Month: September 2008

The Andrew Hay Butterfly Effect

Have you ever thought that your actions impacted more than your immediate surroundings? I’m really starting to think that the books that I author trigger some sort of butterfly effect. Take, for example, the OSSEC Host-Based Intrusion Detection Guide. About a month after the book hits the shelves, the OSSEC project is bought up by Third Brigade. Now this results in a positive, especially for Daniel Cid the creator, but nevertheless a strange coincidence.

The Nokia Firewall, VPN, and IPSO Configuration Guide, the latest book I was involved with which has yet to be published, hasn’t even made it out of the printers yet and today Nokia announces that it is selling off its firewall business. From the article:

Nokia said on Monday it would focus its services development on consumers rather than businesses. Nokia said it was in advanced talks to sell its security appliances business to a financial investor, while it would halt development and marketing of its “behind-the-firewall” corporate software. The measures will affect in total around 700 staff, it said.

Nothing, to my knowledge, has resulted from the publishing of the Nagios 3 Enterprise Network Monitoring book but I do not yet know the full extent of my powers. To the 700 Nokia staff who are impacted by this phenomena…I apologize but I didn’t know what writing that book would do to the universe.

My Letter to the Minister of National Defence

In May of this year I sent an email to Peter MacKay, Canada’s Minister of National Defence, to enquire about Canada’s involvement in the NATO Cooperative Cyber Defence (CCD) Centre of Excellence (COE):

Hello,

As a Canadian security expert and patriotic Canadian citizen I would like to know how Canada will be involved in the NATO Cooperative Cyber Defence (CCD) Centre of Excellence (COE) (*http://www.nato.int/docu/update/2008/05-may/e0514a.html). I think that the Canadian security community should be leveraged to display our expertise in this field. Please let me know.

With Canada’s history of long history of NATO involvement I would have thought Canada would have jumped at the opportunity to participate. If asked by my government I would have also jumped at the opportunity. Alas, my country does not want to be involved in this particular project:

Dear Mr. Hay:

Thank you for your e-mail concerning the NATO Cooperative Cyber Defence Centre of Excellence.

The Commander of the Estonian Defence Forces, Major-General Ants Laaneots, invited the Canadian Forces to participate in the establishment of the Cooperative Cyber Defence Centre of Excellence to be opened in Tallinn in 2008. Major-General Laaneots asked if Canada would consider being a sponsoring nation for the Centre and designate a staff officer or defence scientist to be involved with the Centre, as well as provide some funding for project costs.

It is clear that cyber attack is an emerging and significant security threat. However, owing to competing priorities and pressing operational requirements, Canada was not in a position to accept the offer to be a sponsoring nation. Nevertheless, Canada is willing to share information on our cyber-defence programs with Estonia and the Centre of Excellence.

Thank you again for taking the time to write.

Sincerely,

Peter G. MacKay
Minister of National Defence

This is truly a shame. This was an opportunity for Canada to participate in a NATO initiative that meant something more than large meetings and mass naval maneuvers in the Caribbean. For shame Canada…am I the only one who regards the proliferation of cyber attack capabilities as a threat to national security?

Japan (not Iran, China, or North Korea) Attacks!

worldAccording to this Network World article, a study by Akamai indicates that 30% of all attack traffic, monitored across their 30,000 servers, originates from Japan. The attacks monitored include distributed denial-of-service attacks, Web site hacking attempts and DNS hijackings for 139 countries around the world.

Woah, woah, woah…hold the phone! That’s not supposed to be originating from Japan is it? Isn’t this traffic supposed to be coming from China, North Korea, or Iran? Don’t worry alarmists, I’m sure Akamai has just confused the countries.

Scroll to top