“According to The Global Risks Report 2016, compiled through a strategic partnership between Marsh & McLennan Companies and Zurich Insurance Group, cyber attacks are expected to be the top tech risk most likely to occur in the US, and according to the World Economic Forum’s “2016 Global Risk Report”, terrorism is one of the top three risk concerns for companies doing business here.”
“A leak of sensitive computer code is spurring calls for the government to be more transparent about its handling of a secret stockpile of network intrusion tactics. The leaked code, believed to be written by an NSA operation, contained new techniques to hack widely used hardware from Cisco, Fortinet and Juniper Networks. The leaks left countless computer networks vulnerable to hackers — something security professionals and government officials alike acknowledge is a risk of stockpiling these kinds of techniques.”
“Cisco and Fortinet, two of the technology vendors whose products were the apparent target of secret software exploits supposedly developed by NSA hackers and subsequently shared publicly by the so-called Shadow Brokers, each disclosed to their customers, Wednesday, that the target vulnerabilities exist and are being dealt with accordingly. “
“On 3rd August 2016, Arizona situated Banner Thunderbird Medical Center a provider of healthcare declared identifying a security hack into the computers the organization maintained and that it’d soon inform staff, doctors and patients about the incident which leaked financial and personal data.”
“In the wake of cyber breaches against Democratic targets, Congress is trying to step up its own cybersecurity to gird against future threats. The Democratic National Committee and the Democratic Congressional Campaign Committee were targeted in high profile hacks that included leaks of sensitive information.”
“Cybersecurity is now a top national security problem — some officials even call it a bigger threat than terrorism. But both major presidential candidates have hit hurdles on the campaign trail that raised questions about how they would try to keep U.S. computers safe if elected. How seriously should voters take those high-tech hiccups? And what will a Clinton or Trump victory mean for the United States’ ability to fend off the rising tide of digital attacks?”
“Theresa May has said that the mass collection of private data by the security services is “vital” for public safety after an official review found it is has been repeatedly used to stop terrorist attacks in Britain.David Anderson, the Independent Reviewer of Terrorism Legislation, revealed that MI6 used “bulk data” to identify terror suspects who posed a threat to the UK in the wake of the attacks in Paris and Brussels.”
“Salaries for tech jobs in the UK are still rising in the second quarter of the year, despite the fact that the number of jobs in the industry is slowly declining. This is according to a new report by Dice, the online career site for the technology community. Together with Watch, it lists the most wanted jobs and skills in the industry. The two companies say cloud and security skills are still most wanted, both in permanent and contract roles.”
“On Friday, Sage (an accounting, payroll, and payments software company) announced that there had been unauthorized access to customer information using an internal login.
Sage is one of Britain’s largest technology companies, and it says it has more than 6 million small and medium-sized businesses using its software worldwide while operating in 23 countries.”
“Bahraini investment firm Investcorp has acquired British cybersecurity firm Nebulas Solutions Ltd with its portfolio company SecureLink Group under plans to form a European cybersecurity giant. The acquisition is Investcorp’s second of a regional cyber security company this year, following its recent purchase of Scandinavia’s Coresec Systems.”
“Israel’s young cyber industry is a remarkable success story: Between the National Cyber Bureau and budding Cyber Defense Authority Israel can protect its critical infrastructure and continue cementing its position as a global cybersecurity powerhouse.”
“The Israeli army’s C2 Systems Department recently purchased two HoloLens glasses from Microsoft Corp. The commander of the head programming department, Major Rotem Bashi, intends to develop the technology to improve battlefield strategy and train field personnel. And quickly: He intends for HoloLens to be used on active duty within months.”
“India’s third largest software exporter Wipro has picked up a minority stake in Israeli cybersecurity startup Insights Cyber Intelligence for $1.5 million, months after the Bangalore-based firm invested in Israeli venture capital firm TLV Ventures. “
“The government is scheduled on Wednesday to debate the national Industry 4.0 Initiative. The aim of the document is to promote the so-called fourth industrial revolution in the Czech Republic to ensure the country’s long-term competitiveness. According to the ministry, the document suggests possible measures that could boost the country’s economy and industry and includes plans to support investment and applied research and deals with issues related to the cyber security, logistics, and smart cities.”
“China’s pending cybersecurity law will not create obstacles for foreign business, China’s Foreign Ministry said, responding to concerns by international business lobbies over the planned rules. More than 40 global business groups last week petitioned Premier Li Keqiang, according to a copy of a letter seen by Reuters, urging China to revise draft cyber rules they believe are vague and discriminate against foreign enterprises.”
“A draft cybersecurity law in China could have serious implications for international banks, experts have warned. Opponents have claimed that the wide-reaching Cyber Security Law along with new insurance regulations would allow China access to proprietary systems and would also contravene WTO rules.”
“Cyber weapons allegedly were stolen from the US government’s National Security Agency (NSA) appeared in an online auction set up by a group calling itself the Shadow Brokers. Snowden, however, has warned this is not the work of a rogue hacking group, but rather the first move in a state-sponsored electronic war being waged by Vladimir Putin.”
“Measuring the true economic impact of security incidents on critical information infrastructures (CIIs) is extremely difficult, the European Union Agency for Network and Information Security (ENISA) concluded in a report released Aug. 10.”
“In calling for a Manhattan Project on cyber security author Marc Goodman laments that “We’ve wired the world, but failed to secure it.” Recent examples of computer systems faulting under attacks include Russian hackers allegedly leaking DNC emails, Oracles’ giant cash registry breach, and the Australian Bureau of Statistics nationwide census website being taken down.”
“Cyberattacks have become so common that they tend to fade from view. But for head-in-the-sand executives who believe they have better ways of spending their time and money, here’s a wake-up call. Just a few of the more notable cybersecurity dangers to hit the news in just the last week. Ignore them – and all the others – at your peril.”
August 15, 2016
“U.S. intelligence officials are planning to provide information including classified threat reports to companies about the risks of hacking and other crimes tied to the supplies and services they buy.”
“The White House’s Commission on Enhancing National Cybersecurity is launching a public plea for help Wednesday in understanding the “current and future states of cybersecurity in the digital economy.” The commission — comprised by prominent academics, former officials and industry luminaries that effectively serve as voluntary cybersecurity consultants to the President — will release a request for information, or RFI, soliciting public comment tomorrow, according to a Federal Register notice.”
“This article explores on the unlikely alliance between government and hackers which was manifested during the Black Hat USA conference in Las Vegas last week. But there’s still some mutual fear between the two communities, panelists agreed. “For many people in government, ‘hacker’ still means criminal. And there’s still a lot of distrust of government from the hacker community.”
“Industry lobbyists are pleased that FDA has issued draft guidance to try to clarify when medical device manufacturers and software developers can change their products without going through new regulatory review. It’s an issue that’s become big in cybersecurity because vulnerable devices are seen as a way to hack into health care records.”
“Amid the latest technology and research discussed at Black Hat USA, enterprises still aren’t implementing common sense cyber-security practices. Although most threats are preventable by following “Security 101” practices that require only basic common sense and preparation—advice which often is ignored, overlooked or deemed not cost-effective by executives.”
“America’s biggest banks are joining forces to combat the growing threat from cybercriminals, setting up a group that will work on preparing for attacks and improving information sharing, according to the Wall Street Journal. The group of eight includes Bank of America, Bank of New York Mellon, Citi, Goldman Sachs, Morgan Stanley, State Street, Wells Fargo and JPMorgan Chase”
“The FBI did not tell the Democratic National Committee that U.S officials suspected it was the target of a Russian government-backed cyber-attack when agents first contacted the party last fall, three people with knowledge of the discussions told Reuters.”
“As late as June, hackers had access to DNC systems and the network used by the Democratic Congressional Campaign Committee, a group that raises money for Democratic candidates and shares an office with the DNC in Washington, people with knowledge of the cases have said.”
“The confirmation of a temporary [order] enables the transfer of cybersecurity responsibility from the hands of the Israeli Security Agency (shin bet) to the National Cybersecurity Authority, regarding most organizations with vital computer systems.”
According to the Knesset announcement, the shift should be completed until 31.7.17. The temporary order’s validity will end on 31.12.18. At the same time, the Committee will continue to advance the “cyber law” which will regulate the various and extensive aspects of Israel’s cybersecurity.
“The establishment of the National Cyber Authority created dilemmas concerning the division of responsibilities. There is no sole organization capable of confronting the challenge on its own, a tight cooperation between all organizations is needed, with each contributing its relative advantages.”
“The international development index is a study that measures the ability of 10 countries around the world on their readiness to compete in the digital economy. The study, conducted by Barclays, attributes an overarching ‘digital empowerment’ score to each nation. It found that the UK came in 4th place behind new and emerging ‘digital tiger’ economies Estonia, South Korea and Sweden.”
“Estonia is a highly digitized nation, with nearly everyone using the Internet, and all government services online. Now the government wants to back the country up… to Great Britain.”
“Estonian-based network operator Elektrilevi has joined the European Network for Cyber Security (ENCS) to focus on improving cyber resilience. With a total network of about 64,000km of power lines and more than 24,000 substations, Elektrilevi has approximately 475,000 customers and is the largest network operator in Estonia, Northern Europe.”
United Airlines Challenge Rewards Teen Hacker
“Based in the Netherlands, Olivier Beg discovered 20 separate security flaws within United Airlines’ computer systems. As a reward, the airlines offered million United MileagePlus miles — a $25,000 value – for revealing 20 bugs to United’s program, as part of a challenge to help the company fix security flaws on its website.”
“September 26-27, 2016, Krakow, Poland, will host the 2nd European Cybersecurity Forum – CYBERSEC, the Annual Public Policy Conference dedicated to strategic aspects of cybersecurity. The invited experts will focus on building a regional cybersecurity system for Central and Eastern Europe, cyberdefence of NATO member states, cyber education and cyber innovations as well as public-private partnerships,” the statement reads.”
“On July 27, 2016, the State Council and the Communist Party Central Committee jointly released a blueprint for the country’s national IT strategy, which will guide Chinese government policy efforts over the next decade. Beijing sees the plan and its targets as critical to establishing China as an innovation and technology “powerhouse.”
Global Business Groups Slam China’s Draft Cybersecurity Rules
“In a letter addressed to Chinese Premier Li Keqiang, 46 global business groups spanning finance, information technology, insurance and manufacturing urged Beijing to revise its draft cyber rules, which they said would hamper trade.”
“A Chinese team showed strength in the first ultimate showdown of man vs machine in network security, which was held here this weekend at the world’s biggest top-level hacking conference DEF CON.”
“Over the last few years, Chinese President Xi Jinping has made improving cybersecurity a major policy goal. And yet the Chinese leadership is moving towards criminalizing the people that have the power to make that happen—white hat hackers.”
“The ongoing dispute over the South China Sea has apparently spilled over into cyberspace recently, as hackers believed to be from China have attacked government and private-sector organizations linked to the row over the key waterway, a new analysis has found.”
“Iran has gradually improved its offensive cyber abilities and developed more advanced ballistic missiles since signing an accord last year to curb its nuclear program, the U.S. Defense Department said.”
“Leading Russian cyber-security analysts have criticised recently announced government plans to create a single national database containing the personal data of all Russian citizens, expected to be the largest electronic archive in Russia.”
“The German government has announced the creation of a new cyber security unit which will be established early next year and staffed by around 400 civil servants.”
“A new Directive on cyber security was published in the Official Journal of the European Union. The Directive aims to achieve a common level of security of network and information systems within the EU. It requires all Member States to adopt a national strategy on the security of network and information systems and establishes security and notification requirements for operators of essential services and for digital service providers.”
“ECSO is a pan-european industry-led organisation with members from a wide variety of stakeholders. The main objective of ECSO, according to ecs-org.eu, is to support all types of initiatives or projects that aim to develop, promote, encourage European cybersecurity, and in particular to develop the cybersecurity market in Europe and the growth of a competitive cybersecurity and ICT industry, with an increased market position.”
“U.S. companies considering enlisting in the recently opened European Union-U.S. Privacy Shield data transfer program must ensure their privacy policies meet more robust data protection requirements than the predecessor U.S.-EU Safe Harbor program.”
“Weeks before the Democratic convention was upended by 20,000 leaked e-mails released through WikiLeaks, another little-known website began posting the secrets of a top NATO general, billionaire George Soros’ philanthropy and a Chicago-based Clinton campaign volunteer.”
SAP’s 2016 Cyber Threat Report reveals mounting and expanding vulnerabilities in most of its systems and platforms. The majority (69%) of its 36000 SAP systems worldwide available on the Internet should not be “configured for remote access.” “It’s noteworthy that the number of talks on security conferences directly affects the level of SAP Security in a particular country.”
“Called Strider by Symantec and ProjectSauron by Kaspersky, the malware infected dozens of computers in Iran, Russia, Sweden, China, Belgium and Rwanda.”
August 7, 2016
“An ongoing Defense Advanced Research Projects Agency (DARPA) project, one with a goal of using artificial intelligence to tackle security issues, is now beginning to bear fruit and may soon muscle out the human competition in these areas.”
“The FBI did not tell the Democratic National Committee that U.S officials suspected it was the target of a Russian government-backed cyber attack when agents first contacted the party last fall, three people with knowledge of the discussions told Reuters.”
“Homeland Security Secretary Jeh Johnson said Wednesday the federal government should consider designating the U.S. election process as “critical infrastructure” to give the voting system greater protection against cyber attacks.”
“Experts at buguroo Labs, a threat intelligence startup spun out of Deloitte’s European Security Operations Center, revealed these cyber criminals are honing their attacks in Poland, Japan, and Spain before launching in the U.S. and Western Europe.”
“Research and Markets has announced the addition of the “North America Cyber Security Market: Analysis and Forecast (2016 to 2022)” report to their offering. Cyber crimes cost have reached around $100 billion in the country. Canada and Mexico globally stand at the 13th and 17th position respectively as major sources of cyber crimes. North America needs to build a strong resilience system for managing cyber crimes.”
“The Obama administration is preparing to elevate the stature of the Pentagon’s Cyber Command, signaling more emphasis on developing cyber weapons to deter attacks, punish intruders into U.S. networks and tackle adversaries such as Islamic State, current, and former officials told Reuters.”
“Gaining awareness of devices residing on corporate networks is the first step to building a viable security architecture for the internet of things. The problem? Most CIOs don’t know what’s on those networks.”
“Black Hat is an annual conference in Las Vegas where cyber security researchers gather to trade hacking secrets. The purpose of the conference, in theory, is to get better at stopping bad guys. But in practice, that means learning to think like a skilled hacker as new techniques are presented and taught.”
“Thousands of hackers and other cybersecurity professionals converged on Las Vegas on Wednesday for the annual Black Hat conference. Here are some highlights of the day’s events.”
“National attention is focused on Russian eavesdroppers’ possible targeting of U.S. presidential candidates and the Democratic Congressional Campaign Committee. Yet, leaked top-secret National Security Agency documents show that the Obama administration has long been involved in major bugging operations against the election campaigns — and the presidents — of even its closest allies.”
“The Knesset Foreign Affairs and Defense Committee (FADC) published a report on Monday praising measures put forth by the government in the field of cyber-security, a field in which Israel is considered to be a global leader. The committee suggested guidelines for the administration of the new authority responsible for Israel’s cyber-attack preparedness, but also expressed concerns that the new body, the National Cyber Authority, would not fit in well with the existing security agencies.”
“On a global scale, the UK IT industry is the least satisfied with its education system. Only 14 percent of UK IT decision makers (ITDMs) feel that the UK education system fully prepares professionals for the cyber-security industry.”
“iboss Cybersecurity, the only cyber security solution that detects and contains data breaches before a loss occurs, announces a partnership with not-for-profit organisation Jisc to provide leading web filtering and monitoring solutions to UK education and research organisations. The new partnership makes iboss the preferred supplier of cloud-based web filtering and monitoring for Jisc’s member organisations and their millions of users.”
“With the modern threat landscape more treacherous than ever, the government has a vital role to play in helping businesses protect UK citizens from cyber attacks. Following the launch of the National Cyber Security Centre, we spoke to Gordon Morrison, director of government relations at Intel Security, about how the government is supporting the cyber security industry in the UK and what more needs to be done.”
“A new piece of research has found that approaching half of all businesses have been hit by a ransomware attack over the last year.
The study from Malwarebytes questioned over 500 IT leaders from companies across the UK and Germany, as well as Canada and the US, and found that almost 40% said they’d experienced a ransomware attack during the past year.”
“Cyber breaches have dominated the headlines in the United States, with public companies, government agencies, universities, and now even political parties reporting attacks. No sector has been spared. Gazing across the Atlantic, however, the landscape appears dramatically and blissfully different. Virtually no large European company has publicly acknowledged a cyber breach. Is there an Iron Dome or magnetic force field protecting Europe against cyber attacks?”
“In a deceptively humdrum office block on the outskirts of Banbury, Oxfordshire, a team of cybersecurity experts is working to combat the risk of surveillance and hacking attacks from China. The Cell’s technicians have the highest level of security clearance, with their personal and financial histories combed by investigating officers. Their work is overseen by a board that includes directors from GCHQ, the Cabinet Office, and the Home Office. They are employed by Huawei, one of China’s largest technology companies.”
“ It has become something of a ritual over the past decade. Revelations of a cyber attack against a geopolitical foe of Russia, accusations from Western leaders, and then the inevitable Kremlin response: “Prove it.” The article explores the different methods used by Russia to cover its tracks.”
“The Russian intelligence service claims hackers penetrated computer systems in government agencies and defense companies after being accused by U.S. government officials of stealing data from the Democratic Party at the behest of Republican presidential candidate Donald Trump.”
“Advertisements on mobile devices aren’t just annoying, they can also be malicious. According to a report from cyber security experts, a Chinese group has spread malware to Android users that are generating over $300,000 per month in revenue.”
Security firm: Suspected Chinese malware targets PH
“Tensions in the South China Sea seemed to have escalated in cyberspace as a Finland-based security firm alleged that it has found evidence that a malware suspected from China is targeting Philippine agencies involved in the sea dispute.”
“Malware traced by a security firm to China has been discovered to have spied on the Philippine government and other parties related to the territorial dispute in the West Philippine Sea. In a report released last week, Finland-based cyber security firm F-Secure identified the malware as NanHaiShu (translated as South China Sea rat), a Remote Access Trojan that can access information from infected computers to its command server.”
“Iranian hackers have compromised more than a dozen accounts on the Telegram instant messaging service and identified the phone numbers of 15 million Iranian users, the largest known breach of the encrypted communications system, cyber researchers told Reuters.”
“Syrian opposition activist Noura Al-Ameer was combing through her emails late one night when a message caught her eye. The sender was “Assadcrimes” and he promised information about Iranian meddling in the Middle East. But the email seemed odd.”
“Telefonica said it is the only operator so far to join the European Cyber Security Organisation, a newly formed body which aims to improve collaboration on security issues.”
“The Atlantic Council’s latest paper, alarmingly entitled ‘Arming for Deterrence: How Poland and NATO Should Counter a Resurgent Russia’. The recommendations put forward in this paper are the result of a deliberate decision (predicated upon the unfounded idea that Russia would initiate a military attack against Eastern European and Baltic nations), and that’s what makes its contents all the more disturbing.”
August 1, 2016
“A presidential directive signed by President ObamaTuesday will put the FBI in charge of responding to all cyber threats and give the federal government a more active role in investigating, preventing and mitigating attempts to hack into U.S.-based computer networks.”
“The White House on Tuesday issued the U.S. government’s first emergency response manual for a major cyber attack, though some officials acknowledged it lacked clear guidance on possible retaliation against hacker adversaries.”
“The Wikileaks release of the DNC’s hacked emails is a source of outrage in the media, but we are missing the bigger picture. Cybersecurity is a serious threat to our national, corporate and personal well-being, and not just because some emails and voice mails were made public. What about all of the donors whose personal and financial information was included in that release? Sue Marquette Poremba’s opinion piece.”
“In 2015, 13.1 million Americans were victims of identity theft, according to an Identity Fraud Study by Javelin Strategy & Research. New account fraud increased by 113% in 2015.The article explores the different ways how one can make sure that one’s identity is insured.”
“Once again, hacking is front and center in the news, a reminder that businesses and individuals need to fear the long reach of cyber theft. Here is a 12-point checklist – six steps for businesses and six for individuals – to enhance cyber security. ”
“The list of critical data stored by government agencies is endless. From credit card data, passport numbers, drivers’ license numbers and tax information, government agencies are storing vast amounts of data that create the perfect treasure trove for hackers to exploit.How can one make sure that this will not happen?”
“Cybersecurity negotiations were a key part of U.S. National Security Adviser Susan Rice”s recent trip to Beijing in an effort to strengthen U.S.-China relations ahead of this year”s G20 Leaders’ Summit.”
“For cyberdefense firms, the new age of information warfare – and the ensuing climate of fear – has led to a flood of cash. Analysts at research firm Gartner says the security-software market climbed to $22 billion last year, with sales growing by $1 billion for three straight years.”
“The government should pay the same care to our safety in pursuing threats online, but right now we don’t have clear, enforceable rules for government activities like hacking and “digital sabotage.” And this is no abstract question—these actions increasingly endanger everyone’s security.”
“SafeBreach, a cybersecurity startup founded in Israel, that simulates hacks on companies’ systems to help them identify holes, has closed a $15 million series A round from existing investors Sequoia Capital and Shlomo Kramer, with participation from new entrants Deutsche Telekom Capital Partners, Hewlett Packard Pathfinder, and Maverick Ventures.”
“The Ministry of National Infrastructure, Energy, and Water Resources wants to establish a cyber laboratory and has published a request for information (RFI) on the subject. The new laboratory will act as a testing and simulation environment for industrial operations technologies, and can be used to examine the effectiveness of various protection systems.”
“Israeli authorities who have faced a wave of lone-wolf attacks by Palestinian Arabs say they have made progress in identifying potential assailants in advance, a challenge now also confronting Western nations. The article explores the “Israeli method” to stop such attacks. “
“Laws in the pipeline to govern cyber defense will not protect Israel’s democratic process from foreign hackers, in a case similar to the hack of the Democratic National Committee’s emails, apparently by Russia, members of the Knesset Foreign Affairs and Defense Subcommittee on Cyber Security said Monday.”
“Wary of a global confrontation with Russia, U.S. President Barack Obama must carefully weigh how to respond to what security experts believe was Moscow’s involvement in the hacking of Democratic Party organizations, U.S. officials said.”
“Cyber Security jobs continue to rise at a fast rate in the UK, according to new research. As of June 2016, the number of jobs in cyber security has risen significantly by over 90 per cent since the same point in the previous year, positioning it as one of the UK’s most sought-after IT skills.”
“This note addresses the potential impact of Brexit on data privacy and cybersecurity legislation in the UK. It is one of a series of GTM Alerts designed to assist businesses in identifying the legal issues to consider and address in response to the UK”s referendum vote of 23 June 2016 to withdraw from the European Union.”
“The UK’s IT industry is the least satisfied among its international peers that the country’s education system is supporting the cyber security profession, a report has revealed.”
“UK information security firm Digital Shadows has discovered a service for setting up online shops that are perfectly suited for cyber criminals. This means there is effectively no barrier to setting up a cybercriminal business because all the necessary infrastructure and customer support is provided, eliminating the need for technical skills.”
“The government is urging British businesses and consumers to ensure they keep their phones and computers updated with the latest software in an effort to lower the number of victims of cyber crime.”
“Symantec has warned that China-themed cyber espionage group Patchwork has expanded and is now targeting UK-based companies. A report by the firm said that it has seen the group, also sometimes colourfully dubbed Dropping Elephant, using Chinese-themed content to lure victims to infected websites in the hope of installing malware on their devices.”
“DNV GL’s centre of excellence for smart energy and cyber security testing expertise has achieved UKAS accreditation and CESG recognition. After several months of intense assessment, the newly-opened Technical Assurance Laboratory (DTAL) based in Peterborough has been accredited and recognised to offer Common Criteria and Commercial Product Assurance testing.”
“Despite the constant warnings experts keep giving out to businesses concerning cyber-security, UK’s firms won’t be prioritising it in the next 12 months. This is according to a new quarterly survey by Close Brothers. Its key takeaway is that 63 per cent of companies decided not to invest in better security, while the other 37 percent decided to do so.”
“The public and private sector are now joining forces to stop ransomware as part of an international initiative to combat cybercrime. Groups participating in the project include Intel Security, Kaspersky Lab, the Dutch National Police, and Europol. “
“There is a mantra among cybersecurity experts is that there’s only two types of companies: those that have been hacked by China, and those that don’t know they’ve been hacked yet. How did they China achieve this?”
“The cyber-attacks on Vietnam’s two major airports have affected more than 100 flights, dozens of which were delayed for up to one hour, the country’s aviation authorities said. The hackers, allegedly from China, took control of the flight information screens and displayed distorted information about the East Sea (South China Sea) and insulted Vietnam and the Philippines, according to authorities.”
“The Cabinet announced the formation of a new government agency dedicated to information security on Monday. The establishment of the Department of Cyber Security (資通安全處) will increase existing information security resources and will allow inter-ministerial coordination, said Cabinet spokesman Tung Chen-yuan (童振源).”
“A series of cyber regulations officially took effect Monday, as China aims to better protect online users’ interests and better guide the development of China’s Internet industry.”
“The well-timed leak of e-mails from the Democratic National Committee, following a long-running breach of the DNC”s network, is a masterful piece of information warfare. The leak may only be the beginning of an effort to shape the US presidential election, or it may be a backup plan triggered by the exposure of the long-running breach. But the hacking of the DNC and the direct targeting of Hillary Clinton are only parts of a much larger operation by Russia-based hackers who have breached a number of US government networks.”
“We have to accept that someone is attacking our nation’s computer systems in an apparent attempt to influence a presidential election. This kind of cyber attack targets the very core of our democratic process. And it points to the possibility of an even worse problem in November — that our election systems and our voting machines could be vulnerable to a similar attack.”
“The Kremlin has sharply denied the claims of U.S. officials and security experts that Moscow may have been involved in the hacking of Democratic National Committee emails, and said Thursday that it was “absurd” that Russia had infiltrated Hillary Clinton’s private server.”
“Russia”s intelligence service said on Saturday that the computer networks of 20 organizations, including state agencies and defense companies, have been infected with spyware in what it described as a targeted and coordinated attack.”
“The Kremlin says it had zero involvement in the hacking of Democratic Party emails while U.S. officials say the hack originated in Russia. We may never know who is right, but one thing is for sure – Russia had motive, capability, and form.”
“Data protection officials from European Union member states do not believe the European Commission’s “adequacy determination” issued in adopting the Privacy Shield framework for transatlantic data transfers resolves their original concerns, despite last-minute revisions by the U.S. Commerce Department and EU commission prior to its adoption. The member state data protection officials – under the auspices of the Article 29 Working Party – laid out their five remaining critiques of the final adequacy determination in a July 26 press release.”
“As NATO grapples with mounting security threats—both conventional and irregular—the concerned alliance is tussling to deliver a unified strategy for information warfare and dominance in the face of increasingly sophisticated cyberspace technologies exploiting its vulnerabilities.”
Updated on: 08.01.2016.
Cybersecurity Update – March 21, 2014
President Barack Obama asked the Department of Defense last June to perform a cyberattack, according to the nonprofit organization Federation of American Scientists (FAS).
The U.S. Air Force declassified a 15-page policy directive (PDF) last week, containing a single sentence that the FAS believes is enough to prove Obama ordered the military to carry out an aggressive operation in cyberspace, though further details are still classified.
Hackers brought down several public NATO websites, the alliance said on Sunday, in what appeared to be the latest escalation in cyberspace over growing tensions over Crimea.
The Western military alliance’s spokeswoman, Oana Lungescu, said on social networking site Twitter that cyber attacks, which began on Saturday evening, continued on Sunday, although most services had now been restored.
“It doesn’t impede our ability to command and control our forces. At no time was there any risk to our classified networks,” another NATO official said.
International criminal enterprises follow the money, and a report being released Thursday says they are increasingly focusing on California because of its wealth and innovation.
Aside from long-time trafficking in drugs, guns and people, the report by California Attorney General Kamala Harris says criminals are turning to cybercrime to target businesses and financial institutions.
It calls California the top target in the U.S. for organizations that often operate from safe havens in Eastern Europe, Africa and China.
Nearly two weeks after state Auditor Adam Edelen accused Senate Republican leaders of playing politics with a cyber security bill he endorses, the measure was placed on the chamber’s consent agenda after a unanimous committee vote Monday.
The Senate version of House Bill 5 would require state agencies, local governments and contractors to develop and maintain security and investigation protocols to mitigate electronic security breaches involving confidential information held by those agencies, such as Social Security numbers, said Sen. Joe Bowen, chairman of the Senate State and Local Government Committee.
Arguments for boosting US cyber spending over the past couple of years have largely begun with the need to greatly improve the resilience of government networks and ended with a call to grow the cyber force.
But as a new cyber chief awaits confirmation, the discussion has shifted toward how cyber can be part of larger operational planning and how its capabilities might be used to deter aggressive acts.
After claiming that the U.S. intends to unleash cyber warfare on Syria, the Syrian Electronic Army tweeted “proof” that it breached U.S. Central Command systems in response to “Obama’s decision to attack Syria with electronic warfare.” A few weeks ago, SEA tweeted cyberattack threats to topple CENTCOM like a “house of cards” if the U.S. launched cyberattacks on Syria. Then on Friday, SEA tweeted:
The next tweet was: “This is part of an on-going operation and we have already successfully penetrated many central repositories.” It contained a screenshot that allegedly proves SEA gained access to Army Knowledge Online (AKO) servers.
The issue of terror attack against critical infrastructure. Although these events are by all accounts fairly rare, the attack against Statoil’s natural gas facility at In Amenas, Algeria by the Al Qaeda in the Maghreb organization indicates that terror groups see value in attacking energy targets. As a side note, Statoil’s report on the Amenas attack is a fine case study on a terror event and a vital read for those who must consider security issues in the energy industry.
The matter that Ijeoma, Morgan and I considered is to what degree a cyber attack against energy targets might be a concern. The topic of cyber attack against critical infrastructure has unfortunately moved from a hypothetical to a reality in my academic career. Because of Stuxnet, which allegedly had a significant impact upon centrifuges employed in the Iranian nuclear enrichment program, we now have evidence that computers can be manipulated in a way to produce damage of physical plant and hardware. We are contending with the fact that computers can be hijacked and instructed to break things, a topic more out of science fiction.
A cyber attack happens every 1.5 seconds, according to the FireEye Advanced Threat Report 2013. The study also found that Java was a prime target early in the year, while zero-day attacks focusing on Internet Explorer increased significantly during the latter part of 2013.
According to a FierceCIO article, the results of the FireEye report show the growing threat created by malware infections worldwide. “FireEye found malware attack servers and command and control (CnC) infrastructure in 206 countries and territories in 2013, up from 184 in 2012,” wrote the article’s author Jeff Goldman. More attack servers mean a greater volume of malware being pushed at networks.
A longtime staple of information technology training, cyber security has become a mainstream interest. Edward Snowden’s big reveal last year about the National Security Agency as well as the criminal breach into Target’s (TGT) credit and debit card system show that cyber protection is needed now more than ever.
Every Ivy League school — as well as high performing institutes like Stanford and Carnegie Mellon — offers a computer security program and has done so for a while. But as educational programs become more varied, so do the job prospects.
Thursday, the chair of the President’s Task Force on Cybersecurity sent a letter to University of Maryland officials notifying them of a “cyber-intrusion” this past weekend. According to the official, the FBI determined that there was “no public release of any information and no damage to the institution, except for the release of personal data of one senior University official…”
Investors cringe when a company they own, such as Target (TGT) or Las Vegas Sands (LVS), suffers a cyber breach that results in the loss of customer or employee data.
The cost of a high-profile breach can be in the tens or hundreds of millions of dollars due to lost business, disrupted services and compensating potential identity theft victims.
But sophisticated companies are increasingly balancing the rising risk of a pricey cyber event by acquiring cyber security insurance from the likes of AIG (AIG) and Chubb (CB). Cyber coverage can mitigate the costs of everything from hiring forensic investigators and high-priced lawyers to shelling out ransoms to cyber extortionists.
Japan faced a full-on cyber attack across government departments on Tuesday in a drill aimed at bolstering national security as the country gears up to host the 2020 Olympics.
Japan is following the lead of Britain, which invited ethical hackers to test its computer systems in the run up to the 2012 London Olympics. In the event, London parried multiple cyber attacks.
Some 50 cyber defense specialists gathered at an emergency response center in Tokyo, with at least three times that many offsite, to defend against a simulated attack across 21 state ministries and agencies and 10 industry associations, said Ikuo Misumi, a hacking expert at Japan’s state-run National Information Security Center.
A group of events in the past few weeks signal that Russia, China and Iran are entering a new phase in their cyber warfare capabilities, a trend that could spill over into the Israeli- Iranian conflict.
News reports on last Monday gave more detailed accounts of the limited cyber warfare operations that Russia has reportedly been conducting against Ukraine since its incursion into Crimea.
The Ministry of Defence is developing a secret, multimillion-pound research programme into the future of cyberwarfare, including how emerging technologies such as social media and psychological techniques can be harnessed by the military to influence people’s beliefs.
Programmes ranging from studies into the role of online avatars to research drawing on psychological theories and the impact of live video-sharing are being funded by the MoD in partnership with arms companies, academics, marketing experts and thinktanks.
As high-level international talks in Vienna over Iran’s nuclear program edged closer to a deal last fall, something curious happened – massive cyber-attacks that had hammered Wall Street bank websites repeatedly for about a year slowed to a near stop.
While banking industry officials were relieved, others wondered why those Iran-linked “distributed denial of service” attacks that had so regularly flooded bank websites with bogus Internet traffic were shut off like a faucet. One likely reason, say US experts on cyber-conflict: to reduce friction, at least temporarily, at the Vienna nuclear talks
Cybersecurity Update – March 7, 2014
The many cybersecurity challenges facing the U.S. include one of which many Americans are unaware—the serious threat posed by vulnerabilities in the cyber supply chain. Of the many components—including hardware, firmware, and software—that compose a technological product, most contain elements stemming from a broad global market, making it difficult to ascertain the complete security of an end product. With the market for technological goods and components continuing to grow every year, and with everything from missiles to smartphones relying on these products, the need for cyber supply chain security has never been more important. It is essential that enhancing the security of the United States’ technological supply chain not destroy the well-functioning international market for technology. Instead of the two extremes of intrusive government mandates or doing nothing, the U.S. government should promote development of a private-sector system for securing and accrediting technology companies that would allow customers—from the federal government to small businesses—to make more informed and risk-based decisions.
President Obama’s fiscal year 2015 budget outlines a set of priorities – a wish list – of programs the administration hopes to pursue, including a federal cyber campus where civilian agencies can collaborate on cyber-incident response.
Collaboration is among the major cybersecurity themes in Obama’s proposed budget for fiscal year 2015, which begins Oct. 1.
“Cyberthreats are constantly evolving and require coordinated, comprehensive and resilient plan for protection and response,” according to the 212-page budget document issued March 4. “The budget identifies and promotes cross-agency cybersecurity indicatives and priorities, including improving cybersecurity information sharing while protecting privacy, civil liberties and enhancing state and local capacity to respond to cyber-incidents.”
The General Services Administration is seeking $35 million as part of President Barack Obama’s proposed 2015 budget to establish a civilian cybersecurity center in the D.C. metro area that would enable more collaboration between various federal agencies.
GSA Administrator Dan Tangherlini told reporters Tuesday that the idea is to bring experts from federal agencies — such as the Department of Homeland Security and Department of Justice — together in shared space instead of being spread over multiple D.C.-area buildings. Tangherlini says the government is “spending substantial amounts of resources” on rent and that the initiative could shift agencies from around 600,000 square feet of leased space to a new, federally-owned building.
In one of his final Capitol Hill appearances, Gen. Keith Alexander, the National Security Agency’s director, called Thursday for a stronger strategy to deter cyberattacks, saying the line that would prompt a U.S. response against an adversary “does not yet exist.”
Alexander, who retires next month after nearly 40 years in the Army and almost nine at the helm of the NSA, said his greatest concern was a terrorist attack against the United States or Europe.
Gen. Keith B. Alexander, the director of the National Security Agency, said Tuesday that the leaks by the former agency contractor Edward J. Snowden had slowed the effort to protect the country against cyberattacks on Wall Street and other civilian targets.
General Alexander was speaking at a conference at Georgetown University in one of his last public speeches before he leaves the agency this spring. He predicted that the disclosure of information relating to government surveillance programs would force Congress to act on changes to the rules governing the bulk collection of telephone records before it tries again to pass legislation that would mandate the way private companies protect against cyberintrusions, and delineate what information they share about attacks with the government.
U.S. utilities would benefit from an independent group to set industry-wide guidelines on combating cyber threats, according to a think-tank report released on Friday that was co-authored by a former director of the Central Intelligence Agency.
The report, from the Bipartisan Policy Center, said a new independent organization could bring together the disparate interests in the sector to help manage cybersecurity for the nation’s electric grid, and help to deal with threats such as new malware that could be targeted at plants’ information technology systems.
“We don’t have one group looking at this holistically to see what the answers are,” said Curt Hebert, a co-author of the report who is a former chairman of the Federal Energy Regulatory Commission, the agency which oversees aspects of the nation’s electric grid.
Sears Holdings Corp said Friday it has launched an investigation to determine whether it was the victim of a security breach, following Target Corp’s revelation at the end of last year that it had suffered an unprecedented cyber attack.
“There have been rumors and reports throughout the retail industry of security incidents at various retailers and we are actively reviewing our systems to determine if we have been a victim of a breach,” Sears spokesman Howard Riefs said in a statement on Friday.
Electronic spying tools used by the U.S. government could end up in the hands of organized criminals and hackers, further eroding Internet security, warned industry leaders who called for new restrictions and oversight of government activity.
“It is a big worry” that the methods will spread, said Andrew France, former deputy director of the UK’s NSA equivalent, GCHQ, and now chief executive of security startup Darktrace.
The government habit of purchasing information about undisclosed holes in software is also “really troublesome,” said former White House cyber security advisor Howard Schmidt. “There’s collateral damage.”
Crashing websites and overwhelming data centers, a new generation of cyber attacks is costing millions and straining the structure of the Internet.
While some attackers are diehard activists, criminal gangs or nation states looking for a covert way to hit enemies, others are just teenage hackers looking for kicks.
Distributed Denial of Service (DDoS) attacks have always been among the most common on the Internet, using hijacked and virus-infected computers to target websites until they can no longer cope with the scale of data requested, but recent weeks have seen a string of particularly serious attacks.
This year marks an important but likely overlooked anniversary – 100 years since the death of Alfred Thayer Mahan. A notable military officer and scholar, Mahan revolutionized military strategy and security policy with his 1890 book The Influence of Sea Power Upon History. Supporting vigorous engagement in the international community, he argued that states could best build and maintain strength through powerful navies, which open foreign markets and deter foreign aggressors.
Though based on historical example, his message was particularly prescient for the 20th century, in which the great naval armadas of two world wars moved men and materiel in unprecedented quantities to the far reaches of the earth. One could hardly dispute that naval strength remains relevant today. Aircraft carrier groups, for example, are a critical tool of power projection, and essential sea lines of communication and trade rely on naval protection.
Russia’s offensive military actions in Crimea and its threats to the rest of Ukraine are raising concerns about how the conflict could play out in cyberspace.
On March 4, at a news briefing, the head of Ukraine’s security service said the country’s telecommunications system had been attacked, with equipment installed in Russian-controlled Crimea used to impede the mobile phones of members of parliament, according to Reuters.
Paul Rosenzweig, a former Department of Homeland Security deputy assistant secretary for policy, has identified three other cyber-related actions that have occurred in the past few days in the budding conflict: the degrading of telecommunication links to Crimea; Russian social networks blocking links to sites and pages with pro-Ukrainian messages; and Russia Today – the pro-Kremlin, English-language website – briefly being hacked with the word “Nazi” prominently inserted into headlines describing Russian actions.
Businesses in the Middle East are facing a growing risk of cyber-attacks, says an annual security report released on Monday.
Total global threats have reached their highest recorded level, increasing 14 per cent from 2012 to last year, according to the Cisco 2014 Annual Security Report.
A sample of 30 of the world’s largest Fortune 500 companies generated visitor traffic to websites that host malware, with a sharp rise in malware attacks on the Middle East’s oil and gas sector.
The Russian forces occupying Crimea are jamming cell phones and severing Internet connections between the peninsula and the rest of Ukraine. Moscow hasn’t succeeded in imposing an information blackout, but the attacks could be sign that Russia is looking to escalate its military operations against the new government in Kiev without firing a shot.
Russia has a history of launching cyber attacks on its neighbors with the aim of disrupting the countries’ ability to communicate to their citizens and with the outside world. One attack in 2008, during Russia’s war with Georgia, accompanied a ground-based military assault and was intended to disrupt government and media communications.
Ukraine and its friends in the United States, NATO, and European Union need to prepare now for a probably inevitable (but just possibly preventable) cyber conflict with Russian-backed proxies.
Russian government behavior is clear when its perceived interests in its “near abroad” are at risk. The trend started most obviously in 1999 when the Kremlin turned a blind eye to groups like the Russian Hacker Brigade that attacked networks of NATO and member nations in response to Operation Allied Force bombing attacks against Serbia (a fellow Slavic country friendly to Russia). These attacks disrupted NATO web servers and other services but had little overall effect on the alliance or its operations. Similarly, later attacks by Russian nationalists, such as those against Latvia or Lithuania, were largely inconsequential, at least at the strategic level.
The Syrian Electronic Army takes to Twitter to threaten an attack on U.S. Central Command if the United States conducts cyberwarfare operations against Syria.
The shadowy hactivist group that supports the regime of Syrian President Bashar al-Assad warned on Friday that the strike would reveal “the U.S. command structure was a house of cards from the start.”
During an official meeting on security, Mr Xi called for a “master strategy… and innovative development” while stressing the strategic importance of “internet security and informatisation” as it concerned the security and development of a nation, the People’s Daily reports.
The term informatisation refers to the extent of information a society gets.
China is the world’s largest internet market with about 618 million internet users and cyber-security has become a matter of prime concern after the country was hit by a large-scale attack in January
Cybersecurity Update – February 28, 2014
The U.S. military is ill-prepared for waging cyber warfare and needs to bolster defenses against the growing threat of cyber attacks against both military systems and private infrastructure, the commander of U.S. Cyber Command told Congress on Thursday.
“Those attacks are coming and I think those are near term and we’re not ready for them,” said Army Gen. Keith Alexander, head of Cyber Command and also outgoing director of the National Security Agency.
Homeland Security, law enforcement and corporate executives from across metro Atlanta will descend on Clay National Guard Center today to participate in a simulated cyberattack on a fictitious logistics company similar to UPS or FedEx.
The recent security breach of debit card data at Target stores showed how hackers are getting more sophisticated in their abilities to crack the networks of major corporations, said Tony Cooper, spokesman for the Technology Association of Georgia or TAG, which is sponsoring the event.
But what if a logistics company, say a mover of cargo through a local airport or a ground carrier such as UPS, were to experience a simultaneous cyberattack against its computers and a physical attack that included explosives in a package being sent from point A to point B?
Not long after the uprising in Syria turned bloody, late in the spring of 2011, the Pentagon and the National Security Agency developed a battle plan that featured a sophisticated cyberattack on the Syrian military and President Bashar al-Assad’s command structure.
The Syrian military’s ability to launch airstrikes was a particular target, along with missile production facilities. “It would essentially turn the lights out for Assad,” said one former official familiar with the planning.
The prospect that NATO might formally do more to prevent and mitigate cyber threats to governments and critical infrastructure looms this week as the alliance prepares for a defense ministerial in Belgium that will pave the way for a major fall summit in Wales.
The deep debate within the alliance on the future of cyber defense policy could have implications not only for major military matters but also for the role of the private sector, said Julianne Smith, a senior vice president with Beacon Global Strategies.
One enduring mystery about Stuxnet, the first cyberweapon the world has known, is this: Just how did that “digital missile” infiltrate Iran’s secret Natanz nuclear fuel-enrichment facility in the first place?
A new thesis about that, to be outlined Tuesday at a security conference in San Francisco, points to a vulnerability in the Iranian facility’s supply chain – and may hold lessons for owners of critical infrastructure in the US concerning how to guard their own industrial equipment against cyberattack.
The Pentagon long has made a big effort to showcase its budding cyberwarfare capabilities. But the military has been less forthcoming about a key, more tangible component of cyber — electronic warfare – until now.
The Army just publically released its first-ever Field Manual for Cyber Electromagnetic Activities. The manual covers operations related to cyberspace and the electromagnetic spectrum, highlighting that for the Army electronic warfare is every bit as important as the cyber threat we hear so much about in abstract.
Right now, Chinese criminals and spies are targeting the United States and other countries in the biggest semi-organized campaign of theft and espionage in world history.
And it’s all being done online, through hacks, fraud and other Internet trickery.
But Americans—and especially our leaders—hardly know the first thing about “cyber” threats. And that badly complicates any organized response to Internet attacks.
Today, MazeBolt Technologies, an Israeli based Cyber Security Startup announced the release of their DDoS Simulation module to strengthen their posture in the Cyber Security arena.A methodology commonly known in cyber security circles as a “War Games Simulation.”A roleplay of realistic DDoS attack scenarios on your network infrastructure or website.
To be as realistic as possible the methodology used to simulate the attack would be the same methodologies used in operations like Operation Ababil which unleashed havoc against a number of American financial institutions.
A cybersecurity firm said on Tuesday that it uncovered stolen credentials from some 360 million accounts that are available for sale on cyber black markets, though it is unsure where they came from or what they can be used to access.
The discovery could represent more of a risk to consumers and companies than stolen credit card data because of the chance the sets of user names and passwords could open the door to online bank accounts, corporate networks, health records and virtually any other type of computer system.
A major flaw in Apple Inc software for mobile devices could allow hackers to intercept email and other communications that are meant to be encrypted, the company said on Friday, and experts said Mac computers were even more exposed.
If attackers have access to a mobile user’s network, such as by sharing the same unsecured wireless service offered by a restaurant, they could see or alter exchanges between the user and protected sites such as Gmail and Facebook. Governments with access to telecom carrier data could do the same.
“It’s as bad as you could imagine, that’s all I can say,” said Johns Hopkins University cryptography professor Matthew Green.
Cyber criminals have infected hundreds of thousands of computers with a virus called “Pony” to steal bitcoins and other digital currencies, in the most ambitious cyber attack on virtual money uncovered so far, according to security firm Trustwave.
Trustwave said on Monday that it has found evidence that the operators of a cybercrime ring known as the Pony botnet have stolen some 85 virtual “wallets” that contained bitcoins and other types of digital currencies. The firm said it did not know how much digital currency was contained in the wallets
Once the preserve of spies and their masters, cryptology – the science of keeping secrets – now affects us all.
Hardly a week goes by without news that one government has been spying on another, or that hackers have broken into a website and made off with client data.
Earlier this month the crowdfunding site Kickstarter became the latest high-profile victim of hacking. Customer information including usernames, email and postal addresses were stolen.
The growing number of cyber attacks on U.S. businesses, federal agencies and other institutions could be stymied if the victims of those attacks shared more information about the perpetrators, says Adam Vincent, the chief executive of Cyber Squared.
The three-year-old Arlington company hopes to provide the platform where the information gets shared. Its software, called ThreatConnect, allows individual cybersecurity professionals to swap data about threats, attacks and responses.
HTarget, Neiman Marcus, Michaels and the University of Maryland. They’re all major retailers and institutions hit by hackers.
So how are they getting all this data?
Linh Bui speaks with a security expert about why these cyber attacks keep happening.
Cyber attacks pose a threat to consumers, businesses and governments. It’s a problem that’s growing at a rapid pace.
President Xi Jinping is presiding over a new working group on cybersecurity and information security, China announced on Thursday, a sign that the Communist Party views the issue as one of the country’s most pressing strategic concerns.
The government said Mr. Xi and two other senior leaders, Prime Minister Li Keqiang and Liu Yunshan, a member of the Politburo Standing Committee, would help draft national strategies and develop major policies in a field that might include protecting national secrets and developing cyberdefenses, among other goals.
Power companies are being refused insurance cover for cyber-attacks because their defences are perceived as weak, the BBC has learned.
Underwriters at Lloyd’s of London say they have seen a “huge increase” in demand for cover from energy firms.
But surveyor assessments of the cyber-defenses in place concluded that protections were inadequate.
Energy industry veterans said they were “not surprised” the companies were being refused cover
China’s military hackers are back, more brazen than ever. You can thank Edward Snowden.
A year ago, the Internet security firm Mandiant went public with what cyber-war watchers had known for some time: Unit 61398, a secret branch of the Chinese military, had been behind more than 1,000 cyber attacks on Western targets since 2006. Employing thousands of trained cyber warriors housed in a 12-story building in Shanghai — and backed by an enormous militia of part-time hackers — Unit 61398 had been waging a constant war on foreign banks, infrastructure, defense firms and government agencies, including one spectacular 2007 raid on the Pentagon that shut down 1,500 different Defense Department networks.
Several months have passed since the news around the NSA spying scandal – including intense monitoring of Brazil’s communications – but Dilma Rousseff’s government appears to be struggling to structure proper cybersecurity mechanisms.
According to the Brazilian Secretary of Strategic Affairs (SAE), an over-arching strategic plan aimed at improving national security and defense policies in the cyberspace will only be ready around September time.
“The idea is to first perform sectorial meetings to discuss these matters, followed by regular plenary meetings to report on the progress of activities, with requests for suggestions that can improve the work. After that, we will submit proposals to the SAE Minister and all ministries that are part of this initiative, then finally present [a proposal] to the President,” says general Gonçalves Dias, a defense aide at the SAE.
Brazilian hackers are threatening to disrupt the World Cup with attacks ranging from jamming websites to data theft, adding cyber warfare to the list of challenges for a competition already marred by protests, delays and overspending.
In a country with rampant online crime, a challenging telecommunications infrastructure and little experience with cyber attacks, authorities are rushing to protect government websites and those of FIFA, soccer’s governing body.
Furious about the 33 billion reais ($14 billion) in federal funds being spent on World Cup preparations, more than a million Brazilians took to the streets last June in a wave of mass demonstrations, calling for better public services, greater transparency, and a crackdown on corruption.
The United Arab Emirates is set to double its spending on homeland security from $5.5 billion to more than $10 billion in the next 10 years, according to a US study. Analysts say a majority of that funding will go toward cybersecurity.
Spending is estimated to reach $57.7 million by 2015, with a view to increase investment on homeland security, economic development and rapid population growth, to curtail regional unrest and the increased complexity of potential threats. The numbers come from the 2013-2014 annual report by the US Commerce Department’s International Trade Administration and reported by state news agency WAM.
South Korea has made a suprisingly public announcement that it plans to develop cyber-weapons for potential use against North Korea. The decision to make its plans known is baffling and the potential consequences of taking hostilities online are deeply troubling.
When the Iranian nuclear processing plant at Natanz was hit with Stuxnet it marked a new stage in modern warfare. Stuxnet was the first code-based weapon ever used and by the time it was discovered in 2010, it had ruined almost a fifth of the Natanz centrifuges and caused so much disruption that the Iranian nuclear programme is yet to fully recover.
Hacking Israeli websites from the Gaza Strip is a raging front in a war where soldiers are trained in the art of hacking individually and collectively. They are preparing to fight the next battle globally, united in a virtual world with other hackers around the world to deliver a message that the siege on Gaza must end.
The electronic conflict between Palestinian hackers and Israel is growing, after the success of the largest unified hacking operation against Israel launched on April 7, 2013. The goal of the attack, dubbed OpIsrael, was that of “wiping Israel off the Internet.”
Cybersecurity Update – February 14, 2014
Intelligence officials investigating how Edward J. Snowden gained access to a huge trove of the country’s most highly classified documents say they have determined that he used inexpensive and widely available software to “scrape” the National Security Agency’s networks, and kept at it even after he was briefly challenged by agency officials.
Using “web crawler” software designed to search, index and back up a website, Mr. Snowden “scraped data out of our systems” while he went about his day job, according to a senior intelligence official. “We do not believe this was an individual sitting at a machine and downloading this much material in sequence,” the official said. The process, he added, was “quite automated.”
The U.S. government on Wednesday released the final version of standards meant to help companies in nationally critical industries better defend against cyber attacks, and officials now face the challenge of getting the private sector to adopt the voluntary measures.
Criticized for being too vague and toothless, the so-called cybersecurity framework turned a vast amount of industry input into guidelines designed for 16 different sectors whose disruption could be devastating to the country.
The release from the National Institute of Standards and Technology comes exactly one year after President Barack Obama issued an executive order directing the agency to compile voluntary minimum cybersecurity standards as one step to counter the lack of progress on cybersecurity law in Congress
Nearly a year after President Barack Obama issued an executive order to improve the cybersecurity of the nation’s vital assets, the administration doesn’t have much to show: The government is about to produce only some basic standards, with little incentive for the private sector to participate.
The program’s early weaknesses are a sign that — even as high-profile breaches at Target and other retailers compromise the data of millions of consumers — the White House and Congress have made minimal progress on the potentially more serious issue of protecting power plants, oil pipelines and major banks from a crippling cyberattack
Kellerman is the managing director at Alvarez & Marsal, a Washington, DC-based global professional services firm that offers strategic guidance and advisory services to other businesses. Kellerman is a Certified Information Security Manager (CISM) with 17 years of experience in cybersecurity, risk management, and incident response. He served as a commissioner on the Commission on Cybersecurity for the 44th President
The NCCIP Act is currently pending legislation in the House of Representatives, but Kellerman is optimistic that the bill will be approved later in 2014.
The NCCIP is a unique piece of legislation that will allow the DHS to take a more active role in the realm of cybersecurity by forming a partnership with private businesses to share information, provide support responding to the cybersecurity threats, and offer education and training to businesses that request it.
A western Pennsylvania heating and refrigeration contractor said it was the victim of a “sophisticated cyber-attack operation” that is being investigated by the US Secret Service and possibly linked to the data breach that enabled hackers to access millions of credit card numbers belonging to Target store customers.
Fazio Mechanical Services Inc, of Sharpsburg, issued the statement after internet security bloggers identified it as the third-party vendor through which hackers accessed Target’s customer information. Target had previously told reporters the store believed hackers accessed 40m of its customers’ card numbers through a vendor’s system
Multiple reports suggest the largest ever DDoS attack – peaking at 400Gbps – has hit targets in the US and Europe though who is behind the attack, and who the victims were remains a mystery.
Last year a DDoS (distributed denial of service) attack on the anti-spamming group Spamhaus was declared the “biggest in the history of the internet” peaking at 300 gigabits per second (Gbps).
On Monday reports from the US and France suggest an attack peaking at 400Gbps had been launched using a new technique which allows an attacker to easily amplify their attack while hiding their identity.
Washington and the private sector are both scrambling to protect their critical systems from cyberattacks. Can the two of them cooperate to stay safe?
John Bussey, assistant managing editor and executive business editor of The Wall Street Journal, spoke about cybersecurity with Mike McConnell, vice chairman of Booz Allen Hamilton and former White House national intelligence director and director of the National Security Agency. Here are edited excerpts of their conversation.
When it comes to cyberthreats, what are the major concerns for banking institutions in 2014? Distributed-denial-of-service attacks waged as a mode of distraction to perpetrate fraud across numerous banking channels are a growing threat. But financial institutions also are concerned about ransomware attacks designed to wage account takeover fraud, as well as mobile malware and insider threats.
The key for banking institutions in 2014 will be to focus on detecting and mitigating multiple risks across multiple channels. “We will see more blended attacks that combine DDoS with some form of attempted data compromise,” says Doug Johnson, vice president and senior adviser of risk management policy for the American Bankers Association.
Other threats that will require renewed attention include spear-phishing attacks and call-center schemes waged against employees, as well as nation-state threats and third-party breaches.
Bitcoin exchange Bitstamp temporarily halted withdrawals and deposits on Tuesday due to a cyber attack that caps off a rocky stretch for the crypto currency.
The troubles experienced by Bitstamp and similar issues at rival exchange Mt. Gox highlight the technical problems still faced by the relatively young and increasingly-popular currency.
Slovenia-based Bitstamp said it stopped processing Bitcoin withdrawals due to “inconsistent results” reported by its “bitcoind” wallet that were caused by a denial-of-service attack. DDoS attacks are increasingly popular cyber intrusions that flood servers with unreasonable amounts of traffic.
Sheldon Adelson’s Las Vegas Sands (LVS) appears to have been hit by a cyber attack this week that has crippled a number of the casino giant’s websites and compromised employee data.
The intrusion has prevented guests from using the websites of certain casinos, including the Venetian in Las Vegas.
“Our company-operated websites have been hacked as have some office productivity systems in the U.S.,” a Las Vegas Sands spokesman said. “The company is working closely with the appropriate law enforcement agencies to determine who initiated the hacking activity.”
Mesay Mekonnen was at his desk, at a news service based in Northern Virginia, when gibberish suddenly exploded across his computer screen one day in December. A sophisticated cyberattack was underway.
But this wasn’t the Chinese army or the Russian mafia at work.
Instead, a nonprofit research lab has fingered government hackers in a much less technically advanced nation, Ethiopia, as the likely culprits, saying they apparently used commercial spyware, essentially bought off the shelf. This burgeoning industry is making surveillance capabilities that once were the exclusive province of the most elite spy agencies, such as National Security Agency, available to governments worldwide.
Ayatollah Ali Khamenei has delivered a sabre-rattling speech to Iran’s ‘Revolutionary foster children’ (in other words, university students) to prepare for cyber war.
The supreme leader has urged his country’s students – whom he called “cyber war agents” – to prepare for battle, the semi-official Mehr news agency reported Wednesday.
“You are the cyber-war agents and such a war requires Amman-like insight and Malik Ashtar-like resistance. Get yourself ready for such war wholeheartedly,” wrote Khamenei.The supreme leader was referring to two of Prophet Mohammad’s warrior companions in early Islamic history.
South Korea and the United States on Friday held their first working-level talks on cybersecurity to discuss ways to develop joint cyberwarfare capabilities and an emergency response system, South Korea’s Defense Ministry said.
The meeting was called after the defense ministries of the two nations last year agreed to launch the Cyber Cooperation Working Group in light of a series of large-scale hack attacks into South Korean networks, believed to have been masterminded by North Korea.
France unveiled plans on Friday to bolster long-neglected defences against cyber attacks, with 1 billion euros ($1.36 billion) of investment foreseen to bring the country’s technology up to speed with NATO partners.
Defence Minister Jean-Yves Le Drian presented measures including roll-outs of secure telephones, encryption technology and network surveillance to harden sensitive computer systems now exposed to hacking and espionage.
The spending aims to build up France’s ability to fend off mounting cyber attacks and bolster surveillance after years of neglect. The issue has taken on more urgency in the wake of former NSA contractor Edward Snowden’s disclosures about US cyber surveillance practices.
Japan faced at least 12.8 billion cyber-attacks in 2013 alone, says Tokyo’s National Institute of Information and Communications Technology (NICT).
The cyber-attacks, which are believed to have included phishing campaigns, DDoS (Distributed Denial of Service) attacks, and Hacktivism, had largely targeted government organisations and other state-run activities.
The NICT said it is the highest number of attacks since its inception in 2005
Nationwide Credit Card Failure Stokes Israeli Fears of Cyber-Attacks
Credit card transactions were stymied across Israel for much of Thursday. In the hours required to solve the problem, Israelis stood in line wondering whether to be just frustrated or both frustrated and a little uneasy. Security officials in Israel frequently warn that the country should expect a major cyber-attack. And readers who went online in hopes of seeing what was going on found, on the website of leading daily Haaretz, a story on the credit card problem immediately next to t: “Prepare for cyber-war, Iran’s supreme leader tells students.”
Thursday’s “glitch” turned out to be just that – a software problem reportedly caused by a faulty update that rendered the exchange rate for the U.S. dollar at zero, an amount that literally did not compute. The business journal Calcalist estimates the snafu cost 100,000 shekels ($28,500) a minute in lost business. But the only apparent harm to humans was long lines at supermarkets and gas stations among Israelis who—in the cash squeeze that forces many members of the middle class to survive on monthly bank drafts—routinely whip out a Visa card to pay for a cup of coffee.
Cybersecurity Update – January 24, 2014
The Department of Homeland Security’s Einstein 3 intrusion prevention system, launched last summer, raised the bar for security technology capable of operating at carrier-grade network levels, rather than just within the enterprise.
Einstein is a managed security service delivered through Internet service providers that serve executive-branch civilian agencies. Through a public-private collaboration, DHS provides custom signatures to federal agencies’ ISPs to block malicious traffic, both incoming and outgoing.
Last year, Edward Snowden turned over to the Guardian, a British newspaper, some 58,000 classified U.S. government documents. Just a fraction of the files have been made public, but they outline the National Security Agency’s massive information-collection system. They’ve thrown light onto the methods of an arm of the government used to working in the shadows and started an intense debate over national security and personal liberty. One of the earliest and most explosive revelations was the existence of Prism, a top-secret program giving the NSA direct access to the systems of Google, Facebook, and other U.S. Internet companies.
Snowden himself remains something of a mystery even as the U.S. government attempts to obtain his return from Russia, where he’s in hiding, and very possibly jail him for the rest of his life. As an infrastructure analyst for the NSA, he came to understand at a high level how information moves around the Internet. Snowden almost certainly relied on one very specific and powerful tool to cover his tracks. In photographs he’s often with his laptop, and on the cover of his computer, a sticker shows a purple and white onion: the “o” in the word “Tor.”
TENS OF millions of Americans were recently exposed to a rude shock: theft of their credit card numbers, names and, in some cases, phone numbers and e-mail addresses. They were simply shopping at Target stores and had no idea that when they swiped a credit card at the cash register, they turned over private information to thieves.
This ought not be viewed as just another bad shopping day in the digital age. The massive Target data breach and ones like it at other stores are warnings of a persistent and deepening cybertheft problem that needs to be confronted. Computer networks are vital to American capitalism and society, but they remain surprisingly vulnerable to thieves and hijackers. Law enforcement does not have the resources to stop them; the private sector is growing more aware
If you’ve been paying even the slightest bit of attention to cybersecurity, you know that the security of power grids is a top concern. It’s kind of a disturbing threat, given that almost every other critical infrastructure supporting modern life is dependent on keeping the juice flowing. Well bad news, cyber worrywarts. New research shows there’s even more for you to fret about.
A new study published by West Point’s Network Science Center (PDF) shows how hackers can cause blackouts by targeting a relative handful of small substations — the often-overlooked and poorly-defended parts of a power grid. The research, authored by Paulo Shakarian, Hansheng Lei and Roy Lindelauf and sponsored by the Army Research Office, argues that this kind of a strategy can cause a chain reaction of power overloading known a cascading failure.
A recent Pew poll found that Americans are more afraid of a cyber attack than they are of Iranian nuclear weapons, the rise of China or climate change. Such fears are not only out of proportion to risk; if they take hold, they could threaten the positive gains of the digital age.
Certainly there are growing threats in the cyber world, and the stakes are high. But there is also a high level of misinformation and plain old ignorance driving the fear. Despite the Internet now enabling us to run down the answers to almost any question, a number of myths have emerged about online security and what it means for us offline. The result is that some threats are overblown and overreacted to, while other quite legitimate ones are ignored..
A U.S. cybersecurity firm says it has gathered evidence that the Russian government spied on hundreds of American, European and Asian companies, the first time Moscow has been linked to cyber attacks for alleged economic – rather than political – gains.
According to the firm, CrowdStrike, the victims of the previously unreported cyber espionage campaign include energy and technology firms, some of which have lost valuable intellectual property.
Even as 2013 was marked by an unprecedented growth in malicious traffic, firms globally are grappling with a shortage of over a million cyber security professionals as they try to monitor and secure networks, a study by Cisco said.
According to the networking solutions major, overall vulnerability and threat levels reached their highest in 2013, ever since it began tracking in May 2000.
A cybercrime firm says it has uncovered at least six ongoing attacks at U.S. merchants whose credit card processing systems are infected with the same type of malicious software used to steal data from Target Corp.
Andrew Komarov, chief executive of the cybersecurity firm IntelCrawler, told Reuters that his company has alerted law enforcement, Visa Inc and intelligence teams at several large banks about the findings. He said payment card data was stolen in the attacks, though he didn’t know how much.
In news that will have computer security experts celebrating and shaking their heads, it seems that the most popular password is no longer ‘password’. It’s ‘123456’.
This is according to an annual survey from mobile software developers SplashData, who have collated a massive list of the most popular passwords used online from the data revealed by high profile hacks in 2013.
The main source for this year’s list was the cyberattack that hit Adobe in October, a hack that was originally thought to have targeted 2.9 million customers but was later revised to 38 million.
The Online Trust Alliance (OTA), the non-profit with the mission to enhance online trust, user empowerment and innovation, today recommended a series of best practices to help prevent online data breaches and other exploits, in collaboration with high-profile brands including American Greetings Interactive, AVG, Microsoft, Publishers Clearing House, Symantec and TRUSTe. These recommendations, released today in OTA’s 2014 Data Protection & Breach Readiness Guide, were accompanied by several eye-opening statistics.
Leveraging preliminary year-end data from the Open Security Foundation and the Privacy Rights Clearinghouse, the OTA estimated in its guide that over 740 million records were exposed in 2013, making it the worst year in terms of data breaches recorded to date. And yet, after analyzing approximately 500 breaches over the past year, the OTA determined that 89 percent of all breach incidents were avoidable had basic security controls and best practices been enforced.
Cyber security firm that fingered a Russian teen for the malware used to steal 70 million Target customers’ credit card numbers appears to be backing off, but not quite backing down.
Last week, California-based IntelCrawler named 17-year-old Sergey Tarasov as the kid behind the massive breach, saying he had “roots” in St. Petersburg and goes by the online nickname “ree4.” Tarasov was subsequently identified in numerous media reports. But in an update to its report released Monday, IntelCrawler said another author crafted the code, though it still accused Tarasov of playing a role in the breach.
Home automation, once relegated to the timing of porch lights, can now be used to control almost anything in the house.
From the kettle in your kitchen to the lock on your front door, nearly every item in the home can be connected to the internet.
Now, California-based security group, Proofpoint, has uncovered the first wide-scale hack involving television sets and at least one fridge
The global stage, India and Brazil continue to be markets of interest for businesses looking for growth opportunities, particularly in the tech sector. So it’s always interesting to hear about policy initiatives regarding technology and innovation in those countries. In India, the chief minister for the state of Gujarat and also prime ministerial hopeful Narendra Modi outlined his ICT industry vision for the country, while the Brazilian minister for science, technology and innovation (MCTI), Marco Antonio Raupp, announced Brazil’s technology policy priorities for 2014.
Both the Brazilian priorities and the Indian minister’s vision point to a focus on innovation related to cloud and internet, with a key attention to cybersecurity, public services, and public citizen empowerment. These are not very different to many emerging countries’ agendas, but in India and Brazil, these public statements demonstrate the higher place on the political agenda for technology and innovation.
PRO-ASSAD HACKTIVIST GROUP the Syrian Electronic Army (SEA) has hit Microsoft again and taken over one of its blogs.
Earlier the hacktivist group broke into Redmond email systems and Twitter accounts. Although Microsoft looked to have wrested back control last week, the group said that it was not done with the company. Last night it did what it promised and hit the firm again.
It hit the Microsoft Office blog first, and put a flag on it. After that the group began posting messages to Twitter that showed the reach of its access.
The story behind what may have been the biggest Internet failure in history involves an unlikely cast of characters, including a little-known company in a drab building in Wyoming and the world’s most elite army of Internet censors a continent away in China.
On Tuesday, most of China’s 500 million Internet users were unable to load websites for up to eight hours. Nearly every Chinese user and Internet company, including major services like Baidu and Sina.com, was affected.
Technology experts say China’s own Great Firewall — the country’s vast collection of censors and snooping technology used to control Internet traffic in and out of China — was most likely to blame, mistakenly redirecting the country’s traffic to several sites normally blocked inside China, some connected to a company based in the Wyoming building
Israel will take part in a cyber arms race with its enemies, but it’s not clear which attacks will be permissible in the legal regime that’s slowly taking shape, writes a former deputy military advocate general.
“Israel faces a complex and challenging period in which we can expect both a cyber arms race with the participation of state and non-state entities, and a massive battle between East and West over the character of the future legal regime,” writes Col. Sharon Afek in a study crafted as part of his research at the National Defense College.
Cybersecurity Update – January 10, 2014
In an effort to strengthen cybersecurity and protect consumers, Congresswoman Jackie Walorski co-sponsored the Health Exchange Security and Transparency Act (H.R. 3811) which requires the Department of Health and Human Services (HHS) to notify individuals if their personally identifiable information is stolen or unlawfully accessed through the health care exchanges. HealthCare.gov is currently highly susceptible to data breaches due to inadequate oversight and security.
“As Hoosiers attempt to enroll in the health care exchange, they deserve to know their most personal information is safe from identity theft and security breaches,” said Walorski. “Security measures for this national online health care program should have been the Administration’s top priority before opening enrollment. Passage of this straightforward bill will safeguard consumers, ensuring their personal information is adequately protected.”
Washington – Cyber-warfare is the most significant threat to the United States, say almost half the respondents, all leaders in the field of US national security, in a new poll, carried out by specialist defense publication Defense News.
Also in the poll, the first of its kind among those with responsibility for the nation’s security, respondents said leaks to The Washington Post and The Guardian newspapers by NSA whistle-blower Edward Snowden had, on the whole, shone a light on the debate concerning widespread surveillance.
Maryland lawmakers will look at the possibility of expanding a tax credit aimed at boosting jobs in the growing cybersecurity industry around the nation’s capital, House Speaker Michael E. Busch said.
Busch (D-Anne Arundel) said in an interview that a work group is due to submit recommen-dations soon on how to meet the growing demand for workers in the field. The task force is headed by William E. Kirwan, chancellor of the University System of Maryland, and Robert Hannon, a former head of the Anne Arundel County Economic Development Corp.
Maryland lawmakers approved a small tax credit last year for the industry.
Consensus is growing that the U.S. electricity grid is vulnerable to both hacking and physical attacks, but protecting it remains a work in progress—especially given the spending that would be necessary by financially stretched utilities.
The risks have heightened the calls for officials to address potential threats before they become reality. In November, the North American Energy Reliability Corp. staged a simulated attack on the grid; meanwhile, House Energy and Commerce Committee ranking member Rep. Henry Waxman, D.-Calif., flagged the grid as “not adequately protected” from either cyber or physical attacks at a hearing in December.
Even if a recommendation by the White House panel on electronic surveillance to have separate directors for the National Security Agency and the military’s Cyber Command is approved, the two agencies must still work closely together, intelligence analysts said Wednesday.
Currently both organizations are under an Army general, Keith Alexander, and are located together at Fort Meade, Md. In military parlance, Alexander is “dual-hatted.”
The two have separate missions, but the capabilities they need to do their jobs are similar. “Neither one can be successful without the other,” said Dickie George, a former NSA official.
The National Cybersecurity Center of Excellence (NCCoE) is inviting comments on a Partial Draft Request for Proposals (RFP) for a contractor to operate a Federally Funded Research and Development Center (FFRDC) to support the mission of the NCCoE. The FFRDC will be the first solely dedicated to enhancing the security of the nation’s information systems.
A NIST release reports that the NCCoE was established in partnership with the state of Maryland and Montgomery County in February 2012. The center is a public-private entity that helps businesses secure their data and digital infrastructure by bringing together experts from industry, government, and academia to find practical solutions for today’s most pressing cybersecurity needs.
Both hackers and antivirus makers were put on notice last week when two shining stars in the $67 billion worldwide cyber-security universe announced their merger. Milpitas, Calif.-based global network security company FireEye has acquired Washington, D.C.-based cyber-security firm Mandiant, which released a famous report last year about a Chinese military unit that allegedly pilfered data from at least 115 companies across major U.S. industries.
“There is an accelerating awareness that just wasn’t there a year ago,” FireEye CEO David G. DeWalt said in FT last week, citing NSA surveillance and Chinese hacking. “A lot of companies, organizations and governments said ‘look how pervasive these superpowers are in monitoring and stealing from these companies.’”
In a rapidly evolving security landscape, the next critical decision for many organizations is whether to deploy next-generation risk management solutions in the cloud or in traditional data centers. But disparities between operational and board level attitudes to cloud adoption could prolong this decision and heighten the cyber security threat.
Frontline operational staff and the boardroom have their eyes on different prizes. Board level decision makers tend to set objectives based on business agility. Operational teams are more interested in cost-efficiency. IT teams are focused on bulletproof security. A recent global survey conducted by NTT Com Security revealed disparities prior to cloud adoption hindering business and extending vulnerabilities.
Creating a cybersecurity policy is hard, largely because it’s so difficult to define success. A national cybersecurity initiative should define the goals we want to achieve and provide incentives for the private and public sector to cooperate. According to Matthew Cohen of NT OBJECTives, once that is done, the private sector can do what it does best: compete to provide the most robust and cost-effective solutions to the problem
One of the common themes across IT security, investment banking and finance is how to reduce risk. Now that President Obama has named cybersecurity a national defense issue, it’s important to review our nation’s security framework in a holistic manner. How can we reduce risk? What types of policies work? And what doesn’t work? Interestingly, we can examine our nation’s financial regulation, and the policies put in place to reduce monetary and investment risk, for some valid insights about what makes a good cybersecurity policy.
As we discuss the various costs of cybersecurity, this series comes to a close with cyber-insurance. It’s something many businesses have never considered or even heard of as little as five years ago. Today, cyber-insurance has been described as the next boom and one of the fastest growing segments in the insurance industry.
It makes sense. Cybercrime is booming as well, so it’s only natural that people will want to mitigate that risk. Throughout this series as we’ve discussed the rampant confusion, the easy low-level solutions, the approach of securing the breach, and the disaster that comes from a long-term breach, one theme emerges: a lot of good can be done to stop attackers, but you will never be 100 percent secure. That’s not something many business owners want to hear, and it’s a fear many insurance companies are willing to alleviate.
A deeper look by Cisco Systems into the cyberattack that infected Yahoo users with malware appears to show a link between the attack and a suspicious affiliate traffic-pushing scheme with roots in Ukraine.
Yahoo said on Sunday that European users were served malicious advertisements, or “malvertisements,” between Dec. 31 and last Saturday. If clicked, the advertisements directed users to websites that tried to install malicious software.
Cisco discovered that the malicious websites victims landed on are linked to hundreds of others that have been used in ongoing cyberattacks, said Jaeson Schultz, a threat research engineer.
As tablets and smartphones become increasingly integrated into our daily work and personal lives, cybercriminals are ramping up their efforts to attack mobile devices. And for small businesses, protecting mobile data is more important than ever.
McAfee Labs 2014 Predictions Report forecasts a rise in ransomware, in particular, as virtual currencies like Bitcoin gain popularity. The report also predicts that hackers and other online miscreants will continue to aggressively mine social networks for personal information in order to commit ID fraud or steal intellectual property.
Twenty-eight embassies in the capital city of Iran were affected by a brand new cyber-attack. Emails regarding the conflict in Syria included data-mining malware which no defenses had been programmed in to combat this sort of attack.
The virtual attack was executed during the month of November, according to a report by Japanese firm Trend Micro. Even though the report did not specifically point out which Middle Eastern nation the attack took place in, sources with insider knowledge suggest that it was Iran.
Iranian claims that hackers broke into servers belonging to the Israeli Airports Authority (IAA) and stole sensitive data including flight plans have been dismissed by a local security expert as part of a bogus attempt to conduct “psychological warfare”.
On Wednesday, the pro-Government FARS news agency quoted claims made by the shadowy Islamic Cyber Resistance Group (ICRG) on its website (not currently available) that it had breached iaa.gov.il servers for several months, extracting enough important data to, if the group so wished, crash aircraft in the care of the Authority’s system.
National regulatory authorities and electronic communications service providers should analyze the frequency and impact of network and service outages caused by power outages, the European Union’s cyber security agency said in a report released Tuesday.
The report by the Herkalion, Greece-based European Network and Information Security Agency also recommends that national regulatory authorities form liaisons with providers, energy regulators and other national regulatory authorities to “collect good practices that could be used to increase resilience against power cuts” to be considered as part of a cost-benefit analysis.
Cybersecurity came up so many times in 2013 that it was easy to miss how quickly and completely it became a central feature of how we think about U.S. foreign policy and national security. Partly, this was an inevitable result of technology becoming more pervasive. And partly it was just an extension of things that had begun in earlier years, such as the U.S. use of cyberattacks on the Iranian nuclear program, which started in 2010.
But there was something more than that. Cybersecurity was everywhere in 2013. It played an unusually significant role in big, important stories such as the U.S.-China relationship and the Syrian civil war. At times, it was the story: the rise of the “hack back” industry or, most famously, the revelations of National Security Agency snooping leaked by Edward Snowden. Countries are trying to figure out how to navigate a world in which hacking plays an increasingly important role — and so, for that matter, are regular Internet users around the world. You might say that 2013 was the year that cybersecurity became, like it or not, an enduring and major feature of foreign policy and national security writ large.
Cybersecurity Update – December 20, 2013
A top HealthCare.gov security officer told Congress there have been two, serious high-risk findings since the website’s launch, including one on Monday of this week, CBS News has learned.
Teresa Fryer, the chief information security officer for the Centers for Medicare and Medicaid Services (CMS), revealed the findings when she was interviewed Tuesday behind closed doors by House Oversight Committee officials. The security risks were not previously disclosed to members of Congress or the public. Obama administration officials have firmly insisted there’s no reason for any concern regarding the website’s security.
Some major Internet companies say the proposed privacy approach of the cybersecurity framework under development by the National Institute of Standards and Technology would be potentially burdensome, something that could discourage organizations from adopting it.
NIST is due to release a final draft of the framework in February, 12 months after President Obama called for its creation in executive order 13636.
This increase of funding for federal prisons could result in less money being available for other department priorities that were identified as top challenges by the Inspector General’s report, including cybersecurity as Internet access across the globe continues to increase.
The Director of National Intelligence’s March 2013 “Worldwide Threat Assessment of the U.S. Intelligence Community” emphasized the cybersecurity threat and the increased pace of attacks, with the Government Accountability Office reporting that federal agencies reported an average of more than 130 incidents per day during 2012. DOJ recognized this top challenge prior to the Inspector General’s report and made it a priority by requesting $668 million specifically for cybersecurity in 2014, an increase of 16 percent from 2013.
(ISC)² has issued a series of recommendations for the US government to consider in order to more effectively solve the cybersecurity workforce skills gap challenge.
The recommendations were delivered early this month directly to government officials at the White House, US Department of Homeland Security, US Department of Defense and National Institute of Standards and Technology, as well as members of academia and other influencers within the federal workforce community.
Even if a recommendation by the White House panel on electronic surveillance to have separate directors for the National Security Agency and the military’s Cyber Command is approved, the two agencies must still work closely together, intelligence analysts said Wednesday.
Currently both organizations are under an Army general, Keith Alexander, and are located together at Fort Meade, Md. In military parlance, Alexander is “dual-hatted.”
The two have separate missions, but the capabilities they need to do their jobs are similar. “Neither one can be successful without the other,” said Dickie George, a former NSA official.
With no overarching regulations or laws governing the cybersecurity practices of organizations, it can often be unclear what consumers should expect from those in possession of their data. Likewise, making sure technologies and policies adhere to the best practices of the industry can be difficult for businesses without experience in cybersecurity.
However in recent years, the Federal Trade Commission (FTC) has stepped up as an enforcement entity, holding corporations accountable when they are negligent with customer information. Now the FTC is hoping to become the official regulatory body for data security.
Dec. 11 –Leaders of the House Homeland Security Committee Dec. 11 introduced a bipartisan bill (H.R. 3696) to address cyberattacks on the nation’s banking system, energy pipelines, telecommunications networks and other “critical infrastructure.”
Information Sharing Programs
The National Cybersecurity and Critical Infrastructure Protection Act of 2013 would codify the Department of Homeland Security’s role as a central point for cyberthreat information sharing between the federal government and private sector, while prohibiting any new regulations from the agency.
The National Security Agency described for the first time a cataclysmic cyber threat it claims to have stopped On Sunday’s “60 Minutes.”
Called a BIOS attack, the exploit would have ruined, or “bricked,” computers across the country, causing untold damage to the national and even global economy.
Even more shocking, CBS goes as far as to point a finger directly at China for the plot — “While the NSA would not name the country behind it, cyber security experts briefed on the operation told us it was China.”
As millions of bargain-crazed customers swarmed through Target stores on Black Friday, one of the most audacious heists in retail history was quietly underway.
A band of cyberthieves pilfered credit and debit card information from the giant retailer’s customers with pinpoint efficiency as shoppers bought discounted sweaters and electronic gear on the unofficial launch of the holiday shopping season.
By the time the scheme was discovered, the unidentified hackers had made off with financial data of 40 million Target customers over a 21/2-week period. It ranks as one of the nation’s biggest retail cybercrimes on record.
The Washington Post announced that hackers had once again breached its network. This is at least the third intrusion into the newspaper’s network in the past three years, company officials said on Wednesday. In this latest cyber-attack the hackers were able to hack into the company’s servers and gain access to employee user names and passwords.
“This is an ongoing investigation, but we believe it was a few days at most,” said Post spokeswoman Kris Coratti.
The actual extent of the damage is unknown but the company has planned to ask all employees to change their usernames and passwords on the assumption that many or even all of them may have been compromised in this most recent attack, said the Post.
Peter Hancock, the chief executive officer of American International Group Inc. (AIG)’s property-casualty unit, says businesses have too little coverage to guard against costs tied to cyber attacks and data breaches.
“It’s a very real risk, and one that’s massively under-insured,” Hancock, 55, said today at a conference in New York held by National Underwriter. “Without greater awareness, there’s not much customer demand. Without much customer demand, the industry’s capacity is rather small. And without the large capacity, the customers say, ‘Why buy it?’”
Zurich Insurance Group AG (ZURN) and New York-based AIG are among carriers offering protection that helps pay for damage caused by hacking as well as fines and repair costs. Attacks against U.S. banks have knocked their websites offline and prevented customer access, and the Associated Press’s Twitter account was hacked this year to falsely report an explosion near the White House, temporarily triggering a plunge in U.S. stocks.
Last week, the American Hospital Association sent a letter to the National Institute of Standards and Technology urging the agency to ensure that its cybersecurity framework remains flexible and voluntary within the health care industry’s private sector, FierceHealthIT reports.
On Oct. 29, NIST opened a comment period on a proposed cybersecurity framework
Prisons around the world this year made way for techie criminals alongside the more garden variety murderers, thieves and schemers.
Here’s a rundown of those who got sent to the slammer this year for tech-related crimes (based on a compilation of reports from the IDG News Service and Network World’s other sister sites):
Group calling itself the Islamic Cyber Resistance says it stole the personal details of more than 2,000 top Israeli officers and Defense Ministry personnel; details of 1,000 Saudi officers also said to be taken.
An Iran-linked hacker group calling itself the Islamic Cyber Resistance claims it infiltrated the servers of the Israel Defense Forces earlier this week and extracted the personal details of top army officers.
Two Polish computer hackers who unleashed a cyber attack to blackmail an online casino business out of millions of pounds have been jailed.
Piotr Smirnow, 31 and Patryk Surmacki, 35, were described by their own defence has having embarked on a “bizarre, misconceived, naive and brazen attempt of blackmail”.
The pair pleaded guilty at a previous hearing to two charges each of blackmail and unauthorised acts on computers.
The threat of cyber attacks from both external and internal sources is growing daily. A denial of service, or DoS, attack is one of the most common. DoS have plagued defense, civilian and commercial networks over the years, but the way they are carried out is growing in complexity. If you thought your systems were engineered to defend against a DoS attack, you may want to take another look.
Denial of service attack evolution
A denial of service attack is a battle for computing resources between legitimate requests that a network and application infrastructure were designed for and illegitimate requests coming in solely to hinder the service provided or shut down the service altogether.
The Federal Election Commission was hit by a massive cyberattack hours after the government shutdown began, according to a report from the Center for Public Integrity. The CPI report claimed the Chinese were behind “the worst act of sabotage” in the agency’s 38-year history.
Three government officials involved in the investigation confirmed the attack to CPI, and the FEC acknowledged the incident in a statement. However, the CPI report did not explain why the officials believed China was involved, or provide any details of the network intrusion beyond the fact that attackers crashed several FEC computer systems. When asked for a statement, FEC referred Security Watch to the Department of Homeland Security and did not provide any information.
British Prime Minister David Cameron said on Tuesday an internal review had shown the government needed to enhance its oversight of a cyber security centre in southern England run by Chinese telecoms firm Huawei.
Huawei supplies software and equipment which channels phone calls and data around Britain, but has found itself at the centre of a debate, particularly in the United States, over whether it is a risk for governments to allow foreign suppliers access to their networks.
The British government ordered a review of Huawei’s cyber security centre in July after parliament’s intelligence committee said UK security checks were “insufficiently robust” when Huawei began working on the country’s network through contracts with companies such as BT in 2005.
Cybersecurity Update – December 6, 2013
A few blocks north of the state Capitol — in a secure, heavily fortified portion of a building constructed to withstand the force of an EF5 tornado — two state cyber security analysts and a network specialist sit around a circular pod of computer screens.
Eyes dart back and forth as they carefully monitor the activities on nearly 30,000 state computers — looking for trouble.
Quite a few familiar headlines cropped up this week, with Edward Snowden leaking yet more classifying documents detailing the NSA’s cyber-espionage operations. The latest reports indicate that the agency infiltrated tens of thousands of networks around the world using specialized hardware designed from the ground up to collect sensitive information.
A slide dated 2012 outlines the NSA’s use of “Computer Network Exploitation” or CNE throughout more than 50,000 locations worldwide, spanning 20 “Access Programs” and five continents. SiliconANGLE CyberSecurity Editor John Casaretto observed that the agency uses the same tactics employed by hacktivists and cyber criminals to operate digital sleeper cells that can be activated as needed to siphon information from infected end-points.
WICHITA, Kan. — A Wisconsin truck driver who joined a cyberattack on Wichita-based Koch Industries was sentenced Monday to two years’ probation and ordered to pay $183,000 in restitution for the onslaught that briefly took the company’s website offline.
Comprehensive cyber security legislation heated up, but never really came to a boil. It will probably stay on the back burner for a while. Yet a framework for the federal government’s approach to protecting the nation’s critical infrastructure from cyber threats has emerged.
Government’s effort to safeguard such things as the power grid, transportation, and nuclear facilities was broadly outlined back in February with two White House initiatives: Presidential Policy Directive 21, “Critical Infrastructure Security and Resilience,” and Executive Order 13636, “Improving Critical Infrastructure Cybersecurity.”
The Obama administration says its healthcare.gov website is much improved and far less crash-prone, but cybersecurity experts warn that using it is an invitation to hackers and identity thieves.
David Kennedy, a former NSA analyst whose company TrustedSec is hired by big companies to test the security of their computer systems, told CNBC that the Obamacare website is a worst-case online scenario.
The Department of Homeland Security has failed to follow many of its own cybersecurity policies, exposing the agency’s networks to unnecessary risks, according to federal auditors.
An inspector general’s report last month faulted the department for using outdated security controls and Internet connections that are not verified as trustworthy, as well as for not reviewing its “top secret” information systems for vulnerabilities.
Spending on cybersecurity from federal contracts will grow to $11.4 billion in 2018, according to a Deltek report released Wednesday. The amount projected is up from $9 billion over the 2013 calendar year, for an increase of almost 27 percent over the five year span.
The report, entitled Federal Information Security Market, FY 2013-2018, cites multiple initiatives to improve the cybersecurity of federal agencies, in a context of persistent threats, changing technology, and evolving policy.
The National Security Agency is gathering nearly 5 billion records a day on the whereabouts of cellphones around the world, according to top-secret documents and interviews with U.S. intelligence officials, enabling the agency to track the movements of individuals — and map their relationships — in ways that would have been previously unimaginable.
The records feed a vast database that stores information about the locations of at least hundreds of millions of devices, according to the officials and the documents, which were provided by former NSA contractor Edward Snowden. New projects created to analyze that data have provided the intelligence community with what amounts to a mass surveillance tool.
A U.S. senator has asked 20 automobile manufacturers how each plans to stave off wireless hacking attempts on vehicle computer systems, as well as prevent violations of driver privacy.
“I write to request information regarding your company’s protections against the threat of cyberattacks or unwarranted invasions of privacy related to the integration of wireless, navigation and other technologies into and with automobiles,” wrote Sen. Ed Markey, D-Mass, in a letter to Daniel Akerson, CEO of General Motors, on Monday (Dec. 2).
Just before Thanksgiving, the President’s Council of Advisors on Science and Technology (which has among its membership luminaries such as Eric Schmidt of Google and Shirley Ann Jackson, the President of Renssalaer Polytechnic Institute) issued a report on “Immediate Opportunities for Strengthening the Nation’s Cybersecurity.” Here’s the Executive Summary highlights (though the whole report is worth reading):
The administration is pushing to update federal acquisition regulations to incorporate cybersecurity standards into agency purchasing decisions, according to a top White House official.
J. Michael Daniel, White House cybersecurity coordinator, said Thursday at the 2013 SINET showcase in Washington that the use of cybersecurity standards in how agencies evaluate products and services is a “growing area.”
When critical information passes through international borders, the laws and practices protecting intellectual property from cyberhackers become murky to enforce.
In the U.S., pending legislation to beef up protections for companies that share cyberattack information with the government has been controversial. Add to that an international climate bereft of adequate enforcement and consistent IP protections and it makes for a corporate counsel’s nightmare, attorneys say.
Microsoft Security Blog recently published a series of whitepapers and videos designed to help companies better understand the risks posed by cyber threats.
Some of the papers cover potential adversaries to be aware of, targeted attacks, Pass-the-Hash (PtH) attacks, and best practices. The videos also offer techniques to mitigate threat and harm to vital networks. You can find the videos and the whitepapers here.
The Redmond, Washington-based company has released an advisory about a bug in its earlier version of operating systems Windows XP and Server 2003 that could allow hackers to take control of a computer. According to the advisory, hackers have aggressively exploited the zero-day vulnerability of these systems.
Behind every botnet, phishing scheme, malware infection, DDoS attack, and advanced persistent threat is a person or group of people. Their motives range from financial gain and revenge to political activism and national security, but their actions are similar — enter your network and either collect/manipulate data and/or damage your systems.
What does cyber security mean, what does it affect, why is it becoming critical, and what can you do about it? Those were some of the questions I addressed in a recent webcast on automotive cyber security, hosted by SAE International. I represented the software side of things and was accompanied by my hardware colleagues Richard Soja and Jeffrey Kelley, who work at Freescale and Infineon respectively.
Last month, Reuters reported how Edward Snowden obtained log-in data from 20 to 25 former co-workers in order to access parts of the classified material that he leaked later on.
The headline draws attention on the threat potential of social engineering, which TechRepublic called security’s weakest link. The online magazine quoted security researcher Aamir Lakhani saying that “[e]very time we include social engineering in our penetration tests we have a hundred percent success rate.”
Digital privacy services such as encrypted e-mail, secure instant messaging, and services that provide hard-to-track IP addresses are enjoying a surge in demand as individuals and businesses seek to protect information from spies and hackers in the wake of the National Security Agency’s (NSA) surveillance program revelations. These services promise security, but may also slow down computer performance. Moreover, they are not likely to deter those who are determined to hack into a particular computer network.
A comprehensive cyber incident response plan will include the ability to access “a network of experts” to help address the variety of issues businesses could encounter following a breach of their IT infrastructure security, an expert has said.
JPMorgan Chase & Co is warning some 465,000 holders of prepaid cash cards issued by the bank that their personal information may have been accessed by hackers who attacked its network in July.
The cards were issued for corporations to pay employees and for government agencies to issue tax refunds, unemployment compensation and other benefits.
About 2 million accounts at popular social networking and other websites, including Facebook, Twitter, Google, Yahoo and LinkedIn, have been breached since Oct. 21, according to a Chicago-based cyber security firm.
Trustwave, which first reported the breach on its SpiderLabs blog, told CNN the breaches include 1,580,000 website logins and 320,000 email account credentials stolen, in addition to other account information.
Australia – The research paper, to be presented at a cyber security conference in Perth, reveals how researchers discovered the government information amongst a “treasure trove” of confidential material on the discarded memory sticks.
New Delhi: Besides PCs and mobile phones, internet-connected devices like smart TVs, routers and security cameras are also now vulnerable to attacks from cyber criminals, security software provider Symantec today said.
With millions of devices now connecting to the Internet and in many cases, running embedded operating systems like Android, these devices are becoming a magnet for cyber criminals to hack into, Symantec Director, Technology Sales(India and SAARC), Tarun Kaura told PTI.
Cyber criminals tried to steal passwords of corporate and individual customers of Punjab National Bank (PNB) last week, global cyber security firm Websense said.
California-based Websense, which provides protection against cyber attacks and data theft, said it was able to block the intrusion, which involved a phishing attack.
The computing infrastructure of UK banks and markets have come under attack in the past six months, revealing vulnerabilities that could potentially lead to “significant” losses across the banking industry, the Bank of England (BoE) has revealed.
The disclosure appeared in the bank’s Financial Stability Report, in a section titled “Short-term risks to financial stability”. The attacks, which appear not to have been previously disclosed outside of the financial sector, caused disruption to banking services, according to the report.
BANGALORE, INDIA: The average cost of multimedia files that a user might lose from a device as a result of a cyber attack or other damage is estimated at $418, according to this year’s Consumer Security Risks Survey, conducted by B2B International and Kaspersky Lab.
Many of these losses could be prevented, but after users purchase digital content they often fail to take appropriate steps to ensure that content is secure.
Israel and Saudi Arabia have been accused of plotting a Stuxnet-style attack to sabotage Iran’s nuclear programme.
According to an unnamed Saudi source cited by Iran’s semi-official Fars News Agency, the erstwhile enemies were set to team up to stage a massive cyber attack to cripple Iran’s nuclear capabilities.
European Union leaders will call for more coordination on cyber security and unmanned aircraft when they meet in Brussels this month, according to a Dec. 2 draft of summit conclusions.
The EU will step up its efforts to ward off hacking of public and private websites, to protect European troops on peacekeeping missions and to fight child pornography. The Dec. 19-20 summit will endorse calls by EU foreign policy chief Catherine Ashton for a “cyber defense framework” in 2014, the document said. It made no reference to allegations by former National Security Agency contractor Edward Snowden that the U.S. monitored German Chancellor Angela Merkel’s mobile phone.
The Committee on Assessing the Dangers of the Israeli Telecom Towers Directed Toward Lebanese Territory reported to the Parliament of Lebanon that Israel is waging “cyber war” on the nation, according to Press TV.
Data streams from US financial companies and foreign governments sent out over the Internet are being rerouted by computer hackers – diverted to overseas locations where they can be spied upon or altered, then shot along to their expected destination with barely a delay and nobody the wiser, cyber-security experts say.
Russian cyber security company Kaspersky Lab listed their take on the year’s top security stories on Monday. And two quick takeaways: the cloud is dead, encryption services will come back strong.
No surprise, the IT firm led by the charismatic Eugene Kaspersky put cyber espionage on the top of their list. This year saw a steady flow of blockbuster news about U.S. spy agencies eavesdropping on their political buddies from Brazil to Germany. Even secure governments have lost their privacy.
The European Union has taken steps to beef up cybersecurity in 2013, approving new rules to outlaw NSA surveillance tactics and codifying a new set of boundaries for what qualifies as personally identifiable information (PII).
But when will the EU put those rules into effect? Only after they are signed into law by each of the EU’s member states… which is taking a lot longer than initially expected and could drag well into 2014.
Prime Minister David Cameron raised the issue in talks with Chinese prime minister Li Keqiang during his visit to the far eastern giant, which has long been the focus of allegations about illicit use of cyberspace.
The PM said that Britain and China should work together on making the internet function properly to drive the economy forward without undermining privacy or security.
Cybersecurity Update – November 27, 2013
WASHINGTON: The US government itself seldom follows the best cybersecurity practices and must drop its old operating systems and unsecured browsers as it tries to push the private sector to tighten its practices, technology advisers told President Barack Obama.
“The federal government rarely follows accepted best practices,” the President’s Council of Advisors on Science and Technology said in a report released on Friday.
I am loosely affiliated with a couple of different organizations that are able to provide me with information about government issued cybersecurity reports that have restricted distribution markings on them; not classified just a variety of sensitive but unclassified markings. Of course, part of the condition of my receipt of copies of this is that I am not able to publicly disclose the information contained in those reports. So, the following discussion will be a tad bit vague as I describe a disturbing trend in such information sharing activities.
We all know that US-CERT provides a limited distribution web site where adequately vetted members of the various affected private sector organizations (this does not include me) can get up-to-date unclassified information about trends and issues in the cybersecurity realm. ICS-CERT has a portion of that portal that they use to discuss vulnerabilities in control systems and attacks on those systems that they don’t want widely disseminated so as to not allow control system adversaries to know what we know about their activities. This also includes information about specific vulnerabilities and fixes for those vulnerabilities that are being disseminated to system owners that will subsequently be publicly released on the ICS-CERT web site.
We may all know in a general sense that the security of information we share online cannot be guaranteed – but that doesn’t stop us, or private business or government, from putting sensitive data online. The hope is that security will hold up against hackers, but in fact, cyberattacks are a growing security threat. David Hamon advises the U.S. government about that threat.
National policies regarding cybersecurity can have a positive or negative effect on global trade efforts, says Allan Friedman, research director of the Brookings Institution’s Center for Technology Innovation.
Take, for example, a congressional report from 2012, which recommends that government systems, particularly sensitive IT systems, refrain from using equipment and component parts manufactured by two Chinese companies, Huawei and ZTE, the world’s largest and fifth-largest telecom equipment makers, respectively (see House Panel: 2 Chinese Firms Pose IT Security Risks).
Cyber-attacks, not terrorist ones, will be the greater threat in the coming years to the United States, according to federal officials at three agencies charged with protecting the nation.
At a recent hearing of the Senate homeland security and government affairs committee, the heads of the Federal Bureau of Investigation (FBI), Department of Homeland Security (DHS) and National Counterterrorism Center (NCTC) told lawmakers that cyber-attacks were likely to surpass terrorism as a domestic danger over the next decade.
The creators of the cybersecurity framework will soon begin writing the final version of the guide to information security best practices aimed at helping the operators of the nation’s critical infrastructure secure their information assets (see: Obama, CEOs Meet on Cybersecurity Framework).
But calling it a “final version” is misleading. True, the IT security experts at the National Institute of Standards and Technology, who are shepherding the drafting of the cybersecurity framework, expect to make the Feb. 13 deadline imposed by President Obama. But Adam Sedgewick, the NIST official overseeing the cybersecurity framework, characterizes it as a living document that will be revised over the years as new cyberthreats appear and new ways to mitigate those threats emerge.
Whispers. The secret to predicting the future is to listen for the whisper.
By the time you’ve heard things in a loud, clear voice they have already come true. I’ve been listening to the whispers in 2013 and have a pretty good idea for what we’ll be hearing loud and clear in 2014.
At a time when the nation’s infrastructure faces a growing threat from cyber-attacks, maritime and homeland security officials say they are making significant progress in protecting the nation’s ports, which handle more than 2 billion metric tons of cargo annually and are critical to the global economy.
“It’s finally picking up speed,” said Randy Parsons, director of security at the Port of Long Beach, during the Port Security Operations Conference & Expo held Nov. 19-21 at the Hilton Long Beach & Executive Meeting Center. “A lot of time and effort have been put into this by the private sector, as well as the government agencies — the FBI in particular and the U.S. Secret Service. I’ve seen a major shift in just the last 12 months.”
Despite the rise of cloud computing and increased corporate interest in outsourced infrastructure and managed services, the enterprise network remains a complex beast to manage– and it is only going to become more so as demand for bandwidth, capacity and real-time access to business tools and applications continues to grow.
Nothing embodies this complexity as much as the challenge of securing the network. In an age of bring your own device (BYOD), holding cyber criminals, viruses and emerging threats at bay is a constant thorn in the side of the network manager. Given that no two networks are the same, the opportunity for the channel to provide customers with solutions that can be tailored to their specific circumstances, and a range of associated consultancy services, is considerable.
According to market analyst Gartner, the global security and services market will be worth $67.2bn by the end of this year – up from $61.8bn in 2012. By 2016 it will breach the $86bn barrier.
DOVER — Rolling blackouts, widespread power outages, damaged infrastructure and hijacked substations.
These were just some of the scenarios that bulk-power companies throughout North America were dealt in a recent 48-hour mock security exercise known as GridEx II.
Only the second exercise of its kind, GridEx II went live on Nov. 13 and 14 and tasked over 1,800 electricity subsector agencies with responding to both cyber and physical mock emergencies. The drill, which is hosted by the North American Electric Reliability Cooperation, is intended to explore both strengths and weaknesses in the bulk-power system and determine how prepared the country is for both cyber and physical attacks on its grid.
The traditional model of building a strong-room around the company crown jewels is certainly no longer sufficient to deal with the types of threats that have emerged more recently. Indeed over-reliance on systems that protect against one type of threat can lead to complacency. The modern cyber-attacker will work around the target’s defences, concentrating on areas of weakness including systems, software and – above all – people.
Criminals have upped their game – sometimes aided and abetted by states themselves. It is now widely acknowledged that the Stuxnet and Flame advanced persistent threats (APTs) were developed with US state backing. Russia, China and Iran are also enthusiastic players with much to gain from attacking governments and multinational businesses, and the UK government is hardly innocent in this regard either.
SPOKANE COUNTY, Wash.– Rosauers is asking its customers to pay with cash or check while its owners, URM Stores, work to clear up a recent cyber attack.
Customers are receiving hand outs that say Rosauers had their payment processing system attacked.
Secret Service agents are investigating dozens of fraudulent credit card purchases being made across the U.S.
The advent of “open” computer architectures and standard protocols has been a mixed blessing for the automation industry. On one hand, the evolution from isolated proprietary applications to open technology has expanded business information availability, yet it has also exposed the industry automation control systems to a host of cyber attacks that have made electronic security a major concern.
But then, this does not stop at the private sector; government organisations and process industries are equally vulnerable to cyber attacks. In the recent past, we have seen several incidents that have created mayhem in organisations, whether it is Rocra – a stealth cyber attack that targets government, diplomatic, public research institutions, nuclear research, aerospace and oil and gas companies – or the Stuxnet computer worm – which destroyed 2,000 centrifuges at an Iranian facility in Natanz and infected Indian computers located at critical infrastructure facilities.
The CEO of Symantec says intellectual property theft is a greater cyber security threat than cyber war and malicious attacks from hackers.
Steve Bennett said western firms had been orchestrating cyber attacks to steal intellectual property, resulting in potentially dangerous consequences for the global economy.
Bennett said companies and governments should share more data about attackers because they’re losing a war against ‘black hat’ hackers.
(Reuters) – Adobe Systems Inc said it is taking longer than expected to warn customers about a massive data breach that compromised data on tens of millions of people, leaving some in the dark 10 weeks after the attack was discovered.
That puts those who have yet to be alerted at increased risk of cyber-scams and identity theft, because part of the massive trove of data stolen from Adobe is circulating on the Internet.
There is a perception within IT circles that cybersecurity threats against critical infrastructure like smart grids are a problem waiting to happen — but not right away. The reality is much more dire. Last year alone, there were a number of sophisticated attacks, and they should offer a wakeup call for the power industry.
According to figures from Department of Homeland Security’s Industrial Control Systems Computer Emergency Response Team (ICS-CERT), 41% of incidents reported and investigated by the agency last year were related to the energy industry.
MUSCAT The Sultanate has been ranked first among Arab countries in the Global Cybersecurity Index. The ranking by International Telecommunication Union (ITU) and ABI Research looks at how measuring each nation’s level of cybersecurity development.
INDONESIAN hackers have attempted to infiltrate and close down the Liberal Party’s website in a series of retaliatory attacks over the phone-tapping scandal.
An aggressive cyber-attack was launched against the party’s national IT system but was successfully blocked yesterday morning. The source was traced to Indonesia.
While the party’s website and IT systems are regularly victims of attempted cyber intrusion – mainly from Chinese sources – it is believed to be the first time such activity has emanated from Indonesia.
Copenhagen-based Bips is one of the largest bitcoin exchanges in Europe. The company says it was the target of a co-ordinated attack by Russian cyber-criminals last week.
“Several consumer wallets have been compromised and Bips will be contacting the affected users,” says the company in a statement on its Website. “As a consequence Bips will temporarily close down the wallet initiative to focus on real-time merchant processing business which does not include storing of Bitcoins.”
KYIV, Ukraine — Watchdog groups here are warning that the consolidation of media in the hands of a few of the country’s wealthiest businessmen connected to President Viktor Yanukovych is stifling free speech and depressing media pluralism.
They also say a so-called black PR campaign is damaging the reputations of the most influential journalists and independent news outlets, and that the two efforts are part of a single grand scheme.
Experts blame the government, which they say is concerned about criticism ahead of a presidential election in 2015, when Yanukovych will attempt to solidify his grip on power.
Racing Post has revealed that its website was hit by a “sophisticated, sustained and aggressive attack” over the weekend in which one of its databases containing customer information was accessed.
In a post on Racingpost.com the firm admitted that reams of other information could have been accessed. “The information at risk from the database that was compromised will vary in the case of each customer, depending on how much information you gave us when you registered,” it said.
On the whole, Australians have embraced the benefits of the digital economy with great enthusiasm. When it comes to new means of communication, we can even be considered early adopters. We have 130 per cent mobile phone penetration, or 1.3 phones per person on average. A recent report by Frost and Sullivan (Australian Mobile Usage Trends 2013) showed tablet PCs more than doubling to 50 per cent in 2012 with no signs of abating. In the first six months of this year, 2.6 million tablet PCs were sold.
The European Union Agency for Network and Information Security (ENISA) has recommended that the European Union (EU) develop a unified strategy for government cloud in order to enable member countries to securely deploy government clouds.
KHOBAR, Saudi Arabia (Reuters) – Saudi state oil company Saudi Aramco said on Tuesday it had shut some of its computers for an upgrade and denied it had suffered a cyber attack similar to one it experienced last year.
Posts earlier on the Twitter social network said some or all of Aramco’s computers were down, possibly because of a cyber attack.
Following an advisory by the Indian Computer Emergency Response Team (CERT), the Petroleum and Natural Gas Ministry has alerted all the heads of oil marketing companies (OMCs) about the possibility of cyber attacks.
Many of the UK’s largest companies are failing to take computer security into account in their decision making, warns the government.
A survey conducted by the Department for Business, Innovation and Skills reveals that only 14 per cent of FTSE 350 firms are regularly considering cyber threats, despite the increasingly high level of online crime.
The Harper government has been raked over the coals for not providing leadership on cyberthreats to Canadian enterprises and citizens by an academic who specializes in international security.
It is “increasingly baffling” that Ottawa continues to say terrorism is the greatest threat to the country when there is clear evidence that online threats are more important, Wesley Wark, visiting professor at the University of Ottawa’s graduate school of public affairs said Tuesday at the Technicity conference in Toronto.
NATO on Tuesday launched its largest-ever cyber exercises to practise warding off massive, simultaneous attacks on member states and their partners.
Based at the alliance’s cyber defence centre in EU member Estonia, the exercises will last three days and include participants in over 30 European states.
The Time is Right for The International Cybersecurity Dialogue
Dan Lohrmann, Michigan Chief Security Officer (CSO); Deputy Director for Cybersecurity and Infrastructure Protection
Ever since I became Michigan’s first Chief Information Security Officer (CISO) in 2002, I have noticed a disturbing gap between front line users, security technologists and many senior policy makers. What can I suggest in the way of a solution? Enter: “The International Cybersecurity Dialogue (ICD).”
Ever since I became Michigan’s first Chief Information Security Officer (CISO) in 2002, I have noticed a disturbing gap between front line users, security technologists and many senior policy makers. While both public and private sector executives around the globe readily acknowledge the need for various cybersecurity actions in order to safeguard sensitive information and protect critical infrastructure under their control, many misunderstandings still exist between those on the front lines who use or run the networks and those who allocate the resources and/or set policies. This disunity is being exploited by those who are attacking us in cyberspace.
In my opinion, this cyber gap has been more pronounced in some companies, states and national governments than in others. For example, our Michigan Governor Rick Snyder has a background as CEO of Gateway Computers and he clearly “gets it” when it comes to technology innovation and the cybersecurity risks we face. He has taken strong action to address technology infrastructure improvements as well as improve cyber-awareness and defense. Yes, we still have a long, long way to go here; nevertheless, security colleagues around the country tell me that Michigan tends to be an exception in 2012. And we are not an island.
I believe that this global cyber gap is one of the reasons for the lack of action in Washington D.C. (and elsewhere around the world) regarding cybersecurity legislation or other cyberdefense actions. To be sure, partisan politics are a part of our challenge. However, I have talked with many experts (off the record) who say that they quietly fear that no real change will occur in cyber defense in the USA (or any other nation) until some major incident occurs. Really? Are we just waiting for an inevitable “Cyber Pearl Harbor?” Do we need losses on cyber crime to reach a higher percentage of GDP before we say “enough.” I hope not.
No doubt, there have been numerous “cybersecurity call to action” decrees from various authors, state government associations, cyber summits, international student groups, various commissions, and more. Indeed, we now have a cyber summit (or two) every week. This has become the new normal, and few in society even pay attention to urgent Internet decrees or cyber proclamations. At a local level, some companies and governments have responded aggressively after a major cyber breach, and there is an overall sense of cooperation amongst various Information Sharing & Analysis Centers and public / private partnerships with law enforcement leaders.
However, we continue to be outgunned and losing more cyber battles every day. Clearly, other issues such as health care and global debt crowd-out cybersecurity on the political agenda, but why the constant lack of significant progress? More than that, our weaknesses go beyond legislation or government action and require every business and home in America to pay attention – which seems almost impossible. Even in places where things are going well, the task of protecting data and individuals in cyberspace seems daunting.
While I am an optimist who believes that we will eventually get through this lull in significant cyber action, I do sense quite a bit of discouragement and denial in our professional ranks right now. I speak with CSOs, CISOs and security experts all around the world who feel like we are treading water and not progressing. We’re dealing with attitudes and stereotypes of our profession that somehow prevent progress for fear of either “Big Brother,” a loss of customers, too much security or too little privacy or something else.
What new steps can to be taken? Is there a “pragmatic middle” in our space? Are there small steps we can all agree on? How can we truly build more trust? I know that there are global cybersecurity agendas and United Nations groups that are meeting on standards and a level of cooperation on cyber crimes. Still, there is a growing group of people that believe that bottom-up change needs to occur that encourages dialogue amongst industry executives, academics and IT pragmatists in a trusted setting.
What can I suggest in the way of a solution?
Enter: “The International Cybersecurity Dialogue (ICD).” This is a new non-profit group which is lead by two people who I respect and trust in our profession: Anne Bader and Richard Stiennon. Over the past year, I have been very impressed with the approach taken by Anne and Richard, and I have participated in several international discussions with other experts in the security field who are also involved. Both of these experienced professionals want to dedicate the next few years to advancing our public and private protections via trusted relationships that can cut through traditional barriers. Events and meetings will encourage dialogue around the world regarding core issues that must be addressed and steps to help make conversations meaningful.
Here’s an excerpt from the ICD website:
“The International Cybersecurity Dialogue program includes roundtables, expert briefings, assessment visits, a closing forum and two reports. Meetings and interviews will be off the record as appropriate. Reports, commentary and assessments will be presented through the ICD Forum. Our leadership core group comprises public and private experts in defense, law, finance, energy, telecommunications, transport, insurance, ethics and legislation from US, UK, Estonia, Singapore and Israel. Towards the end of this period, we will expand to other international partners such as Hungary, India, Brazil, Panama, Germany, France, and Australia.”
There is more I will report on this topic, along with opportunities to engage in the coming year, but I wanted to get this topic out into the public and hear feedback on this new group. As an advisor to this group, I look forward to new opportunities to exchange ideas and learn from others in different settings. We need to engage the entire ecosystem to come up with new answers moving forward.
As Richard Stiennon and Anne C. Bader say on the new website: “We believe that national policies and laws governing the new cyber domain must be made with the public and private sector technologists who create and manage the networks and systems.”
No, this will not solve all our problems. Yes, this is another group to engage with at a time that most of us our too busy. Nevertheless, I am encouraged by my interactions with these colleagues from around the world. The group is planning interactive events that truly encourage dialogue, idea sharing and action. The website offers opportunities to partner and engage others who care about cybersecurity from other cultures. There is also contact information for those who want to learn more.
I believe we need this new international cybersecurity dialogue.
Do you agree?
Originally posted July 2, 2012 on CSO Security and Risk Blogs by Dan Lohrmann on Lohrmann on GovSpace.
Overcoming “That’s Silly”
There is a gaping void between the vast community of security technologists and policy makers who are only newly aware of security threats. When confronted with the early efforts of legislators and policy makers who are attempting to address challenges presented by a rapidly changing threat environment a security technologist invariably responds with “that’s silly”. So silly in fact that they dismiss the policy makers out of hand. This leads to an environment where the policy makers are meeting, discussing, and formulating policy without the input from those best positioned to understand the problem and with the understanding to suggest solutions that will work.
The International Cybersecurity Dialogue (ICD) seeks to address that void by orchestrating a continuing series of forums where policy makers and technologists can come together to better understand each other. The purpose is to make lasting connections between those that understand technology and those that formulate and implement policy for governments, agencies, and international bodies.
Creating a mutual understanding
Through multi-day meetings held at sites around the world, conducive to collaborative thinking, the ICD will introduce policy makers to the technologists responsible for securing and maintaining the Internet, developing tools to counter threats, and dissecting malware and attack methodologies. While one outcome will be better informed policy makers and an understanding of policy challenges on the part of the geeks, the initial benefits will be:
Policy makers will be exposed to the alien minds of geeks who live and breathe IT security. They will come to appreciate the brilliant people who understand the threats and vulnerabilities down to the code and packet level.
Technologists will begin to understand the life and work of policy makers who are tasked with addressing complex issues of governance, international treaties, and working relationships with counterparts throughout government.
The goal is to get technologists beyond “that’s silly” and for policy makers to realize that there is an existing community of very smart people who have been thinking about security issues for decades.
Facilitating lasting connections
A primary purpose of ICD meetings will be to create connections between the two parties; connections that are lasting and lead to better understanding of the common problem both groups, geeks and wonks, face.
When confronted with a new issue or even a crisis during a new attack on government or the development of a new threat, policy makers will know who to call. They will have key security experts in their speed dial settings. They will know how to email, chat, or even join an IRC channel to engage the experts and get the guidance they need to understand the issue and formulate a response.
Technologists will have an open path to those addressing issues that could harm or improve the operation of networks and computing infrastructure.
The critical time for calling on these connections is during a crisis, perceived or real. Over and over we have seen crisis situations escalate rapidly due to lack of knowledge, understanding, and communication. Policy makers are familiar with the need for open communication between governments during international crises. Through the ICD they will come to appreciate the same need during Internet outages, wide spread attacks, or newly spreading worms.
The International Cybersecurity Dialogue
This initiative is a non-profit international organization with no policy of legislative agenda. Its purpose is to bridge the void between technologists and policy makers. Through events, meetings, and online forums the ICD will build lasting connections between those that architect and understand modern technology solutions and those that formulate public policy.