This section is devoted to featuring late-breaking cyber security news stories.
C Y B E R I S E C U R I T Y I N E W S
All text displayed in connection with these stories is quoted directly from the source.
Dec. 14, 2010 - Verne G. Kopytoff
A hacker attack on a company’s Web site can be costly, but exactly how much money it takes to repel and recover from a malicious strike is rarely disclosed by besieged companies.
But an attack several years ago on Google cost it $500,000, according to internal F.B.I. memos obtained by The New York Times through a Freedom of Information Act request. The documents also reveal some information about the attacker.
Dec. 30, 2010 - Linda McGlasson
There have been 58 reported banking-related data breaches so far in 2010, according to the Identity Theft Resource Center -- slightly fewer than the total of 62 breaches in 2009. But it is possible that additional 2010 breaches will be reported after the new year.
Dec. 30, 2010 - Vivian Yeo, ZDNet Asia
Japanese automaker Honda has put some 2.2 million customers in the United States on a security breach alert after a database containing information on the owners and their cars was hacked, according to reports.
The compromised list contained names, login names, e-mail addresses and 17-character Vehicle Identification Number--an automotive industry standard--which was used to send welcome e-mail messages to customers that had registered for an Owner Link account.
Dec. 30, 2010 - Matthew Lasar
The Federal Bureau of Investigation is targeting a Texas-based computer network that the government thinks was hijacked for the Anonymous group's Operation: Payback DDoS attack on PayPal.
"As part of the process of identifying the computer system that I seek to search, I may be forced to check each system belonging to the target customer until I have determined that it is the computer to be searched," the author of the FBI's Affidavit in Support of a Search Warrant of the facility explains.
Dec. 29, 2010 - Jason Magder, Postmedia News
Most of the world's cellphones can be hacked and their phone calls recorded using less than $100 of equipment, a pair of researchers have found.
The pair, Sylvain Munaut and Karsten Nohl, demonstrated to the Chaos Computer Club Congress in Berlin, Germany, this week how they intercepted phone calls and SMS messages using four phones they bought for less than $15 each, and a laptop. The pair said most phone networks working on the GSM standard are vulnerable. The GSM network is used by 80 per cent of the world's phones, including Rogers Communications Inc., which has the largest market share in Canada, and Fido.
Dec. 27, 2010 - Defence iQ
This full length, exclusive interview on cyber terrorism gets inside the mind of Admiral the Lord West of Spithead, former Parliamentary Under-Secretary of State for Security and Counter-terrorism under Gordon Brown. Included are frank discussions of Al Qaeda's role in provoking cyber terrorism, the domestic failures of MI5 in combatting cyber warfare activity, as well as the massive fiscal losses accredited to cyber criminal activity in the UK. (Registration required to view video.)
Dec. 22, 2010 - Paul Walsh
Federal authorities say a Texas hacker stole more than a quarter-million dollars from a subsidiary of Digital River Inc., the Eden Prairie-based e-commerce company, by redirecting electronic payment transfers to his personal account.
In an indictment unsealed Tuesday in federal court in Minneapolis, Jeremey Parker, 35, of Houston, was charged with computer fraud and wire fraud.
Dec. 20, 2010
The report: ‘Strategic Analysis of the World SCADA Market,’ finds that the market earned revenues of $4,584.5 million in 2009 and estimates this to reach $6,902.4 million in 2016. Markets in Western Europe and North America will continue expanding over the next few years due to the increasing demand to modernise power and water and wastewater infrastructure. New infrastructure investments in the Middle East, Africa, Asia Pacific, Latin America and Russia in sectors like oil and gas, power, water and wastewater, will also spur SCADA markets to grow rapidly in these regions. The key market challenge manufacturers have to face is ensuring enhanced cyber security.
Dec. 16, 2010 - James Walsh
A Blaine man hacked into his neighbor's wireless Internet to send e-mails containing child pornography, sexual advances and threats to Vice President Joe Biden to smear and terrorize people who had made him angry, a federal prosecutor said on Wednesday.
What set Barry Vincent Ardolf apart, said Assistant U.S. Attorney Tim Rank, was his computer expertise and vindictiveness to meticulously carry out a scheme that almost succeeded in making it appear that all those things came from his neighbor's computer.
Dec. 16, 2010 - Diana Kelley and Ed Moyle
When you talk about security and compliance, you typically think about protecting the organization from external attackers who want to steal sensitive corporate information. But in many cases, the reason companies fare poorly with audits has nothing to do with those bad guys but, rather, with internal threats.
Small wonder. These are, after all, people we trust (there’s a reason Dante put traitors at the lowest depths of hell). But the facts tell us we are at high risk from internal attack. Studies conducted jointly by CERT and the U.S. Secret Service show about half the companies responding have experienced at least one insider incident, and about a third of all electronic crimes were committed by insiders.
Dec. 16, 2010 - William Cole
Their ranks include snoops and sleuths who cull intelligence obtained from submarines, ships and aircraft, monitor foreign computer traffic, and work with super-secret organizations such as the National Security Agency in Kunia.
There are 2,800 Navy intelligence, information warfare, information/network management, cryptologists and oceanography personnel on Oahu, and 176 received recognition yesterday for accomplishment in a relatively new cadre -- the Information Dominance Corps.
Dec. 14, 2010 - Joan Goodchild
Smartphones could soon be used to launch distributed attacks, much like traditional PCs are now used as parts of larger botnet networks, according to a new report from ENISA, the European Network and Information Security Agency. In research that details the many risks of smartphones, the findings claim that while the devices are not currently being targeted for such attacks, this may change as mobile devices are becoming more popular, more connected and the complexity and the number of vulnerabilities in these platforms is increasing.
Dec. 14, 2010 - Dan Goodin
A Colorado sheriff's department mistakenly exposed a sensitive database that contained names, addresses and other details on about 200,000 people, including confidential drug informants.
Thousands of pages of confidential information collected by the Mesa County Sheriff's Department were vulnerable from April until November 24, when someone tipped authorities, according to the Associated Press.
Dec. 13, 2010
Computer experts have so far failed to untangle the web cast by a group of hackers from Pakistan on India's premier investigating agency CBI's internet space resulting in a 'dead' website which is not working even after 10 days of the cyber attack.
The website of the agency which collapsed after being attacked by hackers identifying themselves as "Pakistani Cyber Army" on the night of December two is still not operational, causing major embarrassment to the CBI.
(Click here to read news) (Related story)
Dec. 13, 2010 - Darren Pauli, ZDNet Australia
McDonald's has lost thousands of customer details to a hacker, including names, phone numbers and street and e-mail addresses. The fast food chain is also warning of pending phishing scams.
The customer details were lost after a hacker broke into the fast-food restaurant's U.S. marketing partner and stole the details provided by customers who sign up for promotions.
Dec. 9, 2010 - Amy Lee
Dutch police arrested a 16-year-old teenager on Wednesday for his involvement in the online attacks against Visa and Mastercard, organized by supporters of WikiLeaks.
According to a press release by the Netherlands' Public Prosecution Service, the boy has confessed to participating in the attacks. They believe he is a part of a much larger group of hackers, who they are in the process of tracking down.
(Click here to read news) (Related story below)
Dec. 8, 2010 - Nitasha Tiku
The recent hacking of CBI's website by a group called 'Pakistani Cyber Army' has raised questions over the safety regulations of servers provided by National Informatics Centre, the organisation responsible for maintaining government servers.
While the NIC maintains a studied silence over the entire issue, sources in the security establishment say that the safety mechanism of the NIC was not up to the mark and several reminders were being sent to them for upgrading their hardware.
Dec. 3, 2010 - Sophie Curtis
Hundreds of computer hackers have reportedly been arrested in China this year, as part of a large-scale crackdown on cyber crime.
The Ministry of Public Security reported on Tuesday that, since January 2010, Chinese authorities have arrested 460 hackers, resolved 180 cases of computer crimes, and closed 14 websites providing hacking software or training.
“Currently the situation regarding cyberattacks in China is still extremely grim, and hacking attacks domestically are still widespread,” the ministry said in a statement.
Dec. 5, 2010
The recent hacking of CBI's website by a group called 'Pakistani Cyber Army' has raised questions over the safety regulations of servers provided by National Informatics Centre, the organisation responsible for maintaining government servers.
While the NIC maintains a studied silence over the entire issue, sources in the security establishment say that the safety mechanism of the NIC was not up to the mark and several reminders were being sent to them for upgrading their hardware.
Dec. 3, 2010 - Douglas Martin
For more than six decades, Frank W. Lewis mesmerized, mystified and miffed a circle of obsessed people by writing a devilishly quirky cryptic crossword puzzle for The Nation.
Mr. Lewis, whose day job for many years was to help spies solve top-secret codes at the National Security Agency, died of heart failure on Nov. 18 in Plymouth, Mass., his family said. He was 98 and had continued to create puzzles until a year ago.
Dec. 3, 2010 - Don Coleman
Mesa County is trying to figure out the extent of a security breach that put secure law enforcement files and some peoples' personal information out on the internet for anybody to view.
Officials say the error occurred while preparing for a future transition to a new software system for the Mesa County Sheriff’s Office. The person responsible has been let go, but the problem is just beginning for investigators.
Dec. 3, 2010 - Ericka Mellon, Houston Chronicle
Hundreds of thousands of students and employees in the Houston school district had their Social Security numbers and other personal data exposed to a suspected computer hacker, HISD officials announced on Thursday.
A criminal investigation, launched in October after district employees noticed a security breach, has found that the hacking was more severe than initially thought, leaving students' grades and employees' bank account information vulnerable.
Dec. 2, 2010 - Ashley Fantz
When WikiLeaks first caused an international uproar this summer by publishing reams of classified U.S. intelligence, possibly stolen by a 23-year-old soldier using a CD and a memory stick, the Pentagon pledged to fix loopholes in its computer systems.
So how is that going?
Sixty percent of the Defense Department's computer system is now equipped with software capable of "monitoring unusual data access or usage."
Dec. 2, 2010 - Matthew Day
Two German hackers gained access to the computers of over 50 pop stars, including Justin Timberlake and Lady Gaga, in an attempt to steal unreleased songs and issue blackmail threats over intimate photographs, prosecutors have alleged.
The pair, according to German police, used nothing more than perseverance and simple invasive programmes called Trojans, which can break into private computer networks. But they are alleged to have hacked into the computers of a string of world famous stars and downloaded hundreds of documents including music, credit card details, emails and photographs.
Dec. 2, 2010
Towards the end of 2003 and early in 2004 China’s most senior leaders put aside the routine of governing 1.3 billion people to spend a couple of afternoons studying the rise of great powers. You can imagine history’s grim inventory of war and destruction being laid out before them as they examined how, from the 15th century, empires and upstarts had often fought for supremacy. And you can imagine them moving on to the real subject of their inquiry: whether China will be able to take its place at the top without anyone resorting to arms.
Dec. 2, 2010 - Angelique Chrisafis
It was Jacques Chirac's dream: a French rolling-news channel to challenge the BBC and CNN, beaming Paris's global view into the living rooms of the world. But the beleaguered France 24 channel has instead become a showcase for the back-stabbing, bullying and bravado that some say dominate French workplace relations.
After months of squabbling, walkouts and fears of a feud in the upper echelons, France 24's boardroom drama has taken a turn for the worse after police were called in to investigate accusations of spying and computer-hacking in the organisation.
Dec. 2, 2010 - Zhang Yan
There has been an 80 percent increase in the number of computer hacking cases handled by the police in China each year since 2006. The new cases posed a threat to both public and national Internet security, a senior police official told China Daily on Wednesday.
"Hacking attacks and the destruction they cause are rapidly increasing. We face a grim situation," Gu Jian, deputy director of the network security bureau of the Ministry of Public Security, said in an interview.
Dec. 2, 2010 - Mathew J. Schwartz
According to the Milwaukee-Wisconsin Journal Sentinel, Federal Bureau of Investigation agents last month arrested the alleged mastermind behind the Mega-D botnet, named as Oleg Nikolaenko, a 23-year-old Moscow resident.
The Journal Sentinel reported, "agents from the FBI and the Federal Trade Commission had been tracking Nikolaenko's activities since at least 2007." Ultimately, he was arrested on November 4 while visiting Las Vegas to attend an automotive trade show and indicted on November 16 on one charge of violating the 2003 Can-Spam (Controlling the Assault of Non-Solicited Pornography and Marketing) Act. The timing and place of the arrest wasn't coincidental, since the Russian constitution forbids the extradition of its citizens.
(Click here to read news) (Related story below)
Dec. 1, 2010 - Kelly Jackson Higgins
It has been a milestone week in cyberespionage developments that smacked of a spy movie, with a confession, a killing, and a leaked intelligence cable: Iranian President Mahmoud Ahmadinejad issued a statement that "enemies" of Iran had successfully used software to disrupt centrifuges in Iran's nuclear facility, Iran's top nuclear scientist was assassinated, and a U.S. State Department cable obtained by WikiLeaks suggested the Chinese government had ordered the Aurora attack against Google.
Dec. 1, 2010 - John Leyden
FBI investigators have named a 23-year-old Russian as a prime suspect behind the operation of the infamous 500,000 Mega-D botnet, blamed for an estimated one in three spam emails prior to a take-down operation early last year.
Oleg Nikolaenko, a 23-year-old Moscow resident, was accused of violating US anti-spam and fraud laws in a sworn testimony by an FBI agent investigation the case, the Smoking Gun reports.
Dec. 1, 2010 - Elizabeth Montalbano
Federal investment in cybersecurity will reach $13.3 billion by 2015, driven by a 445% increase in security incidents over the last four years and the shortage of qualified security professionals, according to a report released this week.
The size of the investment represents an annual increase of 9.1% over the next five years, according to the Federal Information Security Market, 2010-2015 report by Input. The firm based the report on its own analytics, interviews with federal IT professionals and the government's own spending forecasts, it said.
Dec.1, 2010 - Jason Magder
Experts warn the Canadian government and Canadian companies are vulnerable to data loss, on the same scale as the WikiLeaks scandal that has rocked the United States government.
This week, the WikiLeaks website released thousands of documents of secret data gleaned from the computers of U.S. embassies around the world. In reaction, the U.S. government has said it will improve its information security systems, including adding a system to track who gets access to sensitive data, and what they do with it.
Information security experts warn, however, that Canadian corporations and several government departments are not properly ensuring sensitive data aren't stolen or lost. This is especially problematic because attacks by hackers are on the increase and are becoming more sophisticated.
