CI Centre DICE Briefings
CI Centre Home Training DICE Briefings Speakers Bureau Podcasts SpyTrek CI Centre Store
Spy Cases Articles Books Videos News Archive Resources CI Timeline

Site Map

About Us

FAQs

Staff

Contact Us

Mailing List

Required Reading

 

 

Cyber Security News

 

Current Cyber Security News

 

January 2008 to May 2008

 

Chinese hit with cyberspying allegations

…Suspicions have been cast on Chinese officials who some believe secretly copied data from Secretary Carlos Gutierrez's computer while he was on a visit to Beijing in December, and further that they then tried to use the stolen data to hack into other U.S. government computers, The Daily Telegraph said in a report. Gutierrez refused to discuss the cyberspying incident with The Telegraph, saying only, "To the extent that there is an investigation going on, those are the things being looked at, those are the questions being asked. I don't think I should provide any speculative answers."…..(UPI, 31 May 08)

 

China accused of hacking into U.S. government computers

Chinese officials have been accused of secretly copying the contents of a U.S. government laptop when America's commerce secretary visited then country. Spies are thought to have then used the information to hack into U.S. government computers back in Washington. Surreptitious copying is believed to have occurred when a laptop was left unattended during Carlos Gutierrez's trip to Beijing for trade talks in December… It was not clear whether leaving the laptop unattended violated U.S. government rules. Some agencies, such as Homeland Security, routinely provide officials with sanitized laptops to carry on trips overseas and require them to leave in the United States their everyday laptops, which might contain sensitive information…..(Daily Mail, 30 May 08)

 

Video:  US Investigates Alleged Chinese Laptop Hacking

 

U.S. Investigates Laptop Spying Suspicions

In March the U.S. State Department stirred some concern when it issued a fact sheet for Olympics visitors to China, warning them of potential intrusions on their privacy. “All hotel rooms and offices are considered to be subject to on-site or remote technical monitoring at all times. Hotel rooms, residences and offices may be accessed at any time without the occupant’s consent or knowledge,” it said. Now, the AP reports that American authorities are investigating whether Chinese government officials secretly copied a U.S. government laptop during Commerce Secretary Carlos Gutierrez’s visit to Beijing last December. A computer hard drive can be copied in minutes using sophisticated equipment that can steal data remotely. It wasn’t clear what information was on the computer or how it might have been used…The report also highlighted an incident of attempted hacking of a foreign businessman’s PDA in China and provided some hints on how to avoid being hacked: Buy “throwaway” phones for use in China, recommends Joel Brenner, chief of the office of the National Counterintelligence Executive under the CIA. Leave your everyday laptop at home and carry a “sanitized” laptop for overseas trips (this is what the Department of Homeland Security does). Conduct sensitive business on a computer that is disconnected from the office’s internal network. After serious computer attacks, the commerce department told employees in its security industry bureau to use laptops isolated from the department’s network, even for simple Web searches for public information…..(Wall Street Journal, 30 May 08)

 

Did Chinese hack U.S. official's laptop?

U.S. authorities are investigating whether Chinese officials secretly copied the contents of a government laptop computer during a visit to China by Commerce Secretary Carlos M. Gutierrez and used the information to try to hack into Commerce computers… Surreptitious copying is believed to have occurred when a laptop was left unattended during Gutierrez's trip to Beijing for trade talks in December, people familiar with the incident told the AP. These people spoke on condition of anonymity because the incident was under investigation…The report of the incident is the latest in a series of worrisome cyber security problems blamed on China and comes at a sensitive time, with looming trade issues between the countries and special attention on China over the upcoming summer Olympics. Gutierrez returned just weeks ago from another trip to Beijing… In the period after Gutierrez returned from China in December, the U.S. Computer Emergency Readiness Team — known as US-CERT, some of the government's leading computer forensic experts — rushed to the Commerce Department on at least three occasions to respond to serious attempts at data break-ins, officials told the AP. "There's nothing to substantiate an actual compromise at this time," said Russ Knocke, spokesman for the Department of Homeland Security. Knocke said he was unable to find records of a DHS investigation……(AP, 29 May 08)

 

Chinese hackers pose serious danger to U.S. computer networks

Computer hackers in China, including those working on behalf of the Chinese government and military, have penetrated deeply into the information systems of U.S. companies and government agencies, stolen proprietary information from American executives in advance of their business meetings in China, and, in a few cases, gained access to electric power plants in the United States, possibly triggering two recent and widespread blackouts in Florida and the Northeast, according to U.S. government officials and computer-security experts. One prominent expert told National Journal he believes that China's People's Liberation Army played a role in the power outages. Tim Bennett, the former president of the Cyber Security Industry Alliance, a leading trade group, said that U.S. intelligence officials have told him that the PLA in 2003 gained access to a network that controlled electric power systems serving the northeastern United States. The intelligence officials said that forensic analysis had confirmed the source, Bennett said. "They said that, with confidence, it had been traced back to the PLA." These officials believe that the intrusion may have precipitated the largest blackout in North American history, which occurred in August of that year……(National Journal, 29 May 08)

 

Safety tips for travelers' protections

If you're traveling overseas, try to leave your computer at home. If you must have it, put only a few files on it and leave as many as possible behind. Encrypt the files you do bring. These are some of the steps that computer security analysts advise for international travelers anxious to avoid being the victim of data espionage……(AP, 29 May 08)

 

U.S. won't confirm report of Chinese hacking

Government officials are not confirming a report that Chinese officials may have secretly copied the contents of a government laptop computer during a December visit to China by Commerce Secretary Carlos Gutierrez. The Associated Press said an investigation into the suspected incident also involved whether China used the information to try to hack into Commerce computers…..(CNN, 29 May 08)

 

The European Union Plans To Boost Its Internet Security Features

European Union officials have expressed their deep concerns about the wave of internet attacks set out to incapacitate government websites all over Europe… The annual 8 million euro-budget of the ENISA and its 50-member staff seem hardly enough for a proper security strategy and will soon require many more resources in order to offer the results needed. The agency handles the activity of national cyber security divisions in the 27 EU member nations and its attributions do not include any sort of arrest missions or prosecution of cyber terrorism and cyber crime. Its assignments concern the investigation of certain issues, assistance in the event of problems and the constant look out for new ways to strengthen the cyber defense…….(E-Flux Media, 29 May 08)

 

EU agency declares war on botnets

ENISA, a pan-European agency designed to promote closer coordination on information security, is calling for a revamp of cyber-security laws and best practices in a bid to combat the growing economic impact of cyber attacks and botnet spam. The adoption in Europe of US-style information security breach disclosure laws is a key plank in this manifesto, and emerged in a technical briefing by The European Network and Information Security Agency to journalists on Tuesday. ENISA reckons security breach reporting, applied consistently across Europe, would reveal the scope of information security problems……(Channel Register, 29 May 08)

 

French police detain 22 people in probe of suspected computer hacking ring

…The sweep stems from a probe begun in the eastern city of Dijon in February after about 30 domestic and foreign companies reported cases of computer network vandalism and destruction of some files. Police say the motives are not immediately clear. They are not ruling out economic espionage. Authorities say the suspects in the network appeared to challenge one another in online forums. Most are young _ with one aged 13 _ authorities said……(AP, 29 May 08)

 

Missing links of a secret Goa agent

He was a secret service agent who used to torment freedom fighters when Goa was under Portuguese rule. Now some crucial missing links on ‘Agente Monteiro’ have surfaced in cyberspace.  In an unusual series of developments over the past couple of months, a posting on Goaneton the man has led to the unearthing of an interesting, though painful, chapter of history. Agente Monteiro has long been a dreaded name in Goa because of the legendary brutality with which he is believed to have acted against anyone who challenged the colonial state then under Portuguese rule….(Sify, 29 May 08)

 

The China threat: Real & growing

Communist China rapidly is gaining the capability to launch a sneak attack in cyberspace -- and outer space.

China "aggressively" is honing its ability to shoot down satellites, along with sharpening its other space and counter-space capabilities, Brig. Gen. Jeffrey Horne told Congress. He's connected to the U.S. Strategic Command. Gen. Horne says recent Chinese People's Liberation Army writings suggest China might target an enemy's spy satellites -- along with navigation and early-warning spacecraft -- "to blind and deafen." The unannounced destruction of one of its own satellites in 2007 speaks to China's deadly potential…..(Pittsburgh Live, 28 May 08)

 

Tibet dissident writer under cyber-attack

A Beijing-based Tibetan dissident writer who has been writing about the unrest there has come under cyber-attack to silence her, and possibly implicate her associates, her husband and activists said on Wednesday.

Hackers stole Woeser's Skype identity on Tuesday and impersonated her in instant message exchanges with her Skype contacts, apparently to trick her 170-odd contacts into revealing politically sensitive information which could then be used to trump up charges against them, Wang Lixiong told Reuters…..(Reuters, 28 May 08)

 

Who keeps failing their FISMA compliance?

The recently released U.S Federal Computer Security Report Card for 2008, indicates that several critical to national security departments continue failing to implement the Federal Information Security Management Act (FISMA). From a cyber espionage perspective, the lack of prioritization of departments that must be audited first, often results in anecdotal cases. Case in point, who cares if the Environmental Protection Agency scored A+ when the Nuclear Regulatory Commission and the Department of the Interior have been failing for 2006 and 2007 altogether? And isn’t it disturbing to know that Housing and Urban Development scores higher than the Department of Defense?......(ZDNet, 27 May 08)

FISMA Report on Computer Security

 

Lawmakers See Cyber Threats to Electrical Grid

The U.S. electrical grid remains vulnerable to cyber attacks that could cripple the economy, and the organization responsible for regulating electrical suppliers doesn't appear to be serious about fixing the problems, some U.S. lawmakers said Wednesday. U.S. Representative James Langevin and other members of the House of Representatives Subcommittee on Emerging Threats, Cybersecurity, and Science and Technology questioned whether the North American Electric Reliability Corp. (NERC), an electric industry group tasked with ensuring electric reliability, is doing its job. NERC officials last October painted a "misleading" and rosy picture of the U.S. electric system's readiness for cyber attacks, said Langevin, a Rhode Island Democrat and chairman of the subcommittee. But Langevin has "little confidence" that the U.S. electrical grid has fully addressed the so-called Aurora vulnerability, a cyber attack aimed at shutting down electric utilities' generators or other equipment…..(PC World, 22 May 08)

 

Soldier Internet use could pose security threat

Military staff tell us the use of Web sites makes the Fort Riley network vulnerable to Internet hackers and viruses. “Because you don’t know who you’re dealing with on the other end,” says Lance Sheldon, of Fort Riley information management. “People have a tendency to discuss things, you know, openly. Most people don’t think of security when their doing day-to-day business.” Sheldon and his growing staff teach soldiers about the importance of limiting information they release, even something as simple as soldiers blogging about when they’re coming home……(KTKA, 22 May 08)

 

TVA vulnerable to cyber attack

Cybersecurity measures at TVA are inadequate, leaving the federal power provider’s networks and facilities vulnerable to attack, according to a government report scheduled for release today. The U.S. Government Accountability Office will present the report this afternoon to the Emerging Threats, Cybersecurity, and Science and Technology subcommittee of the House of Representatives’ Committee on Homeland Security. The report will be released to the public later today, a GAO spokeswoman confirmed…..(Knox News, 21 May 08)

 

Government offices target of cyber criminals

The federal police have opened an investigation into suspected espionage following an attack by hackers of the computer system of two government departments. A spokeswoman said the foreign ministry and State Secretariat for Economic Affairs (Seco) were the target of professional hackers at the end of last year. A cyber crime expert said the case was unique since employees in particular departments of the federal administration were singled out for the attack….(Swiss Info, 21 May 08)

 

Army aims to take guesswork out of cyberdefense

The Army Research Office (ARO) is funding work by a consortium of private companies to develop predictive technologies that could improve the efficiency of cybersecurity tools. The idea is to create a global system to gather and correlate security events, giving users early warning about coming attacks and aiding in the configuration of sensors, filters and other devices that detect and respond to these events, said Livio Ricciulli, chief scientist at MetaFlows, of Redlands, Calif……(GCN, 20 May 08)

 

U.S. military cites growing China space, cyber threat

…China is "aggressively" honing its ability to shoot down satellites along with other space and counter-space capabilities, said Army Brig. Gen. Jeffrey Horne of the U.S. Strategic Command. Such know-how has big implications for Beijing's potential to curb access in the Taiwan Straits "and well beyond," he told the U.S.-China Economic and Security Review Commission, a congressionally created advisory group. Horne, deputy head of the Strategic Command's joint component for space, said recent Chinese People's Liberation Army writings suggested China might target an enemy's spy satellites along with navigation and early-warning spacecraft "to blind and deafen."….(Reuters, 20 May 08)

 

Nations blame China for recent cyber hackings

The Chinese government is under scrutiny as many nations have come forward alleging its role in sponsoring hackers for systematically attacking other countries' online assets. As India woke up to the campaign targeted towards mapping and discovering weak points within its IT infrastructure which had been running over the past 18 months, now more nations have come forward questioning China's involvement and for backing the hackers. As the UN raised the issue in Geneva, US, Belgium, France and Russia have also stated that China is attempting to control the cyberspace "offensively "…..(International Business Times, 20 May 08)

 

NATO Builds Cyber War Weapons

NATO has established a Cyber Defense Center in Estonia. This is a result of being called on by Estonia, a year ago, to declare Cyber War on Russia. Russia was accused of causing great financial harm to Estonia via Cyber War attacks, and Estonia wants this sort of thing declared terrorism, and dealt with. NATO  agreed to discuss the issue, but never took any action against Russia. The Cyber Defense Center is one tangible result of the 2007 Cyber War attacks. The Center will study Cyber War techniques and incidents, and attempt to coordinate efforts by other NATO members to create Cyber War defenses, and offensive weapons……(Strategy Page, 20 May 08)

 

Combating cyber-terrorism

As many as 30 countries will be represented in Malaysia starting today at a global conference aimed at improving the world's capacity to prevent and respond to a threat that many governments have only begun to acknowledge — cyber-terrorism. This event is the largest ministerial-level gathering ever organized against this threat. Cyber-terrorism is starkly different from common Internet crimes like identity theft and money fraud in that it can involve use of technology to divert or destroy systems and infrastructure, cause injury or death and undermine economies and institutions. To accomplish their goals, cyber-terrorists target the computer systems that control air traffic, electric power grids, telecommunications networks, military command systems and financial transactions……(Washington Times, 20 May 08)

 

Cost of cybersecurity initiative to triple, panel reports

The Bush administration’s proposal to defend government networks against cyberattacks will cost $17 billion, nearly three times original estimates, and is so secret that it cuts the public out of the debate on the program, according to a Senate report. The cost of the National Cybersecurity Initiative, a multiagency effort to defend government information systems with strong defenses against cyberattacks, originally was pegged at $6 billion. Because of the increase in cost, the Senate Armed Services Committee recommended in a report that major elements of the project be scaled back “because policy and legal reviews are not complete and because the technology is not mature.”….(Next Gov, 19 May 08)

 

I spy your PC: Researchers find new ways to steal data

Researchers have developed two new techniques for stealing data from a computer that use some unlikely hacking tools: cameras and telescopes. In two separate pieces of research, teams at the University of California, Santa Barbara, and at Saarland University in Saarbrucken, Germany, describe attacks that seem ripped from the pages of spy novels. In Saarbrucken, the researchers have read computer screens from their tiny reflections on everyday objects such as glasses, teapots, and even the human eye. The UC team has worked out a way to analyze a video of hands typing on a keyboard in order to guess what was being written. Computer security research tends to focus on the software and hardware inside the PC, but this kind of "side-channel" research, which dates back at least 45 years, looks at the physical environment. Side-channel work in the U.S. was kicked off in 1962 when the U.S. National Security Agency discovered strange surveillance equipment in the concrete ceiling of a U.S. Department of State communications room in Japan and began studying how radiation emitted by communication components could be intercepted….(IDG, 19 May 08)

 

Strong prospects in software to spy on bank staff

If you work for a bank, a computer may be reading your e-mails, listening to your phone calls or analyzing chat conversations as you type… Known collectively as e-discovery, these technologies are booming despite a slowdown in other areas. Gartner forecasts the segment will generate $760.5 million in revenues this year, up from $524.5 million in 2007. The systems to record and monitor employee activity can help companies collect huge amounts of internal information -- which they may increasingly need in the face of lawsuits spawned by the subprime crisis, or to meet rising regulatory demands. U.S. politicians are demanding tougher rules in the wake of the collapse of the once red-hot housing market, while the 2002 Sarbanes-Oxley Act on corporate accounting and investor protection has already spawned hefty legal requirements……(Reuters, 17 May 08)

 

Cyber criminals overseas steal U.S. electronic health records

In 2004, when Bush administration officials unveiled a project to provide every American with an electronic health record by 2014, they pledged to put privacy and security first. But the discovery in April of stolen health records containing sensitive medical information about U.S. patients on a computer server in Malaysia controlled by cyber criminals indicates such records so far do not pass the privacy and security test. Medical records are a “platinum card” for organized crime, which can rake in millions of dollars from false billings, said Pam Dixon, executive director of the World Privacy Forum. Information generated from false claims entered into electronic medical records also can pose life-threatening risks to patients, she added……(Next Gov, 17 May 08)

 

Internet virus laws beefed up

The Rudd Government will continue working on changes to communications laws to protect major private sector companies from virus attack or "Trojan horse" measures… In particular was how those who would threaten the safety of Australians, either by committing crimes or through violence motivated by political or religious extremism, were dealt with. The Bill also recognised that, notably through the internet, government agencies, be they military, intelligence, law enforcement or those dealing with critical infrastructure, were vulnerable to electronic interference, including electronic espionage attack…..(Herald Sun, 16 May 08)

 

NATO backs cybersecurity defence centre in Estonia

…Seven NATO countries have given their backing to a cybersecurity centre of excellence in Estonia, the country which was blighted by denial of service attacks one year ago. The Tallinn-based Co-operative Cyber Defence Centre of Excellence will conduct research and training on cyber warfare and is intended to protect NATO countries against such threats. Estonia, Germany, Italy, Latvia, Lithuania, Slovakia and Spain are sponsoring the venture, but the UK will not initially be involved with the effort. The United States will not sponsor the work either, but it will send an observer. The Estonia attacks last year prompted NATO to conduct what it called a "thorough assessment" of its approach to cyber defence. In those attacks, for which Russia has been blamed but not admitted liability, Estonia's two main banks became the victim of a sustained denial of service attack. Estonian government websites were at the time defaced……(SC Magazine, 15 May 08)

 

Online warfare research outlined

Procurement documents released by the U.S. Air Force give a rare glimpse into Pentagon plans for developing an offensive cyber-war capacity that can infiltrate, steal data from and, if necessary, take down enemy information-technology networks. The Broad Area Announcement, posted Monday by the Air Force Research Laboratory"s Information Directorate in Rome, N.Y., outlines a two-year, $11 million effort to develop capabilities to "access to any remotely located open or closed computer information systems," lurk on them "completely undetected," "stealthily exfiltrate information" from them and ultimately "be able to affect computer information systems through Deceive, Deny, Disrupt, Degrade, Destroy (D5) effects."  "Of interest," the announcement says, "are any and all techniques to enable user and/or root-level access to both fixed [and] mobile computing platforms ... [and] methodologies to enable access to any and all operating systems, patch levels, applications and hardware."…..(UPI, 15 May 08)

 

Colonel suggests using hackers' tool against them

Hackers often harness the combined power of thousands of virus-infected personal computers to pump out spam e-mail or disable targeted servers by overwhelming them with Internet traffic. Now an Air Force colonel is suggesting the U.S. military build its own "botnet," or network of remotely controlled computers, to be ready to attack the computer networks of foreign enemies. The proposal Col. Charles Williamson III outlined in the May edition of the Armed Forces Journal highlights the creative cyberwarfare strategies being hashed out by the military as hackers abroad step up their attacks on U.S. government computer networks and others around the world. "The days of the fortress are gone, even in cyberspace," wrote Williamson, staff judge advocate for Air Force Intelligence in the Surveillance and Reconnaissance Agency at Lackland Air Force Base in Texas. "While America must harden itself in cyberspace, we cannot afford to let adversaries maneuver in that domain uncontested."….(AP, 15 May 08)

 

FBI fears hardware backdoors in US military kit

Fake Cisco networking equipment could lead to hardware backdoors on military and other systems, as well as increased failure rates, says the FBI. The US Federal Bureau of Investigation has warned of threats to the US military and critical national infrastructure caused by counterfeit Cisco products.  The counterfeit products could open a hardware backdoor into those systems, warned the Federal Bureau of Investigation (FBI), enabling an attacker, potentially undetected by security software, to gain control of the systems. Counterfeit parts also have a much higher failure rate: one is known to have caught fire in a government network, due to a faulty power supply, warned the FBI.  To make matters worse, the FBI has an "intelligence gap": it does not know whether the fake goods are made for private profit or are state-sponsored, nor the scope of counterfeit-equipment use in the US government….(ZDNet, 15 May 08)

 

Federal Security: Welcome But Too Secret

The federal government needs a robust and effective program for protecting its computer networks. Despite more than a decade of warnings and fitful efforts, both governmental and private sector systems are at serious risk… The problem is probably getting worse. Our national security systems have suffered some unnerving penetrations quite recently. In the past year, for example, someone, possibly in China, reportedly hacked a Pentagon computer system. In a separate incident, government contractor apparently failed to detect a break-in on the Department of Homeland Security computers it was supposed to be protecting--and then tried to cover up its shortcomings. The administration's newfound commitment to cyber security is thus highly welcome, if long overdue. However, the approach so far raises two concerns…..(Forbes, 15 May 08)

 

Air Force looking to build cyber weapons

The Air Force issued a proposal on Monday asking the technology industry to help it develop the ability to hack into an enemy’s computer systems and to conduct offensive cyber warfare, such as shutting down systems, according to internal and public documents…An internal briefing from the lab’s headquarters at Wright-Patterson Air Force Base in Ohio defines the engagement as the ability to “conduct full-spectrum offensive cyber/info military, leadership and infrastructure.” The request dovetails with a similar research effort kicked off last year by the Air Force Electronic Systems Group, which asked industry to develop the technologies and capabilities needed to attack an adversary’s computer systems…..(Next Gov, 14 May 08)

 

US$13 million grant approved to fight cyber-terrorism

Malaysia's Prime Minister has approved a US$13 million grant to lay the foundation of IMPACT, a not-for-profit global organization to rally efforts from governments, the private sector and academia worldwide, against the growing threat of cyber-terrorism. Malaysia's Prime Minister has approved a US$13 million grant to lay the foundation of IMPACT, a not-for-profit global organization to rally efforts from governments, the private sector and academia worldwide, against the growing threat of cyber-terrorism. IMPACT (International Multilateral Partnership Against Cyber-Terrorism) is the first global public-private initiative against cyber-terrorism, which drives collaboration among governments, industry leaders and cyber-security experts to enhance the global community's capacity to prevent and respond to cyber-threats……(IDG, 14 May 08)

 

New Sites Make It Easier To Spy on Your Friends

…Armed with new and established Web sites, people are uncovering surprising details about colleagues, lovers and strangers that often don't turn up in a simple Internet search. Though none of these sites can reveal anything that isn't already available publicly, they can make it much easier to find. And most of them are free.

Zaba Inc.'s ZabaSearch.com turns up public records such as criminal history and birthdates. Spock Networks Inc.'s Spock.com and Wink Technologies Inc.'s Wink.com are "people-search engines" that specialize in digging up personal pages, such as social-networking profiles, buried deep in the Web. Spokeo.com is a search site operated by Spokeo Inc., a startup that lets users see what their friends are doing on other Web sites. Zillow Inc.'s Zillow.com estimates the value of people's homes, while the Huffington Post's Fundrace feature tracks their campaign donations. Jigsaw Data Corp.'s Jigsaw.com, meanwhile, lets people share details with each other from business cards they've collected -- a sort of gray market for Rolodex data…..(Wall Street Journal, 13 May 08)

 

A U.S military botnet in the works

Make botnets, not war? In April, last year, I asked the question “Why establish an offensive cyber warfare doctrine when you can simple install a type of Lycos Spam Fighting screensaver on every military and government computer and have it periodically update its hit lists?”… The bottom line - why put efforts into building something that would generate a lot of negative publicity and might never materialize, when you can basically outsource the process and have the capability provided on demand? Just like the bad guys who do not have access to botnets do by using botnets as a service?….(ZDNet, 13 May 08)

 

U.S. military to build botnet?

A colonel in the U.S. Air Force argued in a recent opinion piece that the United States needs to build its own collection of computers able to digitally "carpet bomb" enemies with a denial-of-service attack. The capability to overwhelm attackers would help the nation deter attacks against its systems, Col. Charles Williamson III, a staff judge advocate for the U.S. Air Force Intelligence, Surveillance and Reconnaissance Agency, stated in an opinion piece in the Armed Forces Journal. Military bases could use outdated PCs as nodes on its "botnet," replacing their hard drives with a simple flash drives. "America needs the ability to carpet bomb in cyberspace to create the deterrent we lack,"….(Security Focus, 12 May 08)

 

Server discovered with 1.4 GB worth of data harvested by criminals

…The data that was located came from all around the world and contained information from individuals and businesses, as well as renowned organizations, including healthcare providers. The server contained among others, 571 log files from the US, 621 from Germany, 322 from France, 308 from India, 232 from Great Britain, 150 from Spain , 86 from Canada, 58 from Italy, 46 from the Netherlands, and 1,037 from Turkey. The data in the files varies from patient data and records, to bank data on customers, business related email, and in a few cases, captured Outlook accounts with email communications.“This report provides a unique example of the type and amount of data today’s cybercriminals are collecting. [Malware] infected PCs are a serious business problem that requires proactive action since it is no longer just a technical IT problem. The existence of large amount of data on a server that hackers can easily manage and control shows the rapid evolution of cybercrime,”……(Tech Herald, 12 May 08)

 

Hacker leaks 6m Chileans' records

A computer hacker in Chile has published confidential records belonging to six million people on the internet, officials say. The information was obtained by hacking into government and military servers, and was posted on a technology blog. It included ID card numbers, addresses, telephone numbers and academic records. The hacker left a message saying the aim was to demonstrate the poor level of data protection in Chile, says the newspaper which uncovered the story…..(BBC. 12 May 08)

 

FBI probe nets counterfeit Chinese networking parts

The FBI announced Friday that an investigation into counterfeit network components made in China and sold to the U.S. government has recovered about 3,500 fake devices with a value of $3.5 million. The criminal probe, code-named Operation Cisco Raider, was prompted by concerns that counterfeit network components could give hackers access to government databases. But one U.S. official told Reuters that the components discovered by the FBI are not believed to have made government computer systems more vulnerable…..(C/Net, 10 May 08)

 

Belgium Accuses China of Cyberattacks

It's not just the U.S. and U.K. who are crying foul over China's behavior in cyberspace -- now the government of tiny Belgium has accused hackers from the country of targeting its systems. Justice minister Jo Vandeurzen is reported to have claimed that the Federal Government had been targeted by Chinese hackers, backing up a separate statement by Belgium's foreign affairs minister, Karel De Grucht that his ministry had been hit by espionage in recent weeks. In both cases, the Belgians appear certain that the culprits were Chinese….(PC World, 10 May 08)

 

India faces cyber challenge from China

It appears that in the decades-old standoff between India and China over their 2,500-mile common boundary, it is no longer enough these days for India to guard its borders and stave off the intermittent Chinese military intrusions; India has to be adept at repelling digital snooping as well. Indian government sources have accused China of waging cyber warfare by snooping into India's Web sites, both government and privately owned. Quoting unnamed government sources, a recent report by the Times of India -- the country's largest circulation daily newspaper -- said China has been mounting cyber attacks, particularly on government Web sites, for the past one year, adopting hacking and other intrusive methods. But over the last few months these attacks have become particularly fierce and almost daily…..(UPI, 9 May 08)

 

Report: US lacks plan to counter terrorist messages

The United States must develop a communications plan to counter radical Islamic messages on the Internet, according to a Congressional report released Thursday. Because the Internet's easy access makes it possible for al-Qaida and other terrorist sympathizers to spread their beliefs and recruit new followers, the government needs a coordinated and thorough response that it currently lacks…..(AP, 8 May 08)

 

India and Belgium decry Chinese cyber attacks

Belgium and India have joined the growing ranks of countries voicing concerns about cyber attacks originating from China. Earlier this week, officials from both countries said computer networks inside their borders are routinely targeted by hackers trying to ferret information that could benefit the Chinese government. Belgian Justice Minister Jo Vandeurzen said he had evidence that the Communist Party of China is behind recent espionage attacks against his country. They were carried out by sending spyware attached to emails addressed to Belgian state departments….(Register, 8 May 08)

 

Management group warns CEOs of data-breach risks

…In a report entitled Cyber Attack: A Risk Management Primer for CEOs and Directors, launched on Wednesday, the British-North American Committee (BNAC) said that chief executives underestimate the scale of data-security problems and fail to recognize the consequences of data breaches for business. BNAC is a group of business leaders and academics from the UK, US and Canada aimed at lobbying the governments of all three countries about management and business-related issues.

Paul Twomey, president and chief executive officer of the Internet Corporation for Assigned Names and Numbers (ICANN) and one of the authors of the report, said that the majority of chief executives do not recognize the risks posed by cyber-espionage to business…..(ZD Net, 8 May 08) 

 

Report: Cyber Attack - A Risk Management Primer for CEOs and Directors

 

The Coming Cyber-War

While we’re refocusing our national security apparatus around counter-insurgency and counter-terrorism, we’re falling dangerously behind the curve on cyber security. Defense Tech’s Kevin Coleman has some details:

China is well known for its global cyber espionage efforts. And while the United States has received most of the media attention given to cyber attacks, we are not the only ones dealing with this issue. India is now pointing the finger at China, claiming they have systematically launched a series of attacks on sensitive information systems and networks of Indian agencies. India rapidly responded and now has cyber-security forces down to the division-level to guard against cyber wars. But is that really enough given China’s stated ambitions?....(Outside the Beltway, 8 May 08)

 

Pentagon rushes to build cyber war arsenal

DARPA, the Pentagon’s agency that develops new technology for military use, is tasked with producing world-class cyber war capabilities. It’s America’s largest project since the agency was catching up with the Soviet space programme following the launch of sputnik in 1957. The project involves the creation of an Internet simulator. The 'virtual Internet' will use special hardware and software to help researchers evaluate vulnerabilities in the multi-million user computer network……(Russia Today, 8 May 08)

 

The Secret Internet Simulator

DARPA, the U.S. Defense Advanced Research Projects Agency, has been ordered (by the president and Congress) to develop world-class offensive and defensive Cyber War capabilities. Initial emphasis will be on defensive measures. This is a big deal. DARPA hasn't been given this large a project since Russia launched the first space satellite in 1957. This alarmed the U.S. government more than it should have, and DARPA was ordered to catch up with the Soviet Union as quickly as possible. Money was no object. Time was of the essence.

Unlike the space program boost of half a century ago, the current DARPA rush program will be highly secret. Cyber War is all about secrets…..(Strategy Page, 7 May 08)

 

Fighting the agents of organized cybercrime

…"Hacking has escalated from a destructive nature to financial gain through phishing, targeting people for bank account details, and siphoning accounts from there," says Derek Manky, chief security researcher at Fortinet.

"It's a very sophisticated ecosystem, with organizations and services for hire," he continues. "There's a lot of money floating around, a lot of people involved. Once the infrastructure and networks are in place, you start building that foundation, which can be further leveraged and taken to next level: denial of services, cyber warfare, espionage."……(CNN, 8 May 08)

 

Belgium accuses China of cyber-attacks

It’s not just the US and UK who are crying foul over China's behaviour in cyberspace - now the government of tiny Belgium has accused hackers from the country of targeting its systems.

Justice minister Jo Vandeurzen is reported to have claimed that the Federal Government had been targeted by Chinese hackers, backing up a separate statement by Belgium's foreign affairs minister, Karel De Grucht that his ministry had been hit by espionage in recent weeks……(TechWorld, 8 May 08)

 

Is China to Blame for India's Cyber Problems?

The U.S. isn’t the only country victimized by cyber espionage that is blaming China. Something similar seems to be happening in India, too. American military and intelligence officials, as several of my BusinessWeek colleagues published in a cover story last month, argue that China “is the U.S.’s biggest cyber menace,” a charge that the Chinese government denies. (For the full text of the Chinese response to BusinessWeek, see here.) The Chinese argue that in many cases they are victims of hackers, fraudsters and others cyber criminals based in other countries who take advantage of gaps in the Chinese security network to hijack computers in the PRC.  Now people in India are pointing the finger at China. The Times of India yesterday reported unnamed Indian government officials alleging China has orchestrated a series of attacks on sensitive networks of Indian agencies…..(Business Week, 6 May 08)

 

Crimeware server exposes breadth of data theft

Last month Researchers at online security company Finjan uncovered a 1.4 gigabyte cache of stolen data from North America, Europe, the Middle East and India on a Malaysian server that provided command and control functions for malware attacks in addition to being a drop site for data harvested from compromised computers.

“This is a unique example of what we have been talking about for the last year,” said Yuval Ben-Itzhak, chief technical officer at Finjan. Online thieves are using sophisticated tools to plant malicious code on legitimate Web pages, compromising visiting PCs and stealing data. The data included 5,388 unique log files collected in just a three-week period. The files included personal and business e-mails, medical records, and financial log-in and transaction information with not only credit card and account numbers but also passwords and security codes. Although the trend of using Web exploits to steal and market personal data has been identified for some time, the discovery of the cache still was an eye-opener…The log files were traced to 5,878 distinct IP addresses. The number of compromised PCs the data was lifted from has not been determined, but Ben-Itzhak said it could be as high as double the number of IP addresses. Files on the server included 571 log files from the United States, 621 from Germany, 322 from France, 308 from India, 232 from Great Britain, 150 from Spain, 86 from Canada, 58 from Italy, 46 from the Netherlands and 1,037 from Turkey. The server was registered to a man from Moscow and was hosted in Singapore at the time it was discovered. It has since been shut down….(GCN, 6 May 08)

 

Belgium Names China in Hacking Incidents

One good spy is worth 10,000 men. --Chinese Proverb

Over the last few weeks, hackers have repeatedly attempted to break inside the computer network of the Belgium Federal Government as well as other organizations located in Belgium. On Friday, May 2, Jo Vandeurzen, the Belgian minister of justice, announced that his government believes the attacks were conducted from China, most likely at the request of Beijing. He admitted that he could not provide irrefutable evidence…..(Oh My News, 4 Apr 08)

 

Hundreds of Laptops Missing at State Department, Audit Finds

Hundreds of employee laptops are unaccounted for at the U.S. Department of State, which conducts delicate, often secret, diplomatic relations with foreign countries, an internal audit has found. As many as 400 of the unaccounted for laptops belong to the department’s Anti-Terrorism Assistance Program… The program provides counterterrorism training and equipment, including laptops, to foreign police, intelligence and security forces. Ironically, the Anti-Terrorism Assistance Program is administered by the State Department’s Bureau of Diplomatic Security (DS), which is responsible for the security of the department’s computer networks and sensitive equipment, including laptops, among other duties. It also protects foreign diplomats during visits here…..(CQ, 2 May 08)

 

White House Plans Proactive Cyber-Security Role for Spy Agencies

…In January, President Bush signed a directive authorizing the intelligence agencies, including the National Security Agency, to monitor all federal network traffic to prevent attackers from breaking in and from stealing sensitive data or disrupting critical systems. The administration official said the intelligence community is uniquely suited to counteract today's malicious actors -- ranging from lone hackers to organized cyber criminal groups and nation states -- who the official said are constantly developing new attacks and exploiting unknown security holes in software and hardware to compromise government networks. The official said the president's new cyber-security directive will share the intelligence gleaned through monitoring threats across the government space with the private sector, which experts say is being hit with the same types of attacks that the federal dot-gov space is battling…Most of the 18 strategic goals laid out in the cyber initiative are currently classified, and few within the government have been fully briefed on the the plan. But the official said the administration plans to release additional details on at least 12 of those goals next week, after the White House Office of Management and Budget issues rules for assigning classification levels for data collected and shared under the new program….(Washington Post, 2 May 08)

 

Senators question DHS cybersecurity strategy

…The department is requesting $294 million for the National Cyber Security Division in fiscal 2009, an increase of $83 million. In January, DHS issued a request for proposals for contractor mission support for the division for 10 months. However, the solicitation did not clearly set out the roles, responsibilities and limitations of the contractor services, nor did it specify how contractor performance would be monitored…The senators also expressed concern about how little information has been available about the cyber initiative to Congress, private entities and the public in addition to difficulties tracking which parts of the initiative are classified and which are not……(Washington Technologt, 5 May 08)

 

NATO creates cyberdefense team

NATO has set up a new Cyber Defense Management Authority that will coordinate the safeguarding of its own and member states’ computer infrastructures against cyberattack. The new organization will coordinate all NATO cybersecurity activities to protect its information and communication systems and offer assistance to NATO’s 26 member states in North America and Europe, NATO said in a news release. NATO has maintained an internal cyber response capability since 2002. The authority is expected to create a NATO cybercommand center to help member states during cyberattacks. The chief of the new authority is expected to be Maj. Gen. Georges D'Hollander, who runs NATO’s internal cyberdefenses……(Washington Technology, 2 May 08)

 

OU tackles computer forensics

Fears of corporate espionage, malicious staff and disputed trade deals has led to the Open University's first course on computer forensics to be heavily oversubscribed. The post-graduate Computer Forensics and Investigations course starts today, and prospective students have been bumped to the November 2008 course since March…..(VNUnet 1 May 08)

 

 

April 2008

 

 

Travel group warns: Corporate data at risk from laptop searches at border

The Association of Corporate Travel Executives (ACTE) is warning its members to limit the amount of proprietary business information they carry on laptops and other electronic devices because of fears that government agents can seize that data at U.S. border crossings. The group is worried that corporate data could be downloaded by agents, leading to potential security breaches and the exposure of information that is supposed to be private. Among the devices that could be searched by border agents are cell phones, handhelds, digital cameras and USB storage devices…..(Computerworld, 30 Apr 08)

 

The Art of Cyber Warfare, Part 2: Digital Defense

In Late April last year, about 1 million computers under botnet control started attacking the Estonian government's computers in a denial of service (DoS) assault. The onslaught continued for three weeks. In the aftermath of this cyber warfare incident, NATO provided the Estonian government with some help in restoring the computer systems and investigating the attacks. Considerable evidence reportedly pointed to computers in Russia as the source of the commands, but Russia has denied any involvement…..(Tech News World, 30 Apr 08)

 

One Breach is One Too Many in Cyber Warfare

Cyberspace is a battleground that the U.S. military should learn to dominate, just as it has land, sea and air, says an expert with the Naval Postgraduate School's computer science department. "Destroying a computer infrastructure is like denying somebody air," said Scott Cote, senior lecturer in the school's Center for Information Security Studies and Research. Students at NPS waged a four-day battle in cyberspace that pitted them and each of the service academies — Army, Navy, Air Force, Coast Guard, Merchant Marine, and the Air Force Institute of Technology — against a team of computer hackers fielded by the National Security Agency last week……(Monterey Herald, 29 Apr 08)

 

Are we losing the security war?

Five years ago, hopes were high that cyber crime could be cracked. Now security experts admit traditional approaches can't keep pace with the growth in malware. What can be done to turn the tide, asks Simon Moores. A short cyber crime story on Al Jazeera TV on Sunday made me realise that this year's Infosec show in London had passed me by, almost unnoticed. I had missed my annual pilgrimage to the great security bazaar at London's Olympia because I had been speaking at the IDC conference in Milan…..(Silicon, 29 Apr 08)

 

The Art of Cyber Warfare, Part 1: The Digital Battlefield

Computer network attacks are often perpetrated by gangs of criminal hackers attempting to break into a system for financial gain. However, cyber attacks for political purposes could just as easily be -- and sometimes are -- perpetrated. A country's national security could be severely threatened should a team of hackers successfully crack certain computer systems.  New-age warfare is here. Governments and Internet security firms are quietly gearing up for the potential onslaught. Don't think that cyber warfare is merely fuel for novel writers. Cyber attacks are being waged in increasing numbers……(Tech News World, 29 Apr 08)

 

Kenya works on training information security managers

A lack of training institutions for information security management has made IT investment expensive for many organizations in Kenya. Companies have invested in training IT managers abroad, which is expensive for small and medium-size businesses in Africa, said James Gathage, a consultant at QualityPlus, a Kenyan training company for information security management professionals.This has led some companies to neglect information security and management as integral parts of business and organizational growth, he said. So, to reduce costs and make courses affordable, training companies are bringing experts in to train local IT managers……(Computer World, 28 Apr 08)

 

Opinion: Knock, knock, it's the FBI

Just imagine if one day in the near future the FBI comes to your enterprise with warrants that allow them to seize and remove any computer-related equipment, utility bills, telephone bills, any addressed correspondence sent through the U.S. mail, video gear, camera equipment, checkbooks, bank statements and credit card statements. The first question you'd ask is, "Who has done what?"… A link?! Clicking on a link can now be a federal offense?... As is often said at moments like these, I am not making this up; this is exactly what happened to a doctoral student at Temple University who was also a history professor at La Salle University named Roderick Vosburgh….(Network World, 25 Apr 08)

 

FBI wants widespread monitoring of 'illegal' Internet activity

The FBI on Wednesday called for new legislation that would allow federal police to monitor the Internet for "illegal activity." The suggestion from FBI Director Robert Mueller, which came during a House of Representatives Judiciary Committee hearing, appears to go beyond a current plan to monitor traffic on federal-government networks. Mueller seemed to suggest that the bureau should have a broad "omnibus" authority to conduct monitoring and surveillance of private-sector networks as well. The surveillance should include all Internet traffic, Mueller said, "whether it be .mil, .gov, .com--whichever network you're talking about."….(CNet, 23 Apr 08)

 

Growing alarm over cyber espionage threats

Rapidly evolving cyber espionage threats, state-sponsored hackers, and other Internet miscreants are bounding over the best modern protections consumers, corporations, and governments can set up. The situation is providing a steady source of revenue for the essential products and services of computer and network security firms. In a series of reports on cyber espionage, Business Week says that all these defenses - firewalls and antivirus updates - devouring an organization's time, servers, and technology budget can be useless against even one moderately adept hacker engaging in open-source 'net reconnaissance' such as simple Googling; crafty 'social engineering' of fake e-mail attachments that trick recipients because they mimic messages from the boss or a client; and leveraging of cyber-break-in 'toolkits' readily available online…..(Legal-Brief, 23 Apr 08)

 

Executives harpooned by online 'whalers'

Corporate bosses have become the latest target of cyber-criminals, after a string of attacks in which senior management have been singled out to receive fraudulent e-mails… In the latest e-mail scam, known as "whaling" because it targets "the big fish", executives are sent official documents — for instance, court subpoenas — that apparently relate to the business of senior management. The employees singled out are typically "C-level", meaning chief financial officers, chief technology and information officers, as well as those in other sensitive parts of the company, such as accounts. The hope is that recipients will click on a link in the e-mail which directs them to a website that installs a malicious program on their machine……(Times Online, 23 Apr 08)

 

Overestimating Storm

Computer security researchers had an "oops!" moment recently when they realized that their monitoring and investigative tools had led to overestimating the size of the Storm botnet. Last year, it was believed that the Storm botnet was the largest botnet ever seen. Because of that, it was believed that the Storm network was capable of shutting down any military or commercial site on the planet, or do some major damage in ways that had not yet been experienced. There was the impression that there had never been anything quite like Storm. But it turned out that Storm was only about a tenth of its estimated size.....(Strategy Page, 23 Apr 08)

 

The CIA Hack...still working.

Once this vulnerability was submitted by Harry Sintonen to Wired's Threat Level last week, it's been spreading like wildfire throughout the web.  Discovery of a new XSS is nothing new, but does become noteworthy when it involves a domain like CIA.gov…..(Network World, 23 Apr 08)

 

Report: China's botnet problems grows

Computers infected by Trojan horse programs and bot software are the greatest threat to China's portion of the Internet, with compromises growing more than 20-fold in the past year, the nation's Computer Emergency Response Team (CN-CERT) stated in its 2007 annual report released last week. The response organization found that the number of Chinese Internet addresses with one or more infected systems increased by a factor of 22 in 2007. The report, currently only published in Chinese, estimates that, of 6.23 million bot-infected computers on the Internet, about 3.62 million are in China's address space…..(Security Focus, 21 Apr 08)

 

FBI organizes defense against cyber-attacks

The FBI quietly established last summer a task force involving U.S. intelligence and other agencies to identify and respond to cyberthreats against the United States. Called the National Cyber Investigative Joint Task Force, the group has "several dozen" personnel working together at an undisclosed location in the Washington area, said Shawn Henry, the FBI's deputy assistant director of its cyberdivision. In an interview with United Press International, Mr. Henry was tight-lipped about the task force's composition, saying only that it involved "several intelligence, law-enforcement and other agencies from across the U.S. government….(Washington Times, 21 Apr 08)

 

FBI program warns of inside threats, too

…The counterintelligence mission of the FBI ranks second in the agency's list of national priorities, just beneath anti-terrorism.  But in Huntsville, agents spend a good deal of time teaching businesses, academic institutions and government agencies how to protect themselves from the insider threat, said Jeff Hawkins, Huntsville coordinator of the FBI's Counterintelligence Domain Program. "This rivals almost any other place in the country in terms of research and development," Hawkins said. "What it boils down to is those critical systems and programs that provide the country its military edge are the things we must keep secure." The Domain Program is a joint effort with the FBI, academia, businesses and government entities to identify and protect important projects, whether they pertain to national security or trade secrets…..(Huntsville Times, 20 Apr 08)

 

Don’t Let Company Data Escape Through Employees

…Today’s cyber thieves are more sophisticated than ever, but many mobile thefts rely on the laughably unsophisticated method of eavesdropping or peering over a worker’s shoulder. At any given airport or café, dozens of laptop screens and telephone conversations are just begging to be infiltrated by a nearby thief.  When employees need to make telephone calls in public locations, Shepard recommends instructing them to walk away from crowds and cover their mouths with their hands to prevent lip readers from “listening in.” …..(Processor, 18 Apr 08)

 

Infosecurity 2008 - New defence strategy in battle against e-crime

…In 2008, we have seen the continued development of sophisticated criminal-to-criminal (C2C) business models. These mature business models operate on two levels. Crimeware developers are supplying "crimeware toolkits" to other criminal elements to be used for attacks. These "how to" packages instruct users step-by-step in how to infect a system and then retrieve data for financial gain. But criminals can also go the old-fashioned way: purchasing data collected by Trojans, keyloggers and other types of crimeware. These crime pros use robust and scalable crimeware that gives them maximum flexibility in terms of command and control… A striking example is the wave of attacks that came from China in late 2007 and have continued into 2008. Malicious content was distributed using obfuscated code and a network of websites to bypass traditional information security technologies. One of the websites used to distribute the crimeware belonged to a Chinese government office. It illustrates that cybercriminals not only successfully attack government websites, but also turn them into "cyber crime tools". Due to its high success rate, we see more of these kinds of attacks using infected legitimate websites. A recent example is the Forth Road Bridge's website, where cybercriminals deployed the Neosploit crimeware toolkit, using obfuscated JavaScript, for their attack……(Computer Weekly, 18 Apr 08)

 

E-Mailed Grand Jury Summons May Harm Computers

The FBI’s Internet Crime Complaint Center (IC3) is alerting computer users about a spam e-mail that contains a fraudulent court subpoena. The bogus e-mail