Chinese, Russian, Turkish Hackers Almost Certainly Targeting, Penetrating US Energy Provider Networks (Project Grey Goose)

Jeff Carr, author of Inside Cyber Warfare and IntelFusion, along with Sanjay Goel at the State University of New York, Albany and other contributors, has recently completed another of the Grey Goose reports, this time on hacker attacks on the power grid, both domestically and internationally.

The report's key findings are chilling:

• "State and/or Non-state actors from the Peoples Republic of China, the Russian Federation/Commonwealth of Independent States, and Turkey are almost certainly targeting and penetrating the networks of energy providers and other critical infrastructures in the U.S., Brazil, the Russian Federation, and the European Union."

• "Network attacks against the bulk power grid will almost certainly escalate steadily in frequency and sophistication over the next 12 months due in part to international emphasis among the G20 nations on Smart Grid research, collaborative development projects and the rich environment that creates for acts of cyber espionage"

• "The appeal of network intrusions against the U.S. Grid is enhanced by two key factors:"

• "90% of the U.S. Department of Defense's most critical assets are entirely dependent on the bulk power grid."
• "Most Grid asset owners and operators have been historically resistant to report cyber attacks against their networks as well as make the necessary investments to upgrade and secure their networks."

Grey Goose reports are volunteer efforts to analyze various cyber threats through the use of open source information. Previous reports have analyzed the Russia-Georgia cyber war and the evolution of cyber warfare.

In the interest of full disclosure: Jeff kindly listed me as a "reviewer" in the recent report but my input was limited to a little light editing. I don't consider myself a cyber war expert. I do think, however, that Jeff's record and the records of his co-contributors' speak for themselves and believe that those interested in this area (and those who should be interested in this area) need to read this report carefully (whether you ultimately agree with its conclusions or not).

Cool OSINT T-Shirt (GreyLogic)

Jeff Carr (of IntelFusion and now GreyLogic) has designed a pretty cool OSINT themed t-shirt to accompany his current Grey Goose effort. Check out the "T" here and order one for yourself here.

Must Read Report On Recent Cyberwar Attacks (GreyLogic.com)

Jeff Carr (who blogs at IntelFusion and runs GreyLogic) released his most recent report on the evolving state of cyberwar late last week and it is a good one.

Focused primarily on three recent attacks, the report contains well-written, clear, evidence-based findings. Jeff's report goes beyond just the technical findings, however, and pulls the strings together in a way that will be of high interest to the non-technical reader as well.

This is part 2 of the Grey Goose Project which uses an "open innovation intelligence model focusing on identifing and tracking Non-state hackers and the companies and governments that support them."

Non-governmental versions of both Part 1 and 2 of the Grey Goose Report are available online. The non-gvernmental versions focus on the findings and conclusions derived therefrom. The governmental versions contain much more of the concrete evidence on which those findings/conclusions are based. The Government version can be requested via e-mail from a government e-mail account. Jeff indicated that it will also be available on A-Space and Intellipedia.

(Full Disclosure: Jeff was kind enough to send an early copy of both reports for me to review prior to publication. I received no pay or compensation of any kind for providing feedback. I have no formal relationship with GreyLogic or Intelfusion other than Jeff's a friend and we both blog about the same kind of stuff.

Bottomline: The reports were good when I got them and Jeff has only made them better since.)

OSINT Product On Russian Hackers And The Georgia Crisis Out Tomorrow! (Intelfusion)

The Grey Goose is about to fly! Nope, this is not an obscure quote from a numbers station; its a real product.

About 2 months ago, Jeff Carr over at Intelfusion set out to put together an OSINT team to take a look at Russian hackers and how they supported (or not) the Russian war effort in Georgia. Specifically, they sought to conduct "analysis of Russian hacker blogs in an effort to uncover connections that may not be readily apparent."

Jeff releases his initial round of results tomorrow. If you are interested in a copy, check out his post here for the instructions.