Cybersecurity News

“Very few single cyber-related events have the capacity to cause a global shock,” according to a recent report released Friday by the Organization for Economic Co-operation and Development (OECD).

The report, “Reducing Systemic Cybersecurity Risk” (pdf), published by professors Peter Sommer of the London School of Economics and Ian Brown of Oxford University, examines the various aspects of a cyber attack and the impacts attacks have on different variables.

According to the report, the researchers say an all-out cyberwar is “unlikely” to ever occur, based on the fact that it would require only cyberweaponary to be used in carrying out the conflict.

And while they don’t doubt the imminent use of cyberwar tactics, the researchers added, “In nearly all future wars as well as the skirmishes that precede them, policymakers must expect the use of cyberweaponry as a disrupter or force multiplier, deployed in conjunction with more conventional kinetic weaponry.”

Calling for more coordination between government and the private sector, the report goes on to note that such partnerships are crucial in protecting national critical infrastructure from future cyber threats and attacks.

Regarding public-private collaboration, the researchers also assert that “effective privacy safeguards and civil society involvement will be required to ensure public trust in these arrangements.”

Meanwhile, it seems implementing effective privacy safeguards was at the top of the to-do list for developers of the vicious computer worm Stuxnet that targeted Iran’s nuclear program back in June.

According to a report from Reuters, the International Atomic Energy Agency, a UN watchdog organization, announced yesterday that it has obtained “only limited knowledge” of Stuxnet following reports that the worm attacked the Iranian system.

Nonetheless, other organizations are stretching outside factual knowledge and into the realm of Stuxnet speculation.

According to the New York Times, some are accusing the US and Israel as the prime suspects behind the malicious worm, with particular focus on Iran’s nuclear program, which would soon be capable of producing enriched uranium and, thus, nuclear weapons.

Noting that researchers at the Idaho National Laboratory, a lab run by the US Department of Energy, may have provided Israel with information on vulnerabilities in Iran’s Natanz enrichment plant network, the Times published a lengthy feature over the weekend, delving further into the topic of Stuxnet’s attribution.

According to the report, the Dimona complex, an Israeli mock-up of Iran’s nuclear plant, was capable of testing the Stuxnet worm and assessing the damage and delay it could create for Iran’s nuclear program.

“Though American and Israeli officials refuse to talk publicly about what goes on at Dimona, the operations there, as well as related efforts in the United States, are among the newest and strongest clues suggesting that the virus was designed as an American-Israeli project to sabotage the Iranian program,” the Times reported.

And thus it seems we are only at the beginning of examining the power of a cyber attack…

Additional cybersecurity news headlines follow:

Report: Cybersecurity Treaty Might Not Be Achievable (National Journal)

OCED Report: Cyber Warfare Risks Overblown (InformationWeek)

DHS Invests $16M In Cybersecurity Testbed (InformationWeek)

NSA app to help recruit cyber experts (Federal News Radio)

Congress requests information concerning clandestine cyber activities (The State Column)

Naval Academy puts cyber in new curriculum (Federal News Radio)

Decoy networks, separation tactics part of AT&T security chief’s infrastructure protection plans (NetworkWorld)

Expert warns of new data security risks (Computing)

Computer crimes can affect your bottom line (Dallas Business Journal)

Never-Ending Pursuit of Global Cybersecurity Cooperation (GovInfoSecurity)

Muscling in on the Internet (The Daily Caller)

11 Ways to Combat Botnets, the Invisible Threat (eSecurity Planet)

Facebook Wants to Issue Your Internet Driver’s License (NetworkWorld)

Call of Duty cyber attack arrest boy bailed again (BBC)

OPINIONS:

Mullen: Cyber attack potential impact ‘substantial’ (CNN)

Private sector initiative, not global treaty, is the best cybersecurity strategy (InfoSecurity)

Cyberwar hype is obscuring real security threats (The Register)

CEO of Eurasia Group discusses the geopolitics of cybersecurity (Foreign Policy)

INTERNATIONAL ISSUES:

Two Koreas in cyber proxy war (Wall Street Journal)

British electrical grid is wide open to hackers (TechEye)

Iran’s Paramilitary Militia Is Recruiting Hackers (Forbes)

Gates Cites ‘Disconnects,’ But Says China’s Leaders Do Control Military (Voice of America)

UK and Australia to discuss cybersecurity (ZDNet)

INDUSTRY GAINS:

BAE buys Irish financial cybersecurity group (AFP)

Israeli cybersecurity firm Covertix gets $1 million in venture capital funding (InfoSecurity)

CSC wins $30 million cybersecurity award (Washington Business Journal)