About 4 years ago I met some interesting folks from Idaho National Laboratory, a DOE group at an OSIsoft user conference who work on cybersecurity threats on power plants and the grid. Information Week covers NSA joining the cybersecurity threat.
NSA Launches Infrastructure Cybersecurity Program
The "Perfect Citizen" program will seek to help mitigate cyber attacks on critical infrastructure like power plants, air traffic control systems and the electrical grid.
The National Security Agency plans to launch a program aimed at assessing vulnerabilities and developing capabilities to help secure critical infrastructure like power plants, air traffic control systems and the electrical grid.
In an e-mail sent Thursday evening to InformationWeek, NSA refuted parts of an earlier Wall Street Journal report that the effort, called Perfect Citizen, would monitor communications or place "sensors" on utility company systems, instead calling it "a research and engineering effort."
The Idaho National labs has a web site with their efforts.
Comprehensive computer and cyber security programs are an essential element for today’s personnel computers as well as for the digital control systems that operate our nation’s infrastructure systems such as transportation and telecommunication systems and facilities such as chemical and water treatment plants.
Leveraging the Laboratory’s more than 50 years of experience in developing, operating, and maintaining complex control systems for nuclear reactors and other infrastructure systems, the INL created a Critical Infrastructure Test Range complete with full-scale infrastructure systems, remote and secure testing grounds, and an expert staff to aid the utility and control systems industry in developing tools and solutions to improve cyber security.
In 2004, the departments of Energy and Homeland Security established two multi-year programs at INL to protect the nation’s infrastructures against attacks from hackers, virus writers, disgruntled employees, terrorist organizations and nation states.
The National Supervisory Control and Data Acquisition (SCADA) Test Bed is funded by the Department of Energy and works in collaboration with Sandia National Laboratory to systematically analyze, test, and improve cyber security features in the control systems that operate the nation’s electric power grid. SCADA systems are also commonly found in the water and oil and gas industry.
And there is Department of Homeland Security site as well.
Control Systems Security Program (CSSP)
The goal of the DHS National Cyber Security Division's CSSP is to reduce industrial control system risks within and across all critical infrastructure and key resource sectors by coordinating efforts among federal, state, local, and tribal governments, as well as industrial control systems owners, operators and vendors. The CSSP coordinates activities to reduce the likelihood of success and severity of impact of a cyber attack against critical infrastructure control systems through risk-mitigation activities.
What is the gov'ts role and who should you contact to understand the cybersecurity threats to your power infrastructure?
Even so, the program raises unanswered questions about the government's role in -- and undefined turf over -- protecting the nation's critical infrastructure from cyber attacks, what technologies and processes might be used in such an effort, how any such effort would protect critical infrastructure owners' independence as well as privacy, and whether the effort should be public rather than classified.
I need to go back and find the business cards for the Idaho National Lab guys I talked to. I think there would know some answers.
Initially, I saw MIT's news announcing 100 times faster with less energy consumption, and dismissed the news.
An Internet 100 times as fast
A new network design that avoids the need to convert optical signals into electrical ones could boost capacity while reducing power consumption.
Larry Hardesty, MIT News Office
In today’s Internet, data traveling through optical fibers as beams of light have to be converted to electrical signals for processing. By dispensing with that conversion, a new network design could increase Internet speeds 100-fold.
June 28, 2010
The heart of the Internet is a network of high-capacity optical fibers that spans continents. But while optical signals transmit information much more efficiently than electrical signals, they’re harder to control. The routers that direct traffic on the Internet typically convert optical signals to electrical ones for processing, then convert them back for transmission, a process that consumes time and energy. In recent years, however, a group of MIT researchers led by Vincent Chan, the Joan and Irwin Jacobs Professor of Electrical Engineering and Computer Science, has demonstrated a new way of organizing optical networks that, in most cases, would eliminate this inefficient conversion process. As a result, it could make the Internet 100 or even 1,000 times faster while actually reducing the amount of energy it consumes.
But, then here comes news from European Commission on Optical switching and green photonics.
A European Commission-funded project is giving the optical components sector some green street cred by aiming to squeeze the power requirements for certain types of photonic devices.
The author tries to tie in why energy efficient networks are important and the relationship with virtualization.
Photonics are not the biggest power suck in the network. But C-3PO participants reason thatevery piece of the network will eventually need a green checkup. "Every single layer in the complete network has to be considered, and that means network architectures, maybe even application architectures, systems, components, and safe or sleep modes. Optics can't be excluded," Grobe says.
The data center, as a whole, is a more obvious power hog, but Grobe points out that this problem is being addressed by virtualization, a process that lets users tap servers and storage that are widely distributed. Virtualization is made possible by high-speed optical networks. Thus, low-power optics will have some role in defining data-center power usage.
The data center industry is complex and difficult to figure out. Listening to many insider conversations where discussion of reality and smart decisions are discussed, I sometimes feel sad that others can't figure out how the system can be gamed against those who build their first data center.
Two examples of games played are illustrated in two blog posts by Seth Godin; one, payola in the system, and two betting on dumber
For twenty years, the Billboard charts were easy to manipulate. By paying radio stations and some retailers, record labels could push an act to the top 40, which would increase sales. People liked buying what they heard on the radio, and the radio played what they thought people were buying.
Billboard changed their methods about twenty years ago, and overnight the acts on the list changed. Suddenly, it became clear that what we were listening to wasn't what we thought it was, and as a result, the marketing of music changed forever.
What gets read on the web can be manipulated as well.
Manipulating social networks is easier still. There are firms that manipulate which stories are posted and which blogs are linked to, and for years there are firms that have worked to manipulate which links come up higher on the search results as well. As these signposts become more, not less, important, there's a significant market opportunity for someone who can, as Billboard did, clean up the charts and make the payola worthless or at least more transparent. In the meantime, be skeptical.
I get exposure to the web eco system as I research and write this blog, interviewing people and getting contacted by the public relations companies. The ones who get the most exposure are many times the ones with the biggest marketing budgets. A good example is the data center analyst community. Those vendors with the biggest budgets get the most time allocated by the analysts. The more time and money spent allows more opportunity to differentiate the vendors vs. the competitors. If you don't pay, then an analyst won't spend much time with your companies technology. The analyst will try to be objective, but their time is allocated based on who has paid for research.
And most benefit when they work to make their customers dumber. The less they know about options, the easier they are to manipulate, the more helpless they are, the better they do.
The post wants to point how one marketer can change the system by focusing making customers smarter. But...
The vast majority of marketers, though, take the opposite tack. Ask them for advice about their competitors, they turn away and say "I really wouldn''t know." Ask them for details about their suppliers, and they don't want to tell you. Ask them to show you a recipe for how to make what they make on your own, and "it's a trade secret." Their perfect customer is someone in a hurry, with plenty of money and not a lot of knowledge about their options.
What is a solution to this problem.
You've already guessed the punchline--if just one player enters the field and works to make people smarter, the competition has a hard time responding with a dumbness offensive. They can obfuscate and run confusing ads, but sooner or later, the inevitability of information spreading works in favor of those that bet on it.
Look for smarter companies.
A few benefit when they make their customers smarter. The more the people they sell to know, the more informed, inquisitive, free-thinking and alert they are, the better they do.
But first question you need to ask is do you want to be smarter? And, wiling to go through the pains of learning and making mistakes. You can't be smart without realizing when you are dumb.
or are you in a hurry?
Their perfect customer is someone in a hurry, with plenty of money and not a lot of knowledge about their options.
Alleged Russian spy, Anna Chapman, became an instant Web sensation following the release of photos posted on the Russian social-networking Web site "Odnoklassniki," or Classmates.
Washington Post Staff Writer Thursday, July 1, 2010
There were 11 alleged Russian agents arrested this week, under accusations that they'd been living as Americans while reporting back to the mother country.
THIS STORY
But mostly we care about the hot one.
Ever since photos of Anna Chapman began circulating online late Tuesday, the Internet at large has been foaming, frothing, fanatic for details about the reported 28-year-old secret agent/Maxim model look-alike who specialized in sultry-eyed, pouty-lipped, come-hither stares. Da, da,da!
CNET news has a post on Facebook effect and spies.
A time traveler from the 1960s would find many of today's headlines completely befuddling. Something called theiPhone? Threats from an amorphous, stateless band of terrorists? Reality television? A lot has changed, for sure.
But accused spies for the Kremlin--that's something our unstuck-in-time explorer would thoroughly recognize. Except, of course, when he heard everybody talking about foreign concepts like Facebook and LinkedIn.
Should a spy be on Facebook?
But for a young secret agent like Anna Chapman or Mikhail Semenko, the absence of a Facebook profile could trigger suspicion. If they're going to be like everybody else, of course they're going to use social networks.
Espionage is a fact of international life and always has been. The first spy manual, The Art of War, was written by Sun Tzu some 2,500 years ago. Espionage fills a vital niche; a successful operation can provide insight into intentions, plans, and human dynamics that cannot be gleaned from intercepted communications or pictures from space.
It is safe to assume that since the end of World War II there has never been a day that the Soviet Union or Russia was not spying on the United States, or vice versa. Espionage will continue, even as the United States and Russia work out a new modus vivendi.
Data Centers is a competitive industry, and as much as people try to keep things secret. With public disclosures it is not hard to piece together information. Rich Miller posted on Facebook's 60,000 server count on June 28, 2010.
Facebook Server Count: 60,000 or More
June 28th, 2010 : Rich Miller
It’s said that a picture is worth a thousand words. Sometimes a PowerPoint slide can tell the story of thousands of servers.
That was the case with a presentation from Facebook’s Tom Cook at last week’s Velocity 2010 conference, which depicted the growth of the company’s server footprint. Designed to illustrate Facebook’s insatiable need for more servers to support its 400 million users, the chart didn’t include any numbers, seeking not to reveal the actual server count.
Dates Provide A Clue But the chart included dates, which allows us to do some math to fill in the blanks. In a presentation in November 2009, Facebook vice president of technology Jeff Rothschild disclosed that the company had more than 30,000 servers. Cook’s chart shows a brief plateau in Facebook’s server growth at about that time, followed by a sharp upward spike in the growth line through the first quarter of 2010 that effectively doubles the total number of servers.
That suggests that Facebook now has 60,000 or more servers. The sharp acceleration in Facebook’s server growth in late 2009 also helps explain the company’s move to lease large chunks of data center space in northern Virginia and Silicon Valley in March. The growth spurt occurred after Facebook announced plans to construct its own data center in Prineville, Oregon.
Putting together the pieces that are public is what I wrote about in this post.
Mar 09, 2010
A different interpretation of “Open Source” in an Intelligence Analysis scenario that defines how GreenM3 works public data
Open source intelligence (OSINT) is a form of intelligence collection management that involves finding, selecting, and acquiring information from publicly available sources and analyzing it to produce actionable intelligence.
This description fits what I have been telling others about the various data center sources of information.
“If there is a public publication of information, we are open to look at and provide feedback on the value we see in the information.”
Which is a pretty good description of how this blog has been run, commenting on public available information.
BTW, the use of social networks is not anything new. Three Days of the Condor is about a group of CIA researchers who did Open Source Intelligence - "I just read books"
Joe Turner (Robert Redford) is a CIA employee who works in a clandestine office in New York City. He is not a field agent, and indeed bristles at Agency discipline; among other things, he wonders why he can't tell people what he does for a living and notes "I trust some people ... that's a problem." His job is in the OSINT field: he has to read books, newspapers, and magazines from around the world, looking for hidden meanings and new ideas. As part of his duties, Turner files a report to CIA headquarters on a low-quality thriller novel his office has been reading, pointing out strange plot elements therein, and the unusual assortment of languages in which the book has been translated (Turkish but not French, Arabic but not Russian or German, Dutch, and Spanish).
Robert Redford's character says.
I work for the CIA. I'm not a spy. I just read books. We read everything that's published in the world, and we-- we feed the plots-- dirty tricks, codes into a computer, and the computer checks against actual CIA plans and operations. I look for leaks, new ideas. We read adventures and novels and journals. I-- I can-Who'd invent a job like that? I-- Listen! People are trying to kill me!
Here is a video clip from Three Days of the Condor.
Behind all of this is the technique of using public information with a bunch of people who are thinking of questions others don't ask. There are tons of experts in the CIA. There are tons in the data center industry. Yet can the experts anticipate the unexpected?
Taking a bunch of people who look at what is going on in the world allows you to be more creative in figuring out the questions that should be asked.
There are perils to the process. One source here said that analysts who engage in searches without masking their origin can lead to foreign governments or companies cutting off access to web sites or to people involved. The problem? Some analysts at NSA, CIA and other alphabet soup agencies forget to mask their IP addresses and the times at which they are searching. Chinese, Russian and other savvy operators can check time stamps, for example. If a search occurs during American working hours, it’s a pretty good bet that it’s an American source looking for the information. Read more: http://www.dodbuzz.com/2009/10/20/open-source-intel-use-soars/#ixzz0svCx1zvG
This technique makes it easier to think of what is a green data center. Which is more than a low PUE.
