• Paris G20 files stolen in cyber attack

    The French government recently confirmed that hackers have stolen sensitive files from the February G20 summit in Paris; in targeted attacks aimed at stealing specific files, more than 150 of the French Budget Ministry’s 170,000 computers were affected; officials say this was the first attack of this size and scale against the French government; circumstantial evidence points to China, but there is no clear indication to suggest the attacks were government sponsored; the most recent attack against the French government is the latest in a string of cyber attacks on companies and governments around the world with evidence pointing to China

  • ISC West panel to focus on cloud computing security threats

    As businesses increasingly turn to cloud computing solutions, security professionals have become concerned with the challenges of securing data that is stored off-site in light of growing numbers of cyber security attacks; while cloud networks offer smaller businesses low cost technology solutions and remote access to data anywhere, this also leaves data beyond a company’s span of control; To discuss securing data on cloud computing networks, a panel at the upcoming ISC West conference will focus on security solutions and risk management plans; the ISC West panel will be held on 6 April 2011

  • Authorities scour social media for electronic evidence

    Suspects using e-mail, text messages, social networks, and other electronic means of communicating to plan illicit visitations or to brag about offenses committed or planned are unwittingly making cases for their own convictions; because of this, authorities are resorting more and more so to these outlets to support their criminal investigations

  • Smartphones makes military networks vulnerable

    The U.S. military has increasingly integrated smartphones into combat operations, but cyber security experts warn that these devices could also pose a major security challenge to military networks; smartphones are fast becoming the target of choice for hackers; Android phone applications have no security screening procedures before they are released, while iPhone apps are only loosely screened; to secure these devices, the military can encrypt all data, turn off voice capabilities, and lock the phone to only allow the use of approved apps; the Army is considering issuing every soldier a smartphone

  • U.K. gives cyber agency enhanced role in critical infrastructure protection

    The U.K government is set to expand the role of the Government Communications Headquarters (GCHQ) in protecting the critical national infrastructure (CNI) from cyber attack by giving it greater powers to collaborate with the relevant private sector bodies to monitor and deflect potential threats

  • Police turning to Facebook to fight crime

    Local police departments across the United States have are beginning to use Facebook and Twitter to communicate with local residents and track down criminals and missing persons; departments have successfully apprehended suspects minutes after posting photos online; police have also received tips on the whereabouts of wanted criminals and Facebook has become a part of the investigative process; Facebook’s traditional functions of outreach and communication have helped departments keep residents informed and build trust; critics of police patrolling Facebook and Twitter for tips say that it is an invasion of privacy; police have been careful to only use publicly posted information that users choose to display

  • Wisconsin introduces law to ban fake caller IDs

    Republican legislators in Wisconsin have introduced a bill that would make it illegal to use a fake caller ID number to “defraud, cause harm, or gain anything of value”; last year Congress passed a similar bill that banned the use of “phone spoofing” technologies — technology that allow an individual to choose what number they wish to appear on another person’s caller ID; the new bill would allow law enforcement officials to target individuals making prank calls in addition to prosecuting companies that provide spoofing technology; critics question the timing of the bill as it comes after a high-profile prank call to Wisconsin governor Scott Walker

  • Smartphones are now audio bugs of choice

    In an increasing trend, cell phones have become the tool of choice for eavesdroppers; with new smartphones, spies can easily plant a tracking device that can follow a user’s every move including their location, calls, text messages, emails, and even video; with the proliferation of smartphones, thousands of sites are now selling spy software; for as little as $25, someone can tap into all the features of Blackberries, iPhones, and Google Android phones; the software takes minutes to install and can be disguised as an email link; it can take days of searching through thousands of lines of code to discover the spy software

  • Tainted apps make their way into official Android store

    More than fifty applications have been found to be infected with a new type of Android malware called DroidDream, an information stealer; fraudsters repackaged legitimate apps (mostly games) so that they included malicious code before uploading them to the marketplace; the tactic has been seen in mobile marketplaces in China and elsewhere but this is the first time the approach has been successfully applied in the United States

  • Contradictions in U.S. cybersecurity policy

    The United States wants a secure cyberspace, but its intelligence agencies have found enormous utility in using their own computer hacking capabilities to collect confidential information from foreign adversaries; this raises the question of how the U.S. government can push for global cybersecurity while at the same time using cyber means to collect intelligence on potentially threatening regimes such as Iran

  • Law enforcement, and domain name registrars discuss ways to tackle net crooks

    Police and other law enforcement agencies in the United States and the United Kingdom are increasingly turning their attention to domain names as an Internet choke-point that can be used to shut down Web sites selling counterfeit goods and enabling the trading of pirated movies and child pornography

  • Are your phones really secure?

    Breakthroughs in technology have enabled malicious actors to listen in on any conversation using your phone even when not in use; eavesdroppers have circumvented encrypted audio channels by relying on a relatively simple principle in physics — resonance; by tapping into an object’s natural resonance, spies have turned phones and phone cables into listening devices even when they are not in use; researchers at Teo, a manufacturer of secure telecommunications equipment, were able to capture human voices using standard phones, unplugged Ethernet cables, or even a rock; to address this security gap, Teo has designed its IP TSG-6 phones with special vibration dampening circuitry and materials that render them impervious to these types of listening devices

  • Android apps send private data in the clear

    Cell phones running the Android operating system fail to encrypt data sent to and from Facebook and Google Calendar, shortcomings that could jeopardize hundreds of millions of users’ privacy; Facebook’s recently unveiled always-on SSL encryption setting to prevent snooping over insecure networks — but the encryption is no good, meaning that all private messages, photo uploads, and other transactions are visible to eavesdroppers

  • CyberCom commander calls for government protection of critical infrastructure

    General Keith Alexander, the head of the U.S. Cyber Command, is calling for the creation and implementation of a government strategy to protect critical infrastructure in the United States from cyber attacks; in a speech yesterday, General Alexander emphasized the importance of securing critical infrastructure like the stock market, the electrical grid, and power plants against cyber attacks; he sought to ease fears by assuring the audience that the government could protect critical infrastructure and preserve civil liberties; Alexander’s remarks come as civil rights advocates and internet freedom groups have grown more vociferous in their criticism of a recent Senate bill that would help secure the nation’s critical infrastructure from cyber attacks; supporters of the bill say that it is impossible to create an internet “kill switch” and that is not their goal

  • U.K. rethinking cyber security

    U.K. cyber crime could cost more than 27 billion Pounds a year; the estimate of 21 billion Pounds to businesses, 2.2 billion Pounds to government, and 3.1 billion Pounds to citizens may be an under-estimation due to a possible lack of reporting for fear of reputational damage; the hardest-hit sectors being pharmaceuticals, biotech, electronics, IT, and chemicals