Friday, June 28, 2013

Has US already started an Internet war?

Opinion: Has U.S. started an Internet war? - " . . . we're penetrating and damaging foreign networks for both espionage and to ready them for attack. We're creating custom-designed Internet weapons, pre-targeted and ready to be "fired" against some piece of another country's electronic infrastructure on a moment's notice. This is much worse than what we're accusing China of doing to us. We're pursuing policies that are both expensive and destabilizing and aren't making the Internet any safer. We're reacting from fear, and causing other countries to counter-react from fear. We're ignoring resilience in favor of offense. . . ."

more news below

Tuesday, June 25, 2013

Web mail providers leave door open for NSA surveillance

How Web mail providers leave door open for NSA surveillance | Politics and Law - CNET News: "A survey of top mail providers shows that Google is alone in using strong encryption, known as SMTP-TLS, to fully armor e-mail connections for its users, as long as the other company's server is willing to encrypt as well. SMTP-TLS also protects employee e-mail at security-conscious companies, large law firms, and sensitive government agencies including the NSA, the White House, and the Department of Homeland Security. (You can check on your own provider by typing in your e-mail address at"

more news below

Saturday, June 22, 2013

4 step model to effective security program

Can automated security put agencies a step ahead of the hackers? -- GCN: "Hanna recently described a four-step model for an effective security program:
  • Prepare, which includes risk analysis and development of policies, controls and training.
  • Detect, which includes monitoring configuration, detecting intrusion and anomalies and sharing threat information.
  • Analyze, which includes incident management, correlation and human analysis.
  • Respond, which includes containment, evidence gathering, recovery, forensics and prevention. . . ." (read more at link above)

more news below

Thursday, June 20, 2013

Cyberwar -- NSA role in Stuxnet

NSA Snooping Was Only the Beginning. Meet the Spy Chief Leading Us Into Cyberwar | Threat Level | " . . .  he and his cyberwarriors have already launched their first attack. The cyberweapon that came to be known as Stuxnet was created and built by the NSA in partnership with the CIA and Israeli intelligence in the mid-2000s. The first known piece of malware designed to destroy physical equipment, Stuxnet was aimed at Iran’s nuclear facility in Natanz. By surreptitiously taking control of an industrial control link known as a Scada (Supervisory Control and Data Acquisition) system, the sophisticated worm was able to damage about a thousand centrifuges used to enrich nuclear material. The success of this sabotage came to light only in June 2010, when the malware spread to outside computers. It was spotted by independent security researchers, who identified telltale signs that the worm was the work of thousands of hours of professional development. Despite headlines around the globe, officials in Washington have never openly acknowledged that the US was behind the attack. It wasn’t until 2012 that anonymous sources within the Obama administration took credit for it in interviews with The New York Times. . . ."

more news below

Tuesday, June 18, 2013

China Reveals First Space-Based Quantum Communications Experiment

China Reveals First Space-Based Quantum Communications Experiment | MIT Technology Review: "“We hope to establish a quantum communication network from Beijing to Vienna,” according to Jian-Wei, a plan that will presumably require significant co-operation from their arch-competitors in Europe. Last year, European scientists themselves proposed sending a quantum communications experiment to the International Space Station, an idea that could be beat the Chinese at their own game and would be relatively cheap and quick. But whether this plan has gained traction isn’t clear. What is abundantly clear is that the quantum space race is rapidly hotting up. But the embarrassing truth for American science is that the US isn’t yet a player in the quantum space race (at least not publicly)." (more at link above)

more news below

Saturday, June 15, 2013

Reset of Cybersecurity Laws Needed

Cybersecurity expert says it's time to reassess laws, policies
Evening News and Tribune
Just hours before President Obama spoke to the news media on Friday about government surveillance programs and the balance between national security and personal privacy, an Indiana University law and cybersecurity expert said it's time for a true ...

Security vs. privacy
Hays Daily News
With the revelation of hundreds of millions of Americans having their phone calls, emails, video chats, text messages and online activity monitored on a regular basis by the federal government, outrage has erupted. Every bit of it justifiable, in our ...

NSA : Finder and keeper of countless secrets
New York Daily News
The agency also includes the Central Security Service, the military arm of code-breakers who work jointly with the agency. The two services have their headquarters on a compound that's technically part of Fort Meade, though it's slightly set apart from ...

New York Daily News

Security clearances held by millions of Americans
Now comes Edward Snowden, a former CIA technical assistant turned intelligence contractor, releasing detailed information on intelligence gathering by the NationalSecurity Agency that included access to phone records of millions of Americans.

more news below

Thursday, June 13, 2013

Obama Draws Up Worldwide Cyber-Attack Target List

Obama Draws Up Worldwide Cyber-Attack Target List
Albany Tribune
President Barack Obama ordered national security leaders to compile a list of potential overseas “adversaries” for US cyber-attacks which could be targeted with “little or no warning”, a top secret document reveals. The 18-page, classified document ...

Cyber Challenge Hunting For Security Skills In Schools
TechWeekEurope UK
”The UK already has a world-wide reputation in education and learning and we aim to make this the same for cyber,” said Chloe Smith, minister for cyber security in the Cabinet Office. “It will enable us to establish a pipeline of talented people to ...

2nd cyber attack in 4 months hits govt
Hindustan Times
The attack was detected by Russian cyber security laboratory Kaspersky which was one of the entities to have closely collaborated with India's technical intelligence wing National Technical Research Organisation (NTRO) and private cyber security ...

PM: Israel needs 'digital iron dome' to stop cyber attacks
Jerusalem Post
"Today cyber is part of the battlefield," Netanyahu said. "This is not tomorrow's warfare, it is already here today." Netanyahu characterized Israel as a "rising star" in the area of cyber security, and said there were two clear signs of that: the ...

more news below

Tuesday, June 11, 2013

US-China summit cyber-security stalemate

Cyber-security stalemate, N. Korea consensus at US-China summit
Tom Donilon, Obama's national security advisor, said the US president outlined a series of cases involving massive digital theft by entities in China, stressing that cyber-theft is now “at the center of the relationship. It's not an adjunct issue ...

China firmly supports cyber security: Chinese president
The Chinese president said China opposes hacker or cyber attack in all forms, and is itself a victim. China and the United States face common challenges when it comes to the issue of cyber security, which should be a new highlight of bilateral ...

Obama Approaches Chinese Cyber Security Issue With Carrot, Not Stick
He noted a sharp uptick in news coverage of cyber issues, saying, “this might give people the sense or feeling that cyber security as a threat mainly comes from China or that the issue of cyber security is the biggest problem in the China-U.S ...

Obama, Xi talk cyber security and North Korea at summit
Obama described to Xi the exact kinds of problems the United States was concerned about regardingcyber thievery and said that if they were not addressed, it would become a "very difficult problem in the economic relationship," said Donilon. Yang ...

INTERNATIONAL > Cyber security takes center stage at US, China summit
Hurriyet Daily News
While there were few clear policy breakthroughs on cyber security, U.S. officials said Obama and Xi were in broad agreement over the need for North Korea to be denuclearized. And both countries expressed optimism that the closer personal ties forged ...

Obama and Xi talks tackle cyber security
Financial Times
Barack Obama and Xi Jinping wrapped up eight hours of face-to-face talks on Saturday, including a lengthy session free from top officials, in an encounter dominated by cyber hacking, regionalsecurity and North Korea. The Sino-US summit, held in the ...

more news below

Saturday, June 8, 2013

Boston Manhunt Lockdown Hurt Boston’s Economy

Ever wonder if the "security community" is a "learning community?"

How Badly Did Friday’s Manhunt Lockdown Hurt Boston’s Economy? | "Another big factor making up the economic effects of terrorism is the diversion of resources. Barth estimates that from 1976 to 2007, the U.S. government and U.S. firms spent $7.3 trillion defending the Persian Gulf from terrorism and other dangers. Absent terrorism, that money could have been productively spent elsewhere. Measures taken, especially since 9/11, to protect us from terrorism also slow down the economy, Barth says. Travellers must spend more time waiting in security lines in the airport; resources must be spent screening packages; and federal and local governments must divert more of their resources towards security. . . ." (read more at link above)

Of course, if you are a government bureaucrat, what do you care about the cost to the economy (and loss of jobs) caused by over-reaction of security/law enforcement agencies?

more news below

Thursday, June 6, 2013

Google to make critical security exploits public after 7 days

Despite opposition, Google will make critical security exploits public after seven days | The Verge: "Google’s security researchers are well known for uncovering vulnerabilities in other people's products. Standard operating procedure is to give the affected company sixty days before publishing the problem, keeping things under wraps until a fix can be shipped out. But when it comes to critical vulnerabilities that are actively being exploited, Google wants its researchers to cut that down to just a week. A post on its Online Security Blog explains the reasoning behind the seven-day guideline: "each day an actively exploited vulnerability remains undisclosed to the public and unpatched, more computers will be compromised." . . ."

more news below

Tuesday, June 4, 2013

Facebook, Google, Microsoft, Twitter And Yahoo Refuse To Cooperate With UK's Snooper's Charter

Facebook, Google, Microsoft, Twitter And Yahoo Refuse To Cooperate With UK's 'Snooper's Charter' | Techdirt: "In a leaked letter to the home secretary that is also signed by Twitter, Microsoft and Yahoo!, the web's "big five" say that May's rewritten proposals to track everybody's email, internet and social media use remain "expensive to implement and highly contentious"."

more news below

Saturday, June 1, 2013

Homeland Security warns 3D-printed guns may be impossible to stop

Homeland Security bulletin warns 3D-printed guns may be 'impossible' to stop | Fox News: "A new Department of Homeland Security intelligence bulletin warns it could be "impossible" to stop 3D-printed guns from being made, not to mention getting past security checkpoints. A May 21 bulletin distributed to numerous state and federal law enforcement agencies and obtained by states that the guns, which can be made by downloading blueprints into cutting edge computers that mold three-dimensional items from melted plastic, "poses public safety risks" and are likely beyond the current reach of regulators. The guns threaten to render 3D gun control efforts useless if their manufacture becomes more widespread."

more news below

Cybersecurity - Google News

Malware - Google News

National Security - Google News

"Security Threats" - Google News

Maritime security - Google News

The State of Security

TSA - Google News

Homeland Security - Google News