• U.S. military “unprepared” for cyberattacks by “top-tier,” cyber-capable adversary: Pentagon

    A new Pentagon study concludes that the U.S. military is unprepared for a full-scale cyber-conflict with a top-tier, cyber-capable adversary. The report says the United States must increase its offensive cyberwarfare capabilities, and that the U.S. intelligence agencies must invest more resources in obtaining information about other countries’ cyberwar capabilities and plans. The report says that the United States must maintain the threat of a nuclear strike as a deterrent to a major cyberattack by other countries. The report warns that the Pentagon cannot be confident its military computer systems and communication networks are not compromised because many of the components of these systems and networks are made in countries which pose the main cyberthreat to U.S. national security.

  • RFI for cybersecurity framework for critical infrastructure

    In his 12 February 2013 Executive Order, President Obama called for the development of a Cybersecurity Framework to reduce cyber risks to critical infrastructure such as power plants and financial, transportation, and communications systems. The National Institute of Standards and Technology (NIST) the other day issued a Request for Information (RFI) in the Federal Register as its first step in the process to developing that framework.

  • Report details history, earlier versions of Stuxnet

    In 2010, Symantec reported on a new and highly sophisticated worm called Stuxnet. This worm became known as the first computer software threat which was used as a cyber-weapon. In a new report, Symantec says that clues in the code pointed to other versions of the worm which could potentially perform different actions leaving an open question about Stuxnet and how it came to be.

  • U.S. responds to China’s cyberattacks with anti-theft trade strategy

    The Obama administration yesterday (Wednesday) unveiled the details of a broad strategy to counter the systemic theft by Chinese government agencies of U.S. trade and technology and trade secrets. The administration’s plan calls for new diplomatic push to discourage intellectual property theft abroad and better coordination at home to help U.S. companies protect themselves.

  • U.S. weighing retaliatory measures against China for hacking campaign

    As incontrovertible evidence emerged for the role of Chinese government in initiating and orchestrating the massive, sustained Chinese hacking campaign against U.S. private companies, government agencies, and critical infrastructure assets, the administration has intensified discussions of retaliatory measures the United States may take against China.

  • Spotting potential targets of nefarious e-mail attacks

    The weakest link in many computer networks is a gullible human. With that in mind, computer science researchers want to figure out how to recognize potential targets of nefarious e-mails and put them on their guard.

  • Chinese government orchestrates cyberattacks on U.S.: experts

    For more than a decade now, China has engaged in a sustained, systemic, and comprehensive campaign of cyber attacks against the United States. The Chinese government has enlisted China’s sprawling military and civilian intelligence services, with their armies of cyber-specialists, in a cyber-campaign aiming to achieve three goals: steal Western industrial secrets and give them to Chinese companies, so these companies could compete and weaken their Western rivals; hasten China’s march toward regional, then global, economic hegemony; achieve deep penetration of U.S. critical infrastructure in order to gain the ability to disrupt and manipulate American critical infrastructure – and paralyze it during times of crisis and conflict. A detailed 60-page study, to be released today , offers, for the first time, proof that the most sophisticated Chinese hacker groups, groups conducting the most threatening attacks on the United States, are affiliated with the headquarters of China’s military intelligence lead unit — PLA Unit 61398.

  • Quantum cryptography to secure electric grid

    Novel methods for controlling the electric grid are needed to accommodate new energy sources such as renewables whose availability can fluctuate on short time scales. This requires transmission of data to and from control centers; but for grid-control use, data must be both trustworthy and delivered without delays. The Los Alamos National Laboratory quantum cryptography team successfully completed the first-ever demonstration of securing control data for electric grids using quantum cryptography.

  • Obama to issue cybersecurity executive order today

    President Barack Obama is expected to issue an executive order tomorrow to dealing protecting U.S. critical infrastructure from cyberattacks. The order will be issues one day after the president’s State of the Union address. The order will establish a critical infrastructure council which will be run by DHS and will include members of the Departments of Defense, Justice, and Commerce as well as the National Intelligence Office. The council will be tasked with formulating new regulations for federal agencies, or broadening regulations  already in place. The regulations will most likely include the sharing of data between private corporations and the federal government.

  • Facebook new search feature has cyber experts worried

    A new Facebook search feature has security experts concerned. They  are warning users of the site to strengthen their security settings to avoid embarrassment and to protect themselves from cybercriminals.

  • U.S. to adopt tougher stance toward China’s persistent cyberattacks

    The Obama administration let it be known that it is examining the adoption of a more assertive stance against China in response to a persistent cyber-espionage campaign waged by Chinese government hackers against U.S. companies and government agencies. The administration is preparing a new National Intelligence Estimate (NIE) which will detail the cyberthreat, particularly from China, as a growing economic problem.

  • Chinese hackers attack the New York Times

    Since 2008, Chinese government hackers have been targeting Western news organizations to identify and intimidate their Chinese sources and contacts, as well as to anticipate stories that could hurt the reputation of Chinese leaders. Chinese hackers have repeatedly infiltrated the computer systems of the New York Times over the last four months, following an investigation by the paper that revealed that the relatives of Wen Jiabao, China’s prime minister, had accumulated a fortune worth several billion dollars through business dealings. Security experts hired by the Times have determined that the attacks started from the same university computers used by the Chinese military to attack U.S. military contractors in the past.

  • Chinese hackers infiltrate Wall Street Journal’s computer systems

    Chinese hackers with government connections have infiltrated the computer systems of the Wall Street Journal, in the second such Chinese attack on a major U.S. media outlet. WSJ says the hackers were trying to monitor its coverage of Chinese affairs.

  • Pentagon to bolster U.S cyberwar capabilities

    The Department of Defense is planning an expansion of the U.S. Cyber Command, and the Pentagon plans on recruiting thousands of code crackers, online security professionals, and hackers in order to assemble the nation’s largest cyber army ever.

  • DoD to use connections to stay ahead of cyber threats

    The Department of Defense (DoD) maintains one of the largest computer networks in the world. The network follows DoD personnel across the globe collecting, transferring, and processing information in forms as diverse as data warehouses, in-the-field mobile devices, and mission computers on board F-18’s. New program looks at how information is connected and moves to uncover and prevent targeted attacks.