• What the Chinese attacks on Google mean for enterprise security

    Chinese government intelligence operatives exploited vulnerabilities in Internet Explorer 6 and higher to launch sustained cyber attacks against 32 Western companies operating in China; the hacking of the Gmail accounts of political dissidents were but a tiny part of the attacks; rather, the attacks were part of a coordinated campaign that targeted the intellectual property of a wide swath of the U.S. industrial base, including Dow Chemical, Symantec, Yahoo!, Northrop Grumman, and Juniper Networks; wide-ranging industrial espionage is a central element in the Chinese government’s effort to hasten the rise of China to a position of global economic hegemony

  • Experts: Chinese attack on Google “one of the most sophisticated hacking attacks to date”

    The cracking techniques used by Chinese government operatives in the assault on Google and 31 other Western companies, used multiple malware components, with highly obfuscated code designed to confound security researchers; this marks out the Chinese attack as one of the most sophisticated hacking attacks to date; why was the search engine giant using the famously vulnerable IE6 remains a mystery

  • UK.gov dismisses Tory claims U.K. cyberspace is not well defended

    On Friday, the U.K. Conservative Party unveiled its national security plans, charging that the current Labor government has left U.K. cyberspace defenseless; the government dismissed the Tory claims, saying that many of the proposals in the Conservative Party’s plan are already being implemented

  • Tories say they will set up a permanent “War Cabinet”

    The Conservative Party is favored to win the next general elections in Britain, which will be held before the summer; on Friday the party’s leader, David Cameron, set out the party’s national security plan, emphasizing cybersecurity

  • Cyber exercise to target financial firms

    The test, which starts 9 February, will have different scenarios for each of four different types of businesses: Financial firms, retailers, card processors, and general businesses; on each day, participants will receive a description of a specific scenario for their category of business, building on the previous day

  • Maryland wants to become cybersecurity’s Silicon Valley

    Governor Martin O’Malley: “Our federal facilities are a big part of the reason that we not only think that Maryland can be the national epicenter for cybersecurity, the fact of the matter is our state already is the epicenter of cybersecurity for our country and therefore an important epicenter for the entire world”

  • China offers Internet pirates bulletproof havens for illegal file sharing

    Most bulletproof hosts which allow music, video, and software to be illegally shared online are located in China, where criminals are able to take advantage of low costs and legal loopholes to avoid prosecution; despite officials in Beijing talking in tough terms about computer crime — hacking potentially carries a death sentence in China — the authorities rarely cooperate with other countries to take action against hi-tech criminals; as a result, just a handful of firms in China are responsible for hosting thousands of criminal enterprises online; one example: more than 22,000 Web sites which sent pharmaceutical spam were hosted by six bulletproof servers in China

  • New techniques to strengthen the security of information systems

    Highly developed societies rely more and more on information systems to maintain and enhance their economic vitality, societal welfare, and military effectiveness; as data are exchanged between various users, there is a danger that information could be released to unauthorized parties; the ability to guarantee secure information flow is becoming more critical as government and industry push toward increasingly complex information systems in many areas; K-State computer scientists are developing high-level policy languages and verification techniques to strengthen the security and integrity of such systems

  • Symantec issues South Africa cybercrime warning

    Crime is not new to South Africa, but cybercrime is; broadband rollouts and World Cup creating “perfect storm” for cyber criminals

  • 2010: Topics for homeland security discussion

    The only thing we can say for sure about 2010 is terrorists, criminals, and mother nature will surprise us at some point during 2010; still, based on what we do know, we offer a short list of topics we predict will dominate the homeland security discussion in the coming year – from whole-body scanners to 100 percent air cargo screening to social Web sites to communication interoperability to the consequences of climate change (or is there a climate change?)

  • Obama to name Howard Schmidt as cybersecurity coordinator

    Howard Schmidt chosen as the White House cybersecurity coordinator; Schmidt, a former Bush White House official, will coordinate cybersecurity policy across the federal government, from the military to civilian agencies; questions remain as to whether his authority will be commensurate with the responsibilities he assumes

  • Prediction for 2010: The coming cloud crash

    Technology maven Mark Anderson predicts a big remote-computing service disaster; “My hunch is that there will never really be a secure cloud,” he says; businesses will view cloud services more suspiciously and consumers will refuse to use them for anything important, he says

  • Michigan in cyber-security partnership with DHS

    Michigan will deploy EINSTEIN 1, the DHS-run cyber security system which all federal agencies are required to use; EINSTEIN 1 automates the collection and analysis of computer network security information from participating agency and government networks to help analysts identify and combat malicious cyber-activity

  • DHS launches virtual cyber job fair

    In October DHS announced it was given the authority to hire 1,000 cyber security professionals during the next three years; late last week the department launched a virtual job fair to begin and recruit these cyber specialists; DHS is looking for applicants with experience in cyber risk and strategic analysis, malware/vulnerability analysis, incident response, exercise and facilitation management, vulnerability detection and assessment, intelligence analysis, and cyber-related infrastructure inderdependency analysis

  • US, Russia begin talks on cyberspace security

    U.S. officials say the Obama administration realized that more nations were developing cyberweapons and that a new approach was needed to blunt an international arms race; the United States also hope to enlist the Russians in the war against cybercrime