Cyber Warfare - What Is Air Gapping In Cyber Security?

 

The word "air gapping" refers to a security procedure implemented to safeguard a computer system against unauthorized access.

A computer system must be separated from any local area network or public wireless network in order to be air gapped.

Because of the sensitive information stored therein, the military, intelligence agencies, financial institutions, and even certain advocacy organizations air gap some systems.

Air gapping is primarily a security mechanism, but it may also refer to a data transmission technique from one classified system to another.

It's often utilized to transport material from the low side (unclassified machines) to the high side (classified equipment) (classified machines).

On the low side, data is cut to a CD-ROM and put on the high side.

Even isolating the system from the rest of the network may not be enough to keep it safe.

Recent exploits have shown the importance of air gapping in critical systems.

A hacker claimed lately that he gained access to a flight control system through the plane's media network.

The Stuxnet virus, which infected Iranian centrifuges, was delivered through a USB device linked to the machine.

Even if the system's exterior connections keep it safe from electromagnetic or other electrical attacks, they can't keep the system safe from internal errors or threats.

The US government created guidelines to aid air gap computer systems under the National Security Administration's (NSA) TEMPEST program (Telecommunications Electronics Material Protected from Emanating Spurious Transmissions).

To avoid intrusion, the guidelines propose keeping the system at a minimum safe distance and enclosing it in a Faraday cage.

 

~ Jai Krishna Ponnappan

You may also want to read and learn more about Cyber Warfare, Global Geo Politics, Conflicts, And Conflict Resolution here.

See also: 

Cyber Security; Hardware; Internet

Further Reading:

Clarke, Richard A., and Robert K. Knake. Cyber War: The Next Threat to National Security and What to Do about It. New York: HarperCollins, 2010.

Libicki, Martin. Cyberspace in Peace and War. Annapolis, MD: U.S. Naval Institute Press, 2016.

Cyber Warfare - Who Is KEITH B. ALEXANDER?

General Keith B. Alexander (1951–) served as director of the National Security Agency (NSA) and head of the Central Security Service (CSS) from August 2005 until his retirement in 2014, as well as commander of US Cyber Command (USCYBERCOM).

Alexander was born on December 2, 1951, in Syracuse, New York, and graduated from the United States Military Academy at West Point in 1974 as an army second lieutenant.

He got master's degrees from Boston University (business administration), the Naval Postgraduate School (systems technology and physics), and the National Defense University throughout his military service (security strategy).

Alexander also has degrees from the National War College and the US Army Command and General Staff College.

Under the authority of US Strategic Command, Alexander was in charge of planning, coordinating, and directing activities in defense of DoD computer networks via USCYBERCOM (USSTRATCOM).

He also had overlapping duties for certain DoD national foreign intelligence and combat support operations, as well as the safeguarding of US national security information systems, while at the NSA and CSS.

Alexander was a career military intelligence officer who held positions such as US Army deputy chief of staff, G-2; commanding general of US Army Intelligence and Security Command; director of intelligence at US Central Command (CENTCOM); and deputy director for requirements, capabilities, assessments, and doctrine (J-2) for the Joint Chiefs of Staff before taking the NSA directorship (JCS).

When General Michael Hayden was raised to fourth star and assigned as deputy to Ambassador John Negroponte, President George W.

Bush's pick to the newly established office of director of national intelligence, Alexander took over as NSA director (DNI).

Alexander's time at the NSA was plagued by questions about the legality and effectiveness of the agency's data collecting efforts.

The first exploded in December 2005, when the New York Times revealed that the National Security Agency (NSA) had been spying on Americans' phone calls and e-mail without a warrant since 2001.

In June 2013, Edward Snowden, then a contract employee of the National Security Agency, disclosed thousands of secret papers to journalists, causing the second and most personal of these crises.

The NSA's access to private communication was exposed by the trove of stolen papers, which showed the scope of the agency's infiltration of the information infrastructure and secret partnerships with telecoms and Internet service providers.

The NSA has come under fire as a result of the Snowden leaks.

After the magnitude of the leaks became public, Alex ander volunteered to retire from the NSA, but President Barack Obama resisted, protecting both the NSA's activities and its beleaguered director.

Alexander was discharged from the military the following year.

See also: 

Hayden, Michael V.; National Security Agency (NSA); Obama, Barack; Snowden, Edward J.; U.S. Cyber Command (USCYBERCOM)

Further Reading:

Harris, Shane. The Watchers: The Rise of America’s Surveillance State. New York: Penguin Press, 2010.

Hayden, Michael V. Playing to the Edge: American Intelligence in the Age of Terror. New York: Penguin Press, 2016.

~ Jai Krishna Ponnappan

You may also want to read and learn more about Cyber Warfare, Global Geo Politics, Conflicts, And Conflict Resolution here.

Cyber Warfare - Who Is DMITRI ALPEROVITCH?

ALPEROV Dmitri Alperovitch cofounded CrowdStrike, a security technology firm that helps businesses and governments defend their intellectual property and secrets from cyber espionage and cyber crime, in 2011 and later became its chief technology officer.

Alperovitch graduated from Georgia Tech with a master's degree in information security and a bachelor's degree in computer science.

In the late 1990s and early 2000s, Alperovitch worked with a variety of computer security start-ups, including CipherTrust, which pioneered the TrustedSource reputation system.

He headed the research team that developed the software as a service company when CipherTrust was bought by Secure Computing in 2006.

When McAfee purchased Secure Computing in 2008, Alpero vitch became vice president of threat research.

In January 2010, he oversaw Operation Aurora, a probe of Google and two dozen other firms' Chinese breaches.

He also headed the investigation of Western multinational oil and gas firms' Night Dragon espionage program, which he tracked to a Chinese person residing in Heze City, Shandong Province, People's Republic of China.

Alp erovitch was also honored with the coveted Government 100 Award in 2011 for his services to federal information security in the United States.

Alperovitch was named one of Washingtonian's "Tech Titans" in 2013 and 2015 for his achievements in the area of cyber security.

In 2013, he was named one of MIT Technology Review's "Top 35 Innovators Under 35." In addition to his work at CrowdStrike, Alperovitch is a nonresident senior fellow at the Atlantic Council's Cyber Statecraft Initiative.

Alperovitch has done substantial research on reputation systems, spam detection, Web security, public-key and identity-based cryptography, malware detection and prevention, and public-key and identity-based cryptography.

 

~ Jai Krishna Ponnappan

You may also want to read and learn more about Cyber Warfare, Global Geo Politics, Conflicts, And Conflict Resolution here.

See also: 

Cryptography; Encryption; McAfee

Further Reading:

“Atlantic Council Programs Report: July 2015.” Atlantic Council, August 3, 2015. http://www.atlanticcouncil.org/for-members/atlantic-council-programs-report-may2015-3.

“Dmitri Alperovitch.” CrowdStrike. http://www.crowdstrike.com/dmitri-alperovitch.

“Innovators under 35: Dmitri Alperovitch, CTO, CrowdStrike.” MIT Technology Review, October 10, 2013. https://www.technologyreview.com/s/521371/innovators-under-35-dmitri-alperovitch-cto-crowdstrike.

Cyber Warfare - Deconstructing Cyber Attacks By The Al Qaeda.

 

Al Qaeda is a Sunni jihadist organization created in 1988 by Osama bin Laden and others.

The name Al Qaeda means "the base," which accurately describes how the group has offered a basis of training and information to subsidiaries all over the globe.

Many countries consider the group to be a terrorist organization, including the United States, which initiated its War on Terror against Al Qaeda following the September 11, 2001 attacks.

Despite US attempts to target most of Al Qaeda's core leadership, many observers think that the group's various "franchises," which operate in more than 30 countries, remain a formidable and varied organization.

Al Qaeda sprang from Afghan opposition to Soviet occupation, but its principal goal was to oppose all things Western, especially those who represented the United States.

This incorporates democratic concepts from the West.

Al Qaeda's strategy was to entice the US into attacking and occupying a Muslim nation, which would then incite militants to fight occupation troops.

It then intended to spread the fight across the area, dragging the US further into a protracted and expensive struggle.

It would also begin terrorist strikes against US partners at the same time.

Finally, it believed that by 2020, the US economy, and so the global economy, will have collapsed.

Al Qaeda would then launch a worldwide jihad and establish a global caliphate.

Since 9/11, Al Qaeda has stepped up its efforts to utilize cyber terrorism against the US, believing that cyber targets are just as vulnerable as airports were before 9/11.

Al Qaeda recruits from disgruntled but often well-educated groups, giving it access to individuals who are technologically savvy.

Nonetheless, it has spent considerably more time threatening cyber strikes than actually carrying them out.

Al Qaeda militants, for example, tried but failed to launch distributed denial-of-service (DDoS) operations against a number of Western Web sites in 2007.

Al Qaeda Electronic (AQE) debuted in January 2015 as the organization's first cyber franchise, while its actual affiliation to Al Qaeda is uncertain.

AQE has mostly involved in Web site defacement, which is one of the more straightforward kinds of hacking.

It hasn't yet chosen a high-profile Web site as a target.

It has just a few hundred followers on Twitter and identifies Kandahar, Afghanistan as its actual location.

Unlike the Islamic State of Iraq and Syria (ISIS), which has effectively maintained its online presence, Al Qaeda has been reticent to embrace technology because its commanders are afraid that it may betray their whereabouts, exposing them to US attacks.

Instead of focusing on the outside world in order to recruit or connect with followers, technology has been concentrated on the inside to preserve connection.

Following the assassination of Osama bin Laden and other senior figures, there is discussion over whether Al Qaeda is a functional doctrine or an organization.

Some think that Al Qaeda actively guides its several national versions, providing a strategic vision and dictating the scope of its actions.

Others claim that Al Qaeda acts as a hub, with loosely related affiliates running their own independent operations with a local emphasis on corrupt Muslim governments and a larger purpose of destroying anything with Western relations.

Al Qaeda is comparable to ISIS in that it adheres to Salafi principles, which strive to cleanse Islam of Shiites and those who are perceived as failing to conform to Islam as it was during Muhammad's lifetime.

However, in opposition to ISIS, bin Laden advised against forming a state too rapidly, citing the quickness with which the US had deposed earlier efforts.

Although ISIS seemed to have surpassed Al Qaeda in 2016, if Osama bin Laden is true, this is a one-time occurrence since Al Qaeda's strategy is more long-lasting.

 

~ Jai Krishna Ponnappan

You may also want to read and learn more about Cyber Warfare, Global Geo Politics, Conflicts, And Conflict Resolution here.

See also: 

Cyber Terrorism; Distributed Denial-of-Service (DDoS) Attack; Islamic 

State in Iraq and Syria (ISIS)

Further Reading:

Chen, M. Thomas. Cyberterrorism after Stuxnet. Strategic Studies Institute and United States Army War College Press, June 2014. http://www.strategicstudiesinstitute.army.mil/pdffiles/PUB1211.pdf.

Ibrahim, Raymond, ed. The Al Qaeda Reader: The Essential Texts of Osama Bin Laden’s Terrorist Organization. New York: Broadway Books, 2007.

Liu, Eric. “Al Qaeda Electronic: A Sleeping Dog?” A report by the Critical Threats Project of the American Enterprise Institute, December 2015. http://www.criticalthreats.org/al-qaeda/liu-al-qaeda-electronic-december-2-2015.

Mendelsohn, Barack. The Al-Qaeda Franchise: The Expansion of Al-Qaeda and Its Consequences. New York: Oxford University Press, 2016.

Wright, Lawrence. The Looming Tower. New York: Vintage, 2007.