The Obama Administration and Cyber Security

Up until I entered the classroom for Cyber Self Defense I was never very aware of cyber security and its importance on a scale any larger than that of the average user at his or her home computer. In a blog called Cyber Security News I found out just how important it is in today’s world, as i read about the Obama Administration putting forward the Cybersecurity Legislative Proposal and then the US National Strategy for Cyberspace.

The proposal calls for several IT advancements with the express purposes of protecting “the nation’s critical infrastructure, Federal Government computers and networks, as well as the American people.”  An example of one of these advancements is the Department of Homeland Security putting in place new cybersecurity programs as well as hiring more IT security professionals in order to better understand any of the issues at hand. The US National Strategy for Cyberspace is meant to work on an even larger scale where they intend to work with “like-minded states” to create a standard for securities needed to protect the country while at the same time promoting freedom on the Internet.

I think it might be safe to say, there are wars being waged out there in cyberspace and of course protection is necessary, so these policies are needed as well. Cyber security is of great importance in the present day and now, I am aware.

blog article: http://cybersecuritynews.org/2011/05/17/obama-administration-pushes-for-more-national-international-cyber-oversight/

Jail Security Flaw

http://www.huffingtonpost.com/2011/08/09/hackers-help-inmates-break-out_n_921554.html

I read an article regarding flaws in a security system in a jail. After a power surge the guards were surprised to find all of the cells on death row opened. They did some investigating and found that the security system could be manipulated to actually control these cells and possibly release inmates. These findings were due in part to the fact that guards were not following proper protocol when it came to using computer stations which controlled the closing and opening of cell doors.

This fortifies my beliefs that no matter how good your security system is it is only as good as your weakest link. Most of the time the biggest security flaws come from human error. Something as simple as a guard checking his e-mails on a computer which is connected to the cell doors could have led to a cyber intruder gaining control of those very same cell doors keeping dangerous inmates under control.

I find that the more complex security systems are the easier it is for problems to arise and human error to become an issue. Proper training and direction trumps complexity from my personal experience in several jobs. A security engineer had this to say regarding security procedures: “If the prisons change their security procedures, they could probably fix the problem 98 percent on their own.”

Personal RFID Security/Privacy Threats

A relatively new security/privacy threat has arrived in the last decade and it’s due to a chip that can be as small as a grain of sand. They are called RFID chips and are a form of microchips fitted with antennas. They have information stored on them which can be transmitted to an RFID reader. The RFID reader can send out a query causing the RFID tag to return any data it contains. Obviously this brings up big security concerns. The RFID tags are being put in passport cards and enhanced driver licenses that are available in a growing amount of states. Some of these RFID tags have even been found to be readable from a max of about 150 feet away.

When you get an enhance driver license they provide you with a privacy sleeve to keep it in which helps to block the radio signal from the chip getting out, but many people have been found to not use them and if the paper had been crumpled at all it may not even work.

What do you all think of this technology? Are we going to far and potentially exposing ourselves in ways we could have never imagined was possible?

http://www.technologyreview.com/computing/21842/

Wireless Hacking is Also Legal

A Dutch court has ruled against punishment for hacking into Wi-Fi connection provided that connected computers were untouched. However the rules regarding data freeloading seems likely to change in the following months.

The unusual ruling came in the case of a student who has hacked into his neighbors wireless connection in order to post a shooting rampage threat at Maerlant College in The Hague. The threat was posted on 4chan, the notoriously anarchic internet image board. The student was sentenced to community service because of the post however he was not sentenced further for hacking into a secured wireless connection. How the student got caught still remains a mystery.

The flaw of the law comes from the fact that Netherlands computer laws dates back to 1990s and according to the laws that defines a computer as “data storage”. Since a router can not store data, hacking into it and using it does not pose as a treat or go against the rules.

This seems like another example of bureaucracy  losing it’s strength against emerging technology rules of which is basically refreshed every minute. As the technology advances and redefines criminal activity, constitutions remain with great amount of vulnerabilities that hackers can deplete.

Tenth anniversary of 9/11: how safe are we?

Being that it is the tenth anniversary of September 11th , I thought I’d be appropriate to bring up national security and see how it has progressed since 2001. In this article from Fox News touches on stolen information could hurt the United States. Leon Panetta, secretary of defense, was quoted to have said that our next “Pearl Harbor” could affect our cyber systems. There were already a big red flag on August 14th, 2003 when the “Blaster worm” supposedly contributed to disabling utility companies computers.

The government has to work with outside companies to get the newest technology, that’s inevitable. So, that being said, how safe is our security system government wise? The Chinese air force has a division that specializes in using cyber-attacks to cause trouble for other countries air control systems. How would the United States defend against that if something like that were to happen to an airport on one of the coast lines?

With technology increasing at an exponential rate, it’s impossible to be completely secure on the internet. As it is, identifying where an enemy is in cyberspace is hard, and with the possibility that we as a country are not as secure as we were 10 years ago, is really terrifying.

www.foxnews.com/scitech/2011/09/10/10-years-after-11-are-americas-cyberdefenses-weaker/