Defense Secretary Leon Panetta looks to the media to take a question as he participates in a joint news conference with Joint Chiefs Chairman Gen. Martin Dempsey, not seen, at the Pentagon, Thursday, Oct. 25, 2012. Panetta said the U.S. military did not intervene during the attack on the U.S. Consulate in Libya last month because it was over before the U.S. has sufficient information on which to act.  (AP Photo/Carolyn Kaster)
Leon Panetta, the US defence secretary, has warned of a highly targeted and orchestrated attack by America's adversaries. Carolyn Kaster / AP Photo

Is cyber security cure worse than disease?



There is a growing view that the US defence secretary's new strategy on cyber security could vastly increase the risk of the very "cyber Pearl Harbor" it is meant to prevent.

The secretary, Leon Panetta, has warned that America is facing the prospect of a highly targeted and orchestrated attack by adversaries of the United States, which officials identified as China, Russia, Iran and militant groups.

Mr Panetta outlined a nightmare scenario in which the US suffers a string of disasters such as derailed passenger trains loaded with lethal chemicals, simultaneous contamination of the water supply in major cities and a shutdown of the power grid across large parts of the country.

The Pentagon's strategy to counter this risk would effectively involve giving the government access to private IT systems across America, including those of large corporations and those involved in critical services in order to detect malicious software known as "malware". Financial institutions are understood to be particularly at risk since a cyber meltdown of the banks could devastate the fragile US economy.

But according to technology and security analysts, the US strategy risks opening a back door to a foreign power or terrorist group intent on bringing down critical infrastructure.

Indeed, the analysts say the reason that the US has so far not suffered a massive cyber attack is the current fragmentation of its private IT systems. Existing systems do not have a common security structure and do not share information easily with one another.

According to Graham Cluley, an analyst at the computer security firm Sophos, "Firms running critical infrastructure tend to put measures in place to reduce the opportunities for an internet-based attack to be successful - for instance, by not connecting sensitive systems to the net."

But any attempt by the government to link private systems could allow hackers who have gained entry to one organisation to infiltrate others, effectively giving them temporary control of the american infrastructure and financial systems, with potentially devastating consequences.

"One of the big concerns right now is that a number of systems may have been rooted and are just waiting for a command to do some really ugly stuff," says Rob Enderle, the principal analyst at the US-based Enderle Group.

He adds: "I don't even think the department of defence [DOD] is thinking this through because right now the systems aren't talking to each other, making it difficult to spread a virus around but the DOD wants to connect these systems for reporting and tracking attacks. But this connection could make us vastly more vulnerable to successful national attack."

Certain hardware designed to prevent this kind of attack exists, but isn't being implemented widely enough.

According to Mr Enderle: "The exposed systems range from cellphones to large servers."

But even if all the newly connected IT systems in the US carried sufficient software security, the very existence of a networked system would open up the US to the prospect of human sabotage.

According to Mr Cluley: "The biggest risk to critical infrastructure is likely to involve the 'insider threat', a member of staff who has access to critical systems but may have allegiances to enemy actors."

Heidi Shey, an analyst at the research company Forrester, says: "Insiders and business partners also have access to data and information that they compromise. Whether their actions are intentional or unintentional, insiders cause their fair share of breaches."

She adds: "Other common sources of breach include loss or theft of corporate assets, such as laptops or USB drives, and external attacks that target corporate servers or users."

Forrester surveyed 583 North American and European companies that had an IT security breach in the past 12 months and found that hacking was far from being the main cause.

The loss or theft of a corporate asset such as a laptop or smartphone accounted for 31 per cent of breaches, with inadvertent misuse by an insider representing 27 per cent and abuse by a malicious insider 12 per cent.

The growing popularity of portable IT devices such as smartphones and computer tablets represents a new threat to cyber security. In addition to being0 easily lost or stolen when taken outside the workplace, there is a growing tendency for staff to use their personal IT to try to access corporate systems.

Forrester's research discovered that most organisations have policies in place for smartphone, tablet and consumer-oriented tool use, but more than half say that they either don't have the tools to enforce policy or that their current tools are insufficient for enforcing it.

The West's reliance on increasingly complex and potentially vulnerable IT systems to run and manage critical infrastructure makes it vulnerable to attack, engendering a growing fear that the next major global war will be fought in cyber space.

SPECS

Engine: 2-litre direct injection turbo
Transmission: 7-speed automatic
Power: 261hp
Torque: 400Nm
Price: From Dh134,999

The more serious side of specialty coffee

While the taste of beans and freshness of roast is paramount to the specialty coffee scene, so is sustainability and workers’ rights.

The bulk of genuine specialty coffee companies aim to improve on these elements in every stage of production via direct relationships with farmers. For instance, Mokha 1450 on Al Wasl Road strives to work predominantly with women-owned and -operated coffee organisations, including female farmers in the Sabree mountains of Yemen.

Because, as the boutique’s owner, Garfield Kerr, points out: “women represent over 90 per cent of the coffee value chain, but are woefully underrepresented in less than 10 per cent of ownership and management throughout the global coffee industry.”

One of the UAE’s largest suppliers of green (meaning not-yet-roasted) beans, Raw Coffee, is a founding member of the Partnership of Gender Equity, which aims to empower female coffee farmers and harvesters.

Also, globally, many companies have found the perfect way to recycle old coffee grounds: they create the perfect fertile soil in which to grow mushrooms. 

Results

5.30pm: Maiden (TB) Dh82,500 (Turf) 1,400m; Winner: Mcmanaman, Sam Hitchcock (jockey), Doug Watson (trainer)

6.05pm: Handicap (TB) Dh87,500 (T) 1,400m; Winner: Bawaasil, Sam Hitchcott, Doug Watson

6.40pm: Handicap (TB) Dh105,000 (Dirt) 1,400m; Winner: Bochart, Fabrice Veron, Satish Seemar

7.15pm: Handicap (TB) Dh105,000 (T) 1,200m; Winner: Mutaraffa, Antonio Fresu, Musabah Al Muhairi

7.50pm: Longines Stakes – Conditions (TB) Dh120,00 (D) 1,900m; Winner: Rare Ninja, Royston Ffrench, Salem bin Ghadayer

8.25pm: Zabeel Trophy – Rated Conditions (TB) Dh120,000 (T) 1,600m; Winner: Alfareeq, Antonio Fresu, Musabah Al Muhairi

9pm: Handicap (TB) Dh105,000 (T) 2,410m; Winner: Good Tidings, Antonio Fresu, Musabah Al Muhairi

9.35pm: Handicap (TB) Dh92,500 (T) 2,000m; Winner: Zorion, Abdul Aziz Al Balushi, Helal Al Alawi

 

ROUTE TO TITLE

Round 1: Beat Leolia Jeanjean 6-1, 6-2
Round 2: Beat Naomi Osaka 7-6, 1-6, 7-5
Round 3: Beat Marie Bouzkova 6-4, 6-2
Round 4: Beat Anastasia Potapova 6-0, 6-0
Quarter-final: Beat Marketa Vondrousova 6-0, 6-2
Semi-final: Beat Coco Gauff 6-2, 6-4
Final: Beat Jasmine Paolini 6-2, 6-2

The specs

Engine: 2.0-litre 4-cylinder turbo

Power: 240hp at 5,500rpm

Torque: 390Nm at 3,000rpm

Transmission: eight-speed auto

Price: from Dh122,745

On sale: now

MATCH INFO

What: 2006 World Cup quarter-final
When: July 1
Where: Gelsenkirchen Stadium, Gelsenkirchen, Germany

Result:
England 0 Portugal 0
(Portugal win 3-1 on penalties)

MATCH INFO

Bangla Tigers 108-5 (10 ovs)

Ingram 37, Rossouw 26, Pretorius 2-10

Deccan Gladiators 109-4 (9.5 ovs)

Watson 41, Devcich 27, Wiese 2-15

Gladiators win by six wickets


Latest
Most Read
Top Videos