Showing posts with label cybersecurity. Show all posts
Showing posts with label cybersecurity. Show all posts

Wednesday, January 16, 2013

Iran Has Enhanced It's Cyber Capabilities

Photo: General William Shelton, Current Commander, Air Force Space Command. Wikipedia

Iran Strengthened Cyber Capabilities After Stuxnet: U.S. General -- Reuters

(Reuters) - Iran responded to a 2010 cyber attack on its nuclear facilities by beefing up its own cyber capabilities, and will be a "force to be reckoned with" in the future, a senior U.S. Air Force official told reporters on Thursday.

General William Shelton, who heads Air Force Space Command and oversees the Air Force's cyber operations, declined to comment about Iran's ability to disrupt U.S. government computer networks, but said Tehran had clearly increased its efforts in that arena after the 2010 incident.

While no government has taken responsibility for the Stuxnet computer virus that destroyed centrifuges at Iran's Natanz uranium enrichment facility, it was widely reported to have been a U.S.-Israeli project.  

Read more ....  

Update #1: Iran’s Cyber Threat Potential Great, U.S. General Says -- Bloomberg  
Update #2: Iran beefed up cyber capabilities after Stuxnet: US general -- NBC  

My Comment: I guess this explains why U.S. banks are now worried about their own cyber security.

Monday, January 7, 2013

U.S. Nuclear Weapons Lab Removes Suspicious Chinese Tech From Their Computers

Los Alamos National Laboratory. (Credit: Los Alamos National Laboratory)

Exclusive: U.S. Nuclear Lab Removes Chinese Tech Over Security Fears -- Reuters

A leading U.S. nuclear weapons laboratory recently discovered its computer systems contained some Chinese-made network switches and replaced at least two components because of national security concerns, a document shows. A letter from the Los Alamos National Laboratory in New Mexico, dated November 5, 2012, states that the research facility had installed devices made by H3C Technologies Co, based in Hangzhou, China, according to a copy seen by Reuters. H3C began as a joint venture between China's Huawei Technologies Co and 3Com Corp, a U.S. tech firm, and was once called Huawei-3Com. Hewlett Packard Co acquired the firm in 2010.  

Read more ....

More News On Los Alomos Removing Chinese Tech because Of National Security Concerns

Huawei gear discovered, removed from U.S. nuclear lab -- ZDNet
Chinese computer parts replaced at U.S. nuke lab -- CBS
A U.S. Nuclear Lab Removed Chinese Tech Due to a National Security Risk -- Gizmodo
US nuclear lab drops China-made tech – report -- Information Age
Los Alamos To Rip Out Chinese Networking Gear For Security Concerns -- CRN  

Update: Spy fears lead nuke lab to dump gear from HP unit, not Huawei -- CNet

Thursday, August 2, 2012

Cybersecurity Bill Fails In The US Senate

Cybersecurity Bill Fails In Senate -- Washington Post

A bill establishing security standards to prevent large-scale cyberattacks on the nation’s critical infrastructure — including water supplies and the electrical grid — failed in the U.S. Senate on Thursday despite strong endorsements from top military and national security officials.

Senators voted 52 to 46 in favor of the bill, coming up short of the two-thirds majority necessary to advance it to final passage. The failure to pass the measure further stalls years of bipartisan efforts to establish stricter security standards and, experts say, could leave the nation vulnerable to widespread hacking or a serious cyberattack.

Read more ....

More News On The Failure Of The US Cybersecurity Bill

Cyber-security measure fails to pass in Senate -- L.A. Times
Senate fails to approve cybersecurity legislation -- Bloomberg Businessweek
Cybersecurity Bill Is Blocked in Senate by G.O.P. Filibuster -- New York Times
Hopes fade for new U.S. cybersecurity law in 2012 -- Reuters
US Senate blocks Obama-backed cybersecurity bill -- AFP
Political infighting blocks Senate passage of cybersecurity bill despite dire warnings -- Christian Science Monitor
Despite Threat of ‘Cyber 9/11′, Lawmakers Punt Cyber Security Bill -- ABC News
Senators hold out hope that cybersecurity bill can be revived -- The Hill

Sunday, July 22, 2012

A Look At One Of The World's Top Cyber Sleuths

Eugene Kaspersky

Russia’s Top Cyber Sleuth Foils US Spies, Helps Kremlin Pals -- Danger Room

It’s early February in Cancun, Mexico. A group of 60 or so financial analysts, reporters, diplomats, and cybersecurity specialists shake off the previous night’s tequila and file into a ballroom at the Ritz-Carlton hotel. At the front of the room, a giant screen shows a globe targeted by crosshairs. Cancun is in the center of the bull’s-eye.

A ruddy-faced, unshaven man bounds onstage. Wearing a wrinkled white polo shirt with a pair of red sunglasses perched on his head, he looks more like a beach bum who’s lost his way than a business executive. In fact, he’s one of Russia’s richest men—the CEO of what is arguably the most important Internet security company in the world. His name is Eugene Kaspersky, and he paid for almost everyone in the audience to come here. “Buenos dias,” he says in a throaty Russian accent, as he apologizes for missing the previous night’s boozy activities. Over the past 72 hours, Kaspersky explains, he flew from Mexico to Germany and back to take part in another conference. “Kissinger, McCain, presidents, government ministers” were all there, he says. “I have panel. Left of me, minister of defense of Italy. Right of me, former head of CIA. I’m like, ‘Whoa, colleagues.’”

Read more
....

My Comment: Eugene Kaspersky also has a great blog .... it is here.

Wednesday, April 18, 2012

A Digital Pearl Harbor Is A Real Possibility



Ex-FBI Cyberexpert: Potential For Digital Pearl Harbor Is Real -- CNET

Shawn Henry talks to CNET about why he left public service and joined a private-sector firm, and he predicts that we will see an attack on critical infrastructure that has physical consequences.

After 24 years with the FBI, Shawn Henry retired late last month from his post as executive assistant director of the Criminal, Cyber, Response, and Service Branch of the agency. Today, he announced that he will be working for security startup CrowdStrike.

In a phone interview with CNET today, Henry discusses what he thinks are the biggest cybersecurity threats facing the country and why the bad guys always seem to be one step ahead.

Read more ....

Update:
Several nations trying to penetrate U.S. cyber-networks, says ex-FBI official -- Washington Post

My Comment: Shawn Henry is in the business .... and he is right .... a digital Pearl Harbor is a real possibility, and one that will probably hit us in some distant future.

Thursday, November 3, 2011

U.S. Singles Out China And Russia For Conducting Cyberespionage

A cybersecurity analyst works in a watch and warning center at a Department of Homeland Security cybersecurity defense lab at the Idaho National Laboratory, in September, in Idaho Falls, Idaho. Jim Urquhart/Reuters

US Names Names – China And Russia – In Detailing Cyberespionage -- Christian Science Monitor

China, in particular, was fingered for massive ongoing cyberespionage against US companies in an alleged effort to gather the technological insights needed to make its economy more competitive.

Using blunt language, a new report by the Office of the National Counterintelligence Executive singles out China and Russia for cyber economic espionage, saying they are fast-growing threats to US economic and national security. In the past, the US government had largely refrained from naming specific countries as sources of cyberespionage.

Read more ....



More News On Who Is Conducting Cyberespionage

U.S. cyber espionage report names China and Russia as main culprits -- Washington Post
China, Russia Top List Of U.S. Economic Cyberspies -- NPR
U.S. blames China, Russia for cyber espionage -- Reuters
US: Russia, China stealing online from US companies -- BBC
US Report Cites Growing Economic Cyber Espionage -- Voice of America
U.S. Calls Out China and Russia for Cyber Espionage Costing Billions -- FOX News
US report accuses China, Russia of cyber-espionage to help build their own economies -- Chicago Tribune/AP
Report: China, Russia Top Culprits in Cyber Espionage -- National Journal
Report Says China, Russia ‘Aggressive’ Cybercrime Sponsors -- Epoch Times
China's cyberwar capabilities 'fairly limited,' says expert -- MSNBC
US points finger at China, Russia over cyber spying -- AFP
U.S. Intelligence Report Calls China World's Biggest Cyber Thief -- SFGate/Bloomberg
US Official Singles Out China, Russia on Cyber-Spying -- ABC News
China, Russia called out as cyberspy hotbeds -- The Register
Cyber-espionage attempts on US businesses are on rise -- Ars Technica
Russia and China accused of cyber espionage -- TG Daily
US Report Warns of Russia, China Cyber Spying -- PC World
Russia, China 'aggressive' cyberspies, U.S. report frets -- CNET

CSN Editor: The full report from the Office of the National Counterintelligence Executive to Congress titled "Foreign Spies Stealing U.S. Economic Secrets in Cyberspace" can be read here.

Thursday, July 7, 2011

A Separate Internet Could Curb Cyber Threats

The U.S. Navy Cyber Defense Operations Command The U.S. military and intelligence arms are already defending the nation from cyber attacks. DARPA hopes to give them another tool.

Former CIA Chief: A Separate Internet Could Curb Cyber Threats -- Popular Science

To combat cyber attacks, the U.S. may need more than new cyber defenses. It might need a whole new piece of Internet infrastructure. So says former CIA director Michael Hayden, who served under President G.W. Bush, and he’s not the only one. Several lawmakers and the current Cyber Command chief Gen. Keith Alexander are toying with the notion of creating a “.secure” domain where Fourth Amendment rights to privacy are voluntarily foregone in order to keep that corner of the Internet free of cyber criminals.

Read more ....

My Comment: We are going down this pathway, and while setting up the infrastructure for a separate but secure will be expensive .... the alternative of letting everything continue as is may end up being even more pricey.

Tuesday, September 7, 2010

U.N. Exec: Cyberwar Could Be Worse Than Tsunami

ITU Secretary-General Hamdoun Toure'. (Credit: UN)

From ZDNet:

International cyberwar would be "worse than a tsunami" and should be averted by a global cybersecurity peace treaty, according to the head of the International Telecommunications Union.

Hamadoun Touré, who has been secretary-general of the UN agency since 1999 and is up for reelection in a few weeks' time, has targeted cybersecurity issues in his electoral pledges. Speaking at a London roundtable on Thursday, he said he had proposed such a treaty this year, but it had met "a lot of resistance" from industrialised nations.

Read more ....

My Comment: Will governments bound themselves to international conventions when it comes to cyber security and cyberwar .... hmmmm .... I have my doubts. But some in the UN are optimistic that something can be done .... and will try to establish a framework in which countries must abide to and respect. My prediction, most countries will eventually sign on, but the usual suspects (i.e. North Korea, Iran, some former Soviet Union states, etc.) will not.

Friday, September 3, 2010

DARPA's Cyber Insider Threat Program Is The Agency's Great Hope For Ending Leaks

Protecting Military Networks Thinking about WikiLeaking? Think again. U.S. Navy

From Popular Science:

The recent WikiLeaks exposure was a huge black eye for the U.S. Department of Defense, supposedly one of the more secure state organizations we have working for us. Its impact clearly wasn’t lost on the Pentagon, whose blue sky research arm has launched a new project designed to ferret out malicious behavior on DoD networks. Named CINDER – Cyber INsiDER Threat – the project is designed not to sniff out people, but adversarial actions as they happen.

Read more ....

My Comment: I am skeptical that such a program will be successful .... but hey .... Darpa has surprised us on many occasions and should not be underestimated.

Tuesday, April 13, 2010

Take From ATM Malware Caper Exceeded $200,000


From Threat Level:

A Bank of America worker who installed malicious software on his employer’s ATMs was able to siphon at least $200,000 from the hacked machines before he was caught, according to a plea agreement he entered with prosecutors last week.

Rodney Reed Caverly, 37, was a member of the bank’s IT staff when he installed the malware, which instructed the machines to dispense free cash without creating a record of the transaction. The Charlotte, North Carolina, man made fraudulent withdrawals over a seven-month period ending in October 2009, according to prosecutors, who’ve charged him with one count of computer fraud.

Read more ....

Wednesday, March 24, 2010

Inside A Global Cybercrime Ring

U.S. Federal Trade Commission investigators Sheryl Novick (L) and Martha Vera look at images (top half of monitors) as part of their investigation of the scareware company Innovative Marketing Ukraine (IMU) in the FTC internet lab in Washington March 22, 2010. Credit: REUTERS/Molly Riley

From Reuters:

(Reuters) - Hundreds of computer geeks, most of them students putting themselves through college, crammed into three floors of an office building in an industrial section of Ukraine's capital Kiev, churning out code at a frenzied pace. They were creating some of the world's most pernicious, and profitable, computer viruses.

According to court documents, former employees and investigators, a receptionist greeted visitors at the door of the company, known as Innovative Marketing Ukraine. Communications cables lay jumbled on the floor and a small coffee maker sat on the desk of one worker.

Read more ....

My Comment: A good chunk of my family (on my father's side) lives in the Ukraine. One of my cousin .... a software programmer, worked for a few months in such a company. Apparently the pay was great, and the people who he worked with were fun. I only learned about this later, because if I had learned about when he was working there, I would probably have gone down to his house and beat him over the head for being stupid enough to be affiliated with such criminals.

Because of my work in managing computer networks, I have had more than my share in tackling these vicious viruses. I have lost tons of information, and worse .... megaloads of my life in cleaning up the mess that such attacks always produced.

This Reuters article is a good one in outlining the problems and obstacles that need to be overcome to stop this type of cyber crime. This is a must read for all geeks, and for the individual user who has been a victim of this type of attack.

Tuesday, March 23, 2010

Norton Ranks Riskiest Cities For Cybercrime

(Credit: Symantec)

From CNET News:

You may want to start keeping a closer eye on where you click if you live in Seattle.

Among 50 U.S. cities studied for their vulnerability to cybercrime, Seattle came out on top as the riskiest place, followed by Boston, Washington, D.C., and San Francisco, according to the report "Norton's Top 10 Riskiest Online Cities," released Monday.

Read more ....

Sunday, March 7, 2010

What Cyberwar?

Tic-Tac-Toe's Not On The List! via PC Museum

U.S. Cybersecurity Czar Says "There Is No Cyberwar" -- Popular Science

Howard Schmidt wants U.S. cybersecurity efforts to refocus on education, information sharing, and better defense systems

Obama's new cybersecurity czar doesn't much like the term "cyberwar," calling it a "terrible metaphor" and a "terrible concept." But just in case his dislike of the term didn't get through, Howard Schmidt flat-out stated that "there is no cyberwar" during a Wired interview at the RSA Security Conference in San Francisco.

Read more ....

Saturday, March 6, 2010

The Growing Cyberterrorism Threat


FBI Director Warns Of 'Rapidly Expanding' Cyberterrorism Threat -- Washington Post

SAN FRANCISCO -- FBI Director Robert S. Mueller III warned Thursday that the cyberterrorism threat is "real and . . . rapidly expanding."

Terrorists have shown "a clear interest" in pursuing hacking skills, he told thousands of security professionals at the RSA Conference in San Francisco. "They will either train their own recruits or hire outsiders, with an eye toward combining physical attacks with cyberattacks," he said.

Read more ....

More News on The FBI's Concerns Over Cyberterrorism

FBI director warns of growing cyber threat -- Reuters
Mueller to Cybersecurity Experts: The FBI Wants You -- Tech News World
Mueller: cyberterrorism threat is real -- Federal News Radio
FBI Director on cyber threats: We can't do it alone -- ZDNet
Finger Pointing Begins In Cyber Attack Wars -- 24/7WallSt

Thursday, March 4, 2010

Microsoft Exec Pitches Internet Usage Tax To Pay Or Cybersecurity Programs

From The Hill:

A top Microsoft executive on Tuesday suggested a broad Internet tax to help defray the costs associated with computer security breaches and vast Internet attacks, according to reports.

Speaking at a security conference in San Francisco, Microsoft Vice President for Trustworthy Computing Scott Charney pitched the Web usage fee as one way to subsidize efforts to combat emerging cyber threats -- a costly venture, he said, but one that had vast community benefits.

Read more ....

What Is The “Einstein” Cyber Shield?

Cybersecurity Chief Howard Schmidt said he wants the U.S. to become "stronger through stronger technology." Lawrence Jackson/White House

Details of “Einstein” Cyber Shield Disclosed by White House -- Wall Street Journal

The Obama administration lifted the veil Tuesday on a highly-secretive set of policies to defend the U.S. from cyber attacks.

It was an open secret that the National Security Agency was bolstering a Homeland Security program to detect and respond to cyber attacks on government systems, but a summary of that program declassified Tuesday provides more details of NSA’s role in a Homeland program known as Einstein.

Read more ....

More News On The “Einstein” Cyber Shield

The Comprehensive National Cybersecurity Initiative -- National Security Council/The White House
US lifts lid on top secret plan for internet security -- BBC
U.S. Declassifies Part of Secret Cybersecurity Plan -- Threat Level
Monitoring federal networks, global supply chain part of cyber initiative -- Next Gov.
Few details in White House summary of cyber plan -- AP
White House Declassifies Description of National Cyber-Security Program -- Government Security
US intros Einstein plan to defend its cyberspace -- Tech Eye
Obama's cybersecurity chief opens CNCI 'Einstein 3' kimono -- Computer World
Details of American super-secret cyber warfare defences known as 'Einstein' -- Download Squad

Friday, February 26, 2010

Microsoft Battles Cyber Criminals


From The Wall Street Journal:

Microsoft Corp. launched a novel legal assault to take down a global network of PCs suspected of spreading spam and harmful computer code, adding what the company believes could become a potent weapon in the battle against cyber criminals.

But security experts say it isn't yet clear how effective Microsoft's approach will be, while online rights groups warn that the activities of innocent computer users could be inadvertently disrupted.

Read more ....

Wednesday, February 24, 2010

Experts Warn Of Catastrophy From Cyberattacks

Photo: Vice Admiral Michael McConnell, who works for Booz Allen Hamilton and used to be director of national security and intelligence for the U.S. government. (Credit: U.S. Senate)

Experts Warn Of Catastrophy From Cyberattacks -- CNET

Computer-based network attacks are slowly bleeding U.S. businesses of revenue and market advantage, while the government faces the prospect of losing in an all-out cyberwar, experts told Senators in a hearing on Tuesday.

Read more ....

Wednesday, February 17, 2010

US Networks And Power Grid Under (Mock) Cyber-Attack

Under attack (Image: James Schnepf / Getty)

From New Scientist:

Unknown hackers have taken out US cellphone networks in an ongoing cyber-attack that will soon knock out parts of the nation's electricity grid – say the officials who helped plan today's mock assault on the nation's defences.

The 3-hour event began at 10 am EST (3 pm GMT) and will quickly escalate from cellphone networks to attack the US power supply by taking advantage of vulnerabilities in smart grid technologies, says Matthew Stern, head of cyber accounts for defence contractor General Dynamics.

Read more ....

Friday, February 12, 2010

Cyber Warriors

From The Atlantic:

When will China emerge as a military threat to the U.S.? In most respects the answer is: not anytime soon—China doesn’t even contemplate a time it might challenge America directly. But one significant threat already exists: cyberwar. Attacks—not just from China but from Russia and elsewhere—on America’s electronic networks cost millions of dollars and could in the extreme cause the collapse of financial life, the halt of most manufacturing systems, and the evaporation of all the data and knowledge stored on the Internet.

Read more ....

My Comment: I was captivated immediately when I started to read this article .... my background is also in internet security (or finding the weak spots in a network), and I have been going to China since the mid 1980s.

Bottom line .... I completely concur with the observations and conclusions from this author. I could have written the same piece .... but kudos to James Fallows .... he is a better writer than I am.