cyber threats

Here Comes the Cyber Cold War, spies declare eagerly
By Bruce Sterling December 11, 2007 4:18:17 AM
(((Or the "Cold CyberWar," as terminology differs.)))
Subject: SANS NewsBites Vol. 9 Num. 95 (((Gotta love these guys, they're my favorites)))
Date: December 4, 2007 8:54:40 PM GMT+01:00
"The first story in this issue provides very strong evidence that many more organizations are direct targets of nation-state cyber attacks aimed at economic espionage: law firms, smaller businesses and more as well as the big banks and industrial companies. The TimesOnline story provides excellent coverage of the letter sent to 300 CEOs by the head of MI5 (the spymaster known as "M" to James Bond fans.)
"And a similar wake-up call in the US: All across Washington DC, senior government and contractor officials are reacting with shock to the revelation that their systems have been deeply penetrated and taken over by unauthorized users who are stealing enormous amounts of sensitive data. Most of the penetrations were done through spear phishing emails with infected attachments or with urls that took victims to web sites where their systems were infected.
(((That doesn't sound very "Chinese" to me. Sounds very RBN "Russian Business Network," an outlook who, it is claimed, recently rel-located their services to Chinese machines. They're the blackest of black globalizers, and if anybody can spearphish a gullible fed, it's these guys.)))
(((Guys who are employed by nation-states always wanna go fight a nation-state. Condemning China because of the depredations of the RBN is like invading Iraq to defeat Al Qaeda.)))
"Now a new attack vector is being used increasingly against federal sites: direct attacks against federal web sites and commercial web sites. Apparently most developers that create web sites and other applications have had no intense training in secure coding, and they do not know what they don't know. If you would like to know whether your developers have good secure coding skill (in C or Java) there's a free assessment they can use next week in Washington, DC . (It will cost $250 after January 1). If you have developers who would like to know where their security knowledge gaps are, write me at apaller@sans.org.
(((Are you a fed? You should listen to these guys.)))
TOP OF THE NEWS
--MI5 Warns UK Businesses of China-Sponsored Cyber Attacks
(December 2 & 3, 2007) (((On other news, MI5 might warn China about "Russian business" attacks, but the idea of "businesses" savaging governments is, like, still too much to a bureaucrat's head around. You mean states are FAT VICTIMS of cyberwar -- that Britain is just a bigger Estonia? Does not compute!)))
"Reports in the English media say the UK government has accused China of breaking into computer systems at prominent UK businesses. (((I dunno why they bother when they could just walk off with the CD plasticware, but never mind, forge on:)))
"The reports indicate that MI5 chairman Jonathan Evans sent a confidential letter to 300 chief executives and security chiefs at major UK companies, warning them of the attacks. Rolls Royce and Royal Dutch Shell have reportedly been targeted by the cyber attacks, but so have many smaller organizations and law firms representing companies doing business in China. A Chinese embassy official in London denies the allegations."(((Like they'd tell him. "Hello? Is this the Chinese embassy in London? Yes, we plan to rifle through the British databanks using unrevealed first-day exploits -- is that okay with you guys in the corps diplomatique?")))
http://business.timesonline.co.uk/tol/business/markets/china/article2988228.ece http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9050499&source=rss_topic17 http://news.bbc.co.uk/2/hi/business/7123970.stm
"STATISTICS, STUDIES & SURVEYS
"--McAfee's Virtual Criminology Report
"(November 29 & 30, 2007)
"According to McAfee's annual Virtual Criminology Report, the world faces a cyber cold war over the next decade; 120 countries around the world are conducting cyber espionage operations. The operations target the military, political, economic, and technical arenas. The report also says that China is leading the way in cyber espionage. The Chinese government denies the allegations that it is at the forefront of the impending cyber cold war. The report was compiled with input from the UK's Serious Organised Crime Agency (SOCA), NATO, and the FBI."http://www.scmagazine.com/uk/news/article/769321/mcafee-report-issues-stark-cyberwarfare-warning/ http://business.timesonline.co.uk/tol/business/industry_sectors/technology/article2962570.ece http://www.zdnet.co.uk/misc/print/0,1000000169,39291156-39001093c,00.htm http://www.smh.com.au/news/Technology/Chine-disputes-McAfee-report-labeling-it-a-key-cyber-warfareinstigator/2007/11/30/1196037112426.html
(((I'm saddened that the world now requires a "Virtual Criminality Report" (once a year? Shouldn't that be once a week?) and it doesn't improve my mood that the net is boiling over with spooks. A hundred and twenty countries with "cyber-espionage" outfits? All spying on each other, presumably... Where do they find the elbow room?)))