Cyberattack

Cyberattack / Most Viewed

U.S. and China Negotiating Cyeberwarfare Control Deal

United States and China are in negotiation to establish a cyberattack agreement, according to reports. If successful, it "could become the first arms control accord for cyberspace, embracing a commitment by each country that it will not be the first to use cyberweapons to cripple the other's critical infrastructure during peacetime," reports David Sanger in the New York Times. more

Washington Debates: When is a Cyberattack an Act of War?

Cyberattacks against Georgia have started debates in Washington on whether the laws of war apply in cyberspace, Siobhan Gorman reports in the Wall Street Journal today. "Cyberweapons are becoming a staple of war. The Georgian conflict is perhaps the first time they have been used alongside conventional military action. Governments and private cyberwarriors can exploit Internet security gaps to not only take down government Web sites but also take control of power grids and nuclear reactors." One key deciding factor, according to one expert in the report, is whether the tools of cyberattacks are weapons? more

UK Hospitals Forced to Cancel Appointments, Operations Over Cyberattack

Appointments and operations at three hospitals in the United Kingdom have been canceled due to a cyberattack on the computer network lasting five days. more

F-Secure Third Security Vendor Attacked in One Week

A Romanian hacker site said on Wednesday it was able to breach the website of Helsinki-based security firm F-Secure just as it had gained access to the sites of two other security companies earlier in the week. F-Secure is "vulnerable to SQL Injection plus Cross Site Scripting," an entry on the HackersBlog site said. "Fortunately, F-Secure doesn't leak sensitive data, just some statistics regarding past virus activity." more

US Banks Face New Demands by Regulators for Higher Cyber Risk Management Standards

U.S. bank regulators on Wednesday outlined cyber security standards meant to protect financial markets and consumers from online attacks against the nation's leading financial firms," Patrick Rucker reporting in Reuters. more

Cyber Threats Accelerate: 94% of Web Browser Exploits Occur Within 24 Hours of Disclosure

Today X-Force, IBM's security research and development arm, released its 2008 Midyear Trend Statistics report that indicates cyber-criminals are adopting new automation techniques and strategies that allow them to exploit vulnerabilities much faster than ever before. The new tools are being implemented on the Internet by organized criminal elements, and at the same time public exploit code published by researchers are putting more systems, databases and ultimately, people at risk of compromise. more

US Transportation Department: Air Traffic Control System Vulnerable to Cyberattack

The Federal Aviation Administration’s air traffic control system is vulnerable to cyberattacks via Web applications that support the system, according to a new report released by the Transportation Department’s Office of Inspector General (OIG). “In our opinion, unless effective action is taken quickly, it is likely to be a matter of when, not if, [air traffic control] systems encounter attacks that do serious harm to [air traffic control] operations,” wrote Rebecca Leng, DOT’s assistant inspector general for financial and information technology audits, in the report... more

US Defense Secretary to Announce Creation of New Military 'Cyber Command'

The Obama administration plans to create a new military command to coordinate the defense of Pentagon computer networks and improve U.S. offensive capabilities in cyberwarfare, according to current and former officials familiar with the plans. The initiative will reshape the military's efforts to protect its networks from attacks by hackers, especially those from countries such as China and Russia. The new command will be unveiled within the next few weeks, Pentagon officials said... more

US Concerned Over Chinese Cyber Espionage

China is actively conducting cyber espionage as a warfare strategy and has targeted U.S. government and commercial computers, according to a new report from the U.S.-China Economic and Security Review Commission. "China's current cyber operations capability is so advanced, it can engage in forms of cyber warfare so sophisticated that the United States may be unable to counteract or even detect the efforts," according to the annual report recently delivered to Congress. more

New Administration Outlines US Cybersecurity, Advisor to Report Directly to Obama

On his first full-day as US President, Barack Obama on Wednesday outlined plans to declare the country's computer infrastructure a national asset that will be protected by a cyber advisor who will report directly to the president. Part of a broader strategy laid out on the newly revamped Whitehouse.gov website for securing US soil against terrorist attacks and other emergencies, the plan is designed to shore up IT networks and chemical and electrical facilities and prevent cyber-espionage. more

Small Businesses in Denial about Threat Posed by Cyberattacks

Small- and medium-sized businesses are in denial about the threat posed by cyberattacks, security software firm McAfee concluded in a study published this week. While most small- and medium-sized companies believe that they operate under cybercriminals' radar, the study found that one-in-five firms have been attacked. The survey -- which polled 500 companies with 1,000 employees or less -- found that for every eight firms, only ten employees were dedicated to managing the businesses' information-technology systems. more

Pro-Trump Russians Accused for Democratic National Committee Email Hack, FBI Investigating

"DNC Hack Prompts Allegations of Russian Involvement," Damian Paletta and Devlin Barrett reported in the Wall Street Journal today: "U.S. authorities said they are still investigating who perpetrated the hack, but cybersecurity experts said the email release resembled past examples of political interference that other countries have tied to Russia." more

Software Security Hole Exposes Critical Utilities to Internet attack

Internet attackers could gain control of water treatment plants, natural gas pipelines and other critical utilities because of a vulnerability in the software that runs some of those facilities, security researchers reported Wednesday. Experts with Boston-based Core Security Technologies, who discovered the deficiency, said there's no evidence anyone else found or exploited the flaw. Citect Pty. Ltd., which makes the program called CitectSCADA, patched the hole last week, five months after Core Security first notified Citect of the problem. more

Researchers Find Flaw in Conficker Worm to Help Find Infected Computers

Just days before the Conficker worm is set to contact its controllers for new instructions, security researchers have discovered a flaw in the worm that makes it much easier for users to detect infected PCs. Tillmann Werner and Felix Leder, members of the Honeynet Project, an all-volunteer organization that monitors Internet threats, have discovered that Conficker-infected PCs return unusual errors when sent specially crafted Remote Procedure Call (RPC) messages, according to preliminary information they have posted on the Web. more

The Real Pain Caused by Russian Cyberattacks on Georgia and Estonia

The popular concept of the cyber-attacks launched by Russia against Estonia and Georgia in recent years is that an army of volunteer hackers bombarded government computers in those target countries with disabling botnet attacks. But the reality is that most of the cyber-pain suffered by Estonia, for example, was caused when the U.S. and European banking system chose intentionally to cut off Estonia from the Internet-based financial clearing networks, because the networks couldn't distinguish bona fide transactions emanating from Estonia from botnet-induced bogus transactions. more