Cybercrime

Sponsored
by

Noteworthy

Domain Research and Monitoring: Keeping an Eye on the Web for You

WHOIS History API: Powering Domain Investigations

Reverse WHOIS: A Powerful Process in Cybersecurity

Cybercrime / Most Viewed

Obama Urged to Appoint Cybersecurity Chief in White House

A committee of cybersecurity experts today released a 96-page report detailing recommendations for the next administration on how to combat the growing number of criminal attacks aimed at government networks. Creating a National Office for Cybersecurity within the White House is chief among the report's recommendations. A top cybersecurity official would help coordinate a national strategy among agencies, and would also work with the private sector to boost defenses against hackers, according to the report. more

Hackers Stole Info on $300B Fighter Jet Program, US Defense Secretary Responds on 60 Minutes

Defense Secretary Robert Gates said Tuesday that the United States is "under cyber-attack virtually all the time, every day" and that the Defense Department plans to more than quadruple the number of cyber experts it employs to ward off such attacks. In an interview for an upcoming edition of 60 Minutes, CBS News anchor Katie Couric asked Gates about the nation's cyber security after hackers stole specifications from a $300 billion fighter jet development program as well as other sensitive information... more

U.S. Military to Spend $4.4M on Network Monitoring Upgrades in Wake of Sophisticated Cyber Attacks

BBN Technologies, an advanced technology solutions firm, has been awarded $4.4 million in funding from the Defense Advanced Research Projects Agency (DARPA) for a Scalable Network Monitoring program. "Scalable networking monitoring has become necessary as cyber attacks have grown more subtle and sophisticated," says BBN's announcement. "New technologies and applications provide new attack routes and have made traditional signature-based and anomaly detection-based defensive measures inadequate in both speed and sensitivity. To be effective in today's networks, detection algorithms must operate quickly, efficiently, and effectively in large, content-rich environments. To meet this challenge, the BBN team will develop a complete solution that is intrinsically scalable, designed for ultra high-speed deployment, and produces events that can be correlated with other network events to provide true positive alerts." more

Cybersecurity Improvement Needs Partnership Not Regulation, Says Industry Group

The market-based, voluntary approach that the Bush administration has used to encourage companies to improve cybersecurity is not sufficient and the incoming Obama administration should form a cybersecurity social contract with industry based on economic incentives, according to a new report by Internet Security Alliance (ISAlliance). ISAlliance has released a report suggesting a cybersecurity social contract through which government would encourage and reward corporations by potentially working cybersecurity into procurement and loan processes, along with possible awards programs that could be used as marketing advantages. more

US Teaming Up With Italy to Combat Cybercrime

The head of the U.S. Secret Service on Tuesday signed a memorandum of understanding with the head of the Italian police and the chief executive officer of the Italian Postal Service to set up an international task force to combat cyber crime. The European Electronic Crime Task Force -- not to be confused with the private study group of the same name that began operating in 2003 -- will tackle identity theft, hacking and other computer-based crime from a headquarters in Rome, Italian officials said... more

Washington Debates: When is a Cyberattack an Act of War?

Cyberattacks against Georgia have started debates in Washington on whether the laws of war apply in cyberspace, Siobhan Gorman reports in the Wall Street Journal today. "Cyberweapons are becoming a staple of war. The Georgian conflict is perhaps the first time they have been used alongside conventional military action. Governments and private cyberwarriors can exploit Internet security gaps to not only take down government Web sites but also take control of power grids and nuclear reactors." One key deciding factor, according to one expert in the report, is whether the tools of cyberattacks are weapons? more

F-Secure Third Security Vendor Attacked in One Week

A Romanian hacker site said on Wednesday it was able to breach the website of Helsinki-based security firm F-Secure just as it had gained access to the sites of two other security companies earlier in the week. F-Secure is "vulnerable to SQL Injection plus Cross Site Scripting," an entry on the HackersBlog site said. "Fortunately, F-Secure doesn't leak sensitive data, just some statistics regarding past virus activity." more

Cyber Threats Accelerate: 94% of Web Browser Exploits Occur Within 24 Hours of Disclosure

Today X-Force, IBM's security research and development arm, released its 2008 Midyear Trend Statistics report that indicates cyber-criminals are adopting new automation techniques and strategies that allow them to exploit vulnerabilities much faster than ever before. The new tools are being implemented on the Internet by organized criminal elements, and at the same time public exploit code published by researchers are putting more systems, databases and ultimately, people at risk of compromise. more

US Concerned Over Chinese Cyber Espionage

China is actively conducting cyber espionage as a warfare strategy and has targeted U.S. government and commercial computers, according to a new report from the U.S.-China Economic and Security Review Commission. "China's current cyber operations capability is so advanced, it can engage in forms of cyber warfare so sophisticated that the United States may be unable to counteract or even detect the efforts," according to the annual report recently delivered to Congress. more

New Administration Outlines US Cybersecurity, Advisor to Report Directly to Obama

On his first full-day as US President, Barack Obama on Wednesday outlined plans to declare the country's computer infrastructure a national asset that will be protected by a cyber advisor who will report directly to the president. Part of a broader strategy laid out on the newly revamped Whitehouse.gov website for securing US soil against terrorist attacks and other emergencies, the plan is designed to shore up IT networks and chemical and electrical facilities and prevent cyber-espionage. more

Small Businesses in Denial about Threat Posed by Cyberattacks

Small- and medium-sized businesses are in denial about the threat posed by cyberattacks, security software firm McAfee concluded in a study published this week. While most small- and medium-sized companies believe that they operate under cybercriminals' radar, the study found that one-in-five firms have been attacked. The survey -- which polled 500 companies with 1,000 employees or less -- found that for every eight firms, only ten employees were dedicated to managing the businesses' information-technology systems. more

Investigation on Whether Cyber Criminals Avoid Infecting Local Citizens and Why

In a report on Washington Post's Security Fix, Brian Krebs writes: "Some of the most prolific and recognizable malware disbursed by Russian and East European cyber crime groups purposefully avoids infecting computers if the program detects the potential victim is a native resident. But evidence from the Conficker worm -- which by some estimates is infecting more than one million new PCs each day -- shows that trend may be shifting." Based on an analysis by Microsoft experts, the original version of the Downadup (also known as "Conficker") worm will not install if the malware detects the host system is configured with a Ukrainian keyboard layout. However, the latest variant has no such restriction. more

Software Security Hole Exposes Critical Utilities to Internet attack

Internet attackers could gain control of water treatment plants, natural gas pipelines and other critical utilities because of a vulnerability in the software that runs some of those facilities, security researchers reported Wednesday. Experts with Boston-based Core Security Technologies, who discovered the deficiency, said there's no evidence anyone else found or exploited the flaw. Citect Pty. Ltd., which makes the program called CitectSCADA, patched the hole last week, five months after Core Security first notified Citect of the problem. more

Cybersecurity Groups Start New Initiative to Combat Malware

Three of the world's leading cybersecurity groups today launched a new initiative to combat malicious software (malware) by establishing a "Chain of Trust" among all organizations and individuals that play a role in securing the Internet. Developed by the Anti-Spyware Coalition (ASC), National Cyber Security Alliance (NCSA) and StopBadware.org, the Chain of Trust Initiative will link together security vendors, researchers, government agencies, Internet companies, network providers, advocacy and education groups in a systemic effort to stem the rising tide of malware. more

Researchers Find Flaw in Conficker Worm to Help Find Infected Computers

Just days before the Conficker worm is set to contact its controllers for new instructions, security researchers have discovered a flaw in the worm that makes it much easier for users to detect infected PCs. Tillmann Werner and Felix Leder, members of the Honeynet Project, an all-volunteer organization that monitors Internet threats, have discovered that Conficker-infected PCs return unusual errors when sent specially crafted Remote Procedure Call (RPC) messages, according to preliminary information they have posted on the Web. more