Archive for February, 2013

Microsoft data compromised, raising fears of large-scale hacking campaign

From: the Daily Caller

announced Friday afternoon in a company blog post that it had been hacked, in a similar intrusion to the ones that affected Facebook and Apple earlier this month.

“During our investigation, we found a small number of computers, including some in our Mac business unit, that were infected by malicious software using techniques similar to those documented by other organizations,” said Matt Thomlinson, general manager for Microsoft’s Trustworthy Computing Security unit, in the blog post.

Experts urge government to set cyber-security standards for private sector

From: Ottawa Citizen

By Jordan Press

OTTAWA — Governments should move to now to secure private networks in the name of national security — possibly even forcing standards upon the industry, two top experts in cyber-security said Thursday.

The end of that road could require Canada and other governments to legislate cyber-security standards, according to the former chief of Canada’s ultra-secretive cyber-spy agency, because voluntary standards can be ignored while legal requirements cannot.

About 90 per cent of critical infrastructure in Canada is owned and operated by the private sector.

FSA’s cyber resilience review ‘may reveal shortfalls’


Author: Miranda Alexander-Webber

Source: Operational Risk & Regulation

Review of 30 financial institutions will lead to first new guidance in seven years

The UK Financial Services Authority’s (FSA) review of cyber and technology practices in 30 major financial institutions may highlight serious weaknesses, a senior consultant warns.

“I am worried that it’s going to show that banks and insurance companies aren’t as good as we the customers think they are at protecting our data and our money,” warns Steve Holt, practice leader for financial services information security in Europe, the Middle East, India and Africa at Ernst & Young.

World prepares for cyber space war

From: Voice of Russia

Artyom Kobzev

A new unit responsible for cyber security has been set up in Latvia’s Defence Security. Its distinguishing feature is the fact that it will recruit volunteers. With every passing day the topic of security on the networks is acquiring increased urgency for the world community, and the new exchange of accusations between China and the US over hackers’ attacks offers proof.

The Latvian unit will face the task of safeguarding the security of the country’s high-technology structure. 2 years earlier a similar volunteer unit of IT specialists was set up in Estonia’s Defence Ministry. There is nothing surprising about the fact that the Baltic countries have started to pay heightened attention to cyber security. All of them are following the world trend.

PLA Unit 61398 Recruitment Notice Found

From: China Digital Times

China’s Ministry of National Defense quickly denied charges outlined in a widely circulated report from information security firm Mandiant that exposed a specific unit of the People’s Liberation Army as responsible for against the U.S. and other countries.

Reuters reports a statement published on the Ministry’s official website called into question the evidence put forth by The New York Times, saying, “The report, in only relying on linking IP address to reach a conclusion the hacking attacks originated from China, lacks technical proof.”

Keeping the UK safe in cyberspace

From: H.M. Government


The growth of the internet has transformed our everyday lives and is an important part of our economy. The internet-related market in the UK is now estimated to be worth £82 billion a year. British businesses earn £1 in every £5 from the internet.

But with greater openness, interconnection and dependency comes greater vulnerability. The National Security Strategy categorised cyber attacks as a Tier One threat to our national security, alongside international terrorism. The threat to our national security from cyber attacks is real and growing. Terrorists, rogue states and cyber criminals are among those targeting computer systems in the UK.

U.S. Not Ready for Cyber War Hostile Hackers Could Launch

From: The Daily Beast

by Michael Daly

The Chinese reportedly have been hacking into U.S. infrastructure, and Leon Panetta says future attacks could plunge the U.S. into chaos—shutting down the power grid, as well as electric, oil, gas, water, chemical, and transit systems. We’re not prepared.

If the nightmare scenario becomes suddenly real…

If hackers shut down much of the electrical grid and the rest of the critical infrastructure goes with it…

If we are plunged into chaos and suffer more physical destruction than 50 monster hurricanes, and economic damage that dwarfs the Great Depression…

Mandiant APT1 Report Has Critical Analytic Flaws

From: Digital Dao


Mandiant’s APT1 report is the latest infosec company document to accuse the Chinese government of running cyber espionage operations. In fact, according to Mandiant, if a company experiences an APT attack, then it is a victim of the Chinese government because in Mandiant-speak, APT equals China.

“We tend to perceive what we expect to perceive”

– Richard J. Heuer, “The Psychology of Intelligence Analysis

The fact that Mandiant refuses to acknowledge that other nation states engage in cyber espionage when the facts show otherwise demonstrates what Heuer calls an “expectation bias”, but it’s much worse than that.

On China’s Twitter, Discussion of Hacking Attacks Proceeds Unblocked

From: Tea Leaf Nation

by David Wertime

As The New York Times reported yesterday evening, U.S.-based cybersecurity firm Mandiant has just released a deeply troubling report called “Exposing One of China’s Cyber Espionage Units.” The report alleges wide-spread hacking sponsored by the People’s Liberation Army, which is controlled by the Chinese Communist Party. The report states, “Our research and observations indicate that the Communist Party of  China is tasking the Chinese People’s Liberation Army [PLA] to commit systematic cyber espionage and data theft against organizations around the world.”

Obama Officials Plan Response to Cyber-Theft of Secrets

From: Bloomberg

By Roger Runningen & Eric Engleman

President Barack Obama’s administration is preparing a strategy to counter theft of U.S. trade secrets by hackers in China and other countries, according to a former government official briefed on an administration report to be released today.

The report will outline a coordinated diplomatic effort to push back against other nations to enforce intellectual property rights and to lay out best practices for companies to protect their material, according to the former official, who asked not to be named before the official announcement.