Complied by the Cyber Loop editor
US Cybersecurity Hypothetically Pathetic: An operation dubbed “Cyber ShockWave” has spanked the U.S.’s cyberdefenses — hypothetically. Under the scenario organizers dreamed up, virus-infected smartphones spread malware to their owners’ PCs. From there, the attackers DDoSed telecommunications networks into submission, brought down electrical grids and bombed a gas pipeline. The verdict: America’s cyberdefenses are wanting.
Coming alive to the cyber war threat: The world today finds itself in the twilight zone of warfare. The military capabilities that came into being as a result of industrial revolution are fast becoming dependent upon the innovations created by the Cyber technology. While the destruction oriented firepower weapons and paralysis causing mechanization based mobility were the dominant tools of the First and Second World Wars respectively, computer technology has emerged as the force dominating the scene of warfare in the twenty first century. Operation Desert Storm is considered by many as the fusion point of the two epochs.
Dozens Of Defense Contractors, Agencies Hacked: For anyone who has a security clearance and doesn’t believe the U.S. faces a cyber-espionage crisis, Steven Shirley has 102 stories to share with you. But the large majority of those attacks, Shirley says, didn’t use new, previously unknown software vulnerabilities. Instead, they exploited old software bugs that IT administrators had failed to patch, configuration errors and even poor password practices.
US automates cyber defences to offset skills crisis: The US military is seeking to automate its computer defences to compensate for a drastic shortage of infosecurity experts it can train as cyber warriors. Brigadier General Charles Shugg, deputy commander of the 24th Air Force, the US’ first dedicated cyber warfare command, told Computer Weekly, “We are working to address the demand for cyber operators by automating some of what they do.”
Kneber botnet catches 2,500 companies worldwide: About 75,000 personal computers in almost 2,500 companies and government agencies across the globe have been caught in a botnet uncovered by a researcher at the US-based NetWitness network forensics firm. Hackers were able to collect logins and passwords for Facebook, Yahoo, Hotmail and other accounts, including online banking sites. They were also able to access some corporate servers used to store confidential data, including one used for processing credit-card payments.
Hackers, Troops Rejoice: Pentagon Lifts Thumb-Drive Ban: Soldiers, you are now cleared to use your thumb drives again. U.S. Strategic Command has lifted its ban on the tiny drives, memory sticks, CDs and other “removable flash media” on military networks. The repeal, first reported by InsideDefense.com, may be good news for troops, who depend on the drives to move data in bandwidth-starved locations. But it may be good news for hackers, too. The original network security concerns which prompted the ban haven’t really been addressed, one Strategic Command cyber defense specialist tells Danger Room: “Not much changed. StratCom simply does not have the support to enforce such a ban indefinitely.”
Cybersecurity “is a group effort,” says Mischel Kwon: Cybersecurity is becoming a more central portion of the US national lexicon, particularly in Washington. Recently, the House passed the Cybersecurity Enhancement Act, which has gone to the Senate for approval, and a variety of recent attacks on private organizations has brought cyber attacks into the daily news. Mischel Kwon, presently Vice President of Public Sector Security Solutions at RSA, The Security Division of EMC, and former director of US CERT, is fully cognizant of some of the key challenges facing the government and private sector. The New New Internet recently had the opportunity to sit down with Mrs. Kwon to discuss the role of the government in cyber security, some of the obstacles to greater cooperation and the necessity of cyber education.
“We lack the requisite political and corporate will,” for cybersecurity says former Congressman McMillan: The Cyber Secure Institute has published a whitepaper by former Congressman C. Thomas McMillen on the political and corporate challenges of creating better national cybersecurity. The paper, titled “Cybersecurity: The Challenge of Political and Corporate Will,” examines why US networks are still vulnerable.
Software configuration controls essential to cybersecurity: It’s impossible to get absolute security on enterprise networks, including those run by the government, warned former Air Force Chief Information Officer John Gilligan during a cybersecurity forum Wednesday. But deploying a comprehensive baseline of security measures, including software configuration controls and the discipline to enforce them, could block 85 percent of attacks and provide the foundation to address new ones, he said.
More than 75,000 computer systems hacked in one of largest cyber attacks, security firm says: More than 75,000 computer systems at nearly 2,500 companies in the United States and around the world have been hacked in what appears to be one of the largest and most sophisticated attacks by cyber criminals discovered to date, according to a northern Virginia security firm.
Global Hackers Breached 2,400 Companies, Security Firm Says: Hackers infiltrated the computer networks of more than 2,400 companies in almost 200 countries over an 18-month period, according to a computer security firm. The attacks are continuing and corporate losses are still being compiled, said Tim Belcher, chief technology officer at Herndon, Virginia-based NetWitness Corp. The Wall Street Journal first reported the breach on its Web site yesterday.