ClearSky Cyberdefense Forum

A secure communications channel set up to prevent misunderstandings that might lead to nuclear war is likely to expand to handling new kinds of conflict — in cyberspace.

The Nuclear Risk Reduction Center, established in 1988 under President Ronald Reagan so that Washington and Moscow could alert each other to missile tests and space launches that could be mistaken as acts of aggression, would take a central role in an agreement nearing completion between U.S. and Russian negotiators.

Most key elements of the deal, which could be final in several weeks, are settled, said U.S. officials familiar with the talks.

http://www.theverge.com/2012/4/29/2982785/nrrc-us-russia-secure-channel-hacking

Security professionals in both the U.S. government and in private industry have long feared the prospect of a cyberwar with China or Russia, two states capable of launching destructive attacks on the computer networks that control critical assets such as the power grid or the financial system.

http://www.npr.org/2012/04/26/151400805/could-iran-wage-a-cyberwar-on-the-u-s

http://www.hpenterprisesecurity.com/collateral/report/2011FullYearCyberSecurityRisksReport.pdf

In the 2011 top cyber security risks report, HP Enterprise Security provides a broad view of the vulnerability threat
landscape, as well as in-depth research and analysis on security attacks and trends. The aim of this report is to highlight the biggest risks that enterprise organizations face today—and to help prioritize mitigation strategies. Key findings from this report include the following:

• Continued decline of new, disclosed vulnerabilities in commercial applications
The report notes the decline in commercial vulnerability reporting, and it discusses the key trends in the vulnerability
disclosure market that may be hiding a deeper issue. The report also highlights the growing market for private
sharing of vulnerabilities, the increased expertise required to uncover complex vulnerabilities, and the price these
can fetch in various markets. Data from HP Fortify will also highlight the increasing number of vulnerabilities that
are being discovered in custom applications—vulnerabilities that can be devastating to the security posture of an
organization.
• Changes in attack motivation are increasing security risk
While security attackers have always sought glory and/or financial gain from their activities, the formation of
hacktivist groups, like Anonymous, has added not only a purpose behind security attacks, but a level of
organization as well. This shift in motivation and subsequent organization has given rise to newer and more severe
security attacks. This report will highlight the motivations of today’s security attack community—and the implications
for security defense techniques.

• Increase in the number of attacks against a “smaller” set of known vulnerabilities
Despite the shrinking number of known vulnerabilities in commercial applications, the report will use real data—
pulled from the HP TippingPoint Intrusion Prevention System (IPS) and HP Fortify—to highlight an increase in severe
attacks against both client/server and Web applications. The data is broken down by attacks, vulnerability
category, source information, and severity to provide a snapshot of the attack landscape. This section also features
an actual case study of the Web application risks at one large corporation.

• Improved techniques for executing security attacks
While many targeted attacks leverage zero-day vulnerabilities, the average cyber criminal generally exploits
existing vulnerabilities. Data from the report breaks down several techniques, including obfuscation, used to
successfully exploit existing vulnerabilities. The report also includes an in-depth look at the Blackhole exploit toolkit,
which uses many of the techniques highlighted.

Homeland Security Secretary Janet Napolitano said Monday she would consider having tech companies participate with the government in “proactive” efforts to combat hackers based in foreign countries.

Napolitano, who made the comments during a meeting at the San Jose Mercury News with the editorial board and reporters, declined to say what steps corporations and federal agencies might take against foreign cybercrooks, who have been blamed for numerous computerized incursions against the United States. She made the remarks in response to a question, and emphasized the idea is merely one she would consider and that no decisions have been made.

http://www.sgvtribune.com/business/ci_20410915/homeland-security-chief-contemplating-proactive-cyber-attacks

Hewlett-Packard is trying to figure out what happened as the technology giant warned customers that some of the HP ProCurve switches shipped last year contained malware-laden flash cards.

http://securitywatch.pcmag.com/pc-hardware/296547-hp-s-malware-laden-switches-illustrate-supply-chain-risks

The virus struck in an e-mail 81 days ago, flagged by a federal team that monitors cyberthreats. The target was a small job-development bureau in the Commerce Department. The infiltration was so vicious it put Commerce’s entire computer network at risk.

To avert a crisis, the Economic Development Administration (EDA) unplugged its operating system — and plunged its staff into the bureaucratic Dark Ages.

http://www.washingtonpost.com/politics/for-agency-a-loss-of-technology-has-had-down–and-upsides/2012/04/08/gIQAvpAY5S_story.html

larke, who served three presidents as counterterrorism czar, now operates a cybersecurity consultancy called Good Harbor, located in one of those anonymous office towers in Arlington, Virginia, that triangulate the Pentagon and the Capitol in more ways than one. I had come to talk to him about what’s been done since the urgent alarm he’d sounded in his recent book, Cyber War. The book’s central argument is that, while the United States has developed the capability to conduct an offensive cyberwar, we have virtually no defense against the cyberattacks that he says are targeting us now, and will be in the future.

http://www.smithsonianmag.com/history-archaeology/Richard-Clarke-on-Who-Was-Behind-the-Stuxnet-Attack.html?c=y&page=1

The Home Office website has gone down after an apparent cyber attack in protest against Government surveillance plans.

A message on the site said the page was currently unavailable ‘due to a high volume of traffic’, suggesting a denial of service attack had been perpetrated.

A message on Twitter claiming to be from Anonymous, a loosely organised group of hackers who promote access to free speech, information and transparency, said the action was ‘for [the Home Office’s] draconian surveillance proposals’.

http://www.dailymail.co.uk/news/article-2126733/Anonymous-takes-Home-Office-website-attack-Government-surveillance-plans.html?ito=feeds-newsxml

Network World — WASHINGTON, D.C. — America’s water and energy utilities face constant cyber-espionage and denial-of-service attacks against industrial-control systems, according to the team of specialists from the U.S. Department of Homeland Security who are called to investigate the worst cyber-related incidents at these utilities.

These ICS-based networks are used to control water, chemical and energy systems, and the emergency response team from DHS ICS-CERT, based at the DHS in Washington, D.C. will fly out to utilities across the country to investigate security incidents they learn about. ICS-CERT typically doesn’t name the names of the utilities they try to assist, but this week they did provide a glimpse into how vulnerable America is. In a panel at the GovSec Conference, ICS-CERT’s leaders candidly presented a bleak assessment of why America’s utilities have a hard time maintaining security, and why it’s getting worse.

http://www.cio.com/article/703491/DHS_America_s_Water_and_Power_Utilities_Under_Daily_Cyberattack

NEW YORK: US law enforcement and counterterrorism officials are trying to figure out the significance of recent occurrences on websites believed to have close links to al Qaeda, including a graphic some fear could be an attack threat directed at New York City.

The graphic contained a picture of the Manhattan skyline superimposed with a Hollywood-style caption that says: “ALQAEDA – coming soon again in New York.”

 http://tribune.com.pk/story/359065/us-fears-al-qaeda-cyber-attack-on-new-york/