This section is devoted to featuring late-breaking cyber security news stories.
C Y B E R I S E C U R I T Y I N E W S
All text displayed in connection with these stories is quoted directly from the source.
Jan. 25, 2012 - Noah Shachtman
Newt Gingrich isn’t the only politician who’s freaked out by China and Russia’s online spying. But the new Republican presidential frontrunner may be the highest-profile political figure all but openly calling for cyberwar with Moscow and Beijing.
“I think that we have to treat state-based covert activities as the equivalent of acts of war,” Gingrich said in response to a question about countries that target U.S. corporate and government information systems. “And I think that we have to respond to that and create a level of pain which teaches people not to do it.”
(Click here to read news)
Jan. 31, 2012 - Kelly Jackson Higgins
Smart grid researchers pulled their talk and planned release of a new security assessment tool for smart grid meters during the ShmooCon conference after a vendor voiced concerns about the research.
Don Weber, a senior security analyst with InGuardians, had planned to introduce on Saturday evening a new homegrown tool that tests for both vulnerabilities and functionality in smart grid meters -- via the devices' infrared ports.
(Click here to read news)
Jan. 31, 2012 - Kim Zetter
The mastermind of a carding gang in Georgia devised a novel way for weeding out undercover Feds from his operation — he forced members to have group sex, according to a local police detective who helped bust the ring.
Vikas Yadav, an Indian national who was deported in 2010, recruited other carders and mules through sadomasochism web sites, forcing would-be accomplices to have group sex with other men and women while Yadav videotaped them, according to the Athens Banner-Herald.
(Click here to read news)
Jan. 31, 2012 - Michael A. Riley and Sophia Pearson
China-based hackers looking to derail the $40 billion acquisition of the world’s largest potash producer by an Australian mining giant zeroed in on offices on Toronto’s Bay Street, home of the Canadian law firms handling the deal.
Over a few months beginning in September 2010, the hackers rifled one secure computer network after the next, eventually hitting seven different law firms as well as Canada’s Finance Ministry and the Treasury Board, according to Daniel Tobok, president of Toronto-based Digital Wyzdom. His cyber security company was hired by the law firms to assist in the probe.
(Click here to read news)
Jan. 30, 2012 - Grant Gross, IDG News Service
The U.S. and U.K. are relatively well prepared for cyberattacks, compared to many other developed nations, but everyone has more work to do, according to a new cybersecurity study from McAfee and Security & Defence Agenda (SDA).
The report, which ranks 23 countries on cybersecurity readiness, gives no countries the highest mark, five stars. Israel, Sweden and Finland each get four and a half stars, while eight countries, including the U.S., U.K., France and Germany, receive four stars. India, Brazil and Mexico ranked near the bottom.
(Click here to read news)
Jan. 29, 2012 - Sen. Kay Bailey Hitchison, Sen. Chuck Grassley, Sen. Saxby Chambliss and Sen. Liso Murkowski
The Senate is about to consider cybersecurity legislation. Ensuring the integrity and safety of our nation’s critical infrastructure is a bipartisan issue that Congress and President Barack Obama must work together to tackle.
There is a right way and a wrong way to address cybersecurity. The right way is for the government and private sector to work together to solve problems, help the free flow of information between network managers and encourage investment and innovation in cybersecurity. The wrong way is new, heavy-handed, costly regulation and further expansion of government bureaucracy that will slow our nation’s response to cyberthreats and increase vulnerabilities.
(Click here to read commentary)
Jan. 27, 2012 - Aliya Sternstein
Internet privacy protections that the European Commission introduced this week could undermine American investigations into stateside data breaches, some security and legal experts say.
Several of the reforms focus on safeguarding data in the cloud, where online applications are managed by an offsite company's computer centers. Europe's proposed rules would require U.S.-based cloud computing providers with European Union customers to notify EU authorities of a data breach within 24 hours of detection.
(Click here to read news)
Jan. 27, 2012 - J. Nicholas Hoover
Building the architecture necessary to prevent another Wikileaks might take several years, director of national intelligence James Clapper said at an event Thursday in Washington, D.C.
The Wikileaks scandal, in which 260,000 diplomatic cables, many of them sensitive, were burned onto CD-RWs and later published online, has accelerated work toward ensuring that information sharing is secure, Clapper said in a speech on information sharing at the Center for Strategic and International Studies. However, there is no silver bullet to preventing insider threats.
(Click here to read news)
Jan. 24, 2012 - Bob Brewin
The Navy has a compelling need for shipboard assurance systems to maintain a secure environment, the service's top command-and-control acquisition official told an overflow audience here at the annual Armed Forces Communications and Electronics Association-West conference. AFCEA is an industry group.
Last year, the Navy installed host-based security systems on 348 ships to monitor, detect and deter network cyberattacks. Rear Adm. Jerry Burroughs, program executive officer for command, control, computers, communications and intelligence at the Space and Naval Warfare Systems Command headquartered here, said SPAWAR remains "crushed" by demands from the fleet to maintain a secure environment for Navy computers, which he considers his top priority.
(Click here to read news)
Jan. 24, 2012 - Ericka Chicowski
With the release of the BEAST exploit and subsequent scrambling by browser vendors to close up vulnerabilities against SSL authentication, many Web authentication discussions have been focused on the SSL/TLS protocol’s weaknesses in recent months. As some IT professionals explain, though, some of the biggest problems with SSL have nothing to do with the technology. Instead, the woes are attributed to poor practices.
According to some, one finger should be pointed at certificate authorities (CAs), which they say need to do a better job confirming the identity of certificate holders in order to bolster the trust placed in SSL certificates.
(Click here to read news)
Jan. 24, 2012 - Kim Zetter
A security researcher was able to locate and map more than 10,000 industrial control systems hooked up to the public internet, including water and sewage plants, and found that many could be open to easy hack attacks, due to lax security practices.
Infrastructure software vendors and critical infrastructure owners have long maintained that industrial control systems (ICSes) — even if rife with security vulnerabilities — are not at risk of penetration by outsiders because they’re “air-gapped” from the internet — that is, they’re not online.
(Click here to read news)
Jan. 24, 2012 - Gopal Sathe
In an age where the government threatens to restrict access to the Internet, people need to arm themselves with the knowledge to work around any attempts at censorship, says author and “ethical hacker” Ankit Fadia. His new book, How to Unblock Everything on the Internet, offers 50 workarounds for most common blocks. Fadia says the book is for “non-technical users”, and many of the tips are indeed extremely simplistic - from suggestions such as using Google Translate and viewing Web pages as emails, to more complex systems such as setting up VPNs (virtual private networks) and information about proxies. The book offers little that is new or unique, but people who aren’t familiar or comfortable with technology will find it helpful.
(Click here to read interview)
Jan. 23, 2012 - Aliya Sternstein
Hackers, possibly from abroad, executed an attack on a Northwest rail company's computers that disrupted railway signals for two days in December, according to a government memo recapping outreach with the transportation sector during the emergency.
On Dec. 1, train service on the unnamed railroad "was slowed for a short while" and rail schedules were delayed about 15 minutes after the interference, stated a Transportation Security Administration summary of a Dec. 20 meeting about the episode obtained by Nextgov. The following day, shortly before rush hour, a "second event occurred" that did not affect schedules, TSA officials added. The agency is responsible for protecting all U.S. transportation systems, not just airports.
(Click here to read news)
Jan. 22, 2012 - Nicole Perlroth
One afternoon this month, a hacker took a tour of a dozen conference rooms around the globe via equipment that most every company has in those rooms; videoconferencing equipment.
With the move of a mouse, he steered a camera around each room, occasionally zooming in with such precision that he could discern grooves in the wood and paint flecks on the wall. In one room, he zoomed out through a window, across a parking lot and into shrubbery some 50 yards away where a small animal could be seen burrowing underneath a bush. With such equipment, the hacker could have easily eavesdropped on privileged attorney-client conversations or read trade secrets on a report lying on the conference room table.
(Click here to read news)
Jan. 20, 2012 - AFP
New Zealand police seized a treasure trove of luxury goods from the founder of file-sharing site Megaupload.com Friday as four suspected Internet pirates wanted in the United States appeared in court.
Armed officers swooped on an Auckland mansion occupied by "Kim Dotcom", whose website was shut down by US authorities on Thursday accusing it of one of the largest cases of copyright theft ever.
(Click here to read news)
Jan. 19, 2012 - Sophie Curtis
SQL injection attacks have been around for more than ten years, and security professionals are more than capable of protecting against them; yet 97 percent of data breaches worldwide are still due to an SQL injection somewhere along the line, according to Neira Jones, head of payment security for Barclaycard.
(Click here to read news)
Jan. 19, 2012 - Fahmida Y. Rashid
The National Security Agency has publicly released SE Android, a secure version of Google's mobile operating system.
A security-enhanced version of Android, SE Android would enforce stricter access-control policies and better sandboxing than what is currently available in the most up-to-date version of Google Android. The NSA announced the project at the Linux Security Summit in September and released the first version Jan. 6.
(Click here to read news)
Jan. 19, 2012 - Brid-Aine Parnell
A computer programmer has been charged with stealing source code worth $9.5m from the Federal Reserve Bank of New York, according to the FBI and prosecutors.
Bo Zhang, a 32-year-old from Queens in New York, was cuffed on suspicion of swiping the Government-wide Accounting and Reporting (GWA) software, used to help keep track of the US government's finances.
(Click here to read news)
Jan. 19, 2012 - Kim Zetter
A group of researchers has discovered serious security holes in six top industrial control systems used in critical infrastructure and manufacturing facilities and, thanks to exploit modules they released on Thursday, have also made it easy for hackers to attack the systems before they’re patched or taken offline.
The vulnerabilities were found in widely used programmable logic controllers (PLCs) made by General Electric, Rockwell Automation, Schneider Modicon, Koyo Electronics and Schweitzer Engineering Laboratories.
(Click here to read news)
Jan. 18, 2012 - Ericka Chickowski
Oracle's Tuesday release of its Critical Patch Update (CPU) garnered a continuation of criticism from the database security community, with researchers pointing to a mounting list of unfixed vulnerabilities that date back to 2009, even as Oracle's rate of releasing database patches continues to plummet. Not counting MySQL updates, which are primarily handled by the open-source community, only two out of the 78 fixes in yesterday's CPU were database-related, the lowest number released by Oracle since it started quarterly CPU releases.
(Click here to read news)
Jan. 18, 2012 - Adrian Blomfield
Pro-Palestinian computer hackers disrupted the websites of the Tel Aviv Stock Exchange and El Al, Israel's national carrier, on Monday, escalating a Middle East cyber war.
The distributed denial-of-service attacks, which also targeted three Israeli banks, were the latest salvo in a month-long offensive between Arab and Jewish hackers determined to give the Middle East conflict an online dimension.
(Click here to read news)
Jan. 16, 2012 - Darren Pauli
The war between anti-whaling outfit Sea Shepherd and Japanese whalers isn’t just occuring on the high seas, it’s also in cyberspace, with hackers believed to have attacked the environmental vigilante's websites as whalers try to block radio communications between its ships.
The organisation has fought a protracted and public battle with whaling vessels in the Artic and Antarctic for 20 years. It refutes Japan’s claim that the slaughter of whales was for scientific research, and accuses the nation of breaking an international moratorium on whaling.
(Click here to read news)
Jan. 16, 2012 - John Leyden
Online shoe and apparel outlet Zappos.com has apologised over a massive data breach that exposed the personal details of millions.
Up to 24 million customers of the Amazon subsidiary may have been affected by the breach, which exposed names, email addresses, addresses, phone numbers, and password hashes. Zappos stressed that credit card data was not exposed. Hackers may have been able to lift the last four digits of credit card numbers but nothing beyond this, according to the e-tailer.
(Click here to read news)
Jan. 13, 2012 - Meghan Kelly
A new strain of malware called Sykipot is infecting US government access cards, and AlienVault has traced the virus back to China.
Access cards are often used in governmental departments for both physical access as well as access to protected information. As AlienVault explains in a blog post, cyber criminals will always try to be in step with our security measures, even if they are physical ones like a card. Kind of like, if we built it, they will hack. In this case, the Chinese cyber criminals have found a way to bypass a physical card, by attacking the Windows operating system in the card reader.
(Click here to read news)
Jan. 12, 2012 - Noah Shachtman
The Defense Department’s networks, as currently configured, are “not defensible,” according to the general in charge of protecting those networks. And if there’s a major electronic attack on this country, there may not be much he and his men can legally do to stop it in advance.
Gen. Keith Alexander, head of both the secretive National Security Agency and the military’s new U.S. Cyber Command, has tens of thousands of hackers, cryptologists, and system administrators serving under him. But at the moment, their ability to protect the Defense Department’s information infrastructure — let alone the broader civilian internet — is limited. The Pentagon’s patchwork quilt of 15,000 different networks is too haphazard to safeguard.
(Click here to read news)
Jan. 12, 2012 - Nicole Perlroth
Chinese hackers have deployed a new cyber weapon that is aimed at the Defense Department, the Department of Homeland Security, the State Department and potentially a number of other United States government agencies and businesses, security researchers say.
Researchers at AlienVault, a Campbell, Calif., security company, said on Thursday that they had uncovered a new variant of some malicious software called Sykipot that targets smart cards used by government employees to access restricted servers and networks.
(Click here to read news)
Jan. 12, 2012 - Aliya Sternstein
A critical part of a fast-track strategy that allows agencies to digitally borrow each other's cloud security guarantees will not be available when the operation gets under way this summer, federal officials told Nextgov.
The mantra of the new effort, called the Federal Risk and Authorization Management Program, or FedRAMP, is "Do once; use many times," meaning a department can go through the arguably arduous process of authorizing a Web-based service and then many other departments can sponge off that work to deploy the tool more quickly. The General Services Administration, which manages the program, plans for the certifications to be accessible through a central online clearinghouse.
(Click here to read news)
Jan. 12, 2012 - Peter Kuper
Although predictions for the coming year are a staple of the season, I will do more than offer an educated guess. I am going on the record with a guarantee: In 2012 we will see an increase in network intrusions from disparate parties trying to create IT infrastructure chaos for a variety of reasons primarily political, financial and economic. An easy prediction perhaps given the trend and yet while I fully trust CSOs and CISOs and security teams are doing all they can to prevent breaches; I am deeply concerned that they still lack the technology to adequately protect IT infrastructure from malicious attacks.
(Click here to read news)
Jan. 12, 2012 - Stuart Fox
It must have been a merry Christmas and a happy New Year for professional cyberwarriors, as extensive new Pentagon plans focusing on Internet security were revealed in mid-December, just after a week's worth of stories appeared in the business press about massive information theft by Chinese hackers.
On the surface, the combination of media reports and defense posturing seem to indicate a new Chinese digital offensive against American interests. Dramatic as that may sound, these events are merely part of the status quo in the brittle relationship between the Chinese economy and innovative American companies, and not the first shots of a digital Pearl Harbor.
(Click here to read news)
Jan. 11, 2012 - Dave Neal
Hackers have posted logins for Israeli government web sites and industrial system control and data acquisition (SCADA) systems in retaliation for a threat of violence.
On Monday after thousands of its citizens' credit card details were posted online by a hacker, an Israeli government official warned that it would hit back at the hackers with force.
(Click here to read news)
Jan. 11, 2012 - Xinhua
Four people have been detained by police and eight others punished after they were found guilty of fabricating a massive leak of online personal data by hackers over the past month in China, the country's Internet watchdog announced Tuesday.
China's leading anti-virus software provider, Beijing-based Qihoo 360, claimed in late December that the personal information of more than 6 million users of the China Software Developer Network (CSDN), the country's largest programmers' website, had been leaked by hackers. That raised concerns about web security and triggered widespread panic.
(Click here to read news)
Jan. 11, 2012 - Michael Cobb
The headline occurs almost every day lately -- a large enterprise or government agency loses a huge cache of data through the actions of an employee. Whether it's a malicious theft and posting, a la WikiLeaks, or an unintentional compromise of sensitive business information, the affected organization is put in a position of serious risk.
Developing and enforcing rules around how data is handled within your company is the most effective way to reduce the likelihood of a major data loss.
(Click here to read news)
Jan. 10, 2012 - Eduard Kovacs
Members of Teamgreyhat (TGH) managed to breach the website of India’s most famous self-proclaimed ethical hacker, Ankit Fadia.
Ankit Fadia offers Ankit Fadia Certified Ethical Hacker (AFCEH) certificates to those who take his courses on ethical hacking, where he gives lectures on security tools, techniques and methods. The hackers that allegedly breached his website claim that the “world-renowned Computer Security Guru” doesn’t secure his website, allowing them to obtain sensitive database data, including passwords and student details.
(Click here to read news)
Jan. 10, 2012 - Lucien Constantin, IDG News Service
The course of events that led to the July 2011 compromise of a computer server used by German authorities for GPS surveillance might have started with a police official monitoring his daughter's online activities, according to reports in German media.
The man, who is a senior official within the German Federal Police in Frankfurt, installed some type of spyware on his daughter's computer in order to see what she does online, German weekly magazine Der Spiegel reported on Sunday.
(Click here to read news)
Jan. 10, 2012 - Michael Riley
China-based hackers rifled the computers of DuPont Co. (DD) at least twice in 2009 and 2010, hunting the technological secrets that made the company one of the world’s most successful chemical makers.
It’s not something investors would have learned from DuPont’s regulatory filings, or from those of other companies victimized by hackers. The 10-K’s DuPont submitted to the U.S. Securities and Exchange Commission over the period don’t identify hacking as even a significant risk, much less reveal what two U.S. intelligence officials later said was a successful case of industrial espionage.
(Click here to read news)
Jan. 9, 2012 - Nicole Lewis
According to experts in healthcare law and information privacy and security, healthcare IT managers can expect to see more patient data breaches in 2012, along with more lawsuits filed by patients as the availability of patient information exchanged over social media sites and mobile devices grows.
These conclusions, published by ID Experts, offer a glimpse into what health CIOs can expect as they seek to protect patient data during a year that promises more of the same challenges they faced last year.
(Click here to read news)
Jan. 9, 2012 - Fahmida Y. Rashid
Israeli officials are investigating a recent cyber-attack that resulted in the theft and exposure of thousands of credit card numbers belonging to Israeli citizens.
The attack was a "breach of sovereignty comparable to a terrorist operation, and must be treated as such," deputy foreign minister Danny Ayalon told BBC.
(Click here to read news)
Jan. 9, 2012 - John Leyden
White-hat hackers have exposed the privacy shortcomings of smart meter technology.
The researchers said German firm Discovergy apparently allowed information gathered by its smart meters to travel over an insecure link to its servers. The information – which could be intercepted – apparently could be interpreted to reveal not only whether or not users happened to be at home and consuming electricity at the time but even what film they were watching, based on the fingerprint of power usage. The many surprising secrets revealed by some smart meter set-ups were revealed during a presentation by researchers Dario Carluccio and Stephan Brinkhaus at the 28th Chaos Computing Congress (28c3) hacker conference in Berlin late last month.
(Click here to read news)
Jan. 6, 2012 - Zack Whittaker
Symantec has confirmed that a “segment” of its flagship Norton anti-virus product’s source code was leaked onto the web this week.
The firm said that the code relates to two older enterprise products, one of which is no longer in production. But it said the breach was on a third-party network rather than its own, and will “not affect any current Norton product”.
(Click here to read news)
Jan. 5, 2012 - Kelly Jackson Higgins
A researcher today published proof-of-concept code that takes a different spin on the slow HTTP denial-of-service (DoS) attack simply by dragging out the process of reading the server's response -- and ultimately overwhelming it.
Sergey Shekyan, senior software engineer with Qualys, also has added this new so-called Slow Read attack to his open-source slowhttptest tool.
(Click here to read news)
Jan. 5, 2012 - Spencer Ackerman
The President announced his vision for the future of the U.S. military today. Kiss big counterinsurgencies goodbye. Get ready for more shadow wars, drone attacks and online combat, with the military’s eyes on the Pacific, rather than Afghanistan.
In a rare visit to the Pentagon, President Obama declared that the U.S. will be “strengthening our presence in the Asia-Pacific,” while “turning the page on a decade of war.” In practice, that means cutting the Army and Marine Corps and unspecified “outdated Cold War systems,” part of a broad effort to cut what the Pentagon now calculates as $487 billion over 10 years from its budget.
(Click here to read news)
Jan. 4, 2012 - John Foley
An FBI project to develop a digital case-management system to replace outdated, paper-based processes has been delayed again, despite the agency's decision to use agile development to hasten its completion. The system, called Sentinel, is now due to be deployed in May, eight months later than the FBI planned when it embarked on the agile development strategy.
(Click here to read news)
Jan. 3, 2012 - The Yomiuri Shimbun
The Defense Ministry is in the process of developing a computer virus capable of tracking, identifying and disabling sources of cyber-attacks, The Yomiuri Shimbun has learned. The development of the virtual cyberweapon was launched in 2008. Since then, the weapon has been tested in a closed network environment.
Cyberweapons are said to already be in use in countries such as the United States and China. However, in Japan there is no provision on the use of cyberweapons against external parties in existing legislation on foreign attacks. With this in mind, the Defense Ministry and Foreign Ministry have begun legislative consideration regarding the matter, according to sources.
(Click here to read news)
Jan. 3, 2012 - Aliya Sternstein
China-based hackers for months have been targeting federal agencies and contractors through infected emails apparently to spy on the Pentagon's drone strategy and other intelligence matters, according to Internet security researchers.
The reported espionage employed a tactic known as spear-phishing where infiltrators, operating under the guise of a legitimate sender, email specific victims a virus-laden file or link. In this case, the hackers used email addresses from military and other government organizations, Jaime Blasco, manager of AlienVault Labs, said Tuesday.
(Click here to read news)
