"Now you know, and knowing is half the battle," were words spoken at the end of every G.I. Joe cartoon during the mid-1980s and served as a conclusion to public service announcements. For some reason this statement has always stayed with me and I often use the saying, typically in a sarcastic manner. But late last week and again this morning this 80s era disclaimer resonated once again after the U.S. House of Representatives passed bill 4061, "To advance cybersecurity research, development, and technical standards".

The main tenant of the bill requires President Obama's administration to perform assessments of each agency in order to determine "cybersecurity workforce skills".  Additionally, it establishes a scholarship program to be used by undergrad and grad students who also agree to work for the government as "cybersecurity specialists" after graduating. The push is on to educate the current and future government workforce on all things cyber:

“Investing in cybersecurity is the Manhattan Project of our generation,” Representative Michael Arcuri, Democrat of New York, a sponsor of the bill said on the House floor last week. “But this time around we are facing far greater threat. Nearly every high school hacker has the potential to hamper our unfettered access to the Internet. Just imagine what a rogue state could do.”

Mr. Arcuri said that the federal government will need to hire between 500 and 1,000 more “cyber warriors” each year to keep up with potential enemies. Troops online “are every bit as important to our security as a soldier in our field,” he said.

This is an important step in our ongoing cybersecurity battle. The Senate plans on introducing a companion bill soon and that should be a priority since the new proposed budget, while increasing overall defense and cyber related spending, does cut the Homeland Security Department’s cybersecurity division. The hope is that the separate House/Senate bill(s) will make up for that hit at DHS, while starting to create future cybersecurity experts. It seems as though both the House and Senate are taking the topic of cybersecurity seriously and will earmark funds for cyber education.

Although details are still lacking on what the final bill will look like, the focus on education is welcome since "knowing is half the battle".

Media headlines tell us we should be concerned about IPv6. After all, cyber criminals are already "taking advantage of IPv6 vulnerabilities" and we are running out of IPv4 addresses "at an alarming rate". But there are so many unanswered questions around IPv6 and shifting through what is truth and what is hype can be a challenge. We figured we would take on the IPv6 conversation in our next webcast and answer the questions you have been asking:

• What does IPv6 actually mean for my network?
• Will we really run out of IPv4 addresses in 2011?
• Is IPv6 only about address allocation or is it also more secure than IPv4?
• Is the IPv6 standard ready for prime time?
• Are cyber criminals actually using IPv6 today to attack networks?

I'll be moderating the conversation and joined by BreakingPoint CTO Dennis Cox and Software Architect, Brent Cook. Brent wrote the post, "6 Surprising Facts about IPv6" and both gentleman will be taking your questions during the session. Here are the details:

Tomorrow begins a mad rush of cyber security events throughout the country. BreakingPoint will have people at several shows over the next month, and in most cases we will be providing on site cyber security simulation demonstrations. In case you are attending one of these shows or simply live in the area and want to meet up give us a shout here or on Twitter. I've listed some of the upcoming events below:

		DoD Cyber Crime Conference January 25-27, 2010  |  St. Louis, MO BreakingPoint will be exhibiting in booth #404 at the Cyber Crime Conference.The conference focuses on all aspects of computer crime and incident response: intrusion investigations, cyber crime law, information assurance, as well as research, development, testing, and evaluation of digital forensic tools. Learn more.
		Netcentric Warfare January 25-27, 2010  |  Arlington, VA BreakingPoint will be exhibiting at IDGA's NCW event. It is the world's largest and most respected event focused on network enabled operations, and the premier forum for the exchange of plans and best practices on the net-centric innovation. Learn more.
		Cyber Warfare January 27-28, 2010  |  London, UK BreakingPoint will be exhibiting and speaking at this conference. Stay tuned for more details on the presentation. Learn more.
		AFCEA West 2010 February 2-4, 2010  |  San Diego, CA BreakingPoint will be exhibiting in booth #2006 at the AFCEA West conference. West is the largest event on the West Coast for communications, electronics, intelligence, information systems, imaging, military weapon systems, aviation, and more. Learn more.
		USEUCOM Intelligence Summit February 15-17, 2010  |  Heidelberg, Germany BreakingPoint is an exhibitor at USEUCOM. The Summit will bring together US and European mission partner capability planners, program managers, intelligence producers, end-users, and subject matter experts from government, military, law enforcement, academia, private sector, and leading edge technology organizations. Learn more.
		NANOG February 21-24, 2010  |  Austin, TX BreakingPoint is the Monday Afternoon Break Sponsor at NANOG. Learn more.

News just came out about Google contemplating packing up and leaving China all together due to recent cyber attacks. In a blog post on their site, "A new approach to China", Google states that back in mid-December they detected a "highly sophisticated and targeted attack on our corporate infrastructure originating from China" and that the attack resulted in "the theft of intellectual property from Google."

The blog post dives into more specifics the Google uncovered about the attacks:

"First, this attack was not just on Google. As part of our investigation we have discovered that at least twenty other large companies from a wide range of businesses--including the Internet, finance, technology, media and chemical sectors--have been similarly targeted. We are currently in the process of notifying those companies, and we are also working with the relevant U.S. authorities.

Second, we have evidence to suggest that a primary goal of the attackers was accessing the Gmail accounts of Chinese human rights activists..."

The blog post goes on to describe how Google also has evidence that Gmail accounts of human rights activists inside and outside of China have been accessed routinely by third parties. Notably, though, Google has already used the information they have gained from these attacks to "...make infrastructure and architectural improvements that enhance security for Google and for our users."

This last part, of course, hit home with what we talk about here on this blog. Real-world simulation of cyber attacks is one of the most important tools in finding the weak spots in your cyber infrastructure. Obviously this is only the beginning of this story and we will be keeping track of and commenting on the news as it continues.

As I close out my look at some of the most influential posts published here in 2009 I conclude with a post that garnered widespread industry recognition and sparked many discussions, Tod Beardsley's "TCP Portals: The Handshake's A Lie". The post, only published a month ago, drew thousands of readers and dozens of comments. More importantly it shed some light on a potentially damaging vulnerability:

Whenever I interview someone for an Application Engineer or Security Research position, my favorite introductory question is, "Can you describe for me the TCP three-way handshake?". It is a fine baseline question to understand a candidate's knowledge of modern networking. Answers range from "SYN, SYN/ACK, ACK,", to a full description of ARP, to initial sequence number generation. It's a good springboard question, because then you can start talking about spoofing addresses, port scanning, the significance of IPIDs, and more.

We are hiring a lot here at BreakingPoint, which means I'm asking this question a lot. After the fourth or fifth interview, I decided one morning to look over RFC 793 to make sure that I really did know everything there is to know about the handshake. That is when I found out that we've all been living a lie.

Read the full post, "TCP Portals: The Handshake's A Lie".

And once again thank you to all of our fantastic contributors to this blog and to the readers that continue to provide us with commentary and insight. Happy New Year.