Free Republic

Note: This is a SNIPPET only. Quote: GAO U.S. GOVERNMENT ACCOUNTABILITY OFFICE http://gao.gov/products/GAO-10-338 "Cybersecurity: Progress Made but Challenges Remain in Defining and Coordinating the Comprehensive National Initiative" GAO-10-338 March 5, 2010 SNIPPET: "Summary In response to the ongoing threats to federal systems and operations posed by cyber attacks, President Bush established the Comprehensive National Cybersecurity Initiative (CNCI) in 2008. This initiative consists of a set of projects aimed at reducing vulnerabilities, protecting against intrusions, and anticipating future threats. GAO was asked to determine (1) what actions have been taken to develop interagency mechanisms to plan and coordinate CNCI activities and...

US national security leaders and top cyber warriors from around the world are gathering here to plot defenses against criminals and spies that increasingly plague the Internet. Homeland Security Secretary Janet Napolitano and White House Cyber Security Coordinator Howard Schmidt will take part in this week's RSA conference along with computer defense companies and technology icons such as Apple co-founder Steve Wozniak and Craigslist creator Craig Newmark. "We have before us more data moving into the cloud and more sophisticated cyber criminals," said Qualys chief executive Philippe Courtot, who is among the keynote speakers at the premier event that kicks...

Updated February 18, 2010 Cyberattacks Reportedly Traced to Computers in Chinese Schools" FOXNews.com SNIPPET: "The recent cyberattacks on Google and other American companies have been traced by investigators to computers at two schools in China, including one with ties to the Chinese military, according to a New York Times report citing unnamed inside sources. The Times report also says that the attacks began much earlier than first thought, as far back as April..."

The world's largest Internet search company and the world's most powerful electronic surveillance organization are teaming up in the name of cybersecurity. Under an agreement that is being finalized, the National Security Agency would help Google analyze a major corporate espionage attack that the firm said originated in China and targeted its computer networks, according to cybersecurity experts familiar with the matter. The objective is to better defend Google -- and its users -- from future attack. Google and the NSA declined to comment on the partnership. But sources with knowledge of the arrangement, speaking on the condition of anonymity,...

MONITOR EXCLUSIVE: Breaches show how sophisticated industrial espionage is becoming. The big question: Who’s behind them? Houston At least three US oil companies were the target of a series of previously undisclosed cyberattacks that may have originated in China and that experts say highlight a new level of sophistication in the growing global war of Internet espionage. The oil and gas industry breaches, the mere existence of which has been a closely guarded secret of oil companies and federal authorities, were focused on one of the crown jewels of the industry: valuable “bid data” detailing the quantity, value, and location...

SNIPPET: SEOUL, Jan 27, 2010 (AFP) - South Korea's spy agency said Wednesday it had issued an alert against cyberattacks aimed at stealing data from government networks. The National Intelligence Service (NIS) did not say whether North Korea was responsible. Open Radio for North Korea, a Seoul-based group specialising in the North, said the latest attack was led by Pyongyang, which runs elite hacker units. The NIS said its alert was heightened "from normal to concern" on Monday after a massive inflow of overseas hacking attacks. The attacks were aimed at stealing data from government and other state networks, it...

Representatives from the electrical industry sharply criticized on Tuesday a proposal in the House to extend federal regulation to include local power plants in major cities to protect them and the national power grid from cyberattacks. Under the 1935 Federal Power Act, the Federal Energy Regulatory Commission enforces security standards for most of the nation's power plants, including facilities and control networks -- known as bulk power systems -- that connect power systems. But the commission does not have regulatory jurisdiction over electrical systems outside the continental United States and to local distribution facilities, which include some in large cities...

Related Story: Australia 'must prepare for cyber attack' SNIPPET: "More evidence is emerging of sophisticated attacks by criminals and foreign governments on Australia's computer networks. Government officials from the spy organisation ASIO, as well as federal police and computer security experts, have joined forces with the top-secret Defence Signals Directorate since July. The Cyber Security Operations Centre has found attacks on company information, apparently conducted by organised crime, which turn out to have national security implications."

"Project Grey Goose and University at Albany SUNY to investigate major Power Grid blackouts caused by hackers" SNIPPET: "This is an open call for volunteers who wish to participate in a joint Project Grey Goose / University at Albany SUNY open source intelligence investigation into power grid blackouts caused by hacker attacks. The scope is global and includes the U.S. Interested parties should contact me from their work email address with an expression of interest, a brief bio, and your experience, if any, in SCADA systems in general or the power grid in particular. All respondents will be kept confidential....

“MI5 hiring Asian teenagers to fight cyber terror” London, September 21, 2009 First Published: 00:09 IST(21/9/2009) Last Updated: 02:44 IST(21/9/2009) SNIPPET: “MI5 head Jonathan Evans has told his staff that the recruits were essential to combat cyber terrorism which has been traced to China, Russia and Pakistan — the hackers have also intercepted messages from terrorists in Belmarsh maximum security prison, the newspaper said. In a report to Lord West, the Security Minister, Evans has revealed that during the summer over 1,000 hits were made on computers in Whitehall. Other targets have been air traffic control, power stations and the...

CNET Reports: ”Internet companies and civil liberties groups were alarmed this spring when a U.S. Senate bill proposed handing the White House the power to disconnect private-sector computers from the Internet.[…] CNET News has obtained a copy of the 55-page draft of S.773 (excerpt), which still appears to permit the president to seize temporary control of private-sector networks during a so-called cybersecurity emergency. The new version would allow the president to “declare a cybersecurity emergency” relating to “non-governmental” computer networks and do what’s necessary to respond to the threat. Other sections of the proposal include a federal certification program for...

Computer scientists in Japan say they've developed a way to break the WPA encryption system used in wireless routers in about one minute. The attack gives hackers a way to read encrypted traffic sent between computers and certain types of routers that use the WPA (Wi-Fi Protected Access) encryption system. The attack was developed by Toshihiro Ohigashi of Hiroshima University and Masakatu Morii of Kobe University, who plan to discuss further details at a technical conference set for Sept. 25 in Hiroshima. Last November, security researchers first showed how WPA could be broken, but the Japanese researchers have taken the...

The Internet has now become a vital outlet for commerce, communications & social networking to name a few, and has now breed an over-dependence in our daily lives. It's also become a target from more sinister factions and made our critical infrastructure now extremely vulnerable to cyber attacks. I have just completed a 4 week period of research and production for an audio documentary called 'The Slow Road to Cybersecurity'. What I have encountered, has made me wish I had never known about it. Cybersecurity has now entered a new era of concern, our risk and vulnerability is becoming a...

WASHINGTON -- Russian hackers hijacked American identities and U.S. software tools and used them in an attack on Georgian government Web sites during the war between Russia and Georgia last year, according to new research to be released Monday by a nonprofit U.S. group. In addition to refashioning common Microsoft Corp. software into a cyber-weapon, hackers collaborated on popular U.S.-based social-networking sites, including Twitter and Facebook Inc., to coordinate attacks on Georgian sites, the U.S. Cyber Consequences Unit found. While the cyberattacks on Georgia were examined shortly after the events last year, these U.S. connections weren't previously known. "U.S. corporations...

The distributed denial-of-service attack that hampered access to social networking and blogging sites all went after one pro-Georgia blogger, according to security company reports. According to a post from F-Secure's Mikko Hypponen, the attacks focused on Cyxymu's accounts at Twitter, Youtube, Facebook and Livejournal, and also included a "Joe Job" spam campaign that was designed to look as if the unwanted messages had been sent by Cyxymu. McAfee offers a similar analysis with a post that ties the spam campaign to the same botnet that launched the DDoS attack, and says that a cyxymu account at Fotki.com was also targeted....

A hacker attack Thursday shut down the fast-growing messaging service Twitter for hours, while Facebook experienced intermittent access problems. Twitter said in its status blog Thursday morning it was "defending against a denial-of-service attack," in which hackers command scores of computers to a single site at the same time, preventing legitimate traffic from getting through.

"Microblogging site still slow after assault paralyzed it for hours"-Twitter confirmed this morning that the site had been taken down by a distributed denial-of-service (DDoS) attack...

The micro-blogging site Twitter has come under attack this afternoon, taking it down for more than an hour. On the site's corporate blog, Twitter co-founder Biz Stone said: "On this otherwise happy Thursday morning, Twitter is the target of a denial of service attack. Attacks such as this are malicious efforts orchestrated to disrupt and make unavailable services such as online banks, credit card payment gateways, and in this case, Twitter for intended customers or users. "We are defending against this attack now and will continue to update our status blog as we continue to defend and later investigate."

WASHINGTON -- Federal agencies are facing a severe shortage of computer specialists, even as a growing wave of coordinated cyberattacks against the government poses potential national security risks, a private study found.

The U.K. was the likely source of a series of attacks last week that took down popular Web sites in the U.S. and South Korea, according to an analysis performed by a Vietnamese computer security analyst. The results contradict assertions made by some in the U.S. and South Korean governments that North Korea was behind the attack. Security analysts had been skeptical of the claims, which were reportedly made in off-the-record briefings and for which proof was never delivered. The week-long distributed denial of service attack involved sending multiple requests to a handful of Web sites from tens of thousands...