• Cyber experts dispute McAfee's Shady RAT report

    Earlier this month, cybersecurity experts discovered a five-year operation that infiltrated U.S. government and UN computer networks; China is believed to be the culprit behind the systematic attacks, dubbed “Operation Shady RAT,” which also hit major defense contractors and private businesses; many within the cybersecurity community are disputing the significance of the finding

  • Attackers have advantage in cyberspace, says cybersecurity expert

    Homeland Security NewsWire’s executive editor Eugene Chow recently caught up with Bruce Schneier, a cybersecurity expert and the author of several bestselling books, including “Applied Cryptography,” “Secrets and Lies,” and “Beyond Fear”; in the interview Schneier discusses the recent politically motivated cyberattacks by Anonymous and AntiSec, securing U.S. networks against counterfeit computer chips, and President Obama’s proposed cybersecurity plan

  • DHS officials: Stuxnet can morph into new threat

    Government cybersecurity experts warn that the Stuxnet virus, which damaged Iran’s nuclear centrifuges, could morph into something even more destructive; DHS officials worry that hackers could design more complex versions of the virus that can evade detection and bypass existing software fixes

  • Deterring cyberwar, police gear and the law, guarding the guardians

    Gen. James Cartwright, vice chairman of the Joint Chiefs of Staff, described the current U.S. cyberdefense policy as “too predictable”; he added that “[the current policy is] purely defensive. There is no penalty for attacking us now. We have to figure out a way to change that”; he said the new U.S. cyberdefense policy is the first step toward correcting current deficiencies; a Massachusetts company is selling local police forces a new iPhone app that scans a suspect’s iris and matches it to a national database of felons; there are questions about whether or not this app — which costs $3,000 — violates the Constitutional prohibition of unreasonable searches; the former mayor, the police chief, and member of the city council of a New Mexico border town have been charged with smuggling guns to the Mexican cartels; some of these guns have been linked to at least eight murders in Mexico

    • view counter

  • Active cyber-defense strategy best deterrent against cyber-attacks

    With the threats of cybercrime, cyberterrorism, and cyberwarfare looming over a hyper-connected world, the best defense for the United States might be a good offense; experts argue that an active self-defense regime, which they term “mitigative counterstriking” — is a necessity in cyberspace, especially to protect critical infrastructure such as banking, utilities, and emergency services

  • Pentagon outlines use of cyber weapons

    The Pentagon has developed a list of approved cyber weapons and tools along with parameters for their use; official says the classified list of cyber capabilities has been in use for several months and has been approved by several government agencies; the framework clearly delineates what capabilities can be used, in what circumstances, and when actions need presidential approval; a cyber weapon like Stuxnet can only be used with presidential authorization even if it were to be deployed in a country with which the United States was openly at war

    • view counter

  • FBI leads Lockheed Martin cyberattack investigation

    The FBI recently announced that it is leading a federal investigation into a cyberattack on defense giant Lockheed Martin’s networks; the investigation will be led by the National Cyber Investigative Joint Task Force and is aimed at determining if the attack was a result of “poor hygiene, if nothing was infiltrated and nothing taken or something more”; on 21 May, the company detected a “significant and tenacious” attack on its networks that was met with a swift response; the FBI declined to comment on what actions it would take if the investigation revealed that the attacks were perpetrated by state or non-state actors

  • U.S. intelligence sets up cyber defense office in Estonia

    Since gaining its independence in 1991, Estonia has become one of the most cyber-focused nations in the world; it also has its own experience with cyberwar: in 2007 Russian government-inspired hackers launched a massive cyber attack on Estonia after the Estonian government decided to move a statue commemorating the Red Army from the center of the capital to a more modest location; now the U.S. intelligence community has decided to open an office in the Estonian capital Tallinn to help bolster the fight against cyber-crime

  • Memphis flood fear eases, Louisiana and Mississippi brace for worst

    Residents living near the Mississippi River have been battling a record surge of water that is slowly making its way south sending a deluge of water beyond the river’s banks and into nearby communities; on Tuesday, the river’s crest made its way through Memphis hitting near record levels of 47.8 feet; so far the levees along the river have been holding up; residents of Louisiana and Mississippi are bracing for similar record water levels as the crest winds southward; to help ease the pressure on the levee system, the Army Corps of Engineers opened up several spillways on Monday including parts of the Bonnet Carre spillway; the region has received 600 percent more rain than usual for this time of year

  • Preparing your organization for Stuxnet-like attack

    A cybersecurity expert describes Stuxnet as “this epochal change”; he says that although Stuxnet was of such complexity and required such significant resources to develop that few attackers will be in a position to produce a similar threat in the near future, we now know that the dangers of Stuxnet-like threats are no longer theoretical

  • Russian bloggers fall victim to cyber attacks

    Earlier this month LiveJournal, a major Russian blogging site, was the victim of a large cyber attack; bloggers believe that it was a move meant to silence political dissent in advance of the country’s elections; the site was brought down by a distributed denial of service (DDos) attack; SUP, the owners of LiveJournal, said that the recent attacks were the worst in its company’s history and unprecedented in that it targeted the entire website rather than individual blogs; the majority of Russia’s opposition leaders and political activists maintain blogs on LiveJournal that they use as platforms to gain support and spread their message

  • Iran admits Stuxnet's damage

    A senior Iranian official admitted that the Stuxnet malware, which infected tens of thousands of computers and servers used in Iran’s nuclear weapons complex inflicted serious damage on Iran’s nuclear program, including large-scale accidents and loss of life

  • Chips may sabotage hi-tech weapons

    Countries producing sophisticated weapon systems do not want these systems to fall into the wrong hands; one idea is to plant a chip in these weapons which would allow the country that supplied them to destroy or disable them remotely; already there are worries that with chip manufacturing moving outside the United States, foreign powers may bribe or coerce chip manufacturers into planting “backdoor” circuits in chips these manufacturers sell American defense contractors

  • Call for creating a U.S. cybersecurity emergency response capability

    Lawmakers call for the creation of a cybersecurity emergency response capability to help businesses under major cyber attacks; “Who do you call if your CIO is overwhelmed, if you’re a local bank or utility?” Senator Sheldon Whitehouse (D-Rhode Island) asked; “How can we preposition defenses for our critical infrastructure, since these attacks come at the speed of light?”

  • Contradictions in U.S. cybersecurity policy

    The United States wants a secure cyberspace, but its intelligence agencies have found enormous utility in using their own computer hacking capabilities to collect confidential information from foreign adversaries; this raises the question of how the U.S. government can push for global cybersecurity while at the same time using cyber means to collect intelligence on potentially threatening regimes such as Iran