Welcome!

Microsoft Cloud Authors: Liz McMillan, David H Deans, Automic Blog, Pat Romanski, Janakiram MSV

Blog Feed Post

December Cyber Conflict and Cyber War Link Roundup

By

Happy New Year everyone. Obviously the biggest news in December, 2012, was the CFR hack over the Christmas break. It utilized an IE7 0day. The second biggest newsmaker was the announcement by the DOJ to indict foreign entities for state sponsored attacks. Iran is making claims of another cyber attack akin to Gauss, Flame and Stuxnet.

Hoping everyone has a healthy 2013.

News

Chinese Hackers Suspected in Cyber Attack on Council on Foreign Relations

Computer hackers traced to China carried out an advanced cyberespionage attack against one of America’s most elite foreign policy web groups – the website of the Council on Foreign Relations (CFR).
According to private computer-security forensic specialists, the hacking incident involved a relatively new type of ploy called a ‘drive-by’ website cyber attack that was detected around 2:00 p.m. on Wednesday.

[Ed: The IE 0day has been reportedly seen affecting multiple organizations globally and was quickly incorporated into the attack toolkit Metasploit. A temporary fix is available from Microsoft. The bug affects IE6, IE7 and IE8.]

Russian space research org targeted by mystery malware attack

Security researchers have discovered a targeted attack against Russian hi-tech firm that appears to originate in Korea.
The “Sanny” attack* is malware-based and geared towards stealing login information from Russian telecommunications, information technology and space research organisations. The first stage of the assault features a malicious Russian language MS Word document designed to drop malware onto compromised PCs. This establishes a backdoor on infected machines, establishing a botnet in the process.

DOJ Plans to Indict State-Sponsored Cyber Attackers

In an intriguing push against the ever-increasing number of foreign-governments sponsored cyber attacks against U.S. companies, the U.S. Department of Justice intends to turn to its roots with an old-fashioned tactic that has worked against the mafia, drug traffickers and white collar crime: criminal prosecutions.

Shamoon was an external attack on Saudi oil production

In its first comment on the apparent purpose behind the August Shamoon attack on Aramco, Saudi Arabia said Sunday that it was an external attack not just against Aramco, but against the Saudi economy.

Iran Computers Face Threat from New Targeted Data Wiping Malware

Iranian computers are facing a fresh threat from a newly unleashed “targeted data wiping malware” dubbed as Batchwiper.
Although the virus appears not to be as devastating as the previous ones, it threatens to wipe out the data from the infected computers.
An alert has been issued by Maher, Iran’s Computer Emergency Response Team Coordination Centre (CERTCC), saying the malware is thought to be present in the country’s computers for at least two months.

[India] DRDO to develop OS to strengthen cyber security

Speaking to newsmen on sidelines of NAVCOM-2012′, two-day international conference on Navigation and Communication that began here, Saraswat, Scientific Adviser to Defence Minister, said, “We have already started a major programme and are one-and-half-years into that programme. It (Indian OS) is a major effort requiring large number of software engineers working together.”

Blog & Opinion Piece

The Fog of Cyberwar
Brandon Valeriano and Ryan Maness

Our research shows that although warnings about cyberwarfare have become more severe, the actual magnitude and pace of attacks do not match popular perception. Only 20 of 124 active rivals — defined as the most conflict-prone pairs of states in the system — engaged in cyberconflict between 2001 and 2011. And there were only 95 total cyberattacks among these 20 rivals. The number of observed attacks pales in comparison to other ongoing threats: a state is 600 times more likely to be the target of a terrorist attack than a cyberattack. We used a severity score ranging from five, which is minimal damage, to one, where death occurs as a direct result from cyberwarfare. Of all 95 cyberattacks in our analysis, the highest score — that of Stuxnet and Flame — was only a three.

What to Read on Cybersecurity
By Adam Segal

In August 2012, hackers attacked the networks of Saudi Aramco, destroying data on some 30,000 of the company’s computers. Then in November, Chevron revealed that it had been infected by Stuxnet, the malware the United States and Israel had allegedly designed to slow Iran’s nuclear program. Some U.S. policymakers and analysts have suggested that the attacks originated in Iran as retribution for the sabotage campaign. Those who claimed responsibility said that they are a hacking collective, with no ties to Iran, angry about an anti-Islam film posted on YouTube. The United States’ options for dealing with the breach differ depending on whether the attack on Saudi Aramco was the work of political hackers or state-directed and part of an escalating cyberconflict. Crafting such policy will not be possible without conceptual clarity, and the works below strive to define actors and interests, means and methods in cybersecurity.

Five Trends to Watch for in Chinese Cybersecurity in 2013

With 2012 coming to an end, here are some of the larger trends to watch in Chinese cybersecurity in the upcoming year.

The Pentagon’s Cyberstrategy, One Year Later
William J. Lynn III

More destructive cyberweapons are being created every day, and an increasingly sophisticated technology black market virtually guarantees that they will eventually land in the hands of the United States’ enemies. Robust defenses are no longer a luxury, they are a necessity.

Cyber War and Jus in Bello
by Bhaskar Sharma

This article will focus on the applicability of international humanitarian law (IHL) on cyber network attacks (CNA). It will try to construct the parameters into which CNA can be confined and regulated by laws of armed conflict. In IHL, there is no specific mentioning of CNA per se, but it is increasingly becoming important to look at it from the IHL point of view because of its growing importance in military activities and its potential to gain military advantage in a more cost effective way.

On the Spectrum of Cyberspace Operations
by Gary D. Brown and Owen W. Tullos

When evaluating potential cyber activities, US policymakers have tended to view cyber operations as strictly delineated: offense or defense; espionage or military operations. Reality defies such stark categorization; determining when one type of cyber operation ends and another begins is challenging. Rather than establishing strict categories into which cyber activities are sorted, it may be best to view cyber operations along a spectrum; a proposal for a spectrum of cyber activities is set out later in the paper.

Political Neutrality and National Responsibility in Cyber Conflict
Jason Healey

This Issue Brief discusses neutrality in cyber space, giving an extended example of how different nations become more responsible for attacks on another nation, which illustrates how four criteria (Severity, Obviousness, Stoppability, and Duration) seem to be critical. Last, the brief explores how ‘commercial neutrality’ on the rights and obligations of companies which have built and own most of cyberspace, may be more important than the neutrality of nations.

The Trends in Targeted Attacks of 2012

Throughout 2012, we investigated a variety of targeted attacks including several APT campaigns such as LuckyCat and Ixeshe, as well as updates on some long running campaigns such as Lurid/Enfal and Taidoor. There was a lot of great research within the community related to targeted attacks published this year, and I’ve clustered the research I found to be the most interesting into six themes that I think also encapsulate the trends in targeted attacks of 2012.

Read the original blog entry...

More Stories By Bob Gourley

Bob Gourley writes on enterprise IT. He is a founder and partner at Cognitio Corp and publsher of CTOvision.com

@ThingsExpo Stories
Microservices are a very exciting architectural approach that many organizations are looking to as a way to accelerate innovation. Microservices promise to allow teams to move away from monolithic "ball of mud" systems, but the reality is that, in the vast majority of organizations, different projects and technologies will continue to be developed at different speeds. How to handle the dependencies between these disparate systems with different iteration cycles? Consider the "canoncial problem" ...
The Internet of Things is clearly many things: data collection and analytics, wearables, Smart Grids and Smart Cities, the Industrial Internet, and more. Cool platforms like Arduino, Raspberry Pi, Intel's Galileo and Edison, and a diverse world of sensors are making the IoT a great toy box for developers in all these areas. In this Power Panel at @ThingsExpo, moderated by Conference Chair Roger Strukhoff, panelists discussed what things are the most important, which will have the most profound e...
Keeping pace with advancements in software delivery processes and tooling is taxing even for the most proficient organizations. Point tools, platforms, open source and the increasing adoption of private and public cloud services requires strong engineering rigor - all in the face of developer demands to use the tools of choice. As Agile has settled in as a mainstream practice, now DevOps has emerged as the next wave to improve software delivery speed and output. To make DevOps work, organization...
My team embarked on building a data lake for our sales and marketing data to better understand customer journeys. This required building a hybrid data pipeline to connect our cloud CRM with the new Hadoop Data Lake. One challenge is that IT was not in a position to provide support until we proved value and marketing did not have the experience, so we embarked on the journey ourselves within the product marketing team for our line of business within Progress. In his session at @BigDataExpo, Sum...
Web Real-Time Communication APIs have quickly revolutionized what browsers are capable of. In addition to video and audio streams, we can now bi-directionally send arbitrary data over WebRTC's PeerConnection Data Channels. With the advent of Progressive Web Apps and new hardware APIs such as WebBluetooh and WebUSB, we can finally enable users to stitch together the Internet of Things directly from their browsers while communicating privately and securely in a decentralized way.
DevOps is often described as a combination of technology and culture. Without both, DevOps isn't complete. However, applying the culture to outdated technology is a recipe for disaster; as response times grow and connections between teams are delayed by technology, the culture will die. A Nutanix Enterprise Cloud has many benefits that provide the needed base for a true DevOps paradigm.
What sort of WebRTC based applications can we expect to see over the next year and beyond? One way to predict development trends is to see what sorts of applications startups are building. In his session at @ThingsExpo, Arin Sime, founder of WebRTC.ventures, will discuss the current and likely future trends in WebRTC application development based on real requests for custom applications from real customers, as well as other public sources of information,
In his General Session at 17th Cloud Expo, Bruce Swann, Senior Product Marketing Manager for Adobe Campaign, explored the key ingredients of cross-channel marketing in a digital world. Learn how the Adobe Marketing Cloud can help marketers embrace opportunities for personalized, relevant and real-time customer engagement across offline (direct mail, point of sale, call center) and digital (email, website, SMS, mobile apps, social networks, connected objects).
With the introduction of IoT and Smart Living in every aspect of our lives, one question has become relevant: What are the security implications? To answer this, first we have to look and explore the security models of the technologies that IoT is founded upon. In his session at @ThingsExpo, Nevi Kaja, a Research Engineer at Ford Motor Company, will discuss some of the security challenges of the IoT infrastructure and relate how these aspects impact Smart Living. The material will be delivered i...
"My role is working with customers, helping them go through this digital transformation. I spend a lot of time talking to banks, big industries, manufacturers working through how they are integrating and transforming their IT platforms and moving them forward," explained William Morrish, General Manager Product Sales at Interoute, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
SYS-CON Events announced today that Ocean9will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Ocean9 provides cloud services for Backup, Disaster Recovery (DRaaS) and instant Innovation, and redefines enterprise infrastructure with its cloud native subscription offerings for mission critical SAP workloads.
Your homes and cars can be automated and self-serviced. Why can't your storage? From simply asking questions to analyze and troubleshoot your infrastructure, to provisioning storage with snapshots, recovery and replication, your wildest sci-fi dream has come true. In his session at @DevOpsSummit at 20th Cloud Expo, Dan Florea, Director of Product Management at Tintri, will provide a ChatOps demo where you can talk to your storage and manage it from anywhere, through Slack and similar services ...
In his session at @ThingsExpo, Eric Lachapelle, CEO of the Professional Evaluation and Certification Board (PECB), will provide an overview of various initiatives to certifiy the security of connected devices and future trends in ensuring public trust of IoT. Eric Lachapelle is the Chief Executive Officer of the Professional Evaluation and Certification Board (PECB), an international certification body. His role is to help companies and individuals to achieve professional, accredited and worldw...
SYS-CON Events announced today that Linux Academy, the foremost online Linux and cloud training platform and community, will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Linux Academy was founded on the belief that providing high-quality, in-depth training should be available at an affordable price. Industry leaders in quality training, provided services, and student certification passes, its goal is to c...
"delaPlex is a software development company. We do team-based outsourcing development," explained Mark Rivers, COO and Co-founder of delaPlex Software, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
SYS-CON Events announced today that SoftLayer, an IBM Company, has been named “Gold Sponsor” of SYS-CON's 18th Cloud Expo, which will take place on June 7-9, 2016, at the Javits Center in New York, New York. SoftLayer, an IBM Company, provides cloud infrastructure as a service from a growing number of data centers and network points of presence around the world. SoftLayer’s customers range from Web startups to global enterprises.
SYS-CON Events announced today that Technologic Systems Inc., an embedded systems solutions company, will exhibit at SYS-CON's @ThingsExpo, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Technologic Systems is an embedded systems company with headquarters in Fountain Hills, Arizona. They have been in business for 32 years, helping more than 8,000 OEM customers and building over a hundred COTS products that have never been discontinued. Technologic Systems’ pr...
SYS-CON Events announced today that CA Technologies has been named “Platinum Sponsor” of SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY, and the 21st International Cloud Expo®, which will take place October 31-November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. CA Technologies helps customers succeed in a future where every business – from apparel to energy – is being rewritten by software. From ...
In his keynote at @ThingsExpo, Chris Matthieu, Director of IoT Engineering at Citrix and co-founder and CTO of Octoblu, focused on building an IoT platform and company. He provided a behind-the-scenes look at Octoblu’s platform, business, and pivots along the way (including the Citrix acquisition of Octoblu).
SYS-CON Events announced today that Loom Systems will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Founded in 2015, Loom Systems delivers an advanced AI solution to predict and prevent problems in the digital business. Loom stands alone in the industry as an AI analysis platform requiring no prior math knowledge from operators, leveraging the existing staff to succeed in the digital era. With offices in S...