Threat Intelligence |
Sponsored by |
Internet Society has released a paper today highlighting the importance of understanding what is important and unchanging about the Internet.
Michael Cooney reporting in NetworkWorld: "Security researchers this week will detail a prototype system they say can better detect so-called Domain Name Generation- (DGA) based botnets such as Conficker and Kraken without the usual labor- and time-intensive reverse-engineering required to find and defeat such malware. The detection system, called Pleiades, monitors traffic below the local DNS server and analyzes streams of unsuccessful DNS resolutions..."
In the past five years, cyber and telecommunications defence has left its niche market to become one of the fastest growing industries in the world. In 2011, governments, industry and ordinary computer users spent roughly £65 billion shoring up their computer networks, a figure that is predicted to double within five years.
The United States and Israel are reported to be responsible for developing the Flame virus aimed at collecting intelligence in preparation for cyber-sabotage aimed at slowing Iran's ability to develop a nuclear weapon, according to Western officials with knowledge of the effort. According the Washington Post, "[t]he massive piece of malware secretly mapped and monitored Iran's computer networks, sending back a steady stream of intelligence to prepare for a cyberwarfare campaign, according to the officials."
Google has announced that it has started undertaking an effort to notify roughly half a million people whose computers or home routers are infected with a well-publicized form of malware known as DNSChanger. "After successfully alerting a million users last summer to a different type of malware, we've replicated this method and have started showing warnings via a special message that will appear at the top of the Google search results page for users with affected devices."
Eugene Kaspersky has warned global leaders that the world needs international agreements about cyber-weapons in the same way as it needs agreements about nuclear or biological weaponry. The chairman and chief executive officer of Kaspersky Lab, warned delegates at CeBIT Australia that cyber-warfare and terrorism was the number one internet threat facing the world today. He said the Stuxnet industrial virus had demonstrated that cyber-weapons were capable of damaging physical infrastructure, and were "a thousand times cheaper" to develop than conventional weaponry.
The United States Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) has issued a warning about an active "spear phishing" campaign targeting companies in the natural gas pipeline sector. In an advisory issued last week, ICS-CERT said it has received information about targeted attacks and intrusions into multiple organizations over the past several months.
Microsoft's Digital Crimes Unit - in collaboration with Financial Services - Information Sharing and Analysis Center (FS-ISAC) and NACHA - The Electronic Payments Association, as well as Kyrus Tech Inc. - has executed a coordinated global action against some of the worst known cybercrime operations fueling online fraud and identity theft, said Microsoft in an announcement today. "With this legal and technical action, a number of the most harmful botnets using the Zeus family of malware worldwide have been disrupted in an unprecedented, proactive cross-industry operation against this cybercriminal organization."
Network security experts from across the U.S. government told a U.S. Senate Armed Services Subcommittee on Tuesday that federal networks have been thoroughly penetrated by foreign spies, and that current perimeter-based defenses that attempt to curb intrusions are outdated and futile.
The Online Trust Alliance (OTA) joined a unanimous vote at the Federal Communications Commission's (FCC) Communications Security, Reliability and Interoperability Council (CSRIC) meeting today, approving the voluntary U.S. Anti-Bot Code of Conduct for Internet Service Providers (ISPs), also known as the ABCs for ISPs. As a member of the CSRIC appointed by FCC Chairman Julius Genachowski, the OTA has been working with the FCC and leading ISPs to develop this voluntary Code.
ICANN has appointed IID President and CTO Rod Rasmussen to its Security and Stability Advisory Committee (SSAC). An area that Rasmussen's work and recent SSAC reports have both covered in-depth is domain name hijacking. Recent hijackings against UFC.com and Coach.com, and similar past attacks against CheckFree, Comcast and Twitter have heightened awareness about the security dangers with the Internet's infrastructure.
The NATO Consultation, Command and Control Agency (NC3A) has announced the award of a contract for upgrading the NATO cyber defence capabilities. The award to private industrial companies will enable the already operating NATO Computer Incident Response Capability (NCIRC) to achieve full operational capability by the end of 2012. At approximately 58 million Euro, it represents NATO's largest investment to date in cyber defence.
A group of ISPs on wednesday told U.S. Congress that passing new cybersecurity rules affecting broadband and mobile service providers is counterproductive and should be resisted. Jason Livingood, vice president of Internet systems engineering at Comcast, during a hearing before the U.S. House of Representatives Energy and Commerce Committee's communications subcommittee, said: ISPs have "strong incentives" to secure their networks and invest heavily in cybersecurity because of competition.
Number of malware threats that receive instructions from attackers through DNS is expected to increase, and most companies are not currently scanning for such activity on their networks, security experts said at the RSA Conference 2012 on Tuesday. While most malware-generated traffic passing through most channels used for communicating with botnets (such as TCP, IRC, HTTP or Twitter feeds and Facebook walls) can be detected and blocked, it's not the case for DNS (Domain Name System) and attackers are taking advantage of that, said Ed Skoudis, founder of Counter Hack Challenges and SANS fellow.
Brian Krebs reporting in Krebs on Security: "Millions of computers infected with the stealthy and tenacious DNSChanger Trojan may be spared a planned disconnection from the Internet early next month if a New York court approves a new request by the U.S. government. Meanwhile, six men accused of managing and profiting from the huge collection of hacked PCs are expected to soon be extradited from their native Estonia to face charges in the United States."