Sources: US decides hacking can be 'act of war' - US news - Security - msnbc.com

Sources: US decides hacking can be 'act of war' - US news - Security - msnbc.com

Crazy Military Tracking Tech, From Super Scents to Quantum Dots | Danger Room | Wired.com

Crazy Military Tracking Tech, From Super Scents to Quantum Dots | Danger Room | Wired.com

Hackers broke into Lockheed Martin networks: source

Other U.S. military contractors' networks also may have been hacked

By Jim Finkle and Andrea Shalal-Esa

updated 5/27/2011 8:18:35 PM ET

BOSTON/WASHINGTON — Unknown hackers have broken into the security networks of Lockheed Martin Corp and several other U.S. military contractors, a source with direct knowledge of the attacks told Reuters.

They breached security systems designed to keep out intruders by creating duplicates to "SecurID" electronic keys from EMC Corp's RSA security division, said the person who was not authorized to publicly discuss the matter.

It was not immediately clear what kind of data, if any, was stolen by the hackers. But the networks of Lockheed and other military contractors contain sensitive data on future weapons systems as well as military technology currently used in battles in Iraq and Afghanistan.

Weapons makers are the latest companies to be breached through sophisticated attacks that have pierced the defenses of huge corporations including Sony, Google Inc and EMC Corp. Security experts say that it is virtually impossible for any company or government agency to build a security network that hackers will be unable to penetrate.

The Pentagon, which has about 85,000 military personnel and civilians working on cybersecurity issues worldwide, said it also uses a limited number of the RSA electronic security keys, but declined to say how many for security reasons.

The hackers learned how to copy the security keys with data stolen from RSA during a sophisticated attack that EMC disclosed in March, according to the source.

EMC declined to comment on the matter, as did executives at major defense contractors.

Rick Moy, president of NSS Labs, an information security company, said the original attack on RSA was likely targeted at its customers, including military, financial, governmental and other organizations with critical intellectual property.

He said the initial RSA attack was followed by malware and phishing campaigns seeking specific data that would link tokens to end-users, which meant the current attacks may have been carried out by the same hackers.

"Given the military targets, and that millions of compromised keys are in circulation, this is not over," he said.

Lockheed, which employs 126,000 people worldwide and had $45.8 billion in revenue last year, said it does not discuss specific threats or responses as a matter of principle, but regularly took actions to counter threats and ensure security.

"We have policies and procedures in place to mitigate the cyber threats to our business, and we remain confident in the integrity of our robust, multi-layered information systems security," said Lockheed spokesman Jeffery Adams.

Executives at General Dynamics Corp ,, Boeing Co , Northrop Grumman Corp, Raytheon Co and other defense companies declined to comment on any security breaches linked to the RSA products.

"We do not comment on whether or not Northrop Grumman is or has been a target for cyber intrusions," said Northrop spokesman Randy Belote.

Actions prevented widespread disruption
Raytheon spokesman Jonathan Kasle said his company took immediate companywide actions in March when incident information was initially provided to RSA customers.

"As a result of these actions, we prevented a widespread disruption of our network," he said.

Boeing spokesman Todd Kelley said his company had a "wide range" of systems in place to detect and prevent intrusions of its networks. "We have a robust computing security team that constantly monitors our network," he said.

Defense contractors' networks contain sensitive data on sophisticated weapons systems, but all classified information is kept on separate, closed networks managed by the U.S. government, said a former senior defense official, who was not authorized to speak on the record.

SecurIDs are widely used electronic keys to computer systems that work using a two-pronged approach to confirming the identity of the person trying to access a computer system. They are designed to thwart hackers who might use key-logging viruses to capture passwords by constantly generating new passwords to enter the system.

The SecurID generates new strings of digits on a minute-by-minute basis that the user must enter along with a secret PIN (personal identification number) before they can access the network. If the user fails to enter the string before it expires, then access is denied.

RSA and other companies have produced a total of about 250 million security tokens, although it is not clear how many are in use worldwide at present, said the former defense official.

The devices provided additional security at a lower cost than biometrics such as fingerprint readers or iris scanning machines, said the official, noting that the RSA incident could increase demand for greater use of biometric devices.

The RSA breach did raise concerns about any security tokens that had been compromised, and EMC now faced tough questions about whether "they can repair that product line or whether they need to ditch it and start over again," he said.

EMC disclosed in March that hackers had broken into its network and stolen some information related to its SecurIDs. It said the information could potentially be used to reduce the effectiveness of those devices in securing customer networks.

EMC said it worked with the Department of Homeland Security to publish a note on the March attack, providing Web addresses to help firms identify where the attack might have come from.

It briefed individual customers on how to secure their systems. In a bid to ensure secrecy, the company required them to sign nondisclosure agreements promising not to discuss the advice that it provided in those sessions, according to two people familiar with the briefings.

China military admits cyberwarfare unit exists - Technology & science - Security - msnbc.com

China military admits cyberwarfare unit exists - Technology & science - Security - msnbc.com



China military admits cyberwarfare unit exists
The government says it exists to protect Chinese networks from attacks
5/26/2011 

The Chinese military has established a cyberwarfare unit to protect Chinese networks from
external attacks, a military spokesperson admitted in a news conference Wednesday.

The elite cyberwarfare unit of the People's Liberation Army (PLA) is called the "Online Blue Army," the
People's Daily Online reported. It is tasked with enhancing Chinese troops' military training and network
security, Ministry of National Defense spokesman Senior Colonel Geng Yansheng said.


"Currently, China's network protection is comparatively weak," Geng said. "Enhancing the informationization level and strengthening network security protection are important components of military training for an army."


China's suspected participation in recent high-profile cyberattacks against, among others, Google, Morgan Stanley and DuPont, however, have security experts doubting the intentions of the PLA's "Blue Army."

George Smith, senior fellow at GlobalSecurity.org, told SecurityNewsDaily the creation of the
elite military unit "offers a resource" for more Chinese-borne cyberattacks. Establishing a
cyberwarfare military unit, Smith added, "provides a piece of convenient rationalization" for other
nations to create similar teams.
Although yesterday's announcement was the first official acknowledgement of the unit, the PLA
Daily revealed that a military "Internet operation team" had conducted exercises in China's Guangzhou
Military Region in late April, Focus Taiwan reported.


During these drills, the teams "launched multiple attacks on imaginary enemies by releasing huge
amounts of useless documents and viruses to try to paralyze the enemies' computer systems and to
steal information from them," according to Focus Taiwan.

Seismologists tried for manslaughter over quake

Seismologists tried for manslaughter over quake

Italian scientists didn't alert public ahead of time, although peers say that's not

possible

By Jeanna Bryner,

5/26/2011

Hundreds attend the state funeral ceremony for v ictims of the April 6, 2009 earthquake, at

piazza d'Armi in L'Aquila, Abruzzo, central Italy.

Earthquake prediction can be a grave, and faulty science, and in the case of Italian

seismologists who are being tried for the manslaughter of the people who died in the

2009 L'Aquila quake, it can have legal consequences.

The group of seven, including six seismologists and a government official, reportedly didn't alert the public ahead of time of the risk of the L'Aquila earthquake, which occurred on April 6 of that year, killing around300 people, according to the U.S. Geological Survey.

But most scientists would agree it's not their fault they couldn't predict the wrath of Mother

Nature."We're not able to predict earthquakes very well at all," John Vidale, a Washington State

seismologist and professor at the University of Washington, told LiveScience.

Even though advances have been made, the day scientists are able to forecast earthquakes

is still "far away," Dimitar Ouzounov, a professor of earth sciences at Chapman University in California, said this month regarding the prediction of the March 11 earthquake in Japan. L'Aquila faults

The decision to try the six members of a committee tasked with determining the risk of

an earthquake in the area (along with a government official) was announced on Wednesday (May 25) by Judge Giuseppe Romano, according to a news article from the American Association for the Advancement of Science.

Some people said the committee should've seen it coming, because of the earthquake swarms that occurred days before the big one struck, Vidale said.

"We get swarms of earthquakes all the time without a big earthquake. There was nothing strange about this swarm to suggest a big earthquake," Vidale said in a telephone

interview.

Regarding the charges against the Italian seismologists, Vidale said "we're offended"

that they are being charged with a crime "for telling the truth." That truth is, he added, there

was nothing to say that the level of danger was enough to warrant any public action.

Talking with Vidale, one gets the impression that predicting an earthquake would take a

miracle, as there are so many unknowns. "One problem is we don't know how much

stress it takes to break a fault," Vidale said. "Second we still don't know how much stress

is down there. All we can do is measure howthe ground is deforming." Not knowing either

of these factors makes it pretty tough to figure out when stresses will get to the point of a

rupture, and an earth-shaking quake, he explained.

To get measurements of the actual stresses, researchers have to drill miles beneath the

surface — an engineering feat on its own — and would only be able to drill a couple places

to put sensors along the fault. (Drilling has been done along the San Andreas fault, but no

one has measured the stress at depth there, Vidale said.)

On top of all that, the L'Aquila region is a particularly complex nut to crack geologically.

While mostly horizontal strike-slip faults, like the San Andreas, are much clearer faults to

analyze, the L'Aquila fault system is complex, with several so-called "normal" faults moving

mostly vertically.

And several tectonic processes are active in the region: The Adria micro-plate is being

subducted under the Apennines from east to west, while at the same time continental

collision is occurring between the Eurasia and Africa plates (responsible for the building of

the Alps).

Digging into the past

With all the downers, earthquake prediction science, it seems, is coming back into fashion

after a lull in the 80s when methods weren't showing any success, Vidale said. The key is

to find some strange phenomenon that occurs before, days before, an earthquake, that

seismologists can recognize. While they haven't found any silver bullet, scientists are digging up data on past earthquakes along fault systems to give them an idea of the probability another will occur.

Even so, probability of an earthquake coming "doesn't help with predictions a day before an

earthquake," Vidale said.

Another method involves detecting evidence of unusual amounts of radon gas in the

atmosphere. Right before an earthquake, the fault may release more gases, including radon.

In fact, Ouzounov and colleagues found such anomalous signatures in the atmosphere

above Japan days before the March 11 quake struck.

No one has ever predicted an earthquake from atmospheric data, and plenty of supposed

earthquake precursors, from weird animal behavior to groundwater flowing the wrong

way, have proven hit-or-miss.

Of the radon gas method, Vidale said, "nowwe're pretty confident that's not reliable."

Follow LiveScience for the latest in science news

5/26/2011

China no threat, Chinese general says on U.S. trip | Reuters

China no threat, Chinese general says on U.S. trip | Reuters

Visegrad: A New European Military Force | STRATFOR

Visegrad: A New European Military Force | STRATFOR

AP IMPACT: China's spying seeks secret US info - San Jose Mercury News

AP IMPACT: China's spying seeks secret US info - San Jose Mercury News

China recruits midwesterner to spy.

Chinese senior military official leaves for U.S. visit

Chinese senior military official leaves for U.S. visit

Pants on fire: Scientifically proven ways to catch a liar

BBC News - Cyber security plan proposed by White House

BBC News - Cyber security plan proposed by White House

Secrets Surface About North Korea's Cyberwar College

SecurityNews Daily Article: Secrets Surface About North Korea's Cyberwar College


May 11, 2011 | 4:27 PM ET | By Matt Liebowitz, SecurityNewsDaily Staff Writer


The inner workings of a secret North Korean cyberwar college in existence for the past 25 years are finally coming to the surface.
ccording to the South Korean newspaper the DailyNK, Mirim College, in a mountainous region of North Korea's capital, Pyongyang, was opened in 1986 by North Korean dictator Kim Jong-il, and in the 25 years since has made it its mission to train about 120 students per year in electronic warfare.
The DailyNK spoke to a North Korean defector, Cheong, who said he is familiar with Mirim, although he did not attend himself. Cheong said basic coursework at Mirim takes five years to complete. Students, who wear the same uniforms as military officials, choose between five departments: electronic engineering, command automation, programming, technical reconnaissance and computer science. The command automation department includes a course, the article said, focused on hacking its southern neighbor, called "South Chosun's Early Warning System and How to Respond to It."  (Chosun is another name for Korea.) In addition to its highly sensitive curriculum, security guards patrol the grounds, and no car is allowed to enter the college unless it's carrying Kim Jong-il. After graduation, students join the People's Armed Forces and are frequently assigned to two electronic warfare brigades.

John Pike, director of GlobalSecurity.org, told Wired that despite North Korea's poverty and isolation, he is not surprised the country would focus so much effort on training cybercrime troops.

"Even if the DPRK (Democratic People's Republic of Korea) can't feed its own people, it's quite capable of developing and using the full spectrum of modern weaponry, including cyber."

Credit: US Army

Image courtesy of SecurityNews Daily.

Crow "spy network"

Visit msnbc.com for breaking news, world news, and news about the economy