McConnell – Winning the Cyber-war We’re Losing

Mike McConnell postulates that the United States is fighting a cyber-war today, and they are losing. It’s that simple. As the most wired nation on Earth, the US offers the most targets of significance, yet cyber-defenses are woefully lacking. The problem is not one of resources; even in current fiscal straits, we can afford to upgrade our defenses. The problem is that we lack a cohesive strategy to meet this challenge.

The stakes are enormous. To the extent that the sprawling US economy inhabits a common physical space, it is in our communications networks. If an enemy disrupted our financial and accounting transactions, our equities and bond markets or our retail commerce, or created confusion about the legitimacy of those transactions, chaos would result. Our power grids, air and ground transportation, telecommunications, and water-filtration systems are in jeopardy as well.

Read the Washington Post article


3 Charged in ATM Skimming Scheme

Score one for the GOOD-GUYS! Three men have been charged in connection with an ATM skimming scheme resulting in the theft of more than US $137,000 from Massachusetts banks over a six week period.

The skimmers were affixed to ATMs Bank of America and Citizens Bank harvesting data from cards’ magnetic strips and hidden cameras were used to capture personal identification numbers. Ivaylo Hristov, Anton Venkov and Vladislav Vladev have been charged with bank fraud, aggravated identity theft and using counterfeit ATM cards. Hristov and Vladev were also charged with possession of device-making equipment. They each face up to 57 years in prison and US $1.25 million fines. Venkov faces up to 42 years in prison and a US $1.25 million fine. Throw the book at them, they are a blight on humanity!!

Register Article

‘Sophisticated’ Hack Hit Intel in January

According to Wired, Intel is the latest US company to acknowledge that it was hacked in January in a sophisticated attack that occurred at the same time that Google, Adobe and others were targeted. The giant California-based chip maker was rumored to have been among some 34 companies that were targeted, but said on Tuesday there was no evidence to tie its hack to the Google attack.

“We did not see the kind of broad-based attack as described by Google, companies routinely see hackers trying to get into their system. It is a risk factor and that’s why it was in the 10-K. We’ve seen no loss of [intellectual property] as a result of any of these attacks.”

Read More

Phishing, SQL Injection Attacks Surged in 2009

Hackers continued to have great success taking advantage of vulnerabilities in applications, such as Adobe Acrobat, and Web browsers to compromise unsuspecting users’ machines or data, according to IBM’s annual X-Force Trend and Risk Report. That’s in spite of an overall decline in the number of new software vulnerabilities last year, IBM says. Big Blue’s security research and development group reported that in 2009, the total number of bugs in document readers and multimedia applications surged 50%, leading to a dramatic increase in phishing attacks targeting banks and other financial services providers during the second half of the year.