Iranian President Mahmoud Ahmadinejad (L) speaks with foreign minister Ali Akbar Salehi (R) next to a map of Iran at the presidential office in Tehran, Jan. 5, 2012.
 |
Recent incidents in Iran, including cyber attacks against the nation’s pipeline and its refinery infrastructure have embarrassed Iran on the world stage. These latest two attacks are estimated to have had a quarter of a billion dollar financial impact on Iran. Keep reading →
Lately, the most common question I get when doing briefings and presentations about the growing threat of cyber attacks is: What is the answer?
I have been giving that a fair amount of thought and have solicited input from others who are active in the field and have a good understanding of the current state of this threat. So I am going to try and address this question for the first time publicly. Keep reading →
Arguably the hottest topic in cyber intelligence is the highly contested Cyber Intelligence Sharing and Protection Act (CISPA) that is currently making its way through the legislative process in the United States.
Major Internet icons like Facebook, IBM, Intel, Microsoft and Oracle, to name a few, have come out in support of the bill and now find themselves under fire for that position. Keep reading →
The implications of cyber attacks are getting more and more attention as of late and for good reason. Last week at the Government Security Conference, Gordon Snow the assistant director of the FBI’s Cyber Division added to the many reasons for concern.
In his comments Snow acknowledged concerns over cyber attacks that target the E-911 systems and the entire emergency first responder infrastructure. While these potential targets have been a concern for years, recent concerns about multi-modal cyber attack by terrorist have heightened concerns. Keep reading →
An old attack vector has re-emerged with a twist. This time the attackers are patient, and have defined the attack process in a manner that will increase the effectiveness.
An email with a semi-customized subject matter is sent to a selected group of targets all sharing a similar interest – CYBERSECURITY. The email is about a job opening and has two attachments. The first attachment is labeled job description. If the email recipient is interested and clicks on the download – you guessed it – malware is downloaded and installed. The second attachment is for the recipients that want to unsubscribe. If you click on that download, yes once again malware is downloaded and installed. Keep reading →
Cyber Sit-ins, cyber protests and other forms of demonstration have grown year after year and are now considered formidable method of protests.
How to respond to those new forms of protests, amid other cybersecurity threats, has become a challenge around the world for government elections, politicians, corporations, law enforcement organizations all of which have experienced the wrath of those who oppose their actions. Keep reading →
Earlier this year Iran’s President Mahmoud Ahmadinejad announced that Iran would establish a Supreme Council of Cyberspace. This was the latest action intended to strengthen Iran’s cyber power and defend the country against cyber attacks.
Sources inside of Iran have said that the council will be comprised of high-ranking Iranian officials such as the Iran’s Parliament speaker, Judiciary chief, head of the Islamic Republic of Iran Broadcasting, and ministers of Communication and Information Technology, Culture and Islamic Guidance and Intelligence. Keep reading →
It appears that all the expert cyber threat warnings and media coverage–and now a realistic cyber attack simulation on New York’s power grid–has gotten the attention of Washington.
In the latest example, according to an account published March 8 by Politico, Homeland Security Secretary Janet Napolitano and White House counterterrorism adviser John Brennan, during a classified briefing in the Office of Senate Security, showed lawmakers how a hacker could breach control systems of New York City’s electric system and trigger a ripple effect throughout the population and private sector. Keep reading →
Acts of cyber aggression on governments and businesses are now considered a top risk globally. Earlier this year the World Economic Forum (WEF) released their 2012 report on Global Risks. That report looked at fifty areas of risk across specific domains such as the economy, the environment, geopolitics, society and technology.
Five of the top ten risks, however, were closely if not directly related to the cyber domain and cybersecurity concerns. Among them: Keep reading →
The demise of an industry icon, Nortel Networks, as the evidence has now made clear, was the result of a cyber attack. Who could forget Nortel Networks’s place in the technology landscape? While the company is gone, their equipment is still in operations throughout the world.
In an article that appeared in the Wall Street Journal, it was reported that hackers had roamed freely inside Nortel’s vast corporate network for over a decade and contributed to the company going bankrupt in 2009.
Indications are that the attacker’s traffic was traced back to China. This came as a result of countless hours poring over log files until the investigators found the needle in the haystack.
According to Brian Shields, a long time Nortel employee and the point person on the investigation, the cyber espionage activities resulted in the exfiltration of technical papers, R&D documents, business plans, emails and other documents. They had full access to very sensitive information about the technology and plans of the company.
For years now, U.S. intelligence organizations and subject matter experts have warned of the vast array of clandestine cyber espionage activities of the Peoples Republic of China (PRC). While some of these activities are the result of organizations in the private sector, the government is often cited as the sources of the acts of espionage. Naturally, the Chinese government has denied these allegations. Keep reading →