Showing posts sorted by relevance for query cyber security force. Sort by date Show all posts
Showing posts sorted by relevance for query cyber security force. Sort by date Show all posts

UK Announces Plans for ‘Cyber Reserve’ Online Crime Defence Force

Posted by Avik Sarkar On 12/08/2012 05:57:00 pm

UK Govt. Announces Plans for ‘Cyber Reserve’ Online Crime Defense Force

Earlier this week, the UK government announced that it was planning on setting up a ‘cyber reserve’ force aimed at dealing with security threats brought about by online crime. The proposed force will be run by the country’s ministry of defense and is going to allow the armed forces to draw on the nation’s computer-related talents in order to ward off online attacks and stem the tides of cyber crime. Minister for the Cabinet Office Francis Maude claims that ‘critical’ work is required in order to combat online lawbreaking. He says that nine tenths of large British corporations and three quarters of small British businesses have reported experiencing a cyber breach within the last year, meaning that this force has now become a necessity.

Cyber Crime in the UK
Research conducted by a team of academics recruited by the UK Ministry of Defense earlier this year concluded that the country spends a billion US dollars per year on protecting against and cleaning up after instances of cyber crime. This includes the cost of measures taken to safeguard bank account security and reduce computer-related fraud, the money forked out by businesses purchasing anti-virus software and the cost of removing viruses from computers. In addition to criminals, terrorists and rogue states have also targeted computers in the UK, meaning that it is not difficult to see why the country would consider setting up such a force.

More Students Trained in Tackling Cyber Crime Needed
Maude has promised to make the UK one of the safest places in the world to conduct online business. He added that further details of the ‘cyber reserve’ plans would be revealed in 2013 and said that British government agencies and departments are working with professional bodies in order to ensure that the consideration of internet security becomes an integral component of corporate governance and the risk management process. He stated that UK officials want more students in the country trained in the skills required for tackling cyber crime and pointed out that the nation’s ministry of defense is examining new methods for attracting talented cyber security specialists, as they are required for critical areas of work.

Cyber-Spying by Hostile Nations
The UK Ministry of Defence’s announcement came in the wake of revelations that hostile foreign states had carried out ‘mapping’ of the systems that control the country’s power and water supplies. Officials refused to name the nations that were believed to have carried out this mapping but there have been reports in the United States that China and Russia have conducted similar reconnaissance exercises there, which suggests that they could be the countries that are responsible for this cyber-spying activity. With this in mind, it is little wonder the UK is stepping up its security, as it wishes to safeguard vital information.

Cyber Confidence Tracker
Francis Maude stated that the increasing number of threats posed to the UK’s online security is partly down to the growth of the internet economy. He said that the country’s government cannot take sole responsibility for fighting cyber crime and emphasized the fact that individuals and businesses would also have to play their part. Next spring the UK will be taking steps to improve online security for consumers and small businesses. The nation plans on launching a ‘cyber confidence tracker’, which will keep tabs on online behaviors and perceptions about internet security in an effort to ensure that the advise that they are delivering to the public about this subject is being conveyed in the best possible way.

Implications
It appears that the UK is now taking the threat of cyber attack extremely seriously, which it is wise to do considering the increasing trend of nations targeting the infrastructures of those that they are hostile towards via the internet. This is a sign that the web is becoming the new battleground in the international struggle for power. The full extent of the country’s plans for its ‘cyber reserve’ are not yet known. It is also questionable whether it will be used solely for defense purposes. Espionage is no longer dominated by spies being physically placed in another country. It is now evidently moving online, meaning that countries are being forced to adapt and develop cyber spies of their own.


Special article by 
Evelyn Anderson of International Business and Journalism
Guest Editor VOGH








SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

FBI Started National Cyber Security Awareness Month 2012

Posted by Avik Sarkar On 10/03/2012 04:37:00 am

FBI Started National Cyber Security Awareness Month 2012

Last week the  Federal Bureau of Investigation (FBI) has issued a report based on information from law enforcement and complaints submitted to the Internet Crime Complaint Center (IC3) detailing recent cyber crime trends and new twists to previously-existing cyber scams. As you all know that the Month of October is celebrated as National Cyber Security Awareness Month for last nine years. This year also FBI declared the October as National Cyber Security Awareness Month 2012. According to the official blog of FBI - the threat has continued to grow even more complex and sophisticated. Just 12 days ago, in fact, FBI Director Robert Mueller said that “cyber security may well become our highest priority in the years to come.” 

For its part, the FBI is strengthening its cyber operations to sharpen its focus on the greatest cyber threats to national security: computer intrusions and network attacks. We are enhancing the technological capabilities of all investigative personnel and hiring additional computer scientists to provide expert technical support to critical investigations. We are creating two distinct task forces in each field office: Cyber Task Forces, focused on intrusions and network attacks that will draw on our existing cyber squads; and Child Exploitation Task Forces, focused on crimes against children. We are also increasing the size and scope of the National Cyber Investigative Joint Task Force—the FBI-led multi-agency focal point for coordinating and sharing cyber threat information to stop current and future attacks.

The FBI also runs several other cyber-related programs, including the Innocent Images National Initiative—which combats online child predators—and the Internet Crime Complaint Center—a partnership between the Bureau and the National White Collar Crime Center that serves as a clearinghouse for triaging cyber complaints and provides an easy-to-use online tool for reporting these complaints.

Because of the interconnectedness of online systems, every American who uses digital technologies at home or in the office can—and must—play a part in cyber security. For example, if you open a virus-laden e-mail attachment at work, you could infect your entire company’s computer network. Don’t be the weakest link: get educated on cyber safety.

Here are a few basic steps you can take to be more secure:

  • Set strong passwords, and don’t share them with anyone.
  • Keep a clean machine—your operating system, browser, and other critical software are optimized by installing regular updates.
  • Maintain an open dialogue with your family, friends, and community about Internet safety.
  • Limit the amount of personal information you post online, and use privacy settings to avoid sharing information widely.
  • Be cautious about what you receive or read online—if it sounds too good to be true, it probably is.


Visit the links below for more tips on protecting your computers and other electronic devices, information on cyber threats, and details on how to report cyber crimes or scams:



For more information:






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Cyber Security Summit Hosted By Department of Homeland Security (DHS)

Posted by Avik Sarkar On 9/26/2012 01:36:00 am

Cyber Security Summit Hosted By Department of Homeland Security (DHS) 

As part of the national Stop.Think.Connect campaign against cyber threats to computers in the private and public sector, the city of Mesa and the Department of Homeland Security are hosting a cyber security summit at the Mesa Arts Center on Wednesday, Sept. 26. The mayor of Mesa said on Wednesday that interest in the summit is growing, and that there also will be numerous representatives of government from throughout the state and a member of the Secret Service attending the event.  Kelvin Coleman, U.S. Department of Homeland Security director of state, local, tribal and territorial cyber engagement, will be the keynote speaker. Mesa Mayor Scott Smith and District 3 councilman and Mesa Public Safety Committee chair Dennis Kavanaugh also will offer comments and help to facilitate questions during the event. “We use computers every day,” Smith said. “We don’t know how important computers are until they’re breached.”


Date: September 26, 2012

1 E. Main Street
Mesa, AZ  85201 
7:30 a.m. Registration & Continental Breakfast sponsored by Siemens

8:30 a.m. Welcome and Opening Remarks

  • Mayor Scott Smith
  • Councilmember Dennis Kavanaugh

9:00 a.m. Keynote Address

  • Mr. Kelvin Coleman, Director, State, Local, Tribal and Territorial Cybersecurity Engagement Program DHS National Cyber Security Division

9:30 a.m. Convenience vs. Security Expert Panel
Current Threats in an increasingly Networked World Panelist Bios
John Meza (Moderator), Assistant Chief, Mesa Police Department
James Choplin, Special Agent, Electronic Crimes Task Force, U.S. Secret Service
Dr. Dee H. Andrews, Ph.D. Senior Research Psychologist, Army Research Institute for the Behavioral and Social Sciences
Kristy Westphal, Director of Security Operation, T-Systems North America
Lonnie Benavides, Red Team Lead, The Boeing Company
Ilene Klein, City of Phoenix Office of Information Security and Privacy
Bill Kalaf, Executive Director - Intelligence-Led Policing, Mesa Police Department
 
During this session, the panel will outline and discuss many of the current threats affecting businesses, local government, users, such as social engineering, security of mobile devices and many of the trending applications on smart phones and PCs.
   
10:30 a.m. Networking Break
   
10:45 a.m. Closing Remarks

  • Mayor Scott Smith

11:15 a.m. Adjournment
   
11:30 a.m. Post CyberSecurity Summit Break Out Session:  Methods for training supervisors to detect behavioral indicators of insider threat

Dr. Dee H. Andrews 
Senior Research Psychologist , U.S. Army Research Institute for the Behavioral and Social Sciences 
During this session, participants will get an overview of methods in training supervisors to spot and mitigate the cyber insider threat.  Statistics reveal that approximately 40% of the cyber incidents are caused by insiders.  

If you want to register for the U.S. Department of Homeland Security Cyber Security Summit then click Here. For additional information about Stop.Think.Connect. click Here


-Source (mesaaz.gov)









SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Hong Kong Govt Opens a New Cyber Security Center Worth $9 Million

Posted by Avik Sarkar On 12/13/2012 07:35:00 pm

Hong Kong Govt Opens a New Cyber Security Center Worth $9 Million

Now a days cyber attack has became one of the most challenging issue for almost every country and its Government. Previously we have seen cyber awareness were mainly limited to the first world countries like USA, England, Australia and few other European countries. While keeping in mind the rising amount of cyber threats and its output, now both second world and the third world countries have also taken this issues very seriously. To get rid of this burring challenge and to make it's cyber fence safe and secure The Hong Kong Govt launched a Cyber Security Center on December 7 to enhance the city’s internet security and protection of critical infrastructure, and strengthen the defense against cyber-attacks. Hong Kong Govt has spent HK$9 million (£730,000) for this new Cyber Security Center in a bid to tackle the growing threat to critical infrastructure in the Special Administrative Region of China. The Center  which will operate under the Technology Crime Division of the Commercial Crime Bureau, will start with a force of 27 police personnel, ranking from Police Constable to Chief Inspector. “The incidence of cyber-attacks is increasing,” said Tsang Wai-hung, Commissioner of Police, during the inauguration ceremony of the Center  “Police recognize the need to respond to the worldwide cyber crime phenomenon, particularly cyber-attacks aimed at critical infrastructures, by enhancing our readiness and capability to counter such threats.

So far the Cyber Security Center has been given four main responsibilities as follows:-
  1. It will strengthen collaboration with other government departments and stakeholders, both local and overseas, concerning cyber-attacks against critical infrastructures. 
  2. It will monitor the flow, but not the content, of data traffic of major infrastructure systems.
  3. The Center will collect intelligence to analyse cyber-attacks, and provide an immediate response when necessary.
  4. The Center will conduct research into cyber security and cyber-attacks, and perform security audits to maintain the protection of Hong Kong.

In addition to these key responsibilities, the Center will support the daily operations of the Technology Crime Division in the prevention and detection of technology crimes. 




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Indian Air Force (IAF) Issued Strict Rules & Discipline to Avoid Hacking

Posted by Avik Sarkar On 9/30/2012 03:50:00 pm

Indian Air Force (IAF) Issued Strict Rules & Discipline to Avoid Hacking

Last month in a report we said Indian Govt is working on a robust cyber security structure, and parallely now the Indian Govt is emphasizing its security structure to fight against cyber threats. As a result of this ongoing cyber awareness, a very strict order have been issued by Indian air force to tackle and avoid cyber attacks. From now and onward every officer of the Indian Air Force (IAF) will now have to sign a declaration that they will not save or view any official document on personal computers. Failure to adhere to this directive will lead to a court marshal and prosecution. In a recent case, operational documents were found on the personal computer of a young pilot posted at an airbase in Tamil Nadu. A court of inquiry has been initiated. Over the years, cyberspace has emerged as a critical frontier for espionage as the use of computers and dependence on the internet has grown. Thus, document security has emerged as one of critical areas of concern for the government. It is perhaps alluding to these increasing instances of the cyberspace being used by foreign agencies to collect critical information. Prime Minister Manmohan Singh, while addressing top cops of the country at the annual security conference hosted by the Intelligence Bureau earlier this month, said, "Our country's vulnerability to cybercrime is escalating... Large-scale computer attacks on our critical infrastructure and economy can have potentially devastating results. The government is working on a robust cyber security structure."
As a general rule, computers in which sensitive information are stored or prepared are never connected to the internet. "The IAF internal communication network, for instance, is not only a stand-alone network with no connection to the net, but also has the system configured in such a way that it doesn't allow external storage devices like pen drives or CDs," a senior MoD official told the press. Nonetheless, some officers have been found "keeping copies or preparing documents using critical information in their personal computers, which have subsequently passed out by malwares in the system or hacked," the officer added.

Beside of developing a robust cyber security structure, there is another reason behind this decision, and that is Couple of months ago we have seen that Chinese hackers have broken into Indian Navy's Computer System & stolen sensitive data. Later, inquiries revealed that a few naval officers had, against the rules, taken copies of the plans in pen drives from a naval computer, to study. The Chinese-made pen drives allegedly had malwares which transmitted the data back to IP addresses in China once they were used on computers connected to the internet. So the Indian Govt is now very strict about data privacy, so the implemented this new rule. Such bold decisions will surely make security tight and also reduce the probability of data theft & cyber espionage. 


-Source (NDTV)






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Pentagon Assigning More Experts to Boost Cyber Security & Protect U.S. Computer Networks

Posted by Avik Sarkar On 2/06/2013 07:12:00 pm

Pentagon Assigning More Experts to Boost Cyber Security & Protect U.S. Computer Networks

Cyber security has become one of the most sophisticated area of National security and defense, and in order to implement that Pentagon has increased their estimated expense on cyber security. And this deceleration has been made while publishing the budget late in last year. Now that implementation is getting executed as the Pentagon is moving toward a major expansion of its cyber security force to counter increasing attacks on the nation’s computer networks, as well as to expand offensive computer operations on foreign adversaries. This confirmation has came from defense officials. The expansion would increase the Defense Department’s Cyber Command by more than 4,000 people, up from the current 900, an American official said. Defense officials acknowledged that a formidable challenge in the growth of the command would be finding, training and holding onto such a large number of qualified people. The Pentagon “is constantly looking to recruit, train and retain world class cyberpersonnel,” a defense official said Sunday.
As part of the expansion, officials said the Pentagon was planning three different forces under Cyber Command: “national mission forces” to protect computer systems that support the nation’s power grid and critical infrastructure; “combat mission forces” to plan and execute attacks on adversaries; and “cyber protection forces” to secure the Pentagon’s computer systems. Cyber Command’s connections to the NSA are also leading some officials to ask how much of the expansion will be focused domestically, especially considering the opening of the NSA’s new, $2 billion Utah Data Center, scheduled to go live later this year. An unnamed "senior defense official" said that the agency’s efforts would remain focused outside US networks, unless it were asked to assist "another agency with domestic authority, such as the FBI." There is significant overlap between Cyber Command and the NSA — until recently, some employees of the former had nsa.gov email addresses, for instance — and there is some doubt that the nascent offshoot of US Strategic Command will be able to achieve true independence under NSA Director Alexander.



-Source (NY Times, Washington Post)







SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

President Obama & Congress Will Issue Long Awaited Executive Cyber Security Order

Posted by Avik Sarkar On 2/12/2013 07:05:00 pm

President ObamaCongress Will Issue Long Awaited Executive Cyber Security Order 

Last week we reported that Pentagon has declared that they are moving toward a major expansion of its cyber security force to counter increasing attacks on the nation’s computer networks, as well as to expand offensive computer operations on foreign adversaries. Just one week after this declaration another crucial movement came from the U.S. government.  A secret legal review on the use of America’s growing arsenal of cyber weapons has concluded that President Obama has the broad power to order a pre-emptive strike if the United States detects credible evidence of a major digital attack looming from abroad. According to sources President Barack Obama will issue a long-awaited cyber security executive order this week. Two former White House officials told the publication that the order is expected to be released after Tuesday night's State of the Union address. 
Given his status as commander-in-chief, Obama seems to be the clear choice, but since cyber warfare is such a new and unknown thing, the government hasn't actually figured out the rules of engagement yet. In the past couple of decades, the power to use America's cyber weapons has been shared between the Pentagon and the various intelligence agencies. With the exception of a series of strikes on the computer systems that run Iran's nuclear enrichment facilities an attack that Obama ordered himself the U.S. hasn't launched any major cyber attacks in recent memory, however. This probably won't be the case in the future. So the government is working on new rules of engagement, as it realizes that the capabilities of cyber weapons are evolving at a startling rate. The rules will be not unlike the set that governs how drone attacks are ordered and who orders them. Cyber warfare certainly stands to affect the average American more, though.  On Capitol Hill this week, Rep. Dutch Ruppersberger (D-Md.) and Rep. Mike Rodgers (R-Mich.) are set to reintroduce the Cyber Intelligence Sharing and Protection Act (CISPA) during a speech at the Center for Strategic and International Studies.
According to an exclusive report the bill would allow the government to share classified cyber threats with the private sector so that those companies can then protect their systems from cyber attacks. The bill was killed last year due to privacy concerns. Civil-liberty groups argued that the bill allows companies to exchange too much personal information back and forth without regulation. 







SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Iran Preparing Stronger Cyber Defense

Posted by Avik Sarkar On 2/20/2012 09:38:00 pm

Iran Preparing Stronger Cyber Defense 

While looking at the rise of cyber crime not only US and UK also Iran is preparing a strong cyber defense. According to the Iran's Press TV report - During the recent years cyber security has been high on the agenda in Iran. Tehran says that the reason for its special attention towards the issue is due to the growing number of attacks on Iran’s cyber space by US and Israel. That’s why the first national conference on cyber security kicked off in Iran’s interior ministry. The event which hosted high ranking executive and defense officials and experts, aimed at discussing ways to further strengthen the Iranian cyber space against any attacks.
Less than four months ago Iran launched a cyber defense headquarters with the help of its defense and communications ministries. The office categorizes Iran’s national assets to three parts including physical, human and cyber assets. The headquarters says that its responsibility is to protect the three categories with special emphasis on the country’s cyber assets.
Experts say that lack of enough security in a country’s cyber space is like sleeping in a house without locking the door. In 2009 some of Iran’s Uranium enrichment facilities were targeted by a computer worm called Stuxnet. Blaming the US and Israel, Iran managed to neutralize the cyber attack. In 2011 Iran’s nuclear program comes under another cyber threat with ‘Duqu'. Also hacker collective group Anonymous targeted Iran while performing massive DDoS attack on the 1st may last year.
The main task of cyber defense is to prevent computer worms or as some call it cyber weapons from breaking into or stealing data from the countries maximum security networks. These areas include nuclear facilities, power plants, data centers and banks. Iran has also established its own laws and definitions of cyber crime. Today there are several laws in dealing with the issue and a special branch of the police force is dedicated to patrolling Iran’s cyber space.



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

FBI's Cybercrime Unit Taken New Initiative to Nab Hackers & Intruders

Posted by Avik Sarkar On 10/31/2012 06:09:00 am

FBI's Cybercrime Unit Taken New Initiative to Nab Hackers & Intruders 

The month of October has been declared by FBI as the National Cyber Security Awareness Month of 2012 , and in the last week of this month the cyber crime division of FBI has started a new program which will specially emphasis on hackers and intrusion. The main aim of this program is to focusing on hackers and to prevent cyber crime. Last month  Federal Bureau of Investigation (FBI) has issued a report based on information from law enforcement and complaints submitted to the Internet Crime Complaint Center (IC3) detailing recentcyber crime trends and new twists to previously-existing cyber scams. Now the recent movement of FBI will surely inject fear into the heart & mind of hackers. According to FBI's official release - Early last year, hackers were discovered embedding malicious software in two million computers, opening a virtual door for criminals to rifle through users’ valuable personal and financial information. Last fall, an overseas crime ring was shut down after infecting four million computers, including half a million in the U.S. In recent months, some of the biggest companies and organizations in the U.S. have been working overtime to fend off continuous intrusion attacks aimed at their networks. The scope and enormity of the threat—not just to private industry but also to the country’s heavily networked critical infrastructure—was spelled out last month in Director Robert S. Mueller’s testimony to a Senate homeland security panel: “Computer intrusions and network attacks are the greatest cyber threat to our national security.”
To that end, the FBI over the past year has put in place an initiative to uncover and investigate web-based intrusion attacks and develop a cadre of specially trained computer scientists able to extract hackers’ digital signatures from mountains of malicious code. Agents are cultivating cyber-oriented relationships with the technical leads at financial, business, transportation, and other critical infrastructures on their beats. 

Today, investigators in the field can send their findings to specialists in the FBI Cyber Division’s Cyber Watch command at Headquarters, who can look for patterns or similarities in cases. The 24/7 post also shares the information with partner intelligence and law enforcement agencies—like the Departments of Defense and Homeland Security and the National Security Agencyon the FBI-led National Cyber Investigative Joint Task Force.
A key aim of the Next Generation Cyber Initiative has been to expand our ability to quickly define “the attribution piece” of a cyber attack to help determine an appropriate response, said Richard McFeely, executive assistant director of the Bureau’s Criminal, Cyber, Response, and Services Branch. “The attribution piece is: who is conducting the attack or the exploitation and what is their motive,” McFeely explained. “In order to get to that, we’ve got to do all the necessary analysis to determine who is at the other end of the keyboard perpetrating these actions.”
The Cyber Division’s main focus now is on cyber intrusions, working closely with the Bureau’s Counterterrorism and Counterintelligence Divisions.  “We are obviously concerned with terrorists using the Internet to conduct these types of attacks,” McFeely said. “As the lead domestic intelligence agency within the United States, it’s our job to make sure that businesses’ and the nation’s secrets don’t fall into the hands of adversaries.”
In the Coreflood case in early 2011, hackers enlisted a botnet—a network of infected computers—to do their dirty work. McFeely urged everyone connected to the Internet to be vigilant against computer viruses and malicious code, lest they become victims or unwitting pawns in a hacker or web-savvy terrorist’s malevolent scheme.
“It’s important that everybody understands that if you have a computer that is outward-facing—that it’s connected to the web—that your computer is at some point going to be under attack,” he said. “You need to be aware of the threat and you need to take it seriously.” 


To Listen the Podcast of FBI's "“The intrusions are occurring 24/7, 365 days a year.” Click Here






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

China Claiming Their Defense & Military Sites are Serially Attacked By U.S. Hackers

Posted by Avik Sarkar On 3/04/2013 08:31:00 pm

China Claiming Their Defense & Military Sites are Serially Attacked By U.S. Hackers 

We all are very much familiar of hearing the story of cyber espionage and cyber attacks originated from China by Chinese hackers. Where many countries across the globe have fallen victim like U.S. India, JapanSouth Koreamany European countries and many more. But today a complete reverse story came under light where the Chinese government are claiming that several top secrete government sites like defense, army, military were targeted and hit by hackers from United States. According to some classified sources it came that Chinese government websites are routinely hacked from IP addresses originating within the United States. In a news conference, spokesman of Defense Ministry of China; Mr. Geng Yansheng said that - more than 144,000 hacking attempts per month are targeted at the China Military Online and Defense Ministry websites. According to Chinese defense ministry a close to two-thirds of those attacks (62.9 percent) originated in the United States. Geng said he had noted reports that the United States planned to expand its cyber-warfare capability but that they were unhelpful to increasing international cooperation towards fighting hacking.
"We hope that the U.S. side can explain and clarify this." The U.S. security company, Mandiant, identified the People's Liberation Army's Shanghai-based Unit 61398 as the most likely driving force behind the hacking. Mandiant said it believed the unit had carried out "sustained" attacks on a wide range of industries. Yansheng did not mention a direct link between the cyber attacks and the U.S. government only that the attacks originated in the United States. He did note, however, that China is concerned with reports that the United States is planning to expand its cyber warfare capabilities. 
In the last month China was blamed for engaging cyber attacks against several high profile websites and organization of U.S. including New York Times, Twitter, NBC and so on. And if you refresh our memory then then we will find the scenario of big cyber attack and espionage by Chinese hackers have been spotted several times. In 2012 Chinese hackers had  breached Telvent's corporate network & gained control of US Power GridAlso in the middle of last year, we have seen that Chinese hackers have broken into Indian Navy's Computer System & stolen sensitive data. Few months before this hack, Tokyo based computer security firm Trend Micro confirmed that Chinese hackers were responsible for biggest cyber-espionage in India, Japan & Tibet. Also the director of National Security Agency (NSA) General Keith Alexander confirmed that hackers from China was responsible for the serious attack on one of the leading IT security & cyber security company RSAAlso in 2011 China was responsible behind the attack on US Chamber of Commerce, Satellite System of U.S, Nortel Network & so on.  But few days ago National Computer Network Emergency Response Coordination Center of China (CNCERT/CC), China's primary computer security monitoring network claimed that China fallen victim of one of biggest cyber attacks originated from US, Japan & South Korea. We must have to say that this statement is truly irrelevant. Cyber crime investigator have found that China was directly responsible for the hack into Japan's Biggest Defense Contractor Mitsubishi, Japan Aerospace Exploration Agency (JAXA) & Parliament of Japan. In case of South Korea  more than 13 Million of MapleStory players data has been stolen, there also hackers from China was responsible. 
After keeping in mind all the above facts, we can not conclude the matter very easily, but what we can say that, whether China is responsible or not is neither been proved so far. In spite of looking at the situation we can only say, the entire matter is foggy; where the original truth has either been manipulated or been still untold. But it is sure that those untold or manipulated issues will some day came in front, till that time we have to keep patience and don't forget to stay tuned with VOGH for all kind of cyber related topics and expert reviews.



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Greater Manchester Police Fined £150,000 By ICO For Using Unencrypted USB Sticks

Posted by Avik Sarkar On 10/17/2012 05:13:00 pm

Greater Manchester Police Fined £150,000 By ICO For Using Unencrypted USB Sticks 

To fight against major security breaches, data loss, cyber theft, and many other cyber challenges, both Government and higher authorities are becoming as tight and strict as they can. While sitting at edge of cyber security, not even a single mistake or carelessness will be negotiated. So either you have to deliver your very best, or you have to penalty, exactly the same thing happened to Greater Manchester Police. Yesterday, I mean 16th of October The UK Information Commissioner's Office (ICO) in the UK recently fined the Greater Manchester Police £150,000 for a data breach. In their press release ICO said - Greater Manchester Police force is being fined for failing to take appropriate measures against the loss of personal data. The action was prompted by the theft of a memory stick containing sensitive personal data from an officer’s home. The device, which had no password protection, contained details of more than a thousand people with links to serious crime investigations. The ICO found that a number of officers across the force regularly used unencrypted memory sticks, which may also have been used to copy data from police computers to access away from the office. Despite a similar security breach in September 2010, the force had not put restrictions on downloading information, and staff were not sufficiently trained in data protection.
The findings prompted the Information Commissioner to use his powers under the Data Protection Act to impose a Civil Monetary Penalty of £150,000. Greater Manchester Police paid that penalty yesterday, taking advantage of a 20 per cent early payment discount (£120,000). 

David Smith, ICO Director of Data Protection, said: -“This was truly sensitive personal data, left in the hands of a burglar by poor data security. The consequences of this type of breach really do send a shiver down the spine. “It should have been obvious to the force that the type of information stored on its computers meant proper data security was needed. Instead, it has taken a serious data breach to prompt it into action.
“This is a substantial monetary penalty, reflecting the significant failings the force demonstrated. We hope it will discourage others from making the same data protection mistakes.” 
The monetary penalty is paid into the Treasury’s Consolidated Fund and is not kept by the Commissioner.   






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Cyber Security Bill Has Been Rejected By The US Senate

Posted by Avik Sarkar On 8/05/2012 02:17:00 am

Cyber Security Bill Has Been Rejected By The US Senate

A cybersecurity bill that had been one of the Obama administration’s top national security priorities was blocked by a Republican filibuster in the Senate on Thursday. Still the topic of cyber security remains controversial in the US Congress. The Senate voted 52 to 46 to cut off debate, falling short of the 60 needed to force a final vote on the measure, which had bipartisan support but ran into a fight over what amendments to the legislation could be proposed.
Soon after the vote, the White House released a statement calling the outcome “a profound disappointment.” White House regretted that the act failed to gain approval, saying that it could have protected the US from "potentially catastrophic cyber attacks". According to the White House, the proposed legislation fell victim to "the politics of obstructionism, driven by special interest groups seeking to avoid accountability". US civil rights campaigners Electronic Frontier Foundation (EFF), on the other hand, are celebrating a "victory over cyber spying". 
However, many further amendments were proposed by senators over the week. Ultimately, many voted in line with their concerns. For instance, in a statement after the vote, Democrat Ron Wyden said that in his opinion the Cybersecurity Act in its current form does not sufficiently safeguard Internet users’ privacy and civil liberties. According to Wyden, the act would not create enough incentive to actually promote the exchange of information. Republican senators mainly explained their rejection by pointing out that, despite the amendments, companies would be made to comply with too many bureaucratic reporting requirements.
The bill called for the government to provide businesses with classified information about cyberthreats and gave companies the option of sharing information about cyberthreats with the government. White House officials said the president opposed that bill because it called for too much information sharing between the government and businesses, which could have led to violations of Americans civil liberties.


-Source (The-H & NYTimes)








SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Most Organized Banking-Trojan Called 'Gozi Prinimalka' By Russian Hackers Targeting U.S. Banks

Posted by Avik Sarkar On 10/14/2012 06:25:00 pm

Most Organized Banking-Trojan Called 'Gozi Prinimalka' By Russian Hackers Targeting U.S. Banks

We all might be aware of massive attack which took place last month, targeted several leading banking and financial sector of United StatesThe attack came just after 'anti Islamic' video was posted online. The US National Security officials accused the Iranian government for engaging cyber attacks against US Banks mainly Bank of America. Sooner or later the situation came under control. But cloud of trouble for US Banking sector is not gone completely, recently security professionals unveiled that a cartel of Russian hackers is planning to launch a separate attack aimed at stealing money from about 30 U.S. financial institutions, an apparent attempt to piggyback and capitalize on the ongoing cyber attacks on U.S. banks. The emergence of Russian hackers suggests a potential shift in the motivation of the cyber attacks from ideological to financial and also points to a longer duration of the ongoing attacks. Security experts have picked up on chatter in the cyber underworld indicating Russian cyber hackers have set their sights on about 30 U.S. financial institutions. Dubbed “Operation Blitzkrieg,” the attack is planned for this fall on 30 U.S. banks, though it’s not clear which specific institutions will be targeted. In a blog post last week, RSA said it “believes this is the making of the most substantial organized banking-Trojan operation seen to date.”

So far it’s not clear who the specific Russian hackers are, but famous security professional & blogger Brian Krebs pointed to series of posts beginning in early September on Underweb forums by a Russian hacker who uses the nickname “vorVzakone,” which translates to “thief in law.” RSA said “underground chatter” indicates the gang plans to deploy a Trojan, called “Gozi Prinimalka,” in an effort to complete fraudulent wire transfers via Man-In-The-Middle (MiTM) manual session-hacking scenarios. Herberger said MiTM is a type of attack that aims to deceive targets by violating otherwise secure communications, similar to tapping into a landline phone conversation or breaching a VPN session. “If successfully launched, the full force of this mega heist may only be felt by targeted banks in a month or two,” RSA said. The Trojan is part of a family of malware used by a crime gang that has successfully siphoned at least $5 million from banks, RSA said. The Russian hackers are also offering to pay individuals who help them carry out the attacks, indicating a desire to monetize the intrusions.

So now the vows of hacker group named 'Izz ad-Din al Qassam Cyber Fighters' is proving to be more dangerous for US. The hacker group earlier said "These series of attacks will continue until the Erasing of that nasty movie from the Internet". For your reminder this hacker group was responsible for all the major DDoS attacks against US financial sector. “It’s not uncommon that people who have a financial motive may try to take advantage of nefarious techniques,” said Herberger. “They will jump in because they can take advantage of the fact banks are laboring and security departments are becoming overrun and softened for a different kind of motivated attack.” The emergence of the threat from Russian groups underscores the prolonged nature of the attacks against corporations, especially in the financial industry. “Security teams are coming to terms that these attacks are long,” often measured in days and weeks, said Herberger. However, security teams often aren’t “staffed for attrition.”

-Source (FOX Business)





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Obama Proposes Anti-Hacking Laws

Posted by Avik Sarkar On 6/22/2011 12:32:00 pm



Hackers will face tougher penalties in the U.S. if the Obama administration's proposed cyber-security measures become law, in an attempt to deter attacks on critical online infrastructure.Under the new law, hackers would face 20 years in prison for endangering national security, 10 years for stealing data and three years for accessing a government computer.
The proposal doubles the penalties from current laws in nearly every category, responding with force to the spate of hacks that have made headlines this last month.The Obama administration first suggested the law last month, before the hacking group LulzSec broke into FBI, CIA and U.S. Senate websites. If prosecuted under the new law, its members could face hefty prison terms for flaunting national security.Compared to the anonymous hacks against Lockheed Martin and the International Monetary Fund, however, LulzSec's distributed denials-of-service, or DDoS, attacks against government websites were merely an annoyance.
Groups like LulzSec, who hack for the fun of it, may face the same sentences as serious data thieves under the cyber-security plan.
Either way, the trouble lies in catching computer hackers who use botnets and server mis-location to cover their tracks. Months after Sony's disastrous data breach left 100 million users' information exposed, Sony and the FBI still haven't found those responsible for the attack.
Tracking down "smoking keyboards" is not impossible, however, as Spain and Turkey proved by arresting members of the Anonymous hacking group. Spain's authorities captured three men accused of intending to publish "sensitive data" about Spanish politicians and policemen. Turkey nabbed 32 Anonymous hackers that had coordinated DDoS attacks against the Turkish government after the country announced plans to restrict Internet services starting this August.
Arresting hackers may deter some from attempting further exploits, but in Anonymous' case the group's loose-knit organization means hundreds of new hackers can rise to fill one member's shoes.
Furthermore, some hackers may have government backing, as IMF officials believe was the case in their hack and as Google alleges happened to them in China.If governments are indeed involved in some of the major recent hacks, things could get sticky, as the Pentagon is set to publish a policy to use physical force against online crime. As one official warned, "If you shut down our power grid, maybe we will put a missile down one of your smokestacks."
The difficulties of catching and prosecuting hackers seem nearly insurmountable. But the new law in the U.S. could encourage a reduction in cybercrimes if it makes an example of even a few.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Department of Homeland Security (DHS) Unveils Cybersecurity Bill

Posted by Avik Sarkar On 12/21/2011 03:01:00 pm



Members of the House Homeland Security Committee unveiled legislation Thursday that would authorize the cybersecurity functions of the Department of Homeland Security (DHS) and establish a quasi-governmental entity to coordinate cybersecurity information-sharing with the private sector. The bill, called the Promoting and Enhancing Cybersecurity and Information Sharing Effectiveness Act (PrECISE), would station a national clearinghouse for information relating to potential attacks on critical infrastructure, such as electric grid, water facilities, and financial service systems.
"The risk of cyberattack by enemies of the United States is real, is ongoing and is growing," warned Homeland Security Committee Chairman Peter King (R-N.Y., above left). "The PrECISE Act, in line with the framework set forth by the Speaker’s Cybersecurity Task Force led by Rep. [Mac] Thornberry [R-Texas], protects our critical infrastructure without a heavy-handed and burdensome regulatory approach that could cost American jobs."
Under Section 226 of the bill, the Secretary of Homeland Security "is authorized to maintain the capability to act as the focal point for cybersecurity through technical expertise and policy development." Further, the Secretary is ordered to "coordinate cybersecurity activities across the Federal Government, designate a lead cybersecurity official within the Department of Homeland Security, publish a cybersecurity strategy and provide appropriate reports to Congress."
In effect, the DHS would identify cybersecurity risks on a sector-by-sector basis and gather existing performance standards to procure the most efficient methods to mitigate identified exposures. The Secretary will review and collect standards and publish cyber-defense information for owners and operators of "covered critical infrastructure," which is defined as the "infrastructure that if destroyed or disabled would result in a significant number of deaths, cause mass evacuations, major disruptions of the economy, or significant disruption to national security."
"Cybersecurity is truly a team sport, and this bill gives DHS needed authorities to play its part in the federal government’s cybersecurity mission and enables the private sector to play its part by giving them the information and access to technical support they need to protect critical infrastructure," said Rep. Dan Lungren (R-Calif.), Chairman of the House Cybersecurity Subcommittee.
In addition to Reps. King and Lungren, the bill’s original co-sponsors include Rep. Michael McCaul (R-Texas), Rep. Gus Bilirakis (R-Fla.), Rep. Candice Miller (R-Mich.), Rep. Tim Walberg (R-Mich.), Rep. Billy Long (R-Mo.), Rep. Tom Marino (R-Pa.) and Rep. Bob Turner (R-N.Y.) of the Homeland Security Committee, as well as Rep. Steve Stivers (R-Ohio) and Rep. Jim Langevin (D-R.I.).
One key tenet of the legislation is the creation of the National Information Sharing Organization (NISO), a quasi-governmental entity that would be staged as a clearinghouse for exchanging relevant information regarding cyber threats and vulnerabilities. The organization would be a nonprofit entity consisting of a DHS-appointed board of directors, composed of members from five different federal agencies and 13 members of the private sector.

According to Section 242 of the bill, the NISO Would Have Three Primary Missions:-

First, facilitating the exchange of cyber threat information, best practices and technical assistance amongst its membership including the Government. Second, it would facilitate the creation of a common operating picture built from information contributed by technically sophisticated members such as the Government, Internet Service Providers, and other members with access to large amounts of network related information. Third, the NISO would act as a catalyst for cooperative research and development of member driven research projects. Additionally, the NISO would incorporate into its membership agreements for the transferability of intellectual property and integrate with the National Cybersecurity and Communications Integration Center at DHS.

All in all, NISO’s purpose would be to establish a point of connection between the government and the private sector to pool information about potential cybersecurity threats and to collaborate on methods to prevent such threats from occurring.
While cybersecurity laws have brought a rare agreement between Republicans and Democrats, the two parties have quibbled over certain aspects of the legislation. Generally, House Republicans prefer more limited regulation and discretional incentives to ramp up securities, while Senate Democrats and the White House have suggested more stringent regulations monitored by the DHS.



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Related Posts Plugin for WordPress, Blogger...

Site search