South Korea's ruling party chairman has offered to resign over a cyberattack reported to have been orchestrated by an aide to one of the conservative party's lawmakers. The move comes after police concluded the distributed denial-of-service (DDoS) attacks on the election watchdog's website on the day of by-elections in October was masterminded solely by a 27-year-old aide to the ruling Grand National Party. The aide has also admitted to orchestrating a similar cyberattack on the website of Park Won-soon, who was elected Seoul mayor in the Oct. 26 elections. more
The United States White House Office of Science and Technology Policy (OSTP) has released a new report titled, Trustworthy Cyberspace: Strategic Plan for the Federal Cybersecurity Research and Development Program, specifying an agenda for "game-changing" cybersecurity R&D according to an official announcement today. The report is described as "a roadmap to ensuring long-term reliability and trustworthiness of the digital communications network that is increasingly at the heart of American economic growth and global competitiveness." more
Security analysis suggest troubling and escalating trends in the development of malware that exploits vulnerabilities on mobile devices. "From turning mobile devices into bots, to infiltration of mobile applications, driven by the use of personal devices in the workplace, cybercriminals are taking full advantage of this market," reports M86 Security Labs in its just released Threat Predictions Report. more
While at that same Virus Bulletin conference that I was talking about earlier in my other post, I also had the chance to check out a session on Chinese DDoS malware put on by some folks from Arbor Networks. As little insight as I have into Android malware, I know even less about Chinese DDoS malware. So what's Chinese DDoS malware like? What are its characteristics? more
The first joint cyber security exercise between the EU and US is being held today in Brussels, with the support of the EU's cyber security Agency ENISA and the US Department of Homeland Security. The day-long table-top exercise, named "Cyber Atlantic 2011", is using simulated cyber-crisis scenarios to explore how the EU and US would engage each other and cooperate in the event of cyber-attacks on their critical information infrastructures. more
According to reports today, hackers have attacked Palestinian servers, cutting off phone and Internet service across the West Bank and Gaza. Foreign governments are accused to be behind the attack. "Since this morning all Palestinian IP addresses have come under attack from places across the world," said the Palestinian communications minister today. Reneys reports these outages are the largest observed all year for this country, which normally has a fairly stable Internet. more
New security report has revealed at least 48 companies involved in research, development, manufacturing of chemicals and advanced materials have been victims of a coordinated cyberattack traced to a source in China. The purpose of the attacks, code named Nitro, appear to be industrial espionage, collecting intellectual property for competitive advantage, according to Symantec. more
In the past 24 months, distributed denial of service (DDoS) attacks have changed profoundly. Gone are the days when attackers worked under the radar, when machines were infected by botnet code unknowingly and attacks were disguised leaving very little to trace the exact origin. ... The other game-changer: It's easier than ever to execute attacks. The tools are so widely available that anyone with basic skills and a high-speed connection can become a "hacktivist." more
The last couple of years have seen a growth in commercial sinkholing operations. What was once an academic method for studying botnets and other types of Internet-born threat, has more recently turned in to an increasingly profitable business for some organizations. Yesterday I published a blog on the DarkReading site titled Sinkholing For Profit, and I wanted to expand upon some aspects of the sinkholing discussion (there's only so much you can fit in to 800-ish word limits). more
A reader recently brought to my attention an upcoming conference in London in the UK -- The Oil and Gas Cyber Security Forum. Here's a little blurb: "Despite investments into state of the art technology, a majority of the oil and gas industry remain blissfully unaware of the vulnerabilities, threats and capability of a malicious cyber attack on control systems..." I bring this up because it is relevant to the trends in cyber security that we see this year - that of the Advanced Persistent Threat. more
Virus researchers at Symantec Corp. have revealed a variant of the Stuxnet worm, named Duqu, that is found to be stealing information about industrial control systems. Symantec reports: "Duqu's purpose is to gather intelligence data and assets from entities, such as industrial control system manufacturers, in order to more easily conduct a future attack against another third party. The attackers are looking for information such as design documents that could help them mount a future attack on an industrial control facility... Parts of Duqu are nearly identical to Stuxnet, but with a completely different purpose." more
I came across an interesting article on Reuters today: "U.S. securities regulators formally asked public companies for the first time to disclose cyber attacks against them, following a rash of high-profile Internet crimes..." This is a pretty big step for the SEC. Requiring companies to disclose when they have been hacked shifts the action on corporations from something voluntary to something that they have to do. The question is do we want to hear about everything? more
According to Kaspersky Lab, 2011 has seen "numerous DDoS attacks with a variety of motives," many of which will "go down in the annals of cybercrime." As we look ahead to 2012, it's worth examining some of those motives to see what they portend. more
The Domain Name System, or DNS, has come a long way since its early days and the constant expansion of consumer activity and security concerns has raised further awareness about the critical role of the DNS. However, as the Yankee Group Research points out in a recent report, "there are more changes coming that are also raising the profile of DNS -- notably the move to cloud computing and the migration to IPv6." Suffice to say this is "Not Your Father's DNS". The report titled, "DNS: Risk, Reward and Managed Services" takes a fresh look at today's state of the DNS and the pros and cons of in-house, ISP and managed service provider DNS management options. more
Wout de Natris: "In this decision OPTA revokes the registration of Diginotar as a so called Trusted Third Party. Diginotar issued certified certificates for digital signatures. The security breach by Iranian hackers over the summer, which Diginotar did not report to the authorities, lead to severe credibility issues for all Diginotar certificates issued before. This included Dutch government websites, but also led to severe breaches of privacy for Iranian end users, in multiple countries. As a result of OPTA's decision all certificates issued by Diginotar have to be revoked, while at the same she is forbidden to issue new ones. more
A World-Renowned Source for Internet Developments. Serving Since 2002.