ClearSky Cyberdefense Forum

The ATLAS portal today is a public resource that delivers a sub-set of the intelligence derived from the ATLAS sensor network on host/port scanning activity, zero-day exploits and worm propagation, security events, vulnerability disclosures and dynamic botnet and phishing infrastructures. It includes:

• Global Threat Map: Real-time visibility into globally propagating threats
• Threat Briefs: Summarizing the most significant security events that have taken place over the past 24 hours
• Top Threat Sources: Multi-dimensional visualization of originating attack activity
• Threat Index: Summarizing Internet malicious activity by offering detailed threat ratings
• Top Internet Attacks: 24-hour snapshot of the most prevalent exploits being used to launch attacks globally
• Vulnerability Risk Index: Determines the most dangerous vulnerabilities being exploited on the Internet today

http://atlas.arbor.net/

On April 12, the Atlantic Council and Science Applications International Corporation (SAIC) hosted the second scenario-driven, interactive conference to discuss the day-after response to a cyber incident. This event, “The Cyber 9/12 Project: Cyber Statecraft after Catastrophes,” brought together experts from sectors such as government, finance, telecommunications, and media to discuss the decision-making process in light of a serious cyber security breach.

Link to the simulation videos :

http://www.youtube.com/watch?v=GkOYZ11-qtQ&list=PLrmyxz4euJD9L2DKOGrvSsfOxltbULce1

Barack Obama has ordered his senior national security and intelligence officials to draw up a list of potential overseas targets for US cyber-attacks, a top secret presidential directive obtained by the Guardian reveals.

The 18-page Presidential Policy Directive 20, issued in October last year but never published, states that what it calls Offensive Cyber Effects Operations (OCEO) “can offer unique and unconventional capabilities to advance US national objectives around the world with little or no warning to the adversary or target and with potential effects ranging from subtle to severely damaging”.

It says the government will “identify potential targets of national importance where OCEO can offer a favorable balance of effectiveness and risk as compared with other instruments of national power”.

The directive also contemplates the possible use of cyber actions inside the US, though it specifies that no such domestic operations can be conducted without the prior order of the president, except in cases of emergency. 

The aim of the document was “to put in place tools and a framework to enable government to make decisions” on cyber actions, a senior administration official told the Guardian.

http://www.guardian.co.uk/world/interactive/2013/jun/07/obama-cyber-directive-full-text

Kaspersky report describes multiple cyber-espionage campaigns that have successfully compromised more than 350 high profile victims in 40 countries. the focus of the paper is to describe nettraveler, which is the main tool used by the threat actors during these attacks.

http://www.securelist.com/en/downloads/vlpdfs/kaspersky-the-net-traveler-part1-final.pdf

U.S. intelligence agencies traced a recent cyber intrusion into a sensitive infrastructure database to the Chinese government or military cyber warriors, according to U.S. officials.

The compromise of the U.S. Army Corps of Engineers’ National Inventory of Dams (NID) is raising new concerns that China is preparing to conduct a future cyber attack against the national electrical power grid, including the growing percentage of electricity produced by hydroelectric dams.

http://freebeacon.com/the-cyber-dam-breaks/

A reminder and example of turbine dam accident in Russia (2009)

http://en.wikipedia.org/wiki/2009_Sayano-Shushenskaya_hydro_accident

Deterrence is possible only when others know or at least have good indications of what the U.S. military can do, something that underlies U.S. nuclear deterrence strategy. Cyberattack capabilities resist such demonstration. No one knows quite what would happen if a country suffered a full-fledged cyberattack, despite the plethora of skirmishes. While cyberattack capabilities cannot easily be used to shape the behavior of others, this does not mean they cannot be used at all. This report explores ways that cyberattack capabilities can be brandished and under what circumstances, both in general terms and in the nuclear context. It then goes on to examine the obstacles and sketches out some realistic limits on the expectations. There is both promise and risk in cyber brandishing, but it would not hurt to give serious thought to ways to enhance the U.S. ability to leverage what others believe about its capabilities. Recent events have certainly convinced many others that the United States can do many sophisticated things in cyberspace (regardless of what, if anything, it has actually done). Applying brandishing as a strategy would take considerable analysis and imagination, inasmuch as none of the various options presented here are obvious winners. But brandishing is no panacea and also may not work; it could even backfire if misinterpreted as, say, a bluff. It is unlikely to make a deterrence posture succeed if the other elements of deterrence are weak.

Link To the report:

http://www.rand.org/content/dam/rand/pubs/research_reports/RR100/RR175/RAND_RR175.pdf

Arthur Budovsky, who set up digital currency business (Liberty Reserve), is held as part of money-laundering investigation involving US.

On Tuesday, in the first use of the 2001 Patriot Act against a virtual currency, the Treasury Department invoked a section of the law to choke off Liberty Reserve from the U.S. financial system. The Treasury’s proposal would prohibit U.S. financial institutions from opening or maintaining accounts for foreign banks that process transactions for Liberty Reserve and require special steps to guard against any transactions involving it.

http://online.wsj.com/article/SB10001424127887323855804578511121238052256.html
The indictment: http://krebsonsecurity.com/wp-content/uploads/2013/05/Liberty-Reserve-et-al.-Indictment.pdf

http://www.guardian.co.uk/world/2013/may/28/liberty-reserve-arthur-budovsky-arrested-spain

What will be the effect on Bitcoin ?
http://mashable.com/2013/05/28/bad-news-bitcoin-liberty-reserve-shutdown/