• Half of India's critical infrastructure providers cyber attack victims

    Symantec’s 2010 Critical Infrastructure Protection (CIP) Survey findings reveal that nearly 50 percent of India’s critical infrastructure providers are victims of cyber attacks; the attacks are said to have become more frequent and increasingly effective

  • Germany reports "sharp rise" in China-originated cyberattacks

    Germany detected a sharp rise in serious cyberattacks in 2010; in the first nine months of 2010 there were some 1,600 such attacks recorded, compared to around 900 for the whole of 2009, plus most likely a considerable number that went undetected; Interior Ministry spokesman: “Germany is a very high-tech country with considerable experience and know-how, so of course others will naturally try to get hold of this knowledge—- China is playing a large role in this”

  • Mobile phone forensic tools to reduce hi-tech crimes

    Government funded technology center in India is developing a set of mobile forensic tools that will assist the law enforcement agencies in cracking unlawful activities committed using mobile phones; the center is a government agency, and will be able to provide the tools at reasonable cost

  • Napolitano asserts DHS cybersecurity leadership

    Cybersecurity should be led by DHS and not left to the market or the military, DHS secretary Janet Napolitano said; this year, DHS has expanded partnerships with private industry and worked to build up liaisons with private sector industries it deems to be “critical”; DHS has also improved its partnerships with military and military intelligence this year; in October, DHS and the Department of Defense signed a cybersecurity pact to improve collaboration between the agencies and boost DHS’s encryption and decryption capabilities by co-mingling National Security Agency (NSA) cryptologic analysts and DHS cybersecurity leadership in a move that signaled progress in a sometimes uneasy relationship with the military

  • Stuxnet virus set back Iran's nuclear weapons program by two years: Langner

    Ralph Langner, top German computer security expert and the leading authority on Stuxnet, says Stuxnet was as effective in disrupting Iran’s nuclear weapons program as a direct military strike — but without any fatalities; the malware has set back the Iranian program by two years; expert says the Israeli military was the likely creator of the virus

  • WikiLeaks exposes tensions between "need to know" and "need to share"

    The WikiLeaks posting of stolen classified information has highlighted the tension between the strategy of “share to win” and the necessity to enforce “need to know”; share to win refers to the idea of getting information and intelligence out to the personnel who need it; need to know is about how information is shared, who has the information, for what purposes and for what period of time

  • Lawmakers urge Obama to expand State Department's cybercrime reach

    Lawmakers call President Obama to expand the U.S. State Department’s foreign policy mechanisms to address crime and security on the Internet; Senator Kirsten Gillibrand (D-New York) joined with Senator Orrin Hatch (R-Utah) to author the International Cybercrime Reporting and Cooperation Act; this bill will hold foreign countries accountable for cybercrime committed on their soil

  • Senate bill would require minimum cybersecurity standards for Internet

    Senator Benjamin Cardin (D-Maryland) has introduced a bill that would require the U.S. government to work with the private sector to propose minimum standards for internet and cybersecurity safety; “Just as automobiles cannot be sold or operated on public highways without meeting certain minimum safety standards, we also need minimum Internet and cybersecurity safety standards for our information superhighway,” Cardin said

  • Former Goldman-Sachs programmer convicted of stealing source code

    A former Goldman-Sachs programmer faces fifteen years in prison after being convicted Friday of stealing the company’s high-frequency trade technology; the programmer was convicted of stealing the source code for Goldman-Sachs’ high-frequency trade technology — a market trading system described by Futures Magazine as “like day-trading on near fatal doses of amphetamines”

  • Experts: Stuxnet worm wreaks havoc at Iran's nuclear sites

    Iran’s nuclear program is still in chaos as a result of the Stuxnet attack; the American and European experts say their security Web sites, which deal with the computer worm known as Stuxnet, continue to be swamped with traffic from Tehran and other places in the Islamic Republic, an indication that the worm continues to infect the computers at Iran’s two nuclear sites; Stuxnet was designed to take over the control systems and evade detection, and it apparently was very successful; last week President Mahmoud Ahmadinejad, after months of denials, admitted that the worm had penetrated Iran’s nuclear sites, but he said it was detected and controlled; the second part of that claim, experts say, does not ring true

  • Car immobilizers no longer a problem for car thieves

    For sixteen years, car immobilizers have kept car thieves at bay — but that may now be changing; most cars still use either a 40 or 48-bit key, even though the 128-bit AES — which would take too long to crack for car thieves to bother trying — is now considered by security professionals to be a minimum standard

  • Microsoft partner in China trains hackers, steals 50 MB of U.S. gov't e-mail

    A Chinese security firm called Topsec got access to the Windows source under a 2003 agreement designed to help companies improve the security of the Microsoft operating system; the company, rather than help Microsoft make Windows more secure, worked closely with Chinese intelligence to exploit Windows weaknesses: they helped the Chinese government train hackers — and steal more than 50 MB of secret U.S. government e-mails; Topsec started out in 1995 with funding of just $4,400, and by 2002 had earnings about $440 million; it is now China’s largest provider of information security products and services

  • China's Huawei sets up U.K. cybersecurity center

    China’s top telecommunications equipment maker Huawei Technologies has seen its plans for global expansion crimped by national security concerns among foreign governments; the company hopes that its Cyber Security Evaluation Center, opened last month in Britain’s Banbury, will allay those fears

  • DHS slowly moving government's Internet traffic to secure networks

    It will take several more years for the U.S. government fully to install high-tech systems to block computer intrusions, a drawn-out timeline that enables criminals to become more adept at stealing sensitive data, experts say; DHS is responsible for securing government systems other than military sites, and the department is slowly moving all the government’s Internet and e-mail traffic into secure networks — known as Einstein 2 and Einstein 3 — which eventually will be guarded by intrusion detection and prevention programs

  • WikiLeaks episode demonstrates insider security threat

    Even the toughest security systems sometimes have a soft center that can be exploited by someone who has passed rigorous screening; the U.S. Defense Department’s Secret Internet Protocol Router Network (SIPRNet), a system of dedicated and encrypted lines and servers set up by the Pentagon in the 1990s globally to transmit material up to and including “secret,” the government’s second-highest level of classified information; in 1993, GAO report estimated more than three million U.S. military and civilian personnel had the clearance to access SIPRNet