Is Public-Private Information Sharing Needed to Respond to the Massive Increase in Cyber Attacks?

Posted on December 19, 2011 by Colin J. Zick

Interesting article in Friday's Wall Street Journal on potential cybersecurity legislation to improve information sharing between industry and government.  Perhaps the best part of the article is the citation of statistics from Symantec's annual Internet Security Threat Report:  Trends for 2009 and 2010 on how many customer has updates Symantec sent out to address new attacks customers were facing:

  • 2002:  20,254 updates
  • 2003:  19,159 updates
  • 2004:  74,981 updates
  • 2005:  113,081 updates
  • 2006:  167,069 updates
  • 2007:  708,742 updates
  • 2008:  1,691,323 updates
  • 2009:  2,895,802 updates
  • 2010:  10,000,000 updates

 

Tags: , , , , , ,

Is Public-Private Information Sharing Needed to Respond to the Massive Increase in Cyber Attacks?

Posted on December 19, 2011 by Colin J. Zick

Interesting article in Friday's Wall Street Journal on potential cybersecurity legislation to improve information sharing between industry and government.  Perhaps the best part of the article is the citation of statistics from Symantec's annual Internet Security Threat Report:  Trends for 2009 and 2010 on how many customer has updates Symantec sent out to address new attacks customers were facing:

  • 2002:  20,254 updates
  • 2003:  19,159 updates
  • 2004:  74,981 updates
  • 2005:  113,081 updates
  • 2006:  167,069 updates
  • 2007:  708,742 updates
  • 2008:  1,691,323 updates
  • 2009:  2,895,802 updates
  • 2010:  10,000,000 updates

 

Tags: , , , , , ,

Incidents of the Week: Iranian Cyber Army Targets Twitter & $26 Software Application Intercepts U.S. Military Satelite Feeds In Iraq

Posted on December 18, 2009 by Gabriel M. Helmer

1.  Iranian Cyber Army Puts Twitter On Hold

Around 10 pm last night, popular social networking site Twitter, was apparently hacked by a group calling themselves the Iranian Cyber Army.  Iran and Twitter have had a rocky relationship since last summer when Iranian citizens spread the protests over Iranian elections to the popular web site.  During that time, links circulated on Twitter that allowed users to participate in DoS (Denial of Service) attacks on Iranian government websites.  Given the name adopted by Twitter's hackers, it may be no coincidence that the New York Times interview with a U.S. computer security expert in June 2009 described the Twitter DoS attacks as allowing Twitter users to "'become part of the cyber-army,' in Iran."

 

2. $26 Russian Software Has Been Intercepting U.S. Military Drone Video Feeds In Iraq

Ever since Iraq invaded Kuwait in 1990, we laypeople have been introduced to video from U.S. military missiles right before something like a building exploded in fuzzy black and white.  Then came more advanced military drones, remote controlled airplanes, with greater resolution and improved arsenal.  If you have been craving some low res military action, it may only cost you a satellite dish and $26.  Using a $26 software package developed by Russian software company called SkyGrabber, Iraqi insurgents have reportedly been tapping into live video feeds from U.S. drone aircraft.  This news comes from a U.S. official speaking anonymously with the Wall Street Journal who reported that U.S. troops have recovered laptops used by the insurgents with "days and days and hours and hours" of intercepted military video. 

The SkyGrabber software, which allows users to tap into unencrypted satellite connections, apparently has been successfully used against the military feeds because they were (you guessed it) unencrypted.  U.S. military officials commented to CNN that encrypting the signals is problematic because it slows down video transmissions that need to be seen by a number of different operators at the same time.  Query as to whether having your adversaries monitoring your battlefield surveillance will justify adding encryption to the military's systems.  (Just remember when you do that another Russian software application is capable of decoding the WPA encryption standard.) 

Lest we begin criticizing the military too strongly, however, a moment of self-reflection might be worthwhile.  The next time you connect to the Internet using a wireless connection, whether at home or at a coffee shop, ask yourself whether you are taking any precautions to prevent your activity from being intercepted or whether you are just rolling the dice that no one in 100 yards has purchased some software from Russia recently.

 

Tags: , , , , , , , ,

Cyberspies Penetrate U.S. Power Grid

Posted on April 9, 2009 by Jeff Bone

According to a recent report from the Wall Street Journal, cyberspies from China, Russia and other countries have penetrated into the U.S. electrical grid and left behind software that could disrupt the system.  According to officials, the spies have not actually damaged the grid or any other key infrastructure, but appear to have been attempting to navigate the electrical system.  More importantly, the intruders could attempt to damage the system during a war or other national security crisis.

Evidently, there have been a growing number of intrusions over the past year, most of which were detected by intelligence agencies and not the companies actually in charge of the infrastructure.  According to officials, the software left behind "could be used to destroy infrastructure components," and "water, sewage and other infrastructure systems were at risk."  These same officials cautioned, however, that "the motivation of the cyberspies wasn't well understood, and they don't see an immediate danger."

The Journal also notes that "protecting the electrical grid and other infrastructure is a key part of the Obama's administration cybersecurity review, which is to be completed next week" (Aaron Wright's post on this blog regarding the review can be found here).  One also wonders if news of this breach will increase momentum for a cybersecurity bill recently introduced in the Senate (see my post here).  That bill would give the President power to limit or shut down Internet traffic to and from any federal government or United States infrastructure network (which would presumably include the electricity grid) and would also require that infrastructure companies meet new security standards.

Links:

Tags: , , , ,

Big Bump in Federal Cybersecurity Spending?

Posted on April 7, 2009 by Aaron Wright

The Wall Street Journal reported on Wednesday, March 18, 2009 that, worried about the dangers of attacks launched against the nation's computer systems, the federal government is likely to spend between $15 and $30 billion on cybersecurity in the next five years. The intelligence experts interviewed by the Journal estimate that U.S. losses from data breaches to be in the billions of dollars annually and that future attacks could cause physical harm or serious financial chaos. 

While future spending levels will not be set until after the White House's 60-day review of the nation's information infrastructure is completed,  the potential move has sent major defense contractors and consulting groups scrambling to capture a share of the potential spending. The Journal reports that defense contractors are adding, growing, and consolidating their cybersecurity capabilities and bumping up against already established consulting firms in the process. Foreign defense contractors are also apparently looking to become involved and are buying smaller firms and making strategic hires to position themselves.

Links:

Tags: , , , ,