SECURIT SAFETY


CHINESE ARMY CYBER WAR AGAINST USA IS A SENSITIVE ISSUE

The New York Timesfront-page report this week that the Chinese army is hacking into America’s most sensitive computer networks from a 12-story building outside Shanghai might finally persuade skeptics that the threat of “cyber warfare” isn’t the fevered fantasy of Richard Clarke, the producers of Die Hard 4, or the generals at the ever-growing U.S. Cyber Command. Alas, it’s real.

But what is the threat? Few of those in the know believe that some fine day, out of the blue, China will zap the programs that run our power grids, gas lines, waterworks, or banking systems, sending our economy—and much else—into a tailspin. Even if the Chinese could pull off such a feat with one keystroke, it’s hard to imagine what they’d accomplish, especially since their fortunes are wrapped up with our own.

The more worrisome threat is subtler: that the Chinese (or some other powers) will use their ability to wreak cyberhavoc as leverage to strengthen their position, and weaken ours, in a diplomatic crisis or a conventional war.



For instance, in a brewing conflict over Taiwan or the South China Sea (areas where China has asserted claims aggressively in recent years), would an American president respond with full military force if he knew that the Chinese would retaliate by turning out all the lights on the Eastern Seaboard?

A familiar concept in strategic war games is “escalation-dominance.” The idea is that victory goes to the player who can take a conflict to the next level of violence in a way that inflicts enormous damage on his opponent but very little on himself. The expected outcome of the next round is so obvious that the opponent decides not to escalate; the dominant player thus controls the subsequent course of the battle and possibly wins the war.

Real war is messier than war games. Escalation holds risks all round. The two sides might have different perceptions of which one is dominant. Or the dominant side might miscalculate the opponent’s strategic priorities. For instance, China might think the American president values uninterrupted electricity on the East Coast more than a free, independent Taiwan—but that thought might be mistaken.



Still, leaders in war and crisis do take these kinds of factors into account. Many surrenders in history have been prompted less by the damage already absorbed than by fears of the damage to come.

And China is not the only foe or rival whose calculations are complicating this new cyber world. Iran is another. Last summer, all of a sudden, a computer virus nicknamed Shamoon erased three-quarters of the Aramco oil company’s corporate files, replacing much of it with images of a burning American flag. It is widely believed that the Iranians planted the “kill switch” in retaliation for the U.S.-Israeli Stuxnet virus that disabled the centrifuges in their nuclear program


The implicit message sent not only to the United States but also, and perhaps more importantly, to its Arab commercial partners: Don’t mess with us, or we will mess with you. The Shamoon virus is now regarded as the hint of another consequence that we’d likely face in the aftermath of a military strike on Iran’s nuclear facilities. Will it deter such a strike or serve as the final straw in a pile of risks that deters us from striking (or deters the West’s Arab allies from playing whatever part they might play in an attack)? Hard to say, but the Iranians probably intended the virus to have that effect.


So, what to do about all this?

The basic task is to dissuade potential foes from thinking that they would gain escalation-dominance by launching, or having the ability to launch, a cyberattack on America’s infrastructure.

A popular notion of how to do this is to threaten “retaliation in kind”—or, taking a phrase from the nuclear-deterrence playbook, “mutual assured destruction.” This threat has its place in cyberwar but also its limits, because the United States is far more dependent on computer networks, in every aspect of its national security and its daily economic life, than China, Iran, or any other prospective foe or rival. Retaliation in kind might not serve as a sufficient deterrent because it would inflict much less damage on them than their first strike would inflict on us.

A better, but much harder, way is to defend the critical infrastructure in the first place. There are limits to this, too. First, we’re in too deep; we can’t untether our economy from the Internet any more than we can detour all road traffic off the interstate. Second, there is no such thing as a perfect defense; if well-funded, well-trained predators want to get in, they will get in. Still, there are ways to wall off or split up the most critical segments of infrastructure—and to monitor further efforts to break in. If they haven’t already, the private companies responsible for this infrastructure should start to take these steps immediately.




That is the point behind President Obama’s recent executive order on cybersecurity. In recent years, Congress has rejected bills requiring Internet service providers to follow government standards on security for various reasons, many of them legitimate. The executive order at least allows government agencies to share information with ISPs, some of it classified, on how to meet these standards themselves. It’s a good first step.

But there’s another way to stave off the danger of cyberwar, and that’s diplomacy.

In his extremely important 2010 book Cyber War, Richard Clarke likened the current era to the decade after the first atomic bombs, when American, then Soviet, scientists built these weapons of enormous destructiveness—but before politicians or strategists devised ways of thinking about them rationally: how to control them, deter their use, or limit their damage if a war couldn’t be deterred.


It’s time to move on to the next era, when this sort of thinking did occur, not just in secretive research tanks but also in open discussions and international negotiations. Clarke, who was chief of counterterrorism and cybersecurity for Presidents Clinton and Bush, spells out ways that concepts from nuclear arms control—inspections and verification, no first use, and ideas from other accords, including the Geneva Conventions—might be applied to cyberweapons.

In any case, it’s sheer silliness, at this point, to keep cyber issues off the table for fear of upsetting the sensitivities of Chinese officials (who deny that they have offensive cyberwarfare programs) and thus possibly triggering a diplomatic crisis. A crisis already looms from all sides of the globe; the United States, after all, has an offensive cyberwarfare program, too. Best to deal with it head-on, and soon.

Sourced & published by Henry Sapiecha

New technique developed

to identify authors of anonymous emails

By Darren Quick

21:58 March 8, 2011

Concordia University professor, Benjamin Fung, has developed an effective new technique to...

Concordia University professor, Benjamin Fung, has developed an effective new technique to determine the authorship of anonymous emails (Image: Concordia University)

There might be many harmless reasons for sending anonymous emails – confessing your undying love for someone, seeking anonymous advice, or simply playing a joke on a friend – but there are also plenty of harmful reasons – making threats against someone, distributing child pornography or sending viruses, just to name a few. While police can often use the IP address to locate where an email originated, it may be harder to nail down exactly who sent it. A team of researchers claims to have developed an effective new technique to determine the authorship of anonymous emails that can provide presentable evidence in courts of law.

In an attempt to combat the increase of cybercrimes involving anonymous emails, Benjamin Fung, a professor of Information Systems Engineering at Quebec’sConcordia University and an expert in data mining, and his colleagues set about developing a novel method of authorship attribution based on techniques used in speech recognition and data mining, which involves extracting useful, previously unknown knowledge from a large volume of raw data. Their approach relies on identifying frequent patterns and unique combinations of features that recur in a suspect’s emails.

The technique works by first identifying the patterns found in emails written by the subject. Any of these patterns which are also found in the emails of other subjects are then filtered out, leaving patterns that are unique to the author of the emails being analyzed. These remaining frequent patterns then constitute what the researchers call the suspect’s ‘write-print’ – a distinctive identifier akin to a fingerprint.

“Let’s say the anonymous email contains typos or grammatical mistakes, or is written entirely in lowercase letters,” says Fung. “We use those special characteristics to create a write-print. Using this method, we can even determine with a high degree of accuracy who wrote a given email, and infer the gender, nationality and education level of the author.”

Fung and his colleagues tested their technique by examining the Enron Email Dataset – a collection containing over 200,000 real-life emails from 158 employees of the Enron Corporation. Using a sample of 10 emails written by each of 10 subjects – 100 emails in all – they were able to identify authorship with an accuracy of 80 to 90 percent.

“Our technique was designed to provide credible evidence that can be presented in a court of law,” says Fung. “For evidence to be admissible, investigators need to explain how they have reached their conclusions. Our method allows them to do this.”

Sourced & published by Henry Sapiecha

Next Page »