iPhone, iPad… iSecurity?
Earlier this week we followed the hype as Apple released its new iPhone 4… But is Steve Jobs’ new iPad (the iPhone’s Kindle-like kin) shaping up to be a lemon?
According to Reuters, a security breach of the iPad has raised a red flag over at the FCC, as Joel Gurin, FCC consumer and governmental affairs bureau chief, reported that the Commission is investigating the incident. Gurin went on to add that, because of recent consumer data leaks at companies across the country, the FCC now sees cybersecurity as a “high priority.”
Across the pond, it appears that the UK should also be amp’ing its cybersecurity ammo. According to Huffington Post blogger and noted security scholar Azeem Ibrahim, “Cybersecurity is likely to overtake terrorism as the number one threat to the UK’s critical infrastructure over the coming decades.” To fend off potential attacks, Ibrahim recommends the British government’s Strategic Defense Review should look into modern day terrorism tactics, in addition to its “traditional purview of the Ministry of Defense.”
Read more…
Fast Tracks for Cyber Attacks
Yesterday we saw the roll-out of new cybersecurity legislation co-sponsored by a Senate trio. This morning Federal News Radio reports that that legislation, the “Protecting Cyberspace as a National Asset Act of 2010,” is on the “fast track” to becoming law. According to the news station, Sen. Lieberman is planning a June 15 hearing, will mark up the bill a week later, and anticipates having the bill out of the committee by July 4 recess.
Also on the fast track, earlier this week we learned of the “high possibility” of North Korea hitting South Korea with a cyber attack during the upcoming G-20 Summit. Now the AFP is reporting that a cyber attack, believed to be from North Korea, has already hit one of South Korea’s government websites, infecting the system for nearly three hours.
And leave it to Fox News to bring us the cybersecurity-scare tactic term: “Electronic Armageddon.” Citing “high-energy electric pulses from the sun,” Fox reports that our electrical grid could falter if Congress does not provide funding to fix the potential problem. According to the article, a recently passed House measure, “The Grid Reliability and Infrastructure Defense Act” would “amend the Federal Power Act to protect the bulk-power system and electric infrastructure critical to the defense of the United States against cybersecurity and other threats and vulnerabilities.”
Read more…
Cybersecurity: A “National Asset”
As reported by Cybersecurity News this morning, Senators Lieberman, Collins and Carper today introduced their co-sponsored “Protecting Cyberspace as a National Asset Act of 2010,” in an effort to provide the president with detailed emergency powers in the event of a cyber attack.
In conjunction with the legislation roll-out, the senators published an op-ed in today’s Politico urging their Congressional cohorts and constituents: “We must ‘arm’ the cyberspace battlefront.”
Referencing the benefits of their new bill, the senators warned that “We have to prepare now for the very real possibility of cyberwar and cyberterror. For example, an adversary could take down our electrical grid or financial infrastructure from across the ocean — using just a series of keystrokes.”
Over in the House, reps already have electrical grid protection on their radar. According to Federal Computer Week, the House yesterday passed a measure providing the Federal Energy Regulatory Commission with additional authority to protect the nation’s power grid from potential cyber attacks.
Moving away from the Hill to news in the [Silicon] Valley, Security Week is reporting that iPad consumer data has been leaked by way of a security gap in service provider AT&T’s system. According to the report, the group of hackers “claimed to uncover over 114,000 email addresses of of iPad customers, including government officials, business executives, and the military, including William Eldredge, commander of a B-1 bomber group for the US Air Force.”
New Cyber Legislation Expected Today
Several key media, including Business Week, are reporting this morning that new cybersecurity legislation will be rolled out today by Sens. Joe Lieberman (I-CT), Susan Collins (R-ME) and Tom Carper (D-DE).
The new measure, to be announced at an 11:30 AM press conference, would aim to provide the president with certain specific powers in the event of a major cyber attack. The legislation would also create a White House Office of Cyberspace Policy, and the president would be required “to inform Congress in advance of what measures are being taken. The measures would expire in 30 days unless renewed by the president.”
“Our economic security, national security and public safety are now all at risk from new kinds of enemies, cyber- warriors, cyber-spies, cyber-terrorists and cyber-criminals,” Sen. Lieberman announced in a statement. “The need for this legislation is obvious and urgent.”
Read more…
Computer Security and National Security: Finding a Link
The AFP this afternoon is reporting that cybersecurity experts from across the globe will meet in Estonia next week to address “the growing connection between computer security and national security.” Among the list of expected attendees is former White House top cybersecurity official, Melissa Hathaway, who is scheduled to provide a keynote speech.
A “growing connection” can also be found between computer security, national security and the technology industry. The connection comes by way of eSecurity Planet, who detailed a new contract won by noted IT corporation HP: A $9 million contract with the US Air Force. Based on the agreement, HP will implement a Cyber Control System “to help Air Force officials make real-time responses and formulate strategies when faced with network intrusions or attacks.”
It is safe to say: HP is ramping up its cybersecurity efforts and calling on fellow tech industry types to follow suit. In a separate report, in an interview with Computer World, HP’s executive vice president and general counsel, Michael Holston, urged the tech industry to start focusing on privacy and security. “With all of these challenges and issues come huge opportunities to be smart about technology innovation and strengthen trust,” Holston advised.
China’s Cyber “Beef Up”
The Scottish Herald is reporting this morning that a cyber attack shuttered the website of the Strathclyde Police. According to the report, the Scottish police force shut down its site for nearly 24 hours “after a number of weblinks appeared that diverted users to a Chinese site with a history of distributing viruses.”
While the cybersecurity world knows all too well that a China-based attack is not a novel concept, in an article published this morning by Xinhua, China’s official press agency, it appears that the nation may be trying to repair its global cyber image. To “beef up” cybersecurity, the press agency reports that “China is taking actions to attack on-line criminals while guarantying openness of the Internet.” The article goes on to mention that “Legislation is in place against the illegal use of the Internet.”
And in further attempts to boost cybersecurity in China and across the globe, NPR ponders the question, “Does averting cyberwar mean giving up web privacy?” In a Morning Edition feature, Princeton cybersecurity expert, Rebecca MacKinnon, told NPR, “Criminals and militaries are most likely going to figure out ways to do what they need to do on the Internet and minimize their traceability… The people who are really going to be hurt are dissidents in countries like China or Iran.”
Read more…
Senators School on Cyber Crime
“The US must take a leadership role, both internationally and bilaterally, to establish best practices for nations that allow the Internet to be turned into a criminal enterprise–or even a weapon,” advised Sens. Kirsten Gillibrand (D-NY) and Orrin Hatch (R-UT) in an op-ed in Forbes today.
The two senators went on to add, “If we don’t improve international cooperation, safe havens will continue to flourish, and our economy, security and people will be under threat.”
Meanwhile, students at Penn State may already be under such “threat.” According to the Associated Press, infected university computers leaked 25,000 Social Security numbers. This comes in addition to a similar privacy breach last year when the university reported that over 35,000 SSNs were exposed in an online attack. Additional news from the day follows…
Read more…
NATO and Attacks Across Asia
A hard hit for NATO this week. While reports trickled in that insurgents killed 12 NATO soldiers on Monday in the “worst single day for the foreign forces operating in Afghanistan,” The Times (UK) reported a series of Russian-based cyber attacks on NATO members, as well as “warnings from intelligence services of the growing threat from China.” According to the paper, the organization will consider the use of military force to protect NATO members in the event of future online attacks.
But cyber threats span beyond China. In an article in the Korea Times, military leaders warned of the “high possibility” that North Korea will rock South Korean networks with cyber attacks during the upcoming G-20 Summit in Seoul.
Back in the States, The New New Internet said that a hacker took more than $640K from the NYC Department of Education. According to the report, investigators were able to track the stolen funds, resulting in a 364-day federal prison sentence for the hacker, as well as $275,188.67 owed in restitution.
And Google continues to make Cybersecurity News this morning, as NASDAQ notes that the Internet search giant has hired a leading security firm to examine how its software “inadvertently gathered Internet users’ private data transmitted over unsecured wireless networks.”
The iPhone 4 and Mobile Security
Creating a stir in the technology world today, Steve Jobs unveiled Apple’s long-anticipated, new iPhone 4. While Jobs did not lay claims as to whether or not AT&T would continue on as the phone’s exclusive carrier, two other organizations did. According to Federal News Radio, the General Services Administration and the Department of Homeland Security approved the “first governmentwide provider of cybersecurity services under AT&T’s Networx contract.”
And in a separate piece on mobile security, Federal News Radio warned: “Network convergence could leave your phone vulnerable.”
Moving from voice to video, Wired is reporting that Federal officials have arrested an Army intelligence analyst who “boasted of giving classified US combat video and hundreds of thousands of classified State Department records to whistleblower site Wikileaks.” Meanwhile, PressTV announced that the Pentagon is hacked 6 million times daily.
So with all the latest buzz surrounding cybersecurity and the nation’s Defense, is Government Computer Networks wrong to report “Congress just doesn’t see cybersecurity’s sex appeal“?
Read more…
US Cyber Ties to India, Russia
PC World reports that an International Telecommunication Union conference concluded in Hyderabad, India this morning with a general consensus: “Cybersecurity needs a common legal and regulatory framework across countries and the regular updating of these laws to take into account the changing nature of cybercrimes.”
Back in the States, it appears planning for the “framework” is already underway. According to Washington’s Embassy of India, Secretary of State Hillary Clinton and India’s External Affairs Minister, Shri S.M. Krishna, met yesterday to discuss “India-U.S. Strategic Dialogue.” In a press release, the Embassy says the two leaders “reiterated the necessity of building on momentum to strengthen cooperative efforts in the area of information and communication technology in general and also to address emerging transnational cybersecurity challenges.”
Still, US cyber ties stretch beyond India. The Wall Street Journal reports that Gen. Keith Alexander, chief of the military’s new CYBERCOM, yesterday “endorsed talks with Russia over a proposal to limit military attacks in cyberspace, representing a significant shift in US policy.”
Read more…
Cybersecurity News 