http://online.wsj.com/article/SB10001424052702304563104576355623135782718.html?m od=googlen ews_wsj

Cyber Combat: Act of War

Pentagon Sets Stage for U.S. to Respond to Computer Sabotage With Military Force
TECHNOLOGY
MAY 31, 2011
By SIOBHAN GORMAN And JULIAN E. BARNES
WASHINGTON—The Pentagon has concluded that computer sabotage coming from another country can constitute an act of war, a finding that for the first time opens the door for the U.S. to respond using traditional military force.
The Pentagon's first formal cyber strategy, unclassified portions of which are expected to become public next month, represents an early attempt to grapple with a changing world in which a hacker could pose as significant a threat to U.S. nuclear reactors, subways or pipelines as a hostile country's military.
In part, the Pentagon intends its plan as a warning to potential adversaries of the consequences of attacking the U.S. in this way. "If you shut down our power grid, maybe we will put a missile down one of your smokestacks," said a military official.

Recent attacks on the Pentagon's own systems—as well as the sabotaging of Iran's nuclear program via the Stuxnet computer worm—have given new urgency to U.S. efforts to develop a more formalized approach to cyber attacks. A key moment occurred in 2008, when at least one U.S. military computer system was penetrated. This weekend Lockheed Martin, a major military contractor, acknowledged that it had been the victim of an infiltration, while playing down its impact.

The report will also spark a debate over a range of sensitive issues the Pentagon left unaddressed, including whether the U.S. can ever be certain about an attack's origin, and how to define when computer sabotage is serious enough to constitute an act of war. These questions have already been a topic of dispute within the military.

One idea gaining momentum at the Pentagon is the notion of "equivalence." If a cyber attack produces the death, damage, destruction or high-level disruption that a traditional military attack would cause, then it would be a candidate for a "use of force" consideration, which could merit retaliation.
The Pentagon's document runs about 30 pages in its classified version and 12 pages in the unclassified one. It concludes that the Laws of Armed Conflict—derived from various treaties and customs that, over the years, have come to guide the conduct of war and proportionality of response—apply in cyberspace as in traditional warfare, according to three defense officials who have read the document. The document goes on to describe the Defense Department's dependence on information technology and why it must forge partnerships with other nations and private industry to protect infrastructure.

The strategy will also state the importance of synchronizing U.S. cyber-war doctrine with that of its allies, and will set out principles for new security policies. The North Atlantic Treaty Organization took an initial step last year when it decided that, in the event of a cyber attack on an ally, it would convene a group to "consult together" on the attacks, but they wouldn't be required to help each other respond. The group hasn't yet met to confer on a cyber incident.

Pentagon officials believe the most-sophisticated computer attacks require the resources of a government. For instance, the weapons used in a major technological assault, such as taking down a power grid, would likely have been developed with state support, Pentagon officials say....

Hmmmm, Cyber CIB in the works?

why does it have to come "from another country"?

Hmmmm, Cyber CIB in the works?

Done.. With Update: CIB "Cyber I-geek Badge"

Motto: We can hack your defense at the speed of light...


:D

A response to this perhaps...


ASIA PACIFIC NEWS
China "setting up military cyber-warfare team"
Posted: 27 May 2011 1922 hrs

BEIJING : China's military has set up an elite Internet security task force tasked with fending off cyberattacks, state media reported on Friday, denying that the initiative is intended to create a "hacker army".

The People's Liberation Army has reportedly invested tens of millions of yuan (millions of US dollars) in the project -- which is sure to ring alarm bells around the world among governments and businesses wary of Beijing's intentions.

"Cyber attacks have become an international problem affecting both civilian and military areas," the Global Times quoted China's defence ministry spokesman Geng Yansheng as telling a rare briefing this week.

"China is relatively weak in cyber-security and has often been targeted. This temporary programme is aimed at improving our defences against such attacks."

The 30-member "Cyber Blue Team" -- the core of the PLA's cyber force -- has been organised under the Guangdong military command in the country's south, and will carry out "cyber-warfare drills", the newspaper said.

The United States, Australia, Germany and other Western nations have long alleged that hackers inside China are carrying out a wide-range of cyberattacks on government and corporate computer systems worldwide.

But in a commentary, the Global Times hit out at "some foreign media" for interpreting the programme as a breeding ground for a "hacker army".

"China's capability is often exaggerated. Without substantiated evidence, it is often depicted by overseas media as the culprit for cyberattacks on the US and Europe," the paper said.

"China needs to develop its strong cyber defence strength. Otherwise, it would remain at the mercy of others."

China's military has received annual double-digit increases in its budget over much of the last two decades as it tries to develop a more modern force capable of winning increasingly high-tech wars.

In 2007, the Pentagon raised concerns about a successful Chinese ballistic missile test strike on a satellite, a weapon that could be used to knock out the high-tech communications of its enemies.

US computer firm McAfee said in February that hackers from China have also infiltrated the computer networks of global oil companies, stealing financial documents on bidding plans and other confidential information.

According to US diplomatic cables obtained and published by WikiLeaks, the United States believes that China's leadership has directed hacking campaigns against US Internet giant Google and Western governments.

In one cable, the US embassy in Beijing said it learned from "a Chinese contact" that the Politburo had led years of hacking into computers of the United States, its allies and Tibet's exiled spiritual leader, the Dalai Lama.

http://www.channelnewsasia.com/stories/afp_asiapacific/view/1131622/1/.html

Y'all think we don't have such an e-SMU. Naive.

Richard :munchin

Re: CIB (Cyber Interdiction Badge)

Done..

Needs to be a dagger in there somewhere....:D

This is probably directed towards the Middle East- Iran comes to mind.
MOO....

These days it's not just the size of the hardware that counts ;)

Pentagon officials believe the most-sophisticated computer attacks require the resources of a government.

How well do we know this? Aren't cutting edge CS people often young or in school? How do you know whom to target militarily in retaliation? If hackers are traced to Beirut, do you assume they are state sponsored and hit Lebanon?

http://www.pcmag.com/article2/0,2817,2386352,00.asp

With some government workers doing government business on open e-mail accounts, foreign intelligence agencies really don't have to work that hard.

Well from what I've read, the most sophisticated attacks are not done by any single person, or even a group, but by multiple teams.

Quite possible, this is not my field. With Silicon Valley just down road, there is a large tech culture in the Bay Area. A consistent message I have heard from friends in IT is the cutting edge is often a college junior, in a respected CS program like Cal or Stanford. People in the real world who have to focus on things like making a living, systems even a few years old are no longer cutting edge. In contrast these college kids can focus on experimenting with cutting edge developments and have powerful resources available to them.

Friends who are systems architects tasked with designing protective software, imply the theme is the best hackers are a very young, socially inept, and highly insecure subculture. It doesn't have to be a Chinese e-SMU, they joked find these kids on campus, hire them some female companionship, and convince them how "cool and legendary" it would be to known as the one or team that hack into the CIA etc.

Once again not my field, but what I hear out here.

http://www.osnews.com/story/24887/LulzSec_Calls_it_Quits

LulzSec Calls it Quits

posted by Thom Holwerda on Sun 26th Jun 2011 12:13 UTC
Well, after 50 days of causing amok on the web, the guys and/or girls behind LulzSec have called it quits last night. After hacking into the systems of various Arizona law enforcement agencies and releasing countless internal documents, they published a statement on Pastebin yesterday, dumping yet another boatload of data on The Pirate Bay, and announcing their disbanding....

LulzSec hacked the Arizona law enforcement because of Arizona's strict illegal immigration policies, which have already ruffled some major feather all across the United States - and beyond.

"We are targeting AZDPS specifically because we are against SB1070 and the racial profiling anti-immigrant police state that is Arizona," LulzSec stated, "Every week we plan on releasing more classified documents and embarassing personal details of military and law enforcement in an effort not just to reveal their racist and corrupt nature but to purposefully sabotage their efforts to terrorize communities fighting an unjust 'war on drugs'."

Well, this plan to release more information every week may have been cut short, since yesterday late last night, the group announced they were calling it quits after 50 days. It is not entirely unwarranted to assume that law enforcement may be closing in on them, and that as such, they simply have to disappear for a while.

"We hope, wish, even beg, that the movement manifests itself into a revolution that can continue on without us. The support we've gathered for it in such a short space of time is truly overwhelming, and not to mention humbling," the statement reads, "Please don't stop. Together, united, we can stomp down our common oppressors and imbue ourselves with the power and freedom we deserve."

....In any case, I hardly doubt this is the last we'll hear from these folks. It's clear LulzSec and Anonymous have struck cords all around the world, and I'm sure either others will take it from here, or the same guys will emerge in some other corner of the web under a different name.

http://lulzsecexposed.blogspot.com/

Probably not just LE that is causing them to quit.

http://www.pcworld.com/article/231213/anonymous_picks_up_slack_as_lulzsec_calls_it_quits .html

Anonymous Picks up Slack as LulzSec Calls it Quits

By Daniel Ionescu, PCWorld Jun 27, 2011 6:43 AM
Hacking season is not over yet. Even though LulzSec, the group of hackers who made a name for themselves by hacking Sony, Nintendo, and PBS among others, called it quits on Saturday, another group wants to pick up the slack.

After announcing the end of its activities, Lulzsec encouraged its 281,870 Twitter followers to follow the account of Anonymous, another hacking organization, which on Monday published new materials on counter-hacking tools and addresses of U.S. FBI locations. Anonymous also picked up more than 60,000 Twitter followers over the past 24 hours.

Acknowledging LulzSec's retirement, the group released a torrent file containing all the data it obtained over the past seven weeks, including data from prominent targets such as the CIA, U.S. Senate, Sony, and AOL.

Even though LulzSec has been active for only 50 days, the hacking group garnered a significant amount of media attention: "For the past 50 days we've been disrupting and exposing corporations, governments, often the general population itself, and quite possibly everything in between, just because we could," the group says in a goodbye note....

The files Anonymous released Monday include documents and hacking and counter-hacking tools. The data weighs in at 625MB and its exact source is not mentioned, except a link to the CDI Sentinel program page, which provides free cybersecurity training using a mobile computer lab.

http://lulzsecexposed.blogspot.com/

Probably not just LE that is causing them to quit.

I read the hacker that shut down wikileaks was going after Lulzsec.... "The Jester".....

Way to go Jester!!!!!

We had the below article on the Jester months ago.... (see below)
TS




http://www.professionalsoldiers.com/forums/showthread.php?t=31269&highlight=jester&page=3

Special Forces nexus to wikileaks

--------------------------------------------------------------------------------

Seems someone is saying this is a former "Special Forces soldier" that shut down wikileaks....

[I don't care if "Jester" is or is not a Special Forces soldier, don't anyone on here annoy him! ]

Team Sergeant



Experts suspect 'patriotic' hacker behind attacks on WikiLeaks site
By Ellen Nakashima
Washington Post Staff Writer
Tuesday, November 30, 2010; 11:09 PM

Somebody doesn't like WikiLeaks.

Since Sunday, the online site dedicated to exposing government and corporate secrets has suffered two computer assaults, each of which has overwhelmed its servers and rendered the site temporarily inaccessible.

Some observers immediately speculated the attacker might be the U.S. government, which has condemned WikiLeaks' posting of more than 250,000 diplomatic cables.

Experts said a more likely culprit is a "patriotic" hacker incensed by WikiLeaks' publication of massive amounts of classified government material.

"You have ethical hackers who are really opposed to the notion that you should be the one to decide what information should be disseminated," said Mark D. Rasch, a former federal cyber-crime prosecutor and now a security consultant.

The "denial of service" attacks, in which a site is bombarded by data, have been small to medium in scope, said Craig Labovitz, chief scientist at Arbor Networks, a security firm. The first assault registered two to four gigabits of data per second - "modest in the relative scheme of recent attacks against large Web sites," he said in a blog post.

The second attack, which began Tuesday, was larger. WikiLeaks, on its Twitter feed, said that it exceeded 10 gigabits per second. But it "still doesn't rise to some of the really large attacks we've seen on a regular basis," Labovitz said in an interview.

A Twitter user whose handle is "Jester" and who has a history of denial-of-service attacks claimed responsibility for the first attack, Labovitz said.

According to cyber-threat researcher Richard Stiennon, Jester is a former Special Forces soldier who has gone after sites he associates with al-Qaeda and terrorists. "He has real capability," Stiennon said. "If he says he took down WikiLeaks, he took down WikiLeaks."


continued:

http://www.washingtonpost.com/wp-dyn...113007678.html
__________________

*

In related news: http://pastebin.com/iVujX4TR

I'd say there's a lot of "LulzSec" people very unhappy these days......someone has handed them their own asses.

One of them, Wesley Bailey, was supposedly in the Army for 10 years, stationed at Hood and Korea. Oh, he's also "transgendered". :p

http://gizmodo.com/5817715/hacker-allegedly-leaks-part-of-floridas-voter-database

Hacker Allegedly Leaks Part of Florida’s Voter Database

Jul 2, 2011
Kwame Opam —This is a doozy, even as it's still unverified. According to Anonymous, hacker @Abhaxas just leaked a lengthy text file revealing part of Florida's voter database. Included are voter statistics, candidates, and electoral race data.

In the release, Abhaxas writes:

So, this is a little ironic. Here is inside details of florida voting systems. Now.. who still believes voting isn't rigged? If the United States Government can't even keep their ballot systems secure, why trust them at all? FAIL!

http://www.washingtonpost.com/lifestyle/style/hackers-put-big--and-false--news-on-fox-twitter-account/2011/07/04/gHQA31GByH_story.html

Hackers put big — and false — news on Fox Twitter account

By William Wan, Monday, July 4, 4:10 PM
While some marked Independence Day with hot dogs and fireworks, anonymous hackers spent Monday morning breaking into a Fox News Twitter account and posting fake reports of a presidential assassination.

The prank tweets on the @foxnewspolitics account began just after 2 a.m., and — like any proper news account — kept updating with breathless posts on President Obama’s supposed condition.

The tweets, six in total, included gory (and entirely bogus) details: two shots at an Iowa restaurant, hitting the president in the pelvis and neck, etc.

Within hours, news of the fake assassination spurred a wave of re-tweets, jokes and comments mocking Fox online, fueled in part by idle Blackberrys during the holiday and, given the cruel nature of some tweets, apparently a measure of glee at the embarrassment of a news organization sometimes perceived as opposing Obama.

The Secret Service said it is launching an investigation, given the graphic and serious contents of the prank tweets....

Fox News apparently struggled for a few hours to regain control of its Twitter account....

In the @foxnewspolitics Twitter feed, an online outfit called the Script Kiddies initially took responsibility for the attack but then apparently deleted online information about itself, according to a student news Web site called Think at New York’s Stony Brook University....