Cyberattack

Cyberattack / Most Viewed

NYT: US Weighing Risks of Civilian Harm in Cyberwarfare

John Markoff and Thom Shanker reporting in the New York Times: "It would have been the most far-reaching case of computer sabotage in history. In 2003, the Pentagon and American intelligence agencies made plans for a cyberattack to freeze billions of dollars in the bank accounts of Saddam Hussein and cripple his government's financial system before the United States invaded Iraq. He would have no money for war supplies. No money to pay troops... But the attack never got the green light. Bush administration officials worried that the effects would not be limited to Iraq but would instead create worldwide financial havoc..." more

U.S. Congress Fears Cyberattack on Electric Power Grids

The potential for "cybersecurity" attacks on the United State's electric power grids has spurred politicians to consider legislation to broaden federal authority over electric companies.

Congress already has been consulting with federal agencies and industry associations over how to craft such legislation. On Thursday, legislators sought further input at a hearing before the House Energy and Commerce's subcommittee on energy and air quality. more

US States Taking Increasingly Active Role Against Cybercrime

It's unclear whether cyber crime is increasing or simply being reported more often -- or a combination of the two. But as the number of cyber crime cases increase, state and local law enforcement agencies are taking an increasingly active role in investigating them. The number of complaints that individuals filed with the Internet Crime Complaint Center (IC3) jumped more than 30 percent from 2007 to 2008 and corporate cyber crimes continues to make headlines. The FBI, nonprofit National White Collar Crime Center and Bureau of Justice Assistance jointly operate the IC3... more

Sophisticated Maleware Found Aimed to Target Energy Companies

"The threat uses sophisticated techniques to evade detection and prepares the ground for more malware components," Lucian Constantin reporting in CIO: "Security researchers have discovered a new malware threat that goes to great lengths to remain undetected while targeting energy companies." more

Over Half of Critical Infrastructure Providers Report Politically Motivated Cyber Attacks

A recent study released today suggests 53 percent of critical infrastructure providers have experienced what they perceived as politically motivated cyber attacks. According to Symantec's 2010 Critical Information Infrastructure Protection (CIP) Survey, participants claimed to have experienced such an attack on an average of 10 times in the past five years, incurring an average cost of $850,000 during a period of five years to their businesses. more

Security Experts Criticize Obama's New Cybersecurity Plan, Say It's Full of Holes

Despite being a respectable start, security experts call the report overheated and "clear as mud"... while many experts applaud this new focus as vital to protecting critical U.S. infrastructure and economic institutions, some analysts have noted that the report fails to answer many key questions, contains a number of inconsistencies and possible inaccuracies, and generally exaggerates the threat to the country. "It's a plan for a plan," said O. Sami Saydjari, chairman of the Professionals for Cyber Defense. "Given how bureaucracies work, they tend not to come up with bold plans in 60 days. The hard problems have yet to be grappled with." more

Reported Cyberattack Against Israel Only Ransomware to Regulatory Body, Electric Grid Not In Danger

Ransomware via a phishing attack was sent to Israel Electric Authority, not the power grid, as was heavily reported in mainstream media today. According to a cyber analyst in Israel (Eyal Sela) the media reporting so far is misleading with regards to the context around the incident, reports Robert M. Lee of SANS Institute. more

United States and Britain to Conduct Financial Cyber-Security Test

U.S. and Britain plan to conduct a test later this month to assess how regulators for the world's two biggest financial centers in New York and London would communicate in the event of a major cyberattack or broader IT problems, a spokesman for British government cybersecurity body CERT-UK said on Monday. more

Schneier: "Someone Is Learning How to Take down the Internet"

"Over the past year or two, someone has been probing the defenses of the companies that run critical pieces of the Internet," wrote renowned security expert, Bruce Schneier, in a piece published in Lawfare. more

U.S. Senate Modernizes Cyber-Crime Laws

The U.S. Senate has passed legislation to modernize the nation's computer crime laws and give prosecutors more leeway in pursuing cyber crooks, reports Brian Krebs of The Washington Post. "Under current federal cyber-crime laws prosecutors must show that the illegal activity caused at least $5,000 in damages before they can bring charges for unauthorized access to a computer. Under the bill approved today, that threshold would be eliminated." more

We Must Avoid Cyber Crisis Equivalent to Current Financial Crisis, Urge Experts

Cybercrime is likely to wreak as much havoc as the credit crisis in the coming years if international regulation is not improved, some of the world's top crime experts said on Wednesday. Damage caused by cybercrime is estimated at $100 billion annually, said Kilian Strauss, of the Organization for Security and Cooperation in Europe (OSCE). more

Last Quarter Saw a Surge in the Number of Bot-Infected PCs

Security experts warn that there has been a threefold increase in the number of hijacked 'zombie' PCs over the last quarter. Brian Krebs reporting on WashingtonPost: "The estimates come from Shadowserver, a group of volunteers that monitor activity from robot networks or 'botnets,' large armies of hacked personal computers used for spam, phishing and all kinds of criminal activity. Shadowserver saw a rise from roughly 100,000 botted PCs to about 400,000 over the past three months." The apparent increase may be partly due to Shadowserver's deployment of more sensors detecting botnet attacks however it is also noted that criminals are getting more advanced at hiding bots. more

Obama Urged to Appoint Cybersecurity Chief in White House

A committee of cybersecurity experts today released a 96-page report detailing recommendations for the next administration on how to combat the growing number of criminal attacks aimed at government networks. Creating a National Office for Cybersecurity within the White House is chief among the report's recommendations. A top cybersecurity official would help coordinate a national strategy among agencies, and would also work with the private sector to boost defenses against hackers, according to the report. more

Cybersecurity Improvement Needs Partnership Not Regulation, Says Industry Group

The market-based, voluntary approach that the Bush administration has used to encourage companies to improve cybersecurity is not sufficient and the incoming Obama administration should form a cybersecurity social contract with industry based on economic incentives, according to a new report by Internet Security Alliance (ISAlliance). ISAlliance has released a report suggesting a cybersecurity social contract through which government would encourage and reward corporations by potentially working cybersecurity into procurement and loan processes, along with possible awards programs that could be used as marketing advantages. more

U.S. Military to Spend $4.4M on Network Monitoring Upgrades in Wake of Sophisticated Cyber Attacks

BBN Technologies, an advanced technology solutions firm, has been awarded $4.4 million in funding from the Defense Advanced Research Projects Agency (DARPA) for a Scalable Network Monitoring program. "Scalable networking monitoring has become necessary as cyber attacks have grown more subtle and sophisticated," says BBN's announcement. "New technologies and applications provide new attack routes and have made traditional signature-based and anomaly detection-based defensive measures inadequate in both speed and sensitivity. To be effective in today's networks, detection algorithms must operate quickly, efficiently, and effectively in large, content-rich environments. To meet this challenge, the BBN team will develop a complete solution that is intrinsically scalable, designed for ultra high-speed deployment, and produces events that can be correlated with other network events to provide true positive alerts." more

Industry Updates

Using Threat Intelligence Feeds to Prevent Orcus RAT Infections

The Orvis.com Data Leak: A Short Investigation Using WHOIS Information

Post NordVPN Data Exposure: Using Domain Threat Intelligence to Prevent MitM Attacks

InterMed Breach: How Threat Intelligence Sources Help Maintain Domain Integrity

BriansClub & PoS Malware Attacks: How Threat Intelligence Solutions Help Prevent Payment Card Theft

Alleviating the Constant Clash Between DevSecOps and DevOps Teams

Cloud and IaaS DLP Woes: Is Additional Threat Intelligence a Solution?

Carpet-Bombing Attacks: A Rising Threat to ISPs

How Threat Intelligence Prevents Nameserver Takeovers and Their Far-Reaching Damage

Can Domain Blacklisting Be Avoided?

How to Stay Safe Against DNS-Based Attacks

Unraveling Unsolved Mysteries with Threat Intelligence

IP Geolocation: Improving Data Loss Prevention in Virtual Environments through Geofencing

Is Blocking via IP Geolocation the Answer to Preventing DDoS Attacks?

Common Threats That Can Be Overcome by Email Verification