Posted by
Gabrielle Cusumano on Friday, November 21, 2008 10:02:00 PM
"The Pentagon has suffered from a cyber attack so alarming that it has taken the unprecedented step of banning the use of external hardware devices, such as flash drives and DVD's, FOX News has learned. The attack came in the form of a global virus or worm that is spreading rapidly throughout a number of military networks..."
Pentagon Hit by Unprecedented Cyber Attack
As a result of the cyber attack, the Defense Department has banned the use of external hardware devices throughout a vast network of military computers.
FOXNews.com
Thursday, November 20, 2008
The attack came in the form of a global virus or worm that is spreading rapidly throughout a number of military networks.
"We have detected a global virus for which there has been alerts, and we have seen some of this on our networks," a Pentagon official told FOX News. "We are now taking steps to mitigate the virus."
The official could not reveal the source of the attack because that information remains classified.
"Daily there are millions of scans of the GIG, but for security reasons we don't discuss the number of actual intrusions or attempts, or discuss specific measures commanders in the field may be taking to protect and defend our networks," the department said in an official statement.
Military computers are often referred to as part of the Global Information Grid, or GIG, a system composed of 17 million computers, many of which house classified or sensitive information.
FOX News obtained a copy of one memo sent out last week to an Army division within the Pentagon warning of the cyber attack.
ESP technology was transitioned in 1998 to the Software Engineering Institute at Carnegie Mellon University. With funding and guidance from DARPA, DoD, CMS, DoE, NRO, NASA, and the Air Force, the U.S. Security Policy Board tested and matured the ESP technology.
PDF]
http://www.sans.org
http://www.dshield.org
http://www.securityfocus.com
http://www.peopledata.com
http://www.cybercrime.gov/ipmanual/09ipma.html
https://cybercop.esportals.com
http://www.cert.org
_________________________________________________________________________________________________________________________________________
"China. They’ve been moving towards this capability for years."
Agreed. I met the head of Information Assurance for the Air Force and he told me the following stark fact. Surprisingly, it was unclassified.
"To all of my fellow officers, in all other service branches and even the Air Force, our enemy is radical Islam. They fight the War on Terror."
"As for me, I stand alone. I have a single enemy. It is China. We have thousands of attempted network penetrations originating in China each day."
"We will win the War on Terror. But our real enemy is China." posted on Thursday, November 20, 2008 8:00:10 PM by tom h
"Sami Saydjari, who has been working on cyber defence systems for the Pentagon since the 1980s, told Congress in testimony on April 25 that a mass cyber attack could leave 70 per cent of the US without electrical power for six months." "He told The Times that all major nations – including China – were scrambling to defend against, and working out ways to cause, “maximum strategic damage” by taking out banking systems, power grids and communications networks. He said that there were at least a thousand attempted attacks every hour on American computers. “China is aggressive in this,” he said. "
posted on Thursday, November 20, 2008 8:20:19 PM by Earthdweller
____________________________________________________________________________________________________________________________________________
Deal Value: $7 to $15.6 Million (ESP GROUP LLC Has Protected The Pentagon During the Clinton Presidency)
Seller: ESP Group LLC (Arlington, VA) (Clinton White House Backed Security Company) See ESP Info below in Company information
Business: Provides security solution to share sensitive information
Buyer: NC4 Inc. (El Segundo)
M&A report--June 2006.(INVESTMENTS & FINANCE)(mergers and acquisitions)
Publication: Los Angeles Business Journal
Publication Date: 31-JUL-06
__________________________________________________________________________________________________________________________________________
Wireless News 05-05-2008 Avinor Selects ESP Group and ObjectVideo for ... Pentagon Force Protection Agency Securely Connects National Capital Region. ...
www.highbeam.com/doc/1P1-152219239.html - 114k
Esp Group Llc,The
1225 Jefferson Davis Hwy Crystal Gateway 2, Suite 1103
Arlington, VA 22202-4301
 |
|
The ESP Group LLC is an Application Service Provider specializing in hosting highly secure collaboration systems for handling Sensitive But Unclassified (SBU) information over the Internet. The ESP Group distinguishes itself from ordinary ASP's by its singular dedication to security and its focus on working with clients to customize its solutions to the client's needs. Products include the CyberCop Portal for secure communication and collaboration, Foreign National Tracking Portal, and the BioTerrorism Reporting Portal. Clients of ESP include the Pentagon Force Protection Agency, law enforcement agencies in all 50 states and ten countries in addition to the Federal Government and many major corporations. |
|
The ESP Group, LLC would like to share with you their excitement regarding the recent acquisition of ESP by NC4 ( www.nc4.us ), a California based company providing situational awareness, incident monitoring and crisis management. ESP is proud to be among the suite of collaborative capabilities which now include ESP's secure collaboration portals, NC4's external situational awareness programs and E-Team's incident management solutions.
|
|
Enter Flash | Enter HTML
|
 |
 |
| Mission Statement |
|
The ESP Group LLC., an Application Service Provider, offers a thorough security solution for diverse organizations to share Sensitive but Unclassified (SBU) information through highly secure, compartmented, Internet accessible portals. Continuously striving to operate at a higher level of security, trust, service, technology and performance, the ESP Group focuses on aligning its solution of leveraging the Internet for sensitive applications with client's individual needs.
|
|
|
| Company History |
|
The Defense Advanced Research Projects Agency (DARPA), the Defense Department's R&D organization that originally created the Internet (ARPANet) and other projects, such as the stealth bomber, recognized an internal need to communicate and collaborate securely over the web. So in 1997, a multi agency security team was established to review and select the most secure technologies available in the government and private sectors to acknowledge this need.
Meanwhile, the White House's U.S. Security Policy Board, a coordinating body for the national security and intelligence communities, was charged under the Presidential Decision Directive (PDD) 29 to provide a new combination of technology and business to the secure community.
In response to both directives, the Security Policy Board launched the Extranet for Security Professionals (The ESP – www.xsp.org ). The ESP is a highly secure collaboration system equipped to handle Sensitive But Unclassified (SBU) information over the Internet. This private external network (Extranet) portal, accessed over the web, is used by security-cleared national and cyber-security professionals to share and collaborate on sensitive information.
Due to its overwhelming success, the ESP technology was transitioned in 1998 to the Software Engineering Institute at Carnegie Mellon University. With funding and guidance from DARPA, DoD, CMS, DoE, NRO, NASA, and the Air Force, the U.S. Security Policy Board tested and matured the ESP technology. Afterwards, the ESP helped tie together the national security and intelligence community as well as supported such tasks as the Department of Defense Y2K efforts. In August 1999, the Joint Security Commission II, while reviewing the Security Policy Board's achievements, recognized the ESP experiment as a “success” and recommended that it be moved from an experimental to an operational status. Both DARPA and the SEI, in line with their technology transfer missions, supported the commercialization of the technology.
The ESP Group, LLC, a privately held company, was formed in 2000 to provide a secure solution to various governmental and private organizations for collaboration based on the ESP technology. The new company acquired the proprietary rights to the privately developed core technologies as well as licenses for government financed enhancements in early 2000. By March 2000, the ESP Group began serving clients.
Since its founding, The ESP Group has focused on developing new and existing applications with security as THE design criteria to better serve its clients.
|
| |
|
| The ESP Advantage |
|
For most of ESP Group's clients, a secure communication application is a necessity. The ESP Group offers the needed protection of sensitive information as well as numerous other benefits that other Application Service Providers do not or cannot offer in its entirety.
• Application Development. The ESP Group develops and customizes unique Web-based applications that meet the specific communication needs of clients.
• System Administration Costs. The ESP Group allows clients to leverage the cost savings benefits and the expertise of a focused, trusted security provider without having to hire additional in-house talent.
• Secure Socket Layer (SSL) Methodology: The advantage of SSL is that virtually anyone with a current browser and an Internet connection can establish a highly encrypted session.
• Network Architecture Costs. With ESP, clients do not have to invest in complex and ever-changing technologies for multiple destinations. They utilize a centralized Secure Operating Center that serves multiple platforms.
• Full-Service Helpdesk. ESP provides a help desk that supports and trains clients with their access of the portal so they can fully benefit from the systems and applications.
• Research and Development. ESP makes significant investments in research and development so clients can be confident their communications are always secure.
|
|
|
| Management Team |
|
The ESP Group, LLC is led by a seasoned and successful management team dedicated to providing the most advanced products and services and building a responsive, reliable and sustainable organization.
Founding Partners
George Johnson, CISSP
Mr. Johnson has worked in information technology and security for over 15 years, focusing specifically on computer and Internet security for the last seven years. In 1996, while working in the Security and Intelligence Office at DARPA, he implemented the Extranet for Security Professionals (ESP) as a proof of concept “secure web application.” When the ESP technology moved to Carnegie Mellon University Software Engineering Institute, Mr. Johnson worked as an adjunct professor in InfoSec and also served as the technical director of the ESP. Working with the Computer Emergency Response Team (CERT/CCtm), he refined and matured the software and networking environment that supported both the ESP and the DoD Y2K reporting system in support of the Deputy Secretary of Defense. Since The ESP Group was formed, Mr. Johnson has been running enterprise-scale secured network applications for customers ranging from private pharmaceutical companies to the U.S. Government (DoD, Department of Energy, NASA and OPM). Mr. Johnson holds a current CISSP certification. Matt Donlon
Through his work and achievements as the director of the Extranet for Security Professionals (ESP) and as a visiting scientist at Carnegie Mellon University’s Software Engineering Institute (SEI), Mr. Donlon founded The ESP Group. His successes with ESP gained the necessary visibility and recognition in the national security community by President Clinton and the director of the CIA, Mr. Tenet. Prior to the SEI, Mr. Donlon was the Director of the Security and Intelligence Office at DARPA. He has also served as the Security Official in charge for the Office of Aeronautics and Space Technology at NASA HQ; the Program Security Officer, where he supported DARPA’s highly classified R&D programs for the Department of Navy; the Security Specialist for TRW, Inc.; and a member of the CIA.
Mr. Donlon graduated from Radford University where he earned a B.S. in Criminal Justice & Political Science. He is also a graduate of the Federal Executive Institute (FEI). Currently, Mr. Donlon is the coordinator for the National Security Graduate Degree program for the University of New Haven, Crystal City campus.
Throughout his extensive career, Mr. Donlon has received many awards for his innovativeness and contributions to the security profession. He has been awarded the Meritorious Civilian Service Medal and the Exceptional Service Medal from the Department of Defense.
Principals
JJ Daniels – Software Development
Mr. Daniels currently serves as a senior member of the software development staff at The ESP Group. He manages DOE, NASA and DHS Foreign Visits and Assignment applications, manages development teams and assists in new business development.
After receiving his Bachelor’s degree in Industrial Engineering and Operation Research as well as a Master’s degree in Systems Engineering from Virginia Tech, Mr. Daniels began his career as a Senior Developer at DIVX where he was responsible for developing several multi-media and front end applications. He then led a team of developers in designing and maintaining Army Logistics Software at Lockheed Martin/TWC/CSC. In his next position, he became the Director of Database Services for Stenrich and a database designer for Progressive Design. Through all the companies Mr. Daniels worked for, he was instrumental in setting up databases for the management and tracking of internal projects and human resources function.
Dwayne Miller – Software Development
Bringing over 15 years of experience in software and database design and implementation to the company, Mr. Miller currently serves as a senior member of the Software Development staff.
Prior to joining the company, Mr. Miller worked as an IT Consultant to Metro Information Services, where he was tasked with developing process software, documentation and web applications for an electronic retail sales company. Next he became the division manager for MRJ Technology Solutions, where he was the project manager for software development, exercise training support, installations and other contract related activities for the Simulation System Division. Mr. Miller then worked for Intergraph Corporation, where he, as the Senior Software Analyst, was responsible for developing a cutting edge navigational system for the U.S. Coastguard. Lastly, he supported the RF modeling and simulation effort in addition to developing quality control software as a member of the technical staff for Questch, Inc.
Mr. Miller graduated from the University of Maryland with a Bachelor’s Degree in Computer Studies/Computer Science.
Karie Greider – Director of Client Services
Within the ESP Group, Ms. Greider manages all aspects of the client relationship from overseeing initial training and setup, to managing the on-site client support team and maintaining ongoing help desk and training activities.
Prior to working with The ESP Group, Ms. Greider served as a contractor at DARPA where she assisted in the development the Extranet for Security Professionals (ESP). From there, she was a member of the Technical Staff at Carnegie Mellon University in the Arlington, Virginia office where she assisted in the maturation of operations surrounding the ESP community. Ms. Greider transitioned to The ESP Group in 2000 to establish the help desk and training programs for their secure portal services.
Ms. Greider received a B.A. in Advertising from Murray State University in Kentucky.
Sean Waddell – Director of Operations
With over 10 years of network operations experience, Mr. Waddell currently serves as the Director of Operations, directing and overseeing the day-to-day operations and security of ESP's critical infrastructure. He also manages both headquarter and disaster recovery sites to ensure the systems remain online continuously for customers.
Mr. Waddell began his career at Innovative Business Technology as a system engineer tasked with architecting, administering and troubleshooting various client networks, including the National Archives, St. Paul Companies, Millenium Laser Eye Center and eBrains. He then worked for the Orkand Corporation as a systems analyst on a contract to support the Department of State. Here Mr. Waddell provided support to consulates world wide and installed and upgraded networks and Oracle database systems.
Mr. Waddell has several certifications including CCNA and Citrix Metaframe to compliment his experience in the operations field. http://www.espgroup.net/HTML/espGroup.htm#anc_2
| Client List |
|
The ESP Group currently serves Government and Commercial Clients. Some of these include:
Secure Collaboration
•DHS – US CERT
•DHS Advisory Council
•OPM – Extranet For Security Professionals
•Justice/DHS/Treasury – IWN JPO
Secure Business Processes
•OPM – Legacy System Access
•DHS - Office for Domestic Preparedness – Training / Exercise Coordination
Foreign Visitor Management
•Department of Energy
•NASA
•DHS – Office of Security
Law Enforcement Support
•Cybercop
•FLETC
•JTTF (pilot)
Research Support
•Sentrx
|
| |
|
| Quality Assurance |
|
The ESP Group employs a Quality Assurance (QA) department as a part of their promise to deliver an efficient and secure collaboration platform. The defense-in-depth plan that ESP follows dictates strong hardware and software quality controls. As projects move from development to production, the QA department is involved in each step, ensuring maximum quality in both security and performance. This unique “shared visualization” approach guarantees that any given project is available and always up-to-date for all parties. Additionally the multi-tiered testing environment allows the products to meet the demands of all clients and real world environments before applications go live.
The QA department is not only committed to providing the best software for clients but also for internal functions. The team members built a state-of-the art Bug Tracking System to ensure that all potential problems with applications would be properly handled. This system tracks defects as well as all testing efforts, thus ensuring that the live portals are working as efficiently as possible.
|
|
Cybercop – The Cybercop portal was designed to provide an ultra-secure web-based environment to promote and facilitate the sharing of sensitive information among a cohesive network of law enforcement, first responders, homeland defense and law enforcement related professionals from all levels of government, including international, federal, state, local and the private sector. Cybercop, an ESP-coined term, refers to computer forensic experts, law enforcement and emergency responders that use the Internet to collaborate and share information with one another. Due to various geographic, system, political and monetary barriers, these people oftentimes do not have a way to securely engage one another to share case information and to exchange best practices and lessons learned. As a result, The ESP Group created this secure portal which is committed to providing a safe and secure environment where ideas can be freely exchanged to aid individual efforts and to foster cooperative efforts in the fight against crime, terrorism and the security of the nation.
|
|
EXCLUSIVE: Cyber-Hackers Break Into IMF Computer System
Friday , November 14, 2008
By Richard Behar
Another major international financial institution has had its computer system attacked by unknown cyber-hackers, FOX News has learned.
The discovery of the assault last week threw into crisis the Washington, D.C. based International Monetary Fund (IMF), which offers emergency financial aid to countries faced with balance-of-payments problems, and provoked a shutdown of IMF computers that lasted for several days.
In October, FOX News reported that the computer system at the World Bank had also been hacked over a period of months.
FOX News has been unable to determine what, if any, information may have been obtained by the hackers. The IMF denies any critical intrusion took place.
The spyware discoveries came at a particularly sensitive time for the international bailout institution, which along with the World Bank is expected to play a central role in trying to combat global financial turmoil. The pair of institutions are described on the IMF's website as the "twin intergovernmental pillars supporting the structure of the world's economic and financial order."
Both will be intensively discussed at this weekend's meeting of G-20 nations in Washington, hosted by President Bush, in the effort to put global finance back on a stable basis.
Europe in particular is promoting an expanded role for the IMF, which traditionally has a European CEO, in that future architecture. IMF computers contain highly sensitive information not only on distressed nations, but also on currency payments and central bank balances around the world, all of which could be invaluable to outsiders.
What the IMF intrusion also shows is that the physical wiring of the world's financial systems is increasingly vulnerable — and getting worse.
"Electronic safety in the financial sector is in dire jeopardy," says Tom Kellermann, a former head of computer security at the World Bank's ultra-sensitive treasury unit — which FOX News reported last month had been penetrated by illicit spyware. "What people don't realize is that the financial sector is the most heavily targeted sector of all critical infrastructures."
Click here to read FOX News' World Bank story.
Kellermann today is the commissioner of the Commission on Cyber Security for the 44th Presidency, a unit of the Center for Strategic and Internal Studies — a Washington-based security think tank — that is preparing to issue recommendations in early December to President-elect Barack Obama on how to keep the country's computer systems from being penetrated.
IMF officials clamped down on their computer systems on November 7, after they discovered spyware that was quickly spreading through the institution's high-security computer system. Spyware is software that is secretly installed on a computer to intercept information or take control of the system.
The IMF's network link to the World Bank, the world's largest anti-poverty agency, was also temporarily severed, a move that IMF spokesman Bill Murray described as a "precaution."
But IMF officials strenuously deny that any lockdown of its computers took place, and insist that no important or sensitive financial information had been affected.
"There was no lockdown as far as I'm aware" says Murray. "I'm not aware of any major breaches, but enhanced security measures have been taken."
Prodded further as to the discovery of spyware, Murray responded: "As part of our ongoing [security] regime, we've had a scan of Fund personal computers and laptops and we found some workstations that did have malicious software, but absolutely no evidence that any sensitive information or systems were breached."
That is not, however, the version given by other IMF insiders and World Bank security officials, who requested anonymity.
According to them, the November 7 lockdown came only days after the World Bank moved more than 100 of its employees into an empty floor of one of the IMF's two buildings on Washington's Nineteenth Street, N.W., just across from the World Bank headquarters.
As FOX News reported on October 10, the World Bank itself suffered a series of cyber-attacks starting in the summer of 2007, both at headquarters and at other offices around the world. The World Bank strenuously denies that the intrusions took place, and none of the bank's 24 board members contacted by FOX News would discuss the matter. But sources told FOX News that at least one of those breaches also involved spyware, penetrating the World Bank's ultra-sensitive Treasury unit, which manages a $75 billion portfolio for itself and for several nations
The World Bank, however, did not take the dramatic step of shutting down all its computer systems to eliminate any spyware. Security experts say it is possible that the bank may have inadvertently infected the IMF — simply by sharing some wires in the IMF's sublet building. Moreover, as FOX News reported last month, hundreds of workers previously employed by an Indian contractor that is barred from Bank contracting work on security grounds still work at the institution, either as regular staffers or as employees of other contractors.
Shortly before the spyware was discovered, the World Bank's Independent Evaluation Group — a unit responsible for critiquing the quality of bank projects—was moved into the IMF's headquarters building, where it is now taking up an entire floor.
"Before the move, there was a single point of access — a server that acted as a firewall between the IMF and the bank," explains a technology expert at the bank. "The IMF was allowed into the World Bank's network, but not vice-versa. After the move, World Bank data, or packets, intermixed with the IMF data because they were all on the same wires."
Belatedly, it seems, the World Bank is attempting at least a partial cleaning of its systems. A bank insider tells FOX News that, in the wake of the FOX articles about its security penetrations, "all of the computer systems are being 'changed out' and overhauled in the Dept of Institutional Integrity [the bank's internal investigative arm]."
In fact, the computer assaults on the World Bank and the IMF are only part of a rash of sensitive cyber-burglaries that even reached into the U.S. presidential campaign. Both London's Financial Times and Newsweek recently reported that the computer network of the White House, and the Obama and McCain campaigns, were seriously breached.
The Pentagon claims the Chinese army has established units to develop viruses to attack enemy computer systems. Chinese hackers penetrated the Pentagon last year, in an attack that obtained e-mails from the system serving Defense Secretary Robert Gates.
Despite vigorous Chinese denials, "everyone in the intelligence community knows that China is the biggest player in cyber espionage," says John Tkacik, a former head of China intelligence for the U.S. State Department. Tkacik told FOX News that later this month, President-elect Obama will be presented with a new top-secret National Intelligence Estimate (NIE) report that "will cause the scales to drop from his eyes" regarding Chinese cyber-espionage.
"What the Chinese are particularly interested in at the IMF is what loans the IMF is likely to give to other countries," says Nick Day, a former British intelligence officer who runs Diligence, a private investigative firm that does extensive work for many international corporations and institutions.
"The geopolitics of this is that essentially you've got a few countries in the world that are stacked on huge foreign capital reserves — Russia, China, Japan, the Middle East — and the rest of us are pretty much borrowers to those lenders.
"And what the Chinese are looking to do is to get influence over a number of third world countries where there are assets in particular, where there's minerals, oil, etc. — where there's wealth that would be strategically useful. And if the IMF is not going to bail them out, or is going to bail them out at a rate which is fairly punitive, then the Chinese can go into those countries and say, "Don't go to the IMF. Come to us. We'll bail you out and we want exclusive deals over the next 20 years to all your mining concessions in your country, access to mineral wealth, access to oil'— all the raw materials that China is going to need to keep carrying its economy forward."
At the World Bank, water-cooler speculation about Chinese intelligence-gathering has taken another turn. FOX News has learned that the bank's internal watchdogs have recommended sanctions against five major Chinese government-owned companies for corruption on roads-building projects in the Philippines.
"People in the bank are wondering about the coincidental nature of all this," a well-placed bank security expert told FOX News. "The cyber-attacks ramp up just as these guys are heading right into the Sanctions Board."
Asked to comment on the impending possibility of sanctions, a World Bank spokesman instead offered FOX News an exclusive on the "full and complete story" if FOX would delay publication of the news well beyond this weekend — when world leaders would be discussing the institution. FOX News declined. Excerpted from: http://www.foxnews.com/story/0,2933,452348,00.html