Yet another wrinkle in the ongoing flood of cyber security stories emerging over the past couple of weeks: RSA Security--maker of those little keychain tokens that generate constantly changing passwords for users logging into secure networks--is offering increased security monitoring and the complete replacement of SecurID tokens to nearly all of its customers after evidence emerged that the recent cyber attack on Lockheed Martin was perpetrated in part using data stolen from RSA.
On the heels of a cyber attack that breached defense contractor Lockheed Martin’s network defenses last week, the Pentagon is opening the door to new means of dealing with cyber attacks perpetrated by foreign nations. In a new, formal 30-page cyber strategy document--unclassified portions of which will be made public next month--the Pentagon has deemed that cyber attacks can constitute acts of war, and that responses can include traditional military retaliation.
In the first on-the-record, official recognition that a foreign intelligence agency infiltrated sensitive U.S. military CentCom networks in 2008, Deputy Defense Secretary William J. Lynn III has revealed the source of the attack. And it was -- drumroll please -- a flash drive. A simple flash drive inserted into a military laptop at a location in the Middle East allowed malicious code to install and conceal itself on both classified and unclassified servers, opening them to foreign control.
You may have heard the rumor that swirled briefly last month about an Internet “kill switch” that could power down the Web in the case of a critical cyber attack. Those rumors turned out to be largely overblown, but it turns out there are now seven individuals out there holding keys to the Internet. In the aftermath of a cataclysmic cyber attack, these members of a “chain of trust” will be responsible for rebooting the Web.
In a move that is poised to become extremely unpopular with privacy advocates, the National Security Agency -- you may remember them from the warrant-less wiretapping scandal -- is launching a program dubbed "Perfect Citizen" to detect cyber attacks on private companies running critical infrastructure like the electricity grid or nuclear plants. All companies have to do is let the NSA deploy a bunch of sensors within their networks, and trust that the nation's best eavesdropping agency won't abuse the system.
A 2007 hacker attack on an Internet café in Hubei Province in China has led to the discovery and dismantling of an online hacker training camp accused of providing malicious software and lessons in hacker technique to tens of thousands of Chinese users.
Digital times mean digital crimes. But catching and convicting criminals, or even nations, that dabble in digital espionage, cyber attacks, and cyber terrorism is no easy task. Google – and the U.S. State Department – recently pointed the finger at China for a string of sophisticated cyber attacks on U.S. companies, but proving guilt in the matter will be tricky. Then there are the buckets of data that intelligence agencies pull from captured laptops and hard drives in terror sweeps; we have the files, but it can be difficult to figure out who's aiding America's enemies or what they are up to. Enter DARPA's Cyber Genome Program, aimed at creating a paternity test for digital artifacts.
Patriotic geeks might want to brush off those resumes, because the long-awaited U.S. Cyber Command officially went live last Thursday, and hopes to recruit at least 1,000 cyber security experts over the next few years. But the newly formed group faces questions about its mission and responsibilities, as well as competition for recruits from U.S. intelligence agencies.
The announcement by the Department of Homeland Security also coincided with the kickoff of National Cybersecurity Awareness Month, which infuses the usual trick-or-treat spirit of October with additional meaning.