U.S. superiority in network-centric warfighting may be in jeopardy. Join the discussion.

Network-centric Warfare has become the de facto standard for many nations, not just the U.S. Unfortunately, thanks to the exponential growth of global networks and the accompanying security vulnerabilities which seem to be infinite in number, the balance of power is no longer what it used to be and the U.S. cannot be assured of superiority in cyberspace.

Therefore, I think it's time that we had an indepth discussion on exactly how the InfoSec community can play a part in improving U.S. capabilities in Network-centric warfighting and/or U.S. covert actions rather than leaving such discussions solely to the classified world or one dominated by the Defense Industrial Base companies. As a result, I've invited 24 distinguished authorities from the DOD and the infosec world to come to San Diego and spend two days engaging in a discussion that will include the following topics, among others:

• "Operational Anonymity & Misattribution: Why you need it, how they track you, how to do it, how it fails, and best practices" - Lance Cottrell
• "Developing Offensive Cyber Tools, Techniques, and Procedures for Defending Corporate and Government Networks" - George Kurtz, Greg Hoglund, Jim Butterworth
• "Is there a place on Special Operations teams for Cyber or Information Warfare specialists?" - Thomas Dzieran, Rob DuBois, Jim Butterworth
• "Vulnerability Disclosure and ‘Cyberwar’: The Cost of Offensive Cyber Weapons" - Ryan Ellis
• Q&A with Kenneth Geers, Ph.D., Technical expert for the Tallinn Manual on the International Law applicable to Cyber Warfare
• "The Georgian Government’s cyber operation against internal political opponents" - Paul Joyal
• "The importance of international collaboration in identifying and interdicting non-state hacker groups" - Sanjay Virmani, Kenneth Geers, Michael Jaeger, Christopher Burgess
• "Projecting Geopolitically Relevant Cyber Hot-Spots" - Ali-Reza Anghaie
• "Threat Intelligence for the Enterprise on a Shoe-string Budget" - Shane MacDougall
• "Can big data and small incident response teams scale down to small and medium-sized businesses?" Steven Cobb
• "Advanced Technologies for Detecting the Insider Threat" - John Sipple
• "The State of National Cyber Intelligence" - Troy Townsend and Jay McAllister
• "All-Source Intelligence Shapes the Future of Security Operations Actions" - (to be announced)

I want to stress that while Suits and Spooks is a conference, it's not like any conference that you've attended before. We actually do have discussions because the speaker to attendee ratio is an unheard-of 1:4 or less. If you don't believe me, check out our testimonials page or ask anyone who's been to our past events.

Here's who you'll get to meet if you attend SNS La Jolla:

• Ali-Reza Anghaie: contract Security Engineer and Senior Analyst with Wikistrat
• David Burcham: President and CEO, VendorX
• Christopher Burgess: Sr. Security Consultant with Fortune 50 experience; retired national intelligence executive CIA
• Stephen Cobb: Security evangelist, ESET North America
• Chris Coleman: Vice President, LookingGlass Cyber Solutions
• Lance Cottrell: Founder / Chief Scientist of Anonymizer Inc., Chief Scientist of Ntrepid Corp.
• Robert DuBois: retired U.S. Navy SEAL, an international authority on Smart Power and the author of "Powerful Peace: A Navy SEAL's lessons on peace from a lifetime at war"
• Thomas Dzieran: retired U.S. Navy SEAL and software engineer
• Kenneth Geers, Ph.D.: U.S. Naval Criminal Investigative Service (NCIS) Cyber Subject Matter Expert
• Will Gragido: Senior Manager, RSA FirstWatch Threat Research
• Greg Hogland: Independent expert in offensive cyber strategies and tactics; former Vice President at Mantech and founder/CEO of HB Gary.
• Michael J. Jaeger (CAPT, USN): An active duty officer with the U.S. Navy Judge Advocate General's Corps
• Paul Joyal: Managing Director, NSI; Public Safety and Homeland Security Sector
• George Kurtz: Co-founder, President and CEO of Crowdstrike
• Rafal Los: Principal, Strategic Security Services, HP ESS
• Shane MacDougall: Co-founder Tactical Intelligence
• Jay McAllister: Senior Analyst, Software Engineering Institute, Carnegie Mellon University; formerly with NCIS
• Jeffrey McNeill, Ph.D.: Cyberspace Policy Analyst, STRATCOM
• John Pirc: Director, Security Intelligence, HP Security Research
• Billy Rios: Technical Director at Cylance, Inc.
• Andy Singer (USN RADM ret): Defense Intelligence Senior Leader; Deputy Director for Information Dominance Advocacy (OPNAV N2/N6)
• John Sipple: USN LT, AFRICOM J2 0166, IDC Region Wash DC
• Troy Townsend: Senior Analyst, Software Engineering Institute, Carnegie Mellon University; formerly with DIA and CYBERCOM
• Sanjay Virmani: Director, INTERPOL Digital Crime Centre; Supervisory Special Agent, FBI

Please help spread the word about this exciting and important event and join us in beautiful La Jolla on June 15-16. Register today.

Add to Cart View detail

Josh Corman at Suits and Spooks LA: Adapting to the Age of Anonymous

Joshua Corman

I'm very pleased to announce that one of the most respected names and original thinkers in the InfoSec world will be speaking at Suits and Spooks LA on June 29th - Joshua Corman, the Director for Security Intelligence at Akamai Technologies. His topic will be "The Rise of the Chaotic Actor: Adapting to the Age of Anonymous".

Abstract:  "One can't go a week these days without hearing or talking about what Anonymous just did - or what they're planning to do next. While some see these chaotic actors like Anon, LulzSec, and derivatives, as Chaotic Good like Robin Hood... other see these actors as Chaotic Evil like the Joker (see also http://www.csoonline.com/article/682511/the-rise-of-the-chaotic-actor-understanding-anonymous-and-ourselves ). Most of the veterans in the IT Security community have sustained a cognitive dissonance about them. At DEFCON 19, a few of us confronted the issue (and active participants). We found that much of the narrative in the press fails to understand their varied motives, permutations, and evolutions of these pockets of chaotic actors. We also saw the groups are experiencing some of the growing pains and complications we expected them to (and some we didn't) as this saga unfolds. Regardless of our understanding, Chaotic Actors are here to stay - and we must better understand the implications of these powerful factors. Every action has reaction, so we must be conscientious and deliberate about how we adapt to the age of Anonymous."

"Together we'll frame some of the timeline and facts behind this Renaissance of Hacktivitism. We'll get specific about some of the incidents, outcomes, victims and collateral damage left in the wake of those attacks. We'll build upon the insights, discussion, and debates from our DEFCON "Whoever Fights Monsters" panel (including our exchanges on "Building a Better Anonymous"). We'll outline the white paper the panelists crafted post-DEFCON. Last, we'll explore how organizations can intelligently adjust their threat models and risk postures in the face of this developing reality."

Besides Josh, our speakers include Rob DuBois (retired Navy SEAL), former CIA Chief Targeting Officer Nada Bakos, former FBI Supervisory Special Agent Jason Smolanoff, China intelligence analyst Matt Brazil, and more. The complete speaker list and agenda can be found here. The link to register is below. Be sure to click an arrow to see if any of the pricing options apply to you.

Options

Standard Registration$325.00 USD Pacific Council and InfraGuard$275.00 USD Government$250.00 USD Academia$195.00 USD

Add to Cart View detail

Who Will You Meet At Suits and Spooks LA?

The most exciting part of a Suits and Spooks anti-conference isn't listening to our accomplished and fascinating speakers. It's meeting the other attendees. At last February's DC event, attendees included the founder of GreenPeace and an individual who was almost killed by a Russian assassin involved in the Alexander Litvenenko poisoning. In Los Angeles, attendees will include a career Mossad agent, a C-level executive from a major studio, a hacker that used to work for the IDF, and the creator of numerous "spy" TV shows and movies. Since attendance is usually less than 100 people, you get to spend a lot of time interacting not only with some truly fascinating people but with the speakers as well including retired Navy SEAL Rob DuBois, George Clooney and John Prendergast's Satellite Sentinel Project spokesman Jonathan Hutson, former FBI SSA Jason Smolanoff, China expert Matt Brazil, two former CIA intelligence officers Lisa Chambers and Nada Bakos, Doug Wilson of Mandiant and Jim Hake, the founder and CEO of Spirit of America. You'll also enjoy a lunch prepared by the Bel Air Bay Club chef in a beautiful space overlooking the Pacific ocean; definitely NOT conference cuisine.

Don't miss out or wind up paying more because you didn't get your registration in on time.. The early bird discount for our Los Angeles event is ending on June 1st so get your registration in early and be a part of a truly unique security event.

Add to Cart View detail

A History of Google's Government Sales

After reading Noah Shachtman's article at Danger Room "Google Adds (Even More) Links to the Pentagon", I was curious about the scope of Google's (NASDAQ:GOOG) government sales so I used the FFATA Search Portal and plugged Google's name into the search field. The results were surprising. The largest number of sales by far is with the Department of Defense (264); which is about two and a half times more than NASA who's in 2nd place with 104 sales. Here's the Top Ten search results:

• Defense, Dept of (264)
• NASA (104)
• Justice, Dept of (75)
• State, Dept of (68)
• Treasury, Dept of the (44)
• Health and Human Services, Dept of (43)
• Interior, Dept of (42)
• Agriculture, Dept of (41)
• Commerce, Dept of (40)
• Transportation, Dept of (37)

Sales within the Department of Defense are to:

• Army (130)
• Air Force (50)
• Navy (44)
• Defense Information Systems Agency (10)
• Defense Logistics Agency (8)
• U.S. Special Operations Command (6)
• Defense Contract Management Agency (5)
• Uniformed Services: University of the Health Sciences (3)
• Defense Threat Reduction Agency (3)
• Defense Media Center (2)

Sales with the Department of Justice are to:

• Drug Enforcement Administration (45)
• Federal Bureau of Investigation (8)
• Offices, Boards, and Divisions (7)
• Office of Justice Programs (6)
• Federal Prison System (6)
• U.S. Marshalls Service (2)
• ATF Acquisition and Property Management Div (1)

To be fair, every technology company sells to the government and compared to Microsoft and Apple the above numbers are pretty low, but since Google is more intimately connected with our search habits and email content (for advertising) than anyone else, these statistics still make me a little uncomfortable.

Related:
The Google-Clinton-China Martini with a Cyber War Twist

Add to Cart View detail

Latest FBI Statement On Alleged Illinois Water Company Attack

I just received the following update on the alleged Illinois Water Company attack that was released to the media by Joe Weiss. It appears to be a case of jumping too quickly to a conclusion with little to no corroborating evidence. I have an article coming out today for Slate on this issue but here's the ICS-CERT/FBI UPDATE in full:

After detailed analysis, DHS and the FBI have found no evidence of a cyber intrusion into the SCADA system of the Curran-Gardner Public Water District in Springfield, Illinois.

There is no evidence to support claims made in the initial Fusion Center report - which was based on raw, unconfirmed data and subsequently leaked to the media - that any credentials were stolen, or that the vendor was involved in any malicious activity that led to a pump failure at the water plant.  In addition, DHS and FBI have concluded that there was no malicious traffic from Russia or any foreign entities, as previously reported.

Analysis of the incident is ongoing and additional relevant information will be released as it becomes available.

Add to Cart View detail

LulzSec Snitch Claims To Be TeaMp0isoN Member. Oops.

Mike Major Jr of Halethorpe, MD claims to be a greyhat hacker who "does whatever feels right at the time". Major and his friend m_nerva leaked LulzSec chatroom logs which have helped authorities identify some of LulzSec's key members. Major (aka hann) told his story to Bruce Goldfarb and according to the Patch.com article claimed to be part of Team Poison (TeaMp0ison); a hacker crew who attacked LulzSec for being nothing more than script kiddies. Major's comments in the article didn't ring true to me, particularly after I had read a June 25th article in  The Independent which featured an interview with a disguised member of the TeaMp0isoN hacker crew named TriCk.

TriCk is a practicing Muslim who "don't (sic) fear MI5, the FBI, or the CIA." "I class them as thugs and criminals", said TriCk. "I only fear God." TriCk said that TeaMp0isoN had a total of 3 members who only knew each other online for the past 5 years. Last December, according to TriCk they dumped the web servers of the English Defence League and published its membership list and defaced the website of Indian politician Rahul Gandhi.

A search of the Zone-H.org archives returns 1,418 notifications so this is an active team. One recent defacement was of sven_slootweg.nl with credit taken by TriCk and In^SaNe, and "greetz" to Hex00010, d0ped, ZHC, Steem, MLT, BxR, and BlackHaker. Another defacement by TeaMp0isoN in June 2010 against Poland's Department of Defense website lists 3 TeaMp0isoN members: TriCk aka Saywhat?, Luit, and Hex00010 with "greetz" to ZHC, Spider, TaZii, Code5, f0rsaken, Muneeb, PAKBugs, null, d0ped, and RoCkBomB. In other words, there are three members to this crew and none of them are "hann" or his friend "m_nerva".

LulzSec called out m_nerva and hann back on June 22 as snitches and posted their personal information at Pastebin. m_nerva apparently just had a visit from the FBI. Now that Mike Major Jr has falsely claimed credit for being a part of TeaMp0isoN, he's not only a rat but a poser; two qualities that serious hackers just love.

Add to Cart View detail

The Rapid Rise and Fall of LulzSec

This is more of a prediction than a statement of fact but I feel pretty confident in saying that LulzSec won't be around for much longer. Anonymous may still avoid LulzSec's fate depending on whether they decide to abandon the AntiSec movement and stay focused on battling repressive regimes like they did with Tunisia, but they only have a small window of time to make that decision.

The reason why I'm making this prediction is because of today's New York Times article on the take-down of DigitalOne.com by the FBI. That's bad enough but it's not why LulzSec is screwed. They're screwed because the U.S. Intelligence Community has learned how to collaborate. It's taken them years but the historical animosity between CIA, FBI, and NSA has just recently diminished to the point where they are now able to work together better than ever before. And lucky LulzSec, they're all focused on you right now.

Now you might not be too worried about the FBI considering the state of their InfraGuard sites in Atlanta and Connecticut, and you might even be naive enough to believe that crashing the CIA's public website means you have nothing to fear from them either. Frankly speaking, if that's true - you couldn't be more wrong. Unlike the FBI and your local police, CIA isn't constrained by the same rules. It has resources that other agencies salivate after, including its own Army, Navy, and Air Force. It's people love what they do so much that even after they retire they stay in the game. And while Anonymous likes to say that they never forget, the Agency has a well-deserved reputation of getting even with anyone who fucks with them. You, apparently, have made that very unfortunate list. If you guys make it to Labor Day without either getting arrested, disappearing, or self-destructing, I'll be very surprised. Either way, you'll be featured in the new edition of my book for sure.

UPDATE: (25 Jun 2011) LulzSec announces it has ended operations via a post at Pastebin:

1. Friends around the globe,
3. We are Lulz Security, and this is our final release, as today marks something meaningful to us. 50 days ago, we set sail with our humble ship on an uneasy and brutal ocean: the Internet. The hate machine, the love machine, the machine powered by many machines. We are all part of it, helping it grow, and helping it grow on us.
5. For the past 50 days we've been disrupting and exposing corporations, governments, often the general population itself, and quite possibly everything in between, just because we could. All to selflessly entertain others - vanity, fame, recognition, all of these things are shadowed by our desire for that which we all love. The raw, uninterrupted, chaotic thrill of entertainment and anarchy. It's what we all crave, even the seemingly lifeless politicians and emotionless, middle-aged self-titled failures. You are not failures. You have not blown away. You can get what you want and you are worth having it, believe in yourself.
7. While we are responsible for everything that The Lulz Boat is, we are not tied to this identity permanently. Behind this jolly visage of rainbows and top hats, we are people. People with a preference for music, a preference for food; we have varying taste in clothes and television, we are just like you. Even Hitler and Osama Bin Laden had these unique variations and style, and isn't that interesting to know? The mediocre painter turned supervillain liked cats more than we did.
9. Again, behind the mask, behind the insanity and mayhem, we truly believe in the AntiSec movement. We believe in it so strongly that we brought it back, much to the dismay of those looking for more anarchic lulz. We hope, wish, even beg, that the movement manifests itself into a revolution that can continue on without us. The support we've gathered for it in such a short space of time is truly overwhelming, and not to mention humbling. Please don't stop. Together, united, we can stomp down our common oppressors and imbue ourselves with the power and freedom we deserve.
11. So with those last thoughts, it's time to say bon voyage. Our planned 50 day cruise has expired, and we must now sail into the distance, leaving behind - we hope - inspiration, fear, denial, happiness, approval, disapproval, mockery, embarrassment, thoughtfulness, jealousy, hate, even love. If anything, we hope we had a microscopic impact on someone, somewhere. Anywhere.
13. Thank you for sailing with us. The breeze is fresh and the sun is setting, so now we head for the horizon.
15. Let it flow...
17. Lulz Security - our crew of six wishes you a happy 2011, and a shout-out to all of our battlefleet members and supporters across the globe

Add to Cart View detail