CYBER ATTACK Information and News
[wp_rss_retriever url=”https://blog.trendmicro.com/feed/” items=”5″ excerpt=”50″ read_more=”true” credits=”false” new_window=”true” thumbnail=”200″ cache=”7200″]
[wp_rss_retriever url=”https://blog.trendmicro.com/category/vulnerabilities/feed/” items=”10″ excerpt=”50″ read_more=”true” credits=”false” new_window=”true” thumbnail=”200″ cache=”7200″]
Cyber Attack Information and News
Threat and Vulnerability
Our economy and national security are fully dependent upon information technology and the information infrastructure. At the core of the information infrastructure upon which we depend is the Internet, a system originally designed to share unclassified research among scientists who were assumed to be uninterested in abusing the network. It is that same Internet that today connects millions of other computer networks making most of the nation’s essential services and infrastructures work. These computer networks also control physical objects such as electrical transformers, trains, pipeline pumps, chemical vats, radars, and stock markets, all of which exist beyond cyberspace. A spectrum of malicious actors can and do conduct attacks against our critical information infrastructures. Of primary concern is the threat of organized cyber attacks capable of causing
debilitating disruption to our Nation’s critical infrastructures, economy, or national security.
The required technical sophistication to carry out such an attack is high—and partially explains the lack of a debilitating attack to date. We should not, however, be too sanguine. There have been instances where organized cyber attackers have exploited vulnerabilities that may be indicative of more destructive capabilities. Uncertainties exist as to the intent and full technical capabilities of several observed cyber attacks. Enhanced cyber threat analysis is needed to address long-term trends related to threats and vulnerabilities. What is known is that the cyber attack tools and methodologies are becoming widely available, and the technical capability and sophistication of users bent on causing havoc or disruption is improving. In peacetime America’s enemies may conduct espionage on our Government, university research centers, and private companies. They may also seek to prepare for cyber strikes during a confrontation by mapping U.S. information systems, identifying key targets, and lacing our infrastructure with back doors and other means of access. In wartime or crisis, adversaries may seek to intimidate the Nation’s political leaders by attacking critical infrastructures and key economic functions or eroding public confidence in information systems.
Cyber attacks on United States information networks can have serious consequences such as disrupting critical operations, causing loss of revenue and intellectual property, or loss of life.
Countering such attacks requires the development of robust capabilities where they do not exist today if we are to reduce vulnerabilities and deter those with the capabilities and intent to harm our critical infrastructures.
The Analytic Process in determining cyber attack sources
The mission of the Intelligence Community is to seek to reduce the uncertainty surrounding foreign activities, capabilities, or leaders’ intentions. This objective is difficult to achieve when seeking to understand complex issues
on which foreign actors go to extraordinary lengths to hide or obfuscate their activities.
On these issues of great importance to US national security, the goal of intelligence analysis is to provide assessments to decision makers that are intellectually rigorous, objective, timely, and useful, and that adhere to trade craft standards.
The trade craft standards for analytic products have been refined over the past ten years. These standards include describing sources (including their reliability and access to the information they provide), clearly expressing uncertainty, distinguishing between underlying information and analysts’ judgments and assumptions, exploring alternatives, demonstrating relevance to the customer, using strong and transparent logic, and explaining change or consistency in judgments over time.
Applying these standards helps ensure that the Intelligence Community provides US policymakers, war fighters, and operators with the best and most accurate insight, warning, and context, as well as potential opportunities to advance US national security.
Intelligence Community analysts integrate information from a wide range of sources, including human sources, technical collection, and open source information, and apply specialized skills and structured analytic tools to draw inferences informed by the
data available, relevant past activity, and logic and reasoning to provide insight into what is happening and the prospects for the future.
A critical part of the analyst’s task is to explain uncertainties associated with major judgments based on the quantity and quality of the source material, information gaps, and the complexity of the issue.
When Intelligence Community analysts use words such as “we assess” or “we judge,” they are conveying an analytic assessment or judgment.
Some analytic judgments are based directly on collected information; others rest on previous judgments, which serve as building blocks in rigorous analysis. In either type of judgment, the trade-craft standards outlined above ensure that analysts have an appropriate basis for the judgment.
Intelligence Community judgments often include two important elements: judgments of how likely it is that something has happened or will happen (using terms such as “likely” or “unlikely”) and confidence levels in those judgments (low, moderate, and high) that refer to the evidentiary basis, logic and reasoning, and precedents that underpin the judgments.
Determining Attribution in Cyber Incidents
The nature of cyberspace makes attribution of cyber operations difficult but not impossible. Every kind of cyber operation—malicious or not—leaves a trail. US Intelligence Community analysts use this information, their constantly growing knowledge base of previous events and known malicious actors, and their knowledge of how these malicious actors work and the tools that they use, to attempt to trace these operations back to their source. In every case, they apply the same trade-craft standards described in the Analytic Process above.
Analysts consider a series of questions to assess how the information compares with existing knowledge and adjust their confidence in their judgments as appropriate to account for any alternative hypotheses and ambiguities.
An assessment of attribution usually is not a simple statement of who conducted an operation, but rather a series of judgments that describe whether it was an isolated incident, who was the likely perpetrator, that perpetrator’s possible motivations, and whether a foreign government had a role in ordering or leading the operation.
WORLD MARITIME NEWS
[wp_rss_retriever url=”https://worldmaritimenews.com/archives/tag/cyber-attack/feed/” items=”10″ excerpt=”50″ read_more=”true” credits=”false” new_window=”true” thumbnail=”200″ cache=”7200″]
[wp_rss_retriever url=”https://blog.trendmicro.com/trendlabs-security-intelligence/category/malware/feed/” items=”10″ excerpt=”50″ read_more=”true” credits=”false” new_window=”true” thumbnail=”200″ cache=”7200″]
[wp_rss_retriever url=”https://threatpost.com/feed/” items=”10″ excerpt=”50″ read_more=”true” credits=”false” new_window=”true” thumbnail=”200″ cache=”7200″]
[wp_rss_retriever url=”https://securityweekly.com/feed” items=”10″ excerpt=”50″ read_more=”true” credits=”false” new_window=”true” thumbnail=”200″ cache=”7200″]
[wp_rss_retriever url=”https://www.politico.com/rss/morningcybersecurity.xml” items=”5″ excerpt=”50″ read_more=”true” credits=”false” new_window=”true” thumbnail=”200″ cache=”7200″]
[wp_rss_retriever url=”https://blog.trendmicro.com/category/mobile-security/feed/” items=”10″ excerpt=”50″ read_more=”true” credits=”false” new_window=”true” thumbnail=”200″ cache=”7200″]