washington post | Oui Blog

United States cyber offensive efforts expected to grow

| Technology | No Comments

That the United States is amassing its cyber munitions store should not come as a surprise. The recent disclosures of the documents leaked by the now fugitive Edward Snowden disclose how much it is. From reports by The Guardian and the New York Times, it has been revealed that the NSA (National Security Agency) and its British counterpart, Government Communications Headquarters (GCHQ), have been engaged in the long-running and wide range of efforts to beat the encryption that is used widely on the Web, which includes VPN technologies, SSL and the new protections that are used in the 4G Smartphones.

This revelation comes after the release of a stack of information which was contained in documents that were recently leaked to The Washington Post. This gives a glance at the length United States has gone to embrace the offensive cyber actions, something that the security analysts say will likely go on as other countries continually build their own cyber arsenal. Leo Versola, technology vice president at AhnLab, said that the best way he could explain this situation was to paraphrase the saying “the best defense is goof offense”, which has been reverberating throughout the history. He added that defense has at all times been hard to implement successfully due to obvious reasons.

Versola however said that this cyber offensive activity by the United States did not really mean that the country would change the approach towards other countries that are suspected of the same operations. He added that warfare was now shifting from the physical battlefield to the virtual ones and the engagement rules were developing. According the leaked documents, in 2011, intelligent services of the United States conducted 231 offensive cyber operations. In addition, under a project code-named GENIE worth $652 million, the United States cyber specialists have broken into the computer networks of foreign nations and planted malware named “implants” on thousands of machines each year.

United States cyber offensiveBy the end of 2013, the project is expected to control at least 85,000 machines all over the world, which is approximately four times the number that was available in the 2008, according to the budget of the United States intelligence. Most of the implants are designed by the NSA, although $25.1 million was reserved this year for the secret purchase of software vulnerabilities.

Director of research at Solutionary’s Security Engineering Research Team (SERT), Rob Kraus, said that the offensive operations will keep on playing a key part of the strategy of the government in the future. He added that the disarmament of a country by use of cyber security can be very effective and powerful and without even the need of having boots on the ground. One of the most famous and reputable instances of the United States offensive abilities is the Stuxnet virus that was designed to target Iran in a part of the intelligence operation code named “Olympic Games”. In spite of the New York Times unmasking the operation in 2012, the government has never fully acknowledged it. The creation of Stuxnet has been credited to Israel and the United States.

Extremist have been trying to infiltrate Central Intelligence Agency

| News | No Comments

The Washington Post has reported that Al-Qaeda and other aggressive groups have frequently sought to infiltrate the United States intelligence agencies that are investigating several of their employees so as to counter the threat. While citing a classified budget document, the Washington post reported that the Central Intelligence Agency (CIA) had found out that 20% of the job applicants who had suspect backgrounds had major connection with terrorists and/or hostile intelligence agencies.

Central Intelligence AgencyThe document was made available to the paper by Edward Snowden, a former contractor for the National Security Agency (NSA), who is currently a fugitive in the Republic of Russia under a temporary asylum. Although the document did not define the nature of the ties between the job applicants and the hostile groups, it mentioned Hezbollah, Hamas and Al-Qaeda and their affiliates most of the times. The fear of infiltration by the hostile groups is such that the National Security Agency planed to investigate about 4,000 employees last year who were given security clearances. They became aware of suspicious activity in the midst of the members of staff after they scouted about through trillions of keystrokes from the employees at work.

Two people who are familiar with the software used in the monitoring of the employees told the paper that the suspicious activity included the employees accessing confidential databases that they typically don’t need their work or downloading a number of documents. However, due to serious delays and uneven implementation of the software, the multi-billion dollar effort failed and the intelligence agencies did not detect that Snowden was copying various highly confidential documents of the NSA. He is now wanted by Washington for espionage charges which are connected to disclosures to the media on United States Surveillance Programs.

One official told the post that over the past several years, a small subset of the total job applicants to the CIA were flagged due to a variety of issues or problems. In this period, one in five in the flagged group were found to have major connections with terrorist groups and/or aggressive intelligence services.

According to the document, the NSA is creating a huge database, which is known as WILDSAGE, to help in the sharing of sensitive intelligence amongst the cyber security centers. The move has however raised fear that the database could be infiltrated. The intelligence agencies have increased the monitoring of insider threats, especially following the disclosure of many diplomatic and military files by WikiLeaks 2010. Bradley Manning, a former intelligence analyst who has since changed name to Chelsea Manning, had leaked the files to them.

In the year 2011, the congress ordered James Clapper, the Director of National Intelligence, to set up a an automated program for insider threat detection to prevent future leaks, identify double agents and stop possible abuses. The project was however delayed severally while the intelligence world dealt with the consequences left in the wake of the leaks by Manning.  The administration has since cracked down on the insider threats and last year, president Obama issued a National Insider Threat Policy which defined the threats as the ones from terrorism, illegal disclosure of information on national security and terrorism.

Pay-per-click has become the new online model

| News | No Comments

One of the major shifts that have taken place in media consumption over the last ten years has been the transfer of the control from the advertisers and publishers to the consumer. The radio audiences now personalize their programming with the use of satellite radio or the internet, the TV viewers now screen their commercials through the use of DVR systems and the users of the internet now have the ad-blocking software while some just train their eyes to ignore the advert displays. The result of this is that the traditional paradigm, the one where adverts are forced on the audience, is starting to lose its usefulness and in its place, a new model is emerging.

Pay-per-clickSince the consumers are no longer passive, the models for advertising are learning how to take into consideration the interest of all the concerned parties: the consumer, the publisher and the advertiser. Search advertising and their adjoining models for ads are now incorporating this new thinking. From the point of view of the advertiser, the pay-per-click (PPC) model moves a number of risks to the publisher, who is only paid when the internet user takes action and clicks on the advert.

In an article recently published on the Guardian, a new online model for the newspaper was proposed. The idea was that the newspapers would learn to use their exclusive advantage online, the credibility, through the presenting of the appropriate advertisers next to the services, products and the activities that they review. However, some of the responses voiced concerns with Jill Drew, a former Washington Post business editor, saying that although he sees how the shift made sense from a publishing point of view, for him it was crossing the line between journalism and commerce and he was not comfortable with that.

A solution to these worries is that in the model, the newspapers should not or often do not work straightforward with the vendors but with the aggregators and these represent the multiple retailers. For instance, the New York Times linked the ten best books in 2009 that it had recommended on the Holiday Gift Guide to 3 probable buying avenues: Barnes & Noble, local booksellers and Amazon. Also, another solution can be the use of contextual ads that are generated automatically. For example, the algorithm of Google Adsense is able to fit relevant ads to content like that and it can work as a firewall between the vendors and the newspapers.

Furthermore, the news papers have always had to deal with the business pressures that endangered their integrity. Whether it is a TV network that brings into light a safety concern with an automaker or a newspaper prints a negative story concerning a bank which is the largest advertiser, the threat to ethics has always been present. The print industry can thus no longer afford to make just slight adjustments for the upcoming media. The rules are changing and they are now calling for collaboration between the consumers, publishers and the advertisers. In addition, regardless of whether the influential trust model is a suitable, any solution to financial crisis facing a newspaper must consider the new paradigm.