CoreTrace WhiteSpace

The Application Whitelisting and Security Weblog

Stopping the payload key to thwarting targeted cyberattacks

April 13, 2010 at 11:50 am, by Toney Jennings

Targeted cyberattacks that use sophisticated social engineering techniques to exploit network vulnerabilities are creating advanced persistent threats (APT) to enterprise security models like never before. According to the article, “Targeted cyberattacks test enterprise security controls,” these threats pose a more immediate danger to sensitive data of U.S. commercial entities than a full-fledged cyberwar. George Kurtz, a long time colleague of mine and CTO of McAfee, expects these types of attacks to continue.

“These attacks have demonstrated that companies of all sectors are very lucrative targets. [APTs are] the equivalent of the modern drone on the battlefield. With pinpoint accuracy, they deliver their deadly payload, and once discovered — it is too late.”

One of the methods the article suggests to protect systems from targeted attacks is using a whitelist to allow specific traffic over its networks while excluding everything else. Continue reading this post…

Repercussions, not legislation, key to improving nation’s cyber defenses

April 7, 2010 at 10:52 am, by Toney Jennings

In Monday’s blog, “Why Rockefeller-Snowe’s Regulations Won’t Prepare The U.S. For Cyberwar,” security expert Richard Stiennon provides a straightforward analysis of why we can’t effectively regulate cyber security. In a nutshell, passing a new cyber security bill would do nothing to better prepare us for cyber attacks. What we need to do is beef up our defenses with accepted security practices. I couldn’t agree more.

Historically, legislation has proven to be woefully inadequate in preparing the U.S. for cyberwar. Why? Because there are no consequences. Continue reading this post…

Are we in a cyberwar or not?

March 11, 2010 at 11:16 am, by Toney Jennings

I continue to hear various viewpoints about whether or not we are in a cyberwar. Recently, our friend, Howard Schmidt was quoted in the article, “White House Cyber Czar: ‘We are not in a cyberwar’,” that we are not in a cyberwar. His stance is cyberwar is “a terrible metaphor” where there are no winners. While I can certainly respect that, there are also a number of opposing views and supporting statistics that say otherwise.

One comes from the former director of national intelligence, Michael McConnell, who recently testified in Congress by saying the country is already in the midst of a cyberwar — and losing it at that. This comes on the heels of growing speculation from experts that say the Chinese government was behind the recent cyberattacks targeting U.S. government Web sites, Google, and dozens of other U.S. companies. This, of course, raises the question: “If we aren’t already in a cyberwar, are we headed toward one?”

Larry Wortzel, a member of the U.S.-China Economic and Security Review Commission, said in the article, “Expert says Chinese government likely behind massive cyberattacks,” that whether the Chinese government or independent hackers in China were responsible for the recent attacks, we are seeing “persistent, systematic and sophisticated attacks” that are clearly targeting U.S. military, technical and scientific information. Similar trends released at RSA Conference and reported in the story, “Chinese hacks attacks said likely to recur,” said an increase in Internet attacks from China could double if the pace during the first two months of 2010 continues.

People often ask me, given my military background and experience fighting cyber crime, are we in a cyberwar or not? To me, whether or not we are is irrelevant. What defines cyber warfare? What’s important is that we are aware of what is going on and our government and the private sector are doing everything they can to ensure our cyber security. I commended President Obama last October when he said that cyber threats were one of the most serious economic and national security challenges we face as a nation. The fact is, cyber crime has already cost U.S. companies billions of dollars. If these trends aren’t stopped, cyber crime will continue to have a growing impact on both our economy and global competitiveness.

Ensuring our cyber security comes down to one thing — preparedness. The more we understand, and the more proactive steps the government and private sector take independently and collectively, are vital to defending our networks, national assets and critical infrastructures from any type of attack, whether we are in a cyberwar or not.