Cybersecurity regulation is coming. Whether regulations intended to enhance critical infrastructure protection will be based on existing statutory authority, new legislation, an Executive Order or a combination of legal authorities, however, is still unknown. Other aspects of the coming federal oversight of critical infrastructure cybersecurity that remain undetermined include the extent to which governance system will include voluntary characteristics and the time frame for initiation of new cybersecurity regulation. more
While Congress and the White House deliberate possible actions on FISMA reform and increased oversight of critical infrastructure, relatively little attention is being given to the government-wide cybersecurity regulation already in place, the Data Quality Act (DQA). Unlike FISMA, which primarily governs the government's internal cybersecurity processes, and contemplated legislation and/or Executive Order(s), which would likely also include a focus on critical infrastructure protection, the DQA contains a unique mandate. more
Michael Cooney reporting in NetworkWorld: "Security researchers this week will detail a prototype system they say can better detect so-called Domain Name Generation- (DGA) based botnets such as Conficker and Kraken without the usual labor- and time-intensive reverse-engineering required to find and defeat such malware. The detection system, called Pleiades, monitors traffic below the local DNS server and analyzes streams of unsuccessful DNS resolutions..." more
A few weeks ago, the New York Times published an article saying that the Stuxnet worm, which infected a large number of Iran's nuclear power plants, was a joint effort between the United States and Israel. The program began under former president George W. Bush and continued under President Obama. Last month, the Washington Post ran an article saying that the US and Israel collaborated in a joint effort to develop Flame and that work included Stuxnet. more
In the past five years, cyber and telecommunications defence has left its niche market to become one of the fastest growing industries in the world. In 2011, governments, industry and ordinary computer users spent roughly £65 billion shoring up their computer networks, a figure that is predicted to double within five years. more
There's been a lot of emphasis on DNS performance lately because faster DNS contributes directly to a better user experience. There's an interesting flipside to DNS performance though, higher performance DNS servers may be better targets for cache poisoning attacks. Faster servers give attackers more opportunities to insert fake entries into the DNS - speed can kill (or at least inflict a nasty wound!) so it's important to understand the security implications if you're looking to upgrade DNS performance. more
As a bit of a history buff I can't avoid a slight tingling of déjà vu every time I read some new story commenting upon the ethics, morality and legality of cyber-warfare/cyber-espionage/cyberwar/cyber-attack/cyber-whatever. All this rhetoric about Stuxnet, Flame, and other nation-state cyber-attack tools, combined with the parade of newly acknowledged cyber-warfare capabilities and units within the armed services of countries around the globe, brings to the fore so many parallels... Call me a cynic if you will, but when the parallels in history are so evident, we'd be crazy to ignore them. more
The United States and Israel are reported to be responsible for developing the Flame virus aimed at collecting intelligence in preparation for cyber-sabotage aimed at slowing Iran's ability to develop a nuclear weapon, according to Western officials with knowledge of the effort. According the Washington Post, "[t]he massive piece of malware secretly mapped and monitored Iran's computer networks, sending back a steady stream of intelligence to prepare for a cyberwarfare campaign, according to the officials." more
US presidential candidate Mitt Romney will likely be reconsidering his email passwords after his online email account was reportedly hacked. A hacker claims to have accessed Romney's Hotmail and Dropbox accounts after guessing the answer to the Republican candidate's 'favourite pet' security question. It's suspected Romney used the same password for more than one account. more
An article in Forbes the other day reports on US Secretary of Homeland Security Janet Napolitano's comments that 'cybercrime represents the "greatest threat and actual activity that we have seen aimed at the west and at the United States" in addition to "or other than Al Qaeda and Al Qaeda-related groups."' ..."Napolitano cited a study commissioned by Symantec that put the total worldwide cost of cybercrime at $388 billion -- higher than the global market for heroin, cocaine and marijuana combined." more
In a blog post, Stewart Baker proposed restricting access to sophisticated anti-virus software as a way to limit the development of sophisticated malware. It won't work, for many different and independent reasons. To understand why, though, it's necessary to understand how AV programs work. The most important technology used today is the "signature" - a set of patterns of bytes - of each virus. Every commercial AV program on the market operates on a subscription model... more
There has been a lot of discussion lately about the potential for IPv6 to create security issues. While there are definitely some security risks of IPv6 deployment, a carefully considered implementation plan can help mitigate against security risks. As we approach World IPv6 Launch tomorrow, I thought it prudent to share the below described incident that iDefense recently observed. more
Here we go again; another instance of really sophisticated spyware has been reported, a system that is "so complex and sophisticated that it's probably an advanced cyber-weapon unleashed by a wealthy country to wage a protracted espionage campaign on Iran". I won't get into the debate about whether or not it's really more impressive than Stuxnet, whether or not it's groundbreaking, or whether or not Israel launched it; let it suffice to say that there are dissenting views. I'm more interested in the implications. more
The world is abuzz this week with some flaming malware - well "Flame" is the family name if you want to be precise. The malware package itself is considerably larger than what you'll typically bump into on average, but the interest it is garnering with the media and antivirus vendors has more to do with the kinds of victims that have sprung up - victims mostly in the Middle East, including Iran - and a couple of vendors claiming the malware as being related to Stuxnet and Duku. more
Talking technical is easy. Distilling technical detail, complex threats and operation nuances down to something that can be consumed by people whose responsibility for dealing with cybercrime lays three levels below them in their organizational hierarchy is somewhat more difficult. Since so many readers here have strong technical backgrounds and often face the task of educating upwards within their own organizations, I figured I'd share 4 slides from my recent presentation that may be helpful in communicating how the world has changed. more
A World-Renowned Source for Internet Developments. Serving Since 2002.