| Executives in Davos Express Worries Over More Disruptive Cyberattacks New York Times (01/23/15) Gelles, David Business leaders at the World Economic Forum in Davos predicted this year will be even worse than 2014 in terms of cyberattacks, both in volume and severity. "The number of security incidents this year will be exponentially greater than last year," said John Chambers, chief executive of Cisco, the big Silicon Valley technology company. Not only are such incidents becoming more common, they are getting more disruptive. "We haven’t seen the worst yet," said Vishal Sikka, chief executive of the Indian outsourcing giant Infosys. "I think we’ll see five times as many bad incidents as we did last year." Jonathan Zittrain, a Harvard University professor of law and computer science, said he hoped industry professionals could begin to make gradual fixes to the Internet that would make all companies more secure. Small improvements, like software that detected unusual patterns in Internet traffic or suspicious attempts to access data, could help stop hackers before they caused too much damage. Such small, incremental steps could make the web gradually safer for individuals and companies, and less friendly to hackers, Zittrain said. "This is a moon shot going one step at a time, rather than fling a missile and hoping it hits," Zittrain said. EU Could Demand That Web Firms Decrypt Emails: Adviser Reuters (01/21/15) MacDonald, Alastair; Bartunek, Robert-Jan The EU should consider forcing Internet firms to help security services tap into coded emails and calls as part of a new strategy to combat militant attacks, EU counterterrorism coordinator Gilles de Kerchove said in a briefing paper for EU interior ministers meeting next week. De Kerchove said any measures must respect fundamental rights. The confidential document, drawn up after this month's Islamist violence in Paris, puts forward a range of areas in which EU states can improve their cooperation. De Kerchove noted that scandal over U.S. spying on global networks had prompted companies to offer more encryption. This can thwart official monitoring, even where police have warrants. Stressing that any measures must respect fundamental rights, he wrote: "The Commission should be invited to explore rules obliging Internet and telecommunications companies operating in the EU to provide ... access of the relevant national authorities to communications (ie share encryption keys)." In an interview with Reuters this week, de Kerchove insisted: "No one wants to turn Europe into a police state or a Big Brother society." But, pointing to demonstrations this month in support of victims, he said there was a popular desire across Europe to tackle radical groups and prevent young men traveling to fight for militants in Syria and returning to mount attacks at home. De Kerchove, a Belgian lawyer who has held his role since 2007, also recommended governments withdraw the passports and travel rights of people suspected of planning to go abroad to fight with Islamic State. De Kerchove said he expected governments to adopt an EU approach that would build on improving cooperation under systems already available, such as for Europe's passport-free Schengen travel zone, and on existing institutions such as Europol and Interpol. The need for new legislation was limited, he said. Paris Terrorism Attacks Spotlight Multinational Security Exposures Business Insurance (01/20/15) This month's terrorist attacks in Paris serve as a stark reminder to companies in the West that they need to bolster security for their employees. Risk and security consultants who help U.S. multinational companies in anti-terrorism risk management say terrorism should now be considered a fact of life in Europe. Moving forward, this will entail employers reevaluating their security measures and terrorism insurance coverage to be better prepared for potential targeted attacks. Scott Bolton, director of business development and network relations for crisis management at Aon Risk Solutions, says the recent attacks show that Muslim extremists worldwide are now using social media to indoctrinate followers and encourage jihadi attacks. He states, "People think of [terrorism] as a bomb going off. Now, it's more of a people risk." Bolton said multinational companies may want to look at terrorist attacks as they would workplace violence or a lone-shooter incident. The real concern is the shifting reality of what can happen and when it can happen, especially with the potential for more homegrown people becoming indoctrinated. France, Germany Seek Help From Tech Firms in Policing Terrorism Online Wall Street Journal (01/20/15) Schechner, Sam France and Germany have demanded that U.S. tech companies help them police terrorism on the Internet. On Tuesday, law-enforcement officials from both countries said they expect U.S. Internet and social-networking companies to preemptively remove terror content from their services or face new laws requiring them to do so. They join the U.K., which has for months been pressing Internet firms to take a more proactive role in removing extremist content, including material that isn’t necessarily illegal, such as videos of sermons by radical preachers or posts by extremists encouraging Westerners to join the fight in Syria. "Just because the vast majority of this content is found on American services doesn’t reduce their impact on French people," French Interior Minister Bernard Cazeneuve said at a cybersecurity conference. "We won’t succeed in our fight against terrorism unless Internet actors start taking responsibility." German Interior Minister Thomas de Maizière echoed that call at the same conference. "The less people take responsibility, the more legislators will be forced to take the initiative," he said. The European demands for pre-emptive filtering escalate tensions between U.S. tech firms and governments around the world. At stake is where these global firms draw the line of acceptable discussion, and how far they must go to enforce local laws limiting online speech. U.S. technology executives don’t want to discuss the issue of pre-emptive filtering publicly because of the regulatory fights it could prompt in certain countries. Privately, they say their main objection is that such a system would be unworkable, especially when trying to control for sarcasm and hyperbole. But they also note they fear legal ramifications if suddenly the likes of Twitter and Facebook were to become digital police forces. Building Executive Alliances Security Management (01/15) Tarallo, Mark Chief security officers (CSOs) can take steps to better coordinate with those in upper management, experts say. Peter Metzger at CT Partners recommends that CSOs arrange a 30- or 45-minute one-on-one meeting with C-suite members, during which the CSO should familiarize himself with other executives and "invite them to take a look around." "Portray yourself as a business person who understands security, not as a security person who's trying to understand business," Metzger says. This includes being aware of budget implications, inclusive of any hard analysis, he says. Ingersoll-Rand's Rick Kelly notes that some CSOs come straight from law enforcement, and feel they "can bring tools from their previous role and survive." However, it is necessary for CSOs to speak the same language as the corporate team and integrate into this culture to be a successful, says Kelly, who speaks on these matters as president of ASIS' CSO Roundtable Advisory Board. Kathy Lavinder of Security & Investigative Placement Consultants says attributes like demeanor, attitude, and approach all play a role in what she calls "executive presence." She adds that, "everything you say matters," but it is also true that being aware of nonverbal communication is essential for developing executive presence. Yemen Chaos Threatens U.S. Counterterror Efforts, Including Drone Program Washington Post (01/23/15) Whitlock, Craif The fate of the U.S.'s efforts to contain and degrade al-Qaida in the Arabian Peninsula (AQAP) in Yemen were thrown into question this week when Yemen's president, a close U.S. ally in the fight against al-Qaida, resigned under pressure from rebels who have seized control of much of the capital. Since he took power with U.S. backing in 2012, President Abed Rabbo Mansour Hadi has helped enable the U.S.'s campaign against AQAP using a strategy that President Obama was extolling as recently as September. The U.S. maintained little military presence in the country, relying instead on a core of military trainers who coordinate with Yemen's military, and drones based outside of the country that conduct surveillance and carry out airstrikes on AQAP targets. Hadi had said that he authorized every single drone strike personally, even though they are deeply unpopular among Yemen's population. Hadi resigned on Jan. 22 along with his cabinet under pressure from Houthi rebels, who, while they oppose AQAP, are just as firmly opposed to the U.S. One Yemeni brigadier general this week predicted that the Houthis, should they seize total control, will not work with the U.S. the way Hadi did. However, the outcome will be much the same for the U.S. should Yemen descend into a period of lawlessness. The U.S. will have to decide whether to continue its campaign against AQAP independently and risk being accused of violating Yemen's sovereignty, or back off and risk losing track of the dangerous group. TSA Finds Record Number of Firearms in Carry-on Bags USA Today (01/23/15) Kelly, Erin The Department of Homeland Security reports that a record 2,212 firearms — most of them loaded — were discovered in travelers' carry-on bags at U.S. airports in 2014. Transportation Security Administration officers found an average of six firearms per day in passengers' carry-on bags or on their bodies. More than 80% of the guns were loaded. The total number of firearms discovered at airport security checkpoints rose 22 percent from 2013, the DHS statistics show. When TSA officers find the guns, they call in police officers working at the airport. Police interview the passengers to see whether their guns are licensed and determine whether or not they should be arrested. The gun-toting passengers face thousands of dollars in federal fines. Travelers with licensed guns are allowed to pack their unloaded firearms into checked bags only. The top five airports for firearms discoveries in 2014 were Dallas/Fort Worth International, Hartsfield-Jackson Atlanta International Airport, Phoenix Sky Harbor International Airport, Houston George Bush Intercontinental Airport and Denver International Airport. After Paris Attacks, EU Leaders Call for More Sharing of Information, Intelligence Washington Post (01/19/15) Birnbaum, Michael Following the terrorist attacks in Paris, EU nations plan to share information and intelligence not only with each other but also with other neighboring countries. Individual nations closely manage their own intelligence and law enforcement agencies, and there are relatively few EU-wide databases in which information about people is stored. Currently, there is no European no-fly list, because there is no European database of air travelers. People inside a 26-nation zone can speed from the tip of Portugal to the border with Russia without once having their passports scrutinized. Many EU citizens enter and exit Europe without ever being checked against police databases. The gaps can lead to delayed security responses at best and flawed ones at worst, critics say, and attackers have sometimes exploited the issues to their advantage. Now, after the bloody assaults that claimed 17 victims in Paris and after dozens of suspected Islamist militants were rounded up around Europe, European leaders are pushing to fix what they say are flaws in the system. Gilles de Kerchove, the EU's counterterrorism coordinator, said he is seeking to require that all passports be checked by computer, which would enable agents to run them against databases and track who enters and exits Europe. A key proposal from EU leaders is a European air traveler database that proponents say would allow security officials to track information about fliers across the continent. Some EU leaders have sought such a database for years. But the European Parliament, which is charged with adopting EU-wide legislation, rejected it because of privacy concerns. Paris Attacks: France Boosts Anti-Terror Strategy BBC News (01/21/15) To bolster counter-terrorism efforts, French Prime Minister Manuel Valls has vowed to create 2,680 new jobs and boost spending on security by 425 million euros. He says approximately 3,000 suspicious individuals, many belonging to radicalized networks, currently require surveillance throughout France. The government's plans come in the wake of terrorist attacks in Paris earlier this month in which 17 people were killed. Valls has vowed that security forces will be provided better weapons and protection, including bullet-proof vests. The new jobs, meanwhile, will be created over the next three years in counter-terrorism intelligence and at the ministries of justice, defense, and finance. These reinforcements are a recognition that France's intelligence-gathering is lacking. According to intelligence experts in France, it takes 20 officers on the ground to provide sufficient, round-the-clock monitoring of a single suspect. While recruiting more men and women for so-called "gumshoe work" will help, the higher priority is to bolster the ranks of analysts -- those people who can make sense of masses of accumulated electronic data. NSA Breached North Korean Networks Before Sony Attack, Officials Say New York Times (01/18/15) Sanger, David E.; Fackler, Martin The NSA in 2010 hacked into North Korean networks with the help of South Korea and other allies to place malware that could track hackers, according to former U.S. and foreign officials. The malware included a type of "early warning radar" software that was crucial in pinning the recent Sony attack on the North Korean government. Spurred by growing concern about North Korea’s maturing capabilities, the American spy agency drilled into the Chinese networks that connect North Korea to the outside world, picked through connections in Malaysia favored by North Korean hackers and penetrated directly into the North with the help of South Korea and other American allies, according to former United States and foreign officials, computer experts later briefed on the operations and a newly disclosed NSA document. A classified security agency program expanded into an ambitious effort, officials said, to place malware that could track the internal workings of many of the computers and networks used by the North’s hackers, a force that South Korea’s military recently said numbers roughly 6,000 people. "Attributing where attacks come from is incredibly difficult and slow," said James Lewis, a cyberwarfare expert at the Center for Strategic and International Studies in Washington. "The speed and certainty with which the United States made its determinations about North Korea told you that something was different here — that they had some kind of inside view." Nearly Every U.S. Arms Program Found Vulnerable to Cyber Attacks Reuters (01/20/15) Shalal, Andrea Michael Gilmore, the Pentagon's director of operational test and evaluation, says almost every U.S. weapons program tested in fiscal 2014 showed "significant vulnerabilities" to cyberattacks, including misconfigured, unpatched and outdated software. While program managers have worked to resolve problems discovered in previous years and security was improving, this year's testing has revealed new vulnerabilities. "Cyber adversaries have become as serious a threat to U.S. military forces as the air, land, sea and undersea threats represented in operational testing for decades," Gilmore wrote in the 366-page report. Cyber-Crime and Business: Think of a Number and Double It Economist (01/17/15) Chick-Fil-A and Morgan Stanley are the most recent big names to join the long list of major U.S. companies to have their systems hacked into, putting customers' financial data at risk. The concern, though, is those companies that are not publicly admitting that they've been infiltrated by cyber bandits. This is partly due to the fact that much hacking goes undetected. At the same time, businesses sometimes try to cover up breaches of data security to avoid public embarrassment and loss of confidence. Earlier this month, the White House launched a new drive to improve data security and privacy via the Personal Data Notification and Protection Act, which would require companies to tell customers within 30 days of discovering that their information has been hacked into. Currently, there is just a patchwork of state-level laws that offer consumers very little real protection. In the absence of a strong federal disclosure law, the losses that companies suffer from hacking are largely a matter of conjecture. If there were more disclosures -- and, consequently, more information on the amount, types, and costs of cyber-crime -- the thinking is companies would have a better idea how to spend their information-security budgets. In addition, it would be easier to work out what sort of insurance coverage to buy. American businesses' spending on such policies soared from $1.3 billion in 2013 to roughly $2 billion last year, calculates Andreas Schlayer, a senior underwriter at Munich Re. Cyber Warfare: Capitol Staffers Aren't Ready Politico (01/19/15) Kopan, Tal Capitol Hill's computer networks are under constant attack. In 2013 alone, the Senate Sergeant at Arms' office reports that it investigated at least 500 potential examples of malicious software. Some emanated from sophisticated attackers, while others from low-level scammers. In a different measurement, the House IT security office said the year before it blocked 16.5 million "intrusion attempts" on its networks. Investigators lament that the thousands of people who keep the Senate and House of Representatives running on a daily basis are committing basic cybersecurity mistakes that attackers can exploit to do harm. For instance, many Hill staffers had e-mailed security passwords to a colleague or to themselves for convenience. In addition, plenty of offices were found to have stored a list of passwords for communal accounts like social media in a shared drive or Google doc. Many kept their personal e-mail open throughout the day, while few could remember any kind of IT security training. If they did, the instruction was not taken seriously. Said one staffer who exited the Senate this past fall, "This is a problem waiting to happen, not even just on the institutional security side but in terms of mischievous hackers trying to break into social media sites or dropboxes of senators or any of that stuff." Tech experts say they remain hampered by the unique challenge of securing an enterprise divided into hundreds of networks each overseen by an empowered elected lawmaker. Colleges Rush to Create Cybersecurity Soldiers Tampa Tribune (FL) (01/11/15) Stockfisch, Jerome R. The recent increase in computer attacks at major corporations have pushed colleges and universities into educating more cybersecurity students and professionals. For example, the University of Tampa (UT) recently announced it will begin offering an undergraduate major in cybersecurity this fall, while Saint Leo University launched a master's program in cybersecurity in August, complementing its undergraduate program in information assurance and security. In addition, Florida Polytechnic University has a concentration in information assurance and cybersecurity in its computer science and information technology degree track, and the University of South Florida opened the Florida Cybersecurity Center with the help of a $5-million allocation from the state government. "With all of the high-profile breaches over this last year or so, more focus has been on security than I've ever seen," says UT professor Kenneth Knapp, head of the university's cybersecurity program. There were 209,749 national postings for cybersecurity jobs in 2013, up 74 percent from 2007, and the average salary for those jobs was $93,028, according to Burning Glass. "For us, it's trying to keep up with the demand," says Derek Mohammed, chairman of the computer science department at Saint Leo. Interest in the university's inaugural master's program in cybersecurity has been double what was expected. Is Antivirus Software Still Relevant? Government Computer News (01/08/15) Magnotti, Lou Despite their use of antivirus software, government security professionals are often victims of malware, demonstrating that basic antivirus technology no longer provides sufficient protection. A 2014 Lastline Labs study found a significant amount of new malware was undetected by about half of antivirus vendors. Major drawbacks to antivirus software include impairment of endpoints, incorrect decisions when users do not understand software prompts, false positives, and running at a level of the operating system that creates a potential avenue of attack. Milnsbridge Corp. several years ago sponsored case studies of CloudAV, a new approach that moves antivirus functionality from personal computers to the network cloud. Traditionally, performance constraints and program incompatibilities enable only one antivirus detector to be used at a time, but CloudAV can support a large number of malware detectors that run together to analyze an incoming file. Many existing OSes come with built-in antivirus software, and others use application whitelistings (AWL) as an integral part of the OS. AWL will deny the execution of any application not previously identified as “not malicious,” and offers more security primarily because it denies malicious code that has never been seen before, which blacklists will not immediately recognize. Most security experts agree antivirus technology should still be used in a “security-in-depth” approach, complemented with a strong security education and awareness program, and other information on security procedures. Abstracts Copyright © 2015 Information, Inc. Bethesda, MD |
No comments:
Post a Comment