• Google turns to NSA for assistance in thwarting Chinese cyberattacks

    Google has developed a reputation as a company that likes to keep its distance from government agencies; the cyberattacks on Google by the Chinese intelligence services has caused Google to reconsider; it is now finalizing a new deal with the NSA to share data – the company’s first formal agreement with the NSA; the spy agency will help Google develop better defenses against Chinese encroachment

  • Cybersecurity bill urges research, task force

    HR 4061 would provide up to $396 million in research grants over the next four years to develop best practices and standards to protect computer networks; the bill also calls for $94 million to go toward scholarships for students who pursue this field of study; the bill would require the National Institute of Standards and Technology (NIST) to establish a cybersecurity awareness program and implement standards for managing personal information stored on computer system

  • DNI Dennis Blair: U.S. critical infrastructure severely threatened

    Blair: “The United States confronts a dangerous combination of known and unknown vulnerabilities, strong and rapidly expanding adversary capabilities, and a lack of comprehensive threat awareness”

  • Security experts worry over iPad security risks

    Security experts that the fact that the iPad will be locked down as the iPhone is, will not prevent hackers using phishing attacks and browser exploits from attacking to new device; while the iPad uses the same OS as the iPhone, it is more powerful; this means attacks based on doctored PDF files may potentially become a risk

  • Critical infrastructure executives fear China

    Operators of electrical grids, telecommunications networks, and other critical infrastructure say their systems are under constant cyber attack; more than 54 percent of the respondents said their critical systems have already suffered large-scale attacks or stealthy infiltrations

  • E-passports vulnerable to traceability attacks, allowing real-time tracking of passport holders

    The electronic passports issued by the United States, the United Kingdom, and some fifty other countries are vulnerable to “traceability attacks”: hackers can remotely track an e-passport holder in real time without first knowing the cryptographic keys that protect the personal information embedded in the e-passport

  • Stealth data: a new dimension in PC data protection

    Researchers at St. Poelten University of Applied Sciences develop the first viable steganographic solution for windows; data can now be protected better than ever before with the Windows operating system, without leaving the slightest trace or giving away the tiniest hint of its existence

  • Targeted attacks top telco nightmares, replacing botnet floods

    Targeted attacks against backend systems have replaced botnet-powered traffic floods as the main concerns for security staff at telcos and large ISPs; the most potent DDoS attacks recorded in 2009 hit 49 Gbps, a relatively modest 22 percent rise from the 40 Gbps peak reached in 2008

  • Cyber sleuth finds China's fingerprints on code used in Google attacks

    SecureWorks’ Joe Stewart says he found Chinese fingerprints on the code used in the attacks on Google and other Western companies; the telltale sign is an error-checking algorithm in the software that installed the Hydraq backdoor on compromised PCs

  • Aussies open new Cyber Security Operations Center

    The Australian Strategic Policy Institute warned of the nation’s increasing vulnerability to cyber attacks, putting at risk not only its defense system but also its economy, businesses, food production, power and water supplies, transport, and telecommunications; the government is especially worried about sustained cyberattacks from China; the center, operated by the highly secret Defense Signals Directorate, is part of a series of moves launched last year under the government’s cyber security strategy

  • What the Chinese attacks on Google mean for enterprise security

    Chinese government intelligence operatives exploited vulnerabilities in Internet Explorer 6 and higher to launch sustained cyber attacks against 32 Western companies operating in China; the hacking of the Gmail accounts of political dissidents were but a tiny part of the attacks; rather, the attacks were part of a coordinated campaign that targeted the intellectual property of a wide swath of the U.S. industrial base, including Dow Chemical, Symantec, Yahoo!, Northrop Grumman, and Juniper Networks; wide-ranging industrial espionage is a central element in the Chinese government’s effort to hasten the rise of China to a position of global economic hegemony

  • Experts: Chinese attack on Google “one of the most sophisticated hacking attacks to date”

    The cracking techniques used by Chinese government operatives in the assault on Google and 31 other Western companies, used multiple malware components, with highly obfuscated code designed to confound security researchers; this marks out the Chinese attack as one of the most sophisticated hacking attacks to date; why was the search engine giant using the famously vulnerable IE6 remains a mystery

  • UK.gov dismisses Tory claims U.K. cyberspace is not well defended

    On Friday, the U.K. Conservative Party unveiled its national security plans, charging that the current Labor government has left U.K. cyberspace defenseless; the government dismissed the Tory claims, saying that many of the proposals in the Conservative Party’s plan are already being implemented

  • Tories say they will set up a permanent “War Cabinet”

    The Conservative Party is favored to win the next general elections in Britain, which will be held before the summer; on Friday the party’s leader, David Cameron, set out the party’s national security plan, emphasizing cybersecurity

  • Chinese cyber attacks hit U.S. law firm which is suing China for stealing Web filtering code form a U.S. company

    The Los Angeles-based law firm Gipson Hoffman & Pancione sued China for lifting Web-filtering code developed by U.S. company Cybersitter; Chinese companies and government agencies stole the code in order to use it in the Chinese government’s effort to create tighter Web censorship and tracking system (China’s Orwellian name for the project” “The Green Dam Youth Escort monitoring program”); on Monday, Chinese hackers began to hack the law firm’s computer systems, in a manner strikingly similar to the attacks by Chinese intelligence operatives on Google, Adobe Systems, and 32 other Western companies