Booz Allen Hamilton Holding Corporation : Booz Allen Announces Top 10 Financial Services Cyber Risk Trends for 2013

“Ask any customer what they expect from their bank or financial services firm today, and two words come through loudly and clearly: security and privacy. Commercial and institutional customers have come to expect seamless service, properly cleared transactions and fast, accurate information. But news about major cybersecurity breaches has alarmed consumers, causing banks to redouble their efforts to protect their technology infrastructure.”



Israel Wages Cyber War With Hamas as Civilians Take Up Computers
Gwen Ackerman & Saud Abu Ramadan

“The Israeli military launch a missile from the Iron Dome defence missile system, designed to intercept and destroy incoming short-range rockets and artillery shells, in the southern Israeli city of Ashdod following the firing of rockets from the Gaza Strip on Nov. 16, 2012. Knowledge of computer code is proving to be as important to Israel’s conflict with Hamas as the Iron Dome system intercepting rockets from the Gaza Strip.”


Beyond Attribution: Seeking National Responsibility for Cyber Attacks
Jason Healey

“For more than two decades, cyber defenders, intelligence analysts, and policymakers have struggled to determine the source of the most damaging attacks. This “attribution problem” will only become more critical as we move into
a new era of cyber conflict with even more attacks ignored, encouraged, supported, or conducted by national governments.”


Israel and Palestine Stop Attacks but Cyber Operations May Continue, Experts Warn
Eduard Kovacs

“Israel and the Palestinian Hamas have stopped attacking each other, both sides agreeing to put an end to the violence and hostilities. However, experts warn that there’s no guarantee cyberattacks will stop as well. Although things have cooled down a bit in OpIsrael, the hackers haven’t signed any ceasefire agreement…”


Cyber-crime policing completely inadequate, says ex-Scotland Yard detective
Will Dalton

“This assertion from the former Detective Sergeant of Scotland Yard’s Computer Crime Unit demonstrates how the battle against cyber-crime is still being lost. Such is the weakness of the current infrastructure dealing with law enforcement online, perpetrators continue to run riot without serious fear of reprimand. The almost free-for-all climate helps explain why 1.5 million of us fall victim to cyber-crime every single day.”


The Global Expansion of Cyber Crime in 2012

“Cyber crime during current year 2012 has surpassed the previous year record and this is quite clear indication of how cyber crime in the current year has exploded worldwide. Not only the cyber crime has increased in number but it has also gotten far more sophisticated as it was previously. Due to this firms are requiring to hire more and more cyber experts...”


Evasion threat to critical systems goes ignored, says Stonesoft 
Warwick Ashford

“Many organisations continue to rely on ineffective intrusion prevention systems (IPS) for defending information systems, says security firm Stonesoft. Advanced evasion techniques (AETs) which combine several known evasion methodologies to create new and dynamically changing techniques bypass most IPS systems on the market, tests have shown. Attackers using these techniques have found ways to split attacks across different network layers to make harmful traffic appear harmless to standard IPS appliances…”


Supply Chain Integrity

Supply chains have become increasingly global in recent years and have become longer both geographically and in the number of supply elements. This is consistent with the wider globalisation of markets and the move away from a major industry and its suppliers being geographically local to each other. Telecommunications operators and equipment manufacturers increasingly rely on globally sourced components.


Israel facing 'millions' of cyber-attacks over Gaza 
Dmitry Zaks

“The Israeli government on Sunday admitted it had become the victim of a mass cyber-warfare campaign with millions of attempts to hack state websites since the start of its Gaza offensive four days ago.”


Security isn’t about technology.  It’s about people

“There’s a famous saying that “amateurs hack systems, while professionals hack people.”  The point is that security technology designed to stop hackers, spies, phishers and frauds are always compromised by timeless human weaknesses: inattention, incompetence and complacency.”


Emerging Cyber Threat Reports 2013

“By understanding the automated mechanisms that control what information is presented to users and how these mechanisms affect user privacy and security, researchers can find ways to harden these mechanisms against manipulation”


Anonymous Hackers to start #OpFuelStrike, threatens to attack International Oil Companies

“Online hackavist group Anonymous has announced that they will now going one step further, this time the hackavist group will attack international Oil companies all over the globe. The operation has been named as #OpFuelStrike.”


Small Business: Cyber Security Survey 2012

“This report seeks to ask the question: ‘in this headlong rush to embrace digital systems and practices, what security measures are being (or could be) put in place by smaller companies to protect their businesses, their staff, their clients and wider stakeholders’.”


Top 5 Security Predictions for 2013 from Symantec
Kevin Haley

“Most of us at Symantec tend to be fact-based, data-driven individuals. However, predicting the future always involves a bit of speculation. To derive our predictions for 2013, we began by talking to hundreds of security experts at Symantec to gather their thoughts and ideas. Then, we peer-reviewed these ideas, argued a lot, and boiled it all down to a handful of predictions that we felt would provide real insight into where we believe the threat landscape is going.”


Bigger than Libor: Major Banks at Risk for Energy Manipulation
Richard Levick

“Major banks have another fight on their hands. This set-to is not with inveterate antagonists like the SEC or the Department of Justice but with the Federal Energy Regulatory Commission (FERC), which oversees the oil, natural gas, and electricity industries. The tough part is figuring out how to size up and respond to this relatively unfamiliar inquisitor.”


SEC left computers vulnerable to cyber attacks
Sarah N. Lynch

“Staffers at the U.S. Securities and Exchange Commission failed to encrypt some of their computers containing highly sensitive information from stock exchanges, leaving the data vulnerable to cyber attacks…”


The Day A Computer Virus Came Close To Plugging Gulf Oil
Parmy Olson

“Knowing the situation was serious, Schenk called a McAfee director in the United States responsible for forensic IT services…The moment the forensics team arrived, a “time bomb” went off. More than 30,000 of the client’s PCs and 1,000 servers went to blue screen.”


The Biggest Problem in Computer Security

“People tend to focus on various areas as being important for computer security such as memory corruption vulnerabilities, malware, anomaly detection, etc. However the lurking and most critical issue in my opinion is staffing. The truth is, there is no pool of candidates out there to draw from at a certain level in computer security.”


Legal fears muffle warnings on cybersecurity threats
Joseph Menn

“The agenda at a secretive conference on protecting critical infrastructure from computer attack was curtailed at the last minute last week, underscoring the legal challenges of sharing such information, much less getting companies to respond to it.”


Unprotected backdoor into industrial control systems

“A software tool that is used to program the programmable logic controllers (PLCs) used in much of the critical infrastructure contains an unprotected backdoor that could be used by hackers to access any such device that has an internet connection.”


Cybersecurity Executive Order Touts More Regulation as the Solution
David Inserra

As if the flood of regulations coming after the election weren’t bad enough, a draft of the newest cybersecurity executive order obtained by Heritage reveals that even more regulations are coming. This draft executive order is similar to the failed Cybersecurity Act of 2012 in that it proposes additional regulations as a solution to the U.S.’s cybersecurity woes.”