Youth Defence try and fail to unmask Anonymous. Pics and Video

A rather bizarre incident happened at outside the Dail yesterday. In retrospect probably not as bizarre as the goings on inside the Dail where is seems is acceptable for a male TD to reach out and grab a female TD and pull her down to sit on his groin whilst his male TD friends watch without intervening or even looking uncomfortable. All this as they collectively discuss some unrelated matters such a women’s autonomy, social norms dominated by patriarchy, and bodily integrity all of which are bound up in any critical conversation around abortion and the state. But we all know these dicks are beyond parody. This is the place where these same guys, on €90K a year got drunk on cheap booze, both paid for by us, as they turned €60Billion odd of private banking debt into something our communities will have to pay for off for generations to come.  But I digress.

 

 

So outside I turned up to see how the pro choice folks who camped out the night before where gettting on as legislation about womens bodies was being debated by an almost exclusively white catholic employed males over the age of 50. That demographic is a fairly small part of the social Venn diagram, but this is what passes for democracy in official social imagination.

P1010713

The sun was out and the mood was good, with about 30-40 pro-choice people about at 4.30. Around then I noticed about 5-6 folks dressed up as Anons. All in black with the V of vendetta masks and holding laminated signs with a “?”. I thought it curious and immediately wondered if this was related to the hack of Youth Defence’s website the day before. I’ve no idea and it could be completely unrelated. Indeed some other folks I spoke to thought it might be rather stupid thing to do if that was the case.

Theres yer man

Theres yer man

Whatever the case, it was clear that some of the Youth Defence folks where thinking the same thing as when, after about standing for 30 mins the Anon folks left, two male Youth Defence started to follow them. As the YD guys walked passed me I overheard one saying to the other that they should unmask and photograph the Anons folks. At this point I started to follow them.

They got pretty close to the Anons and followed them into a multi story car park stairwell. By this point I’d caught up too and when the Anons stopped on the stairwell, one remonstrated without speaking as if to say whats the problem. They then continued down the stairwell just as one of the Youth Defence guys say me filming behind him. He then called to the other guys to make him aware I was filming. The other guys continued after the Anons down the car park stairwell, so I passed the first guy to see if he was actually gonna confront the folks dressed as Anons. The second guy very quickly came barging back up the stairs, pushing me out of the way as he ran. The two then ran back out of the stairwell back into the street. When I went back out into the street they kinda of assumed I, and another friend who kindly followed me to make sure I was alright, were both with the Anon folks. They seemed very stressed and pissed off. However is seems filming then put them off their intented plan of physically confronting the people dressed as Anons, who disappeared out of sight. The video is below

Two Irish arrested in FBI Lulzsec sweep.

UPDATE 1 19.13pm from RTE website

The FBI says O’Cearrbhail hacked into the personal e-mail account of a garda. With this information he then learned about how to access a conference call that the Garda, the FBI, and other law enforcement agencies.

The FBI then says accessed that call, recorded it and distributed it.

A man was arrested in Dublin in connection with the international operation.

“Working with international colleagues as part of ongoing investigations into computer hacking, a male was arrested this morning,” a spokesman for the gardaí said.

“He is currently detained in Terenure Garda Station”, said the spokesman, adding that the suspect could be held for questioning for 24 hours without charge.

 

https://soundmigration.wordpress.com/wp-admin/post.php?post=936&action=edit

 

 

There was a series of arrests across the US and several in Europe as the FBI rounded up 6 hackers and digital activist as part of a crackdown on the Anonymous offshoot Lulzsec. Several of the arrest are actually rearrests.

Those arrested included a 19 year old from Birr, Offaly Donncha O Cearrgbhail  (Donncha Carroll)  and another 25 year old Darren Martyn. Darren faces  charges of two counts of computer hacking conspiracy, each count with a max of 10 years.

Donncha is charged with “one count of with one count of computer hacking conspiracy, for which he faces 10 years in prison. He is also charged in the complaint with one count of intentionally disclosing an unlawfully intercepted wire communication, for which he faces a maximum sentence of five years in prison” according to the FBI

The charge sheets as presented by the FBI presser – see bottom- actually mentions the Fine Gael website hack of January when according to the party details of 2,000 subscribers were stolen, according to RTE reports. Fine Gael themselves released a statement back them saying the site was “professionally hacked”.  One assumes the use of the word “professionally” was less about having any evidence that people were paid to do it, and more about trotting out excuses given to them by US company ElectionMall that was actually running the site. Wouldn’t want to be seen to be cracked by amateurs eh? Donncha was arrested and released w/o charge last year relating to the FG hack.

So the charges facing both are pretty serious. 10 years in the nick is no laughing matter. But something struck me very quickly reading the charges. Donncha  is being charged with “intentionally disclosing an unlawfully intercepted wire communication”. This relates to this hacked phone conversation between a rather easily amused FBI agent and two English cops at the Met.  But heres the rub. I downloaded that same MP3 file and rendered it through a cracked version of Camstudio with a jpeg, and uploaded to my youtube account.

Its been watched/listened over 21,000 times. If that’s not  “intentionally disclosing an unlawfully intercepted wire communication” I don’t know what is.  So there is couple of options here. Either these charges are kinda meaningless in a age of the fluid and free flowing exchange of digital information, or I’m equally guilty of the charges as mentioned.  What ever it mean, the extradition of this folks to the US needs to be resisted.

Other arrested include Hector Xavier Monsegur  aka Sabu, who is being pinned as one of the core members of Lulzsec. His wrap sheet is also linked at the end of this article, but includes hacks going back as far as Paypal, but also the infamous HBGary hack which exposed a plan by private security firms to orchestrate  political smearing campaign to discredit Wikileaks just after the release of the intercepted US embassy cables.  I’ve written about here.

I have followed the evolving of movements within the Anonymous network since back  late 2010 and about a year ago i wrote a rather longish piece about a more obvious political narrative linking the uprising in Tunisia with and uprising in Wisconsin.

Lulzsec and Antisec seemed very capital P political, but also quite brazen and media conscious. I wrote about an attack on Nato here which at the time seemed a much to be biting off and all about saying “we are here”. In that sense its clear that the game was as important as the action. You dont get to shit on Nato’s door and do so publicly and not expect to provoke a response.

So its safe the assume that the wider western intelligence community has eyes ears and trojans locked within the Anonymous community. The FBI themselves have said that the flipped Saba, and in doing so got exactly the response so far online. One of paranioa, recrimination and lots of variations of “I told you so”. Anyone who is familiar with the risk of undercover policing surveillance know this response.  Its one that state/corporate security agencies try to provoke.

But its worth noting some useful points, most of are made already over at death and taxes so I’ll quote extensively

As reported by Fox News yesterday, LulzSec “mastermind” and Anonymous hacker Sabu (real name: Hector Xavier Monsegur) was flipped by the FBI. Big surprise. Give the FBI a cookie.

There has been a widespread belief that Sabu was a rat for quite some time within the hacking community—an August 2011 chat between Sabu and Virus, for instance. Virus quite prophetically wrote in that infamous chat: “I’m absolutely positive, you already got raided, and are setting your friends up and when they’re done draining you for information and arrests they’ll sentence you and it’ll make nose.”

Beyond that, in a community wherein anyone can have a voice, it stands to reason that subversive government influences are present, whether passively watching or actively suggesting. Disinformation, false flag operations, and immunity: these are the human intelligence gathering techniques that spy agencies use to infiltrate movements.

With that in mind, one of two possibilities exist: The FBI has transformed Anonymous into one monolithic false-flag operation, or agents take down hackers the way they take down other targets—with one or multiple informants. Judging the FBI’s efforts purely on the frequency of Anonymous’ activities throughout the last year, it’s probably safe to say that the FBI hasn’t accomplished the former.

If this conclusion is wildly off-base, and the former is true, then one has to entertain the following possibilities: the Stratfor hack was socially engineered by the FBI; Stratfor allowed it; and the FBI manipulated Anonymous into a partnership with WikiLeaks in the publication of the Global Intelligence Files. Then, of course, one must wonder if WikiLeaks itself is not a false-flag operation. This scenario seems rather unlikely, especially in a world where those who attempt to regulate the Internet are always one step behind.

Where then does this leave Anonymous and its supporters?

Again, judging from Anonymous’ efforts in the last year, which included a hybridization with Occupy Wall Street, the Stratfor hack,  a partnership with WikiLeaks, an infiltration of the FBI and Scotland Yard’s conference call on Anonymous, Operation ANTI-ACTA (which struck the Polish government), and the CIAPC hack (following Elisa’s blockade of The Pirate Bay), amongst other projects; it would seem seem that Anonymous, as a global collective, has grown far beyond LulzSec and Sabu’s influence—that it has indeed shed Sabu’s influence.

Anonymous’ efforts are truly global now and ever-shifting. Unless people believe that stool pigeon Sabu’s opera singing is evidence of some international, multi-state false flag conspiracy to nab radical hackers, Anonymous likely won’t be slowing down anytime soon.

Here’s a suggestion to the FBI: Maybe you should spend a little less time pursuing Anonymous and put more effort into bringing to justice the white-collar criminals who crashed the economy in 2008, thereby pocketing billions and evaporating middle class savings, delaying retirement, and sending families into the grip of poverty; driving individuals to suicide, or illegal and prescription drug use to numb the pain; to theft, alcoholism, and welfare that the GOP hates so much; and saddling college graduates with hundreds of thousands of dollars in debt from which they won’t soon liberate themselves.

Yes, one can see how a DDoS attack launched against Sony Pictures would be a priority. The FBI does work for politicians after all, who are kept in office by the campaign donations of corporations

Here you can find the full details of the FBI charges on their press release

Heres the court sheets for sabu doxed of course

#OpIreland: Defacement of GetBroadband.ie & Sean Sherlock TD doxed

What the defacement looks likeTonight, digital activists working within the Anonymous network have defaced a website “Get Broadband.ie” Describing itself as a” Fantastic Irish Broadband Website featuring the latest deals from Every Irish Broadband provider ” the site has been hacked and  displaying a message “Hacked by Juzzy”.  A few click throughs brings you to a message from Anons. The hack is explained as being “grey hat”, not intentional damage but merely showing the site admins/owners that it is not secure. They did say they will be back.

However the website defacement is linked to the recent decision by Sean Sherlock TD to push ahead with draconian legislation that has been lobbied for by the “entertainment” corporations, but that has been resisted by both internet providers and ordinary users  of the net.  A petition of 80,000 was handed in to Sherlock but as  Minister for Research and Innovation he went ahead and signed into law a statutory instrument to amend copyright legislation In Ireland

Speaking with Siliconrepublic.com, Sherlock said that if the committee decides new legislation is required then the Government will embark on that course of action.

Sherlock said the key opportunity is to make Ireland a leader in the handling of copyright and intellectual property issues and at the same time be sensitive to the economic challenges and opportunities of the digital age. The Government, he said, does not want to issue proscriptive measures, at the same time it wants to allow the internet industry to flourish and help protect the rights of right holders

This basically is another way of saying Ireland, not content with being a tax haven for multinational giants so they can slush money through, is now also being marketed by dipshits like Sherlock as the country that will censor and clamp down on the free sharing of information and knowledge.  Its worth noting that this perhaps is being driven because Ireland is a tax haven. If large corporations register their Middle East, NorthAfrica, European and Asian HQ’s here for tax dodging purposed, they them come under our data legislation. By buying of legal firms to lobby for changes in legisaltion of gombeens like Sherlock, corporations get a double whammy.

It comes as no surprise that Ireland Inc will love to profit from censorship, but its little odd that the connections between how favorable tax legislation that attracts corporations opens the door for those same corporations to try and shape other laws while they are here.

Tonight some people have been sharing information on Sherlock himself

Heres some footage from one of the first anti SOPA demos last month on Feb 4

Update. Thanks to Maive Broslol for pointing out the petition numbers were 80,000 and not 8,000 as originally stated.

Wikileaks teams up with Anonymous & releases The Global Intelligence Files

Today Wikileaks has begun to release emails from Stratfor Intelligence that had been hacked by Anonymous at  Christmas. It an extradinary display of organisation to keep it secret, Anon have teamed up with Wikileaks to make public the communication between Stratfor and its high level coporate clients.  Wikileaks sent this tweet on 30nDec as an public acknowledgement that the files where on its servers

Wikileaks tweets that Stratfor files where recieved

Press release and more info on it her

The original hack by Anon over the christmas period as part of the LulzXmas operation. Its worth saying that nothing is actually stolen in any of these hacks, merely copied. However credit card details of high ranking staff and subscribers to Stratfor where used on a Robin Hood style spree that saw donation made to a variety of progressive charities using the credit card details. In cases like this the banks refund the card holders and charities get to keep the “donations”.

CNN reports that Stratfor as saying

” that thieves compromised its data systems in December and stole a large number of company e-mails, along with private data about its subscribers, employees and readers.

“Having had our property stolen, we will not be victimized twice by submitting to questioning about them,” the company said about the leaked e-mails.

It said the release was “another attempt to silence and intimidate the company, and one we reject.”

“Stratfor will not be silenced and will continue to publish the geopolitical analysis our friends and subscribers have come to rely upon,” the statement said.

Describing the e-mails as private property, Stratfor said they were written casually, with no expectation anyone outside the communication chain would ever see them.

“They should be read as such,” the company said. “Stratfor understands that this hack and the fallout from it, including the disclosures by Wikileaks, have created serious difficulties for our subscribers, friends and employees.”

 

Regardless of what Stratfor say this is a serious embarassment. Many of those operating under the banner of Anonymous can no longer be dismissed as nerdy wannabe, and the political/social justice articulation of many will be defining for those on the edges of this networked movement of digital direct action. These hacks are not only direct actions against covert agency’s but also create a political narrative and view on the world that centers war, capital and power as thee main blockages not simply to more egalitarian sharing of digital information, but indeed a more egalitarian society.

Whats interesting is the lack of UK papers involved as media partners following the very public spat between The Guardian and Assange who is awaiting out come of a extradition proceeding to Sweden where he faces serious charges of sexual assault. That there is no Irish media partners is perhaps no surprise to many, yet still poses the question.

From an activist perspective there initially seems to be much to be interested in, from the surveillance of the Yes Men and Bhophal activists to PDFs on terminology of corporate surveillance

You can browse the releases to “reveal the inner workings of a company that fronts as an intelligence publisher, but provides confidential intelligence services to large corporations, such as Bhopal’s Dow Chemical Co., Lockheed Martin, Northrop Grumman, Raytheon and government agencies, including the US Department of Homeland Security, the US Marines and the US Defence Intelligence Agency. The emails show Stratfor’s web of informers, pay-off structure, payment laundering techniques and psychological methods”

You can follow the crowdsourcing research on twitter at #gifiles

Stratfor themselves have dismissed the leaks as meaningless

Largest Anonymous attack ever currently underway

As i type this there is a flurry of  co-ordinated decentralised direct actions by  Anonymous on a variety of high profile US websites including the  US Department of Justice,  Recording Industry of America , Motion Picture Association of America and Universal Music.

In the last few minute the FBI website has intermittenly been taken off line and is working at a minimal rate. These direct actions come in response to the US shutting down Megaupload , a website that many folks where using for cloud computing long before the term got written up in business and economic pages. Its a massive file sharing site with a reported 50 million daily users.  Ive posted one of the first video responses from an Anon below outlining – with the compulsory rhetorical music, his reasons

The wider context is of course yesterdays online blackout,   which itself was the largest coordinated online political protest against proposed US legislation which seeks to dismantle the architecture of the internet so that one of its most integral features – the ability to share with relative each and the culture of reciprocity – can be stamped out.

The Electronic Freedom Foundation cover the main thrust of the legislation proposal on their site. Bookmark them for sure.  But yesterday 18th Jan saw a massive show of resistance to these proposal led by the open  source community, and networks like wikipedia

They report

January 19, 2012 | By Trevor Tim

Yesterday, in the largest online protest in Internet history, more than 115,000 websites altered millions of web pages to stand in opposition to SOPA and PIPA, the Internet blacklist bills. Some sites — Wikipedia, Reddit, Boing Boing, Craigslist and others — completely shut down for the day, replacing their sites with material to educate the public about the bill’s dangers. Others, like Google and Mozilla, sent users to a petition or action center to express their concerns to Congress.

While the final results are still being tabulated, EFF alone helped users send over 1,000,000 emails to Congress, and countless more came from other organizations. Web traffic briefly brought down the Senate website. 162 million people visited Wikipedia and eight million looked up their representatives’ phone numbers. Google received over 7 million signatures on their petition. Talking Points Memo has a great round up of more of the staggering numbers. The sum of the protest, as the New York Times declared, sent “an unmistakable message to lawmakers grappling with new media issues: Don’t mess with the Internet.”

And members of Congress were quick to react.

Republican Marco Rubio started the day by announcing his opposition, despite formerly being a co-sponsor. South Carolina Republican and tea party favorite Jim DeMint soon followed, as long did longtime Senator Orrin Hatch. Even ranking Republican on the Judiciary Committee, Senator Chuck Grassley of Iowa “withdrew his support for a bill he helped write.” Senator Rand Paul went further, saying he was committed to filibustering the bill and he will “do everything in [his] power to stop government censorship of the Internet.”

Democratic Senators also voiced their opposition to PIPA. Oregon Senator Jeff Merkley thanked constituents for sending him so many emails and said he would vote against the bill. Connecticut Senator Richard Blumenthal also announced he would not support PIPA as written. The popular Senate candidate from Massachusetts, Elizabeth Warren, also said she opposed PIPA and SOPA, stating they “risk chilling the innovation, diversity & free exchange of ideas that define the Internet.” (Her opponent, Scott Brown, also opposed PIPA the day before.)

All told, the Senate gained19 NO votes yesterday, including seven who were previously co-sponsors of the bill, according to Ars Technica. The House followed the same pattern. A few members even blacked out their own websites in solidarity with the protests.  After 24 hours of online darkness, the House now has at least 87 opponents of SOPA, and only 27 on-the-record supporters.

January 18th was a truly historic day for Internet activism.

However the celebrations where short lived in what can could be described as a retalitory act against this massive popular expression of discontents. In a joint statement, the Justice Department and FBI called the action against Megaupload “among the largest criminal copyright cases ever brought by the United States.”

You can Read the indictment against MegaUpload

They plan to charge the owners of Mega upload of causing €500million worth of losses.
In an even broader sweep it seems that there is a longer term battle of enclosure at the back of all this.

Barret Brown chats a bit on this

If you want to get all war games on it this is how the net look right now in part of the US

Lousie Mensch and a curious email from Anonymous?

 Last night Conservative MP Lousie Mensch claims that she was sent an email from Anonymous or Lulzsec threatening her kids.  Mrs Mensch, a high-profile backbencher and member of the Culture, Media and Sport Select Committee, disclosed the alleged threats to her more than 37,000 Twitter followers on Sunday night. Over a series of tweets the former music PR industry insider said

Had some morons from Anonymous /Lulzsec threaten my children via email. As I'm in the States, be good to have somebody from the UK police advise me where I should forward the email. To those who sent it; get stuffed, losers.

Oh and I'm posting it on Twitter because they threatened me telling me to get off Twitter. Hi kids! ::waves::

I've contacted the police via the House of Commons and the email is with them now. I don't bully easily, kids. Or in fact at all.

Having a bit of a history of smearing and bullshit, one can understand calls for Mensch, a prominent and regular twitter user, to post a screen grab of the email. Several twitter accounts that are associated with Anonymous have already dismissed the claims.

The network and consciously cloaked nature of Anonymous make it pretty easy for people to claim to be associated with it.

 

Just to be clear, I dont condone or support threatening kids (or adults) with violence.  And neither, as far as i can tell, have any threats ever been carried out under a sanctioned Anonymous call sign.

So this is odd for a few reasons which i’ll just mention briefly

Anonymous are not a media shy network. The entire modus operandi is the encouragment of involvement alongside very public acknowledgment of successful hack etc.  Given that this MP was the first in the UK to call for the police forces to be given the power to shut down communication tools such as twitter, facebook and blackberry messaging, and is likely to be fronting such calls in the future, its pretty clear that she has the attention of digital activists and anti censorship groups around the globe.

It therefore is entirely plausible that someone sent hate emails and trying to give the appearance of being in an Anonymous or Lulzsec action

Whats implausible is that a network of people who revel in making pretty public statements, and using De Bord style spectatcles – as well as very hands on work against state and police brutality from North Africa, North and South America and Europe would for some reason resort to sending a threatening email. It doesnt stack up really.

 

What i would expect to see, if Mrs Mensch and others continue to push to give polices forces the power to stop people communicating freely with each other is some of those ‘spectaculars’. If Anonymous and AntiSec have been able to find routes around FBI, multi agency web servers and government security subcontractors such as drone airplane builders over the last few months, as well as big corporations such as PayPal, Sony, its unlikely that the private emails of MP’s will be safe either.

 

And heres the rub. As someone with a bit of an interest in how British securocrat culture operates, Id always be wary of the smoke and mirrors of British intelligence. Having run murder squads in the north of Ireland for decades, and with the uncovering of at least 6 long term police secret agents in the anti captalist/anarchist movement in the last 12 months, its clear that the political policing operates under its own rules. The deaths of over 300 people in UK police custody snce 1989 and no charges brough against anyone suggest that the same rule work for ‘ordinary’ policing. And whilst revisionists will try to remove the context, it was the shooting dead of a young black man in London that was the spark the set off a wave of riots and civil unrest across many cities in England earlier this month.

So what has this got to do with Louise Mensch and Anonymous??

Its also pretty clear that both the UK police and MP fear what social media tools can offer as mediaisation and organising tools. There is an awareness that this is a new front that is both unregulated and legally ill defined.  Even now when there is little consensus on the realities versus the hype of social media tools role in encouraging and supporting social activism and movements for change, there is little doubt that when used consciously and critically they are useful tools. And underlying anarchist tendencies associated with a lot of the the discourse of anti copyright, anti enclosure and digital commons, demands for complete transparency from those who seek to (and do) exercise power over our lives has a lot of resonance with politicos and no politicos alike.

So if you want to shut those tools down, your gonna need a bad guy, because for better or worse, lots of people see these things as positives even if they are unsure why. A narrative needs to be created to justify communication censorship, and what better way to try to do that than target a group known for hacking. The high profile arrests and cases brought against of alleged members of Anonymous bring into sharp relief that resources are been thrown at people organising and facilitating DDoS and more high level security breeches.

But passing power to instutionally corrupt cops isnt an abstract technical future event, or something associated with dictators cling to power. Only last week cops in the US “pulled a Mubarak”  and cut off mobile services on the Bay Area Rapid Transport (BART) system, effectively rendering useless peoples mobile phones. Why did they do this. What crime where they tackling. Well none actually, this was a pre emptive strike against a protest called in response to several murders of passengers of the BART by BART police officers. The most infamous of these was the shooting dead of Oscar Grant as he lay face down, arms restrained behind his back.  It was new communication tools, the ability to record video on mobile phones, that caught a police officers draw his pistol while standing over Oscar and shoot him repeatedly in the back

Social justice activists and Anonymous where quick to react to the police actions of shutting down mobile phone networks, amid a growing concern that the BART police are a low unto themselves.

So we’ll she how this pans out, but id expect more denials from Anonymous media posts, little clarification from the police,and more shrill noises from those with a right wing agenda with a desire to criminalise the ability of people to communicate.

If it comes down to a choice between believing and supporting Conservative MP’s and a Police force thats rotten to its core, or believing and supporting people acting to hold power to account, and shine lights on hypocrisy its a pretty easy call.

They Shot the Sheriff. Anonymous leak 10Gb of Police Data

They shot the sheriff, and they claim it was in self defence……..

In what Anonymous and AntiSec have dubbed Shooting Sheriff Saturday (#SSS in twitterland), digital activists and hackers have just dumped 10Gb of information they say has been hacked from over 70 US law enforcement institutions.

Usually such leaks are released as P2P sharing torrents, and its seems this info dump will be the same. Those releasing the info set up a pre release page at featuring a link to Bob Marleys I shot the sherriff on you tube and flagging up what was to come.It seems the plan is to make the leaked emails and correspondence, which is said to contain evidence of police corruption,  a searchable database accessible to all.

From http://pastebin.com/iKsuRkUj

We hope that not only will dropping this info demonstrate the inherently corrupt nature of law enforcement using their own words, as well as result in possibly humiliation, firings, and possible charges against several officers, but that it will also disrupt and sabotage their ability to communicate and terrorize communities.

We are doing this in solidarity with Topiary and the Anonymous PayPal LOIC defendants as well as all other political prisoners who are facing the gun of the crooked court system. We stand in support of all those who struggle against the injustices of the state and capitalism using whatever tactics are most effective, even if that means breaking their laws in order to expose their corruption. You may bust a few of us, but we greatly outnumber you, and you cannever stop us from continuing to destroy your systems and leak your data.

So whilst this hack and leak is in direct response to the arrest and charging of many hackers over the last fortnight, most famously that of the arrest and charging of Jake Davis, (alleged to be Topairy) an 18-year-old from the Shetland Islands, who was released on bail on Monday after being charged with five offences relating to computer attacks and break-ins by the LulzSec and Anonymous hacking groups earlier this year, its clear that the agenda is not simply about defense of fellow hackers, or what could be called comprades – see what i did there.   US Law enforcement agencies are downplaying the leak, but we remember how HBGary also downplayed the leaks that led to demise of the company hire/d by Bank ofAmerica, via the federal government, to find ways to bring down Wikileaks , following Assanges semi veiled threat to dump the info- still unreleased- Wikileaks has on BoA. In fact all those emails are still searchable at http://search.hbgary.anonleaks.ch/

HBGary getting the piss taken out of them

HBGary getting the piss taken out of them - pic courtesy of Jaded security

We lol’d as we watched the news reports come in, quoting various Sheriffs who denied that they were ever hacked, that any personal information was stolen, that they did not store snitch info on their servers. Many lulz have been had as we taunted the sheriffs by responding to their denials by tweeting teasers exposing their SSNs, passwords, addresses, and private emails. We also took the liberty to backdoor their online store and capture a few credit card numbers, which were used to make involuntary donations to the ACLU, the EFF, the Bradley Manning Support Network, and more. Despite active FBI investigations and their additional security measures, they could not stop us from owning their servers, stealing their identities, and dropping all their data. Two weeks later only a few of the sites are up with limited functionality as we scared them into removing any dynamic PHP scripts, forcing them to use static HTML content.

I wrote a few months back about how i could see parallel between the original pirates of the Atlantic maratine state https://soundmigration.wordpress.com/2011/03/11/anonymous-bmi-and-the-beginnings-of-pirates/ and stealing credit details and donating money to progressive groups like EFF – “the leading civil liberties group defending your rights in the digital world” certainly inject more than a bit of humour into these hacks.

These leaks, much of which can be found at https://vv7pabmmyr2vnflf.tor2web.org/ contains info ranging from  low level informants ratting on “illegal” migrants to concerned citizens busting their neighbours for having a party and selling booze. There is also information people reporting others they suspect of being involve in criminal activity such as

Joe that works at aromatique is on meth so bad right now it's
ridiculous. Jaclyn Williams smokes more dope than she helps y'all
bust. Cc Wilson gives sexual favors for money and sells dope.

as well as email ‘spools’ from various’ law enforcement’ organisations. I havent had a chance to browse through much of this so I can really comment further on the content or any of its implications though.

[*] ORIGINAL DEFACEMENT: http://zone-h.org/mirror/id/14515221)
[*] BROWSE THE LEAK: http://vv7pabmmyr2vnflf.onion/ (ON TOR)
http://vv7pabmmyr2vnflf.tor2web.com/ (NOT TOR)

[*] DONATE BITCOINS: 18NHixaoQekQJ3y52aBGJJwgBWX9X3myYR

The booty contains:

[*] Over 300 mail accounts from 56 law enforcement domains
[*] Missouri Sheriff account dump (mosheriffs.com)
7000+ usernames, passwords, home addresses, phones and SSNs
[*] Online Police Training Academy files
PDFs, videos, HTML files
[*] “Report a Crime” snitch list compilation (60+ entries)
[*] Plesk plaintext server passwords (ftp/ssh, email, cpanel, protected

Anonymous on NATO’s Radar as Iranian emails hacked

NATO plans to persecute the increasingly political activists within Anon

UPDATE : Anonymous have just released a dump of 10,000 emails from the Iranian goverment. Its hacked into Iranian government servers and procured over 10,000 email messages from the Ministry of Foreign Affairs. The files were taken after the hacker accessed the Iranian Passport and Visa Office email center, media reports said. The bulk of the files are visa applications for an “oil meeting…. many from China,” according to a source, who added “it was a big raid,” and that the Iranian government has been in the process of trying to cover up the incident for the past few days.

“I have been told that they have had the site opened and closed on and off for days now,” he said. “They have been behaving erratically.”

The files consist mostly of the Iranian government alerting individuals of their visa application status. According to a member of Anonymous, the files were aimed more to damage the image of Iran in “both cyber space and the real world.

You can download the torrent here. **** I havent verified these yet, so i would proceed with caution if you are going to download them. The password: opiranopiran

#OpNewblood Guide for IRC Chat Setup & Anonymous Interneting http://bit.ly/eskMLJ #anonymous #anonymiss

Anonymous  today calls NATO out for its recent report which named the umbrella groupin as a threat to state security. The meme of a decentralised autonomous online collectives, democratically deciding targets and respnding both to infringment of the free flow of  information and ideas has made its mark by attracting the specific attention of a report publish earlier this week. Written by General Rapporteur Lord Jopling and presented as a draft report to the NATO Parliamentary Assembly (in full at the end of this post) it joins the dots between anti censorship of Anonymous and the whistle-blowing publishers Wikileaks.

Described earlier this week by as a “vigilante hackers group” in reports about plans for a distributed denial of service (DDoS) attack on the IMF website in solidarity with the people of Greece show a determined effort to address real world concerns.  IMF spokesman Bill Murray. said “We are aware of the threat, and have taken appropriate action.”

Several other public announcement videos, the prefer public face of planned actions and annoucemnets were posted during the week.This is the annoucement posted on Tuesday calling for a DDoS on the IMF site

This video was release in the last hour with reference to the NATO report which itself contained the threat to persecute Anonymous. “It remains to be seen how much time Anonymous has for pursuing such paths. The longer these attacks persist the more likely countermeasures will be developed, implemented, the groups will be infiltrated and perpetrators persecuted.” The video is one a reply

This comes on top of another successful hacking of Sony Entertainments customer database to show up its weak security.  However, it is completely unclear who was actually behind this particular hack. Previous ing the last few week Sony PSN network was taken down, which Sony blamed on Anonymous. Anonymous quickly released and annoucement denying that attack and there seems to be a sense that the calling card left was either an attempt to cover up a fuck up by Sony, or was a deliberate attempt to smear them.  This recent hack was widely reported around the world, including on RTE’s news earlier to have be carriedout by Lulz Security, – without any news agency hinting that they got the joke. I guess the lulz really was on them too. However. Its pretty clear that Anonymous have the technical capacity and audacity to publicly humiliate giant corporation and shadowing quasi private sector security companies alike after handing back HB Gary their ass on a plate for attempts to try and “out” members of the group. The subsequent hacking of HB Gary exposed a much wider plan relating to the US Gov pland to smear and smash Wikileaks following that organisation threat to publicly release all the material that it has on Bank Of America. I’ve written about here.

For a really fun and insightful look at the Anonymous check this out

http://cdn2.themis-media.com/media/global/movies/player/flowplayer.commercial-3.2.5.swf

The Full Nato report is below. Ive highlighted some bits i thought generally interesting

http://www.nato-pa.int/default.asp?SHORTCUT=2443

074 CDS 11 E – INFORMATION AND NATIONAL SECURITY
Draft General Report by Lord JOPLING (United Kingdom), General Rapporteur

Until this document has been approved by the Committee on the Civil Dimension of Security, it represents only the views of the Rapporteur

I.  INTRODUCTION

II.  THE INFORMATION AGE AND THE NOTION OF SECRECY IN INTERNATIONAL RELATIONS

     A.  THE “CABLEGATE”

     B.  REACTION TO THE LEAKS

     C.  TRANSPARENCY VS. SECRECY

III.  DIGITAL (H)ACTIVISM

     A.  THE PHENOMENON OF HACTIVISM

     B.  THE ROLE OF THE SOCIAL MEDIA 

IV.  CYBER ATTACKS AND CYBER DEFENCE

     A.  TYPES OF CYBER ATTACKS 

     B.  NATO AND CYBER DEFENCE

V.  INFORMATION AND CYBER SECURITY: OPTIONS FOR THE INTERNATIONAL COMMUNITY AND NATO

____________________________________________________________________________________

I.    INTRODUCTION 

1.             The ongoing information revolution poses a series of political, cultural, economic as well as national security challenges. Changing communications, computing and information storage patterns are challenging notions such as privacy, identity, national borders and societal structures. The profound changes inherent in this revolution are also changing the way we look at security, often in unanticipated ways, and demanding innovative responses. It is said that because of this revolution, the time it takes to cross the Atlantic has shrunk to 30 milliseconds, compared with 30 minutes for ICBMs and several months going by boat.[1] Meanwhile, a whole new family of actors are emerging on the international stage, such as virtual “hactivist” groups. These could potentially lead to a new class of international conflicts between these groups and nation states, or even to conflicts between exclusively virtual entities.

2.             One of the most fundamental characteristics of the Information Age is its ability to connect. In this regard, the main tool is the Internet and the fact that its storage capacity is currently doubling every 12 months.[2] Interconnectivity is now central to government offices, critical infrastructures, telecommunications, finance, transportation, and emergency services. Even where communication and data exchanges are not routed through the Internet, they still, in many cases, use the same fibre optic cables.[3]

3.             Despite its inherent advantages, this dependence on information technology has also made state and society much more vulnerable to attacks such as computer intrusions, scrambling software programs, undetected insiders within computer firewalls, or cyber terrorists. The Internet is inherently insecure as it was designed as a benign enterprise of information exchange, a decentralized patchwork of systems that ensures relative anonymity. It is ill-equipped to trace perpetrators or to prevent them from abusing the intrinsic openness of the cyber domain. In this context, the key national security dilemma of the Information Age is how to create an effective and transparent government, which, at the same time, is also able to protect its citizens and vital national interests. Furthermore, in this Information Age, the North Atlantic Alliance faces a dilemma of how to maintain cohesion in the environment where sharing information with Allies increases information security risks, but where withholding it undermines the relevance and capabilities of the Alliance.

4.             It is a critical time for the NATO Parliamentary Assembly (NATO PA) to discuss cyber security, as the Alliance is working on a comprehensive cyber strategy to be announced in June 2011. The Rapporteur hopes that some of the questions discussed in this report will be addressed by this forthcoming NATO document.

5.             This report will focus on three facets of the linkage between Information Age and national security. First, it will discuss the changing notion of secrecy in international relations. This issue was brought to prominence by the so-called “Cablegate” scandal. While the publication of classified diplomatic correspondence was not a result of a cyber attack, it is nevertheless directly linked to the information revolution: remarkable advances in data storage technology allowed one person to easily download colossal volumes of data that has taken the print media months, and possibly years, to digest and to publish.

6.             Second, the explosion of Internet usage is creating the phenomenon we refer to as “digital (h)activism”. Social media and other Internet-based communities are creating new, ad hoc and cross-border allegiances that can manifest themselves in a variety of positive (reinforcing civil societies in authoritarian countries) and negative (empowering hacker groups that attack those who do not share their political worldview) ways.

7.             Third, the report will discuss the challenge of direct cyber threats against states and, in particular, NATO’s role in cyber defence as one of the principal topics for the Euro-Atlantic community, particularly in the wake of the Lisbon Summit.

8.             The report will not address the specific issue of cyber crime. While cyber theft and child pornography are issues of grave concern for the international community,[4] they do not have direct national security implications and are addressed by a number of other international organizations, including the UN, EU, OSCE, OECD and G8. The Council of Europe Convention on Cybercrime – which requires its parties to criminalise a number of activities in cyber space relating to infringements of copyright, computer-related fraud and child pornography – is a particularly noteworthy initiative that has yet to be ratified by several NATO member states.[5]

9.             This report also represents the continuing effort by the Committee on the Civil Dimension of Security to discuss the issue of critical infrastructure protection within the Alliance. Cyber technologies are not only key enablers for systems such as energy generation or transport, but can themselves be considered as critical national infrastructure.

10.         The report also builds upon the contribution by other NATO PA Committees, particularly the 2009 Sub-Committee on Future Security and Defence Capabilities report “NATO and Cyber Defence” [173 DSCFC 09 E bis] by Sverre Myrli (Norway) and the 2007 Science and Technology Committee report “Transforming the Future of Warfare: Network-Enabled Capabilities and Unmanned Systems” [175 STC 07 E bis] by Sen. Pierre Claude Nolin (Canada).

II.  THE INFORMATION AGE AND THE NOTION OF SECRECY IN INTERNATIONAL RELATIONS

11.         This chapter will discuss the challenges of protecting classified information in the age of Internet. It will also outline the political and security implications of the “Cablegate” scandal that highlighted the inter-agency and international co-operation versus sensitive information security dilemma.

     A.  THE “CABLEGATE” 

12.         According to the September 11th attacks investigation, the US government failed to ensure adequate information sharing, which could have prevented the attacks (FBI failed to share details connected to an al-Qaeda operative, who later proved to be key in uncovering the plot). As a result, representatives of the political elite, the military, and the financial world all pressed for wider sharing of classified information in order to increase operational efficiency in protection of the country. Therefore, the US government adopted a policy of information-sharing, which it applied to numerous US governmental institutions and agencies including the Department of Defense (DoD) and the State Department (DoS).

13.         This policy resulted in an exponential number of people obtaining access to classified information. Approximately 854,000 people now possess top-secret security clearances.[6] For almost 10 years now, embassy cables have been distributed through the SIPRNet (Secret Internet Protocol Router Network operated by the DoD), which has made them accessible to DoS employees all around the world, to all members of the US military and contractors with necessary security clearance. Eventually, several millions of people ended up having access to materials such as US diplomatic cables.[7] According to information-security experts familiar with the SIPRNet, the data-sharing system was not programmed to detect unauthorized downloading by anyone who had access to this pool of data. Thus, those in charge of the network design relied on those who had access to this sensitive data to protect it from abuse. These users were never scrutinized by any state agency responsible for the data-sharing system.[8]

14.         The US government’s post-9/11 policy on information-sharing received the most serious blow when the “anti-secrecy” organization WikiLeaks started publishing documents of different levels of confidentiality. Its first major release (April 2010) was a video of a US helicopter shooting into a crowd in Bagdad in 2007 which killed 18 people, including two Reuters journalists. Shortly after, the release of 77,000 documents allegedly revealing the realities of the Afghan war were made public, as well as almost 400,000 secret Pentagon documents on the Iraq war.[9] In November 2010, WikiLeaks published about 250,000 confidential US diplomatic cables, which provided US diplomats’ candid assessments of terrorist threats and the behaviour of world leaders.[10] Currently, the US authorities suspect that the material was leaked by Private Bradley Manning stationed in the Persian Gulf, who had downloaded the information from a computer in Kuwait. He then passed these files on to the “whistleblower” organization, which made them public.

     B.  REACTION TO THE LEAKS 

15.         WikiLeaks has spurred public debate with each of its releases. Nevertheless, the November 2010 release of US diplomatic cables got the most aggressive reactions from politicians world-wide. In anticipation of the leaks, Secretary of State Hillary Clinton and her diplomats warned foreign officials about the upcoming leak days before the November 2010 release happened. Following the release, the White House[11] as well as the DoS were quick to denounce the leak and, as Secretary of State Clinton put it, characterised the cable disclosure as an “attack on both the United States and the entire international community”.[12] At a meeting with Secretary of State Clinton the day after the release, the Turkish Minister of Foreign Affairs (the largest number of cables came from the US Embassy in Turkey ) thanked Secretary Clinton for briefing him in advance about the leaks. The Iranian President, Mahmoud Ahmadinejad, hinted that a part of the US government might have been responsible for releasing this sensitive material to satisfy its political objectives. The Iraqi Minister of Foreign Affairs expressed concern about the possibly destabilizing effect of the leaks on the already fragile political situation in Iraq. Both Afghan and Chinese political elites emphasized that the leaks will not damage their countries’ relations with the United States.[13]

16.         NATO condemned the leak and described it as “irresponsible and dangerous”.[14] In fact, the word “dangerous” dominated leaders’ press releases following the leaks in November 2010. They feared that publicizing identities of those co-operating with the US and NATO in unstable regions might compromise their cover and jeopardize their lives. Also, ongoing military operations and co operation between countries might be put at risk.[15] It is yet to be seen what the actual effect of the November 2010 cables leaks will be. It is hoped, however, that the released cables will not pose any more danger than the Afghan logs, which, according to Defense Secretary Gates, “had not revealed any sensitive intelligence sources and methods”.[16]

17.         On the day of the release, the White House ordered government agencies to review security procedures and ensure that only the necessary users had access to their documents.[17] Soon after, the President’s Office also appointed an Interagency Policy Committee for WikiLeaks, which was to assess the damage caused by the leaks, co-ordinate agencies’ reactions, and improve the security of classified documents.[18] The US DoD conducted an internal 60-day review of security procedures. It also disabled the usage of different storage media and the capability to write or burn removable media on DoD classified computers.[19] The Defense Information Systems Agency has also launched a new Host-Based Security System, which is meant to monitor software and policy rules in order to spot suspicious behaviour and alert responsible authorities. For example, the software should set off an alarm if large quantities of data are being downloaded. Today, approximately 60% of SIPRNet is protected by the software. In order for it to be bullet-proof, however, it will probably require additional compartmentalization of information.[20] A similar tracking mechanism is being adopted by US intelligence agencies (referred to as “enhanced automated, on-line audit capability”).[21]

18.         The DoS has limited the number of people with access to the Net Centric Diplomacy database, which contains diplomatic reports[22], suspended the access to SIPRNet and to two classified sites ClassNet and SharePoint, as well as prohibited the use of any removable data storage devices.[23] Following the leaks, the US Air Force has blocked its employees’ access to at least 20 websites containing the leaked documents such as “The New York Times” and “The Guardian”. The Pentagon prohibited its employees to access the WikiLeaks website on government computers “because the information there is still considered classified”.[24] Eventually, the administration banned hundreds of thousands of federal employees of the Department of Education, Commerce Department, and other government agencies from accessing the site. The Library of Congress, one of the world’s biggest libraries, also issued a statement saying that it would block WikiLeaks.[25]

19.         As far as the WikiLeaks website was concerned, following the leak it suffered repeated distributed denial of service attacks, which prompted it to move its server. Also companies such as Visa, Mastercard or Paypal suspended all their services to the organization, which heavily relies on online donations from its supporters worldwide.[26]

     C.  TRANSPARENCY VS. SECRECY 

20.         The relationship between transparency and secrecy remains a key dilemma in the Information Age and has dominated world-wide media, especially since the outbreak of the WikiLeaks phenomenon. On the one hand, there are pro-transparency advocates who argue that the existence of WikiLeaks certifies that transparency of governments and other organizations are publicly desired. According to them, it is precisely the current Internet age that is conducive to institutional reform, increases public trust in government conduct, and enhances co-operation.[27] And, as transparency proponents argue, we should not react to this development by limiting the spread of technologies and information, but instead by focusing on adapting the conduct of diplomacy, military affairs and intelligence to the new paradigm.[28]

21.         That said, the Rapporteur believes that even if one is in favour of transparency, military and intelligence operations simply cannot be planned and consulted with the public. Transparency cannot exist without control. The government, and especially its security agencies, must have the right to limit access to information in order to govern and to protect. This is based on the premise that states and corporations have the right to privacy as much as individuals do and that secrecy is required for efficient management of the state institutions and organizations. In addition, transparency can be misused on several levels – by providing unprofessional or poor-quality interpretation of information or documents, by conducting superficial or biased analysis, by lack of experience on the topic or by pursuing a political agenda. Thus, not everything carried out under the “transparency label” is necessarily good for the government and its people. Moreover, the very ideal of transparency can also force public figures to become more secretive. The Information Age and its transparent nature may, for example, prevent diplomats from conducting “business as usual” such as making off-the-record statements or engaging in frank discussions with their colleagues.[29] It also increases pressure on decision makers, who have to identify, assess, and react to information, which is immediately and widely accessible to other governments, organizations, as well as the public.[30] This is an unnecessary and possibly dangerous pressure, especially when it comes to the issues of security.

III.  DIGITAL (H)ACTIVISM 

22.         This chapter will discuss the phenomenon of emerging borderless communities and networks, most of which are welcome, but some of which are highly dangerous. Virtual communities operating on-line provide new opportunities for civil society, but they have also increased the potential for asymmetrical attacks.

     A.  THE PHENOMENON OF HACTIVISM 

23.         Apart from causing harm, destruction or conducting espionage, most recent cyber attacks have also been used as a means to reach a rather different goal. “Hactivism” is a relatively recent form of social protest or expression of ideology by using hacking techniques. Hactivists use different malware (or “malicious software”) and Distributed Denial of Service (DDoS) attacks to publicize their cause rather than for crime. Such attacks first occurred in 1989 but have gained more prominence over the last decade. In the past hactivists have attacked NASA, the Indonesian and Israeli governments, Republican websites, as well as the University of East Anglia.[31]

24.         One of the most prominent group of on-line hackers – Anonymous – led a campaign against Iran, Australia and the Church of Scientology.[32] Their most prominent campaign, however, took off in 2010 after WikiLeaks had released the US diplomatic cables. In its on-line seven-point manifesto, Anonymous announced its engagement in “the first infowar ever fought” and named PayPal as its enemy.[33] What followed were DDoS attacks against Mastercard, Visa, PayPal, and other companies that had decided to stop providing services for WikiLeaks (they used to administer online donations for the site), against the Swiss bank PostFinance, that had earlier closed Julian Assange’s bank account, and against the Swedish Prosecution Service.[34] The group also attacked Amazon.com, which was previously renting server space to WikiLeaks.[35]

25.         Observers note that Anonymous is becoming more and more sophisticated and could potentially hack into sensitive government, military, and corporate files. According to reports in February 2011, Anonymous demonstrated its ability to do just that. After WikiLeaks announced its plan of releasing information about a major bank, the US Chamber of Commerce and Bank of America reportedly hired the data intelligence company HBGary Federal to protect their servers and attack any adversaries of these institutions. In response, Anonymous hacked servers of HBGary Federal’s sister company and hijacked the CEO’s Twitter account. Today, the ad hoc international group of hackers and activists is said to have thousands of operatives and has no set rules or membership.[36] It remains to be seen how much time Anonymous has for pursuing such paths. The longer these attacks persist the more likely countermeasures will be developed, implemented, the groups will be infiltrated and perpetrators persecuted.[37]

     B.  THE ROLE OF THE SOCIAL MEDIA 

26.         The discourse on the Information Age and new social media gained a new momentum in the beginning of 2011, as numerous countries in North Africa and the Middle East began experiencing popular anti-government uprisings. It was the Internet, in combination with other new and old media such as cell phones and television, that has enabled global resistance to authoritarian rule in the region. The sight of protesters holding up signs “Thank you, Facebook!” has become common in Egypt and Tunisia.[38] Journalists, experts and politicians are increasingly using terms such as “Facebook Revolution”, “Twitter Diplomacy”, or “Cyber-Activism”.[39] Today, Facebook is a community that unites more people than in any country in the world, save for China and India, and if the growth trends keep going as they are, the social network site will soon have more users than India has inhabitants. [40]

27.         Social media, and most prominently Facebook, have helped activists in many of these countries to organize anti-government protests, evade surveillance, discuss issues that have been taboo for decades such as torture, police violence or media censorship, and provided a platform for trading practical tips on how to stand up to rubber bullets and organize barricades.[41] Recognizing that new social media have had an important share on the success of public resistance, two days after demonstrations started in Egypt, Facebook, telephones, and Internet all over the country were switched off. A few days later, when the Internet connection was restored and Facebook users regained access to their accounts, they found that the regime attempted to use this tool for disseminating pro-Mubarak propaganda. Most recently, Facebook pages, groups and blogs attempting to mobilize protesters have appeared in Algeria, Bahrain, Morocco and Syria. As a show of support for the protestors, the online group Anonymous attacked websites of the Tunisian and Egyptian government, Mubarak’s National Democratic Party and the Tunisian stock exchange, making them unavailable for certain periods of time.[42]

28.         Proponents of social media argue, that “merely knowing about social dynamics changes social dynamics”. The authority of one’s peers has been proven to have substantial influence on the decisions made and thanks to these new social media peer influence has evolved into multiple, nation-wide protests. However, others argue that the influence of new social media in respect to the 2011 revolutions has been overrated. Critics say that social media can only provide fast co ordination of masses but do not deliver the narrative or resolve that are essential for starting and sustaining any popular movement.[43] As an example, in Egypt the protests started growing significantly after the government had shut down the Internet. The social media also do not prevent popular protests from being contained by governments and security services. In other words, they do not determine the outcome.

29.         In the wake of popular uprisings in North Africa and the Middle East, social media representatives have provided very different reactions to the events. Facebook’s representatives declined to discuss Facebook’s role in the uprisings and provided only a short statement: “We’ve witnessed brave people of all ages coming together to effect a profound change in their country. Certainly, technology was a vital tool in their efforts but we believe their bravery and determination mattered most.Twitter and YouTube (owned by Google), embraced their roles in the protests more openly. As opposed to Facebook, they took a proactive approach after the Internet was shut down in Egypt by assisting protesters in setting up a new service, “speak2tweet”, that would allow people to communicate and organize.[44] WikiLeaks founder, Julian Assange, was even more eager to attribute the success of these recent resistance movements to his site. According to him, it was the US diplomatic cables leaked by WikiLeaks that revealed the extent of corruption among the Tunisian elite and consequently empowered the army to turn against its leaders.[45]

IV.  CYBER ATTACKS AND CYBER DEFENCE   

30.         As mentioned above, the Information Age has brought about an environment that has made the state and society more vulnerable to digital attacks. They are vulnerable because we no longer keep our files and data in a shelf, but in a virtual world accessible from any one of the world’s corners. As in the case of WikiLeaks, these files can be physically removed from a computer, handed over to adversaries, or simply made public. Apart from that, however, one of the greatest strengths as well as weaknesses of the Information Age is that files can also be accessed and on-line services disrupted from afar by various “cyber attacks”. The term “cyber attack” represents a myriad of activities ranging from stealing passwords, to accessing accounts, disrupting critical infrastructure of a country or spying on an enemy.[46] As cyber experts testified to the members of two NATO PA Sub-Committees during the recent visit to The Hague on 18-20 April 2011, there is still no agreement within the international community as to which of these cyber activities constitute a crime. NATO C3 Agency’s Principal Scientist Brian Christiansen suggested that the existing legislative “black holes” should be addressed in a multinational manner due to the transnational nature of the threat.

31.         Due to its decentralized nature, the Internet per se is in fact extremely robust and resilient as it was designed to withstand nuclear war. However, separate parts of this network of networks are vulnerable to cyber threats. The most disquieting feature of the cyber domain is that the attacker has the advantage over the defender. Perpetrators need only one weak point to get inside the network, while defenders have to secure all vulnerabilities. These attacks also take place at the speed of light which leaves little or no time react to attacks. Furthermore, the inherent nature of the Internet allows an attacker to forge the sender’s address or to use botnets (zombie computers often located in different countries), thereby disguising the true identity of an attacker and leading to misattribution of the source of an attack.[47]

32.         The problem of attribution is widely recognized as the biggest obstacle for effective cyber defence. Professional hackers can easily cover their tracks and thus avoid penalties. Deterrence, a critical element of a traditional defence paradigm, does not work in cyber space. In addition, most of cyber attacks are performed by civilian hacker groups so it is almost impossible to prove government involvement. For instance, experts suggest that the thriving Chinese hacker community is not directly supervised by respective government authorities but merely encouraged financially or through ‘patriotic’ education mechanisms such as the People’s Liberation Army’s militia and reserve system. It makes it difficult to blame Beijing for the attacks such as the one in 2007, when some 25-27 terabytes of information (equivalent to roughly 5,000 DVDs) were stolen from the Pentagon.[48]

33.         As sources of cyber attacks are usually impossible to trace, it cannot be said with certainty who has, so far, dominated “the cyber world”. Nevertheless, when it comes to the involvement of states in cyber attacks, Russia and China are said to be the usual suspects.[49] From what we know today, terrorist groups such as al Qaeda do not yet have the capability to carry out such attacks. In the future, however, organized crime and hacker groups could sell their services to terrorist groups.[50]

     A.  TYPES OF CYBER ATTACKS 

34.         Generally speaking, there are two types of cyber attacks: Distributed Denial of Service (DDoS) and malware attacks.

DDoS attacks

35.         DDoS attacks aim to overwhelm a target by sending large quantities of network traffic to one machine. Attackers take over a number of other computers (botnets) and use them without the knowledge of their owners – for instance, the Estonia attack, roughly one million computers were hijacked in 75 countries.[51] The goal of DDoS is to prevent legitimate users from accessing information and services, such as the actual computer, email, websites, online accounts (banking, etc.). DDoS attacks are extremely difficult to deal with because they do not attempt to exploit vulnerabilities of a system. Vulnerabilities may be patched, but essentially one cannot do much to prevent DDoS attacks.[52]

36.         One of the first major attacks aimed to cripple a country’s critical infrastructure hit Estonia in May 2007. The e-government country experienced co-ordinated DDoS attacks on websites of the Estonian President and Parliament, almost all of its government ministries, political parties, major news organizations, two banks and several communication companies. The attacks came soon after Estonian authorities had relocated a Soviet war memorial in Tallinn – a step which spurred protests by ethnic Russians living in Estonia and resulted in hundreds of casualties. The series of cyber attacks, which occurred weeks after the event, supposedly originated in Russia and were hosted by Russian state computer servers. Russia denied these allegations, but in March 2009, an activist with the pro-Kremlin youth group Nashi claimed responsibility for organizing the cyber attacks on Estonia. It should be noted that Estonia is extremely dependent on the Internet. At the last parliamentary elections, ¼ of the voters cast their votes via Internet.

37.         Another significant DDoS attack was launched against Georgia in the summer of 2008. This is of note due to the fact that it was coupled with the use of conventional military force, something that a number of experts predict will occur more often in the future. Georgia blamed Russia for the attack only for Russia to deny any involvement.[53] A year later, the combination of cyber and conventional force was supposedly also employed in the case of the bombing of the Syrian nuclear reactor, which was allegedly orchestrated by Israel.[54]

Malware attacks

38., 60;        Malware – or “malicious software” – attacks refer to techniques capable of infiltrating one’s computer without the user’s knowledge and taking control of it, collecting information, or deleting its files (see examples of malware in the Annex). Attack malware can reportedly be bought online for several hundred dollars or even downloaded for free.[55]

39.         Malware-based cyber attacks are increasingly being used for espionage. In 2008, the Unites States experienced a major attack on the classified networks of US Central Command in charge of oversee military operations in the Middle East and Central Asia. Based on available information, the attack was carried out by a foreign intelligence service, which used portable data storage devices to spread malware. Espionage cyber attacks, however, can also be carried out against non-state actors such as private companies and think tanks. “Operation Aurora ” carried out in late 2009/early 2010 is a case in point. During the course of several months, Chinese hackers managed to penetrate the networks of at least 34 financial, technological, and defence companies via exploiting flaws in e-mail attachments.[56] One of the attack’s targets, the giant search engine Google, admitted that hackers had penetrated Gmail accounts of Chinese human rights advocates in the United States, Europe and China. A number of human rights organizations and Washington-based think tanks focusing on US-China relations were also hit by the attacks. According to experts, the attack reached a new level of sophistication as hackers exploited multiple flaws of different software programs – multiple types of malware codes were allegedly used against multiple targets and the whole process was very precisely co-ordinated. This series of attacks was aimed at gaining information about the latest defence weapons systems, source codes powering software applications of prominent technological companies, as well as gaining background about Chinese dissidents.[57]

Stuxnet

40.         The Stuxnet is technically a malware, but its characteristics originality and potential for disruption are so novel that it merits special attention. The Stuxnet worm has been described as “the most sophisticated cyber weapon ever deployed”[58] and its widely-acknowledged role in damaging Iran ’s Bushehr nuclear reactor and Natanz uranium enrichment plant has put Stuxnet firmly in the spotlight recently.[59] Essentially, the worm is a direct-targeting cyber attack: it “sniffs” around its target’s operating system and only attacks if this system matches its targeting criteria, thereby making detection harder for other defences. Once it has acquired its target, Stuxnet deploys two extremely complicated programming payloads to “bomb” them. In the Iranian example, the first of these cyber bombs attacked the centrifuges in the nuclear plant, slowly “un synching” them so that they collided with each other, causing serious damage. The second cyber bomb compromised the digital warning, display and shut-down systems controlling the centrifuges, thereby blinding these systems to the reality of what was happening.

41.         This characteristic makes Stuxnet unique in that it specifically attacks and compromises the Supervisory Control and Data Acquisition (SCADA) systems of critical infrastructures. Thus, the real danger of Stuxnet is that, although the Iranian example was a specifically targeted attack, the same method could be used to attack virtually any information technology system used in any critical infrastructures around the world. Stuxnet has therefore been described as a “cyber weapon of mass destruction”.[60] Of particular note is that the vast majority of complicated information technology systems that are potentially vulnerable to Stuxnet are located in NATO and NATO partner countries.

     B.  NATO AND CYBER DEFENCE 

NATO’s cyber agenda

42.         The cyber domain is often described as the “fifth battlespace”; representing both opportunity and risk for the military. In the context of the revolution in information and communication technologies, the military institutions of major powers have been working relentlessly to interconnect commanders, soldiers, sensors and platforms in order to improve agility and achieve better situational awareness. Today, more than 1/5 of US defence and security acquisitions are in the cyber sector.[61] “Network-centric capabilities” has become a buzzword in militaries, while new technologies enable commanders to make better-informed decisions and to reduce human losses by, for example, operating an unmanned aerial vehicle (UAV) over Afghanistan from a base in Nevada.

43.         On the other hand, our armed forces are now faced with risks they have not experienced before, such as the incident reported by The Wall Street Journal in December 2009, when Iraqi insurgents managed to intercept feeds coming from American UAVs using inexpensive software that is available on the Internet.[62] The Pentagon computer systems are probed up to six million times per day, according to US Cyber Command.

44.         NATO’s increasing involvement in cyber security is therefore inevitable. As NATO Secretary General Anders Fogh Rasmussen put it: “there simply can be no true security without cyber security”. The Alliance has included this issue on its agenda since 2002 when it approved a Cyber Defence Programme – “a comprehensive plan to improve the Alliance ’s capability to defend against cyber attacks by improving NATO’s capabilities”. However, it was not until the 2007 attacks against Estonia that NATO embarked upon developing a comprehensive cyber defence policy that would include not only the protection of the Alliance’s own networks but would also augment the cyber security of individual member states. The Group of Experts’ Report (the “Albright report”) recommended that NATO must accelerate its efforts to respond to the dangers of cyber attacks. It recommended focusing on protecting NATO’s communications and command systems, helping Allies to improve their ability to prevent and recover from attacks, and developing an array of cyber defence capabilities aimed at effective detection and deterrence. At the Lisbon Summit, NATO member states committed the organization to developing a new Cyber strategy by June 2011. This strategy will most likely require regular revisions and updating as the developments in cyber domain are remarkably rapid.

45.         At present, individual members continue to bear principal responsibility for the security of their networks, while relevant NATO structures, apart from protecting their own networks and providing support for NATO operations, are expected to assist member states by sharing best practices and dispatching Rapid Reinforcement Teams in case of emergency. Key NATO institutions in the area of cyber security include:

  • NATO Cyber Defence Management Authority (CDMA), which is responsible for coordinating cyber defence systems within NATO and providing advice to member states on all the main aspects of cyber defence.  NATO CDMA operates under the auspices of the new Emerging Security Challenges Division in NATO HQ.;

  • The Cooperative Cyber Defence Centre of Excellence (CCDCOE) in Tallinn, Estonia, which was established in 2008, is responsible for research and training on cyber warfare;.

  • The NATO Consultation, Control and Command (NC3) Board and NATO’s Consultation, Control and Command Agency (NC3A) control the technical aspects and operational requirements of NATO’s cyber defence capabilities;.

  • The NATO Communication and Information Services Agency (NCSA), through its NCIRC (NATO Computer Incident Response Capability) Technical Centre, provides technical and operational cyber security services for NATO and its operations and is responsible for responding to any cyber aggression against the Alliance networks.

46.         NATO conducts annual exercises aimed at enhancing an understanding of NATO’s cyber defence capabilities and identifying areas for improvement. This year’s exercise, Cyber Endeavor will take place on 5-22 September in Grafenwöhr, Germany.

47.         A lot remains to be done, however. NATO’s principal cyber unit – NCIRC – is only partially operational and does not yet provide 24/7 security for all NATO networks. Full operational capability is expected to be achieved in 2012. NCIRC is also only engaged in passive defence, monitoring network activities and dealing with incidents. It does not have a mandate, however, to go after an attacker.

48.         More importantly, NATO needs to devise its policy regarding the key question of how to react to cyber attacks against one of its member states. Can one invoke Article 5 of the Washington Treaty after a cyber attack? And what response mechanisms should the Alliance employ against the attacker? Should the retaliation be limited to cyber means only, or should conventional military strikes also be considered? Furthermore, the Alliance must decide to what extent it can engage in co operation on sensitive cyber issues with partner countries, such as Russia.

National policies of member states

49.         As noted above, member nations bear the principal share of responsibility for their cyber security. Before the 2007 attacks against Estonia, most European nations were developing national strategies to promote information society focusing on economic and cultural benefits offered by new communication and computing technologies, largely neglecting possible risks. After 2007, the need for a more balanced approach has been increasingly acknowledged.[63]

50.         The 2010 UK House of Lords report on cyber security noted wide differences between various European countries in terms of preparedness to meet cyber threats. Since in cyber domain the system is as strong as the weakest link, the report stated that the European countries “have an interest in bringing the defences of the lowest up to those of the highest”.[64] The exact level of preparedness is difficult to measure, however, due to the lack of full understanding of the complexity of cyber domain.

51.         The highest level of preparedness in the Alliance is in the United States and the United Kingdom. The US feels more threatened by cyber attacks than any other nation due to its highly pervasive use of information and communication technologies as well as to its status as a superpower. President Obama identified cyber security as a strategic priority. From 2010 to 2015, the US government is expected to spend over US$50 billion on its cyber defences.[65] The Departments of Defense and Homeland Security share the responsibility for the security of American government networks and implement this mandate through several agencies such as National Security Agency and US Cyber Command (inaugurated in 2010 and specifically tasked to protect US military networks). In terms of legislation, three separate Acts streamlined executive responses to cyber warfare on critical national energy infrastructures, while another Act co ordinated wider cyber security efforts, including those against financial institutions and industry.[66]

52.         The UK ’s lead cyber agency is the Government Communications Headquarters (GCHQ). Cyber security occupies central place in the National Security Strategy and the Strategic Security and Defence Review published in October 2010. Experts note that “review contains all the early signs of a well-balanced and (now) better-funded approach to UK cyber security.”[67] UK Computer Misuse Act is also hailed as “a robust and flexible piece of legislation in terms of dealing with cybercrime”.[68]

53.         That said, even in the US and UK there are still important questions that need to be addressed. In particular, experts note the insufficient degree of co operation between the government agencies and private sector which owns most of information capabilities and infrastructure – more than 90% of American military and intelligence communications travel through privately-owned telecommunications networks.[69] However, private entities are reluctant to allow greater government involvement and monitoring. The UK House of Lords report noted that representatives of the commercial United Kingdom Internet industry showed little interest in giving evidence for this report. Many experts stress that private industry makes its decisions on cyber security measures based on financial rather national security calculations.

54.         While the US and the UK tend to lead on these matters, other NATO members have also updated their existing legal frameworks and made cyber security increasingly prominent in their security strategies. In particular, significant progress has been achieved in establishing Computer Emergency Response Teams (CERTs). A CERT is an organization that studies computer and network security in order to provide incident response services to victims of attacks, publish alerts concerning vulnerabilities and threats, and to offer other information to help improve computer and network security. The 2010 House of Lords report identified the lack of CERTs in some European countries as a major concern. However, in 2011 the situation seems much better. According to the register of the European Network and Information Security Agency (ENISA), CERTs were established in all European NATO countries. Furthermore, the establishment of more advanced Computer Security and Incident Response Teams (CSIRTs) is being promoted. CSIRTs are CERTs that have extended their services from being a mere reaction force to a more complete security service provider, including preventive services like alerting and security management services.[70]

55.         However, there is no basis for complacency. Establishment of new institutions must be followed by more intensive schedule of joint exercises. The legislative basis must also be further reviewed and updated to take into account the new realities of the cyber domain. According to NATO Deputy Assistant Secretary General Jamie Shea, legislative frameworks in many NATO countries are lagging behind in terms cyber realities.[71] At the meeting with NATO Parliamentarians in The Hague on 19 April 2011, NATO C3 Agency General Manager Georges D’hollander said that not all NATO member states have adopted legislation that would make it mandatory for the private sector to protect their data and their networks. For instance, it should be mandatory to install safeguards that would prevent computers or networks being hijacked and used as ‘botnets’. NATO C3 Agency’s Principal Scientist Brian Christiansen also suggested that all NATO nations should employ the so-called “red teams” that use hackers’ methods to probe security levels of various national networks (without malign intentions, of course).

56.         The less advanced NATO nations must realize that in the cyber domain there cannot be a free ride. One study notes that nations that do not have adequate legislative and institutional framework to protect their cyber assets are less likely to receive assistance from the international community because “in a rapid reaction situation, existing procedures better support effective interaction (…) because there is a certain amount of ‘homework’ that can only be performed by the victim.”[72]

V.  INFORMATION AND CYBER SECURITY: OPTIONS FOR THE INTERNATIONAL COMMUNITY AND NATO 

57.         The challenges of the Information Age for national and international security are complex and require the combined efforts of international, regional and national authorities and the private sector, as well as sub- and trans-national groupings of active individuals. NATO is not in a position to address all aspects of this challenge, but it does have a significant role to play, not least because it unites nations with the most developed information and communication infrastructure (infrastructure, hardware and software which collectively make up the Internet are still overwhelmingly Western designed and produced; more than 50% of the world’s Internet traffic transits the USA).[73]

58.         On the global level, NATO should support initiatives to negotiate at least some international legal ground rules for the cyber domain. This framework must discourage the cyber arms race and define “thresholds” above which attacks constitute an act of war. International law should clearly prohibit the use of cyber attacks against civilian infrastructures. The principles of international law should also recognize indirect responsibility of a state to ensure that its territory is not used by non-state actors to launch attacks against a third country. If a country systematically fails to ensure that or provides sanctuary for perpetrators, it should be considered as breaching international law and should face sanctions.[74]

59.         However, achieving this agreement will not be easy, since some critical players – such as Russia and China – view cyber security from an “information security” perspective. This perspective is based on their desire to limit dissent and access to information deemed threatening to their regimes. These nations have proposed in-built tracking devices on all Internet packets that would allow all actions on the Internet to be traced. Western analysts argue this would be cumbersome, costly and easily negated by criminal groups, intelligence agencies and militaries. Therefore, the real target of such proposals is the average Internet user and their ability to access information and engage in political dialogue anonymously.[75] Such a surveillance approach is prohibited by many NATO member states’ own laws governing surveillance, propaganda and counter-terrorism.

60.         Other approaches to policing the cyber domain focus on developing technical solutions within Internet infrastructure itself to help maintain security. The Internet was originally designed to be interoperable and has therefore paid little attention to security aspects. The 2003 US National Strategy to Secure Cyberspace identified vulnerabilities within three “key Internet protocols”: the Internet Protocol, which guides data from source to destination across the Internet; the Domain Name System, which translates Internet Protocol numbers into recognizable Web addresses; and the Border Gateway Protocol, which provides the connection between networks to create the “network of networks”[76]. None of these protocols have in-built mechanisms to verify the origin or authenticity of information sent to them, leaving them vulnerable to being manipulated by malicious actors. Therefore, funding and developing technical solutions for a new set of secure protocols that will address many of the vulnerabilities in the current Internet infrastructure whilst falling short of surveillance of member states populations could be useful to NATO.

61.         In addition, NATO member states should support wide ratification of binding international treaties, like the Council of Europe’s Convention on Cybercrime, because banning cyber criminal activities would also help negate cyber terrorists as well as state-sponsored cyber attacks that often use the same techniques as cyber criminals.

62.         In terms of public-private co-operation, relevant authorities of NATO nations should be more pro-actively engaging private IT companies when it comes to setting stricter rules on the use of cyber space. Dialogue is essential because software companies like Microsoft and Google remain able, by developing various software options, to exercise influence beyond what any nation state could aspire to do using their legislative powers. Incentives must be put in place to encourage private companies, particularly those running critical national infrastructures and designing cyber hardware and software, to upgrade their security systems beyond simple profit vs. loss calculations.

63.         The Alliance should also establish closer co-operation with the EU. Although NATO is developing cyber defence capabilities, it still needs the EU because it issues laws on comprehensive standards for cyberspace and NATO does not. It would be useful, however, if the EU established the position of an EU “Cyber Czar” in order to have a clear contact point for NATO.

64.         With respect to its own contribution, NATO should incorporate its cyber policies (and encourage its member states to do likewise) into a broader framework for adapting the military to the realities of the Information Age. Cyber security is not a value per se, it must be seen within the context of the developing concept of network-enabled capabilities. In other words, we need to find the right balance between the advantages offered to our armed forces by the new information and communication technologies, and the protection against cyber threats stemming from this information revolution.

65.         It also goes without saying that NATO must clarify its response mechanisms in case of a cyber attack against one or more of its members. It is important that while the Alliance ’s cyber strategy is under preparation, it is not prevented from adequately responding to such attacks. Some argue that Article 5 should not be applied with respect to cyber attacks because their effect so far has been limited to creating inconvenience rather than causing the loss of human lives and because it is hard to determine the attacker. However, The Rapporteur believes that the application of Article 5 should not be ruled out, given that new developments in cyber weapons such as Stuxnet might eventually cause damage comparable to that of a conventional military attack.

66.         In more practical terms, NATO should consider its role in protecting physical infrastructure associated with the cyber domain. The physical vulnerability of fibre-optic cables and information hubs represent a serious challenge within the cyber domain. Most long-haul fibre-optic cables reach land at obvious choke points, which make them susceptible to attack or damage. Of note is the choke point for transatlantic cables Widemouth Bay, Cornwall, in the UK, where four major EU US cables reach land.[77] This area has reportedly been designated “vital to US security” because of these cables.[78] Meanwhile, the vast majority of the physical cables that connect the United States and Asia run through the Luzon Strait choke point between Taiwan and the Philippines.[79] Cables in the Malacca Strait are also congested, and island NATO members and partners, like Iceland, Japan and Australia, are particularly vulnerable.[80] To date, the best form of protection for these sub-surface cables has been their anonymity. However, sometimes this is not enough, as highlighted by the fact that 75% of Internet capacity between Europe and a large part of Asia was temporarily lost when, in 2008, ships off the Egyptian coast severed two inter-continental fibre-optic cables by dragging their anchors.[81] A Georgian woman denied 90% of Armenians access to the Internet for 5 hours when she inadvertently cut through a cable with her spade.[82] There have also been other large Internet disruptions caused by cable incidents in Malta, Sicily the US and Asia.[83] These highlight the possibility of sabotage by state or non-state actors. In terms of bandwidth capacity, NATO member states are heavily dependent on infrastructure in the UK for their transatlantic communications. Much of these key Internet peering points are based in and around London and have previously been threatened by flooding.[84]Any disruption to these infrastructures could have far-reaching economic and military effects.

67.         The Rapporteur also suggests that NATO considers applying common funding procedures for procurement of some critical cyber defence capabilities for its member states. The Alliance and its nations should also redouble their efforts to invest in human capital, because currently the Western nations are widely believed to be losing their advantage in cyberspace in terms of numbers of cyber experts and qualified personnel.

68.         Other practical measures should include reviewing our policies in terms of critical information that is to be stored online. The “Cablegate” revealed some documents that date back to 1966. Nigel Inkster, a prominent British expert, says that this “suggests an excess of zeal among those tasked to place State Department data on SIPRNet, since these cannot be relevant to today’s operational requirements.” It is also necessary to review the operating systems of critical national infrastructure with a view to limiting their unnecessary exposure to online connections. Furthermore, new safeguard mechanisms must be put in place to prevent unauthorized downloading of sensitive data to digital storage devices. Procedures for vetting relevant personnel should also be revisited.

69.         That said, the Rapporteur wishes to emphasize that all necessary security measures should not cross the line where they would violate the fundamental principles and values cherished by the nations of the Euro-Atlantic community. It is also important for our national security interests: since the cyber domain is to a large extent governed by the people, it is important to win the moral support of the majority of the virtual community. In order to prevent the abuse by the governments, stricter security rules should be accompanied by measures ensuring democratic oversight. For instance, the United States announced recently the establishment of the Privacy and Civil Liberties Oversight Board (PCLOB) to ensure that privacy and civil liberties are protected.[85]

70.         Last but not least, the Rapporteur would like to underline the role of parliamentarians not only in terms of issuing relevant legislation, but also in communicating with a public that is often insufficiently informed about the scope of opportunities and risks posed by the Information Age.

ANNEX

Types of Malware

Logic Bomb

The earliest and simplest form of malware. It is not a virus but a computer code, which needs to be secretly inserted into the computer software. When triggered (positive trigger – setting a time or date of the bomb exploding such as removing an employees name from the salary list; or negative trigger – failing to insert certain data or code by a specific time). The bomb can cause system shutdown, delete files, send secret information to wrong people, etc.

Trojan Horse

Creates a “back door” into a computer, which can be obtained via the Internet from anywhere around the world. It can delete, steal or monitor data on someone else’s computer. It can also turn the computer into a “zombie” and use it to hide the real perpetrator’s identity and cause further damage to other systems. [86]Key-logger

Monitors and keeps track of keystrokes on a computer usually without the user being aware of it. The information can be saved to a file and sent to another computer. Acquiring private data such as usernames and passwords are usually the key targets of the program.

Virus

Infects files when they are opened or being run and is capable of self replication. It often manifests itself as a logic bomb or a Trojan. Viruses are difficult to track and can spread very quickly. In 2000 the ILOVEYOU virus caused damage of approximately US$10 million.

Embedded Malware

Is inserted malicious software that accepts additional covert commands into operational systems of machines ranging from phones to weapons systems. According to General Wesley Clark and Peter Levin, an example of such operation was Israel ’s alleged attack on Syrian nuclear sites in 2007, which was supposedly made easier because of embedded malware that turned off Syrian defence radar.


[1]   As pointed out by Craig Mondie, Chief Research and Strategy Officer, Microsoft. See in Cybersecurity: Is Technology Moving Faster than Policy? Security & Defence Agenda report. 31 January 2011. http://www.securitydefenceagenda.org/Portals/14/Documents/Publications/2011/Cybersecurity_Dinner_report_Final2.pdf

[2]   Reducing Systemic Cybersecurity Risk, OECD/IFP Project on “Future Global Shocks”, January 2011.

[3]   Cyber war and cyber power. Issues for NATO doctrine. By Jeffrey Hunker. NATO Defence College Research Paper No. 62, November 2010.

[4]   President Obama has said the cyber criminals have caused around US$1 trillion damage worldwide in one year.

[5]   Except Turkey, all NATO nations (including CoE non-member states Canada and the United States ) have signed the Convention, but Belgium, Canada, the Czech Republic, Greece, Luxembourg, Poland, Spain and the United Kingdom have not ratified it. CoE member state Russia did not sign the Convention.

[6]  A hidden world, growing beyond control. By Dana Priest and William M. Arkin. A Washington Post Investigation. 19 July 2010.  http://projects.washingtonpost.com/top-secret-america/articles/a-hidden-world-growing-beyond-control/print/

[7]    WikiLeaks: the price of sharing data. IISS Strategic Comments. Volume 17, Comment 3. January 2011.

[8]    Cables leak reveals flaws of information-sharing tool. By Joby Warrick. The Washington Post. 31 December 2010.

[9]   WikiLeaks Founder on the Run, Chased by Turmoil. By John F.Burns and Ravoi Somaiya. The New York Times. 23 October 2010.

[10]   Leaked Cables Offer Raw Look at U.S. Diplomacy. By Scott Shane and Andrew W.Lehren. The New York Times. 28 November 2010.

[11]   WikiLeaks: Saudi King Abdullah Encouraged U.S. to Attack Iran; Chinese Politburo Hacked Into Google. New York News & Features.  28 November 2011. http://nymag.com/daily/intel/2010/11/wikileaks_round-up.html

[12]   Reaction to Leak of U.S. Diplomatic Cables, Day 2. By Rober Mackey. The New York Times. 29 November 2010. http://thelede.blogs.nytimes.com/2010/11/29/updates-on-the-global-reaction-to-leaked-u-s-cables/

[13]   Reaction to Leak of U.S. Diplomatic Cables, Day 2. By Rober Mackey. The New York Times. 29 November 2010. http://thelede.blogs.nytimes.com/2010/11/29/updates-on-the-global-reaction-to-leaked-u-s-cables/

[14]   NATO condemns WikiLeaks. Sky News Australia. , December 2010. http://www.skynews.com.au/topstories/article.aspx?id=546109&vId

[15]   Wikileaks must stop “dangerous” leaks: military. Reuters. 26 November 2010,; U.S. warns WikiLeaks not to release ‘dangerous’ report. Haaretz. 28 November 2010.

[16]   Gates: No sensitive info in WikiLeaks Afghan papers. Reuters. 17 October 2010,

[17]   Pentagon revamps security in wake of Wikileaks. Homeland Security Newswire. 29 December 2010.

[18]   White House memo outlines new anti-leak measures. Reuters. 2 December 2010.

[19]   Pentagon revamps security in wake of Wikileaks. Homeland Security Newswire. 29 December 2010.

[20]   U.S. Clamps Down on Info Sharing. Defense News. 6 December 2010.

[21]   WikiLeaks fallout leads to an info-sharing clampdown. By Sean Railey.  FederalTimes.com. 5December 2010. http://www.federaltimes.com/article/20101205/IT03/12050306/

[22]   U.S. Clamps Down on Info Sharing. Defense News. 6 December 2011.

[23]   WikiLeaks fallout leads to an info-sharing clampdown. By Sean Railey.  FederalTimes.com. 5 December 2010. http://www.federaltimes.com/article/20101205/IT03/12050306/

[24]   U.S. Air Force blocks NYT, Guardian over WikiLeaks. Reuters. 14 December 2010.

[25]   US blocks access to WikiLeaks for federal workers. By Ewen MacAskill. The Guardian. 3 December 2010.

[26]   The arrest of Julian Assange: as it happened. The Guardian. December 2010,

[27]   On his first day in office President Obama instructed US agencies to be more open and transparent. Later on he launched a review of the classification procedures, ordered training for personnel in charge of classifications, and obliged classifiers to provide their identification on each classified document (see in Wikileaks’ War on Secrecy: Truth’s Consequences. By Massimo Calabresi. Time. 2 December 2010.).

[28]   Intelligence in the Information Age; Spy Data For Sale. By Kevin O’Connell. Comentary. RAND Corporation. 8 April 2001. http://www.rand.org/commentary/2001/04/08/ND.html

[29]   Analysis: WikiLeaks will kill transparency. By C.M. Sennott. Globalpost.com. 29 November 2010.   http://www.globalpost.com/dispatch/worldview/101129/opinion-wikileaks-will-kill-transparency

[30]   Intelligence in the Information Age; Spy Data For Sale. By Kevin O’Connell. Comentary. RAND Corporation. 8 April 2001. http://www.rand.org/commentary/2001/04/08/ND.html

[31]  Reducing Systemic Cybersecurity Risk, OECD/IFP Project on “Future Global Shocks”. By Peter Sommer and Ian Brown. January 2011.

[32]   Why Are Hactivists “Anonymous” Defending Wikileaks? Interview by Debbie Randle. BBC Newsbeat. 9 December 2010.

[33]  Operation Avenge Assange, http://i.imgur.com/C35Ty.png

[34]  Reducing Systemic Cybersecurity Risk, OECD/IFP Project on “Future Global Shocks”. By Peter Sommer and Ian Brown. January 2011,; Hackers Rise for WikiLeaks. By Cassell Bryan-Low and Sven Grundberg. Wall Street Journal. 8 December 2010.

[35]  Hundreds of WikiLeaks Mirror Sites Appear. By Ravi Somaiya. The New York Times. 5 December 2010.

[36]    Anonymous vows to take leaking to the next level. By Ashley Fantz. CNN. 24 February 2011.

[37]  Reducing Systemic Cybersecurity Risk, OECD/IFP Project on “Future Global Shocks”. ”. By Peter Sommer and Ian Brown. January 2011.

[38]  Drop the Case Against Assange. By Tim Wu. Foreign Policy. 4 February 2011.

[39]  These Revolutions Are Not All Twitter. By Andrew K.Woods. The New York Times.1 February 2011.

[40]  Yet another Facebook revolution: why are we so surprised? By John Naughton. The Guardian. 23 January 2011.

[41]  A Tunisian-Egyptian Link That Shook Arab History. By David D. Kirkpatrick and David E.Sanger. The New York Times. 13 February 2011.

[42]  Hackers Shut Down Government Sites. By Ravi Somaiya. The New York Times. 2 February 2011.

[43]  These Revolutions Are Not All Twitter. By Andrew K.Woods. The New York Times. 1  February 2011.

[44]  Facebook Officials Keep Quiet on Its Role in Revolts. By Jennifer Preston. The New York Times. 14 ebruary 2011.

[45]    Wikileaks’ Julian Assange takes credit for Tunisian and Egyptian revolutions. Daily Mail online, 14 February 2011. http://www.dailymail.co.uk/news/article-1356754/Wikileaks-Julian-Assange-takes-credit-Tunisian-Egyptian-revolutions.html

[46]  The Perpetrators of Cyber Attacks. By Mary Watkins. Financial Times. 17 February 2011.

[47]    Cyber war and cyber power. Issues for NATO doctrine. By Jeffrey Hunker. NATO Defence College research paper No. 62. November 2010.

[48]   Mobilising Cyber Power. By Alexander Klimburg, Survival, 28 January 2011.

[49]  Tackling the Cyber Threat. By Margaret Gilmore. RUSI commentary. http://www.rusi.org/analysis/commentary/ref:C4CBD84EDE6ACB

[50]  Virtual war a real threat. By Ken Dilanian. Los Angeles Times. 28 March 2011,

[51]   A Treaty for Cyberspace. By Rex Hughes. International Affairs. March 2010.

[52]  Cyber war and cyber power. Issues for NATO doctrine. By Jeffrey Hunker. NATO Defence College research paper No. 62. November 2010.

[53]  Before the Gunfire, Cyberattacks. By John Markoff. The New York Times. 12 August 2008.

[54]  Farwell, James P. and Rohozinski, Stuxnet and the Future Cyber War, IISS, Survival, Feb-March 2011.

[55]  Cyber-war a growing threat warn experts. By Clark Boyd. BBC. 17 June 2010.

[56]  A recipient opens an e-mail, which is seemingly from someone he/she knows, opens an attachment containing a “sleeper” program that embeds in the recipients computer. The attacker can then control the program remotely – access e-mail, send confidential documents or turn on a Web camera or microphone and record.

[57]  Google China cyberattack part of vast espionage campaign, experts say. By Ariana Eunjung and Ellen Nakashima. The Washington Post. 14 January 2010.

[58]  Israeli Test on Worm Called Crucial in Iran Nuclear Delay. By William J.Broad, John Markoff and David E.Sanger. The New York Times. 15 January 2011.

[59]  Stuxnet and the Future Cyber War. By Farwell, James P. and Rohozinski. IISS. Survival. Feb-March 2011; and  Israeli Test on Worm Called Crucial in Iran Nuclear Delay. By William J.Broad, John Markoff and David E.Sanger. The New York Times. 15 January 2011.

[60]  Cracking Stuxnet: A 21st century cyber weapon. By Ralph Langner. Ted.com brief. 29 March 2011. http://www.youtube.com/watch?v=CS01Hmjv1pQ

[61]  Cyber-security: the corporate gold rush. Jane’s Defence Weekly. 29 September 2010.

[62]  The Cyber-war. By Eleanor Keymer. Jane’s Defence Weekly. 29 September 2010.

[63]  Global Cybersecurity-Thinking About the Niche for NATO. By Eneken Tikk,. SAIS Review, Vol. 30, No. 2, Summer-Fall 2010

[64]   Protecting Europe Against Large-Scale Cyber-Attacks. European Union Committee – Fifth report. UK House of Lords. March 2010.

[65]  On Cyber Warfare. By Paul Cornish, David Livingstone, Dave Clemente and Clair York. A Chatham House Report. November 2010.

[66]    Cyber Security Enhancement Act Redux. By Eric Chabrow. Government Information Security Articles.10 Fenbruary 2011. http://www.govinfosecurity.com/articles.php?art_id=3340

[67]  Evaluating the 2010 Strategy Review. By Dave Clemente. Chatham House.  http://www.chathamhouse.org.uk/files/17631_1010sdsr_clemente.pdf

[68]  IISS Global Perspectives – Power in Cyberspace. Q&A with Nigel Inkster, Director, Transnational Threats and Political Risk, IISS. 18 January 2011.

[69]  The New Vulnerability. By Jack Goldsmith. The New Republic. 7 June 2010.

[70]   Taken from “Inventory of CERT activities in Europe ”. ENISA publication. March 2011.

[71]  Cybersecurity: Is Technology Moving Faster than Policy? Security & Defence Agenda report. 31 January 2011.

  http://www.securitydefenceagenda.org/Portals/14/Documents/Publications/2011/Cybersecurity_Dinner_report_Final2.pdf

[72]  Global Cybersecurity-Thinking About the Niche for NATO. By Eneken Tikk. SAIS Review, Vol. 30, No. 2, Summer-Fall 2010.

[73]  Power in Cyberspace. Speech by Nigel Inkster, Director of Transnational Threats and Political Risk, IISS. 18 January 2011. http://www.iiss.org/middle-east/global-perspectives-series/power-in-cyberspace/read-the-speech/

[74]  Cyber war and cyber power. Issues for NATO doctrine. By Jeffrey Hunker. NATO Defence College research paper No. 62. November 2010.

[75]  Internet Governance in an Age of Cyber Insecurity. By Robert Knake. Council on Foreign Relations Special Report no.56, September 2010.

[76]  The National Strategy to Secure Cyberspace. The White House. February 2003.

[77]  ‘Internet’s undersea world’ http://personalpages.manchester.ac.uk/staff/m.dodge/cybergeography/atlas/alcatel_large.gif

[78]   Devon and Cornwall locations “vital to US security”. BBC, ‘6 December 2010.

[79]   Points of weakness in Internet cable network. By Adam Wolfe. Asiaone Digital. 17 January 2007. http://digital.asiaone.com/Digital/Features/Story/A1Story20070523-7003.html

[80]   Ibid.

[81]   Protecting Europe Against Large-Scale Cyber-Attacks. European Union Committee – Fifth report. UK House of Lords. March 2010.

[82]   Georgian pensioner facing jail for cutting off Armenias Internet by snipping cable. EU Times, 8 April 2011.

[83]    Severed Cables in Mediterranean Disrupt Communication. Bloomberg. 19 December 2008; and, Physical protection for the Internet.AlphaGalileo Institute. 14 December 2010.

[84]   Floods threaten UK Internet infrastructure. By Robert Jaques. V3.co.uk. 31 July 2007.  http://www.v3.co.uk/v3-uk/news/1942516/floods-threaten-uk-Internet-infrastructure

[85]  Cybersecurity Two Years Later. A Report of the CSIS Commission on Cybersecurity for the 44th Presidency. January 2011.

[86]  How does a logic bomb work? By Julia Layton. http://computer.howstuffworks.com/logic-bomb.htm; also in Reducing Systemic Cybersecurity Risk, OECD/IFP Project on “Future Global Shocks”. January 2011.