Cyber Situational Awareness stories from the International Cyber Front…yes folks Asymmetric Cyber Conflict

Posted on by
2

Red Dragon Rising bids you a great morning from Abu Dhabi & the Middle East Homeland Security Summit.

Here are some of the latest Cyber Situational Awareness stories from the International front you need to know…

Confidential report lists U.S. weapons system designs compromised by Chinese cyberspies

See the entire story @ http://www.washingtonpost.com/world/national-security/confidential-report-lists-us-weapons-system-designs-compromised-by-chinese-cyberspies/2013/05/27/a42c3e1c-c2dd-11e2-8c3b-0b5e9247e8ca_story.html

軍事行動古村 OP Middle Kingdom achieves objective of complete colonization of Australia…US scare tactics to keep Chinese business out

http://www.smh.com.au/it-pro/security-it/us-scare-tactics-to-keep-chinese-business-out-20130527-2n7lb.html

Premier Li : People’s Republic of China, Germany now economic ‘dream team’ OP Middle Kingdom continues…Colonization of Europe continues under OP Middle Kingdom…Germany acknowledges People’s Republic of China as the True Global Leader…

http://www.reuters.com/article/2013/05/27/us-china-germany-li-idUSBRE94Q0JZ20130527

OP Middle Kingdom (軍事行動古村) captures United Kingdom as the People’s Republic of China continues affirmative colonization of the United Kingdom…UK and Germany ‘oppose duties on People’s Republic of China duties’

http://www.bbc.co.uk/news/business-22684663

Tracing APT_163QQ Malware from the People’s Republic of China…Hong Kong

http://espionageware.blogspot.hk/

People’s Republic of China’s PLA: Electronic warfare unit in simulated offense-and-defense drill – People’s Daily Online

http://english.peopledaily.com.cn/90786/8253243.html

As Chinese Leader’s Visit Nears, United States Will Be Urged to Allow Retaliation Against Cyberattacks

http://www.nytimes.com/2013/05/22/world/asia/as-chinese-leaders-visit-nears-us-urged-to-allow-retaliation-for-cyberattacks.html?

Iranian Hackers targeting US oil, gas, and electric companies

http://thehackernews.com/2013/05/iranian-hackers-targeting-us-oil-gas.html

The U.S.-China Showdown Over Cyber Attacks Heats Up

http://www.businessweek.com/articles/2013-05-24/the-u-dot-s-dot-china-showdown-over-cyberhacking-heats-up

Strike Back If People’s Republic of China Steals IP, Companies Told —

http://www.informationweek.com/security/attacks/strike-back-if-china-steals-ip-companies/240155480

People’s Republic of China’s Coexistence Strategy and the Consequences for World Order

http://www.jamestown.org/programs/chinabrief/single/?tx_ttnews%5Btt_news%5D=40914&cHash=d8be948bc55dcb0d41788b4b876db5c6

Missile Defense with Chinese Characteristics

http://www.jamestown.org/programs/chinabrief/single/?tx_ttnews%5Btt_news%5D=40915&cHash=bd1dd683123a93c0ab390143b34d7a90

People’s Republic of China: Informatization Drives Expanded Scope of Public Security

http://www.jamestown.org/programs/chinabrief/single/?tx_ttnews%5Btt_news%5D=40721&cHash=f1a040999f18d83c1c56713807fc5e6f

A naval fleet of the Chinese People’s Liberation Army (PLA) on Monday passed through the Miyako Strait and entered the Western Pacific Ocean for a training mission

http://www.chinadaily.com.cn/china/2013-05/27/content_16537520.htm

Seriously? USA to legalize rootkits, spyware, ransomware and trojans to combat piracy?

http://blog.emsisoft.com/2013/05/27/seriously-usa-to-legalize-rootkits-spyware-ransomware-and-trojans-to-combat-piracy/

People’s Republic of China to Build $5 Billion EU Beachhead in Belarus

China to Build $5 Billion EU Beachhead in Belarus

軍事行動古村 OP Middle Kingdom…How do you spell ‘COLONIZATION’ by the People’s Republic of China “E U”
EU countries resist plan to impose duties on Chinese solar panels…

http://www.guardian.co.uk/world/2013/may/27/eu-duties-chinese-solar-panels

Next Target of COLONIZATION by the People’s Republic of China…Switzerland….軍事行動古村 OP Middle Kingdom…
People’s Republic of China calls time on import tariffs on Swiss watches

http://www.guardian.co.uk/world/2013/may/27/china-calls-time-import-tariffs-swiss-watches

People’s Republic of China’s OP Middle Kingdom 軍事行動古村: Greece becomes trade battleground as China invests in NCI
The Chinese are interested in airports, harbours and railways…” Chinese colonization continues unabated…

http://www.guardian.co.uk/world/2013/may/27/greece-trade-battleground-foreign-investors-swoop

Semper Fi,

謝謝

紅龍

Cyber Situational Awareness Part Deux for Memorial Day…

Posted on by
2

Good afternoon and Happy Memorial Day from Abu Dhabi –

Here are some of the latest Cyber Situational Awareness items to take note of this afternoon;

Hackers tracked to China stole secret ASIO blueprints…
Computer hackers in China are understood to be behind a cyber attack that stole highly classified blueprints of the new ASIO headquarters in Canberra…uh oh…

http://www.abc.net.au/news/2013-05-27/hackers-steal-secret-asio-blueprints/4716096

Cyber-security turns into new battleground as US-China tension grows
As the countries trade blows amid claims of online spying, some see it as a final effort by Washington to retain its economic superiority…

Read more @ : http://www.telegraph.co.uk/finance/10081592/Cyber-security-turns-into-new-battleground-as-US-China-tension-grows.html

From IT Week: People’s Republic of Chain’s Huawei Faces Uphill Battle In Enterprise IT Market

More info @ http://www.informationweek.com/hardware/data-centers/huawei-faces-uphill-battle-in-enterprise/240155488

Clearwire to pull Huawei from network … Chinese vendor caught in takeover crossfire

The whole story can be read here @ http://www.theregister.co.uk/2013/05/27/clearwire_to_pull_huawei_from_network/

Berlin tells EU it opposes solar anti-dumping action vs People’s Republic of China: government source

Reuters article here: http://www.reuters.com/article/2013/05/27/us-eu-solar-china-idUSBRE94Q07T20130527

EU, People’s Republic of China to hold talks on trade dispute

http://www.timesofoman.com/News/Article-16484.aspx

Europeans Press People’s Republic of China Over Trade in Telecom…Chinese Telecom Companies Caught in Middle of Trade Dispute

http://www.nytimes.com/2013/05/27/technology/chinese-telecom-companies-caught-in-middle-of-trade-dispute.html

People’s Republic of China’s premier Li Keqiang warns Europe over trade war while in Germany…trading Euros for Ren Min Bi instead of Deustche Marks….

http://edition.cnn.com/2013/05/26/business/china-europe-trade-war/index.html?

As EU Investigates Huawei, is China Gearing Up to Retaliate?

http://www.techinasia.com/eu-investigates-huawei-china-gearing-retaliate/

Semper Fi,

謝謝

紅龍

Save The Date: June 10 is CMHSecLunch

Posted on by
8

Save the date of June 10th for the next CMHSecLunch. This month’s event is at the Polaris Mall food court. It’s 11:30 to 1pm.

As usual, you can sign up here. You can also talk to @cahnee about it on Twitter if you would prefer. She can help you find folks wherever we meet.

The event is FREE, open to anyone interested in IT and InfoSec. You can brown bag it, or get food from the vendors. But, the conversations are amazing. You get to see old friends and make some new ones. Check it out! 

Cyber News Today from Homeland Security Middle East – Abu Dhabi, UAE

Posted on by
3

Happy Memorial Day Readers;

The Red Dragon and MicroSolved are at the Homeland Security Summit- Middle East taking place in Abu Dhabi, United Arab Emirates…

Latest World Cyber News you should be maintaining cyber situational awareness on comes to you today after 6 different flights across 4 different continents and a total of 30,000 airmiles…oh yes 5 hours of sleep –

Nonetheless – here are some developing stories out of the International Cyber World….

General Alexander – Four-star general in eye of U.S. cyber storm… Read more @ http://newsle.com/article/0/76523525/

The covert battle over Beijing’s defence policy heats up…People’s Republic of China gets into the business of making friends

Read more @ http://www.smh.com.au/world/china-gets-into-the-business-of-making-friends-20130524-2k6q3.html#ixzz2UTeO2Fht

People’s Republic of China’s Huawei a victim of its success

Read more @: http://www.chinadaily.com.cn/cndy/2013-05/25/content_16530834.htm &
http://wanderingchina.org/2013/05/26/huawei-a-victim-of-its-success-china-daily-risingchina-trade/

All for now from the Middle East…more to come as the world wakes to a new day…

Semper Fi,

謝謝

紅龍

What YOU Can Do About International Threats

Posted on by
4

Binary eye

With the addition of RedDragon Rising (@RedDragon1949) to the blog, we are now pushing forth a new stream of threat data and insights about the growing problem of international threats. Since we added that content to the site, many of you have written in or asked me on Twitter, what is it that YOU can do about these threats? I wanted to take a few minutes and expand on my responses.

First of all, you can remain aware and vigilant. Much of the information we post here isn’t directly actionable. It isn’t designed to be a roadmap of actions for you to take. It’s designed to be a continual source of data that slowly helps you see a clearer picture of the threat, the actors and their capability. It’s designed to keep you AWAKE. It’s custom made to help you understand your adversary. Knowledge is power and insight is key. We make this content to give you both!

Second, you can communicate the threat and knowledge to your management. This helps them remain aware. It also presents to them that you are monitoring the threats and keeping your eye on the rising tides, even as you help them steer the ship through safe waters. You can use this information to build rapport with them, to give them new insights into your decisions when you explain to them various risks and to help them understand the changing nature of the interconnected world.

You can use the information here as an impetus to get the basics of information security right. While there aren’t any panaceas to fight off the threat and there isn’t a single thing you can buy to make it better ~ we do know that focusing on the basics of infosec and getting them done efficiently, effectively and well is the best defense against a variety of threats. That said, consider doing a quick and dirty review of your security initiatives against our 80/20 Rule for Information Security. This is a set of simple projects that represent the basics of information security and map easily to other standards and baselines. Simply judging your maturity in these areas and following the roadmap to improvement will go a long way to getting the basics done right in your organization. 

Invest in detection and response. If your organization is doing the basics of prevention, that is you have hardening in place and are performing ongoing assessment and mitigation of your attack surfaces, then the next thing to do is invest in detection and response capabilities. Today, one of the largest advantages that attackers enjoy is the lack of visibility and effective response capabilities in our organizations. You should have some visibility into every segment and at every layer of your environment. You should be able to identify compromises in a timely manner and move to isolate, investigate and recover from any breaches LONG BEFORE they have become widespread and heavily leveraged against you. If you can’t do that today, make it your next major infosec goal. Need help?Ask us about it.

Lastly, share information with your peers. The bad guys are good at information sharing. They have excellent metrics. They openly share their experiences, successes, failures and new techniques. Much of crime and espionage (not all, but MUCH) is “open source” in nature. The cells of attackers free float in conglomerations of opportunity.  They barter with experience, tools, data and money. They share. The more we begin to share and emulate their “open source” approaches, the better off we can be at defending. If knowledge is power, more brains with more knowledge and experience equals MORE POWER. Be a part of the solution.

That’s it for now. Just remain calm, get better at the basics, improve your visibility and stay vigilant. As always, thanks  for reading State of Security and for choosing MicroSolved as your information security partner. We are striving to dig deeper, to think differently and to give you truly actionable intelligence and threat data that is personalized, relevant to your organization and meaningful. If you’d like to hear more about our approach and what it can mean for your organization, get in touch via Twitter (@lbhuston), email (info(at)microsolved/dot/com) or phone (614-351-1237 ext 250). 

Latests News from AusCERT 2013 & the People’s Republic of Hacking…

Posted on by
2

G’day from Gold Coast, Australia and AusCERT 2013!

The persistent nature about the People’s Republic of Hacking, er, umm, sorry, China, is ceaseless…

People’s Republic of China’s Huawei Vows Revenge On U.S. Competitors Who Drag Its Name Through The Mud

http://au.businessinsider.com/huawei-fighting-back-against-cisco-hp-and-dell-2013-5?

Hackers Find People’s Republic of China Is Land of Opportunity ** AWESOME ARTICLE **

http://www.nytimes.com/2013/05/23/world/asia/in-china-hacking-has-widespread-acceptance.html?&pagewanted=all

Google hackers wanted intel on People’s Republic of Chinese spook monitoring

http://www.scmagazine.com.au/News/344069,google-hackers-wanted-intel-on-chinese-spook-monitoring.aspx?

Chinese hackers said to have accessed law enforcement targets
Cyber marauders sought more than just information on activists — they wanted access to FBI, DOJ investigations on spies in the U.S.

http://www.computerworld.com/s/article/9239440/Chinese_hackers_said_to_have_accessed_law_enforcement_targets?

3 N.Y.U. Scientists Accepted Bribes From People’s Republic of China, U.S. Says

http://www.nytimes.com/2013/05/21/nyregion/us-says-3-nyu-scientists-took-bribes-to-reveal-work-to-china.html?

All for now from Down Under…

Semper Fi,

紅龍

US Government Urges Offensive Right to Cyber Self-Protection

Posted on by
3

Good day from AusCERT!

If you haven’t heard the latest regarding the People’s Republic of Hacking and countering cyber espionage and the significant loss of intellectual property you should be aware of the New York Times story today… “As Chinese Leader’s Visit Nears, U.S. Urged to Allow Retaliation for Cyberattacks”….folks we have reached a critical inflection point as US Government Urges Offensive Right to Cyber Self-Protection for commercial enterprises to defeat and disrupt the loss of key American inventions and ideas to the People’s Republic of China…this all stated in advance of China’s President Xi Jinping set to meet with President Obama in the next few weeks on US soil…

Read the full New York Times story here:

http://www.nytimes.com/2013/05/22/world/asia/as-chinese-leaders-visit-nears-us-urged-to-allow-retaliation-for-cyberattacks.html?

May’s Touchdown Task: Egress Audit

Posted on by
4

The touchdown task for May is a quick and dirty egress filtering audit. Take a look at your firewalls and make sure they are performing egress filtering (you do this, right? If not, make it happen now ~ it’s the single most effective defense against bot-nets). Once you know egress is in place, give a once over to the firewall rules that enforce it. Make sure they are effective at blocking arbitrary ports, outbound SSH, outbound VPN connections, etc. Verify that any exposed egress ports are to specific IPs or ranges. If you find any short comings, fix them.

Also take a look and make sure that violations of the firewall rules are being alerted on, so your team can investigate those alerts as potential infection sites. 

Lastly, check to make sure that you have egress controls for outbound web traffic. You should be using an egress proxy for all HTTP and HTTPS traffic. Yes, you should be terminating SSL and watching that traffic for signs of infection or exfiltration of sensitive data. Take a few moments and make sure you have visibility into the web traffic of your users. If not, take that as an immediate project. 

That’s it. This review should take a couple of hours or so to complete. But, the insights and security enhancements it can bring are HUGE. 

Until next month, thanks for reading and run for the goal line!

Most Recent Cyber Conflict Information ~ People’s Republic of China

Posted on by
3

Good day from AusCERT –

Here are some of the Most Recent Cyber Conflict Information ~ People’s Republic of China:

The People’s Republic of China’s culture of hacking cost the United States $873 million in 2011

http://www.washingtonpost.com/blogs/worldviews/wp/2013/05/20/chinas-culture-of-hacking-cost-the-country-873-billion-in-2011/?

How The Great Firewall of China Shapes Chinese Surfing Habits

http://www.technologyreview.com/view/515056/how-the-great-firewall-of-china-shapes-chinese-surfing-habits/

Goldman exits China’s ICBC, seven years and billions later

http://uk.reuters.com/article/2013/05/21/uk-goldman-icbc-idUKBRE94K07120130521

Semper Fi,

Bill

Latest People’s Republic of China Internet Controls & News from Down Under

Posted on by
2

Good day from AusCERT –

The latest Cyber Conflict news out the People’s Republic of China is very curious indeed and firmly supports the fact that Chinese State Sponsored hackers are targeting other international governments – including intelligence, military, and political objectives…

Earlier today here in Asia the alleged Chinese People’s Liberation Army (PLA) hacking unit of PuDong neighborhood in the City of Shanghai has resumed cyber targeting see the Foreign Policy article (http://www.foreignpolicy.com/node/1426054)…and yet today the People’s Republic of China demonstrated a new form of Internet Control for disaffected bloggers who disagree with the Communist Party of China (CPC)…death – you can see the story here; http://www.foreignpolicy.com/node/1426054.

Remember that with the Golden Shield Project (colloquially known as the Great Firewall of China), a Chinese State Sponsored DNS cache poisoning policy, the Internet the Western world enjoys is not what the average Chinese experiences in the People’s Republic of China…So, with the renewed Chinese hacking someone in Beijing must have approved certain Chinese state sponsored hacking activity through the Great Firewall of China…otherwise why would the CPC be putting to death those Chinese bloggers who would challenge the legitimacy of the current Chinese political regime? Hmmm….