• DHS warns of critical vulnerabilities in Chinese software

    Last week DHS warned that control software widely used in China’s weapons systems, utilities, and chemical plants has dangerous weaknesses that leave it open to hackers; the warning, issued by the DHS Industrial Control Systems Cyber Emergency Response Team (ISC-CERT), stems from critical vulnerabilities found in SCADA software developed by Beijing’s Sunway ForceControl Technology

  • Teenage hacker brings down British law enforcement agency's website

    A nineteen year old has been arrested by British authorities for attacking the website of the Serious Organized Crime Agency (SOCA); the teenager has also been charged with bringing down the websites of the International Federation of the Phonographic Industry and the British Phonographic Industry; the FBI worked in conjunction with British investigators; authorities believe the hacking group LulzSec is behind the attacks

  • China's sustained cyberattacks on U.S. are an economic, strategic threat

    China has been engaged in a sustained guerrilla cyber war against the United States, with two goals in mind: first, stealing research and development, software source code, manufacturing know-how, and government plans; second, to counter American military superiority by threatening to damage the underpinning of the U.S. economy; that Congress and the administration do nothing in the face of these cyber assaults is puzzling

  • Turkey apprehends 32 Anonymous hackers, group vows retaliation

    In the continuing crackdown against the international hacking ring known as Anonymous, Turkey has apprehended thirty-two individuals suspected of online cyber attacks against government websites; Turkish officials made the arrests following a cyber attack on the government’s telecommunications agency’s website; officials feared that the group would strike again during national elections; undeterred by the arrests, Anonymous announced that it would resume its attacks on Tuesday night

  • Three arrested in PlayStation cyberattacks

    On Friday, Spanish law enforcement officials arrested three men suspected of hacking into Sony’s PlayStation Network in addition to other major government and corporate websites around the world; the three men are suspected of being the local leaders of a secretive group of international hackers that call themselves Anonymous; the group has claimed responsibility for several high profile attacks on major sites like YouTube, Amazon, the Australian Parliament’s House website, and PayPal

  • FBI leads Lockheed Martin cyberattack investigation

    The FBI recently announced that it is leading a federal investigation into a cyberattack on defense giant Lockheed Martin’s networks; the investigation will be led by the National Cyber Investigative Joint Task Force and is aimed at determining if the attack was a result of “poor hygiene, if nothing was infiltrated and nothing taken or something more”; on 21 May, the company detected a “significant and tenacious” attack on its networks that was met with a swift response; the FBI declined to comment on what actions it would take if the investigation revealed that the attacks were perpetrated by state or non-state actors

  • Hackers using cloud networks to launch powerful attacks

    In a disturbing new trend, hackers have begun harnessing the vast computing power of cloud based servers to carry out powerful cyber attacks; cloud computing services piece together large strings of online servers and storage systems to provide users with enormous processing power and terabytes of storage space; earlier this year, a German researcher, demonstrated that a cloud server could fire 400,000 passwords a second at a secured Wi-Fi network; in the recent attacks that shut down Sony’s online customer networks in April, hackers used cloud based attacks to disrupt service to roughly 100 million users worldwide

  • U.S. will "view major cyber attacks as acts of war"

    The Pentagon has adopted a new strategy that will classify major cyber attacks as acts of war, paving the way for possible military retaliation; “If you shut down our power grid, maybe we will put a missile down one of your smokestacks,” a U.S. military official said; the move to formalize the Pentagon’s thinking was borne of the military’s realization the United States has been slow to build up defenses against cyber attacks, even as civilian and military infrastructure has grown more dependent on the Internet; the military established a new command last year, headed by the director of the National Security Agency (NSA), to consolidate military network security and attack efforts

  • Data breaches compromise nearly 8 million medical records

    The revelation that millions of people have had their personal medical records stolen could slow the Obama administration’s efforts to digitize the nation’s health care records; in the last two years alone nearly eight million people have had their medical records stolen or compromised; 1.7 million patients, staff members, contractors, and suppliers at several New York hospitals had their information stolen when thieves removed them from an unlocked van; to ensure that medical records are safe, HHS has begun imposing penalties on health care providers who compromise their patient’s records; but some health care experts wonder if enforcing HIPAA alone will be enough to address the problem

  • Digital ants protect critical infrastructure

    As the U.S. electrical power grid becomes more interconnected through the Internet, the chances of cyber attacks increase as well; a Wake Forest University security expert developed “digital ants” to protect critical networks; unlike traditional security approaches, which are static, digital ants wander through computer networks looking for threats such as computer worms, self-replicating programs designed to steal information or facilitate unauthorized use of computers; when a digital ant detects a threat, it summons an army of ants to converge at that location, drawing the attention of human operators to investigate

  • DHS to double cybersecurity staff

    DHS recently announced that it plans to increase its cybersecurity workforce by more than 50 percent so that it can lead government-wide efforts to secure federal networks against cyber attacks as outlined in President Obama’s recently proposed cybersecurity plan; DHS plans to hire 140 additional cybersecurity experts by October 2012 bringing the agency’s total to 400; under the president’s proposed legislation, DHS would act as the lead agency in coordinating cybersecurity measures across the government and would also be responsible for ensuring that private operators of critical infrastructure have adequate security measures in place

  • DHS cybersecurity chief resigns

    Just days after the White House unveiled its comprehensive plan for securing government networks from cyber attacks, one of the government’s top cyber security officials announced that he was resigning; Phil Reitinger, the deputy undersecretary of DHS’s National Protection and Programs Directorate (NPPD), was careful to note that the timing of his resignation was not meant as a reflection or a statement on the recently released government-wide cyber plan; at NPPD, Reitinger was DHS’s senior interagency policymaker and top cyber and computer crimes official.

  • U.S. intelligence sets up cyber defense office in Estonia

    Since gaining its independence in 1991, Estonia has become one of the most cyber-focused nations in the world; it also has its own experience with cyberwar: in 2007 Russian government-inspired hackers launched a massive cyber attack on Estonia after the Estonian government decided to move a statue commemorating the Red Army from the center of the capital to a more modest location; now the U.S. intelligence community has decided to open an office in the Estonian capital Tallinn to help bolster the fight against cyber-crime

  • Is Google's Chromebook impervious to viruses?

    In a potential blow to the antivirus industry, Google recently announced the release of a series of laptops which the company claims to be so secure that there is no need to buy antivirus software; Chromebooks are designed to run nothing but a browser, which means nothing can be installed on the computer itself; with no executable files to be installed that also means antivirus and the malicious code it protects against have no room on the laptop; but, not all analysts are convinced that Google’s Chromebook is as secure as they claim; this move to a cloud based computer could signal a broader shift that could hamper the antivirus industry’s future prospects

  • 25 million more users hit in second cyber attack on Sony

    Japanese electronics giant Sony recently announced that hackers successfully broke into its networks and stole sensitive data from more than twenty-five million online gaming subscribers; the announcement comes days after Sony’s admission that seventy-seven million users had their personal information stolen; in the most recent attack, hackers infiltrated Sony’s Online Entertainment network and stole names, addresses, emails, birth dates, and even phone numbers from online gamers; some analysts estimate that the attacks could cost Sony and credit card companies as much as $1 to $2 billion