Foreign intelligence agencies are biggest online threat, ex-Fed warns
Iain Thomson
http://www.theregister.co.uk/2012/07/25/fed_foreign_intelligence_threat/

Excerpt:
"Former FBI executive assistant director Shawn Henry has warned that the biggest threat online comes not from terrorists or hackers, but from foreign intelligence organizations looking to steal intellectual property."


 

Justice Department trains prosecutors to combat cyber espionage
Sari Horwitz
http://www.washingtonpost.com/world/national-security/justice-department-trains-prosecutors-to-combat-cyber-espionage/2012/07/25/gJQAoP1h9W_story.html?wprss=rss_politics

Excerpt:
"The new training is part of a major overhaul following an internal review that pinpointed gaps in the department's ability to identify and respond to potential terrorist attacks over the Internet and to the rapidly growing crime of cyber espionage…"


 

10 disaster preparedness questions you should ask your cloud provider
Stephanie Overby
http://features.techworld.com/virtualisation/3371546/10-disaster-preparedness-questions-you-should-ask-your-cloud-provider/

Excerpt:
"While the typical cloud contract contains uptime clauses and credits for missed service levels, it often fails to adequately protect the enterprise customer."


 

Cybercriminals in developing nations targeted
http://www.bbc.com/news/technology-18930953

Excerpt:
"The International Cyber Security Protection Alliance has launched a research project to identify how attacks are likely to evolve over the next eight years. It said that faster links to the net in parts of Africa, Asia and Eastern Europe were likely to create problems."


 

Flame, Duqu and Stuxnet: in-depth code analysis of mssecmgr.ocx
Aleksandr Matrosov 
http://blog.eset.com/2012/07/20/flame-in-depth-code-analysis-of-mssecmgr-ocx

Excerpt:
"The Flame worm (detected by ESET as Win32/Flamer) is one of the most interesting targeted threats of this year. Although several articles about it have been published, many of the facts about the internal structure of its main module (mssecmgr.ocx) have not been disclosed yet. In this blog post we want to shed light on some of the implementation details of this component."


 

Outsourced Cloud Computing
http://docs.ismgcorp.com/files/external/062812_external_cloud_computing_public_statement.pdf

Excerpt:
"The Federal Financial Institution Examination Council Agencies consider cloud computing to be another form of outsourcing with the same basic risk characteristics and risk management requirements as traditional forms of outsourcing. This paper addresses the key risks of outsourced cloud computing identified in existing guidance."


 

UK admits to cyber attack on Iran
http://presstv.com/detail/2012/07/19/251692/uk-admits-to-cyber-attack-on-iran/

Excerpt:
"UK Parliament's Intelligence Security Committee (ISC) has admitted that Britain has launched a cyber attack against Iran shortly after the UK spy chief admitted Britain conducted covert operations against Iran."


 

Cybersecurity and the Power Grid
http://energy.aol.com/2012/07/20/cybersecurity-and-the-power-grid/

Excerpt:
"The US Senate's energy panel did a status check Tuesday on actions taken to ensure the electric grid is protected from cyber-attacks. The hearing came as lawmakers are poised to consider yet another round of cybersecurity legislation."


 

Emerging Nations Urged to Step Up Cybersecurity
Ben Rooney
http://blogs.wsj.com/tech-europe/2012/07/20/emerging-nations-urged-to-step-up-cybersecurity/

Excerpt:
"Emerging nations need to tackle cybersecurity if they wish to compete in the global market, according to the head of the International Cyber Security Protection Alliance."



Tech Insight: Speeding Up Incident Response With Continuous Monitoring
John H. Sawyer
http://www.darkreading.com/security-monitoring/167901086/security/news/240004148/tech-insight-speeding-up-incident-response-through-continuous-monitoring.html

Excerpt:
"… constant feed of information is designed to provide near real-time situational awareness to security and operations staff in order to detect new attacks, identify previously unseen threats, and react quickly with actionable information.


 

Taking the Cyberattack Threat Seriously
Barack Obama
http://online.wsj.com/article/SB10000872396390444330904577535492693044650.html

Excerpt:
"This is the future we have to avoid. That's why my administration has made cybersecurity a priority, including proposing legislation to strengthen our nation's digital defenses. It's why Congress must pass comprehensive cybersecurity legislation."


 

China lays out glorious eight-point infosec masterplan
Phil Muncaster
http://www.theregister.co.uk/2012/07/19/china_government_cyber_security_guidelines/

Excerpt:
"The Chinese government has released sweeping new information security guidelines designed to enable public and private bodies to protect themselves more effectively against new cyber threats."


 

ENISA Smart Grid Security Recommendations 
https://www.enisa.europa.eu/activities/Resilience-and-CIIP/critical-infrastructure-and-services/smart-grids-and-smart-metering/ENISA-smart-grid-security-recommendations

Excerpt:
"This study makes 10 recommendations to the public and private sector involved in the definition and implementation of smart grids. These recommendations intend to provide useful and practical advice aimed at improving current initiatives, enhancing co-operation, raising awareness, developing new measures and good practices, and reducing barriers to information sharing."

 


 

NSA Chief: Cybercrime constitutes the "greatest transfer of wealth in history"
Josh Rogin 
http://thecable.foreignpolicy.com/posts/2012/07/09/nsa_chief_cybercrime_constitutes_the_greatest_transfer_of_wealth_in_history

Excerpt:
"The loss of industrial information and intellectual property through cyber espionage constitutes the "greatest transfer of wealth in history," the nation's top cyber warrior Gen. Keith Alexander said"


 

Cybercrime: EU citizens concerned by security of personal information and online payments
http://europa.eu/rapid/pressReleasesAction.do?reference=IP/12/751

Excerpt:
"A new Eurobarometer survey shows that Internet users are very concerned about cyber security: 89% avoid disclosing personal information online, and 74% agree that the risk of becoming a victim of cybercrime has increased in the past year."


 

DNSChanger apocalypse: Like Y2K, but even snoozier
Elinor Mills
http://news.cnet.com/8301-1009_3-57468797-83/dnschanger-apocalypse-like-y2k-but-even-snoozier/

Excerpt:
"After months of warnings, the FBI pulled the plug on servers that were set up to block a Trojan that was hijacking computers by changing their DNS settings to go to rogue servers and serving up ads. The government set up legitimate DNS servers so infected computers wouldn't lose their online access, but turned off that network today, potentially stranding thousands of computers from the Internet.


 

Pentagon Digs In on Cyberwar Front
http://online.wsj.com/article/SB10001424052702303684004577508850690121634.html
Julian E. Barnes

Excerpt:
"The renewed emphasis on building up cyberwarfare capabilities comes even as other defense programs have been trimmed. Along with unmanned aircraft and special operations, cyberwarfare is among the newer, more high-tech and often more secretive capabilities favored by the Pentagon's current leadership."


 

Legal problems loom for the cloud
http://www.csri.info/legal-problems-loom-for-the-cloud/

Excerpt:
"European companies using the cloud are potentially contravening data protection laws in the UK and Europe. An investigation by CSRI's siste site Future Intelligence into the legal position of data stored in the cloud has found that many companies are running the risk of prosecution."


 

Infrastructure Incidents on the Rise

Eric Chabrow
http://www.govinfosecurity.com/infrastructure-incidents-on-rise-a-4918?rf=2012-07-05-eg

Excerpt:
"The nation's critical IT infrastructure has experienced a significant uptick in reported cyber incidents. The overall numbers, though, seem relatively small when the entire universe of cyber incidents is considered. Yet, they suggest the IT systems the United States economy and society rely on to function are increasingly at risk."


 

China world's biggest cyber attack victim, says report
http://www.globaltimes.cn/content/719138.shtml

Excerpt:
"The nation has faced a growing number of online threats from overseas and become the biggest victim of cyber attacks, a computer security monitoring network said."


 

Internet activists draft Declaration of Internet Freedom
Chenda Ngak 
http://www.cbsnews.com/8301-501465_162-57465285-501465/internet-activists-draft-declaration-of-internet-freedom/

Excerpt:
"Only days before the anniversary of the U.S. Declaration of Independence, Internet activists have penned their own Declaration of Internet Freedom. Activist groups like the Electronic Frontier Foundation (EFF), Free Press and Access Now banned together and announced Monday the writing of the Declaration of Internet Freedom."


 

Cyber Threats Facilitate Ability to Commit Economic Espionage
http://ctolabs.com/wp-content/uploads/2012/06/GAO-InformationSecurity-CyberThreats-Facilitate-Ability-To-commit-espionage.pdf

Excerpt:
"The threat of economic espionage—the theft of U.S. proprietary information, intellectual property (IP), or technology by foreign companies, governments, or other actors—has grown. Moreover, dependence on networked information technology (IT) systems has increased the reach and potential impact of this threat by making it possible for hostile actors to quickly steal massive amounts of information while remaining anonymous and difficult to detect."


 

ISO-27010 – Information Security Guidance for Information Exchange
http://www.pivotpointsecurity.com/risky-business/iso-27010-information-security-guidance-for-information-exchange

Excerpt:
"The key concept behind ISO 27010 is that there are often times when organizations need to share sensitive data with a number of other organizations. Examples would include: Healthcare Information Exchanges, Information Sharing and Analysis Centers (ISACs), Law Enforcement, and Critical Infrastructure. In those instances – where by design high-risk data is being "risk managed" across dozens of Information Security Management Systems (ISMSs) – there are some interesting "corner cases" where ISO-27002 lacks a bit that ISO-27010 addresses."


 

Cybercrime moves to the cloud
Elinor Mills
http://news.cnet.com/8301-1009_3-57464177-83/cybercrime-moves-to-the-cloud/

Excerpt:
"The same flexibility and freedom companies get from having their software and services hosted in the cloud is enabling cybercriminals to conduct highly automated online banking theft -- without doing much of the necessary information processing on their victims' own computers."