After years of the public and private sectors having listened to the nearly constant cyber threat warnings issued by military and government officials, as well as industry experts, over the past few years, addressing the threats posed to our systems by cyber attacks is now appropriately considered as a work-in-process.
There are some signs that the private sector might be moving to address the new heightened level of cyber security threats, however. Keep reading →
The head of Iran’s Presidential Center for International Legal Affairs has announced that Iran plans to bring legal action against those that launched cyber attacks against their uranium enrichment equipment in a move that promises to raise the stakes for the U.S. cybersecurity policy officials.
Majid Jafarzadeh made the announcement this week after consulting Iranian and foreign legal experts, saying Iran has decided to file a lawsuit against the “cyber terrorists” who have attacked the country’s nuclear enrichment infrastructure. Keep reading →
Underground movements are not uncommon, but the apparent ground swell that has taken place in the cyber underground has caught the attention of traditional and cyber intelligence organizations around the world.
Call them covert, clandestine, black-market – whatever title you choose to put on these activities – the fact remains there is a growing community of underground groups and individuals with diverse missions and objectives. These groups develop and acquire sophisticated cyber weapons that are used in highly targeted attacks against their enemies. Keep reading →
Few people would dispute that the United States is in the cross-hairs when it comes to cyber attacks. After all, the U.S. is the country that is the most dependent on the Internet as a component of our critical infrastructure.
Cyber attacks on our critical infrastructure have evolved over the years and pose a substantial threat that should concern everyone. Keep reading →
For those tasked with managing risk throughout the enterprise, and who follow my blog postings, you’re familiar with a theme I stress often regarding information security best practices: “An ounce of prevention is worth a pound of cure.”
For practitioners and managers tasked with enterprise risk management, you can apply this approach to all your decision-making, whether you’re looking to make new technology purchases, implement new policies, and, perhaps most importantly, hiring new people. Keep reading →
It appears that all the expert cyber threat warnings and media coverage–and now a realistic cyber attack simulation on New York’s power grid–has gotten the attention of Washington.
In the latest example, according to an account published March 8 by Politico, Homeland Security Secretary Janet Napolitano and White House counterterrorism adviser John Brennan, during a classified briefing in the Office of Senate Security, showed lawmakers how a hacker could breach control systems of New York City’s electric system and trigger a ripple effect throughout the population and private sector. Keep reading →
Acts of cyber aggression on governments and businesses are now considered a top risk globally. Earlier this year the World Economic Forum (WEF) released their 2012 report on Global Risks. That report looked at fifty areas of risk across specific domains such as the economy, the environment, geopolitics, society and technology.
Five of the top ten risks, however, were closely if not directly related to the cyber domain and cybersecurity concerns. Among them: Keep reading →
The demise of an industry icon, Nortel Networks, as the evidence has now made clear, was the result of a cyber attack. Who could forget Nortel Networks’s place in the technology landscape? While the company is gone, their equipment is still in operations throughout the world.
In an article that appeared in the Wall Street Journal, it was reported that hackers had roamed freely inside Nortel’s vast corporate network for over a decade and contributed to the company going bankrupt in 2009.
Indications are that the attacker’s traffic was traced back to China. This came as a result of countless hours poring over log files until the investigators found the needle in the haystack.
According to Brian Shields, a long time Nortel employee and the point person on the investigation, the cyber espionage activities resulted in the exfiltration of technical papers, R&D documents, business plans, emails and other documents. They had full access to very sensitive information about the technology and plans of the company.
For years now, U.S. intelligence organizations and subject matter experts have warned of the vast array of clandestine cyber espionage activities of the Peoples Republic of China (PRC). While some of these activities are the result of organizations in the private sector, the government is often cited as the sources of the acts of espionage. Naturally, the Chinese government has denied these allegations. Keep reading →
Federal Communications Commission Chairman Julius Genachowski today called upon the nation’s Internet Service Providers (ISPs) to “take concrete steps” to improve Internet security for consumers and critical infrastructure, warning that a failure to do so could slow broadband adoption and threaten the nation’s economy.
With more than $8 trillion exchanged electronically every year, Genachowski warned that sophisticated hackers are gaining the expertise to “shut down the Internet…shut down our economy [and] compromise our growth engine.” Keep reading →
Countries around the world have awoken to the risks of cyber attacks on their systems launched by criminals, hacktivists, terrorists and rogue nation states.
As of January 2012, we found twenty-two countries have established cyber defense centers in an effort to enhance both their offense, defensive and cyber intelligence capabilities. Keep reading →