ClearSky Cyberdefense Forum

Technical Report, Laboratory of Cryptography and System Security (CrySyS Lab) budapest

http://www.crysys.hu/skywiper/skywiper.pdf

A sophisticated cyber attack against the Thrift Savings Plan contractor responsible for maintaining the agency’s data centers compromised the information of 123,000 TSP participants.

Of the compromised accounts, about 43,000 had personal information, such as names, Social Security numbers and bank-account numbers exposed. Another 80,000 compromised accounts had only Social Security numbers and other TSP-related information exposed.

http://www.federalnewsradio.com/pdfs/tsp_cyber_attack.pdf

http://www.federalnewsradio.com/241/2878970/Cyber-attack-against-TSP-contractor-exposes-thousands-of-accounts

The volume of malware surged in the first three months of 2012. In particular, there’s been a flood of new types of rootkits, password-stealing Trojan applications, malware targeting Android users, and botnet infections.

http://www.mcafee.com/us/resources/reports/rp-quarterly-threat-q1-2012.pdf

http://www.informationweek.com/news/security/attacks/240000992

The annual Pentagon report “Military and Security Developments Involving the People’s Republic of China 2012” said that Chinese military spending in 2011 amounted to US$180 billion, a figure much higher than previously thought. The report noted sustained investment in Chinese cyber warfare, hinting that Beijing is using cyber intrusions to gather strategic intelligence.

http://www.defense.gov/pubs/pdfs/2012_cmpr_final.pdf

“Something pretty bad is coming,” the Michigan Republican said during a forum in Washington, citing data provided to his panel by senior U.S. intelligence leaders.

http://www.usnews.com/news/blogs/dotmil/2012/05/17/house-intel-chairman-predicts-major-cyber-attack-on-us

http://www.cso.com.au/article/424753/auscert_2012_day_1_wednesday_16th_may_roundup/

CSIS has issued a list of significant cyber events from 2006 to 2012.

http://csis.org/files/publication/120504_Significant_Cyber_Incidents_Since_2006.pdf

Researcher Justin W. Clarke discovered a vulnerability in an industrial networking system used by American power grids and the Pentagon. Now, after public pressure, the manufacturer is promising a fix.

http://www.csmonitor.com/USA/2012/0501/How-one-man-may-have-foiled-a-devastating-cyberattack-against-America

A  major cyber attack is currently underway aimed squarely at computer networks belonging to US natural gas pipeline companies, according to alerts issued to the industry by the US Department of Homeland Security.

At least three confidential “amber” alerts – the second most sensitive next to “red” – were issued by DHS beginning March 29, all warning of a “gas pipeline sector cyber intrusion campaign” against multiple pipeline companies. But the wave of cyber attacks, which apparently began four months ago – and may also affect Canadian natural gas pipeline companies – is continuing.

That fact was reaffirmed late Friday in a public, albeit less detailed, “incident response” report from the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), an arm of DHS based inIdaho Falls. It reiterated warnings in the earlier confidential alerts made directly to pipeline companies and some power companies.

http://www.csmonitor.com/USA/2012/0505/Alert-Major-cyber-attack-aimed-at-natural-gas-pipeline-companies

The Internet Security Threat Report provides an overview and analysis of the year in global threat activity. The report is based on data from the Global Intelligence Network, which Symantec’s analysts use to identify, analyze, and provide commentary on emerging trends in attacks, malicious code activity, phishing, and spam. Here are some highlights from the threat landscape of 2011:

• Symantec blocked a total of over 5.5 billion malware attacks in 2011, an 81% increase over 2010.
• Web based attacks increased by 36% with over 4,500 new attacks each day.
• 403 million new variants of malware were created in 2011, a 41% increase of 2010.
• SPAM volumes dropped by 13% in 2011 over rates in 2010.
• 39% of malware attacks via email used a link to a web page.
• Mobile vulnerabilities continued to rise, with 315 discovered in 2011.

http://www.symantec.com/content/en/us/enterprise/other_resources/b-istr_main_report_2011_21239364.en-us.pdf