Archive for the ‘Afternoon Wrap’ Category

Abstinence: The Best Cybersecurity

Friday, October 22, 2010 | 12:56 PM 2 comments

Happy Friday and welcome back, Cybersecurity News readers!  Thanks for sticking with me during my brief hiatus (otherwise known as a European vacation).

I had every intention of keeping you all informed with the latest cybersecurity news during my travels, but with the British on high alert for cyber attack threats, and with Italy racking in a record for mobile cyber attacks, I figured Internet abstinence was probably my best choice for cybersecurity abroad.

…Thus I opted on the Swiss Alps and Roman ruins instead…  (And to my loyal readers, I offer up this link to a few photos of my travels.)

I hope you’ve been enjoying a cyber safe National Cybersecurity Awareness Month. And to recap us all, I’ve included below a list of cybersecurity headlines that you may have missed in my absence.
Read more…

Cracking Code and Taking Cyber Heat

Wednesday, July 7, 2010 | 5:30 PM Leave a comment

Calling all coding gurus and cyber geeks:  Wired’s Danger Room this afternoon is asking readers to attempt to crack an embedded military code.  According to the report, the US military’s new Cyber Command has created a logo for its organization, which includes the code “9ec4c12949a4f31474f299058ce2b22a” around the logo’s inner ring.

On the topic, a source close to CyberCom told Wired, “It is not just random numbers and does ‘decode’ to something specific.”  Although Wired has yet to explain the code’s exact meaning, the article has generated over 125 comments and translation attempts, including several suggestions that the message says “Poder Cybernetico,” meaning “Cyber Power.”

And while ‘cyber power’ may be turning up in a security logo, it’s apparently missing from a security office — That is, the Department of Homeland Security.  Continuing to catch heat for its mismanagement, DHS is “missing the mark,” Rep. Bennie Thompson (D-MS), chairman of the House Homeland Security Committee, said in a statement published by Homeland Security Today.

According to the report, a Bottom Up Review (BUR) conducted by DHS and yet to be released to the public, has five missions: “preventing terrorism and enhancing security, securing and managing US borders, enforcing and administering US immigration laws, safeguarding and securing cyberspace, and ensuring resilience to disasters.”
Read more…

Recapping the July 4 Attack and Calling for a Cyber Step-Up

Tuesday, July 6, 2010 | 9:35 PM 1 comment

Welcome back Cybersecurity News readers…

Over the long weekend, the AP reported that US officials have ruled out the idea that North Korea was behind last year’s July 4 denial-of-service (DoS) cyber attacks on US and South Korean government and corporate websites.

The origin of the attacks, which hit sites including the US Treasury Department and the Federal Trade Commission, was declared a “dead end” by Don Jackson, director of threat intelligence for cybersecurity consulting firm SecureWorks.

According to Jackson, the hackers “pulled it off so well, managed it so well — this was someone who has experience at running these types of attacks.”  Jackson further noted that, with its cyber insight, South Korea may have been the disguised delinquent.

Meanwhile, retired Gen. Wesley Clark advised, “There are a number of national intelligence agencies who are creating cybercapabilities. It’s a natural area of exploration.”  Not ruling out North Korea, Gen. Clark warned, “I wouldn’t underestimate North Korea’s potential in this space.”
Read more…

More Senate Cyber Legislation and House Smart Grid Cyber Concerns

Friday, July 2, 2010 | 3:45 PM 1 comment

The National Journal is reporting this afternoon that seven key Senate Democrats sent a letter to President Obama last night expressing their concerns for the nation’s cybersecurity and calling for “an urgent need for action.”

In the letter, Senators Harry Reid (NC), John Rockefeller (WV), Joe Lieberman (CT), Dianne Feinstein (CA), Carl Levin (MI), Patrick Leahy (VT) and John Kerry (MA) wrote: “We must ensure that the federal government is organized and integrated to facilitate cross-government coordination, broad situational awareness, and agile, effective responses to cyber threats.  We must also ensure that the government has adequate authorities to protect U.S. critical infrastructure and has the institutions in place to ensure effective cooperation and information sharing with key government and private sector actors.”

The senators went on to note that they are “working to develop comprehensive cyber legislation that will endow the federal government with the capabilities and authorities it needs to effectively meet the tremendous challenges of cybersecurity.”  An expected date for the new legislation was not provided.

Over in the House, cybersecurity was also a topic of discussion, as the Committee on Science and Technology’s Subcommittee on Technology and Innovation held a hearing yesterday to discuss smart grid standards and technologies.  A press release on the hearing included the mention of cybersecurity measures to protect the nation’s power grid, which, according to Subcommittee Chairman David Wu (D-OR), “has often been called the biggest machine on Earth.”
Read more…

US-Russia Cyber Ties and Spies Seen as “Real Threat”

Tuesday, June 29, 2010 | 4:35 PM Leave a comment

Earlier this month, the Wall Street Journal reported that Gen. Keith Alexander, head of the new US Cyber Command, was backing talks with Russia “over a proposal to limit military attacks in cyberspace, representing a significant shift in US policy.”

And just last week, the Associated Press reported that President Obama sat down with Russian President Dmitry Medvedev, claiming to have “succeeded in resetting the relationship between the former Cold War adversaries that had dipped to a dangerous low in recent years.”

But today, as news continues to trickle in on the FBI’s Sunday investigation and arrest of [now 11] Russian spies living in Yonkers, Boston and northern Virginia, it appears that the US may need to reexamine its relationship with the ‘Bear’ in the room.

According to the New York Times, living in the States for more than a decade, the deemed “espionage ring” was collecting information on the CIA, US intelligence, nuclear weapons, US ties to Iran and, all the while, recruiting new members into its group.
Read more…

Cyber Bills: Creating Concerns and Competition

Monday, June 28, 2010 | 4:15 PM Leave a comment

There are “five critical flaws” in the Lieberman-Collins-Carper cybersecurity legislation. That’s according to Jeffrey Carr, who, in an article in Forbes today, said the bill, which passed in the Senate Homeland Security and Governmental Affairs Committee last week, should have us “very concerned.”

According to Carr, a cyber intelligence consultant for the US government, the bill: puts the power grid in the private sectors’ hands, leaving it vulnerable to an attack;  provides the President with cyber authority after an attack occurs, in lieu of being proactive;  provides specific power to the US-CERT, which was recently criticized for its lack of
manpower and authority;  enables energy companies to report, on their own time, if/when they have been attacked, further delaying government response and repair;  and fails to examine all potential sources, internally and internationally, capable of attacking the US.

The solution?  Another cybersecurity bill…

Though it may not be the right answer, Republican Senators Kit Bond and Orrin Hatch have introduced new legislation, the National Cyber Infrastructure Protection Act of 2010.
Read more…

Cybersecurity Heats Up in Washington

Tuesday, June 22, 2010 | 4:45 PM Leave a comment

Information Week is reporting this afternoon that Senate Majority Leader Harry Reid announced the chamber’s plan to combine several cybersecurity measures currently floating around the floor.

According to the article, Eric Hopkins, federal financial management subcommittee staffer of the Senate Homeland Security and Government Affairs Committee, suggested, “By working together, we can put something together that will be solid and hopefully won’t require too much debate.”

The Information Week article goes on to acknowledge that the Senate homeland security committee bill co-sponsored by Sens. Lieberman, Collins and Carper, as well as the Senate commerce committee bill of Sens. Rockefeller and Snowe are “the two most prominent and comprehensive bills currently circulating.”

Meanwhile, cybersecurity continues to pick up steam, with the Washington Post reporting that the White House Office of Science and Technology announced its plan to sponsor major federal cybersecurity research.  According to Dawn Meyerriecks, deputy director of national intelligence for acquisition and technology, “The government’s about to spend multiple billions of dollars.”
Read more…

Update: Senate Security Hearing on Protecting Cyberspace as a National Asset Act

Tuesday, June 15, 2010 | 5:45 PM Leave a comment

Federal Computer Week is reporting this afternoon that the much-talked-about Senate cybersecurity legislation, the “Protecting Cyberspace as a National Asset Act,” should be on Obama’s desk by the end of the summer…  That’s according to Sen. Joe Lieberman (I-CT), who heads the Senate Homeland Security and Governmental Affairs Committee, where a hearing for the bill was held today.

While the report mentions that there are currently more than 40 cybersecurity measures floating around the Hill, Lieberman’s legislation continues to gain support, thanks to his prominent role as committee chair.  According to Lieberman, Senate Majority Leader Harry Reid (D-NV) is also on board, and pushing the bill out to Obama’s desk by summer’s end was Reid’s intent.

And if you want a more candid look at the “Protecting Cyberspace as a National Asset Act,” check out ZDNet’s article: “Lieberman’s cyber-security bill: The good, the bad, the ugly.”  Of the 197-page bill, ZDNet’s guest editorial writer, Matthew Olney of SourceFire, suggests:  “This is an impressive, expansive and ambitious piece of legislation, completely reworking the Federal government’s management of cyber security issues.  There are a lot of things in the bill that I think are necessary.  Of course… There are a couple of issues that, erm, have ‘opportunity for improvement.’”

Olney goes on to mention that Lieberman is “on the right track,” but wishes the senator good luck, suggesting that he concentrate more on ensuring open communication and information channels between the Federal government and the private sector.  “We cannot simply hand over the infrastructure to the Federal government,” Olney advised.
Read more…

iPhone, iPad… iSecurity?

Friday, June 11, 2010 | 5:00 PM 1 comment

Earlier this week we followed the hype as Apple released its new iPhone 4… But is Steve Jobs’ new iPad (the iPhone’s Kindle-like kin) shaping up to be a lemon?

According to Reuters, a security breach of the iPad has raised a red flag over at the FCC, as Joel Gurin, FCC consumer and governmental affairs bureau chief, reported that the Commission is investigating the incident. Gurin went on to add that, because of recent consumer data leaks at companies across the country, the FCC now sees cybersecurity as a “high priority.”

Across the pond, it appears that the UK should also be amp’ing its cybersecurity ammo.  According to Huffington Post blogger and noted security scholar Azeem Ibrahim, “Cybersecurity is likely to overtake terrorism as the number one threat to the UK’s critical infrastructure over the coming decades.”  To fend off potential attacks, Ibrahim recommends the British government’s Strategic Defense Review should look into modern day terrorism tactics, in addition to its “traditional purview of the Ministry of Defense.”
Read more…

Cybersecurity: A “National Asset”

Thursday, June 10, 2010 | 4:00 PM 3 comments

As reported by Cybersecurity News this morning, Senators Lieberman, Collins and Carper today introduced their co-sponsored “Protecting Cyberspace as a National Asset Act of 2010,” in an effort to provide the president with detailed emergency powers in the event of a cyber attack.

In conjunction with the legislation roll-out, the senators published an op-ed in today’s Politico urging their Congressional cohorts and constituents: “We must ‘arm’ the cyberspace battlefront.”

Referencing the benefits of their new bill, the senators warned that “We have to prepare now for the very real possibility of cyberwar and cyberterror. For example, an adversary could take down our electrical grid or financial infrastructure from across the ocean — using just a series of keystrokes.”

Over in the House, reps already have electrical grid protection on their radar.  According to Federal Computer Week, the House yesterday passed a measure providing the Federal Energy Regulatory Commission with additional authority to protect the nation’s power grid from potential cyber attacks.

Moving away from the Hill to news in the [Silicon] Valley, Security Week is reporting that iPad consumer data has been leaked by way of a security gap in service provider AT&T’s system.  According to the report, the group of hackers “claimed to uncover over 114,000 email addresses of of iPad customers, including government officials, business executives, and the military, including William Eldredge, commander of a B-1 bomber group for the US Air Force.”