July 30, 2014

Pentagon Readying National Cyber Range

The Defense Advanced Research Projects Agency (DARPA), an agency of the United States Department of Defense responsible for the development of new technology for use by the military, is developing the National Cyber Range (NCR) to provide realistic, quantifiable
assessments of the Nation’s cyber research and development technologies.

This “virtual firing range” is intended to be a replica of the real Internet allowing researches (working on classified and unclassified projects) can mimic international cyberwars to test their defences. The NCR should be ready by next year and will also help the Pentagon to train its own hackers and refine the skills needed to protect US information systems, both military and domestic.

Planning for the Cyber Range was carried out by Lockheed Martin, which won a $30.8 million Defense Advanced Research Projects Agency (DARPA) grant, and Johns Hopkins University Applied Physics Laboratory, which won $24.7 million.

It is hoped the NCR will be a flexible test bed that can simulate government, military and commercial networks as well as human aspects. The human behavior simulation has to be able to respond as a person would under defense readiness condition (DefCon) and information operations condition (InfoCon) as well as carry out execution of war plans.

The NCR will forensically collect, analyze, visualize, and present data and information from the tests. Knowledge and insights gained during testing will assist operators and evelopers as they refine, research, and develop operations, technologies, policies and procedures to strengthen cyber security.

Mobile Phone Interception at Defcon 18

Hacker Chris Paget made a live demonstration of mobile phone interception at Defcon 18, hacking conference Saturday at Las Vegas.

In a few minutes of activating Chris Paget IMSI catcher had 30 phones connected to his system. Then, with a few keystrokes, he quickly configured the device to spoof an AT&T cell tower.

With reference to Computerworld report, Paget didn’t record or play back any calls, but he could have. His IMSI catcher can get around cell phone encryption by simply telling the connecting phones to drop encryption.

Cell phone interception is illegal in the U.S. And the U.S. Federal Communications Commission had concern about Paget speak at the conference.