Cyber war and cyber security

It's cyber war... send for Dad's Army
Telegraph.co.uk
But comments last week from Major General Jonathan Shaw, former head of cyber security at the Ministry of Defence, suggest that the country is once again under threat from unseen enemies. Maj Gen Shaw says Britain is “extremely vulnerable” to cyber ...

Telegraph.co.uk

SC's cost for cyber-security fixes could be known about May 1
The State
The consultant will have the rest of the contract to examine other agencies and develop a statewide plans for best cyber-security practices, Adams said. Copyright 2013 The State. All rights reserved. This material may not be published, broadcast ...

Robert Scarlett speaks to St. James in 'Cyber Security " The New Frontier'
St. James Plaindealer
Any information placed on the web is susceptible to a cyber attack. That is why it is important to use all of the security tools available to protect your identity. Tools available will assess your susceptibility, which will allow you to prevent the ...

Cylance hires former DHS official, other prominent cyber experts
Yahoo! News (blog)
BOSTON (Reuters) - Technology startup Cylance Inc hired four prominent experts in the field of protecting power plants, water utilities and other infrastructure systems from cyber attacks as the firm gets ready to release its first line of security ...

Cyber-Espionage
theriskyshift.com (blog)
Aside from detailed and rapidly evolving computer science analysis, a cursory examination of the current literature reveals a tendency to focus on government-centric paradigms, offensive strategies, and warfare models of cyber security[17]. ... In an ...

Canada infrastructure vulnerable to cyber attack
SC Magazine Australia
Two recent cyber attacks on government networks have left officials scrambling to ensure Canadians that sensitive information is secure. In 2010, hackers using servers based in China successfully breached sectors within three federal departments.

How to keep yourself from getting cyber-stalked
Danville Commercial News
Michael Kaiser who is the executive director of the National Cyber Security Alliance (NCSA) sayscyber-stalking is nothing that consumers should take lightly, and as soon as you notice a pattern or receive just one threatening message, you should ...

more news below



Security Firm Discovers Cyber-Spy Campaign

Security Firm Discovers Cyber-Spy Campaign
New York Times (blog)
Security Firm Discovers Cyber-Spy Campaign. By NICOLE ... In an interview, Kurt Baumgartner, a senior security researcher at Kaspersky Lab, said that among the “several hundreds” of victim organizations were “embassies, consulates and trade centers ...

South Korea's 'Best of the Best' tackle cyber crime
CNN International
It is essential to train cyber security experts in all fields including those who will be working for commercial companies," said Lee, a prominent name in the South Korean hackers community. Sixty computer experts, from high school students to college ...

UK Government must be more vigorous in approach to cyber security – report
HazardEx
The UK Parliament Defence Committee's has published its report on cyber security, noting thatcyber threats can evolve very quickly with serious consequences for the nation's security. Evidence received by the Committee suggested that, in the event of ...

Cyber Warfare: How Conflicts in Cyberspace are Challenging America and ...
Lawfare (blog)
“Paul Rosenzweig is uniquely qualified to write about our need for the better use of data. Cyber Warfare asks critically important questions about how we can best optimize both security and privacy in a world of increasing threats and information ...

UAE banking sector top target of cyber attacks
Khaleej Times
The UAE has been tightening its cyber security net, becoming a leader in this area, not only in the Gulf, but globally, too. The country takes cyber security so seriously that it was No. 1 in the GCC and No. 4 worldwide in 2012, in the report issued by ...

Khaleej Times

EU cyber security agency flags top ten cloud threats
Cloud Pro
Code injections and malware are the top two emerging threats to cloud computing, according to the EU's cyber security agency, ENISA. In a newly published report, Threat Landscape: Responding to the Evolving Threat Environment, the organisation claims ...

Cyber security in 2013: How vulnerable to attack is ... - Yahoo! News
From Yahoo! News: The phalanx of cyberthreats aimed squarely at Americans' livelihood became startlingly clear in 2012 – and appears poised to proliferate in ...
news.yahoo.com/cyber-security-2013-vulnerable-attack-us-no...

more news below



Cyber war, China key to security

Cyber war, China 'key to security'
The Australian
JULIA Gillard will this week identify the rise of China and a massive escalation in cyber attacks against government and industry as two of the key security issues facing the nation in a major address designed to strengthen Labor's defence credentials.

Companies face EU cyber security law
Financial Times
Large tech companies such as Facebook, Google and Microsoft will have to notify security breaches to national cyber crime authorities or risk sanctions under proposed new legislation, the EU's top digital affairs official said. Brussels is finalising a ...

Iran beefed up its own cyber security after Stuxnet, says US general
NDTV
Iran responded to a 2010 cyber-attack on its nuclear facilities by beefing up its owncyber-capabilities, and will be a "force to be reckoned with" in the future, a senior U.S. Air Force official told reporters on Thursday. General William Shelton, who ...

NDTV

US general warns of Iran's growing cyber strength
CNET
Learning a lesson from the Stuxnet attack, Iran has beefed up its cyber forces and poses a greater threat to the United States. At least, that was the word of warning from U.S. Air Force General William Shelton yesterday, according to Reuters. Speaking ...

Cyber security and the scramble to invest
Public Service
Yet despite this investment, every second, 18 people fall victim to cyber crime. According to a study by Britain's Office of Cyber Security and Information Assurance, its total cost to the British economy is £27bn (or $43.5bn US dollars) per year, with ...

Public Service

EU Proposals To Force Cyber Attack Transparency On Businesses
TechWeekEurope UK
A draft proposal for the Cyber Security Strategy of the European Union has been making its way around Brussels, but has not been released to the press yet. It will be officially unveiled by Neelie Kroes, EU Digital Agenda vice president, and her team ...

TechWeekEurope UK

CounterTack Awarded Patent for Next-Generation Cyber Attack Detection ...
Marketwire (press release)
"Facing the cyber arms race of this generation's Cold War, we started with a vision that the industry needed new approaches for cyber security based on a better understanding of the attacker," said Alen Capalik, CounterTack founder. "It's gratifying to ...

Cyber Security Alliance warns of cyber stalking
PRWeek
“Cyber stalking is something we need to continue to teach people about,” said Aimee Larsen Kirkpatrick, senior director of partnership engagement and strategic initiatives at the securityalliance. “Young people need to be especially vigilant about it ...

The war on cyber crime rages on
Information Age
... to the previous year, up from 72% in 2011 and up from 41% in 2009. When announcing a newcyber security centre in the UK in October, foreign secretary William Hague called for a new international consensus to improve cooperation between states ...

Stuxnet encouraged Iran to boost cyber war capabilities
TechEye
Shelton issued the warning during a press briefing about his US Air Force division, that also includes America's cyber-warfare units. He pointed out that Iran's reaction to the Stuxnet attack on the Natanz uranium enrichment facility was to rapidly ...

TechEye

Your Utility's Focus for 2013? Cyber Security
Energy Collective
How should electric utilities be adjusting to the 21st century? It seems with the explosion of smart grid technology across the country, and the world, utilities will now be accountable for something that has previously not been an issue: cyber security.

Cyber Security Alliance warns of cyber stalking - PRWeek US
WASHINGTON: The National Cyber Security Alliance is working to raise awareness about cyberstalking by releasing survey data it compiled with IT security firm ...
www.prweekus.com/cyber-security-alliance...of.../276566/

more news below



Malware masquerading as a Java security update


Java Security 'Fix' Is Disguised Malware Attack
InformationWeek-Jan 18, 2013
Security researchers spot malware masquerading as a Java security update. Users urged to download Java updates directly from Oracle.

Q&A: Is Java safe to use?: "Once again, Oracle's Java software is in the news as a hazard to your Mac or PC. Six days after the discovery of a severe vulnerability led Oracle to rush out a patch, on Wednesday security writer Brian Krebs reported a different such "zero-day exploit" that could be used to attack this widely-deployed program."

Java Security Warnings: Cut Through The Confusion - Security -
Recent warnings to deactivate Java are raising additional questions: What about JavaScript, EJB, JavaFX, Android and any other use of the programming ...
www.informationweek.com/security/.../java.../240146598

Oracle updates Java, security experts say bugs remain - Yahoo! News
From Yahoo! News: BOSTON (Reuters) - Oracle Corp released an emergency update to its Java software for surfing the Web on Sunday, but security experts ...
news.yahoo.com/oracle-updates-java-security-experts-bugs-re...

Java security comes down to 'war of attrition' | Security - InfoWorld
Users and Oracle both need to do their part against a malware industrial complex that can quickly attack any security hole.
www.infoworld.com/.../java-security-comes-down-war-of-attri...

Apple, Oracle move quickly to mitigate Java security flaw | ZDNet
A Java flaw warning announced by Homeland Security this weekend concerns mostly Windows users, as usual. However, some Macs may be vulnerable. Apple ...
www.zdnet.com/apple-oracle-move-quickly-to-mitigate-java-s...

more news below



Errata Security: concealing identity the same way Aaron Swartz did

Errata Security: I conceal my identity the same way Aaron was indicted for: " . . . Let me repeat that: nobody asked Aaron for his true identity, but he was indicted for wirefraud for concealing his true identity. He was indicted for doing the same things I do every day. It's around this time that people bring up how Aaron used MAC spoofing to get around blocks put in place by MIT. These people don't understand MAC addresses. MAC addresses are not a machine's true identity. They aren't a means of security or authorization. When somebody blocks your MAC address, it doesn't send the message "you are unauthorized", it's not clear precisely what message it sends. It's like saying if somebody blocks your phone number, then it's wirefraud calling from a different phone. Your phone number is not your true identity, and neither is your MAC address. MIT's own WiFi access-points spoof MAC addresses. For example, if you netstumble the MIT campus you'll find two access-points with the MAC addresses "00:21:d8:49:98:61" and "00:21:d8:49:98:62". These are actually the same access-point which is spoofing MAC addresses in order to appear as multiple networks ("MIT" and "MIT GUEST"). When Aaron spoofs, it's wire-fraud. When MIT spoofs, it's normal network operation. . . . "


more news below



Nations prepare for cyber war

Nations prepare for cyber war
CNN - Canada
So a cyber Cold War is already in progress. But some security companies believe that battle will become even more heated this year. "Nation states and armies will be more frequent actors and victims of cyberthreats," a team of researchers at McAfee ...

State Agencies Yet To Fully Implement Cyber Security Protections
WLTX.com
Tim Smith, The Greenville News. Columbia, SC (WLTX) - Not all cabinet agencies have fully implemented cyber security protections that some experts and lawmakers say are basic steps in protecting taxpayers' information, almost three months after a ...

WLTX.com

SC agencies yet to fully implement cyber protections
USA TODAY
Nearly three months after the South Carolina Department of Revenue breach was publicly disclosed, officials do not know the exact state of cyber security at all state agencies. (Gannett, Mykal McEldowney/The Greenville (S.C.) News) (Photo: Mykal ...

Hackers and phishers target Kiwis
New Zealand Herald
The threat of cyber crime has been recognised as a key area in government strategy papers and led to the establishment of a specialist centre within the Government Communications Security Bureau. There is also an intelligence group inside the ...

Mahindra SSG launches IAHS Academy to train cyber security professionals at ...
IndiaEduNews.net
To address the gap of cyber security professionals in India, Mahindra Special Services Group (MSSG), a key strategic risk consulting firm, launched the "Information Assurance and Homeland Security (IAHS) Academy" at the IIT Mumbai Tech Fest 2013 on 3 ...

IndiaEduNews.net

Government Backed Cyber Warfare will Persist during 2013: Kaspersky
SPAMfighter News
Kaspersky the security company has just published its chief forecasts for 2013, according to which, the year will continue to have cyber-warfare that'll be government-backed. Last year (2012), researchers at Kaspersky Lab detected 3 prominent malware ...

Coalition Urged To 'Redouble' Cyber Offence Efforts After Mid-Term Review
TechWeekEurope UK
In its mid-term review, the Coalition today said it had made significant efforts to bolster the nation's security, especially in the network space. It pointed to the extra £650 million pumped into cyber security, as well as the comprehensive strategy ...

TechWeekEurope UK

SiteLock to Serve as Data Privacy Day Champion for National Cyber Security ...
MyHostNews.com (press release)
Organized through the National Cyber Security Alliance, Data Privacy Day (DPD) is held on January 28th and serves as a reminder of the importance of protecting the private and financial data of all online citizens. The celebration will focus around the ...

Iran launches more cyber attacks | Washington Free Beacon
By Bill Gertz
Several government agencies, including the military's U.S. Cyber Command, U.S. intelligence agencies, the Department of Homeland Security, and the FBI are responsible for dealing with cyberattacks. Yet the White House is in charge of directing any counterattacks on nation-states ... The administration appears to be treating the Iranian cyber attacks as a law enforcement matter rather than covert warfare. White House National Security Council spokesman Tommy Vietor declined to ...
Washington Free Beacon

more news below



UK to launch public cyber security awareness campaign

UK to launch public cyber security awareness campaign: ". . . The new programme is aimed at raising public awareness about threats online and where to go for more information. The programme will specifically target school children, as well as adults who take a reckless attitude to posting personal details online, according to The Guardian. "The big goal for the next 12 months is to get somewhere transformative in terms of business and public understanding of this issue," the paper quotes a senior official as saying. Maude said the progress of the programme will be measured through a new National Cyber Confidence research tracker, which will regularly track online safety perceptions and behaviour. . . ."

Another Reason to Get Rid of Internet Explorer - Forbes: " in case you haven’t heard, anyone using versions of IE prior to version 9 is now at serious risk of getting hacked. And who are using earlier versions of IE than version 9? Why, that would be everyone using Windows XP and 2000 because only IE 8 and lower are supported on those operating systems. The new risk is from a serious new vulnerability that affects IE 6 through 8 inclusive and the exploit is “in the wild” … that means the bad guys know about it and how it works and it’s only a matter of time before it will be in what are called “exploit kits” (software tools bad guys use to create and execute their attacks). According to security firm Avast as quoted on The Next Web “there are currently four live sites exploiting the vulnerability and five dead sites that exploited it.”"

Obama signs renewal of foreign surveillance law - seattlepi.com: "President Barack Obama has signed into law a five-year extension of the U.S. government's authority to monitor the overseas activity of suspected foreign spies and terrorists. The warrantless intercept program would have expired at the end of 2012 without the president's approval. The renewal bill won final passage in the Senate on Friday. Known as the Foreign Intelligence Surveillance Act, the law allows the government to monitor overseas phone calls and emails without obtaining a court order for each intercept. The law does not apply to Americans. When Americans are targeted for surveillance, the government must get a warrant from a special 11-judge court of U.S. district judges appointed by the Supreme Court."

more news below



UK Report Warns of Fatal Cyber Attack on Armed Forces

UK Report Warns of Fatal Cyber Attack on Armed Forces
eSecurity Planet
"'It is our view that cyber security is a sufficiently urgent, significant and complex activity to warrant increased ministerial attention,' he said. 'The Government needs to put in place -- as it has not yet done -- mechanisms, people, education ...

eSecurity Planet

Infosecurity - Defence Select Committee finds UK cyber security ...
Half of UK business networks have already been compromised by the bring-your- own device (BYOD) phenomenon of workers using personal devices for ...
www.infosecurity-magazine.com/.../defence-select-committee-...

E.U. cyber security agency lists top emerging technology threats ...
Developments and trends affecting buyers of specialty insurance lines, including D&O, E&O, employment practices liability, cyber risk, marine and transportation, ...
www.businessinsurance.com/article/20130108/.../130109891

S.C. lawmakers tackle elections, ethics, cyber security in new ...
State lawmakers return to work today in a new legislative session that legislators say will focus on fixing last year's election mess, improving cyber security, ...

more news below



Homeland Security warns to disable Java due to zero-day flaw

Homeland Security warns to disable Java amid zero-day flaw | ZDNet: "Java is used by hundreds of millions of Windows, Mac and Linux machines -- along with mobile devices and embedded systems -- around the world to access interactive content or Web applications and services.  It's not uncommon for the U.S. government -- or any other government agency -- to advise against security threats, but rarely does an agency actively warn to disable software; rather they offer advice to mitigate such threats or potential attacks, such as updating software on their systems."

Online Banking Attacks Were Work of Iran, U.S. Officials Say - NYTimes.com: "A hacker group calling itself Izz ad-Din al-Qassam Cyber Fighters has claimed in online posts that it was responsible for the attacks.  The group said it attacked the banks in retaliation for an anti-Islam video that mocked the Prophet Muhammad, and pledged to continue its campaign until the video was scrubbed from the Internet. It called the campaign Operation Ababil, a reference to a story in the Koran in which Allah sends swallows to defeat an army of elephants dispatched by the king of Yemen to attack Mecca in A.D. 571. But American intelligence officials say the group is actually a cover for Iran. They claim Iran is waging the attacks in retaliation for Western economic sanctions and for a series of cyberattacks on its own systems. In the last three years, three sophisticated computer viruses — called Flame, Duqu and Stuxnet — have hit computers in Iran. The New York Times reported last year that the United States, together with Israel, was responsible for Stuxnet, the virus used to destroy centrifuges in an Iranian nuclear facility in 2010. “It’s a bit of a grudge match,” said Mr. Lewis of the Center for Strategic and International Studies."


more news below




Security firm sees cyber threats ahead

Security firm sees cyber threats ahead | Sun.Star: "The firm said governments pressured by the growing threat of cyber-attacks against their infrastructure are compelled to use technology for monitoring suspected cybercriminals, a serious security breach that could put law enforcement to question.“Clearly, the use of legal surveillance tools has wider implications for privacy and civil liberties. And as law enforcement agencies, and governments, try to get one step ahead of the criminals, it’s likely that the use of such tools - and the debate surrounding their use - will continue,” said Raiu.The report entitled “Kaspersky Security Bulletin 2012: Malware Evolution” also lists legal use of surveillance tools, attacks on cloud-based networks, cyber extortion on companies and individual Internet users, and mobile malware as among the top predictions for 2013. . . "


more news below



Secret Ways of Chinese Telecom Giant Huawei

The Secret Ways of Little Known Chinese Telecoms Giant Huawei - SPIEGEL ONLINE: " . . . The center is meant to banish all worries about the secretive company and its founder's (Chinese) military past, but not everyone is convinced. "That is probably supposed to sound reassuring," says Felix Linder, who dresses in black and goes by the name "FX" in industry circles. "But what good does it do German companies if the British intelligence service knows about Huawei's security vulnerabilities?" Linder is the head of Recurity Labs, a 10-person IT security firm based in Berlin's Kreuzberg district. "Intelligence agencies love security gaps," he adds, "just in case they need access at some point themselves." Lindner caused a global stir in July when he pointed out backdoors in Huawei Systems at the Defcon hacker conference in Las Vegas. At the time, attackers could easily crack the security coding of Huawei routers by entering standard, preset passwords, such as "supperman" with two p's. "I used to frequently criticize companies like Sun Microsystems," Lindner says dryly. "But comparatively speaking, Sun has seemed positively exemplary to me ever since I've gotten acquainted with Huawei. Its security reminds one of the level seen in the 1990s." In response, Huawei says that it cannot go into detail about security-related issues, but adds that it puts the highest value on quality. Still, Lindner doesn't believe that the unsecured backdoors in Huawei routers were programmed with evil intentions. Instead, he suggests that they are the result of sloppy work by young, underpaid engineers."


more news below



The Four Horsemen of Cyber Security Threats in 2013

The Four Horsemen of Cyber Security Threats in 2013
Information Management
But the latest batch of cyber attackers are delving deeper into the cyber warfare and cyberterrorism space. They have a rapidly evolving ideology and agenda – namely, they are coming to destroy the secure network, erase pertinent data, wreak havoc ...

Cyber security awareness & tips for Nigerians
The Guardian Nigeria
Cyber crime or Cyber warfare transcends physical boundaries and as such erecting perimeter fencing offers no help. Recently news filtered in that names, addresses, bank account details etc of some serving and retired personnel of Nigeria's State ...

Mr. Mitnick, I presume? Africa's coming cyber crime epidemic
ITworld.com
Writing on Trend Micro's blog on Thursday, Loucif Kharouni, a Senior Threat Researcher at thesecurity firm Trend Micro wrote that Africa will become a "haven" for cyber criminals, as its population of Internet users explodes in an environment of lax ...

Leading Cyber Security Experts to Meet in London
PR Newswire (press release)
Entering into its 7th year, Defence IQ's Cyber Defence & Network Security (CDANS) symposium will again deliver an unrivalled panel of senior speakers from government, military and critical national infrastructure. Taking place in London from 28 - 31 ...

more news below



NSA targeting domestic computer systems

Revealed: NSA targeting domestic computer systems in secret test | Internet & Media - CNET News: "Newly released files show a secret National Security Agency program is targeting the computerized systems that control utilities to discover security vulnerabilities, which can be used to defend the United States or disrupt the infrastructure of other nations. The NSA's so-called Perfect Citizen program conducts "vulnerability exploration and research" against the computerized controllers that control "large-scale" utilities including power grids and natural gas pipelines, the documents show. The program is scheduled to continue through at least September 2014. The Perfect Citizen files obtained by the Electronic Privacy Information Center and provided to CNET shed more light on how the agency aims to defend -- and attack -- embedded controllers. The NSA is reported to have developed Stuxnet, which President Obama secretly ordered to be used against Iran's nuclear program, with the help of Israel."

Cyber defense techniques adopted in Iran's ongoing naval drills
Xinhua
Rastegari said that, during the drills, aggressive forces launched a cyber attack against the computer network of defensive forces in order to infiltrate the network and hack information or spread viruses. The cyber defense forces "successfully ...

Noida police launches new software to check cyber crimes
Zee News
Noida police launches new software to check cyber crimes Noida: To ensure cyber security in the city, Noida police on Sunday directed 70 cyber cafe owners to install a new software that will securetheir computers from being misused. Noida police ...

Leading Cyber Security Experts to Meet in London - Yahoo! Finance
From Yahoo! Finance: LONDON, December 27, 2012 /PRNewswire/ --Entering into its 7th year, Defence IQ's Cyber Defence & Network Security (CDANS) ...
finance.yahoo.com/.../leading-cyber-security-experts-meet-08...

more news below



Russia's cyber-security mogul behind Flame virus

Wired's Most Dangerous: Russia's cyber-security mogul behind Flame virus ...
RT
“If all he did in the last year was intercede in America's efforts to short-circuit Iran's nuclear ambitions – definitively unmasking a cyber-weapon for the first time – Kaspersky would've earned himself a spot on our list of the most dangerous people ...

RT

Is there a greater risk of cyber attack over the holidays?
PCWorld (blog)
The perception of impending doom is largely unfounded, according to Andrew Storms, director ITsecurity operations for nCircle. Maybe it's just cyber-attack PTSD? Storms explains, “In spite of the increase in malware and viruses around every major ...

Are we prepared for a cyber storm?
Financial Times
“We know of specific instances where intruders have successfully gained access to these control systems,” Panetta observed, adding that “we also know that they are seeking to create advanced tools to attack these systems and cause panic and destruction ...

Cyber Risks: Are You Protected?
JD Supra (press release)
In the past year, targeted cyber attacks against small and medium businesses has nearly doubled: from 18% in 2011 to 35% in 2012, according to a study released by the National Cyber SecurityAlliance and Symantec. Recent studies report that 74% of ...

Middle East tackles cyber security threat with world class training
AME Info
There has been an unprecedented volume of malicious code and attacks - including many high profile incidents - in the Middle East during 2012. Attacks ranged from those performed by cyber criminals to hacktivists and in some cases reportedly nation ...

ENISA outlines smart grid cyber security measures
Electric Light & Power
The report proposes security measurements that are designed to improve the minimal level ofsecurity across the EU energy ecosystem. Its propositions target ten separate domains that are further divided into three levels of sophistication. Adoption of ...

more news below



British amateur named world's top civilian cyber defender in hacking challenge

British amateur named world's top civilian cyber defender in hacking challenge ...
Daily Mail
Despite his obvious talents with information technology, success in the DC3 competition came as a surprise and has prompted him to start applying for his first job in cyber security. Mr Doman's success has made him eligible to take ... There 30 ...

Daily Mail

more news below



cyber security - Google News

cyber warfare - Google News

cyber defense - Google News

US-CERT Cyber Security Tips

Cyber War News

Alive in the Cloud

expri.com