Welcome!

Microsoft Cloud Authors: Pat Romanski, Elizabeth White, Liz McMillan, Mihai Corbuleac, David Bermingham

Blog Feed Post

December Cyber Conflict and Cyber War Link Roundup

By

Happy New Year everyone. Obviously the biggest news in December, 2012, was the CFR hack over the Christmas break. It utilized an IE7 0day. The second biggest newsmaker was the announcement by the DOJ to indict foreign entities for state sponsored attacks. Iran is making claims of another cyber attack akin to Gauss, Flame and Stuxnet.

Hoping everyone has a healthy 2013.

News

Chinese Hackers Suspected in Cyber Attack on Council on Foreign Relations

Computer hackers traced to China carried out an advanced cyberespionage attack against one of America’s most elite foreign policy web groups – the website of the Council on Foreign Relations (CFR).
According to private computer-security forensic specialists, the hacking incident involved a relatively new type of ploy called a ‘drive-by’ website cyber attack that was detected around 2:00 p.m. on Wednesday.

[Ed: The IE 0day has been reportedly seen affecting multiple organizations globally and was quickly incorporated into the attack toolkit Metasploit. A temporary fix is available from Microsoft. The bug affects IE6, IE7 and IE8.]

Russian space research org targeted by mystery malware attack

Security researchers have discovered a targeted attack against Russian hi-tech firm that appears to originate in Korea.
The “Sanny” attack* is malware-based and geared towards stealing login information from Russian telecommunications, information technology and space research organisations. The first stage of the assault features a malicious Russian language MS Word document designed to drop malware onto compromised PCs. This establishes a backdoor on infected machines, establishing a botnet in the process.

DOJ Plans to Indict State-Sponsored Cyber Attackers

In an intriguing push against the ever-increasing number of foreign-governments sponsored cyber attacks against U.S. companies, the U.S. Department of Justice intends to turn to its roots with an old-fashioned tactic that has worked against the mafia, drug traffickers and white collar crime: criminal prosecutions.

Shamoon was an external attack on Saudi oil production

In its first comment on the apparent purpose behind the August Shamoon attack on Aramco, Saudi Arabia said Sunday that it was an external attack not just against Aramco, but against the Saudi economy.

Iran Computers Face Threat from New Targeted Data Wiping Malware

Iranian computers are facing a fresh threat from a newly unleashed “targeted data wiping malware” dubbed as Batchwiper.
Although the virus appears not to be as devastating as the previous ones, it threatens to wipe out the data from the infected computers.
An alert has been issued by Maher, Iran’s Computer Emergency Response Team Coordination Centre (CERTCC), saying the malware is thought to be present in the country’s computers for at least two months.

[India] DRDO to develop OS to strengthen cyber security

Speaking to newsmen on sidelines of NAVCOM-2012′, two-day international conference on Navigation and Communication that began here, Saraswat, Scientific Adviser to Defence Minister, said, “We have already started a major programme and are one-and-half-years into that programme. It (Indian OS) is a major effort requiring large number of software engineers working together.”

Blog & Opinion Piece

The Fog of Cyberwar
Brandon Valeriano and Ryan Maness

Our research shows that although warnings about cyberwarfare have become more severe, the actual magnitude and pace of attacks do not match popular perception. Only 20 of 124 active rivals — defined as the most conflict-prone pairs of states in the system — engaged in cyberconflict between 2001 and 2011. And there were only 95 total cyberattacks among these 20 rivals. The number of observed attacks pales in comparison to other ongoing threats: a state is 600 times more likely to be the target of a terrorist attack than a cyberattack. We used a severity score ranging from five, which is minimal damage, to one, where death occurs as a direct result from cyberwarfare. Of all 95 cyberattacks in our analysis, the highest score — that of Stuxnet and Flame — was only a three.

What to Read on Cybersecurity
By Adam Segal

In August 2012, hackers attacked the networks of Saudi Aramco, destroying data on some 30,000 of the company’s computers. Then in November, Chevron revealed that it had been infected by Stuxnet, the malware the United States and Israel had allegedly designed to slow Iran’s nuclear program. Some U.S. policymakers and analysts have suggested that the attacks originated in Iran as retribution for the sabotage campaign. Those who claimed responsibility said that they are a hacking collective, with no ties to Iran, angry about an anti-Islam film posted on YouTube. The United States’ options for dealing with the breach differ depending on whether the attack on Saudi Aramco was the work of political hackers or state-directed and part of an escalating cyberconflict. Crafting such policy will not be possible without conceptual clarity, and the works below strive to define actors and interests, means and methods in cybersecurity.

Five Trends to Watch for in Chinese Cybersecurity in 2013

With 2012 coming to an end, here are some of the larger trends to watch in Chinese cybersecurity in the upcoming year.

The Pentagon’s Cyberstrategy, One Year Later
William J. Lynn III

More destructive cyberweapons are being created every day, and an increasingly sophisticated technology black market virtually guarantees that they will eventually land in the hands of the United States’ enemies. Robust defenses are no longer a luxury, they are a necessity.

Cyber War and Jus in Bello
by Bhaskar Sharma

This article will focus on the applicability of international humanitarian law (IHL) on cyber network attacks (CNA). It will try to construct the parameters into which CNA can be confined and regulated by laws of armed conflict. In IHL, there is no specific mentioning of CNA per se, but it is increasingly becoming important to look at it from the IHL point of view because of its growing importance in military activities and its potential to gain military advantage in a more cost effective way.

On the Spectrum of Cyberspace Operations
by Gary D. Brown and Owen W. Tullos

When evaluating potential cyber activities, US policymakers have tended to view cyber operations as strictly delineated: offense or defense; espionage or military operations. Reality defies such stark categorization; determining when one type of cyber operation ends and another begins is challenging. Rather than establishing strict categories into which cyber activities are sorted, it may be best to view cyber operations along a spectrum; a proposal for a spectrum of cyber activities is set out later in the paper.

Political Neutrality and National Responsibility in Cyber Conflict
Jason Healey

This Issue Brief discusses neutrality in cyber space, giving an extended example of how different nations become more responsible for attacks on another nation, which illustrates how four criteria (Severity, Obviousness, Stoppability, and Duration) seem to be critical. Last, the brief explores how ‘commercial neutrality’ on the rights and obligations of companies which have built and own most of cyberspace, may be more important than the neutrality of nations.

The Trends in Targeted Attacks of 2012

Throughout 2012, we investigated a variety of targeted attacks including several APT campaigns such as LuckyCat and Ixeshe, as well as updates on some long running campaigns such as Lurid/Enfal and Taidoor. There was a lot of great research within the community related to targeted attacks published this year, and I’ve clustered the research I found to be the most interesting into six themes that I think also encapsulate the trends in targeted attacks of 2012.

Read the original blog entry...

More Stories By Bob Gourley

Bob Gourley writes on enterprise IT. He is a founder and partner at Cognitio Corp and publsher of CTOvision.com

@ThingsExpo Stories
When people aren’t talking about VMs and containers, they’re talking about serverless architecture. Serverless is about no maintenance. It means you are not worried about low-level infrastructural and operational details. An event-driven serverless platform is a great use case for IoT. In his session at @ThingsExpo, Animesh Singh, an STSM and Lead for IBM Cloud Platform and Infrastructure, will detail how to build a distributed serverless, polyglot, microservices framework using open source tec...
IoT offers a value of almost $4 trillion to the manufacturing industry through platforms that can improve margins, optimize operations & drive high performance work teams. By using IoT technologies as a foundation, manufacturing customers are integrating worker safety with manufacturing systems, driving deep collaboration and utilizing analytics to exponentially increased per-unit margins. However, as Benoit Lheureux, the VP for Research at Gartner points out, “IoT project implementers often ...
Basho Technologies has announced the latest release of Basho Riak TS, version 1.3. Riak TS is an enterprise-grade NoSQL database optimized for Internet of Things (IoT). The open source version enables developers to download the software for free and use it in production as well as make contributions to the code and develop applications around Riak TS. Enhancements to Riak TS make it quick, easy and cost-effective to spin up an instance to test new ideas and build IoT applications. In addition to...
Presidio has received the 2015 EMC Partner Services Quality Award from EMC Corporation for achieving outstanding service excellence and customer satisfaction as measured by the EMC Partner Services Quality (PSQ) program. Presidio was also honored as the 2015 EMC Americas Marketing Excellence Partner of the Year and 2015 Mid-Market East Partner of the Year. The EMC PSQ program is a project-specific survey program designed for partners with Service Partner designations to solicit customer feedbac...
In his general session at 18th Cloud Expo, Lee Atchison, Principal Cloud Architect and Advocate at New Relic, discussed cloud as a ‘better data center’ and how it adds new capacity (faster) and improves application availability (redundancy). The cloud is a ‘Dynamic Tool for Dynamic Apps’ and resource allocation is an integral part of your application architecture, so use only the resources you need and allocate /de-allocate resources on the fly.
Machine Learning helps make complex systems more efficient. By applying advanced Machine Learning techniques such as Cognitive Fingerprinting, wind project operators can utilize these tools to learn from collected data, detect regular patterns, and optimize their own operations. In his session at 18th Cloud Expo, Stuart Gillen, Director of Business Development at SparkCognition, discussed how research has demonstrated the value of Machine Learning in delivering next generation analytics to imp...
It is one thing to build single industrial IoT applications, but what will it take to build the Smart Cities and truly society changing applications of the future? The technology won’t be the problem, it will be the number of parties that need to work together and be aligned in their motivation to succeed. In his Day 2 Keynote at @ThingsExpo, Henrik Kenani Dahlgren, Portfolio Marketing Manager at Ericsson, discussed how to plan to cooperate, partner, and form lasting all-star teams to change t...
In his keynote at 18th Cloud Expo, Andrew Keys, Co-Founder of ConsenSys Enterprise, provided an overview of the evolution of the Internet and the Database and the future of their combination – the Blockchain. Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life sett...
There are several IoTs: the Industrial Internet, Consumer Wearables, Wearables and Healthcare, Supply Chains, and the movement toward Smart Grids, Cities, Regions, and Nations. There are competing communications standards every step of the way, a bewildering array of sensors and devices, and an entire world of competing data analytics platforms. To some this appears to be chaos. In this power panel at @ThingsExpo, moderated by Conference Chair Roger Strukhoff, Bradley Holt, Developer Advocate a...
Connected devices and the industrial internet are growing exponentially every year with Cisco expecting 50 billion devices to be in operation by 2020. In this period of growth, location-based insights are becoming invaluable to many businesses as they adopt new connected technologies. Knowing when and where these devices connect from is critical for a number of scenarios in supply chain management, disaster management, emergency response, M2M, location marketing and more. In his session at @Th...
The cloud market growth today is largely in public clouds. While there is a lot of spend in IT departments in virtualization, these aren’t yet translating into a true “cloud” experience within the enterprise. What is stopping the growth of the “private cloud” market? In his general session at 18th Cloud Expo, Nara Rajagopalan, CEO of Accelerite, explored the challenges in deploying, managing, and getting adoption for a private cloud within an enterprise. What are the key differences between wh...
A strange thing is happening along the way to the Internet of Things, namely far too many devices to work with and manage. It has become clear that we'll need much higher efficiency user experiences that can allow us to more easily and scalably work with the thousands of devices that will soon be in each of our lives. Enter the conversational interface revolution, combining bots we can literally talk with, gesture to, and even direct with our thoughts, with embedded artificial intelligence, wh...
Cloud computing is being adopted in one form or another by 94% of enterprises today. Tens of billions of new devices are being connected to The Internet of Things. And Big Data is driving this bus. An exponential increase is expected in the amount of information being processed, managed, analyzed, and acted upon by enterprise IT. This amazing is not part of some distant future - it is happening today. One report shows a 650% increase in enterprise data by 2020. Other estimates are even higher....
SYS-CON Events announced today that Bsquare has been named “Silver Sponsor” of SYS-CON's @ThingsExpo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. For more than two decades, Bsquare has helped its customers extract business value from a broad array of physical assets by making them intelligent, connecting them, and using the data they generate to optimize business processes.
Internet of @ThingsExpo, taking place November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 19th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The Internet of Things (IoT) is the most profound change in personal and enterprise IT since the creation of the Worldwide Web more than 20 years ago. All major researchers estimate there will be tens of billions devices - comp...
19th Cloud Expo, taking place November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy. Meanwhile, 94% of enterpri...
The 19th International Cloud Expo has announced that its Call for Papers is open. Cloud Expo, to be held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, brings together Cloud Computing, Big Data, Internet of Things, DevOps, Digital Transformation, Microservices and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding business opportuni...
Internet of @ThingsExpo, taking place November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with the 19th International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world and ThingsExpo Silicon Valley Call for Papers is now open.
There is little doubt that Big Data solutions will have an increasing role in the Enterprise IT mainstream over time. Big Data at Cloud Expo - to be held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA - has announced its Call for Papers is open. Cloud computing is being adopted in one form or another by 94% of enterprises today. Tens of billions of new devices are being connected to The Internet of Things. And Big Data is driving this bus. An exponential increase is...
Cognitive Computing is becoming the foundation for a new generation of solutions that have the potential to transform business. Unlike traditional approaches to building solutions, a cognitive computing approach allows the data to help determine the way applications are designed. This contrasts with conventional software development that begins with defining logic based on the current way a business operates. In her session at 18th Cloud Expo, Judith S. Hurwitz, President and CEO of Hurwitz & ...