Hackers target freshly-uncovered Internet Explorer hole

internet-explorer

Microsoft on Tuesday warned that hackers are targeting a freshly-uncovered weakness in some earlier versions of its Internet Explorer (IE) Web browser software.

Microsoft said it is investigating a hole that cyber attackers are taking advantage of in IE 6 and IE 7.

“At this time, we are aware of targeted attacks attempting to use this vulnerability,” Microsoft said in an advisory posted along with a routine release of patches for Windows and Office software.

“We will continue to monitor the threat environment and update this advisory if this situation changes.”

Hackers could use the flaw to remotely seize control of computers. The new IE 8 Web browser and an old IE 5 version are not affected, according to the US software colossus.

Read moreHackers target freshly-uncovered Internet Explorer hole

Cybersecurity Bill To Give President Obama New Emergency Powers

The president would have the power to safeguard essential federal and private Web resources under draft Senate cybersecurity legislation.

According to an aide familiar with the proposal, the bill includes a mandate for federal agencies to prepare emergency response plans in the event of a massive, nationwide cyberattack.

The president would then have the ability to initiate those network contingency plans to ensure key federal or private services did not go offline during a cyberattack of unprecedented scope, the aide said.

Ultimately, the legislation is chiefly the brainchild of Sens. Jay Rockefeller (D-W.Va.) and Olympia Snowe (R-Maine), the chairman and ranking member of the Senate Commerce Committee, respectively. Both lawmakers have long clamored for a federal cybersecurity bill, charging that current measures — including the legislation passed by the House last year — are too piecemeal to protect the country’s Web infrastructure.

Read moreCybersecurity Bill To Give President Obama New Emergency Powers

Former Top US Officials Fend Off Simulated Cyberattack

cyber-war
“Cyber war!” flashes on the screen at an Internet security conference

(AFP) WASHINGTON — Former top US officials staged a digital doomsday simulation on Tuesday in which a huge cyberattack crashes cellphone networks, slows Web traffic to a crawl and plunges major cities into darkness.

Dubbed “Cyber ShockWave,” the elaborate exercise was held in a Washington hotel room transformed for the day into the White House Situation Room, where the president and his advisers typically meet to address national emergencies.

Former president George W. Bush’s Homeland Security chief Michael Chertoff played the role of National Security Advisor as the “cabinet” sought to respond to a nightmare scenario drawn up by former CIA director Michael Hayden.

As the “crisis” escalated, the officials discussed various actions including calling out the National Guard, nationalizing the utility companies and staging a retaliatory strike if the authors of the cyberattack become known.

“If this is an attack on the United States the president, as commander in chief, has the authority to use the full powers at his disposal,” said former deputy attorney general Jamie Gorelick, in her role as attorney general.

Read moreFormer Top US Officials Fend Off Simulated Cyberattack

China Tells Google and Other Internet Companies to Follow the Law

Google May Close Operations in China (Video):

CNBC interview with David Drummond, chief legal officer at Google, who discusses the Internet giant’s reaction to an assault by hackers who sought to penetrate the e-mail accounts of Chinese human rights activists.

Google considers to shut down business operations in China (Official Google Blog)


google-china
A worker in the lobby of Google’s office Wednesday in Beijing.

BEIJING – Two days after Google announced that it would quit China unless the nation’s censors eased their grip, the Chinese government offered an indirect but unambiguous response: Companies that do business in China must follow the laws of the land.

The comments, by two different officials Thursday, suggested that China was unlikely to give ground on Google’s demands that its search engine results be unfiltered. In announcing its decision Tuesday that it might leave the world’s biggest Internet market, Google also cited a series of cyberattacks aimed at breaching the accounts of human rights advocates on its e-mail service, Gmail.

Several of those who said their e-mail accounts were hacked provided more details about the assaults Thursday.

After a day of silence, the Foreign Ministry said that China welcomed foreign Internet companies but that those offering online services must do so “in accordance with the law.” Speaking at a scheduled news conference, Jiang Yu, a ministry spokeswoman, did not address Google’s complaints about censorship and cyberattacks and simply stated that “China’s Internet is open.”

The remarks, and those of another high-ranking official who called for even tighter Internet restrictions, may speed Google’s departure and increase friction between Beijing and the Obama administration, which has made priorities of Internet freedom and online security.

Read moreChina Tells Google and Other Internet Companies to Follow the Law

Google considers to shut down business operations in China

“These attacks and the surveillance they have uncovered–combined with the attempts over the past year to further limit free speech on the web–have led us to conclude that we should review the feasibility of our business operations in China. We have decided we are no longer willing to continue censoring our results on Google.cn, and so over the next few weeks we will be discussing with the Chinese government the basis on which we could operate an unfiltered search engine within the law, if at all. We recognize that this may well mean having to shut down Google.cn, and potentially our offices in China.”


A new approach to China

Google

Like many other well-known organizations, we face cyber attacks of varying degrees on a regular basis. In mid-December, we detected a highly sophisticated and targeted attack on our corporate infrastructure originating from China that resulted in the theft of intellectual property from Google. However, it soon became clear that what at first appeared to be solely a security incident–albeit a significant one–was something quite different.

First, this attack was not just on Google. As part of our investigation we have discovered that at least twenty other large companies from a wide range of businesses–including the Internet, finance, technology, media and chemical sectors–have been similarly targeted. We are currently in the process of notifying those companies, and we are also working with the relevant U.S. authorities.

Second, we have evidence to suggest that a primary goal of the attackers was accessing the Gmail accounts of Chinese human rights activists. Based on our investigation to date we believe their attack did not achieve that objective. Only two Gmail accounts appear to have been accessed, and that activity was limited to account information (such as the date the account was created) and subject line, rather than the content of emails themselves.

Third, as part of this investigation but independent of the attack on Google, we have discovered that the accounts of dozens of U.S.-, China- and Europe-based Gmail users who are advocates of human rights in China appear to have been routinely accessed by third parties. These accounts have not been accessed through any security breach at Google, but most likely via phishing scams or malware placed on the users’ computers.

Read moreGoogle considers to shut down business operations in China

NSA To Build $1.5 Billion Cybersecurity Data Center

“Gaffney gave assurances that the work going on at the data center will protect civil liberties.”

Sure!

Whistleblower: NSA spied on everyone, targeted journalists


The massive complex, comprising up to 1.5 million square feet of building space, will provide intelligence and warnings related to cybersecurity threats across government.

nsa_seal

The National Security Agency, whose job it is to protect national security systems, will soon break ground on a data center in Utah that’s budgeted to cost $1.5 billion.

The NSA is building the facility to provide intelligence and warnings related to cybersecurity threats, cybersecurity support to defense and civilian agency networks, and technical assistance to the Department of Homeland Security, according to a transcript of remarks by Glenn Gaffney, deputy director of national intelligence for collection, who is responsible for oversight of cyber intelligence activities in the Office of the Director of National Intelligence.

“Our country must continue to advance its national security efforts and that includes improvements in cybersecurity,” Sen. Robert Bennett, R-Utah, said in a statement. “As we rely more and more on our communications networks for business, government and everyday use, we must be vigilant and provide agencies with the necessary resources to protect our country from a cyber attack.”

Read moreNSA To Build $1.5 Billion Cybersecurity Data Center

Cyber-spies breach US fighter-jet program: report


F-35 Joint Strike Fighter Lightning II

WASHINGTON (AFP) — Computer spies have hacked into the Pentagon’s costly program for a new fighter jet, a US newspaper reported Tuesday, but the Defense Department said sensitive technology for the Joint Strike Fighter aircraft had not been compromised.

Citing current and former government officials, The Wall Street Journal said cyber-intruders were able to copy vast amounts of data on the 300-billion-dollar Joint Strike Fighter project, also known as the F-35 Lightning II.

Related articles:
Computer Spies Breach Fighter-Jet Project (Wall Street Journal)
China denies it hacked into US jet program
(AP)
Pentagon denies jet program hacked (Brisbane Times)

The newspaper cited unnamed former US officials saying the attack appeared to have originated in China, which the Pentagon says has put a priority on bolstering its cyber-warfare capability.

Asked if sensitive technology for the Joint Strike Fighter had been jeopardized, Pentagon spokesman Bryan Whitman said: “I’m not aware of any specific concerns.”

Whitman declined to confirm the breach of security for the F-35 but said the number of attempted attacks on the US military’s computer network were on the rise.

Read moreCyber-spies breach US fighter-jet program: report

The Cyber Militia Defends America

The U.S. government has quietly gone ahead and formed several special security organizations for policing the internet.

Because there is such a (trained, not to mention talented) manpower shortage right now (and in the foreseeable future), this was done on the cheap. An effective force could not be recruited, even if everyone agreed to accept government pay levels, because of the huge expense.

One solution that was suggested even before September 11, 2001, and eventually caught on, was to organize and reward the pro bono cybersecurity efforts that have been going on for some time. A lot of talented whitehats just get pissed off and go after bad guys on their own nickel.

An example is HoneyNet (the pro bono network of honeypots set up to attract, analyze and document backhat activities and techniques). One suggestion that did not fly was setting up a “CyberCorps” as a separate corporation, with a few really good people to run it, and enough budget to pay market rate for the right people, and still have a close working relationship with government agencies and commercial firms that spend a lot on net security (banks and brokerages, for example.)

Instead, a “Cyber Corps” program was set up to give tuition assistance to college students studying computer security, in order to increase the number of qualified experts in this area. Meanwhile, the Department of Homeland Security established working relationships with existing computer security groups, while the Department of Defense encouraged the services to set up computer security operations. The air force established the Cyber Command, a major operation that, it is hoped, will give the air force the lead (and most of the budget) for defense related Internet security operations.

Read moreThe Cyber Militia Defends America

China’s Cyber-Militia

Chinese hackers pose a clear and present danger to U.S. government and private-sector computer networks and may be responsible for two major U.S. power blackouts.

Computer hackers in China, including those working on behalf of the Chinese government and military, have penetrated deeply into the information systems of U.S. companies and government agencies, stolen proprietary information from American executives in advance of their business meetings in China, and, in a few cases, gained access to electric power plants in the United States, possibly triggering two recent and widespread blackouts in Florida and the Northeast, according to U.S. government officials and computer-security experts.

One prominent expert told National Journal he believes that China’s People’s Liberation Army played a role in the power outages. Tim Bennett, the former president of the Cyber Security Industry Alliance, a leading trade group, said that U.S. intelligence officials have told him that the PLA in 2003 gained access to a network that controlled electric power systems serving the northeastern United States. The intelligence officials said that forensic analysis had confirmed the source, Bennett said. “They said that, with confidence, it had been traced back to the PLA.” These officials believe that the intrusion may have precipitated the largest blackout in North American history, which occurred in August of that year. A 9,300-square-mile area, touching Michigan, Ohio, New York, and parts of Canada, lost power; an estimated 50 million people were affected.

Officially, the blackout was attributed to a variety of factors, none of which involved foreign intervention. Investigators blamed “overgrown trees” that came into contact with strained high-voltage lines near facilities in Ohio owned by FirstEnergy Corp. More than 100 power plants were shut down during the cascading failure. A computer virus, then in wide circulation, disrupted the communications lines that utility companies use to manage the power grid, and this exacerbated the problem. The blackout prompted President Bush to address the nation the day it happened. Power was mostly restored within 24 hours.

There has never been an official U.S. government assertion of Chinese involvement in the outage, but intelligence and other government officials contacted for this story did not explicitly rule out a Chinese role. One security analyst in the private sector with close ties to the intelligence community said that some senior intelligence officials believe that China played a role in the 2003 blackout that is still not fully understood.

Read moreChina’s Cyber-Militia

What’s Up with the Secret Cybersecurity Plans, Senators Ask DHS

The government’s new cyber-security “Manhattan Project” is so secretive that a key Senate oversight panel has been reduced to writing a letter to beg for answers to the most basic questions, such as what’s going on, what’s the point and what about privacy laws.

The Senate Homeland Security committee wants to know, for example, what is the goal of Homeland Security’s new National Cyber Security Center. They also want to know why it is that in March, DHS announced that Silicon Valley evangelist and security novice Rod Beckstrom would direct the center, when up to that point DHS said the mere existence of the center was classified.

Those are just two sub-questions out of a list of 17 multi-part questions centrist Sens. Joe Lieberman (I-Connecticut) and Susan Collins (R-Maine) sent to DHS in a letter Friday.

In fact, although the two say they asked for a briefing five months ago on what the center does, DHS has yet to explain its latest acronym.

The panel, noted it was pleased with the new focus on cyber security, but questioned Homeland Security’s request to triple the center’s cyber-security budget to about $200 million.
They cited concerns about the secrecy around the project, its reliance on contractors for the operation of the center and lack of dialogue with private companies that specialize in internet security.

That center is just one small part of the government’s new found interest in computer security, a project dubbed the Comprehensive National Cybersecurity Initiative, which has been rumored to eventually get some $30 billion in funding.

Little is known about the initiative since it was created via a secret presidential order in January, though the Washington Post reports that portions of it may be made public soon.

Read moreWhat’s Up with the Secret Cybersecurity Plans, Senators Ask DHS

Homeland Security invokes nuclear bomb, as Bush quietly links cybersecurity program to NSA

Department of Homeland Security Michael Chertoff has dropped the bomb.

At a speech to hundreds of security professionals Wednesday, Chertoff declared that the federal government has created a cyber security “Manhattan Project,” referencing the 1941-1946 project led by the Army Corps of Engineers to develop American’s first atomic bomb.

According to Wired’s Ryan Singel, Chertoff gave few details of what the government actually plans to do.

He cites a little-noticed presidential order: “In January, President Bush signed a presidential order expanding the role of DHS and the NSA in government computer security,” Singel writes. “Its contents are classified, but the U.S. Director of National Intelligence has said he wants the NSA to monitor America’s internet traffic and Google searches for signs of cyber attack.”

The National Security Agency was the key player in President Bush’s warrantless wiretapping program, which was revealed by the New York Times in 2005.

Sound familiar? Yesterday, documents acquired by the Electronic Frontier Foundation under the Freedom of Information act showed the FBI has engaged in a massive cyber surveillance project that targets terror suspects emails, telephone calls and instant messagesand is able to get some information without a court order.

Last week, the ACLU revealed documents showing that the Pentagon was using the FBI to spy on Americans. The military is using the FBI to skirt legal restrictions on domestic surveillance to obtain private records of Americans’ Internet service providers, financial institutions and telephone companies, according to Pentagon documents.

Read moreHomeland Security invokes nuclear bomb, as Bush quietly links cybersecurity program to NSA

Feds Stage Cyberstorm to Prep for Attack

Government Concerned About Rising Number of Sophisticated Cyber Attacks.

The Department of Homeland Security has begun to conduct a multination cybersecurity drill to learn how to respond to the increasing number of cyberattacks that have been launched against U.S. computer infrastructure and financial networks worldwide.

dhs_cyberattacks_080312_ms.jpg

Read moreFeds Stage Cyberstorm to Prep for Attack

Chinese Cyberattacks Target US Think Tanks

Washington DC (UPI) Mar 07, 2008
Defense-related think tanks and contractors, as well as the Pentagon and other U.S. agencies, were the target of repeated computer network intrusions last year apparently originating in China, the Department of Defense said this week.

In its annual report to lawmakers on China’s military power, the department said the intrusions “appeared to originate in” China but added, “It is unclear if these intrusions were conducted by, or with the endorsement of” the Chinese government or military.

Read moreChinese Cyberattacks Target US Think Tanks