Cyber Warriors and Search
June 29, 2010
Booz, Allen – the outfit where I worked after my years at Halliburton NUS (Nuclear Utility Services) – has been booking business big time in Washington, DC. I have heard that Booz, Allen has been explaining the challenges of cyber warfare. Now this is not a new topic. A number of analysts have pointed out that systems connected to a public network can be compromised by a range of methods. I recall hearing a lecture by Winn Schwartau a number of years ago. Now the blue chip crowd has caught up with Mr. Schwartau, the author of Information Warfare, and some of his ideas which date from the late 1990s.
One azure chip consulting firm advocated slashing security budgets. I wrote about that odd approach at a time of risk in “Cut That Security Budget, Says Azure Chip Consultancy.” I know about marching out of step, but it is a good idea to be on the same parade ground.
I received an email from one of my two or three readers pointing me the online defense magazine, Defense Update. The April story “Hackers, Terrorists or Cyber Warriors?” is an interesting one. The key idea is that “cyber warfare is here and now.” In that write up are some useful ideas and facts. For me, the key passage was:
Shai Blitzbau, technical director at Magelan information defense and intelligence services describes typical attacks simulated by his company, providing threat assessment audit for government, security and commercial organizations. In recent exercises Magelan performed a threat simulation, that targeted an essential national infrastructure network responsible for the production and distribution of a vital product, considered as basic necessity for the entire population. The simulation demonstrated how, after 96 hour preparation, the team could bring a network, producing and distributing critical goods to a standstill, and keep it idle for at least two weeks. The aggressor team that started with zero access to, or knowledge of the target, managed to study the target, write malicious code, penetrate the network and execute his attack in less than four days.
I wanted to point out that there are extremely fast, effective search systems that can index and make searchable content “sucked” out of a secure system. You can learn about the Gaviri pocket search technology at www.gaviri.com.
Search is one component in the warrior’s arsenal. Booz, Allen is right in forcing governmental entities to be aware of risks. Within the last 14 days, I have been in a facility. I had in my back pocket a small USB drive equipped with a “pocket search” technology. The screening did not flag this device. I did not realize I had the USB in my pocket until I emptied my pockets at the hotel after the meeting.
The blue chip crowd is correct in focusing attention on cyber warfare. Slashing security budgets is ill considered in my opinion.
Stephen E Arnold, June 29, 2010
Freebie