Cyber Situational Awareness Part Deux for Memorial Day…

Good afternoon and Happy Memorial Day from Abu Dhabi –

Here are some of the latest Cyber Situational Awareness items to take note of this afternoon;

Hackers tracked to China stole secret ASIO blueprints…
Computer hackers in China are understood to be behind a cyber attack that stole highly classified blueprints of the new ASIO headquarters in Canberra…uh oh…

Cyber-security turns into new battleground as US-China tension grows
As the countries trade blows amid claims of online spying, some see it as a final effort by Washington to retain its economic superiority…

Read more @ :

From IT Week: People’s Republic of Chain’s Huawei Faces Uphill Battle In Enterprise IT Market

More info @

Clearwire to pull Huawei from network … Chinese vendor caught in takeover crossfire

The whole story can be read here @

Berlin tells EU it opposes solar anti-dumping action vs People’s Republic of China: government source

Reuters article here:

EU, People’s Republic of China to hold talks on trade dispute

Europeans Press People’s Republic of China Over Trade in Telecom…Chinese Telecom Companies Caught in Middle of Trade Dispute

People’s Republic of China’s premier Li Keqiang warns Europe over trade war while in Germany…trading Euros for Ren Min Bi instead of Deustche Marks….

As EU Investigates Huawei, is China Gearing Up to Retaliate?

Semper Fi,



Cyber News Today from Homeland Security Middle East – Abu Dhabi, UAE

Happy Memorial Day Readers;

The Red Dragon and MicroSolved are at the Homeland Security Summit- Middle East taking place in Abu Dhabi, United Arab Emirates…

Latest World Cyber News you should be maintaining cyber situational awareness on comes to you today after 6 different flights across 4 different continents and a total of 30,000 airmiles…oh yes 5 hours of sleep –

Nonetheless – here are some developing stories out of the International Cyber World….

General Alexander – Four-star general in eye of U.S. cyber storm… Read more @

The covert battle over Beijing’s defence policy heats up…People’s Republic of China gets into the business of making friends

Read more @

People’s Republic of China’s Huawei a victim of its success

Read more @: &

All for now from the Middle East…more to come as the world wakes to a new day…

Semper Fi,



What YOU Can Do About International Threats

Binary eye

With the addition of RedDragon Rising (@RedDragon1949) to the blog, we are now pushing forth a new stream of threat data and insights about the growing problem of international threats. Since we added that content to the site, many of you have written in or asked me on Twitter, what is it that YOU can do about these threats? I wanted to take a few minutes and expand on my responses.

First of all, you can remain aware and vigilant. Much of the information we post here isn’t directly actionable. It isn’t designed to be a roadmap of actions for you to take. It’s designed to be a continual source of data that slowly helps you see a clearer picture of the threat, the actors and their capability. It’s designed to keep you AWAKE. It’s custom made to help you understand your adversary. Knowledge is power and insight is key. We make this content to give you both!

Second, you can communicate the threat and knowledge to your management. This helps them remain aware. It also presents to them that you are monitoring the threats and keeping your eye on the rising tides, even as you help them steer the ship through safe waters. You can use this information to build rapport with them, to give them new insights into your decisions when you explain to them various risks and to help them understand the changing nature of the interconnected world.

You can use the information here as an impetus to get the basics of information security right. While there aren’t any panaceas to fight off the threat and there isn’t a single thing you can buy to make it better ~ we do know that focusing on the basics of infosec and getting them done efficiently, effectively and well is the best defense against a variety of threats. That said, consider doing a quick and dirty review of your security initiatives against our 80/20 Rule for Information Security. This is a set of simple projects that represent the basics of information security and map easily to other standards and baselines. Simply judging your maturity in these areas and following the roadmap to improvement will go a long way to getting the basics done right in your organization. 

Invest in detection and response. If your organization is doing the basics of prevention, that is you have hardening in place and are performing ongoing assessment and mitigation of your attack surfaces, then the next thing to do is invest in detection and response capabilities. Today, one of the largest advantages that attackers enjoy is the lack of visibility and effective response capabilities in our organizations. You should have some visibility into every segment and at every layer of your environment. You should be able to identify compromises in a timely manner and move to isolate, investigate and recover from any breaches LONG BEFORE they have become widespread and heavily leveraged against you. If you can’t do that today, make it your next major infosec goal. Need help?Ask us about it.

Lastly, share information with your peers. The bad guys are good at information sharing. They have excellent metrics. They openly share their experiences, successes, failures and new techniques. Much of crime and espionage (not all, but MUCH) is “open source” in nature. The cells of attackers free float in conglomerations of opportunity.  They barter with experience, tools, data and money. They share. The more we begin to share and emulate their “open source” approaches, the better off we can be at defending. If knowledge is power, more brains with more knowledge and experience equals MORE POWER. Be a part of the solution.

That’s it for now. Just remain calm, get better at the basics, improve your visibility and stay vigilant. As always, thanks  for reading State of Security and for choosing MicroSolved as your information security partner. We are striving to dig deeper, to think differently and to give you truly actionable intelligence and threat data that is personalized, relevant to your organization and meaningful. If you’d like to hear more about our approach and what it can mean for your organization, get in touch via Twitter (@lbhuston), email (info(at)microsolved/dot/com) or phone (614-351-1237 ext 250). 

US Government Urges Offensive Right to Cyber Self-Protection

Good day from AusCERT!

If you haven’t heard the latest regarding the People’s Republic of Hacking and countering cyber espionage and the significant loss of intellectual property you should be aware of the New York Times story today… “As Chinese Leader’s Visit Nears, U.S. Urged to Allow Retaliation for Cyberattacks”….folks we have reached a critical inflection point as US Government Urges Offensive Right to Cyber Self-Protection for commercial enterprises to defeat and disrupt the loss of key American inventions and ideas to the People’s Republic of China…this all stated in advance of China’s President Xi Jinping set to meet with President Obama in the next few weeks on US soil…

Read the full New York Times story here:

Most Recent Cyber Conflict Information ~ People’s Republic of China

Good day from AusCERT –

Here are some of the Most Recent Cyber Conflict Information ~ People’s Republic of China:

The People’s Republic of China’s culture of hacking cost the United States $873 million in 2011

How The Great Firewall of China Shapes Chinese Surfing Habits

Goldman exits China’s ICBC, seven years and billions later

Semper Fi,


Latest People’s Republic of China Internet Controls & News from Down Under

Good day from AusCERT –

The latest Cyber Conflict news out the People’s Republic of China is very curious indeed and firmly supports the fact that Chinese State Sponsored hackers are targeting other international governments – including intelligence, military, and political objectives…

Earlier today here in Asia the alleged Chinese People’s Liberation Army (PLA) hacking unit of PuDong neighborhood in the City of Shanghai has resumed cyber targeting see the Foreign Policy article (…and yet today the People’s Republic of China demonstrated a new form of Internet Control for disaffected bloggers who disagree with the Communist Party of China (CPC)…death – you can see the story here;

Remember that with the Golden Shield Project (colloquially known as the Great Firewall of China), a Chinese State Sponsored DNS cache poisoning policy, the Internet the Western world enjoys is not what the average Chinese experiences in the People’s Republic of China…So, with the renewed Chinese hacking someone in Beijing must have approved certain Chinese state sponsored hacking activity through the Great Firewall of China…otherwise why would the CPC be putting to death those Chinese bloggers who would challenge the legitimacy of the current Chinese political regime? Hmmm….

Red Dragon Rising @ AusCERT 2013

Good day from Gold Coast Australia!

Red Dragon Rising has arrived in Australia for AuSCERT 2013!

And of course, 5 hours ago here in Asia Pacific those pesky Dark Guests from the People’s Republic of China are up to their old hacking tricks again reports the New York Times:

“Chinese Hackers Resume Attacks on U.S. Targets”

You can read the direct story at the following link:

Latest People’s Republic of China Cyber Conflict News….中華人民共和國 信 息战争

Latest People’s Republic of China Cyber Conflict News….中華人民共和國 信 息战争

Pentagon Continues Use of People’s Republic of China Satellite in New Lease – Bloomberg
…AFRICOM renews lease with People’s Republic of China’s APT Satellite Holdings Ltd.!

People’s Republic of China’s software industry growth quickens – Xinhua |
The growth of China’s software industry quickened last year despite sluggish market demand caused by an economic slump at home and abroad, showed official data revealed on Wednesday.

India’s NSC points to Huawei, ZTE’s links with Chinese military project PLA-863

Beijing’s ‘Bitskrieg’ – 中國人民解放 總參謀部…信 息战争

US Intelligence & Military fears after People’s Republic of China missile test – Telegraph

Cyberattacks on Rise Against U.S. Corporations

See on Scoop.itChinese Cyber Code Conflict

Officials said the aim in a new wave of attacks was not espionage but sabotage, and that the source seemed to be in the Middle East.

Red-DragonRising‘s insight:

ICS-CERT issued this alert that cyber attacks are now trending towards sabaotage instead of cyber espionage…combine cyber jihaist activity, e.g.; Shamoon, with cyber criminality and you have a very potent and violatile mix   directly impacting and affecting both commercial enterprises and the United States critical infrastructure…


Standby to standby…


Semper Fi,




See on

Welcome Red Dragon Rising


Please join me in welcoming Red Dragon Rising to the fold. The Dragon team will be posting a variety of international threat intelligence information, cyber warfare research and engaging commentary. Stay tuned here for a new strain of content on the site, which will be meshed in with the traditional content we have been bringing you throughout the years. 

You can also find the Dragon team on Twitter @RedDragon1949.

As always, thanks for reading and let us know what you think of the new content and some of the intelligence we will be sharing.