Stuxnet

Lieberman Alleges Iran Hacked US Banks

By

For several days, Bank of America’s systems had problems. The problems – primarily denial of service disruptions – hit their web site and reportedly their mobile banking services.

For BofA, the nation’s largest bank based on assets, this was not the first issue or attack they experienced in the past year. Nor in fact, was BofA the only U.S. financial institution that has been experiencing what appears to be a series of directed cyber attacks. JPMorgan Chase and Citigroup also are reported to have been struck by similar related aggressive cyber activities, beginning last year. Keep reading →

 /  Published September 24, 2012 at 12:14 PM

Cyber Intel: Iran Sues; My Lawyer is Bigger Than Your Lawyer

By

The head of Iran’s Presidential Center for International Legal Affairs has announced that Iran plans to bring legal action against those that launched cyber attacks against their uranium enrichment equipment in a move that promises to raise the stakes for the U.S. cybersecurity policy officials.

Majid Jafarzadeh made the announcement this week after consulting Iranian and foreign legal experts, saying Iran has decided to file a lawsuit against the “cyber terrorists” who have attacked the country’s nuclear enrichment infrastructure. Keep reading →

 /  Published August 15, 2012 at 12:29 PM

Has Stuxnet, Duqu and Flame Ignited a Cyber Arms Race?

By

Intelligence organizations are racing to collect cyber intelligence in efforts to identify and monitor the development, use and sale of offensive cyber capabilities by individual actors, criminal organizations, terrorist groups and nation states. This is a formidable undertaking to say the least. Consider the facilities and infrastructure needed to make a tank. Now think about the facilities and infrastructure needed to make a cyber weapon. All you need is ambition coupled with a laptop, Internet connection, programming skills, a search engine for research and maybe a couple of books – all of which are openly available. Add to that the hacker underground and black-market for malicious code and sale of newly discovered vulnerabilities and you have everything needed for the development and sale of cyber weapons. Keep reading →

 /  Published July 2, 2012 at 3:30 PM

Sophisticated Cyber Weapon Goes Down

By


Cyber investigators looking at the Stuxnet code determined that on June 24th the sophisticated cyber weapon would stop operating and remove itself from the systems it had infiltrated.

This function was identified long ago and cyber researchers have patiently waited to see what if any implications this will have on the tens of thousands of computers in more than 155 countries the sophisticated cyber weapon had infected. By all accounts this is a self-destruction, an unusual function not often seen embedded within malicious code. The inclusion of this function is a strong indicator that those behind this cyber attack did not believe that Iran would discover the malicious code. Keep reading →

 /  Published June 25, 2012 at 12:00 PM

Cyber Intelligence: Emergence Of Cyber Iran

By

Earlier this year Iran’s President Mahmoud Ahmadinejad announced that Iran would establish a Supreme Council of Cyberspace. This was the latest action intended to strengthen Iran’s cyber power and defend the country against cyber attacks.

Sources inside of Iran have said that the council will be comprised of high-ranking Iranian officials such as the Iran’s Parliament speaker, Judiciary chief, head of the Islamic Republic of Iran Broadcasting, and ministers of Communication and Information Technology, Culture and Islamic Guidance and Intelligence. Keep reading →

 /  Published March 19, 2012 at 11:19 AM

Cyber Command Lawyer Praises Stuxnet, Disses Chinese Cyber Stance

By

The Stuxnet computer worm that damaged Iranian nuclear facilities – widely suspected to be an Israeli or even U.S. covert action – was a model of a responsibly conducted cyber-attack, said the top lawyer for the U.S. military’s Cyber Command, Air Force Col. Gary Brown. By contrast, the Chinese stance, which holds that the international law of armed conflict does not apply in cyberspace, opens the door for indiscriminate online actions launched with less concern for collateral damage than was evident in Stuxnet, he warned, while a joint Russo-Chinese proposal for international collaboration on cyber-security could potentially threaten free speech.

Brown emphasized that his remarks represented his own opinion and that he was not speaking for the U.S. government, but they still open a window into the thinking of an influential official on the cutting edge of policymaking on cyber war. Keep reading →

 /  Published March 12, 2012 at 4:02 PM

Why We Shouldn’t Dilute The Cybersecurity Bill

By

When we hear that getting incentives right and letting the private sector lead or sharing more information will secure the nation, remember that we’ve spent 15 years proving this doesn’t work.

Some people say the threat is exaggerated. This is unfortunate. We are on course to repeat in cybersecurity the 9/11 error of ignoring risk. Keep reading →

 /  Published February 17, 2012 at 5:15 PM

Top 10 Federal Security Breaches Serve As Lessons For Future

By

A government laptop stolen from the home of a VA data analyst in 2006 contained Social Security numbers and other personal information for 26.5 million veterans and active duty troops.

A class action suit brought by veterans groups was later settled by the agency for $20 million. Keep reading →

 /  Published September 9, 2011 at 3:25 PM