The global nature of advanced cyber attacks
FireEye released a report that provides insight into the global nature of malware communication activity related to sophisticated cyber attacks.“The threat landscape has evolved, as cyber threats have outpaced traditional signature-based security defences, such as antivirus, and permeated around the world, enabling cybercriminals to easily evade detection and establish connections inside the perimeter of major organisations,” said FireEye CEO David DeWalt.
CnC servers are used heavily during the life cycle of an attack to maintain communication with an infected machine by way of callbacks, enabling the attacker to download and modify malware to evade detection, extract data, or expand an attack within a target organisation.
“The Advanced Cyber Attack Landscape” draws from blocking more than 12 million callback events from 184 countries logged by the FireEye platform across thousands of appliances during 2012. The FireEye platform is deployed behind firewalls, next-generation firewalls, intrusion prevention systems (IPS), anti-virus (AV), and other security gateways, representing the last line of defence against advanced attacks that bypass traditional signature-based security infrastructure. More...
04-25-2013 14:23
IBM executives head to Washington to press lawmakers on cybersecurity bill
Nearly 200 senior IBM executives are flying into Washington to press for the passage of a controversial cybersecurity bill that will come up for a vote in the House this week.The IBM executives will pound the pavement on Capitol Hill Monday and Tuesday, holding nearly 300 meetings with lawmakers and staff. Over the course of those two days, their mission is to convince lawmakers to back a bill that’s intended to make it easier for industry and government to share information about cyber threats with each other in real time.
“We’re going to put our shoe leather where our mouth is,” Chris Padilla, vice president of governmental affairs at IBM, told The Hill.
“The message we're going to give [lawmakers] is going to be a very simple, clear message: support the passage of CISPA,” he later added.
The Cyber Intelligence Sharing and Protection Act, or CISPA, by House Intelligence Committee Chairman Mike Rogers (R-Mich.) and ranking member Dutch Ruppersberger (D-Md.), passed out of committee on an 18-2 vote last Wednesday and is expected to come to the floor for a vote as soon as mid-week.
While the bill enjoys strong backing from industry, privacy advocates warn the bill lacks sufficient protections for people’s information online. The White House issued a veto threat against the first iteration of CISPA last year, due in part to privacy concerns.
Despite the opposition, CISPA safely passed the House last year on a bipartisan vote—and IBM intends to make sure it does again this week.
The technology services company runs the information technology networks of major hospitals, banks and electric companies—key infrastructure that lawmakers and security officials warn are top targets for hostile actors to launch a cyberattack. More...
04-15-2013 15:45
Cyber security bill pits tech giants against privacy activists
SAN FRANCISCO — The escalating cyber attacks on corporate and government computers have provided a rare opportunity for bipartisan legislation to address the problem. But rather than sailing through Congress, the latest cyber security legislation is exposing a fault line in the tech industry.On one side stand some of tech's biggest companies, such as Intel Corp., Oracle Corp. and IBM Corp., which are pressing for more government action. On the other side are thousands of smaller tech firms and privacy activists who have launched online protests to raise the alarm over a bill they say harms privacy and civil liberties.
Last year, these two camps joined forces in a powerful protest that stopped a piracy bill favored by the entertainment industry. Now they find themselves pitted against each other, trying to find a middle ground between increased security and protecting privacy.
With the bill headed toward a possible vote in Congress next week, the results of this high-tech family feud may demonstrate in stark terms whether the Internet can truly be the great political leveler when going against the more traditional methods of wielding policy influence, such as lobbying and campaign donations.
"This is sort of a 'privacy versus big corporation' moment," said Michelle Richardson, an attorney at the American Civil Liberties Union, which has been campaigning against the cyber security bill.
This is a striking departure from the much-publicized fight last year over the Stop Online Piracy Act, or SOPA, a bill backed by Hollywood and the recording industry. Activists launched a high-profile and sweeping online campaign against the bill. Many hailed it as evidence of the power of Internet activism.
But the truth wasn't quite so simple. In that fight, large tech companies largely aligned with those grass-roots activists, bringing their own lobbying might to bear. More...
04-13-2013 14:43
Current Focus
Latest News
- Hackers Penetrate Google’s Building Management System
- Pentagon Accuses China of Cyberspying on U.S. Government
- Cheapest Way to Rob Bank Seen in Cyber Attack Like Hustle
- The global nature of advanced cyber attacks
- IBM executives head to Washington to press lawmakers on cybersecurity bill
- Cyber security bill pits tech giants against privacy activists
- China hacker's blog shows angst, and opens a window onto cyber-espionage
- Mandiant: Chinese hacker unit attempted to clean up online presence
- Cyberthreats getting worse, House intelligence officials warn
- Obama Presses Xi on Cyber Attacks Amid Focus on Hacking