French InfoSec

"There is no such thing as cyberwar. It’s covert action."

cybersecurite — Mon, 09 Jul 2012 20:10:59 +0200

“There is no such thing as cyberwar. It’s covert action.”

- General Keith B. Alexander, Commander of U.S. Cyber Command and director of the NSA

Why the U.S. can no longer complain about Chinese cyber attacks

cybersecurite — Mon, 25 Jun 2012 13:32:28 +0200

I read the last book (“Confront and Conceal”) of the New York Times reporter, David Sanger. Actually the chapter 8 only. This famous chapter focuses on “Olympic Games” and reveals that Stuxnet was a part of a one of the most secret program conducted jointly by American and Israeli to cripple Iran’s nuclear progress (and to convince some Israelis that a cyberattack would be smarter than an airstrike). What a surprise…

Source : thedailybeast.com

Stuxnet was a partial success. The cyber attacks were able to delay a year or two of Iran’s nuclear program. But the U.S. did not they open Pandora’s box? With these leaks (probably authorized by the Obama administration), the U.S. officialize their programs of cyber weapons and their cyber attacks. It’s a game-changer. This new context could lead other countries to be less reticent to communicate about the development of their offensive cyber capabilities. And to use it.

Conclusion:

The next time the Chinese are confronted with evidence that they are launching cyberattacks against the US or its allies, Beijing is bound to offer up an easy one-liner: “So? Explain how what we may be doing is different from what you did in Iran.” David Sanger - Confront and Conceal

How a Secret Cyberwar Program Worked

cybersecurite — Mon, 04 Jun 2012 14:47:13 +0200

How a Secret Cyberwar Program Worked

"I’m beginning to wonder what’s going on over at Kaspersky Labs. Eugene Kaspersky has..."

cybersecurite — Mon, 04 Jun 2012 14:27:16 +0200

“

I’m beginning to wonder what’s going on over at Kaspersky Labs. Eugene Kaspersky has begun sounding like Richard Clarke with his warning about mega-cyber disasters during his keynote address at the AUSCERT IT security conference. Then there’s his repeating of the Russian government mantra that a cyber weapons treaty is needed (it’s not). Now Kaspersky Labs has called a virus whose only purpose is to steal data a “cyber weapon”.

Come on, guys. You’ve done some terrific research in the past with DuQu. Now all of a sudden, it seems like you’ve become evangelists for a Russian government strategy to raise the stakes in cyber war rhetoric. Espionage is not warfare and never has been. Hence a tool created solely to conduct cyber espionage cannot also be legitimately called a cyber weapon.

”

- Source : http://jeffreycarr.blogspot.fr/2012/05/kasperskys-problematic-flame-analysis.html

#APT Myths and Challenges

cybersecurite — Mon, 04 Jun 2012 10:31:28 +0200

#APT Myths and Challenges

Richard Clarke's law or cyberwar hype

cybersecurite — Fri, 11 May 2012 16:17:13 +0200

Everybody knows the Godwin’s law: “As an online discussion grows longer, the probability of a comparison involving Nazis or Hitler approaches”.

In cybersecurity or cyberwar scope, I think we can now create a Richard Clarke’s law : “As an cyberattack discussion grow longer, the probability to designate chinese hackers or government as responsible and refer to cyberwar becomes unavoidable”. What do you think about this?

Richard Clarke is a former presidential advisor on cybersecurity. Now he’s the chairman of Good Harbor Consulting, a strategic planning and corporate risk management firm. The favorite Richard Clarke’s topic is cyberwar.

Hype or reality? In his mouth, China is blamed for every cyber attacks against every company in the US. When medias or many cybersecurity “experts” start talking about hacking, China (or Russia sometimes, cyber cold war is back…) is always designated as source of cyber attacks or cyber espionage. And then we got cyberwar mention… Yes China or Russia have offensive cyber capabilities and exploit them daily to launch cyber attacks and spy on us but so do many other countries like USA, Great Britain, Germany, India, Israel (and even France)…

Cyberspace is not in state of war. It’s just the new espionage playground even if the military are interested in very closely.

Remember some Richard Clarke’s declarations:

“I’m about to say something that people think is an exaggeration, but I think the evidence is pretty strong. Every major company in the United States has already been penetrated by China”

If Congress will not act to protect America’s companies from Chinese cyberthreats, President Obama must.

In his 2010 book, Cyber War, former White House counterterrorism czar Richard Clarke invokes the specter of nationwide power blackouts, planes falling out of the sky, trains derailing, refineries burning, pipelines exploding, poisonous gas clouds wafting, and satellites spinning out of orbit — events that would make the 2001 attacks pale in comparison. From Think Again: Cyberwar by Thomas Rid - foreignpolicy.com

No, I don’t like very much Richard Clarke. Why? Because I think the apocalyptic tactic is not the best solution to mitigate cyber threats. To sell fear is good for business and mainly for former government officials (now working in private sector), who expect to profit from cybersecurity boom. Anti-China and cyberwar marketing will not protect American or European critical infrastructures from cyber threats… Cyber attacks are reality but… come on… stop referring to cyberwar every time and start thinking differently about cybersecurity.

Few relevant articles:

This infographic looks at the state of software security in...

cybersecurite — Fri, 11 May 2012 16:00:20 +0200

This infographic looks at the state of software security in public companies, and shows why companies and investors alike should care