This section is devoted to featuring late-breaking cyber security news stories.
C Y B E R I S E C U R I T Y I N E W S
All text displayed in connection with these stories is quoted directly from the source.
Sept. 25, 2010 - Gregg Keizer
Officials in Iran have confirmed that the Stuxnet worm infected at least 30,000 Windows PCs in the country, multiple Iranian news services reported on Saturday.
Experts from Iran's Atomic Energy Organization also reportedly met this week to discuss how to remove the malware.
Stuxnet, considered by many security researchers to be the most sophisticated malware ever, was first spotted in mid-June by VirusBlokAda, a little-known security firm based in Belarus. A month later Microsoft acknowledged that the worm targeted Windows PCs that managed large-scale industrial-control systems in manufacturing and utility companies.
(Click here to read news) (Related story)
Sept. 30, 2010 - Jonathan V. Last
The computer worm Stuxnet broke out of the tech underworld and into the mass media this week. It’s an amazing story: Stuxnet has infected roughly 45,000 computers. Sixty percent of these machines happen to be in Iran. Which is odd. What is odder still is that Stuxnet is designed specifically to attack a computer system using software from Siemens which controls industrial facilities such as factories, oil refineries, and oh, by the way, nuclear power plants. As you might imagine, Stuxnet raises big, interesting geo-strategic questions. Did a state design it as an attack on the Iranian nuclear program? Was it a private group of vigilantes? Some combination of the two? Or something else altogether?
(Click here to read blog) (Related story)
Sept. 30, 2010 - Lewis Page
The US military's central Cyber Command will not become operational as had been planned tomorrow, according to Pentagon spokesmen. Issues responsible for the delay include difficulties finding suitably qualified staff among America's uniformed legions, and also the fact that it isn't even clear what "operational" means for a cyberforce.
The delays are reported by Stars & Stripes.
“I don’t know that the 1 October deadline is holding strong and fast,” military spokeswoman Lieutenant Colonel Rene White told the military paper, asked if Cyber Command would indeed be operational as US defence secretary Robert Gates had specified it should be.
Sept. 30, 2010 - Fahmida Y. Rashid
Officials from 28 federal agencies say cyber-security measures impact productivity by restricting access to information and delaying communications with others, according to a Government Business Council survey. Officials say they often bypass security controls on purpose to get things done.
Despite their bosses' insistence on strong cyber-security in government, federal officials find those measures get in the way of doing their jobs, according to the results of a Government Business Council survey released Sept. 30.
Sept. 30, 2010
Following the coordinated attacks on mainstream media sites in Nigeria, Emmanuel Mayah visits the cyber crime scenes and reports on how millions of zombie computers are deployed as foot soldiers to attack big businesses, political dissidents, competitors or enemy organisations.
Sept. 30, 2010 - Ralph Langner
German IACS security researcher Ralph Langner has successfully analyzed the Stuxnet malware that appeared to be a miracle. Stuxnet is a directed attack against a specific control system installation. Langner will disclose details, including forensic evidence, next week at Joe Weiss' conference in Rockville.
(Click here to read news) (Related story)
Sept. 29, 2010 - John Markoff and David E. Sanger
Deep inside the computer worm that some specialists suspect is aimed at slowing Iran’s race for a nuclear weapon lies what could be a fleeting reference to the Book of Esther, the Old Testament tale in which the Jews pre-empt a Persian plot to destroy them.
That use of the word “Myrtus” — which can be read as an allusion to Esther — to name a file inside the code is one of several murky clues that have emerged as computer experts try to trace the origin and purpose of the rogue Stuxnet program, which seeks out a specific kind of command module for industrial equipment.
(Click here to read news) (Related story)
Sept. 28, 2010 - J. Nicholas Hoover
For three or four days this week, the Internet will come under a virtual attack from an unknown adversary, and it will be up to the government and private sector's coordinated efforts to root out the cause and work together to keep systems up and running -- at least within the simulated confines of the Department of Homeland Security's Cyber Storm III exercise, which begins Tuesday.
Sept. 27, 2010 - Kelly Jackson Higgins
While the Stuxnet worm attack has raised the bar for targeted attacks on the critical infrastructure, it's not the first time the power grid has been in the bull's eye. Attacks against these systems are actually quite common -- it's just that they are mostly kept under wraps and rarely face public scrutiny like Stuxnet has.
(Click here to read news) (Related story)
Sept. 26, 2010
Shen Yang, a doctorial tutor at School of Information Management under Wuhan University, showed reporters on Sept. 22 at his office that there are some vicious hidden links among some government-run Web sites with domain names ending in "gov.cn," such as those linking to the "latest information on the Hong Kong Jockey Club" and "how to buy Mark Six" Web pages, according to a report by Changjiang Daily.
"These are hidden link attacks," said Shen. "Certain text is invisible for normal online browsing and they have links to illegal Web pages containing pornographic, gambling and fraudulent items and political content."
Sept. 23, 2010 - Ellen Nakashima
They were Air Force fighter pilots, Army rangers and Marine tank commanders. There was even a Navy fighter jet radar officer who had been taken prisoner during the Persian Gulf War.
Warriors all.
But in 1998 they fought in a different realm - their weapons bits and bytes, their foxholes temperature-controlled computer operations rooms. In the new battleground of cyberspace, they battled shadowy foes whose computer attacks were given names like Moonlight Maze and Titan Rain.
Sept. 23, 2010 - Ellen Nakashima
The commander of the new Pentagon unit charged with protecting the military's computer networks wants to create a "secure" network for government computer systems and those of critical industries, such as power and water.
That strategy of walling off critical computer networks from the rest of the Internet "is probably where you're going to get to, and it makes a lot of sense," said Army Gen. Keith B. Alexander, who heads the recently launched U.S. Cyber Command. Alexander also directs the National Security Agency, which conducts electronic surveillance on foreign targets.
Sept. 21, 2010 - Charles Arthur
Sarah Brown and Lord Sugar were among thousands of Twitter users who yesterday found themselves directing people to third-party sites, including hardcore pornography, as the messaging website fell prey to an "embarrassing" hacking attack discovered by a Japanese programmer and then exploited by a number of others.
At one point more than 100,000 people on the service were estimated to have been affected, while the owners – who are based on the US west coast – were asleep.
Sept. 21, 2010 - Kelly Jackson Higgins
New research shows parents have more to worry about than their college students' underage drinking: Twenty-three percent of college kids say they have hacked for fun or profit, although most of them believe doing so is wrong.
The report, commissioned by Tufin Technologies and the Association of Chief Police Officers in the U.K., found that 32 percent of college students aged 18 to 21 say hacking is "cool," 28 percent consider it easy to accomplish -- and all the while 84 percent consider it the wrong thing to do.
Sept. 21, 2010 - Robert McMillan, IDG News Service
A highly sophisticated computer worm that has spread through Iran, Indonesia and India was built to destroy operations at one target: possibly Iran's Bushehr nuclear reactor.
That's the emerging consensus of security experts who have examined the Stuxnet worm. In recent weeks, they've broken the cryptographic code behind the software and taken a look at how the worm operates in test environments. Researchers studying the worm all agree that Stuxnet was built by a very sophisticated and capable attacker -- possibly a nation state -- and it was designed to destroy something big.
(Click here to read news) (Related story)
Sept. 21, 2010 - Siobhan Gorman, Washington Wire
The Obama administration’s cyber security policies came under fire today from unexpected quarters—former National Security Council official Richard Clarke, who advised the administration’s transition team.
“The Obama administration so far has failed to do the necessary with regard to cyberwar,” said Clarke, who now heads a security consulting firm, Good Harbor Consulting, and recently co-authored a book on cyber security. In a speech in Washington to the Cyber Conflict Studies Association, he acknowledged several times that he was critiquing his friends.
Sept. 21, 2010 - Dan Goodin
Attackers have begun exploiting a recently disclosed vulnerability in Microsoft web-development applications that opens password files and other sensitive data to interception and tampering.
The vulnerability in the way ASP.Net apps encrypt data was disclosed last week at the Ekoparty Conference in Argentina. Microsoft on Friday issued a temporary fix for the so-called “cryptographic padding attack,” which allows attackers to decrypt protected files by sending vulnerable systems large numbers of corrupted requests.
(Click here to read news) (Related story below)
Sept. 20, 2010 - Elinor Mills
Microsoft is warning people of a potentially serious vulnerability in its ASP.Net framework used to create Web sites.
The hole affects all versions of the .Net framework and affects Windows XP, Vista, Windows 7, and Windows Server 2003 and 2008, company said in an advisory released late on Friday.
"At this time we are not aware of any attacks using this vulnerability and we encourage customers to review the advisory for mitigations and workarounds," the company said in a blog post.
Sept. 20, 2010 - Daily Mail Reporter
The head of Interpol has warned that cyber-crime is the 'most dangerous criminal threat we will ever face' after fraudsters stole his identity on Facebook.
Security chief Ronald K. Noble revealed that two fake accounts were created in his name and used to find the details of highly-dangerous criminals.
The embarrassing security breach saw one of the impersonators used the false profile to obtain information on fugitives convicted of serious crimes including rape and murder.
Sept. 19, 2010 - Kyodo News
The Defense Ministry and the National Police Agency possibly came under cyberattacks between Wednesday and Friday as it temporarily became difficult for people to access their websites, government officials said.
The government is looking into the attacks given that a hackers’ group viewed as the largest in China has said it will attack Japanese government websites through Saturday in protest over Tokyo’s handling of the collisions last week between a Chinese fishing boat and Japan Coast Guard patrol boats near disputed East China Sea islands.
Sept. 17, 2010 - Chris Williams
Jonathan Evans, the head of MI5, has claimed the internet has made the threat of espionage by foreign countries higher than ever before, but insisted it is "relatively straightforward" to block attempts to steal data.
"The overall likelihood of any particular entity being the subject of state espionage has probably never been higher, though paradoxically many of the vulnerabilities exploited both in cyber espionage and traditional espionage are relatively straightforward to plug if you are aware of them," he said.
Sept. 16, 2010 - Dan Goodin
The North Atlantic Treaty Organization and Russia should undertake joint information-warfare exercises so the two countries can better protect critical digital infrastructure, policy wonks at an international group said.
The proposal, which was included in a 32-page report released Wednesday by the EastWest Institute, would help the US and Russia achieve mutual goals in much the way that previous collaborations in the International Telecommunication Union (ITU) have, its authors argued.
Sept. 15, 2010 - David Eshel
Geopolitical concerns and two wars in recent years have put Israel at the forefront of cyberwar and cyber-defense. As the most computerized country in the Middle East, Israel stands to lose a great deal if its military and civilian networks prove vulnerable to cyber-attack.
According to Maj. Gen. (ret.) Isaac Ben-Israel, a professor at Tel Aviv University and an expert on digital warfare, Israel’s defense community has been aware of the dangers of cyberspace for two decades. In the late 1990s, the government established a special authority to supervise all aspects of national information security. The internal security authority (Shin Bet) took responsibility for civilian and national assets, while military security supervised defense networks.
Sept. 15, 2010 - Ellen Messmer
The National Security Agency wants to use commercially-built security products and the latest virtualization software. But the slow pace of getting products certified through NSA channels and the lightening fast pace of change in the IT industry is causing national-security heartburn.
The high-tech spy agency, which also guides Defense Department information security, has become an enthusiastic proponent of open standards-based technologies such as Trusted Network Connect (TNC) and Trusted Platform Module (TPM) put forward by the organization Trusted Computing Group (which announced it expects to propose an end-to-end security framework for cloud computing around year-end).
Sept. 15, 2010 - Shara Tibken
Hewlett-Packard Co. agreed to buy security-software maker ArcSight Inc. for about $1.5 billion, continuing the company's spending spree that began after Chief Executive Mark Hurd resigned last month.
The deal also represents the latest purchase of a smaller security firm by a huge technology company, a trend some see continuing as big tech considers the importance of adding security to their product portfolio. ArcSight makes software that monitors corporate networks for unusual activity, such as a hacker's attempt to break into a system.
Sept. 14, 2010 - Ian Burrell
The actress Sienna Miller is poised to become the latest litigant to join a growing queue of high-profile figures seeking damages from the publishers of the News of the World newspaper over the illegal hacking of voicemail messages.
It also emerged last night that Sean Hoare, the reporter whose testimony was central to The New York Times's article that reignited the phone-hacking controversy, has been interviewed by police under caution.
Sept. 14, 2010 - Robert McMillan, IDG News Service
A sophisticated worm designed to steal industrial secrets and disrupt operations has infected at least 14 plants, according to Siemens.
Called Stuxnet, the worm was discovered in July when researchers at VirusBlokAda found it on computers in Iran. It is one of the most sophisticated and unusual pieces of malicious software ever created -- the worm leveraged a previously unknown Windows vulnerability (now patched) that allowed it to spread from computer to computer, typically via USB sticks.
October 2010 Issue - Wesley R. Andrues
In June 2009, the Secretary of Defense announced the creation of U.S. Cyber Command (USCYBERCOM), a new subunified command to be led by the director of the National Security Agency (NSA). While the press colored the announcement with Big Brother undertones and hints of civil liberties surrendered, the real story lies in the intriguing legal landscape of USCYBERCOM and what it could mean for the security, efficiency, and economy of the military's networks. The Department of Defense (DOD), the largest single consumer of Federal information technology dollars, has struggled for decades to bring a singular voice and management process to its communications infrastructure. Although this is not the stated intent of the new command, USCYBERCOM must ultimately reconcile its role in information technology "ownership" and draw clear operational boundaries if it is to administer cyber security through unified standards and procedures.
Sept. 13, 2010 - TIm Wilson
If you could find and fix security flaws before the application is deployed, instead of afterward, then your organization would save money. But how much could you really save?
That's the question studied in a new report published today by ROI consultancy Mainstay Partners and Fortify Software. The report suggests that the cost savings of secure software development could be substantial.
Sept. 13, 2010 - William Jackson
There appears to be little relief in sight from the relentless onslaught of spam that continues to deliver malicious code and phishing lures to our inboxes day in and day out. According to Symantec’s “State of Spam and Phishing Report” for August, spam made up more than 92 percent of e-mail last month. The percentage of spam has fluctuated from a low of about 79 percent in November to more than 95 percent, but it has held pretty steady around 90 percent for most of the past year.
But there might be a small patch of light on the horizon, coming from — of all places — the U.S. District Court for the Eastern District of Virginia, where a judge has recommended that ownership of 276 Internet domains used by the Waledac botnet be turned over to Microsoft. If the judgment comes down from the court, it would effectively cut off the botnet’s command and control network.
Sept. 9, 2010 - Kui Kinyanjul
Kenya has risen to become the most insecure country in East Africa in terms of virtual threats, according to new industry findings.
International data security firm Kaspersky says Kenya now tops the list of East African countries for computers that are infected with dangerous threats and malicious viruses.
“Given East Africa’s recent Internet connectivity boom, with the landing of SEACOM the number of security infections in Kenya has increased approximately 10 times and roughly four times during the last six months,” said Mr Sergey Novikov, head of the region’s research at Kaspersky Lab.
Sept. 9, 2010 - Emma Woollacott
An Indian firm has blithely admitted carrying out DDoS attacks on illegal torrent websites on behalf of movie companies including 20th Century Fox.
Girish Kumar, managing director of Aiplex Software, said he's hired by the studios to trawl the internet in the days following a movie's release. Using software which searches for relevant keywords, Aiplex looks for sites hosting illegally pirated copies. The firm then delivers copyright takedown notices to the sites' owners.
"Most movies are released on Friday morning at 10am in India. The movie is released in the morning - by afternoon it's on the internet," he told The Age.
Sept. 9, 2010
It happened one day last year, as more than a dozen board members of a Baltimore substance abuse center had gathered around a conference room. The CEO was giving a PowerPoint presentation on his accomplishments.
Suddenly, his computer shut down, then restarted, replacing the latest slide with an image of a naked woman onto a 64-inch screen. The board members include city officials and foundation heads and is chaired by Baltimore's health commissioner.
Today, Baltimore's State's Attorney's Office announced a grand jury had indicted Walter Powell, 51, with hacking into the computer system. They described him as a disgruntled worker who allegedly used his home computer to access the system, distribute confidential emails from his boss and break into the presentation.
Sept. 9, 2010 - John Leyden
Updated Symantec's hapless HackIsWack cybercrime rap competition site can still be rickrolled, despite assurances to the contrary from the security giant.
A web application filter was deployed to block an earlier cross-site scripting attack, but this filter is configured to allow a YouTube video featuring rapper Snoop Dogg, who has been recruited to promote the project, to be displayed. That means that even though the initial attack no longer works, unresolved vulnerabilities on the site mean that it can still be rickrolled onto YouTube videos, as you can see here.
Sept. 9, 2010 - Ki Mae Heussner
A global e-mail virus spammed inboxes Thursday afternoon, slowing -- and in some cases halting -- work at offices around the world as employees watched their inboxes inexplicably fill with e-mails under the subject line "Here you have." Some workers were forced to go without e-mail altogether, as the flood of spam put their services out of commission.
Sept. 8, 2010 - Robert Lemos
The recently revealed abuse of insiders' system privileges to commit fraud at Sprint could be a wake-up call for other enterprises to implement more stringent security practices, experts said this week.
Last week, nine Sprint employees were charged with misusing their access to the telecommunications giant's systems to redirect phone charges to other customers by "cloning" their cell phones -- to the tune of more than $15 million in fraudulent charges in the first six months of this year.
Sept. 8, 2010 - Elizabeth Montalbano
Addressing challenges to the federal government's cybersecurity efforts, the head of the National Security Agency (NSA) said that teamwork, global leadership, and a respect for citizens' privacy are necessary to secure U.S. critical infrastructure against cyber attacks.
There are 250,000 probes trying to find their way into Department of Defense (DoD) networks every hour, and cyber attacks on federal agencies have increased 150% since 2008, Gen. Keith Alexander, NSA director and commander of the U.S. Cyber Command, said Tuesday at the Gov 2.0 Summit at the Grand Hyatt in Washington, produced by O'Reilly Media and UBM TechWeb.
Sept. 8, 2010 - Kevin Poulsen
The federal agency in charge of protecting other agencies from computer intruders was found riddled with hundreds of high-risk security holes on its own systems, according to the results of an audit released Wednesday.
The United States Computer Emergency Readiness Team, or US-CERT, monitors the Einstein intrusion-detection sensors on nonmilitary government networks, and helps other civil agencies respond to hack attacks. It also issues alerts on the latest software security holes, so that everyone from the White House to the FAA can react quickly to install workarounds and patches.
But in a case of “physician, heal thyself,” the agency — which forms the operational arm of DHS’s National Cyber Security Division, or NCSD — failed to keep its own systems up to date with the latest software patches. Auditors working for the DHS inspector general ran a sweep of US-CERT using the vulnerability scanner Nessus and turned up 1,085 instances of 202 high-risk security holes.
Sept. 7, 2010 - Gautham Nagesh
The United States' increasing reliance on the Internet makes securing our networks from online threats more crucial than ever, according to National Security Agency director and U.S. Cyber Command commander Keith Alexander.
Speaking at the Gov 2.0 Summit on Tuesday in Washington, Alexander warned against the growing threat from hackers and enemy states seeking to penetrate American networks, which are more vital to the nation's security and economy than ever before.
Sept. 7, 2010 - Army Sgt. 1st Class Michael J. Carden
After spending the better part of the past decade defending the Defense Department’s computer networks, the Joint Task Force Global Network Operations command cased its colors.
The task force was deactivated in a ceremony today here at the Defense Information Systems Agency. The task force’s operations and personnel now fall under U.S. Cyber Command at Fort Meade, Md.
Air Force Gen. Kevin P. Chilton, commander of U.S. Strategic Command, presided over the ceremony. Although the ceremony marked the end of the task force’s tenure, its mission continues, he said.
Sept. 5, 2010 - Ellen Nakashima, Washington Post
The Pentagon is contemplating an aggressive approach to defending its computer systems that includes preemptive actions such as knocking out parts of an adversary’s computer network overseas — but it is still wrestling with how to pursue the strategy legally.
The department is developing a range of weapons capabilities, including tools that would allow “attack and exploitation of adversary information systems’’ and that can “deceive, deny, disrupt, degrade, and destroy’’ information and information systems, according to Defense Department budget documents.
Sept. 2, 2010 - Elizabeth Montalbano
The Defense Advanced Research Projects Agency (DARPA) has launched a new program aimed at quickly finding and stopping insiders from trying to steal information from Department of Defense (DoD) computer networks for use against the federal government.
To develop its Cyber Insider Threat program, or CINDER, DARPA is "soliciting novel approaches to insider threat detection that greatly increase the accuracy, rate, and speed of detection and that impede the ability of adversaries to operate within government and military interest networks," according to a presolicitation notice posted on FedBizOpps.gov.
(Click here to read news) (Related story)
Sept. 2, 2010 - Jeremy Kirk, IDG News Service
Researchers are hoping to get a better insight on botnets after taking down part of Pushdo, one of the top five networks of hacked computers responsible for most of the world's spam.
Thorsten Holz, an assistant professor of computer science at Ruhr-University in Bochum, Germany, said his group is working on an academic paper focused on methods to figure out what type of malicious spamming software is on a computer that sent a particular spam e-mail.
Sept. 1, 2010 - John E. Dunn
Hundreds of lunchtime customers of a diner in the US city of Memphis are believed to have had funds stolen from their debit and credit cards after PCs at the venue became infected with malware.
Large numbers of customers reported having had funds taken after using Jason’s Deli in recent weeks, which prompted an investigation by the US Secret Service, part of the Department of Homeland Security.
Sept. 1, 2010 - Ryan Naraine
Malicious hackers are using the Google Code repository to host Trojans horses, backdoors and password stealing keyloggers, according to researchers at Zscaler.
The researchers found a malicious project hosted on the free Google Code site with about 50+ malware executables stored in the download section of the project.
