Website of Georgian President Under Attack, Political Motivation Suspected

For over 24 hours the website of President Mikhail Saakashvili of Georgia, a former Soviet republic, has been down as a result of a distributed denial of service (DDoS) attack. This attack appears to have a political motivation, says Jose Nazario of Arbor Neworks. "Tensions between Russia and Georgia appear to be running high lately." According to The Shadowserver Foundation, a security watchdog group, the site (www.president.gov.ge) began coming under attack very early Saturday morning (Georgian time). more»

Many Systems Open to Attack Through Channels Enabled to Support IPv6 Traffic

It may be years before the new internet protocol IPv6 takes over from the current IPv4, but a security researcher is warning that many systems -- corporate and personal -- are already open to attack through channels that have been enabled on their machines to support IPv6 traffic, according to the Wired report by Kim Zetter. Joe Klein, a security researcher with Command Information, says many organizations and home users have IPv6 enabled on their systems by default but don't know it. They also don't have protection in place to block malicious traffic, since some intrusion detection systems and firewalls aren't set up to monitor IPv6 traffic, presenting an appealing vector through which outsiders can attack their networks undetected. more»

Obama Says Cybersecurity Would Be Top Priority in His Administration

Sen. Barack Obama, the U.S. presidential candidate outlined in a speech yesterday, what he envisioned for a cyber-security infrastructure that would protect the nation's computer networks and strengthen science and computer education programs. "I'll declare our cyber-infrastructure a strategic asset, and appoint a national cyber adviser who will report directly to me. We'll coordinate efforts across the federal government, implement a truly national cyber-security policy, and tighten standards to secure information -- from the networks that power the federal government, to the networks that you use in your personal lives." more»

Security Experts Caution Against Latest Strom Warm Campaign Claiming U.S Invasion of Iran

Recent blast of emails linked to Strom Warm attempt to exploit client-side vulnerabilities by stating that the U.S. army has invaded Iran. The email is also reported to contain links to videos. The text reads:

“Just now US Army’s Delta Force and U.S. Air Force have invaded Iran. Approximately 20000 soldiers crossed the border into Iran and broke down the Iran’s Army resistance. The video made by US soldier was received today morning. Click on the video to see first minutes of the beginning of the World War III. God save us.” more»

Lithuanian Government and Corporate Websites Attacked

Hundreds of Lithuanian government and corporate Web sites were hacked and plastered with Soviet-era symbols and other digital graffiti this week in what appears to be a coordinated cyber attack launched by Russian hacker groups, reports Brian Krebs of the Washington Post. According to reports, Lithuanian officials did not directly accuse Russian hackers of initiating the attacks which are said to have come from foreign computers. However, iDefense, a security intelligence firm, based in Reston, VA, as linked the attacks to nationalistic Russian hacker groups protesting a new Lithuanian law banning the display of Soviet emblems, including honors won during World War II. more»

U.S. Military Wants to Patrol the Internet

The U.S. military is looking for a contractor to patrol cyberspace, watching for warning signs of forthcoming terrorist attacks or other hostile activity on the Web. "If someone wants to blow us up, we want to know about it," Robert Hembrook, the deputy intelligence chief of the U.S. Army's Fifth Signal Command in Mannheim, Germany, told United Press International. "The purpose of the services will be to identify and assess stated and implied threat, antipathy, unrest and other contextual data relating to selected Internet domains," says the solicitation. more»

Turkish Hacker Group Strikes Again, This Time Victims are ICANN and IANA

The same Turkish Hacking Group, NetDevilz, responsible for the hacking and defacement of the popular photo sharing site, Photobucket, has been reported to have briefly succeeded in accessing ICANN and IANA domain names yesterday, June 26, 2008, and redirecting them to a page containing the message: "You think that you control the domains but you don't! Everybody knows wrong. We control the domains including ICANN! Don't you believe us?"... more»

Cisco, IBM, Intel, Juniper and Microsoft Announce Consortium to Address Global Security Threats

Five leading IT vendors have announced the creation of the Industry Consortium for Advancement of Security on the Internet (ICASI), a nonprofit organization that intends to let vendors and customers work together on global IT security threats and resolve them in a government-neutral way. ICASI's founding members include, Cisco, IBM, Intel, Juniper and Microsoft. ICASI will target "global, multivendor cyber threats" to reduce their impact on end users. The group's statement says these attacks target multiple products or protocols in products, giving them a broader impact. These attacks pose problems not only for end user customers, but also for vendors, the group says. more»

Cyberattacks Will Be Disruptive, Not Destructive, Says Howard Schmidt

In a recent interview by Krish Raghav, from Wall Street Journal's LiveMint.com, Howard Schmidt, an information networks expert and a senior cyber-security adviser in the Bush administration, talked about several hot Internet issues, including net neutrality and cyber-attacks. In this report, Raghav starts with the following statement: "In the last 12 months, some 10 Indian government ministry websites have been targets of cyber-attacks. Recently, security experts with Boston-based Core Security Technologies said such attackers could "gain control
of countries' water treatment plants, natural gas pipelines and other critical utilities". more»

Cyberattack Paralyzed Marshall Islands Email Service

Email communication in the Marshall Islands was paralysed Tuesday after hackers launched a "zombie" computer attack on the western Pacific nation's only Internet service provider, AFP reports. The attack started early Tuesday, in which hackers used zombie computers to flood country's only Internet service provider with spam emails, causing a complete shutdown of email traffic into the nation of around 55,000 people. more»

VeriSign Expands DNS Capacity From 400 Billion to Over 4 trillion Queries Per Day

Since 2000, the volume of Internet traffic on VeriSign's global infrastructure has increased from an average of 1 billion domain name system queries per day to a peak of more than 50 billion DNS queries per day under normal traffic conditions, reports VeriSign in a press release today. Under Project Titan, VeriSign reports it will increase its daily DNS query capacity from 400 billion queries a day to over 4 trillion queries a day and will increase the aggregate network bandwidth of its primary resolution centers around the world from more than 20 gigabits per second (Gbps) to greater than 200 Gbps per second. VeriSign also plans to expand its deployment of Regional Internet Resolution Sites to more than 100 locations across the globe by 2010. Plans also include deploying new proprietary security upgrades and monitoring tools to identify, track and isolate malicious Internet traffic generated from cyber attacks. more»

France Preparing for Future Cyberwars, Says President

French President Nicolas Sarkozy announced major military reforms involving an in-depth change in strategic priorities and is gradually preparing France for the fights of future. Plans include expanding the range of weapons arsenal in terms of computer warfare, said the president in his announcement this week. France is not alone to be deeply worried about the issue of crippling cyber attacks. In mid-May, the Atlantic Alliance, which brings together dozens of Northern America, Western and Eastern European countries, launched what has come to be known as the "NATO Excellence Center for Cybernetics Defense" in Tallinn, Estonia. more»

Popular Photo Sharing Site's DNS Records Hijacked by Turkish Hacking Group

DNS records of one of the most popular photo sharing websites, Photobucket, were hacked yesterday by Turkish Hacking Group. The site returned a hacked page courtesy of the NetDevilz hacking group, a Turkish web site defacement group most widely known for its defacement of the adult video site Redtube earlier this year. Photobucket users across the world are reporting minor outages of the service and problems when trying to access their accounts, the consequence of what looks like the type of DNS records hijacking that redirected Comcast.net to a third-party domain last month. more»

Carpet Bombing in Cyber Space - Say Again?

I was pointed to an article in the Armed Forces Journal where Col Charles W. Williamson III argues that the US Air Force needs to develop a BOTnet army as part of the US military capability for retaliatory strikes. The article brings up some interesting issues, the one that I believe carries the most weight is the argument that we (well, people living on the Internet) are seeing an arms race. It is true that more and more nations are looking into or developing various forms of offensive weapons systems for the use on the Internet... more»

Software Security Hole Exposes Critical Utilities to Internet attack

Internet attackers could gain control of water treatment plants, natural gas pipelines and other critical utilities because of a vulnerability in the software that runs some of those facilities, security researchers reported Wednesday. Experts with Boston-based Core Security Technologies, who discovered the deficiency, said there's no evidence anyone else found or exploited the flaw. Citect Pty. Ltd., which makes the program called CitectSCADA, patched the hole last week, five months after Core Security first notified Citect of the problem. more»