• ASIS 2011 -- combating cyber extremists

    At this year’s ASIS International conference, security experts will explore the effect of the Internet on terrorism, how extremist organizations are using it, and what can be done to stop it; the web has largely proven to be a boon to society, but malicious actors like terrorists have used the Internet to disseminate their radical ideas, recruit new members, and share weapons and bomb building training manuals; terrorist websites have proven to be reliable sources for intelligence as well as dangerous meeting places, but shutting them down has proven to be more complicated than anticipated

  • Report warns U.S. unprepared for cyber attacks

    A new report warns that the United States lacks the capabilities to defend against expanding cyber threats; the report found, “The impact has increased in magnitude, and the potential for catastrophic collapse of a company has grown,” yet the businesses community has failed to understand that

  • Chinese TV shows cyber-attack software

    A Chinese government TV station, perhaps inadvertently, shows a government cyberattack aimed at Falun Gong computers; the video identifies the software as being written by the Electrical Engineering University of the People’s Liberation Army; the video — which has been removed from the TV station’s Web site — provides direct evidence of Chinese government involvement in cyberattacks

  • Cyber experts dispute McAfee's Shady RAT report

    Earlier this month, cybersecurity experts discovered a five-year operation that infiltrated U.S. government and UN computer networks; China is believed to be the culprit behind the systematic attacks, dubbed “Operation Shady RAT,” which also hit major defense contractors and private businesses; many within the cybersecurity community are disputing the significance of the finding

  • Attackers have advantage in cyberspace, says cybersecurity expert

    Homeland Security NewsWire’s executive editor Eugene Chow recently caught up with Bruce Schneier, a cybersecurity expert and the author of several bestselling books, including “Applied Cryptography,” “Secrets and Lies,” and “Beyond Fear”; in the interview Schneier discusses the recent politically motivated cyberattacks by Anonymous and AntiSec, securing U.S. networks against counterfeit computer chips, and President Obama’s proposed cybersecurity plan

  • DHS officials: Stuxnet can morph into new threat

    Government cybersecurity experts warn that the Stuxnet virus, which damaged Iran’s nuclear centrifuges, could morph into something even more destructive; DHS officials worry that hackers could design more complex versions of the virus that can evade detection and bypass existing software fixes

  • Deterring cyberwar, police gear and the law, guarding the guardians

    Gen. James Cartwright, vice chairman of the Joint Chiefs of Staff, described the current U.S. cyberdefense policy as “too predictable”; he added that “[the current policy is] purely defensive. There is no penalty for attacking us now. We have to figure out a way to change that”; he said the new U.S. cyberdefense policy is the first step toward correcting current deficiencies; a Massachusetts company is selling local police forces a new iPhone app that scans a suspect’s iris and matches it to a national database of felons; there are questions about whether or not this app — which costs $3,000 — violates the Constitutional prohibition of unreasonable searches; the former mayor, the police chief, and member of the city council of a New Mexico border town have been charged with smuggling guns to the Mexican cartels; some of these guns have been linked to at least eight murders in Mexico

  • Active cyber-defense strategy best deterrent against cyber-attacks

    With the threats of cybercrime, cyberterrorism, and cyberwarfare looming over a hyper-connected world, the best defense for the United States might be a good offense; experts argue that an active self-defense regime, which they term “mitigative counterstriking” — is a necessity in cyberspace, especially to protect critical infrastructure such as banking, utilities, and emergency services

  • Pentagon outlines use of cyber weapons

    The Pentagon has developed a list of approved cyber weapons and tools along with parameters for their use; official says the classified list of cyber capabilities has been in use for several months and has been approved by several government agencies; the framework clearly delineates what capabilities can be used, in what circumstances, and when actions need presidential approval; a cyber weapon like Stuxnet can only be used with presidential authorization even if it were to be deployed in a country with which the United States was openly at war

  • FBI leads Lockheed Martin cyberattack investigation

    The FBI recently announced that it is leading a federal investigation into a cyberattack on defense giant Lockheed Martin’s networks; the investigation will be led by the National Cyber Investigative Joint Task Force and is aimed at determining if the attack was a result of “poor hygiene, if nothing was infiltrated and nothing taken or something more”; on 21 May, the company detected a “significant and tenacious” attack on its networks that was met with a swift response; the FBI declined to comment on what actions it would take if the investigation revealed that the attacks were perpetrated by state or non-state actors

  • U.S. intelligence sets up cyber defense office in Estonia

    Since gaining its independence in 1991, Estonia has become one of the most cyber-focused nations in the world; it also has its own experience with cyberwar: in 2007 Russian government-inspired hackers launched a massive cyber attack on Estonia after the Estonian government decided to move a statue commemorating the Red Army from the center of the capital to a more modest location; now the U.S. intelligence community has decided to open an office in the Estonian capital Tallinn to help bolster the fight against cyber-crime

  • Memphis flood fear eases, Louisiana and Mississippi brace for worst

    Residents living near the Mississippi River have been battling a record surge of water that is slowly making its way south sending a deluge of water beyond the river’s banks and into nearby communities; on Tuesday, the river’s crest made its way through Memphis hitting near record levels of 47.8 feet; so far the levees along the river have been holding up; residents of Louisiana and Mississippi are bracing for similar record water levels as the crest winds southward; to help ease the pressure on the levee system, the Army Corps of Engineers opened up several spillways on Monday including parts of the Bonnet Carre spillway; the region has received 600 percent more rain than usual for this time of year

  • Preparing your organization for Stuxnet-like attack

    A cybersecurity expert describes Stuxnet as “this epochal change”; he says that although Stuxnet was of such complexity and required such significant resources to develop that few attackers will be in a position to produce a similar threat in the near future, we now know that the dangers of Stuxnet-like threats are no longer theoretical

  • Russian bloggers fall victim to cyber attacks

    Earlier this month LiveJournal, a major Russian blogging site, was the victim of a large cyber attack; bloggers believe that it was a move meant to silence political dissent in advance of the country’s elections; the site was brought down by a distributed denial of service (DDos) attack; SUP, the owners of LiveJournal, said that the recent attacks were the worst in its company’s history and unprecedented in that it targeted the entire website rather than individual blogs; the majority of Russia’s opposition leaders and political activists maintain blogs on LiveJournal that they use as platforms to gain support and spread their message

  • Iran admits Stuxnet's damage

    A senior Iranian official admitted that the Stuxnet malware, which infected tens of thousands of computers and servers used in Iran’s nuclear weapons complex inflicted serious damage on Iran’s nuclear program, including large-scale accidents and loss of life