Page 32 - CDM Cyber Warnings February 2014
P. 32




My daughter visited us from college for a holiday recently. does not squeak, such as a mobile device hack that leads to
She�s an undeclared freshman – as we all were then – and a network breach that goes undetected until corporate IP
we found ourselves talking majors of study over dinner one has been syphoned off. This is the proverbial asteroid flying
night. Being a software business owner and freelance writer through space alongside thousands of other cyber objects
in the IT security space, the first thing out of my mouth just waiting to wreak havoc on the national technology
was �do something to fight cyber-terrorism; the Chinese infrastructures we take for granted daily. It will be the
are amassing an army of cyber-terrorists.� As quickly as �cyber 9/11� incident that disrupts things we take for
the thought popped out of my mouth, she replied with: granted like electricity, water, and even the computers that
�Where would I learn to do that � My college doesn� t offer launch defense missiles pointed at our foreign enemies.
that major.�
Yet amongst the chaos within our corporate and

Her comment left me wondering where she would get this governmental IT infrastructures, one has to marvel at the
type of degree. And, what institution is known for training technology governments around the world (including the
our next generation of cyber-terrorism commandos� A U.S. and its allies) have employed thus far to spy on
quick Google search later confirmed what I had learned in citizens, corporations and governments alike to �keep their
researching and writing papers for several IT security respective nations safe.� In the case of the mobile device
companies: Our (government and industry) current hack mentioned above, a rogue carrier network would have
response to cyber-threat is mostly reactive and lastly to be set up, then the phone be cloned, then data would
proactive. I emphasize �known� as there is much unknown have to be exfiltrated under the cover of darkness. To most
in government technology as evidenced with the recent IT admins, this is pretty difficult stuff to pull off without
NSA scandal. But the reactive concept is reality. As a detection. But it is becoming a more common cyber threat
country, while most citizens worry about suicide bombers for international business travelers and it is costing U.S.
or missile attacks, it will be the silent one that causes the companies billions each year in IP theft, not to mention
�cyber 9/11� disruption to our normal way of life. defense secrets from government contractors.


“Today, most IT And, take for instance Room 641A, which has been in
existence for 10 years now. Located in San Francisco, Room
problems are attacked 641A allegedly splits Internet backbone traffic and routes

it to a separate room – known internally as SG3 – where
with a squeaky-wheel- the NSA has access to Internet surveillance and user

analytics on a massive scale. In the 2006 class-action court
gets-the-grease mental- case Hepting vs. AT&T, plaintiffs alleged that the NSA had

conducted �warrantless eavesdropping with the
ity” cooperation of telecommunications companies.� The

Hepting vs. AT&T (and the NSA) case was terminated
before making it to Supreme Court review.
Today, most IT problems are attacked with a squeaky-
wheel-gets-the-grease mentality. These IT problems The point here is not that the case was terminated; I allude
manifest themselves in the form of help-desk tickets with to no conspiracy. What�s alarming is that in 2003 the U.S.
the highest priority tickets pushed to the top of the pile for government was building this sort of technology which is
first remediation. This reactive mentality for managing IT quite impressive given the hardware constraints of the
in workplace environs best known for �always doing more time. A 1TB drive was expensive and considered big storage
with less� poses a multitude of dangers to homeland cyber back then. Surely, 10 years later our technology has
security. Most troubling however, is the IT problem that


CYBER DEFENSE MAGAZINE - ANNUAL EDITION 32
   27   28   29   30   31   32   33   34   35   36   37