Saturday, April 02, 2016

Hack the Pentagon? I love it!

Several months ago I blogged about the idea that contractors with mature and information security operations are used as butts in seats in the Pentagon and DHS --only to be not allowed to bring best in breed solutions or out of the box thinking to those posts. The result? Long time government employees continue down the paths they've been on for years because (sigh), it's what they know --and what they believe will work based on their own experience.

So when I saw this in my inbox two days ago, I smiled from ear to ear. I doubt anyone read my blog and decided to do this --more likely some smart entrepreneur bent the right ear inside the Pentagon and pulled off a smart coup --BZ to them!. Regardless, on March 31st, DoD announced a "Hack the Pentagon" bug bounty program. Funny, I actually checked the date to make sure it wasn't an April Fools prank because the circular reporting had it on April 1st --I had to find the root article. It apparently is not.

And if this is true? I'm shocked, and elated, and yes, I'll urge my guys to participate. I love the out of the box thinking --a simple solution to a hard problem.

On a second note, I just shared an article from he Register (UK) that talks about the US Marine Corps creating a 'hacker support unit'. Very happy. My first Information Warfare job was at the Navy's Fleet Information Warfare Center in 1997. And now, nearly 20 years later, it seems the stuff is finally filtering into mainstream routine operations as a daily part of what we do.

Well done.


Red Sky and the Labs continue to be busy. We published a couple of new pieces of analysis this week.. two technical papers (Kiler RAT and Kibala), and one of my personal favorites, "Russian Cyber Capabilities: Lessons and Tendencies". This report discusses, in a readable short format,  written by a native speaking Russian analyst, the reasons why Russia as an APT actor (meaning state sponsored), and how we expect them to progress.

BLUF: Russia is one of the most active attackers in the cyber space. With the economy declining in Ukraine, Russia, and Belarus, financial cyber fraud originating in these countries may rise. Political tensions with the West have grown, especially over Ukraine and Syria. Russia is isolating its cyber space, and Russian APTs are getting stronger. These lead to systemic threats with the possibility of large-scale information attacks, and even disruption of the Internet and other critical infrastructure. 

In addition, we requested membership for five new organizations, including a potential integration of another large information sharing group. This is a first for us, but Red Sky has doing well for nearly four years, and while we'd never considered bringing in another group, what the heck.. if it brings value and helps with the defensive mission. We love the idea.

On that, I'm bugging out of NH for MD today... meetings first thing Monday morning and we're expecting snow, so...

Until next week,
Have a great weekend!