Cyberattack

Cyberattack / Most Viewed

Research Group Releases International Law on Cyber Warfare Manual

The newly released handbook applies the practice of international law with respect to electronic warfare. The Tallinn Manual on the International Law Applicable to Cyber Warfare -- named for the Estonian capital where it was compiled -- was created at the behest of the NATO Co-operative Cyber Defence Centre of Excellence, a NATO think tank. It takes current rules on battlefield behaviour, such as the 1868 St Petersburg Declaration and the 1949 Geneva Convention, to the internet, occasionally in unexpected ways. more»

Tactics for Responding to Cyber Attacks - Squeezing Your Cyber Response-Curve: Part 1

Many cyber attacks against companies today go unreported, and more still are undetected... Timing and context are everything. The faster a company identifies a problem, and the faster and deeper it is understood and its relevance to the business, the more effectively the company can respond. We call this squeezing the cyber response curve. This two-part post will discuss the current state of cyber threats, what the cyber response curve is and its impact your organization and how you can effectively squeeze this curve to improve attack response. more»

Cyberspace is Man-Made and Its Laws Can Be Rewritten to Favor Defensive Forces, Says US Air Force

Air Force Research Laboratory's "Integrated Cyber Defense" program, has recently announced a project request for proposals based on the belief that "the 'laws' of cyberspace can be rewritten, and therefore the domain can be modified at any level to favor defensive forces." The objective of the program, according to the announcement issued last month, is to "avoid threats entirely by obviating the effects of adversary actions, deterring attacks, and anticipating threats," which is partly based on the following philosophy offered by the Air Force... more»

Romney Emails Hacked

US presidential candidate Mitt Romney will likely be reconsidering his email passwords after his online email account was reportedly hacked. A hacker claims to have accessed Romney's Hotmail and Dropbox accounts after guessing the answer to the Republican candidate's 'favourite pet' security question. It's suspected Romney used the same password for more than one account. more»

Google Chrome Found Vulnerable to Carpet-Bombing

Just hours after the launch of Google's new web browser, reports have surfaced about its security vulnerability to carpet-bombing that can expose Windows users to hacker attacks. If exploited, hackers could potentially run unauthorized software on a victim's computer and then used to execute web-based computer attacks. Researcher Aviv Raff has discovered that it is possible to combine this vulnerability (also at one point affecting Apple Safari which uses the same WebKit technology used by Google's Chrome browser) and a Java bug discussed at this year's Black Hat conference, to trick users into launching executables direct from the new browser. more»

US Racing on Multiple Fronts to Plug the Holes in Cyber Defenses

The Pentagon is about to roll out an expanded effort to safeguard its contractors from hackers and is building a virtual firing range in cyberspace to test new technologies, according to officials familiar with the plans, as a recent wave of cyber attacks boosts concerns about U.S. vulnerability to digital warfare. The twin efforts show how President Barack Obama's administration is racing on multiple fronts to plug the holes in U.S. cyber defenses... more»

Two Europeans Charged for DDOS Attacks in U.S.

A British man and a German man have been indicted by a federal grand jury on charges of conspiring to intentionally cause damage to the computers of two U.S.-based retail satellite companies by launching large-scale distributed denial of service (DDOS) attacks that shut down the companies' websites. The two men were allegedly hired by the owner of Orbit Communication, currently wanted by the FBI, to carry out DDOS attacks. Those attacks were directed at the public websites of two of Orbit's competitors, Rapid Satellite of Miami, Florida, and Weaknees of Los Angeles. If convicted, Walker and Gembe face 15 years in prison. more»

According to the Department of Homeland Security, Cybercrime Is a Bigger Threat Than Terrorism

An article in Forbes the other day reports on US Secretary of Homeland Security Janet Napolitano's comments that 'cybercrime represents the "greatest threat and actual activity that we have seen aimed at the west and at the United States" in addition to "or other than Al Qaeda and Al Qaeda-related groups."' ..."Napolitano cited a study commissioned by Symantec that put the total worldwide cost of cybercrime at $388 billion -- higher than the global market for heroin, cocaine and marijuana combined." more»

Arrest Made in Connection to Spamhaus DDoS Case

According to a press release by the Openbaar Ministerie (the Public Prosecution Office), a dutch man with the initials SK has been arrested in Spain for the DDoS attacks on Spamhaus. more»

U.S. Not Vulnerable to Type of Cyberattacks Launched at Georgia

Experts agree that the U.S. is probably more Internet-dependent than any place in the world and hence more vulnerable than any other country. However in a CNN report today, Scott Borg, director of the United States Cyber Consequences Unit, a nonprofit research institute, says that U.S. "can command so much bandwidth that it's hard to overwhelm our servers," in light of last week's, and still ongoing, cyberattacks against Georgia. "We are vulnerable to more sophisticated attacks, but right now most of the people who want to do us harm don't have those capabilities," says Borg. more»

Information Warfare Publicly Admitted, No Longer Just a Tool for Espionage

Gadi Evron reporting today on Dark Reading: "A National Journal Magazine article called "The Cyberwar Plan" has been making waves the last few days in our circles -- it's about how cell phone and computer attacks were used against Iraqi insurgents by the National Security Agency (NSA). Its significance is far more than just what's on the surface, however. The article describes several issues and that in my opinion confuses what matters..." more»

Best Practices for Implementing IPv6 and Avoiding Traffic Exposures

There has been a lot of discussion lately about the potential for IPv6 to create security issues. While there are definitely some security risks of IPv6 deployment, a carefully considered implementation plan can help mitigate against security risks. As we approach World IPv6 Launch tomorrow, I thought it prudent to share the below described incident that iDefense recently observed. more»

Escalating US, Chinese Silent War on the Internet

Jason Mick reporting in DailyTech: "In the definitive cyberpunk novel Neuromancer, published in 1984, author William Gibson prophetically envisioned that wars of the future would be fought over the internet -- a new construct at the time. Today that prediction appears on the verge of coming true as we stand on the threshold of a vast digital battle. Agents in China, believed to be working for, or endorsed by the Chinese federal government are carrying out a secret cyberwar against the U.S. government and U.S. businesses. And that war appears to be escalating." more»

Cyberattackers Targeting Iranian Infrastructure and Communications Companies

Internet based attacks have targeted Iranian infrastructure and communications companies, disrupting Internet access across the country, according to today's reports. Country's secretary of the High Council of Cyberspace, has been quoted telling the Iranian Labour News Agency: "Yesterday we had a heavy attack against the country's infrastructure and communications companies which has forced us to limit the Internet. ... Presently we have constant cyber attacks in the country." more»

DHS Cybersecurity Chief: We Want to Build Cybersecurity Into DNA of Infrastructure

The U.S. Department of Homeland Security's cybersecurity top official Phil Reitinger was recently interviewed by the InformationWeek stating: "Cybersecurity always has been and always will be a distributed effort. If people want to say, well, there's a single locus of cybersecurity and anything and everything will be handled from one point, I say, dream on. We want to build cybersecurity into the DNA of the infrastructure, into the DNA of the businesses, into the DNA of all the government entities." more»