Cybersecurity

Sponsored
by

Cybersecurity / Most Viewed

Survey Suggests Strained Budgets Causing Security Cutbacks on Known Threats

A recent survey of security professionals by RSA Conference with regards to critical security threats and infrastructure issues currently faced, revealed budgetary constrains as the top challenge currently faced. According to reports, the study suggests that even though practitioners are most concerned about email phishing and securing mobile devices, technologies addressing these needs are at risk of being cut from IT budgets. 72% percent of respondents indicated a rise in email-borne malware and phishing attempts since Fall 2008, with 57% stating they have seen an increase in Web-borne malware. Concerns about zero-day attacks and rogue employees as a result of layoffs were cited by 28% and 26% of survey respondents, respectively. more

Microsoft Offers $250K Reward for the Arrest of Conficker Computer Warm Authors

Microsoft is trying to put some pressure on the criminals responsible for the worst Internet worm outbreak in years, offering a $250,000 reward for information leading to the arrest and conviction of Conficker's creators. The software vendor said it was also working with security researchers, domain name registrars and the Internet Corporation for Assigned Names and Numbers (ICANN) to try to take down the servers that have been launching the Conficker attacks. ICANN is the nonprofit corporation that oversees Internet addresses. more

Cyberwar Against Britain Waged by Criminals and Terrorists

Britain's Government has warned that computer networks controlling electricity supplies, telecommunications and banking are under constant attack at a rate of thousands of times a day. According to reports, the cyberwar against Britain is waged by criminals and terrorists some of whom are backed by foreign stats. "If you take the whole gamut of threats, from state-sponsored organizations to industrial espionage, private individuals and malcontents, you're talking about a remarkable number of attempted attacks on our system -- I'd say in the thousands," Lord West of Spithead, the Security Minister said. "Some are spotted instantly. Others are much, much cleverer." more

UN Internet Governance Forum to Hold First Meeting

The UN's Internet Governance Forum will hold its first meeting Oct. 30 to discuss the future of the Internet, especially as it relates to access, security, diversity and emerging issues.

...Nitin Desai, who will chair the meeting, said the technology is young and people have not really sorted out how the Internet should be treated. He compared debates about the Internet to those about the chemical composition of ink and the design of the paper when the printer was invented, which missed the point. more

Over Half of Critical Infrastructure Providers Report Politically Motivated Cyber Attacks

A recent study released today suggests 53 percent of critical infrastructure providers have experienced what they perceived as politically motivated cyber attacks. According to Symantec's 2010 Critical Information Infrastructure Protection (CIP) Survey, participants claimed to have experienced such an attack on an average of 10 times in the past five years, incurring an average cost of $850,000 during a period of five years to their businesses. more

Google Announces Experiment with Post-Quantum Cryptography

Google is experimenting with new cryptography to future-proof Internet communications against quantum computers. Matt Braithwaite, Google Software Engineer in a blog post on Thursday wrote: "Quantum computers are a fundamentally different sort of computer that take advantage of aspects of quantum physics to solve certain sorts of problems dramatically faster than conventional computers can." more

U.S. Congress Fears Cyberattack on Electric Power Grids

The potential for "cybersecurity" attacks on the United State's electric power grids has spurred politicians to consider legislation to broaden federal authority over electric companies.

Congress already has been consulting with federal agencies and industry associations over how to craft such legislation. On Thursday, legislators sought further input at a hearing before the House Energy and Commerce's subcommittee on energy and air quality. more

NYT: US Weighing Risks of Civilian Harm in Cyberwarfare

John Markoff and Thom Shanker reporting in the New York Times: "It would have been the most far-reaching case of computer sabotage in history. In 2003, the Pentagon and American intelligence agencies made plans for a cyberattack to freeze billions of dollars in the bank accounts of Saddam Hussein and cripple his government's financial system before the United States invaded Iraq. He would have no money for war supplies. No money to pay troops... But the attack never got the green light. Bush administration officials worried that the effects would not be limited to Iraq but would instead create worldwide financial havoc..." more

Reported Cyberattack Against Israel Only Ransomware to Regulatory Body, Electric Grid Not In Danger

Ransomware via a phishing attack was sent to Israel Electric Authority, not the power grid, as was heavily reported in mainstream media today. According to a cyber analyst in Israel (Eyal Sela) the media reporting so far is misleading with regards to the context around the incident, reports Robert M. Lee of SANS Institute. more

US States Taking Increasingly Active Role Against Cybercrime

It's unclear whether cyber crime is increasing or simply being reported more often -- or a combination of the two. But as the number of cyber crime cases increase, state and local law enforcement agencies are taking an increasingly active role in investigating them. The number of complaints that individuals filed with the Internet Crime Complaint Center (IC3) jumped more than 30 percent from 2007 to 2008 and corporate cyber crimes continues to make headlines. The FBI, nonprofit National White Collar Crime Center and Bureau of Justice Assistance jointly operate the IC3... more

U.S. Government Denying The Internet to Enemies

The new National Strategy for Homeland Security, issued earlier this week by the White House, places a greater emphasis on the "uninterrupted use of the Internet and the communications systems, data, monitoring, and control systems that comprise our cyberinfrastructure." more

United States and Britain to Conduct Financial Cyber-Security Test

U.S. and Britain plan to conduct a test later this month to assess how regulators for the world's two biggest financial centers in New York and London would communicate in the event of a major cyberattack or broader IT problems, a spokesman for British government cybersecurity body CERT-UK said on Monday. more

Security Experts Criticize Obama's New Cybersecurity Plan, Say It's Full of Holes

Despite being a respectable start, security experts call the report overheated and "clear as mud"... while many experts applaud this new focus as vital to protecting critical U.S. infrastructure and economic institutions, some analysts have noted that the report fails to answer many key questions, contains a number of inconsistencies and possible inaccuracies, and generally exaggerates the threat to the country. "It's a plan for a plan," said O. Sami Saydjari, chairman of the Professionals for Cyber Defense. "Given how bureaucracies work, they tend not to come up with bold plans in 60 days. The hard problems have yet to be grappled with." more

BIND9 DNS Vulnerability Warning Issued by CERT, ISC

The Internet Systems Consortium and United States Computer Emergency Readiness Team are warning about a vulnerability discovered in the Berkeley Internet Name Domain 9 Domain Name Server code that could be exploited to cause a system crash... "By sending a specially-crafted packet to a BIND9 Server, a remote unauthenticated attacker can cause a denial of service, causing BIND to crash," according to the US-CERT advisory. more

Experts Concerned Economic Downturn Getting in the Way of Patching Critical DNS Flaw

The discovery of a major DNS flaw in mid-2008 landed the technology in many headlines, but with economic concerns weighing on many in IT, industry watchers worry that revamping systems and security around domain name servers could be put on hold in 2009. The vulnerability discovered by director of penetration testing at IOActive Dan Kaminsky motivated numerous vendors to upgrade their products to protect enterprise networks against cache poisoning and other DNS attacks, such as distributed denial-of-service (DDoS). IT directors were encouraged to upgrade their DNS systems to guard against potential threats... more