• Estonia considers draft for newly created cyber army in emergency

    Estonia just announced the creation of an all-volunteer cyber army; the Cyber Defense League unites computer experts from the private sector and the government; the League conducts regular drills and operates under a unified military command; Estonian defense officials are contemplating instituting a cyber expert draft in the event of a serious national crisis; Estonia is the first country to experience a cyber war — in 2007 Russian hackers, suspected of having been directed by the Russian military, systematically shut down major government, financial, political and news Web sites

  • Germany reports "sharp rise" in China-originated cyberattacks

    Germany detected a sharp rise in serious cyberattacks in 2010; in the first nine months of 2010 there were some 1,600 such attacks recorded, compared to around 900 for the whole of 2009, plus most likely a considerable number that went undetected; Interior Ministry spokesman: “Germany is a very high-tech country with considerable experience and know-how, so of course others will naturally try to get hold of this knowledge—- China is playing a large role in this”

  • Napolitano asserts DHS cybersecurity leadership

    Cybersecurity should be led by DHS and not left to the market or the military, DHS secretary Janet Napolitano said; this year, DHS has expanded partnerships with private industry and worked to build up liaisons with private sector industries it deems to be “critical”; DHS has also improved its partnerships with military and military intelligence this year; in October, DHS and the Department of Defense signed a cybersecurity pact to improve collaboration between the agencies and boost DHS’s encryption and decryption capabilities by co-mingling National Security Agency (NSA) cryptologic analysts and DHS cybersecurity leadership in a move that signaled progress in a sometimes uneasy relationship with the military

  • Stuxnet virus set back Iran's nuclear weapons program by two years: Langner

    Ralph Langner, top German computer security expert and the leading authority on Stuxnet, says Stuxnet was as effective in disrupting Iran’s nuclear weapons program as a direct military strike — but without any fatalities; the malware has set back the Iranian program by two years; expert says the Israeli military was the likely creator of the virus

  • WikiLeaks exposes tensions between "need to know" and "need to share"

    The WikiLeaks posting of stolen classified information has highlighted the tension between the strategy of “share to win” and the necessity to enforce “need to know”; share to win refers to the idea of getting information and intelligence out to the personnel who need it; need to know is about how information is shared, who has the information, for what purposes and for what period of time

  • Experts: Stuxnet worm wreaks havoc at Iran's nuclear sites

    Iran’s nuclear program is still in chaos as a result of the Stuxnet attack; the American and European experts say their security Web sites, which deal with the computer worm known as Stuxnet, continue to be swamped with traffic from Tehran and other places in the Islamic Republic, an indication that the worm continues to infect the computers at Iran’s two nuclear sites; Stuxnet was designed to take over the control systems and evade detection, and it apparently was very successful; last week President Mahmoud Ahmadinejad, after months of denials, admitted that the worm had penetrated Iran’s nuclear sites, but he said it was detected and controlled; the second part of that claim, experts say, does not ring true

  • DHS slowly moving government's Internet traffic to secure networks

    It will take several more years for the U.S. government fully to install high-tech systems to block computer intrusions, a drawn-out timeline that enables criminals to become more adept at stealing sensitive data, experts say; DHS is responsible for securing government systems other than military sites, and the department is slowly moving all the government’s Internet and e-mail traffic into secure networks — known as Einstein 2 and Einstein 3 — which eventually will be guarded by intrusion detection and prevention programs

  • China directed Google hacking: leaked U.S. documents

    Secret documents appearing on WikiLeaks include one in which the U.S. embassy in Beijing cited “a Chinese contact” who pointed to a Chinese government role in the hacking campaign into computers of Google and Western governments

  • IAEA: Iran forced to stop enrichment on 16 November

    The UN International Atomic Energy Agency (IAEA) reported Tuesday that Iran’s uranium enrichment program had shut down a week ago; the stoppage of the enrichment program coincides with the release of detailed expert studies of the Stuxnet virus; the conclusion of the cyber experts is that Stuxnet was aimed not at Iran’s Bushehr nuclear reactor, as initially thought, but rather at destroying Iran’s centrifuge farms; the sustained cyber attacks has already reduced the number of operating centrifuges from 4,920 in May 2009 to 3,772 in September 2010; it appears that the covert campaign Israel and the United States has been conducting against Iran’s nuclear weapons program — a campaign which includes the assassination of Iranian scientists and engineers, blowing up of machinery and supplies, attacks on Revolutionary Guard facilities, and seizing of technology shipments to Iran — is beginning to take its toll

  • Symantec: Stuxnet targeted Iran's uranium enrichment program

    Symantec says Stuxnet worm aimed to disrupt electrical motor controls, like those used by gas centrifuges to enrich uranium; Stuxnet, considered by many security researchers to be the most sophisticated malware ever, targeted Windows PCs that managed large-scale industrial-control systems in manufacturing and utility companies

  • Cybersecurity bill not likely to pass this year

    In an effort to give the president the power to combat any pending or existing cyber threat that could threaten critical infrastructure around the country, some lawmakers are looking to pass a new legislation that would give the president power to shut down some sections of the Internet during an attack or under the threat of an attack; the bill is not likely to pass in the Congress

  • U.K. security firms say GCHQ's cyberattack warning overwrought

    U.K. cybersecurity industry insiders say last week’s warnings by Britain’s cybersecurity chief about the cyber threat the U.K. was facing may have over-hyped threats — and may have been related more to the run-up to the U.K. government’s comprehensive spending review announcement than to new threat information

  • Chertoff calls for cyber-deterrence doctrine

    More than 100 countries now have cyber-espionage and cyber-attack capabilities; both kinds of attack used the same tools and might be used to mount anything from a garden variety cyber-espionage attack resulting in the corruption of financial data to something that might result in loss of life, such as a possible attack against air-traffic control systems; governments should formulate a doctrine to stave off cyberattacks similar to the cold war-era principle of nuclear deterrence, according to former DHS secretary Michael Chertoff.; “Everyone needs to understand to rules of the game”

  • Experts: Stuxnet "a game changer"

    EU cybersecurity agency warns that the Stuxnet malware is a game changer for critical information infrastructure protection; PLC controllers of SCADA systems infected with the worm might be programmed to establish destructive over/under pressure conditions by running pumps at different frequencies; Dr. Udo Helmbrecht, chief of EU’s cybersecurity agency: “Stuxnet is a new class and dimension of malware—- The fact that perpetrators activated such an attack tool, can be considered as the ‘first strike’ against major industrial resources. This has tremendous effect on how to protect national [cyber and critical infrastructure] in the future’

  • Skullduggery on a massive scale

    Stuxnet, the malware which attacked more than 30,000 computers used in industrial control systems in Iran, including that country’s nuclear weapons facilities, represents a new class and dimension of malware; it can reach into the physical world, allowing attackers to run motors so fast they burn out, to turn off alarms and safety cut-offs, open effluent valves and activate pumps — in the words of Paul Marks, it allows attackers to “carry out industrial sabotage and skullduggery on a massive scale”