Posts

MBA Candidate at Johns Hopkins University Receives Lee and Byun International Relations and Cultural Awareness Scholarship

The Lint Center for National Security Studies, a non-profit organization focused on supporting the next generation of America’s National Security professionals through scholarship and mentoring opportunities, today announced the award of the Winter 2017 Lee and Byun International Relations and Cultural Awareness Scholarship.

Naheed Vadsaria, a Technical Trainer/Information Assurance Specialist for Harris Information Technology Systems and MBA candidate at Johns Hopkins University, was awarded the Lint Center’s Lee and Byun International Relations and Cultural Awareness Scholarship for her continued and demonstrated commitment to advancing national security.

“I am truly honored to be the recipient of the Lee and Byun Scholarship International Relations and Cultural Awareness Scholarship,” said Naheed Vadsaria. “I would like to thank the Lint Center for National Security Studies for recognizing the research and analysis work I conducted as a Social Scientist with the Department of Army, Human Terrain Systems in Kapisa, Afghanistan. This scholarship will help me pave my path towards pursuing a career in national security, specifically focusing on Cyber Security. I am looking forward to leveraging the Lint Center’s mentorship program and working with this dynamic organization to obtain the skills necessary to protect our great nation. I also plan to give back, by assisting others who are also pursuing a career in National Security. I am truly humbled.”

“Ms. Vadsaria is a smart government contractor, working in multiple organizations, and changing her career focus,” said Mr. James R. Lint, President and CEO of the Lint Center for National Security Studies. “This makes her a more valuable employee due to her learning new methods in different agencies, and now new talents for further use in Federal Government support.”

The Lint Center’s Lee and Byun International Relations and Cultural Awareness Scholarship provides $500 to students who display a passion, understanding, and appreciation of international relations, cultural awareness and the impact pioneers for positive change can achieve. In her winning essay, Ms. Vadsaria’s used her experience as a Social Scientist while deployed down-range with the U.S. Army to establish a series of recommendations on how the military can improve the quality of its interpreters.

Due to the generosity and continued support of Stratfor, the world’s leading geopolitical intelligence platform (www.stratfor.com), Naheed Vadsaria will also receive a one-year subscription to Stratfor Worldview which includes industry leading geopolitical analysis, and rigorous forecasting of emerging global developments.

About Stratfor:

As the world’s leading geopolitical analysis platform, Stratfor brings valuable context to global events, empowering businesses, governments and individuals to more confidently navigate their way through an increasingly complex international environment. By leveraging a deep understanding of history, politics and geography in conjunction with our unique methodology, Stratfor delivers informed perspectives on today’s events and develops a more accurate view of the future. Individual subscriptions and enterprise membership are available at Stratfor.com.

About the Lint Center:

The Lint Center for National Security Studies, Inc., founded in 2007, is a non-profit IRS 501 (c) (3) organization awards award merit-based scholarships and mentoring programs for students pursuing careers in national service with a particular focus on counterintelligence, military intelligence, national security and cross-cultural studies. The Center is Veteran and minority operated and managed. It awards scholarships semi-annually in both January and July. For more information, please visit https://www.lintcenter.org/.

 

OPSEC Precautions For This Site

Source: http://news.nationalpost.com/arts/movies/jason-bourne-proves-why-computers-are-the-worst-thing-to-happen-to-the-spy-thriller-since-no-more-day-to-day-formalwear

Things to keep in mind when interacting with The Lint Center, particularly when leaving comments or uploading photos:

  1. Defense conditions are classified secret, while force protection conditions are unclassified.
  2. Vulnerability of oconus installations to sabotage or penetration is classified secret if U.S. Intelligence information is made.
  3. The identity of units planned for deployment is confidential until an official announcement of the deployment is made.
  4. General geographic location of units deployed ( I.E. City, Country or Area) is unclassified.
  5. Specific geographic location of units deployed is confidential.
  6. Details of allied military participation in operations are secret.

The Global reach of the World Wide Web requires special precautions to be taken when posting information. The following types of information will not be posted publicly on WarriorLodge.com and will be taken down immediately:

  • Information that is for official use only (FOUO). This type of information would pose an unacceptable risk to the US Military, especially in electronically aggregated form. While records containing FOUO information will normally be marked at the time of their creation, records that do not bare such markings shall be assumed to contain FOUO information.
  • Analysis and recommendations concerning lessons learned which would reveal sensitive military operations, exercises or vulnerabilities.
  • Reference to unclassified information that would reveal sensitive movements of military assets or the location of units, installations, or personnel where uncertainty regarding location is an element of a military plan or program.
  • Personal information including compilations of names or personnel assigned overseas, sensitive, or routinely deployable units.
  • Names, locations, and specific identifying information about family members of military and government employees.
  • Highly technical information that can be used or be adapted for use to design, engineer, product, manufacture, operate, repair, overhaul, or reproduce any military or space equipment or technology concerning such equipment.
  • Unclassified information pertaining to classified programs. The clearance review procedures for unclassified information pertaining to classified programs proposed for posting to a publicly accessible web sites must take into account the likelihoods of classification compilation.

So, let’s review…

  1. Don’t discuss current or future deployment destinations.
  2. Don’t discuss current or future operations or missions.
  3. Don’t discuss current or future dates and times of when service members will be in deployed, in-port or conducting exercises.
  4. Don’t discuss readiness issues and numbers.
  5. Don’t discuss specific training equipment.
  6. Don’t discuss people’s names and billets in conjunction with operations.
  7. Don’t speculate about current or future operations.
  8. Don’t spread rumors about current, future, or past operations or movements.
  9. Don’t assume the enemy is not trying to collect information on you; they are… right now.  Seriously.
  10. Be smart, use your head, and always think OPSEC when using email, phone, chat rooms and message boards.

dia

Operations Security: 1. A systematic, proven process by which a government, organization, or individual can identify, control, and protect generally unclassified information about an operation/activity and, thus, deny or mitigate an adversary’s/competitor’s ability to compromise or interrupt said operation/activity (NSC 1988). 2. OPSEC is a process of identifying critical information and subsequently analyzing friendly actions attendant to military operations and other activities to (a) identify those actions that can be observed by adversary intelligence systems, (b) determine indicators adversary intelligence systems might obtain that could be interpreted or pieced together to derive critical information in time to be useful to adversaries, and select and execute measures that eliminate or reduce to an acceptable level the vulnerabilities of friendly actions to adversary exploitation (DOD JP 1994; JCS 1997).

Operations Security process: An analytical process that involves five components: identification of critical information, analysis of threats, analysis of vulnerabilities, assessment of risks, and application of appropriate countermeasures (NSC 1988).

Source: http://www.ioss.gov/glossary.html#o

 

DNS Amplification Attacks

YES

There are many types of DNS (Domain Name Server) attacks out there but a recent one is the Amplification Attack. But first let’s go over what a DNS is before we go into why an Amplification Attack is more complicated and a bigger threat. Domain Name System servers, are servers which map domain names such as  “google.com” to an IP address of the host server for the particular website.

When a user of a web-browser types “lintcenter.org” into a web-browser, the browser will ask a pool of DNS servers what the IP is for that server. Only then can it ask the server for the appropriate web page. Think of the DNS servers as dictionaries, where each word (domain name) has a server’s IP as its definition. But there can also be more information in that dictionary such as backup name servers, aliases, mail servers, etc.

An attacker can take advantage of how long it takes to compile a whole zone worth of definitions. In fact DNS servers can be just as vulnerable to DoS attacks as other servers with this. A Denial of Service (DoS) attack is a set of methods that can be used to make a server unreachable. By far the most popular are Distributed DoS attacks, where multiple parties (or a single party controlling multiple vectors) attack a single victim.

One such DDOS attack targeting DNS servers is called an Amplification attack. It starts when an attacker asks multiple DNS servers for a zone full of information masquerading as the target DNS server. The intermediary servers will chug and dump a bunch of information onto the target DNS server, hence the term Amplification attack.

Those that are impacted by an Amplification attack are those who have a misconfigured DNS server. But detection isn’t as easy to find.

“While it is not easy to identify authoritative name servers used in DNS reflection attacks as vulnerability is not caused by a misconfiguration, there are several freely available options for detecting open recursive resolvers.  Several organizations offer free, web-based scanning tools that will search a network for vulnerable open DNS resolvers.  These tools will scan entire network ranges and list the address of any identified open resolvers.”

It’s not impossible to repair a server when it’s found it’s been exploited, but it is time consuming. US-Cert has offered several open source and free options and instructions on how to prevent and fix this type of attack.


About the Author:

Kana Kennedy is a third year Information Security and Forensics major at Rochester Institute of Technology in Rochester, New York. Her specific interest is in Policy Writing and Procedure. She is also the Lint Center’s IT Security Associate.


Sources:

  1. https://www.us-cert.gov/ncas/alerts/TA13-088A

Image Credit:

  • Flickr

Disclaimer: The opinions expressed by the Lint Center Bloggers and those providing comments are theirs alone, and do not reflect the opinions of the Lint Center for National Security Studies, Inc. or any employee thereof. The Lint Center for National Security Studies, Inc. is not responsible for the accuracy of any of the information supplied by the Lint Center Bloggers.

New McAfee Study on North Korean Malware

800px-North_Korea-Pyongyang-Computer_class_at_a_school-01

According to news reports, there is a new piece to the Dark Seoul puzzle. A new Malware is on the loose and it’s after information on South Korean and U.S. Military secrets. The report does not identify which government networks have been targeted specifically, just that it’s looking for information on the two specific countries. The researchers have found it’s been gathering information since 2009, but the attack wasn’t discovered until March 20, 2013. It’s called Operation Troy, after the historic city in which the Trojan War took place. A significant reference considering how much of a historic impact the war had on Greek literature. Not to mention that the city of Troy fell due to the enemies breaking through with the famous Trojan horse. All familiar references in modern day hacking and hackers love their references.

McAfee Labs stated that the first attack found was named Dark Seoul, in which they discovered the hard drives wiped of critical data. But Operation Troy is a second attack but may have been implemented by the same group. The Malware was programmed to seek out certain keywords in varying versions of ‘military secrets’.

“This goes deeper than anyone had understood to date, and it’s not just attacks: It’s military espionage,” said Ryan Sherstobitoff, a senior threat researcher at McAfee who gave The Associated Press a report the company is releasing later this week. He analyzed code samples shared by U.S. government partners and private customers.”

My advice would be for the McAfee researchers to keep looking, as in the case of the Trojan horse, the city forces were looking in the wrong direction. McAfee already found two parts to this attack, perhaps there are more.


About the Author:

Kana Kennedy is a third year Information Security and Forensics major at Rochester Institute of Technology in Rochester, New York. Her specific interest is in Policy Writing and Procedure.She is also a Lint Center volunteer.


Sources:

  1. http://www.japantimes.co.jp/news/2013/07/09/asia-pacific/malware-hunts-military-secrets-in-south-korea-mcafee/#.UeBfgz9jfq4
  2. https://en.wikipedia.org/wiki/Trojan_War
  3. http://www.lignet.com/ArticleAnalysis/Is-North-Korea-Poised-to-Launch-a-Cyber-Attack-#ixzz2Z8bByzev

Image Courtesy of Wikicommons.

*Disclaimer: The opinions expressed by the Lint Center Bloggers and those providing comments are theirs alone, and do not reflect the opinions of the Lint Center for National Security Studies, Inc. or any employee thereof. The Lint Center for National Security Studies, Inc. is not responsible for the accuracy of any of the information supplied by the Lint Center Bloggers.

Cyber Vulnerabilities – It’s Not Microsoft’s Fault: Blame Third-Party Programs for Security Vulnerabilities

A newly released annual report by Secunia, an IT security solutions provider specializing in vulnerability management, found that Microsoft may be more secure than commonly perceived. In fact, third-party programs are responsible for the vast majority of security vulnerabilities the report claims.

Secunia’s Blog explains, “78% of vulnerabilities in 2011 affected third-party programs, by far outnumbering the 12% of vulnerabilities found in operating systems or the 10% of vulnerabilities discovered in Microsoft programs.”[i] The trend continues to look gloomy, though, because vulnerabilities are reported to be, “tripling within only a few years.”[ii]

The full report is available on Secunia’s Website.

*Disclaimer: The opinions expressed by the Lint Center Bloggers and those providing comments are theirs alone, and do not reflect the opinions of the Lint Center for National Security Studies, Inc. or any employee thereof. The Lint Center for National Security Studies, Inc. is not responsible for the accuracy of any of the information supplied by the Lint Center Bloggers.


About the Authors:

Tim Coleman received his BA from Georgetown, MBA from Barry University, and Master of Public and International Affairs, Security and Intelligence Studies from the University of Pittsburgh, and serves as the Center’s Director of Communications.

Brittany Minder received her BA in International Relations from Stanford University and she serves as the Lint Center’s Public & External Affairs Associate.


References:

  1. 1. Danchev, Dancho, “Report: Third Party Programs Rather Than Microsoft Programs Responsible for Most Vulnerabilities,” ZDNet.com, February 17, 2012, Retrieved on February 21, 2012, http://www.zdnet.com/blog/security/report-third-party-programs-rather-than-microsoft-programs-responsible-for-most-vulnerabilities/10383
  2. 2. Official Secunia Blog, “Internet Users At Risk from Serious Software Security Flaws Claims Secunia,” February 14, 2012, Retrieved on February 21, 2012, http://secunia.com/company/blog_news/blog/298/
  3. 3. Secunia, Report: Yearly Vulnerability Research Report 2011, February 14, 2012, Retrieved on February 21, 2012, http://secunia.com/company/2011_yearly_report

End Notes:

[i] Official Secunia Blog, “Internet Users At Risk from Serious Software Security Flaws Claims Secunia,” February 14, 2012, Retrieved on February 21, 2012, http://secunia.com/company/blog_news/blog/298/

[ii] ibid