cyber threat


On the heels of a well publicized distributed denial of service (DDoS) attack on U.S. financial institutions came a warning about another coordinated and planned cyber attack against this critical infrastructure sector.

Cyber intelligence uncovered a fairly large, coordinated cyber attack that is said to use fraudulent wire transfers as the means of attack. This cybersecurity attack is said to leverage session hijacking in a man-in-the-middle cyber attack.

Man-in-the-middle cyber attack is defined as a compromise where the attacker is able to insert themselves between its target and the system or service in which the target is trying to access or use. An attacker accomplishes this by impersonating the system or service that the target is attempting to connect with by falsely rerouting the traffic to and from the service or by hijacking session data.

This attack is known to be initiated by spam and phishing emails, keystroke loggers as well as Trojans with remote access. A high attack concentration has been seen in the small and medium sized organizations and the transfer amounts have ranged from $400,000 to $900,000.

Multiple cyber intelligence sources have warned that an estimated 30 U.S. based financial services institutions may be the targets of an organized cyber criminal gang that is said to be the entity behind this attack.

Just recently the FBI issued a warning about this threat. Their warning stated that the criminals behind this cyber attack were using multiple techniques to obtain customer log-in credentials. Once the criminals have these credentials, they initiate international wire transfers.

For additional information you should monitor the FBI, in association with the Financial Services Information Sharing and Analysis Center (FS-ISAC) and the Internet Crime Complaint Center (IC3).

Kevin G. Coleman is a long-time security technology executive and former Chief Strategist at Netscape. He is Senior Fellow with the Technolytics Institute weekly blog for Breaking Gov on the topic of cyber intelligence. Keep reading →

For several days, Bank of America’s systems had problems. The problems – primarily denial of service disruptions – hit their web site and reportedly their mobile banking services.

For BofA, the nation’s largest bank based on assets, this was not the first issue or attack they experienced in the past year. Nor in fact, was BofA the only U.S. financial institution that has been experiencing what appears to be a series of directed cyber attacks. JPMorgan Chase and Citigroup also are reported to have been struck by similar related aggressive cyber activities, beginning last year. Keep reading →

For weeks now rumors have been circulating about the White House working to draft an executive order, which will put in place cybersecurity measures to protect the critical infrastructure of the United States.

A glimpse of the draft’s intent was released in news reports in recent days, including a Washington Post report, which among other points, noted that the plans called for voluntary standards. Keep reading →

Ever consider the massive amount of intelligence that the United States collects and uses in the defense of the country and our allies? It is surely massive given the scope of our collection effort.

Many people do not realize that the U.S. intelligence community is comprised of 16 separate agencies, not including the Office of the Director of National Intelligence which is responsible for leading intelligence integration. These agencies are tasked with foreign and domestic intelligence collection, analysis support of military planning, and in some cases performing acts of espionage:

  1. Central Intelligence Agency (CIA)
  2. Air Force Intelligence, Surveillance and Reconnaissance Agency (AFISRA)
  3. Army Intelligence and Security Command (INSCOM)
  4. Defense Intelligence Agency (DIA)
  5. Marine Corps Intelligence Activity (MCIA)
  6. National Geospatial-Intelligence Agency (NGA)
  7. National Reconnaissance Office (NRO)
  8. National Security Agency (NSA)
  9. Office of Naval Intelligence (ONI)
  10. Office of Intelligence and Counterintelligence (OICI)
  11. Office of Intelligence and Analysis (I&A)
  12. Coast Guard Intelligence (CGI)
  13. Federal Bureau of Investigation (FBI)
  14. Office of National Security Intelligence (DEA/ONSI)
  15. Bureau of Intelligence and Research (INR)
  16. Dept of Treasury’s Office of Terrorism and Financial Intelligence (TFI)

Source: Wikipedia

Now we have to add U.S. Cyber Command to that list.

In addition, we have to add all the private sector organizations that have established their own security intelligence and cyber intelligence gathering and analysis capabilities as well as those in industry protecting against cybersecurity threats as well.

Oh – we should not forget the state and local law enforcement intelligence units that exist around the country.

Now let’s add the black-ops (clandestine) intelligence community members.

Add them all up and that paints a reasonable picture of the intelligence coverage we have in place. It sounds like allot, but given the number of kinetic and non-kinetic threat we face, it’s not!

One has to wonder how much more effective our intelligence efforts could be if regulations requiring separation did not exist and a collaborative/sharing environment along with the systems required for collaborative support were in place.

While those regulations were probably put in place for good reason when they were enacted, times have changed. Maybe it is time to revisit the restrictions.

Kevin G. Coleman is a long-time security technology executive and former Chief Strategist at Netscape. He is Senior Fellow with the Technolytics Institute where he provides consulting services on strategic technology and security issues. He writes a weekly blog for Breaking Gov on the topic of cyber intelligence.


As we approach the 2012 presidential election, concerns are being raised about the likelihood of cyber attacks leading up to and during that event. There are many individuals, groups and rogue nation states that would like nothing better than to disrupt this year’s election.

Several months ago, a video was posted by those claiming to be from the well know hacktivist group Anonymous that alluded to plans for launching cyber initiatives that target the 2012 presidential election. Keep reading →


After years of the public and private sectors having listened to the nearly constant cyber threat warnings issued by military and government officials, as well as industry experts, over the past few years, addressing the threats posed to our systems by cyber attacks is now appropriately considered as a work-in-process.

There are some signs that the private sector might be moving to address the new heightened level of cyber security threats, however. Keep reading →

The head of Iran’s Presidential Center for International Legal Affairs has announced that Iran plans to bring legal action against those that launched cyber attacks against their uranium enrichment equipment in a move that promises to raise the stakes for the U.S. cybersecurity policy officials.

Majid Jafarzadeh made the announcement this week after consulting Iranian and foreign legal experts, saying Iran has decided to file a lawsuit against the “cyber terrorists” who have attacked the country’s nuclear enrichment infrastructure. Keep reading →

Underground movements are not uncommon, but the apparent ground swell that has taken place in the cyber underground has caught the attention of traditional and cyber intelligence organizations around the world.

Call them covert, clandestine, black-market – whatever title you choose to put on these activities – the fact remains there is a growing community of underground groups and individuals with diverse missions and objectives. These groups develop and acquire sophisticated cyber weapons that are used in highly targeted attacks against their enemies. Keep reading →

Few people would dispute that the United States is in the cross-hairs when it comes to cyber attacks. After all, the U.S. is the country that is the most dependent on the Internet as a component of our critical infrastructure.

Cyber attacks on our critical infrastructure have evolved over the years and pose a substantial threat that should concern everyone. Keep reading →

We have entered a new age of modern conflict. This new age is different from those we have experienced in the past and perhaps even more challenging. The military has dubbed cyber as the 5th domain and have embarked on establishing the capabilities for offensive, defensive and intelligence collection and analysis in this domain.

However, many are attempting to address this threat as they did traditional forms of conflict. Some have gone as far as to compare what has been called a cyber arms race to the cold war. Recent conversations and witnessed actions are cause for concern. Keep reading →

Page 1 of 512345