jump to navigation

I am back ;) “The Markerian Heptad and Understanding Attacker Motivations” February 24, 2020

Posted by Chris Mark in cybersecurity.
Tags: , , , , , , , , ,
add a comment

It has been a bit of time since I have posted.  I am back with a blog post I wrote for AT&T CyberSecurity Blog. Titled, “Understanding CyberAttacker Motivations”  It discusses what I call the “Markerian Heptad” (Yes..I named it after myself 🙂 and describes the 7 basic motivations that underpin why an attacker would target a particular person, company, organization, etc.

“Implementing a risk based security program and appropriate controls against adaptive cyber threat actors can be a complex task for many organizations. With an understanding of the basic motivations that drive cyber-attacks organizations can better identify where their own assets may be at risk and thereby more efficiently and effectively address identified risks.  This article will discuss the Rational Actor Model (RAM) as well as the seven primary intrinsic and extrinsic motivations for cyber attackers.

Deterrence and security theory fundamentally rely upon the premise that people are rational actors. The RAM is based on the rational choice theory, which posits that humans are rational and will take actions that are in their own best interests.  Each decision a person makes is based upon an internal value calculus that weighs the cost versus the benefits of an action.  By altering the cost-to-benefit ratios of the decisions, decisions, and therefore behavior can be changed accordingly. 

It should be noted at this point that ‘rationality’ relies upon a personal calculus of costs and benefits.  When speaking about the rational actor model or deterrence, it is critical to understand that ‘rational’ behavior is that which advances the individual’s interests and, as such, behavior may vary among people, groups and situations.”..READ MORE HERE!

超限战 – “Warfare without Bounds”; China’s Hacking of the US February 24, 2020

Posted by Chris Mark in cyberespionage, cybersecurity, Politics, weapons and tactics.
Tags: , , , , , , , , ,
add a comment

Unconditional_warfare

“Pleased to meet you…hope you guessed my name…But what’s puzzling you is the nature of my game.”
– The Rolling Stones; Sympathy for the Devil

UPDATE:  On Feb 10, 2020 The US Government charged 4 Chinese Military Officers with hacking in the 2017 Equifax breach.  On January 28th, the FBI arrested a Harvard professor of lying about ties to a Chinese recruitment effort and receiving payment from the US Government.  The attacks, subterfuge and efforts continue against the US.  Why?  Read the original post form 2016 and learn about Unlimited Warfare.

Original post from 2016: More recently, the With the recent US Government’s acknowledgement of China’s hacking of numerous government websites and networks, many are likely wondering why China would have an interest in stealing employee data?  To answer this question, we need to look back at the 1991 Gulf War. You can read my 2013 Article (WorldCyberwar) in the Counter Terrorist Magazine on this subject.

In 1991, a coalition led by the United States invaded Iraq in defense of Kuwait.  At the time Iraq had the 5th largest standing army in the world.  The US led coalition defeated the Iraqi army in resounding fashion in only 96 hours.  For those in the United States the victory was impressive but the average American civilian did not have an appreciation for how this victory was accomplished.

The Gulf War was the first real use of what is known as C4I.  In short, C4I is an acronym for Command, Control, Communications, Computers, and Intelligence. The Gulf War was the first use of a new technology known as Global Positioning Systems (GPS).  The Battle of Medina Ridge was a decisive tank battle in Iraq fought on February 26, 1991 and the first to use GPS.  In this 40 minute battle, the US 1st Armored Division fought the 2nd Brigade of the Iraqi Republican Guard and won decisively. While the US lost 4 tanks and had 2 people killed, the Iraqis suffered a loss of 186 tanks, 127 Infantry Fighting Vehicles and 839 soldiers captured.  The Chinese watched the Gulf War closely and came away with an understanding that a conventional ‘linear’ war against the United States was unwinnable.

After the Gulf War the Chinese People’s Liberation Army tasked two PLA colonels (Qiao Liang and Wang Xiangsui) with redefining the concept of warfare.  From this effort came a new model of Warfare that is published in the book “Unrestricted Warfare” or “Warfare without Bounds”.  Unrestricted Warfare is just what it sound like.  The idea that ‘pseudo-wars’ can be fought against an enemy.  Information warfare, PR efforts and other tactics are used to undermine and enemy without engaging in kinetic, linear battle.  Below is a quote from the book:

“If we acknowledge that the new principles of war are no longer “using armed force to compel the enemy to submit to one’s will,” but rather are “using all means including armed force and non-armed force, military and non-military, lethal and non-lethal means to compel the enemy to accept one’s interests.”

“As we see it, a single man-made stock-market crash, a single computer virus invasion, or a single rumor or scandal that results in a fluctuation in the enemy country’s exchange rates or exposes the leaders of an enemy country on the Internet, all can be included in the ranks of new-concept weapons.”

It further stated: “… a single rumor or scandal that results in fluctuation in the enemy country’s exchange rates…can be included in the ranks of new concept weapons.”

On April 15, 2011, the US Congressional Subcommittee on Oversight and Investigations conducted a hearing on Chinese cyber-espionage. The hearing revealed the US government’s awareness of Chinese cyberattacks. In describing the situation in his opening remarks, subcommittee chairperman Dana Rohrbacher* astutely stated:

“[The]United States is under attack.”

“The Communist Chinese Government has defined us as the enemy. It is buying, building and stealing whatever it takes to contain and destroy us. Again, the Chinese Government has defined us as the enemy.”

Given the Chinese perspective on Unlimited Warfare, it becomes much more clear that what we are seeing with the compromises are examples of ‘pseudo wars’ being fought by the Chinese.  It will be interesting to see how or if the US responds.

*thank you to the reader who corrected my referencing Mr. Rohrbacher as a female.  My apologies to Chairman Rohrbacher!

Security, Risk, and Bayes…oh my! January 6, 2017

Posted by Chris Mark in Uncategorized.
Tags: , , , , , , , , , ,
add a comment

bayes-and-hus-theory(this is an excerpt of some research I conducted for a paper)

According to Dr. Giovanni Manunta, the term security does not yet have a commonly accepted definition and evokes numerous connotations among practitioners. Although often not well defined, the relationship between security and risk is well accepted among business, government, and security professionals (Department of Homeland Security, 2008). While providing fodder for debate to those tasked with the security of information assets, the ambiguous definition of security and the differences in risk analysis techniques create significant challenges to effectively protecting assets.

The practical relationship between security, risk, and decision making is articulated well by the US Department of Homeland Security as it is described as an approach for making and security decisions (DHS, 2008).  This is further established in the NIST 800-37 Risk Management Framework:

“…For operational plans development, the combination of threats, vulnerabilities, and impacts must be evaluated in order to identify important trends and decide where effort should be applied to eliminate or reduce threat capabilities; eliminate or reduce vulnerabilities; and assess, coordinate, and deconflict all cyberspace operations…” (NIST, 2010. p. 3). (emphasis added) (more…)

Chris Mark to speak at 2016 ISF Texas April 10, 2016

Posted by Chris Mark in Uncategorized.
Tags: , , , , ,
add a comment

ISF2016This week (10:30 am, April 14, 2016) I will be in the awesome city of Austin, TX speaking at the 2016 Information Security Forum. The ISF is: “…a free educational conference aimed at public sector Information Security Officers, Information Resources Managers, and IT staff throughout the State of Texas. The conference is hosted by the Texas Department of Information Resources (DIR) and will be managed by the Office of the Chief Information Security Officer (OCISO).”  The title of my presentation will be “Hackers, Slackers, and Thieves, understanding your adversary.”  If you are in Austin, please consider attending!

Lenovo caught (again) installing SpyWare and Malware on Computers! September 27, 2015

Posted by Chris Mark in Uncategorized.
Tags: , , , , , , , , ,
add a comment

LenovoI just saw on TheHackerNews Security Blog on a link I picked up on LinkedIn.  If true (no reason to think it is not), this is truly bad business and shameful practices by Lenovo..AGAIN. Keep in mind that two years ago Lenovo (a Chinese company, BTW) was banned (Again..) from providing computers to the US Intelligence and defense services of Australia, the United States, Britain, Canada and New Zealand over spying issues.  They were first banned in 2006!  Then, in January 2015, Lenovo was caught…ONCE AGAIN..installing SuperFish malware onto refurbished laptops.  SuperFish has a serious vulnerability which makes it vulnerable to Man in The Middle Attacks (MitM).  Now, according to TheHackerNews Lenovo  was caught in August installing a rootkit into their computers.  This rootkit, known as the Lenovo Sevice Engine (LSE) installs into the BIOS on the computer.  According to TheHackerNews: One of the most popular Chinese computer manufacturers ‘Lenovo’ has been caught once again using a hidden Windows feature to preinstall unwanted and unremovable rootkit software on certain Lenovo laptop and desktop systems it sells.”

So what does this really mean for you…the consumer?  If you want to buy a Lenovo I would only ask that you email me as I have a great bridge for sale in Utah and would love to introduce you to some Ukrainian friends who love to give high interest loans.  Honestly, if you are going to buy a Lenovo after reading this, you probably deserve what you get.  I can tell you that I would never own a Lenovo again (had one in the 1990’s).  Fool me once…shame on you…fool me twice shame on me…fool me a third time?  Seriously?

%d bloggers like this: