CI Centre DICE Briefings
CI Centre Home Training DICE Briefings Speakers Bureau Podcasts SpyTrek CI Centre Store
Spy Cases Articles Books Videos News Archive Resources CI Timeline

Site Map

About Us

FAQs

Staff

Contact Us

Mailing List

Required Reading

Watch a 30-minute online version of an important NEW documentary:

The Third Jihad: Radical Islam's Vision for America

 

Cyber Security News

 

November 2008

 

China’s Cyber Spies - Hacker Army Infiltrating Us

In the last few weeks, the media have been filled with reports of Chinese cyber spies penetrating the computer networks of both presidential campaigns and even the White House, reading unclassified, but clearly privileged, e-mails. Unfortunately, that's only the beginning of it. No surprise that the Chinese would be interested in what's being said in the White House, even the non-secret stuff. White House staffers have access to plenty of information that would be of interest to the chaps in Zhongnanhai (the Chinese leadership compound). For instance, Beijing would be especially keen to read the chitchat about the financial crisis and how Washington planned to act on it. In fact, such information could've led to China's decision to prime its own pump with nearly $600 billion in stimulus this week … China's hacker army is also targeting American industry for espionage, especially the defense industry, where new weapons systems and top-of-the-line defense technology are at the center of the bull's eye.  Hey, why spend billions of dollars and years to develop a sophisticated weapons system when you can steal data on it with a few keystrokes on a laptop and an Internet connection?... Since traditional espionage can be tough in a foreign country (recruiting a spy to pinch information can be expensive, difficult and politically risky), the Chinese have turned to cyberspace. This makes it difficult, if not impossible, to determine who's picked your pocket, providing plausible deniability to the cyber spook. Spies cover their electronic tracks by routing their penetration through any number of surrogate servers around the world, making finger-pointing difficult.  Not surprisingly, the amount of industrial cyber espionage is grossly underreported, as firms fret over acknowledging that their intellectual property - the crown-jewels of their efforts - has been "exfiltrated."…….(New York Post, 12 Nov 08)

 

Web Hosting Firm Shuttered After Connection to Spammers is Exposed

The gleaming, state-of-the-art, 30-story office tower in downtown San Jose, Calif., hardly looks like the staging ground for a full-scale cyber crime offensive against America. But security experts say a relatively small Web hosting firm at that location is home to servers that help manage the distribution of the majority of the world's junk e-mail.  The servers are owned by McColo Corp, a Web hosting company that has emerged as a major U.S. base of operations for a host of international cyber-crime syndicates, involved in everything from the remote management of millions of compromised PCs to the sale of counterfeit pharmaceuticals and designer goods, fake security products and child pornography.  Multiple security researchers have recently published data naming McColo as a mother ship for all of the top robot networks or "botnets," which are vast collections of hacked computers that are networked together to blast out spam or attack others online.  Joe Stewart, director of malware research for Atlanta based SecureWorks, said that these known criminal botnets: "Mega-D," "Srizbi," "Pushdo,""Rustock" and "Warezov," have their master servers hosted at McColo. …..(Washington Post, 12 Nov 08)

 

IG: Sensitive information at airport at risk

The Homeland Security Department is putting sensitive information at risk by security weaknesses in its computer systems at Los Angeles International Airport, according to a new report from DHS Inspector General Richard Skinner.  U.S. Customs and Border Protection and three other DHS agencies that operate at the airport are lax on their information technology security for servers, routers, and switches operating at the airport, the report issued Nov. 7 said.  The report identifies the other agencies falling short as the Coast Guard, Immigration and Customs Enforcement and the Transportation Security Administration.  The information technology security controls implemented at this site have deficiencies that, if exploited, could result in the loss of confidentiality, integrity and availability of their information technology systems,” the GAO report states. “Specifically, these components need to improve their physical security operational controls for telecommunications equipment and servers.”…..(FCW, 11 Nov 08)

 

Obama Team Targeted by Chinese, Russian Hackers

…recent news that Chinese and Russian hackers recently hacked the computer systems of president-elect Barack Obama -- unfortunately, they also infiltrated John McCain's system, too.  The news appears much more serious than it sounds. These aren't your average basement-dwelling nogoodniks, but instead are reportedly sophisticated hackers that may even represent government elements in both China and Russia.  The news stunned the Obama campaign. According to reports, the FBI and Secret Service recently visited the Democrats to tell them that their system was under attack. An FBI agent was quoted by American Newsweek as saying, "You have been compromised, and a serious amount of files have been loaded off your system." (Source: timesonline.co.uk)  Little has been confirmed on who was really behind the attack, but Newsweek reports there is enough evidence to suspect the Russians and Chinese were behind it. According to the magazine, Obama's 'technical experts' are fairly certain the groups responsible for the attack, which the FBI reported also targeted McCain's camp, are from the two powerful rivals……(IT World, 11 Nov 08)

 

British critical infrastructure companies at high risk from cyber-attacks

Secure Computing has warned British critical infrastructure companies that they are at high risk from cyber-attacks.  It has specifically warned power grid, water supply, railways and nuclear energy plants to be vigilant, as research shows that the industry is not investing in security to protect its infrastructure due to budget constraints caused by the credit crunch.  Research showed that 84 per cent of more than 100 employees in the critical infrastructure industry felt that companies were not doing enough to provide protection with one in four predicting an attack in the next three months. Whilst 37 per cent stated they expected to be attacked in the next two years.  Meanwhile 65 per cent of respondents stated insider threats were a big problem for their organization, but that they had no way to deal with this.  Mike Smart, senior product manager at Secure Computing, said: “If anything the current economic climate should mean companies invest more in security because the consequences of a data breach could mean complete business meltdown…..(SC Magazine, 10 Nov 08)

 

Hackers cracked McCain and Obama networks

Foreign hackers infiltrated the networks of John McCain and Barack Obama during the US presidential campaign, according to reports.  CNN and Newsweek cited sources within both camps as reporting that hackers from an undisclosed foreign location targeted each network over the summer in an attempt to acquire information.  The report did not specify which group or nation was responsible for the attacks, but the target appears to be documents outlining the candidates' policy proposals.  The information would reportedly have been used in future policy negotiations with the winning candidate.  Following the attacks both camps reportedly hired outside consultants to seal up any security flaws, and the FBI and Secret Service are both said to be investigating the incidents.  Hacking for political reasons has emerged in recent years as a companion to traditional espionage. In 2007, Chinese government officials were accused of hacking government sites in the US, France, Germany and the UK.  Russian nationalists have also been thought to use cyber-attacks to supplement their political efforts. In the midst of conflicts with Estonia and Georgia, Russian hackers were said to be masterminding attacks on government and social infrastructure sites….(VNU Net, 7 Nov 08)

 

Obama, McCain Campaign Computers Hacked

In a case of political espionage, an unknown "foreign entity" had hacked the entire computer systems of the US presidential candidate Barack Obama this summer, triggering an FBI probe.  The Obama campaign's computers were attacked by a virus. The Democratic campaign's technical experts spotted it and took standard precautions, such as putting in a firewall.  At first, the campaign figured it was a routine "phishing" attack, using common methods. However, the FBI and the Secret Service thought otherwise and notified the Obama campaign that they had been the target of sophisticated "foreign cyber-espionage," Newsweek reported.  "You have a problem way bigger than what you understand," an FBI agent told the campaign. "You have been compromised, and a serious amount of files have been loaded off your system."… The official would not say which "foreign entity," but indicated that US intelligence believed that both campaigns had been the target of political espionage by some country or foreign organisation that wanted to look at the evolution of the Obama and McCain camps on policy issues, information that might be useful in any negotiations with a future Obama or McCain administration.  "There was no suggestion that terrorists were involved; technical experts hired by the Obama campaign speculated that the hackers were Russian or Chinese," the Newsweek said.  The FBI assured the Obama team that it had not been hacked by its political opponents……(Times of India, 7 Nov 08)

 

Data breach threat rising, warns expert

Data breaches are happening frequently and a significant amount of volatile data is often lost, says Forensic Restitution MD Dave Oswald.  The breaches include industrial espionage, accounts-payable scams, deposit scams and credit card and debit card fraud.  Oswald adds that, once a company has a data breach, it usually takes months to discover that there is a problem or criminal compromise, and weeks before it is corrected.  “It only takes a few hours from initial access of criminal activity until the data compromise occurs,” he says.  Most fraudsters accessing systems are, 90% of the time, within the organization, owing to weak control systems, companies using platforms where data are not regularly updated, industrial espionage and disgruntled staff, and fraud and corruption…….(Engineering News, 7 Nov 08)

 

Express Scripts reports extortion over data breach

Express Scripts Inc <ESRX.O> said on Thursday it received an extortion letter threatening to expose millions of patient records and warned of a "potential large data breach."  The letter, which was sent to the pharmacy benefit manager in early October from "an unknown person or persons," contained information on 75 Express Scripts customers, including names, dates of birth, social security numbers and, in some cases, prescription information.  The large U.S. pharmacy benefit manager would be the latest company to face a major data breach in recent years, following discount retailer TJX Cos <TJX.N> and Bank of New York Mellon Corp <BK.N> among others.  Express Scripts said it immediately notified the Federal Bureau of Investigation, which is investigating, and it notified the customers named in the letter last week…..(Reuters, 6 Nov 08)

 

Express Scripts receives extortion threat

Express Scripts said Thursday it has received a letter demanding money from the company under the threat of exposing records of millions of patients.  The threat was made in an anonymous letter that the company turned over to federal investigators. The letter, received in early October, included personal information on 75 people covered by Express Scripts, including birth dates, social security numbers and prescription information.  Express manages prescription benefits for roughly 50 million people through thousands of clients, including health insurers, employers and union-sponsored plans.  A company spokesman said Express waited to reveal the breach "to give the investigation time to proceed and get under way."…..(AP, 6 Nov 08)

 

The Unreported War

Cyber Wars are already underway, but the practitioners are doing it covertly, lest there is a conventional counterattack. Nuclear weapons have kept the major nations from going to war with each other for the past half century. That will probably continue. But Cyber War provides an opportunity to fight an anonymous war against another nation, without leading to physical violence on a large scale. But only if your don't make the target nation really, really mad. This is a delicate balancing act.  This has been done in the past, largely by quietly supporting opposition or terrorist groups in enemy nations. The key here is hiding your tracks. The earliest signs of this was the highly damaging Code Red virus of 2001, which apparently came from China. The origin of the virus was traced back to China, but China denied any responsibility and got away with it……(Strategy Page, 6 Nov 08)

 

Nigerian hacks into NASA website

Authorities of the National Aeronautics and Space Agency (NASA) in the United States of America are battling to unravel the mystery behind the unauthorised access to the agency’s highly impervious and secured site by a Nigerian internet hacker based in Oshodi, a Lagos suburb.  The National Aeronautics and Space Agency (NASA) is a strategic institution responsible for developing, planning and implementation of America’s space exploration.  Although details and formula deployed by the young Nigerian to beat the American intelligence network were not fully disclosed, an operative of the Economic and Financial Crimes Commission (EFCC), Mr Abdulkadir Chukor, who spoke on behalf of the agency’s Director of Operation, Mr Tunde Ogunsakin, at a meeting in Lagos, said the US authorities were so miffed at the discovery that an urgent press conference was convened by them to clarify some grey areas relating to the matter.  The cyber criminal who was subsequently arrested by the EFCC, following a distress call from NASA, is presently cooling his heels in jail, having bagged 18 years jail term for his misdeed…..(Daily Sun, 5 Nov 08)

 

'Black box' will store all traffic on Net

FEARS were growing today over government plans to store details of all internet traffic in the UK using new "black box" technology.  Home Office officials have told senior telecommunications figures of proposals to use the Interception Modernization Program to retain raw data of every phone call, email and internet visit, which would be transferred to a database controlled by the Government. The information would be used to fight terrorism and serious crime.  Further details of the database emerged at a meeting on Monday between Home Office officials and internet service providers including BT, AOL Europe, O2 and BSkyB.  A source close to the meeting said: "They said they only wanted to return to a position they were in before the emergence of internet communication, when they were able to monitor all correspondence with a police suspect. The difference is they will be in a much better position to spy on many more people on the basis of their internet behavior."  Ministers say they do not intend to introduce equipment to check or hold the content of phone calls or emails…..(This is London, 5 Nov 08)

 

Partnering for Cyberspace Security

In two recent speeches that have attracted little notice, Donald Kerr, principal deputy director of national intelligence, has called for a radical new relationship between government and the private sector to counter what he called the "malicious activity in cyberspace [that] is a growing threat to everyone."  Kerr said the most serious challenge to the nation's economy and security is protecting the intellectual property of government and the private sector that is the basis for advancements in science and technology.  "I have a deep concern . . . that the intelligence community has still not properly aligned its response to what I would call this period of amazing innovation -- the 'technological Wild West' -- by grasping the full range of opportunities and threats that technology provides to us," he said at the annual symposium of the Association for Intelligence Officers on Oct. 24…..(Washington Post, 3 Nov 08)

 

 

October 2008

 

UK business facing major cyber espionage attacks

The computer systems of utility companies and large financial firms are continually being probed by thieves wanting to steal information, a UK security expert has warned.  Industrial espionage probes are being waged on companies that provide the Britain's national infrastructure and on similar organizations across Europe, delegates at RSA Europe 2008 heard.  Mark Oram, head of information security knowledge department at the government-backed Centre for the Protection of National Infrastructure (CPNI), said the instances of political, economic and technical spying were more common than cyber-terrorism attacks.  "We see frequent attacks on organizations for the purpose of intellectual property theft that we would not obviously classify as an attack on infrastructure," he said.  "The use of cyber techniques is relatively easy, cheap and low risk in terms of being caught,"…..(Computer World, 31 Oct 08)

 

FISMA bill could add $150 million to agencies' costs

An information security bill in the Senate could add $150 million annually to agencies’ current expenses if it became law, a government report issued today estimates.  The Federal Information Security Management Act of 2008 (S. 3474), approved Oct. 1 by the Senate Homeland Security and Governmental Affairs Committee, would require agencies to perform additional audits and evaluations of the government’s information systems.
Based on information from the Office of Management and Budget and other agencies, the Congressional Budget Office estimated the new requirements would add two percent to three percent to current FISMA expenses, according to its report.  Agencies spent nearly $6 billion in fiscal 2007 on requirements related to FISMA……(FCW, 30 Oct 08)

 

Stark warning over cyber attacks on UK businesses

Sustained cyber espionage attacks are being waged on companies that play a key role in the U.K. national infrastructure, a U.K. cyber defense chief has warned.  The computer systems of critical businesses in the United Kingdom, such as power companies and large financial institutions, are being repeatedly probed to steal information or uncover weaknesses that could take them down.  That was the warning from Mark Oram, head of the threat and infosec knowledge department at the Center for the Protection of National Infrastructure (CPNI)--the security service tasked with protecting key government and private organizations in the United Kingdom… The report from the European Network and Information Security Agency recommends prompt reaction on reported incidents, collaboration between public and private stakeholders and development of a national strategy for information sharing and responsibilities for different parts of the network.  In the United States, the Department of Homeland Security National Cybersecurity Division has tripled its budget to US$350 million over the past two years to upgrade security systems protecting critical civilian networks and build up its U.S.-Cert emergency response team……(ZDNet, 30 Oct 08)

 

Homeland Security man defends security record

An under-secretary at the US Department of Homeland Security (DHS) Tuesday called for continuity of a concerted approach to protection of national protection, regardless of the identity of the country's next President.  "We've basically tripled [DHS headcount] from '07 to '09 in cyber-security," said Robert Jamison of the National Protection and Programs Directorate, in an interview at the RSA Conference Europe in London. "We're ramping up our staffing dramatically and I definitely think it's moving in the right direction," he said, adding it was a challenge to recruit, develop and retain the right skillset.  The DHS was recruiting not only specialists in malware, trend analysis, penetration testing and security best-practices but was also attempting to "get creative about where we have to recruit talent", including building relationships with universities…..(Computer World, 28 Oct 08)

 

Alarm raised on teenage hackers

Increasing numbers of teenagers are starting to dabble in hi-tech crime, say experts. Computer security professionals say many net forums are populated by teenagers swapping credit card numbers, phishing kits and hacking tips.  The poor technical skills of many young hackers means they are very likely to get caught and arrested, they say.  Youth workers added that any teenager getting a criminal record would be putting their future at risk… Many post videos of what they have done to sites such as YouTube and sign on with the same alias used to hack a site, run a phishing attack or write a web exploit……(BBC, 27 Oct 08)

 

Hackers' mind-set: They've done nothing wrong

Albert Gonzalez appeared to be a reformed hacker. But the onetime government informant was a central character in what Justice Department officials claim was an international cybercrime syndicate that ripped off tens of millions of credit and debit card numbers from large U.S. retailers.  Irving Jose Escobar seemed nothing more than a tough Miami kid with a long rap sheet. Yet last year, he pleaded guilty to his role in a multimillion-dollar scam in Florida tied to Gonzalez's exploit.  What they shared, based on indictments in their separate cases, are key roles in the massive cyberheist at TJX, parent of retailers T.J. Maxx and Marshalls, and the credit card scams that resulted. First disclosed by TJX in January 2007, it is believed to be the largest such theft.  It is unclear whether Gonzalez and Escobar know each other. But each was involved in different scams tied to TJX, according to their respective indictments. The divergent sagas of the hacker Gonzalez and streetwise Escobar represent bookends of the vast digital crime. According to psychiatrists, hackers and computer-security experts, they represent the vanguard of cybercrooks: young, misguided males who rationalize that they've done nothing wrong.  Through his digital crime spree, according to the indictment, Gonzalez amassed more than $1.65 million — including about $22,500 in cash — a condo in Miami, a BMW 330i and a stash of high-tech equipment, including laptops and a cellphone…Profile of cybercriminals - Many cybercrooks are young men in the U.S. and Eastern Europe who think they're doing the system a favor by exposing flaws and have no qualms about opportunities to exploit rich Westerners, according to police, researchers and hackers.  Their motivation is "money, money, money," says Dan Kaminsky, director of penetration testing for security firm IOActive, who in July discovered a huge vulnerability in the Internet's design that lets cybercrooks silently redirect traffic to websites under their control..…..(USA Today, 27 Oct 08)

 

Spy Fears: Twitter Terrorists, Cell Phone Jihadists

Could Twitter become terrorists' newest killer app? A draft Army intelligence report, making its way through spy circles, thinks the miniature messaging software could be used as an effective tool for coordinating militant attacks.   For years, American analysts have been concerned that militants would take advantage of commercial hardware and software to help plan and carry out their strikes. Everything from online games to remote-controlled toys to social network sites to garage door openers has been fingered as possible tools for mayhem…The report is roughly divided into two halves. The first is based mostly on chatter from Al-Qaeda-affiliated online forums. One Islamic extremist site discusses, for example, the benefits of "using a mobile phone camera to monitor the enemy and its mechanisms." Another focuses on the benefits of the Nokia 6210 Navigator, and how its GPS utilities could be used for "marksmanship, border crossings, and in concealment of supplies."

Such software could allow jihadists to pick their way across multiple routes, identifying terrain features as they go. A third extremist forum recommends the installation of voice-modification software to conceal one's identity when making calls. Excerpts from a fourth site show cell phone wallpapers that wannabe jihadists can use to express their affinity for radicalism…..(ABC, 27 Oct 08)

 

U.S. Army warns of Twittering terrorists

The U.S. intelligence community is concerned that terrorists might use micro-blogging tool Twitter to coordinate attacks, according to a purported draft Army intelligence report posted on the Web.   The report--present by the 304th Military Intelligence Battalion and posted to the Federation of American Scientists Web site--examines the possible ways terrorists could use mobile and Web technologies such as the Global Positioning System, digital maps, and Twitter mashups to plan and execute terrorist attacks.   The report (PDF), which appears to have been first presented earlier this month, was reported Friday by Wired magazine's Noah Shachtman. A chapter titled "Potential for Terrorist Use of Twitter," presents general, introductory information on Twitter and how it works, and describes how the service was used to report details of a recent earthquake in Los Angeles and by activists at the Republican National Convention.

"Twitter has also become a social activism tool for socialists, human rights groups, communists, vegetarians, anarchists, religious communities, atheists, political enthusiasts, hacktivists and others to communicate with each other and to send messages to broader audiences," the report said.

The report goes on to say:

Twitter is already used by some members to post and/or support extremist ideologies and perspectives. Extremist and terrorist use of Twitter could evolve over time to reflect tactics that are already evolving in use by hacktivists and activists for surveillance. This could theoretically be combined with targeting……(CNet, 26 Oct 08)

Report:  Sample Overview: al Qaida-Like Mobile Discussions & Potential Creative Uses

 

Military concerned over online spying

The Turku-based daily Turun Sanomat reports that the Finnish military is concerned that internet social networking sites might be used to spy on military personnel.  “The Finnish Defense Forces has become concerned over the possible espionage use of internet social networking sites. Some naval personnel have been told by the head of information security to restrict the publicizing of their personal data on the Facebook internet social networking site. Behind this concern is the threat, familiar from the days of the Cold War, that in the event of a crisis an enemy power might attempt to eliminate professional soldiers in key positions on their doorsteps. For this purpose the USSR trained special forces called Spetsnaz, and there is no indication that Russia has abandoned this contingency.  Because of this risk, the identity of fighter pilots, for example, is kept secret also in Finland. Their faces are not to be photographed, and their names and home addresses are not revealed…..(Helsinki Times, 24 Oct 08)

 

Hacking - The Corporate Cover-Up

Not long ago, a senior executive from one of corporate America’s large bellwether stocks received a telephone call from law enforcement, explaining that the company had a major software vulnerability in its corporate web site. The agent described the vulnerability and its location in great detail and requested that it be fixed immediately. But he refused to disclose how he knew. At the executive’s request, the organization’s chief information security officer (CISO) investigated the matter, confirmed the flaw and fixed it. Through forensics, the CISO discovered that a foreign government had penetrated the organization’s applications infrastructure and was in a position to bring it down whenever the time was deemed right.  Cyber security is no longer just the job of IT. As the true story above highlights, cyber crime today is a silent, invisible battlefield. The anonymity and universal access of cyberspace makes cyber crime attractive and easy. If customers, partners and employees can access sensitive systems from anywhere in the world, then the same pathway to the core infrastructure and priceless data exists for hackers as well……(Hamilton Advertiser, 24 Oct 08)

 

The Manchurian microchip

…The myth: Chinese intelligence services have concealed a microchip in every computer everywhere, programmed to "call home" if and when activated.  The reality: It may actually be true.   All computers on the market today -- be they Dell, Toshiba, Sony, Apple or especially IBM -- are assembled with components manufactured inside the PRC. Each component produced by the Chinese, according to a reliable source within the intelligence community, is secretly equipped with a hidden microchip that can be activated any time by China's military intelligence services, the PLA.  "It is there, deep inside your computer, if they decide to call it up," the security chief of a multinational corporation told The Investigator. "It is capable of providing Chinese intelligence with everything stored on your system -- on everyone's system -- from e-mail to documents. I call it Call Home Technology. It doesn't mean to say they're sucking data from everyone's computer today, it means the Chinese think ahead -- and they now have the potential to do it when it suits their purposes."  Discussed theoretically in high-tech security circles as "Trojan Horse on a Chip" or "The Manchurian Chip," Call Home Technology came to light after the Defense Advanced Research Projects Agency (DARPA) launched a security program in December 2007 called Trust in Integrated Circuits. DARPA awarded almost $25 million in contracts to six companies and university research labs to test foreign-made microchips for hardware Trojans, back doors and kill switches -- techie-speak for bugs and gremlins -- with a view toward microchip verification……(Mina, 22 Oct 08)

 

Information Warfare: Managing Mercenaries

The U.S. FBI believes that 24 nations have created Information War organizations, equipped with hacker tools and techniques, and able to use these resources to attack other nations. In practice, most of these nations have developed this offensive capability as part of their efforts to better defend their own Internet infrastructure. But the FBI also warns that the growing emergence of well organized criminal gangs, specializing in Internet crime, also provides nations with better offensive tools. The FBI allocates an increasing amount of their Cyber War resources to tracking these gangs. While some countries are believed to be hiring the Internet gangsters for some jobs (like espionage, or shutting down web sites of opposition groups, especially ones based overseas), most nations see the gangs for what they are; dangerous criminals… There are cases of industrial espionage via the Internet, where it appeared that it was criminal gangs doing mercenary work. It is believed that some of the efforts to penetrate U.S. government and military networks, to steal data, are carried out by criminals working freelance……(Strategy Page, 21 Oct 08)

 

Keyboard Sniffers to Steal Data

Computer criminals could soon be eavesdropping on what you type by analyzing the electromagnetic signals produced by every key press.  By analyzing the signals produced by keystrokes, Swiss researchers have reproduced what a target typed.  The security researchers have developed four attacks that work on a wide variety of computer keyboards.  The results led the researchers to declare keyboards were "not safe to transmit sensitive information"… The attacks were dreamed up by doctoral students Martin Vuagnoux and Sylvain Pasini from the Security and Cryptography Laboratory at the Swiss Ecole Polytechnique Federale de Lausanne (EPFL).

The EPFL students tested 11 different keyboard models that connected to a computer via either a USB or a PS/2 socket. The attacks they developed also worked with keyboards embedded in laptops……(BBC, 21 Oct 08)

 

Panel: Private sector can control risks of cyberattack

A panel of business executives and policy experts today laid out a road map for companies to mitigate the economic impact of cyberattacks. The report, released by the American National Standards Institute and the Internet Security Alliance, builds upon recommendations included in legislation that passed Congress after the Sept. 11, 2001, terrorist attacks that called for increased industry coordination to secure the nation's computer-based networks.  Much like the economic turmoil, which stemmed from "a fundamental misunderstanding and mismanagement of modern financial systems," ISA President Larry Clinton said the country's critical infrastructures rely on cyber systems "that are also misunderstood and mismanaged." Clinton spoke at a briefing alongside Ty Sagalow, president for product development at American International Group.  Two thousand copies of the report, which suggests shifting control of corporate cyber infrastructures from IT departments to chief financial officers, are being shipped to executives at major companies, Clinton said……(Congress Daily, 20 Oct 08)

 

Initiatives in Place to Fight Cyberwar

The way the Internet and networks are connected these days literally makes them "borderless", which makes espionage through cyberspace easy. But does this translate into the dawn of the age of cyber warfare, one in which attacks are apparently waged by governments for military purposes rather than those perpetrated by hi-tech criminals seeking financial gains?  According to CyberSecurity Malaysia's chief executive officer Lt Col (Retired) Husin Jazri, the threat of cyber warfare is real. "It's a matter of perception, but the threat of cyber warfare is certainly there."  But the degree of seriousness depends on the intent of the attacks and the level of preparedness of the countries defending against these attacks, he pointed out.  "Many opinions have been cast about cyber warfare. Some believe it exists, some don't. But organiZed and targeted attacks that go for resource exhaustion have happened before in some countries," ….(iStock Analyst, 20 Oct 08)

 

Report: Russian Hacker Forums Fueled Georgia Cyber Attacks

An exhaustive inquiry into August's cyber attacks on the former Soviet bloc nation of Georgia finds no smoking gun in the hands of the Russian government. But experts say evidence suggests that Russian officials did little to discourage the online assault, which was coordinated through a Russian online forum that appeared to have been prepped with target lists and details about Georgian Web site vulnerabilities well before the two countries engaged in a brief but deadly ground, sea and air war.  The findings come from an open source investigation launched by Project Grey Goose, a volunteer effort by more than 100 security experts from tech giants like Microsoft and Oracle, as well as former members of the Defense Intelligence Agency, Lexis-Nexis, the Department of Homeland Security and defense contractor SAIC, among others.  The group began its inquiry shortly after the cyber war disabled a large number of Georgia government Web sites. Starting with the Russian hacker forum Xaker.ru (hacker.ru), investigators found a posting encouraging would-be cyber militia members to enlist at a private, password-protected online forum called StopGeorgia.ru. Grey Goose principal investigator Jeff Carr said the administrators of the hacker forum were keenly aware that American cyber sleuths were poking around: Within hours after discovering the link to the StopGeorgia site, Xaker.ru administrators deleted the link and banned all access from U.S.-based Internet addresses……(Washington Post, 16 Oct 08)

 

FBI targets rise in cybercrime from U.S. and abroad

The threat of cybersecurity attacks are on the rise from organized crime, terrorists, and foreign governments, an FBI official warned on Wednesday.   There are a "couple dozen" countries interested in breaching U.S. networks, said Shawn Henry, assistant director of the FBI cyber division, though he declined to list any specific countries.

The attempted attacks on U.S. networks are "increasingly sophisticated" and "the amount of information that has been stolen is significant," Henry said.  In particular, the use of botnets continues to increase, he said, while companies have lost tens of millions of dollars from "pump and dump" schemes in which criminals buy and sell stocks with other people's account information harvested online……(CNet, 15 Oct 08)

 

DHS secretary pushes industry to invest in cybersecurity

…"The failure in even one component, or one link in the chain, can have cascading effects," he said. "Just look at what's going on in the financial market, which is a too dramatic illustration of what happens when there's a failure of trust. ... If ordinary consumers lose confidence in the systems, business suffers and fails." (DHS Secretary Michael Chertoff)  As attacks increase in frequency, sophistication and scope, Chertoff said, government will focus on three areas:

Cyber threat detection and mitigation, primarily through the second and third generations of Einstein, an automated system that collects, correlates, analyzes and shares computer security information.  

Education on policies and practices to help reduce insider threats.

Improving safeguards in the global supply chain to ensure computer components delivered to federal agencies are free of vulnerabilities that could expose systems to attacks.

The latter effort, in particular, requires a partnership between industry and government……(Gov Exec, 15 Oct 08)

 

FBI sees rise in computer crime

Computer spying and theft of personal information have risen notably in the past year, costing tens of millions of dollars and threatening U.S. security, the FBI's cyber division head said on Wednesday.  FBI Assistant Director Shawn Henry told reporters that organized-crime groups are drawn by the ease of reaching millions of potential victims.  He said as many as two dozen countries have taken an "aggressive interest" in penetrating the networks of U.S. companies and government agencies.  He declined to specify countries, but U.S. intelligence agencies have voiced concern over Russia and China's abilities to electronically spy on the United States and disrupt U.S. computer networks…Internet Crime Complaint Center, which the FBI helps run, has recorded more than 1 million complaints since its founding in 2000 and numbers are now running about 18,000 to 20,000 per month…….(Reuters, 15 Oct 08)

 

Panel to Discuss Cyber-Crime and Cyber-Terrorism

The Counterterrorism Foundation co-sponsored a panel on the subject of "Meta-Terror: Terrorism & the Virtual World" on February 29, and it was one of our most heavily attended and widely publicized events. The panel, which included Contributing Experts Evan Kohlmann and Roderick Jones, discussed the next generation of the terrorists’ use of the virtual world. You can listen to a BBC interview of several of us on the subject. One of the panelists in that event, Kenneth Silva, the Senior VP and Chief Technology Officer of VeriSign, will be a panelist on a public event tomorrow, October 16, on the issue. Titled "Cyber-Crime and Cyber-Terrorism--No Silver Bullet Solution," the event will be held at 12 pm ET in Room 188 of the Russell Senate Building in Washington, DC……(Counterterrorism Blog, 15 Oct 08)

 

Cybersting: FBI ran DarkMarket forum to catch Cybercriminals

The cybercriminal forum DarkMarket.ws, frequented by identity thieves looking to share tips and purchase stolen data, was actually an undercover FBI sting, according to a report on Wired's Threat Level blog.  The site - reportedly under control by the FBI for the past two years - was voluntarily shut down earlier this month by its site moderator, who used the handle “Master Splyntr.” In reality, Splyntr was FBI senior cybercrime agent, J. Keith Mularski, working out of the FBI's National Cyber Forensics Training Alliance in Pittsburgh, according to Wired.  An FBI spokesperson told USMagazineUS.com on Tuesday that the agency is looking into Wired's story but was not yet ready to comment. When contacted by SCMagazineUS.com, Mularski declined to comment…..(SC Magazine, 14 Oct 08)

 

Chertoff: No Big Brother approach to 'Net security for DHS

At a closed-door briefing last week, Homeland Security Secretary Michael Chertoff discussed his agency's plans to implement the Comprehensive National Cybersecurity Initiative with a small group of bloggers and journalists. Chertoff waxed enthusiastic about plans to develop rapid-response intrusion countermeasures and the need to change the way we think about identity verification—but also seemed at pains to allay fears that DHS would take a Big Brother approach to securing the Internet.  Alarm bells sounded for many earlier this year when Director of National Intelligence Mike McConnell told The New Yorker that the government would require broad powers to monitor all Internet traffic in order to secure the nation's critical information infrastructure. But Chertoff outlined a far more modest agenda, saying that his agency's primary goal would be to "get control of the dot-gov domain," and insisting that government involvement in securing private networks would be strictly by invitation…….(Ars Technica, 14 Oct 08)

 

DarkMarket carder forum revealed as FBI Sting - Cybercrooks Bamboozled

Leaked documents have confirmed that carder forum DarkMarket was actually an FBI sting operation.

For the last two years until its shutdown earlier this month DarkMarket.ws posed as a forum where identity thieves, credit card fraudsters, crackers and other ne'er do wells could hang out and exchange tips as well as trading hacker tools and stolen data. In reality, the site was run by Federal agents based in Pittsburgh.

The true identity of the site was revealed by Südwestrundfunk, a German public radio station, Wired reports. The station unearthed documents showing that one of the site's overlord, Master Splynter, who posed as a spammer, was senior cybercrime agent J Keith Mularski. The DarkMarket sting was instrumental in trapping a German credit card hacker active on its forums…..(Register, 14 Oct 08)

 

Cybercrime Supersite 'DarkMarket' Was FBI Sting, Documents Confirm

DarkMarket.ws, an online watering hole for thousands of identify thieves, hackers and credit card swindlers, has been secretly run by an FBI cybercrime agent for the last two years, until its voluntary shutdown earlier this month, according to documents unearthed by a German radio network.  Reports from the German national police obtained by the Südwestrundfunk, Southwest Germany public radio, blow the lid off the long running sting by revealing its role in nabbing a German credit card forger active on DarkMarket. The FBI agent is identified in the documents as J. Keith Mularski, a senior cybercrime agent based at the National Cyber Forensics Training Alliance in Pittsburgh, who ran the site under the hacker handle Master Splynter.  The NCFTA is a non-profit information sharing alliance funded by financial firms, internet companies and the federal government. It's also home to a seven-agent FBI headquarters unit called the Cyber Initiative and Resource Fusion Unit, which evidently ran the DarkMarket sting.   The FBI didn't return a phone call Monday…..(Wired, 13 Oct 08)

 

World Bank under cyberattack?

The computer network used by the World Bank Group has suffered a series of at least six intrusions since mid-2007, according to a report.  The World Bank Group was first notified of the intrusions by the FBI in September 2007, when the bureau was investigating another cybercrime case involving transactions out of Johannesburg, South Africa. Fox News said it has an internal memo (PDF) describing the initial intrusion to World Bank Group employees.  The World Bank Group did not respond to a request for comment.  The World Bank Group, based in Washington, D.C., is not a traditional bank. It is made up of the International Bank for Reconstruction and Development and the International Development Association, and it provides a vital source of financial and technical assistance to developing countries around the world, according to its Web site. The World Bank board represents 185 member nations and currently budgets $25 billion annually in antipoverty campaigns.   Up to 40 servers have been penetrated in a series of attacks, according to Fox News, including one attack on a server that held contract-procurement data. Two of the attacks appear to come from the same block of IP addresses originating in China. But Graham Cluley, senior technology consultant at Sophos, told CNET News that doesn't mean the attackers are in China--only that they are using compromised machines located in that country. "Ideally, if you're a large organization or financial organization, then you would have a team of penetration testers testing your system to the limit looking for those weaknesses, looking for those holes," Cluley said. "It's much better that you find them before a criminally minded hacker does."  Apparently, the World Bank Group does not conduct its own security-assessment testing, a requirement of financial institutions in the United States and other countries.….(CNet, 10 Oct 08)

 

World Bank Under Cyber Siege in 'Unprecedented Crisis'

The World Bank Group's computer network — one of the largest repositories of sensitive data about the economies of every nation — has been raided repeatedly by outsiders for more than a year, FOX News has learned.  It is still not known how much information was stolen. But sources inside the bank confirm that servers in the institution's highly-restricted treasury unit were deeply penetrated with spy software last April. Invaders also had full access to the rest of the bank's network for nearly a month in June and July.  In total, at least six major intrusions — two of them using the same group of IP addresses originating from China — have been detected at the World Bank since the summer of 2007, with the most recent breach occurring just last month.  In a frantic midnight e-mail to colleagues, the bank's senior technology manager referred to the situation as an "unprecedented crisis." In fact, it may be the worst security breach ever at a global financial institution. And it has left bank officials scrambling to try to understand the nature of the year-long cyber-assault, while also trying to keep the news from leaking to the public…..(Fox, 10 Oct 08)

 

Breaking News: World Bank Group Hacked

Gtron Solutions has just been notified that the World Bank Group network (one of largest data repositories of sensitive data) has been compromised by multiple people.  Sources say the servers inside the institution's treasury contained "spy software." It seems they had access to the banks data for close to a 30 day span between the months of June and July of 2008……(GTRON Solutions, 10 Oct 08)

 

Chip and pin scam 'has netted millions from British shoppers'

Dr Joel Brenner, the US National Counterintelligence Executive, warned that hundreds of chip and pin machines in stores and supermarkets across Europe have been tampered with to allow details of shoppers' credit card accounts to be relayed to overseas fraudsters.  These details are then used to make cash withdrawals or siphon off money from card holders' accounts in what is one of the largest scams of its kind.  In an exclusive interview with The Daily Telegraph, Dr Brenner said: "Previously only a nation state's intelligence service would have been capable of pulling off this type of operation. It's scary."  An organised crime syndicate is suspected of having tampered with the chip and pin machines, either during the manufacturing process at a factory in China, or shortly after they came off the production line. In what is known as a "supply chain attack", criminals managed to bypass security measures and doctor the devices before they were dispatched from the factories where they were made……(Telegraph, 10 Oct 08)

 

Clickjacking exploits enable hackers to hijack webcams

A hacker could potentially see and hear you by hijacking your webcam and microphone using clickjacking exploits and Adobe Flash, security researchers said this week.  “The bad news is with clickjacking, any computer with a microphone and/or a web camera attached can be invisibly coaxed into being a remote surveillance device,” Jeremiah Grossman, founder and chief technology officer of WhiteHat Security, wrote on his blog Tuesday…Grossman said the exploit could be used for corporate espionage, government spying or celebrity stalking…..(Secure Computing, 9 Oct 08)

 

Air Force pursues Cyber Command again
Top Air Force leadership has decided to pursue forming Cyber Command to defend Defense Department networks and to launch cyberattacks against foes after putting the project on hold in August.  The service's leadership, including Air Force Secretary Michael Donley and Chief of Staff Gen. Norton Schwartz, made the decision last week at the Corona senior leadership conference in Colorado Springs, Colo., to continue its effort to stand up the command, said Capt. Michael Andrews, an Air Force spokesman.  The service put Cyber Command on hold in August, saying it wanted to delay the program until new senior Air Force leaders, including Schwartz, had time to make a final decision on the scope and mission of the command……(Next Gov, 7 Oct 08)

 

Feds, industry announce center for identity management research

Security leaders from government, academia and corporations announced on Tuesday the formation of a center to improve how organizations control access to information and data stored in networks, therefore reducing an increasing number of security breaches.  Some of the largest federal contractors, including IBM, Lockheed Martin Corp. and Visa, joined Indiana University and the Secret Service to announce the formation of the Center for Applied Identity Management Research. The center, which has begun operations, will study ways to improve the practice of identity management, the ability to verify computer users' identities and if they have access to sensitive information stored on a network. Other founding members of the center are LexisNexis; Cogent Systems, a manufacturer of biometric systems; and Intersections Inc., an identity management vendor.  The establishment of the center comes at a time when computer networks operated by agencies and corporations are under increasing attacks from hackers and employees looking to gain access to personal information. The Office of Management and Budget reported in the spring that the number of information security incidents to federal networks more than doubled in fiscal 2007, with a 70 percent increase in unauthorized access to federal networks.  "How you determine people are who they claim to be is a critical challenge, and one we are failing to do well,"….(Gov Exec, 7 Oct 08)

 

Two Europeans indicted for US cyberattacks

Two Europeans, one of whom is English, have been indicted by a US federal grand jury in connection with a 2003 distributed denial-of-service attack that is the focus of a major FBI investigation.  The two men, who are not in custody, were indicted as part of the FBI's Operation Cyberslam, initiated in 2003 following a series of crippling distributed denial-of-service (DDoS) attacks on a large Los Angeles vendor of digital recorders. The attacks effectively knocked that business offline, along with other private and government bodies, for two weeks, resulting in losses ranging from $200,000 (£114,000) to more than $1m, according to the FBI.  Operation Cyberslam is the first successful investigation of a large-scale DDoS used for a commercial purpose in the US…Lee Graham Walker, 24, of Bleys Bolton was indicted on Thursday along with a German 25-year-old called Axel Gembe. Gembe is believed to be the programmer behind Agobot, a well-known worm used to create botnets that can be used in DDoS attacks or for other purposes, such as relaying junk email……(ZDNet, 6 Oct 08)

 

Report: Data Breaches Expose About 30M Records in '08

U.S. corporations, governments and universities reported a record 516 consumer data breaches in the first nine months of this year, incidents prompted chiefly by hackers and employee theft, according to a report released today by a nonprofit group that works to prevent fraud.  The Identity Theft Resource Center, of San Diego, found that this year's data breach tally has easily eclipsed 2007's 446 incidents. At an average of 57 caches of consumer data reported lost or stolen each month, U.S. organizations are on track to divulge at least 680 breaches by the end of 2008.  About 80 percent of the breaches involved digital records, while the remainder stemmed from the loss, theft or exposure of paper-based records. A description of each incident is available in the Identity Theft Resource Center 's 2008 Breach List (PDF)……(Washington Post, 6 Oct 08)

2008 Report:  Identity Theft Resource Center’s 2008 Breach List

 

Homeland Security seeks cyber counterattack system

First, there was "Einstein," the federal government's effort to protect itself from cyber attacks by limiting the number of portals to government computer systems and searching for signs of cyber tampering.  Then Einstein 2.0, a system now being tested to detect computer intrusions as they happen.  And in the future? Perhaps Einstein 3.0, which would give the government the ability to fight back.  Homeland Security Secretary Michael Chertoff on Friday said he'd like to see a government computer infrastructure that could look for early indications of computer skullduggery and stop it before it happens.  The system "would literally, like an anti-aircraft weapon, shoot down an attack before it hits its target," he said. "And that's what we call Einstein 3.0."….(CNN, 4 Oct 08)

 

China 'spying on Skype messages'

China has been monitoring and censoring messages sent through the internet service Skype, researchers say.

Citizen Lab, a Canadian research group, says it found a database containing thousands of politically sensitive words which had been blocked by China.  The publicly available database also displayed personal data on subscribers.  Skype said it had always been open about the filtering of data by Chinese partners, but that it was concerned by breaches in the security of the site.  Citizen Lab researchers, based at the University of Toronto, said they discovered a huge surveillance system which had picked up and stored messages sent through the online telephone and text messaging service…..(BBC, 3 Oct 08)

 

Chinese snoop on Skype, but are they alone?

A Canadian researcher has discovered that a Chinese version of eBay Inc.'s Skype communications software snoops on text chats that contain certain keywords, including "democracy."  The revelation is not only of interest to rights groups that monitor Internet censorship. The discovery also likely intrigues law enforcement and intelligence agencies in other countries, because they have been bothered by the growing use of Skype, which claims 338 million users across the world.  By its very nature, Skype is difficult to wiretap. Skype routes calls and chats between computers over the Internet, avoiding traditional phone networks. And the contents are supposedly encrypted, raising concerns in law enforcement that Skype could let criminals communicate without fear of eavesdropping…"The Chinese eavesdropping on Skype text messages only adds to the PR problems, the image problems, that Skype has among those who care about security," Schneier added.  On Wednesday, Nart Villeneuve at the University of Toronto revealed that a Chinese version of Skype's application is being used for wholesale surveillance of text messages.  The software is distributed by Skype's Chinese partner, Tom Online Inc. Skype has acknowledged since 2006 that this version looks for certain sensitive words in text chats, and blocks those messages from reaching their destination. The issue appears only to affect people using the Chinese software.  What Villeneuve found was that the Tom-Skype program also passes the messages caught by the filter to a cluster of servers on Tom's network. Because of poor security on those servers, he was able to retrieve more than a million stored messages. The filter appears to look for words like "Tibet," "democracy" and "milk powder" _ China is in the throes of a food scandal involving tainted milk……(AP, 2 Oct 08)

 

New Federal Law Targets ID Theft, Cybercrime

President Bush last week signed into law a bill that seeks to make it easier for prosecutors to go after cybercrooks, while ensuring that identity theft victims are compensated for their time and trouble when convicted identity thieves are forced to cough up ill-gotten gains.  The Identity Theft Enforcement and Restitution Act of 2008 lowers the bar prosecutors need to clear before bringing hacking and other cybercrime charges against an individual. Under current federal cybercrime laws, prosecutors must show that the illegal activity caused at least $5,000 in damages before they can bring charges for unauthorized access to a computer. The new law eliminates that requirement.  The law makes it a felony, during any one-year period, to damage 10 or more protected computers used by or for the federal government or a financial institution, and directs the U.S. Sentencing Commission to review its guidelines and consider increasing the penalties for those convicted of identity theft, computer fraud, illegal wiretapping or breaking into computer systems……(Washington Post, 2 Oct 08)

Text of H.R. 5938

 

Fighting the scourge of scareware

Microsoft and Washington State's Attorney General filed lawsuits against scam artists who frighten consumers into buying useless software.  "Scareware" merchants are accused of tricking computer users into clicking on pop-up alerts that claim their device is "damaged and corrupted".  They are then persuaded to buy software that corrects the non-existent issue by offering fake security fixes…"In the last six months we have seen an enormous uptick in the number of people getting infected by these scareware or spyware agents……(BBC, 1 Oct 08)

 

 

September 2008

 

44% of second hand mobile devices still contain sensitive data

According to a recent research conducted by BT, the Edith Cowan University, and the University of Glamorgan (Wales), 44% of the 160 second-hand devices that they tested, still contained sensitive data such as bank accounts, board meetings, business plans, and financial data. Using the data obtained, their analysis indicated a greater risk of espionage for the organizations the owner works for, than for the individuals themselves, once again proving that users don’t erase the data on their devices before selling them, thereby acting as the weakest link.  The potential for abuse in the form of corporate espionage, unethical competitive intelligence, business sabotage and blackmailing will naturally increase, following the high number of lost mobile devices with ever increasing capacity and the lack of basic security awareness on the user’s end…..(ZDNet, 30 Sep 08)

 

The State of Computer Security

The security of America’s information infrastructure is on vacation. In a report to the [House] Subcommittee on Emerging Threats, Cybersecurity, and Science and Technology, the Government Accountability Office found that the national Computer Emergency Readiness Team (CERT) fails to protect national security and does not meet a slew of critical benchmarks: “It lacks a comprehensive baseline understanding of the nation’s critical information infrastructure operations, does not monitor all critical infrastructure information systems, does not consistently provide actionable and timely warnings, and lacks the capacity to assist in mitigation and recovery in the event of multiple, simultaneous incidents of national significance.”  ERT, the Department of Homeland Security team created in 2003 to monitor and react to breaches of U.S. Internet security, is not the only guilty party in a failed attempt at securing American interests. The review of CERT comes on the heels of news this summer that China, allegedly, hacked Congressional computers containing information on Chinese dissidents. Unfortunately, loss of information happens all of the time: laptops containing Social Security numbers, medical patient information or financial account information frequently disappear from government and U.S. firms alike. The Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF) has lost 418 laptops over the past five years alone…..(Claremont Portside, 30 Sep 08)

 

Myanmar on the cyber-offensive

The distributed denial of service attacks, or DDoS, that hit and disabled several exile media websites between September 17 to 19, are widely held to be the latest attempt by Myanmar's military regime to silence its legion of critics.  The cyber-attacks, which flood a website with information requests which block regular traffic and eventually overload and crash it, coincided with the run-up to last year's "Saffron" revolution, in which soldiers opened fire and killed Buddhist monks and anti-government demonstrators. But the junta's cyber-warfare specialists appear to have wider designs than just censoring an uncomfortable anniversary and they are receiving plenty of foreign assistance in upgrading their political dissent-quashing capabilities.  The Defense Services Computer Directorate (DSCD) was set up by the War Office in around 1990, originally with the aim of modernizing the military's communications and administration systems. By the mid-1990s, however, the center had become much more focused on Information Warfare operations…..(Asia Times, 30 Sep 08)

 

Cybersecurity holes exposed in Los Alamos nuke lab

The Los Alamos National Laboratory - easily the world's most sensitive and sophisticated research institution - is marred by cybersecurity weaknesses that compromise the way information on its unclassified network is protected.  According to an audit by the US Government Accountability Office (GAO), the New Mexico-based LANL recently began implementing measures to shore up information security. But vulnerabilities remain on its unclassified network, which contains sensitive information involving controlled nukes, export control, and personal details of lab employees. Physical security was also found to be lacking at the facility, one of only three US National Nuclear Security Administration (NNSA) labs.  "A successful physical or cyber attack on NNSA sites containing nuclear weapons, the material used in nuclear weapons, or information pertaining to the people who design and maintain the US nuclear deterrent could have devastating consequences for this site, its surrounding communities, and the nation's security, the report (PDF) warns. "Because of these risks, NNSA sites need effective physical and cyber security programs."…..(Register, 29 Sep 08)

GAO Report: Los Alamos National Laboratory Faces Challenges In Sustaining Physical and Cyber Security Improvements

 

U.S. urged to go on offense in cyberwar

The United States needs to do more to develop an offensive cyberwar capability rather than just focus on defending its networks from attack, says the chairman of the House cybersecurity subcommittee. "The best defense is a good offense and an offensive [cyberwar] capability is essential to our national defense," Rep. Jim Langevin told United Press International, calling it "a necessary deterrent."  "Warfare is forever changed. ... Never again will we see major warfare without a strong cyber component executed as part of it," the Rhode Island Democrat added, citing the assault on Georgian government Web sites that accompanied Russia's invasion last month….(UPI, 29 Sep 08)

 

GAO: Los Alamos Lab has cybersecurity gaps

The Los Alamos National Laboratory suffers from cybersecurity weaknesses that affect how it protects information on its sensitive but unclassified network, according to a new report from the Government Accountability Office. That network includes sensitive data such as controlled nuclear information, export control information, and personally identifiable information about employees of the national lab, the GAO report released Sept. 25 explained.  The nuclear weapons lab, in Los Alamos, N.M., has experienced breaches in its security in several incidents over the last decade. It was budgeted nearly $200 million in fiscal 2007 to provide for physical and cybersecurity. Despite improvements, the facility continues to have gaps in its physical security and cybersecurity….(FCW, 26 Sep 08)

 

High-Tech Spies Using Cell Phones To Gather Data

Modern cell phones have become handheld computers, and unscrupulous people can install harmful software -- known as spyware -- on these devices.  This spyware can be a total invasion of a user's privacy, said Joe Seanor, an expert on Internet crime. Seanor spent 10 years with CIA counter-intelligence and was a lead investigator for the AOL Internet crimes division.  "There are a number o