Weird California Incident Last Year Points To The Real Threat To The Power Grid (Hint: It's Not Cyberattacks)

Via Bruce Schneier's blog, we learn of the following intriguing story published in Foreign Policy: 

On Techdirt.

NATO 'Cyberwar' Manual Says Hacktivists Must Wear A Uniform

Last year, Techdirt wrote about an interesting article suggesting that we should welcome "cyberwar" since it would be so much less painful than the ordinary kind. Of course, that begs the question what we actually mean by "cyberwar", since some forms are probably less humane than others. As we have pointed out, the use of the totally embarrassing "cyber" prefix is really just an excuse for more government controls and for security companies to get fat contracts implementing them.

On Techdirt.

Is GCHQ Frighteningly Clueless or Fiendishly Cunning?

I'm very sceptical about the concept of “cyber attacks”. Not that I doubt that computer systems and infrastructure are attacked: it's just their packaging as some super-duper new “threat” that I find suspicious. It smacks of bandwagon-jumping at best, and at worst looks like an attempt by greedy security companies to drum up yet more business.

On Open Enterprise blog.

Tibet, Cyberattacks and Open Source

There's nothing like a mature response to criticism, and this is nothing like a mature response:

Human rights and pro-democracy groups sympathetic to anti-China demonstrators in Tibet are being targeted by sophisticated cyber attacks designed to disrupt their work and steal information on their members and activities.

But what really caught my attention was the following:

Van Horenbeeck said the danger with the e-mail viruses involved in the attacks is that they are so hand-crafted and new that they usually go undetected by dozens of commercial anti-virus scanners on the market today.

"Last week, I had two of these samples that were detected by two out of 32 different anti-virus scanners, and another that was completely undetected," he said.

The specificity of information sought in the targeted attacks also suggests the attackers are searching for intelligence that might be useful or valuable to a group that wants to keep tabs on human rights groups, said Nathan Dorjee, a graduate student who provides technology support to Students for a Free Tibet.

Dorjee said one recent e-mail attack targeted at the group's members included a virus designed to search victim's computers for encryption keys used to mask online communications. The attackers in this case were searching for PGP keys, a specific technology that group members routinely use to prevent outsiders or eavesdroppers from reading any intercepted messages.

Dorjee said the attacks have been unsettling but ineffective, as the Students for a Free Tibet network mostly operates on more secure platforms, such as Apple computers and machines powered by open source operating systems.

If you're talking viruses, you're essentially talking Windows (at the moment, at least). So as Students for a Free Tibet is finding, open source is doubly your friend: it's low cost and high security in the face of this kind of mature discussion.