Click here to close now.

Welcome!

CloudExpo® Blog Authors: Rex Morrow, Datical, Elizabeth White, Pat Romanski, Liz McMillan, David Miller

Related Topics: IoT User Interface, API Journal, CloudExpo® Blog, Cloud Security, Government Cloud

IoT User Interface: Blog Feed Post

Google vs. China, Our First Cyber War

Last week we witnessed the first Cyber War, but it didn’t go down quite as many of us expected

Last week we witnessed the first Cyber War, but it didn’t go down quite as many of us expected. Instead of a group of anonymous hackers trying to take over thousands of infected PCs or trying to cut off access to critical infrastructure, we saw Google declare the first salvo in its war against Chinese censorship by moving its servers to Hong Kong.

The more I thought about this, the more I realized that this was war, declared by a private company on a nation state. Just because Google doesn’t have its own army (yet), or that no actual physical weapons were fired doesn’t make it any less of a battle. And it is only going to get worse for all of us as other private firms realize that they need to take control over their servers and intellectual property. What is curious is how few companies signed up for the cyber equivalent of the coalition of the willing – GoDaddy was one of the few. Not Microsoft. Not Intel. No PC manufacturer of any shape or size.

Let’s face it. No one wants to declare war on China, whatever form that will take. Most of our PC hardware components are made there. More people are using the Internet in China than the US total population, and it is growing quickly, too. And while the breaches on several Google accounts had Chinese origins, getting accountability isn’t easy.

Coincidentally, while all this was going down I was reading a preview copy of Richard Clarke’s new book called Cyber War. I highly recommend pre-ordering a copy. Clarke was a national security advisor to several presidents and teaches now at the Kennedy School at Harvard.

The book is chilling account of exactly what is wrong with our government and how unprepared we are for Cyber World War I. How so? Think of a Cyber War in terms of nuclear proliferation and the Cold War preparation. But unlike what we did in the 1960s to defend ourselves against possible nuclear annihilation, we are doing everything wrong for a cyber defense. Instead, we have made America more of a target, because so much of our infrastructure, our weapons, our culture, and our PCs are out in the open, ripe for the picking. Look at how easy it is to hijack the drone video feed as a starting point (although the control systems are secured, for the moment.) Clarke talks about various war game scenarios and at one he mentions:

“If you have a mental image of every interesting lab, company, and research facility in the US being systematically vacuum cleaned by some foreign entity, you’ve got it right. That is what has been going on. Much of our intellectual property as a nation has been copied and sent overseas. Our best hope is that whoever is doing this does not have enough analysts to go through it all and find the gems, but that is a faint hope, particularly if the country has, behind the filtration, say, a billion people in it.”

He mentions how there were times when computer professionals working for the Hopkins Applied Physics Lab back in 2009 discovered a data breach. The only way they could solve it was to disconnect their entire organization from the Internet and clean each PC, one by one. “If you are connected to the Internet in any way, it seems, your data is already gone [overseas].”

The problem is that the best defense in a Cyber War isn’t the best offense. Nope: it is hardening your connections. Look at what China has done with its “Great Firewall.” Most of us think this is to keep the porn and liberal thinking out of China. And yes, it does do that. But what is really going on is that in the event of a Cyber War, China can quickly pull the plug and disconnect from the world, to defend itself. Trying asking AT&T or Level 3 to do that here. Ain’t gonna happen.

Another part of the problem is that there is no one actually “tasked,” as they say in DoD-speak, with defending our power grid control systems, transportation networks, and so forth. Where are the cyber equivalents of nuclear strike forces in case someone hits one of these targets? Nowhere. DoD has its own ships, planes, and troops to worry about. Homeland Security is trying to keep shoe bombers and the like out of our skies. What is left is up for grabs. Call it the cyber gap. “Can a nation shut off its cyber connectivity to the rest of the world, or spot cyber attacks coming from inside its geographical boundaries and stop them?” China probably can. We can’t. In an odd twist of irony, the less developed a nation is, say Afghanistan or North Korea, the better defended it can be, because so little of that country’s resources are hackable. How many power grid control rooms have VOIP phones, bringing the Internet literally to the right desktop?

In the past, spies had a harder time of it. They had to physically copy plans, or data, or compromise an actual human being. Now, they can sit in their jammies and download entire manuals without anyone noticing.

When Obama was elected in the fall of 2008, Clarke was an advisor to the transition team. He asked everyone on the team to stop working on their home PCs and even provided brand new Apple MacBooks that were locked down so they couldn’t connect to the public Internet. When the users complained about this when they tried to access public Wifi networks, he “tried to quietly point out that if you are a senior member of the informal national security transition team, you probably should not be planning the takeover of the White House from a Starbucks.” Gulp.

That is the problem. We are too used to our connectivity, and have gotten too complacent with our computers. A lot remains to be done. You have been warned.

Read the original blog entry...

More Stories By David Strom

David Strom is an international authority on network and Internet technologies. He has written extensively on the topic for 20 years for a wide variety of print publications and websites, such as The New York Times, TechTarget.com, PC Week/eWeek, Internet.com, Network World, Infoworld, Computerworld, Small Business Computing, Communications Week, Windows Sources, c|net and news.com, Web Review, Tom's Hardware, EETimes, and many others.

@CloudExpo Stories
We are all here because we are sold on the transformative promise of The Cloud. But what good is all of this ephemeral, on-demand infrastructure if your usage doesn't actually improve the agility and speed of your business? How must Operations adapt in order to avoid stifling your Cloud initiative? In his session at DevOps Summit, Damon Edwards, co-founder and managing partner of the DTO Solutions, will highlight the successful organizational, process, and tooling patterns of high-performing c...
The 5th International DevOps Summit, co-located with 17th International Cloud Expo – being held November 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA – announces that its Call for Papers is open. Born out of proven success in agile development, cloud computing, and process automation, DevOps is a macro trend you cannot afford to miss. From showcase success stories from early adopters and web-scale businesses, DevOps is expanding to organizations of all sizes, including the...
The web app is Agile. The REST API is Agile. The testing and planning are Agile. But alas, Data infrastructures certainly are not. Once an application matures, changing the shape or indexing scheme of data often forces at best a top down planning exercise and at worst includes schema changes which force downtime. The time has come for a new approach that fundamentally advances the agility of distributed data infrastructures. Come learn about a new solution to the problems faced by software orga...
The OpenStack cloud operating system includes Trove, a database abstraction layer. Rather than applications connecting directly to a specific type of database, they connect to Trove, which in turn connects to one or more specific databases. One target database is Postgres Plus Cloud Database, which includes its own RESTful API. Trove was originally developed around MySQL, whose interfaces are significantly less complicated than those of the Postgres cloud database. In his session at 16th Cloud...
Today’s enterprise is being driven by disruptive competitive and human capital requirements to provide enterprise application access through not only desktops, but also mobile devices. To retrofit existing programs across all these devices using traditional programming methods is very costly and time consuming – often prohibitively so. In his session at @ThingsExpo, Jesse Shiah, CEO, President, and Co-Founder of AgilePoint Inc., discussed how you can create applications that run on all mobile ...
There will be 150 billion connected devices by 2020. New digital businesses have already disrupted value chains across every industry. APIs are at the center of the digital business. You need to understand what assets you have that can be exposed digitally, what their digital value chain is, and how to create an effective business model around that value chain to compete in this economy. No enterprise can be complacent and not engage in the digital economy. Learn how to be the disruptor and not ...
In their general session at 16th Cloud Expo, Michael Piccininni, Global Account Manager – Cloud SP at EMC Corporation, and Mike Dietze, Regional Director at Windstream Hosted Solutions, will review next generation cloud services, including the Windstream-EMC Tier Storage solutions, and discuss how to increase efficiencies, improve service delivery and enhance corporate cloud solution development. Speaker Bios Michael Piccininni is Global Account Manager – Cloud SP at EMC Corporation. He has b...
There is no question that the cloud is where businesses want to host data. Until recently hypervisor virtualization was the most widely used method in cloud computing. Recently virtual containers have been gaining in popularity, and for good reason. In the debate between virtual machines and containers, the latter have been seen as the new kid on the block – and like other emerging technology have had some initial shortcomings. However, the container space has evolved drastically since coming on...
In a recent research, analyst firm IDC found that the average cost of a critical application failure is $500,000 to $1 million per hour and the average total cost of unplanned application downtime is $1.25 billion to $2.5 billion per year for Fortune 1000 companies. In addition to the findings on the cost of the downtime, the research also highlighted best practices for development, testing, application support, infrastructure, and operations teams.
The most often asked question post-DevOps introduction is: “How do I get started?” There’s plenty of information on why DevOps is valid and important, but many managers still struggle with simple basics for how to initiate a DevOps program in their business. They struggle with issues related to current organizational inertia, the lack of experience on Continuous Integration/Delivery, understanding where DevOps will affect revenue and budget, etc. In their session at DevOps Summit, JP Morgentha...
SYS-CON Media named Andi Mann editor of DevOps Journal. DevOps Journal is focused on this critical enterprise IT topic in the world of cloud computing. DevOps Journal brings valuable information to DevOps professionals who are transforming the way enterprise IT is done. Andi Mann, Vice President, Strategic Solutions, at CA Technologies, is an accomplished digital business executive with extensive global expertise as a strategist, technologist, innovator, marketer, communicator, and thought lea...
With major technology companies and startups seriously embracing IoT strategies, now is the perfect time to attend @ThingsExpo in Silicon Valley. Learn what is going on, contribute to the discussions, and ensure that your enterprise is as "IoT-Ready" as it can be! Internet of @ThingsExpo, taking place Nov 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 17th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading in...
Even though it’s now Microservices Journal, long-time fans of SOA World Magazine can take comfort in the fact that the URL – soa.sys-con.com – remains unchanged. And that’s no mistake, as microservices are really nothing more than a new and improved take on the Service-Oriented Architecture (SOA) best practices we struggled to hammer out over the last decade. Skeptics, however, might say that this change is nothing more than an exercise in buzzword-hopping. SOA is passé, and now that people are ...
SYS-CON Events announced today that MetraTech, now part of Ericsson, has been named “Silver Sponsor” of SYS-CON's 16th International Cloud Expo®, which will take place on June 9–11, 2015, at the Javits Center in New York, NY. Ericsson is the driving force behind the Networked Society- a world leader in communications infrastructure, software and services. Some 40% of the world’s mobile traffic runs through networks Ericsson has supplied, serving more than 2.5 billion subscribers.
Enterprises are fast realizing the importance of integrating SaaS/Cloud applications, API and on-premises data and processes, to unleash hidden value. This webinar explores how managers can use a Microservice-centric approach to aggressively tackle the unexpected new integration challenges posed by proliferation of cloud, mobile, social and big data projects. Industry analyst and SOA expert Jason Bloomberg will strip away the hype from microservices, and clearly identify their advantages and d...
The Domain Name Service (DNS) is one of the most important components in networking infrastructure, enabling users and services to access applications by translating URLs (names) into IP addresses (numbers). Because every icon and URL and all embedded content on a website requires a DNS lookup loading complex sites necessitates hundreds of DNS queries. In addition, as more internet-enabled ‘Things' get connected, people will rely on DNS to name and find their fridges, toasters and toilets. Acco...
T-Mobile has been transforming the wireless industry with its “Uncarrier” initiatives. Today as T-Mobile’s IT organization works to transform itself in a like manner, technical foundations built over the last couple of years are now key to their drive for more Agile delivery practices. In his session at DevOps Summit, Martin Krienke, Sr Development Manager at T-Mobile, will discuss where they started their Continuous Delivery journey, where they are today, and where they are going in an effort ...
The Internet of Things promises to transform businesses (and lives), but navigating the business and technical path to success can be difficult to understand. In his session at @ThingsExpo, Sean Lorenz, Technical Product Manager for Xively at LogMeIn, demonstrated how to approach creating broadly successful connected customer solutions using real world business transformation studies including New England BioLabs and more.
There are 182 billion emails sent every day, generating a lot of data about how recipients and ISPs respond. Many marketers take a more-is-better approach to stats, preferring to have the ability to slice and dice their email lists based numerous arbitrary stats. However, fundamentally what really matters is whether or not sending an email to a particular recipient will generate value. Data Scientists can design high-level insights such as engagement prediction models and content clusters that a...
Containers Expo Blog covers the world of containers, as this lightweight alternative to virtual machines enables developers to work with identical dev environments and stacks. Containers Expo Blog offers top articles, news stories, and blog posts from the world's well-known experts and guarantees better exposure for its authors than any other publication. Bookmark Containers Expo Blog ▸ Here Follow new article posts on Twitter at @ContainersExpo