have achieved a 94% reduction in ‘measured’ risk through the rigorous adoption of these controls.
The 20 Critical Controls are specifically technical controls; there are a number of additional areas that should also be addressed as part of a robust security posture, including information security policy, physical security, staff training and awareness, organisational structure, documented policies and procedures, and so on. ISO27001 is the best practice international standard for an Information Security Management System that enables organisations to comprehensively secure information – and provide independent assurance that this has been done.
Each of the 20 listed critical controls (all of which can be cross-mapped to controls in Annex A of ISO27001, and thus seamlessly integrated into any ISO27001 ISMS) is supported by detailed implementation, automation, measurement and test/audit guidance which reflects a consensus of multiple security experts on the most effective ways to mitigate the specific attacks which these controls are designed to deal with.
The OWASP Top Ten Project continues to identify and list the Top 10 Web Application vulnerabilities and organisations that operate websites should also ensure that their web applications are, as a minimum, secure against these publicly identified vulnerabilities.
A growing range of software solutions and professional services are available to help organisations implement and audit these controls.
The Twenty Critical Security Controls themselves are published by the CSI and are maintained on the SANS website. Here is the most current version of the 20 Critical Cyber Security Controls.
Move Here - http://www.itgovernance.co.uk/20-critical-controls-consensus-audit-guidelines.aspx