Bloggers spreading information the government would like to characterise as misinformation may not be the worst of the Bush administrations problems. You are safest when you know you aren't safe. All the information the government collects and secures with todays technology will sooner or later find itself sitting there with an obsolete security system.
Last week Cyberstorm tested computer defenses.
The Associated Press reported that the attack not only dealt with possible attacks by hackers, but also simulated how to deal with bloggers who were intentionally spreading misinformation about an attack. Participants confirmed parts of the worldwide simulation challenged government officials and industry executives to respond to deliberate misinformation campaigns and activist calls by Internet bloggers, online diarists whose "Web logs" include political rantings and musings about current events.
Hackers know that exploits can take as much advantage from
Social Engineering as from black bag covert incursions or manipulation of a technical environment.
Three of us were involved in the internal test: Kevin, a technician familiar with attacks on Unix and Windows (the company's typical environment); Jeff, who would focus on social engineering and could assist on the technical side; and me. My focus was on the "black bag" aspects of the test--physically going into a high-risk environment to steal information or perform other high-risk tasks to support the espionage operations.
Lets allow the government has reason to be concerned. All that it learns about how to break into systems in order to learn how to make them more secure will eventually diffuse out into the world at large. Its made itself an attractive target by emphasising it is keeping secrets which could embarass it politically.
Is the only way to get at that information for it to come from secret files? It knows better. Most Classified information is just the tip of an iceberg of freely available information.
Lets say an international corporation from say Dubai, is considering buying another international corporation located somewhere in Europe that specializes in dealing with port security in the US.
The buyer wants to know about things like how much the seller has on the books in the way of potential government contracts, and the seller is anxious to make itself look like a good buy. It can tell the buyer what does it have available in the way of cyber surveillance security, infrastructure security, specifications for equipment.
What have they got that's hot, what have they got that candidly is obsolete, and needs to be replaced. All of which information is freely available to people who want to buy and sell things to the government. The government shares its surveillance information with companies that need to know.
Presumably that includes all the data mining info on potential ideological threats that might bribe someone to smuggle something into a port in a container.
FBI says attacks succeeding despite security investments
Despite investing in a variety of security technologies, enterprises continue to suffer network attacks at the hands of malware writers and inside operatives, according to an FBI report released today. Many security incidents continue to go unreported.
The 2005 FBI Computer Crime Survey was taken by 2,066 organizations in Iowa, Nebraska, New York, and Texas late last spring, which survey organizers deemed a good sample of enterprises nationwide. The report is designed to "gain an accurate understanding" of computer security incidents experienced "by the full spectrum of sizes and types of organizations within the United States," the FBI said. The 23-question survey addressed such issues as the computer security technologies enterprises use, what kinds of security incidents they've suffered and what actions they've taken.
The survey is not the same as the CSI/FBI Computer Crime and Security Survey, which has been conducted for several years and has a somewhat different focus, method and restricted number of respondents, the FBI said.
Most attacks simply aren't recognized as attacks. People put card readers on doors and then people politely hold them open for someone coming in right behind them.
People make some floors accesible from an elevator or stairway only by key, but other people sometimes obtain Grand master keys or have the skills to pick locks. Secure doors are wired to fail safe when somebody pulls a fire alarm.
Someone need not obtain access to a secure space they can tap into phone lines cables or wireless remotely and obtain information by packet sniffing. Considerable information is available from phone companies just by asking for it and paying a fee.
Paper medical records are often left out lying on counters and shared with clerks and pharmacies as well as nurses and doctors, but Electronic Medical Records (EMR) are now even less secure being housed in regional servers in relatively insecure remote facilities.