Cybersecurity News

As the US stock market took a major dive Monday, then bounced back only a day later, more than 70 corporations, nonprofits and government organizations around the globe might be hoping to see their cybersecurity efforts do the same.

According to a report released late last week by McAfee, the computer security giant known for its anti-virus software and solutions, 72 organizations, including several US defense firms, the United Nations secretariat, a US Department of Energy lab and the International Olympic Committee, were the target of a series of cyber attacks and online espionage taking place over the past five years.

The report, “Revealed: Operation Shady RAT,” produced by Dmitri Alperovitch, vice president of McAfee’s threat research department, revealed that McAfee gained access to a specific command and control server used by the intruders, and from there, was able to collect logs, as well a diverse list of the companies and government agencies around the world that were compromised by the targeted attacks.

“Every company in every conceivable industry with significant size and valuable intellectual property and trade secrets has been compromised (or will be shortly), with the great majority of the victims rarely discovering the intrusion or its impact,” Alperovitch noted in the report.

And while some victims may be rushing to raise their cyber defenses, others are looking to find the at-fault, with fingers pointing to China, as the report suggested that a “state actor” was most likely to blame “because there is likely no commercial benefit to be earned from such hacks.”

But China isn’t taking the news lightly. According to Reuters, the People’s Daily, the nation’s top newspaper reflecting the views of China’s ruling Communist Party, denied the hacking claims, avowing that, “Linking China to Internet hacking attacks is irresponsible.”

The newspaper went on to accuse McAfee of releasing the report for the sole purpose of increasing its sales.  However, McAfee quickly rebutted the allegations, stating that it “has tried to reach government agencies and businesses it can identify through some evidence to let them know about these hacker intrusions,” additionally asserting that the report was not intended to gain new customers, Network World reported.

And to further deny the finger-pointing, the People’s Daily concluded that “As the number of hacking attacks on prominent international businesses and organizations has grown this year, some Western media have repeatedly depicted China as the villain behind the scenes,” Reuters reported.

Beyond the blame game, check out the following cybersecurity news headlines you may have missed:

US government hankers for hackers (Reuters)

Debt deal could be a blow for cybersecurity (NextGov)

DHS fears a modified Stuxnet could attack US infrastructure (Wired)

State Department, auditors clash on IT security monitoring (InformationWeek)

Reid pushes US Republicans for cybersecurity bill (Reuters)

Ex-Microsoft exec VanRoekel named US technology chief (Washington Post)

Cyber defense agency faces challenges from within (Huffington Post)

Defense cyber strategy avoids tackling the most critical issues (National Journal)

After 13 years, critical infrastructure security still lacking (GCN)

Auditors: Pentagon cyber budget has fuzzy numbers (NextGov)

Defcon Convention: Gov cybersecurity experts look to recruit top hackers (Huffington Post)

US wants to build cybersecurity protection plan for cars (NetworkWorld)

Banks face ongoing cyber threats (InformationWeek)

INTERNATIONAL ISSUES:

Iran says US ‘will be taught the mother of all lessons’ in cyber retaliation (WND)

Hong Kong Stock Exchange suspends trading to investigate potential hacking (ComputerWorld)

Hackers attack S. Korean sites; up to 35M users affected (Reuters)

S. Korean police probing country’s worst-ever cyber attack (VOA)

N. Korean hackers hired to attack S. Korea game network (Reuters)

China hit by 480,000 Trojan horse attacks in 2010 (PCWorld)

After cyber attack, Canada unveils network changes (AFP)

EU cybersecurity body urges Web security review (ZDNet)

Interpol presence strategic to Singapore cybercrime purge (ZDNet)

CYBER ATTACKS:

Hackers take $1B a year as banks blame clients for crime (Bloomberg)

US arrests 14 for roles in PayPal cyber attack (Reuters)

Anonymous hacks ManTech, FBI cybersecurity contractor (SecurityWeek)

DHS issues Anonymous threat assessment (TGDaily)

Unification Ministry targeted in cyber attack (Korea Herald)

Sony: Financial impact of PSN cyber attack smaller than expected (EuroGamer)

Hackers target Sun Newspaper, post reader data online (PC Magazine)

Church websites hacked to push conversion to Islam (Toledo Blade)

LiveJournal hit by massive cyber attack (eSecurity Planet)

BUSINESS BUZZ:

RSA SecureID breach costs EMC $66 million (CRN)

Apps make Apple iPhone vulnerable to attack (CNN)

Raytheon chosen by DARPA for cybersecurity research program (Press Release)

Raytheon and SafeNet team up to deliver malware detection tech (ExecutiveBiz)

CACI awarded $12B IT contract for Department of Veterans Affairs (Press Release)

Northrop Grumman names Jack Dorsett VP of cybersecurity/C4 (Press Release)

Former gov CIO John Suffolk joins Huawei as head of cybersecurity (ComputerWeekly)

CYBER INSIGHTS:

Ex-intel chief: US cyber-vulnerable (UPI)

James Lewis: Cyber attacks are rare (FierceGovIT)

Experts: US network security must be private-public partnership (China Post)

Hackers: Big corporation workers poorly trained in cybersecurity (TMCNet)

Online security doesn’t exist (CNN)

Editorial: No excuse for cyber theft (Buffalo News)