Evaluating the U.K.’s ‘Active Cyber Defence’ Program

Evaluating the U.K.’s ‘Active Cyber Defence’ Program:

In November 2016, the U.K. government its Active Cyber Defence (ACD) program with the intention of tackling “in a relatively automated [and transparent] way, a significant proportion of the cyber attacks that hit the U.K.” True to their word, a little over a year on, last week the U.K.’s National Cyber Security Centre (NCSC) published a (over 60 pages long) of their progress to date. The report itself is full of technical implementation details. But it’s useful to cut through the specifics to explain exactly what ACD is and highlight its successes—how the program could benefit the United States as well.

There are three defining features of the ACD program: government-centered action, intervention, and transparency.

(Via Lawfare – Hard National Security Choices)

Read the article for a nice summary of the report, including the section towards the end that talks to potential benefits for the U.S.

Today’s Revolution: Cybersecurity and the International Order

https://www.lawfareblog.com/todays-revolution-cybersecurity-and-international-order

This is a review of Lucas Kello’s The Virtual Weapon and International Order (Yale University Press, 2017):

The questions that Kello’s proposals raise simply prove his point about the need for interdisciplinary discussions to tackle the multifaceted challenges that cybersecurity poses. The book’s three-part typology of technological revolution will be particularly helpful in framing future discussions of cybersecurity both within and outside of international relations. And it can also be deployed to assess future technological developments. As Kello notes, “the distinguishing feature of security affairs in the current epoch is not the existence of a revolution condition but the prospect that it may never end” (257). Cyberweapons are today’s revolution, but tomorrow will surely bring another.

More of a political science perspective.

Don’t Panic: Hackers Can Now Steal Data Even From Faraday Cage Air-Gapped Computers

From Hacker News:

A team of security researchers—which majorly focuses on finding clever ways to get into air-gapped computers by exploiting little-noticed emissions of a computer’s components like light, sound and heat—have published another research showcasing that they can steal data not only from an air gap computer but also from a computer inside a Faraday cage.

Fascinating research for sure. If you happen to be one of the few working in an environment where air-gapping and Faraday cages are common, this highlights that they are not 100% effective in isolation (no pun intended). This is a reminder of the value of good security hygiene, physical and analog and digital, and occasional validation of assumptions.

For the other 99.999% of security professionals, there are more practical and pragmatic risks requiring addressing with a higher return on investment. This is a reminder of the value of good security hygiene, physical and analog and digital, and occasional validation of assumptions.

See what I did there?

See Also:

TechRepublic

Infosecurity

Another Take on Engineering Notebooks

Another Take on Engineering Notebooks:

Kleiman’s post can be useful for a wide range of users. The main takeaway, for me at least, is that your tools and specific procedures are not as important as organizing your data and scripts and keeping careful notes on what problem you’re trying to solve and the steps you’ve taken to solve it.

(Via Emacs – Irreal)

Here is the original article that kicked this off. As I’ve been trying to simplify my workflows to better manage my data my thinking has informally been tending toward what Dan Kleiman wrote. I don’t have code any more, replaced by the constant flood of documentation coming my way for various projects. Something like this could would for me with a few small changes.

Social Engineering for the Blue Team

Social Engineering for the Blue Team:

After I read, Chris Hadnagy’s book, Social Engineering: The Art of Human Hacking I realized that it’s more than just a red team activity. In fact Wikipedia has multiple entries on the topic. It’s not just security focused. It’s also political. Reading the book it’s even more than that. Sales and marketing people use social engineering. In fact, we all do it, to varying degrees. Some better than others. The book is focused on red teaming for social engineering. A lot of those concepts, though, I could easily apply and even provide examples of doing on a day-to-day basis.

(Via Timothy De Block)

This is the gist of Tim’s upcoming workshop, Social Engineering for the Blue Team, at Converge & Bsides Detroit May 10-12 2018. Give his post a read and provide him with your feedback. Tim’s a great presenter and speaker, so it is worth your time.

The Shallowness of Google Translate

Despite my negativism, Google Translate offers a service many people value highly: It effects quick-and-dirty conversions of meaningful passages written in language A into not necessarily meaningful strings of words in language B. As long as the text in language B is somewhat comprehensible, many people feel perfectly satisfied with the end product. If they can “get the basic idea” of a passage in a language they don’t know, they’re happy. This isn’t what I personally think the word “translation” means, but to some people it’s a great service, and to them it qualifies as translation. Well, I can see what they want, and I understand that they’re happy. Lucky them!

https://www.theatlantic.com/technology/archive/2018/01/the-shallowness-of-google-translate/551570/?single_page=true

Douglass Hofstadter, as quoted above, gets the gist of my use of Google Translate though it is clearly not the thesis of the piece. My value in Google Translate lies in its very shallowness: give me the key points quickly so I can best judge how to proceed. It works much better for me and is more respectful of my friends’ & colleagues’ time if I can pose salient specific questions instead of shoving an email in their face asking “What does this say?”, only to discover that it is yet another Nigerian Prince.

By the way, Hofstadter has a book, “Gödel, Escher, Bach“, of which I am a particular fan. Get it here: 🇯🇵 Japan Kindle and 🇺🇸 US Kindle

Photo by Drew Collins on Unsplash

OpSec Fail Indeed

From motherboard.vice.com …

All the encryption in the world is not going to help if someone can read over your shoulder

https://motherboard.vice.com/en_us/article/8xvwmz/carles-puigdemont-catalan-independence-signal-messages-opsec-fail

Using a secure messaging app to communicate with your political allies is a great idea in this day and age, where government hackers actively try to break into the email accounts of high-profile politicians and staffers in order to plaster them online. But all the unbreakable encryption in the world isn’t going to save you if you read the supposedly secret messages in front of a camera.

Sometimes you can’t make this stuff up.