ClearSky Cyberdefense Forum

Report highlights
• Spam – 68.0 percent (a decrease of 1.0 percentage points since January 2011): page 7
• Phishing – One in 358.1 emails identified as phishing (an increase of 0.01 percentage points since January 2011): page 10
• Malware – One in 274.0 emails contained malware (an increase of 0.03 percentage points since January 2011): page 12
• Malicious Web sites – 2,305 Web sites blocked per day (an increase of 9.7 percent since January 2011): page 13
• New wave of cyber-attacks designed to impersonate the Better Business Bureau: page 2
• Blogs review: page 6
• Best Practices for Enterprises and Users: page 16

http://www.symantec.com/content/en/us/enterprise/other_resources/b-intelligence_report_02_2012.en-us.pdf

WikiLeaks began publishing The Global Intelligence Files – more than five million emails from the Texas-headquartered “global intelligence” company Stratfor. The emails date from between July 2004 and late December 2011. They reveal the inner workings of a company that fronts as an intelligence publisher, but provides confidential intelligence services to large corporations, such as Bhopal’s Dow Chemical Co., Lockheed Martin, Northrop Grumman, Raytheon and government agencies, including the US Department of Homeland Security, the US Marines and the US Defense Intelligence Agency. The emails show Stratfor’s web of informers, pay-off structure, payment-laundering techniques and psychological methods.

http://wikileaks.org/the-gifiles.html

http://wikileaks.org/IMG/pdf/The_Stratfor_Glossary_of_Useful_Baffling_and_Strange_Intelligence_Terms.pdf

Example: http://wikileaks.org/gifiles/docs/1739377_-eurasia-fwd-insight-russia-iskander-missile-.html

As reported by the Wall Street Journal this month, hackers had free reign inside Nortel’s network for more than a decade before the company went bankrupt in 2009. Now, in lengthy interviews with the Financial Post, Mr. Shields and a third-party digital forensics expert who worked on the investigation shed more light on the cyber criminals they were pursuing, their intentions and the inexplicable lack of response from Nortel’s senior staff.

http://business.financialpost.com/2012/02/25/nortel-hacked-to-pieces/

http://www.hsgac.senate.gov/imo/media/doc/CYBER%20The%20Cybersecurity%20Act%20of%202012%20final.pdf

Sweeping Senate legislation seeks to protect the computer systems that run the nation’s most critical infrastructure, including electric utilities, from cyber attack.

The 200-plus page contains no provisions specifically directed at electric cooperatives. However, NRECA noted, it could affect co-ops “because it would bring federal regulation of cyber and physical security to the distribution level.”

The bipartisan legislation requires the Secretary of Homeland Security, in consultation with others, to assess which sectors are subject to the greatest and most immediate cyber risks.

It authorizes the Department of Homeland Security, with input from the private sector, to determine cyber performance requirements based upon those risk assessments, covering only “the most critical systems and assets in a given sector.”

The bill, introduced by Sens. Joseph Lieberman, I-Conn., Susan Collins, R-Maine, John D. Rockefeller IV, D-W.Va., and Dianne Feinstein, D-Calif., includes numerous other provisions.

http://www.ect.coop/public-policy-watch/legislation/capitol-hill-unveils-cyber-defense-bill/40122

A former McAfee researcher has used a previously unknown hole in smartphone browsers to plant China-based malware that can record calls, pinpoint locations and access user texts and emails.

 http://www.latimes.com/business/la-fi-smartphone-hacking-20120224,0,2497368.story

Following the arrest of three young Anonymous hackers in Greece, the collective has attacked again the website of the Ministry of Justice, defacing its homepage.

“The Republic in Greece has died. He died while a government that has not been elected by the people. And for this reason that the time for discussion came and went. Not negotiating anything with any of those who murdered it. You can hunt as you like, you can even capture some of us, in your attempt to silence us. But for every one that will capture 3 others will spring up. There are 5 or 10 or 100.”

http://anonops.blogspot.com/

BAKU (AFP) – Hackers calling themselves the ‘Iranian Cyber Army’ have attacked the website of mainly Muslim neighbour Azerbaijan’s state television station, the communications ministry said on Thursday.

http://factdrop.blogspot.com/2012/02/iran-cyber-army-hits-azerbaijan-state.html

The computer-hacking confederacy Anonymous might be able to cause a limited power blackout in a year or two, the general who directs the National Security Agency has warned officials,TheWall Street Journal is reporting.

http://content.usatoday.com/communities/ondeadline/post/2012/02/report-nsa-chief-sees-possible-anonymous-hit-on-power-grid/1#.T0M-xfFp4Zk

Google has reportedly been using a special code to attach cookies to users’ machines when they used Apple’s browser, Safari. According to research published by Stanford graduate student Jonathan Mayer, four advertising companies — Google, Vibrant Media, WPP PLC’s Media Innovation Group and Gannett’s PointRoll — have all been using code to work around privacy features in Safari’s mobile browser.

http://www.washingtonpost.com/business/technology/google-pulls-cookies-that-tracked-users-through-safari/2012/02/17/gIQATr4lJR_story.html

For most of this year, Arab-Israeli tensions have been spilling off the streets and airwaves and onto the region’s fiber optic cables. Citizen hackers on both sides have engaged in tit-for-tat raids on Israeli, Saudi and other regional computer networks. Stock exchanges, airlines, government offices and even hospitals have had their websites defaced or shut down. Credit-card numbers and personal emails have been stolen and posted on the Internet. One Israeli official has labeled the escalating cyber hostility “terrorism” and called for it to be dealt with as such.

http://online.wsj.com/article/SB10001424052970204883304577219543897943980.html?mod=googlenews_wsj