Archive for Cyber Crime
Two International Cyber Security Conferences in Nation’s Capital-A First for Canada
Posted by: | CommentsOTTAWA, ONTARIO — (Marketwire) — 08/27/10 — The 13th International Symposium on Recent Advances in Intrusion Detection (RAID) and the International Symposium on Visualization for Cyber Security (VizSec) will be hosted in Canada for the first time, from September 14 to 17, 2010.
Defence Research and Development Canada – Ottawa (DRDC Ottawa) of the Department of National Defence (DND), in partnership with the Communications Research Centre Canada (CRC), of Industry Canada, are pleased to announce these two international cyber security events. These events will provide attendees with the opportunity to hear presentations by, and to network with, leading academic experts and researchers on a variety of topics in the fields of intrusion detection and cyber security. Scientific, industrial and military communities will benefit from first-rate presentations, workshops, panel discussions and a showcase of innovative technology.
“It’s a privilege to bring two such prestigious scientific events to the heart of “silicon valley” in Canada’s capital and to provide industry with an opportunity to showcase their advanced technology in this field,” says Dr. Robert S. Walker, Chief Executive Officer of DRDC and Assistant Deputy Minister (Science and Technology) within the Department of National Defence. “Given the advancing complexity of cyber security threats, we appreciate the opportunity to facilitate the sharing of scientific and technical knowledge in an area of global interest.”
“Building on knowledge exchanged at events such as these will advance the important work of DRDC, CRC, and others so we can respond to the needs of the national security community,” says Dr. Veena Rawat, President, CRC. “From here, new ideas are integrated and collaborations are created, ultimately, leading to innovative solutions.”
DRDC is an agency of the Department of National Defence responding to the scientific and technological needs of the Canadian Forces. The agency is made up of nine centres located across Canada with a corporate office in Ottawa. DRDC has an annual budget of $350 million and employs 1800 people (1200 science workers). With a broad scientific program, DRDC actively collaborates with industry, international allies, academia, other government departments and the national security community.
CRC is the federal government’s primary laboratory for research and development in advanced telecommunications, and a centre of excellence in information and communications technologies. It has core competencies in broadcasting and interactive multimedia, communications networks, photonics, radio fundamentals and wireless. CRC employs 400 staff, including 240 research staff, and has a total annual budget in the range of $50 million.
For more information, visit www.raid2010.org : 
or www.vizsec2010.org : .
McAfee Labs: It’s Time to Be Proactive on Cybersecurity
Posted by: | CommentsMcAfee, Inc. Security Journal Examines Strategies for Shifting From Defense to Offense in Cybersecurity
SANTA CLARA, Calif., Aug 10, 2010 (BUSINESS WIRE) — A new report published by McAfee, Inc.(MFE 31.47, -0.06, -0.19%) stresses the need for the security industry to take a more proactive position against cybercriminals. In light of recent cyberespionage, the breakup of cybercrime rings, and the threats that sophisticated malware such as Stuxnet present to critical infrastructures, McAfee Labs(TM) researchers and industry experts call for a more proactive strategy for fighting cybercrime.
“Cybercriminals prosper because they have very little reason to fear the consequences,” said Jeff Green, senior vice president of McAfee Labs. “As security experts, it’s time to take a hard look at what we do, how we do it, and what our ultimate goals are. The tools and techniques of cybercrime continue to grow in number and sophistication at alarming rates. Every time we release a new statistic about the rise in malware it points to our failure as an industry.”
The report, titled “Security Takes the Offensive,” is based on strategies compiled by international experts and issues a “call to arms” to the security industry. Traditionally, security technology companies and computer users have taken a defensive posture, putting the cyber equivalent of body armor on computers, networks and in the cloud. The report’s authors say it is now time to avoid enemy strikes altogether by taking a more aggressive stance, aligning forces and involving law enforcement.
“As we look at the evolution of risky domains and websites over multiple years, we can’t avoid the conclusion that the risk keeps increasing in both volume and sophistication,” said David Marcus, director of security research and communications for McAfee Labs. “If we want to stop being victims, then the good guys need to advance security efforts as threats evolve.”
– The report details the following methods for building a more offensive security strategy: Use hacker techniques: Data loss is accelerating at an alarming rate, as there were 222 million records lost in 2009 in the United States alone. Organizations should use hacker techniques, such as fuzzing and penetration testing, to find bugs within their own products and address the issues, shutting the door on the bad guys.
– Provide data to help prosecute cybercriminals: A major component for combating spam lies in the hands of ICANN (the Internet Corporation for Assigned Names and Numbers), as it accredits the registrants that sell the domains which cybercriminals use to host malicious sites. Working with the security industry, ICANN should take a stronger stance against cybercrime.
– Share information: Computer users, security professionals and administrators should share intelligence information with their trusted security vendor, and in turn security vendors should cooperate in live metadata sharing. Legislators should take these issues into account when drafting laws within their respective countries.
– Implement “shuns” and “stuns”: Three successful “tried and true” takedowns to date–MoColo, Atrivo and Mega-D–fall into one of two categories: “shuns,” in which the Internet community ostracized the network, and “stuns,” which focused on incapacitating botnets. An offensive security practice should involve the entire security industry while incorporating methods that have proven successful. Shuns and stuns have beaten the odds in the past and industry experts as well as law enforcement should embrace these methods as a common security practice.
– Use tactics that increase risk for cybercriminals: Cybercrime has become an increasingly for-profit endeavor. Like any enterprise business model, the psychology of organized cybercrime follows the three major factors: risk, effort and reward. By using a number of potential tactics affecting each of these factors, the ratio can flip, so that cybercriminals faced actual risk for substantially reduced reward, diminishing cybercrime overall. Some of those tactics include publicly disclosing the names of cybercriminals, increasing the fines against cybercriminals, increasing the shutdowns of affected domains, more effective spam filtering, closing “dropped” email accounts and freezing payment accounts that are suspected of fraud.
– Educate: Security experts should work with governments to provide models to tie together cybercrime-reporting with cybereducation, so users can start to link uninformed behavior to their risk of becoming victims. This includes educating those fighting cybercrime “on the streets” to have the latest in malware techniques, bringing tools to the mass population to help identify risky behavior, pointing users to the right contacts to report crimes, and helping to build education and awareness at the kindergarten level through higher education.
The McAfee Security Journal outlines an offensive strategy that involves a couple of key components: proactive law enforcement and the security community banding together to help takedown the offenders. McAfee(R) Global Threat Intelligence(TM) is a comprehensive solution that scans the entire Internet and effectively uses millions of sensors to gather real-time intelligence from host IP addresses, Internet domains, specific URLs, files, images and e-mail messages. Armed with this information, the team at McAfee Labs works across governments and international law enforcement, and has a ten-year history of building communities of trusted information sharing to help catch criminals. This unified approach turns a reactive security strategy into an offensive security strategy, laying the groundwork for the type of interaction that will help bring down major producers of malware, spam and scareware.
“Creating a framework for these organizations to play a greater role in reporting abuses and enforcing laws (along with a greatly increased budget) is where lawmakers seeking to make an impact on cybercrime should turn their attention,” said Joe Stewart, director of malware research with the SecureWorks Counter Threat Unit, in the report. “This is a long-term effort, and one that will require great political bartering and global treaties before cybercrime could be considered a risky endeavor by those who seek to abuse the Internet for their personal gain.”
Experts in the report are McAfee Labs researchers, as well as renowned security journalist Brian Krebs, Technical and Research Lead for Recurity Labs Felix “FX” Lindner and Joe Stewart. All of our experts agree that the recommendations laid out in the report are preliminary, and this is just the first step that needs to be taken industry-wide.
For a full copy of the McAfee Security Journal, please visithttp://www.mcafee.com/us/research/mcafee_security_journal/index.html.
FedConcepts to Support Marine Corps Network Operations and Security Center
Posted by: | CommentsWASHINGTON, July 7 /PRNewswire-USNewswire/ — FedConcepts, an award-winning cyber-security provider to the Federal Government, today announced that it is part of a team led by Stanley, Inc. that was awarded a three-year, firm-fixed-price contract with the U.S. Marine Corps Systems Command (MCSC). The estimated value of the portion of the award for FedConcepts is $11.2 million. Under the contract, FedConcepts will provide a broad range of technical, operational, managerial and maintenance functions for the Marine Corps Network Operations and Security Center (MCNOSC). The award falls under the MCSC Commercial Enterprise Omnibus support services blanket purchase agreement, which was awarded to Stanley in 2006.
“We are excited about this expansion of our support to the Marine Corps. We have had a long track record of success with the Marine Corps and Stanley,” said Christian Sullivan, CEO FedConcepts.
The MCNOSC mission is to provide global network operations and computer network defense to facilitate seamless information exchange in support of Marine and joint forces operating globally. MCNOSC is the Marine Corps’ nucleus for enterprise data network services, network support to deploying forces, and technical development of network-enabled IT solutions.
About FedConcepts
FedConcepts provides cyber-security solutions for high-end systems and network engineering professional services to clients within the federal government’s civilian and defense sectors. A Microsoft Gold Partner since its founding, FedConcepts’ success has been recognized with several industry awards and honors, including the Ernst and Young Entrepreneur of the Year, SmartCEO Future 50, Smart100, and three consecutive years on the Inc. 5000 Fastest Growing Private Companies in America list.
SOURCE FedConcepts
While Snooping Continues to Rise, IT Security Is Making It Harder for Insiders to Get Around Controls That Protect Highly-Sensitive Information
NEWTON, Mass. & LONDON–(BUSINESS WIRE)–The results of Cyber-Ark® Software’s fourth annual “Trust, Security and Passwords” global survey show that 35 percent of respondents believe their company’s highly-sensitive information has been handed over to competitors. Thirty-seven percent of the IT professionals surveyed cited ex-employees as the most likely source of this abuse of trust. While perhaps not surprising that disgruntled workers top the list, it’s noteworthy that 28 percent suspected “human error” as the next most likely cause, followed by falling victim to an external hack or loss of a mobile device/laptop, each at 10 percent. The most popular information shared with competitors was the customer database (26 percent) and R&D plans (13 percent).
Cyber-Ark’s fourth annual “Trust, Security and Passwords” global survey is the result of interviews conducted in the Spring of 2010 with more than 400 senior IT professionals both in the US and UK, mainly from enterprise-class companies.
There was little year-over-year change in the number of respondents who suspected the loss of intellectual property to a competitor, indicating that more needs to be done to protect companies’ most valued assets. Additionally, to address vulnerabilities related to human error that could expose a proprietary database or financial information, organizations must employ additional layers of control such as the ability to grant privileges to sensitive data and systems on-demand. This limits “innocent” mistakes by allowing access to information only when users need it to perform a particular task or query.
Snooping On the Rise, but Access Is Getting More Difficult
The research also confirmed that snooping continues to rise within organizations both in the UK and the US. Forty-one percent of respondents confessed to abusing administrative passwords to snoop on sensitive or confidential information – an increase from 33 percent in both 2008 and 2009. When examining the information that people were willing to circumvent the rules to access, US respondents targeted the customer database first (38 percent versus 16 percent in the UK) with HR records most alluring to UK respondents (30 percent versus 28 percent in the US).
Despite the rise, there was also the admission that organizations are trying to better curb snooping and are installing stronger controls to prevent these incidents. Based on this year’s survey, 61 percent responded they could circumvent those controls – a decrease from 77 percent in 2009. Additionally, 88 percent of IT professionals believe their use of these privileged accounts should be monitored, however only 70 percent of organizations actually attempt to do so – with one-third turning a blind eye to what’s happening within their networks and therefore failing to meet regulatory and compliance requirements. Insider sabotage, unfortunately and rather disconcertingly, has increased from 20 percent last year to 27 percent this year.
Speaking about the results, Cyber-Ark’s Executive Vice President Americas and Corporate Development Adam Bosnian commented, “While we understand that human nature and the desire to snoop may never be something we can totally control, we should take heart that fewer are finding it easy to do so, demonstrating that there are increasingly effective controls available to better manage and monitor privileged access rights within organizations. With insider sabotage on the increase, the time to take action has already passed and companies need to heed the warnings.
“It is the organization’s obligation to protect its sensitive information and intellectual property. Failing to do so, in our opinion, makes the company as bad as those who are abusing their privileged positions. Let’s face it, you might as well sell the information to the highest bidder yourself – that way at least you’ll have some control over who’s got it!,” continued Bosnian.
IT Confess to Being the Best at Snooping
The survey found that 67 percent of respondents admitted having accessed information that was not relevant to their role. When asked what department was more likely to snoop and look at confidential information, more than half (54 percent) identified the IT department, likely a natural choice given the group’s power and broad responsibility for managing multiple systems across the organization. Of note, this is an up-tick compared to the 35 percent who identified the IT department as likely suspects in 2009, a number that had decreased from 47 percent in 2008. Respondents identified Human Resources the next curious at 11 percent, followed by administrative assistants.
Note to editors:
This survey was conducted with more than 400 IT administrators at Infosecurity Europe 2010 and RSA USA 2010. To download a detailed report of the survey results, please visithttp://www.cyber-ark.com/constants/white-papers.asp.
About Cyber-Ark
Cyber-Ark® Software is a global information security company that specializes in protecting and managing privileged users, applications and highly-sensitive information to improve compliance, productivity and protect organizations against insider threats. With its award-winning Privileged Identity Management (PIM) and Highly-Sensitive Information Managementsoftware, organizations can more effectively manage and govern application access while demonstrating returns on security investments. Cyber-Ark works with more than 600 global customers, including more than 35 percent of the Fortune 50. Headquartered in Newton, Mass., Cyber-Ark has offices and authorized partners in North America, Europe and Asia Pacific. For more information, visit www.cyber-ark.com.
Hackers Blocked by New Technology
Posted by: | CommentsWASHINGTON–(BUSINESS WIRE)–Hackers around the world have been blocked in their attempts to penetrate computers in the United States by a new technology unveiled today at the National Press Club.
“This is essentially what Congress and the Administration have been calling for”
Well over two million attempts were made in the past two weeks to penetrate the technology which protects computer networks, according to speakers at the demonstration. All the cyber attacks failed.
The successful anti-hacker technology was demonstrated by a Virginia high-tech research firm, InZero Systems, whose advisory board includes General Wesley Clark and Rear Admiral Jay Cohen, former undersecretary of the Department of Homeland Security.
Clark said that test after test had shown that the new hardware-based technology was a significant breakthrough for the nation’s national security. “This is what we need for both our government and commercial systems,” he said. “There is nothing else out there that compares.”
Cohen said the system was needed by all government agencies. “We are extremely vulnerable. This InZero system is years ahead of anything the government or private sector currently possesses to protect our computer networks from cyber attacks. It is particularly important in the area of homeland security.”
Louis R. Hughes, former president of Lockheed Martin and executive vice president of General Motors, a co-founder and CEO of InZero Systems, said the system can be attached to or embedded in any computer at very modest cost.
“This is essentially what Congress and the Administration have been calling for,” Hughes said. “It is not only vital for our national security, but is a very important development for the American economy and our major corporations, especially defense contractors,” he told the audience of corporate executives and government officials. “It will prevent theft of proprietary information and strengthen our competitiveness throughout the world.”
He explained that the system was developed and tested at no cost to taxpayers – and the equipment is available immediately.
About InZero Systems
InZero Systems began operations in 2005 with the goal of providing organizations with a far more effective, yet fundamentally different approach to protecting sensitive data. Headquartered in Herndon, Va., the company is led by cyber security experts, entrepreneurs, and Fortune 100 senior executives and has grown to more than 60 employees. More information can be found at www.InZeroSystems.com.
Sypris Partners with Carnegie Mellon on Cyber Security Research
Posted by: | CommentsTAMPA, Fla.–(BUSINESS WIRE)–Sypris Electronics LLC, a subsidiary of Sypris Solutions, Inc., has partnered with Carnegie Mellon’s CyLab to jointly pursue research and new technology solutions for information security and assurance challenges currently facing the U.S. Government and critical national infrastructure.
“The 21st century cyber security threat matrix demands a 21st century strategy that will leverage the skills and resources from universities, corporations and the U.S. Government”
As part of the partnership agreement with CyLab, Sypris Electronics plans to collaborate on cyber security and information assurance research, focusing on trusted computing architectures and automated computer defense technologies.
“The 21st century cyber security threat matrix demands a 21st century strategy that will leverage the skills and resources from universities, corporations and the U.S. Government,” stated Gene Hambrick, Director of Corporate Relations for Carnegie Mellon’s CyLab. “The CyLab and Sypris partnership is an excellent example of developing a strategically important long-term relationship that will impact the next generation of research and development in cyber security, privacy and dependability. This type of partnership will also include initiatives that will help to build the next generation of cyber professionals through the educational programs and students at CyLab and the Information Networking Institute; all of which will benefit CyLab, Sypris and the United States Government.”
“CyLab is one of the leading cyber research centers in the U.S. Our mutually beneficial partnership will allow both organizations to share best practices, while exploring new research areas as they relate to solving the complex challenges facing national security today and in the future,” stated John Walsh, President of Sypris Electronics. “For the past 10 years, Sypris has helped the Department of Defense secure its networks. Throughout this timeframe, we have learned a multitude of proactive network monitoring techniques, including zero-day attack methodologies and tactics to isolate and neutralize anomalies. Our partnership with CyLab will allow us to further mature these techniques as we expand and continue to support larger Defense-wide networks and smart grids of critical infrastructure organizations.”
Carnegie Mellon’s CyLab is one of the largest university-based cyber security education and research centers in the U.S. CyLab is multi-disciplinary and university-wide, involving six colleges from The University, 50 plus faculty and over 130 graduate students. CyLab is supported by both public and private funding, predominantly government research funds and the support of its partners. CyLab’s goal is to build mutually-beneficial public-private partnerships to develop new technologies for measurable, available, secure, trustworthy, and sustainable computing and communications systems and to educate individuals at all levels.
Sypris Electronics is a world-class, integrated systems solutions provider. Our ruggedized electronic products, advanced engineering services and complete electronic manufacturing capabilities are aligned to provide our customers the best people, practices and technologies to continually exceed expectations. We consistently promote an agile, innovative culture by strategically partnering with leading-edge technology companies, agencies and universities. With over 40 years of experience, Sypris Electronics is proud to develop, manufacture and integrate leading technologies into mission critical electronics systems that secure America’s interest. Visit www.sypriselectronics.com for additional company information.
Vanderbilt University Selects Damballa as Defense Against Botnets and Cyber Threats
Posted by: | CommentsATLANTA–(BUSINESS WIRE)–Damballa Inc., the company transforming the fight against cyber threats, today announced that Vanderbilt University has selected Damballa™ Failsafe to defend against botnet breaches and other cyber crime activity that relies on advanced malware and network-based command-and-control.
“Bot agents are the malware of choice for cyber criminals today”
Vanderbilt University, located in Nashville, Tenn., is a private research university and medical center offering a full range of undergraduate, graduate and professional degrees. Damballa will be deployed across the Vanderbilt University enterprise, which includes ten academic schools, the academic medical center, various research divisions and the student body.
“Bot agents are the malware of choice for cyber criminals today,” said Salvador Ortega, associate director of information security for Vanderbilt University. “The signature-based, antivirus industry is losing the malware war. We found Damballa Failsafe to be extremely accurate in detecting botnet activity. Damballa provides us with a unique solution to defend against the silent threat of botnets and advanced malware.”
Vanderbilt recognized the need to further modernize its already significant security infrastructure with technology that could address the advanced nature of today’s cyber threats. The University also realized that recent trends in end-user computing are putting a strain on traditional security defenses, specifically:
- The ‘consumerization’ of IT has resulted in more personal laptops and mobile devices entering the network, making it more difficult for IT to ‘lock down’ computing resources or enforce standardized configurations.
- The new, young workforce, sometimes referred to as ‘digital natives’, are demanding unfettered access to Internet resources and social networking sites, providing nearly unlimited infection vectors for botnet operators.
“Vanderbilt University has demonstrated a strong track record of staying ahead of the rapidly advancing network security threat,” said Kevin O’Connor, vice president of worldwide sales for Damballa. “Like our growing list of Fortune 1000 customers, Vanderbilt understands that today’s advanced malware is elusive and will defeat even the best prevention technology. Damballa is uniquely positioned to detect and terminate these threats before they can do harm. We are proud to add Vanderbilt as a customer.”
“As an institution of higher learning, we value academic freedom and information sharing,” said Ortega. “However, it is imperative that we protect our intellectual property, personal health information, and research health information, as well as comply with HIPAA and other government requirements. Damballa allows us to passively detect and terminate these threats in a manner that is not invasive to our large community of diverse users.”
About Damballa
Damballa stops crimeware threats that exploit enterprise networks for illegal activity by finding and terminating the hidden communication channels used to control breached computer systems. Damballa solutions protect companies from the devastating effects of botnets, advanced persistent threats, next generation malware, cyber crime, and insider threats. Damballa customers include major banks, manufacturers, ecommerce providers, Internet service providers, government agencies, educational organizations, and other companies typically targeted by organized cyber crime. Privately held, Damballa is headquartered in Atlanta. http://www.damballa.com
INFRAGARD A Partnership That Works
Posted by: | CommentsOne member gave us information about a financial institution victimized by an online banking fraud in which large sums of money were moved in and out of the company’s accounts. Another let us know about an intrusion into a computer system that resulted in the defacement of a number of state agency websites. A third convinced a U.S. business to contact us when it was hit with an “SQL injection” attack that inserted code into its website, enabling crooks to gain access to a company database with customer orders and credit card numbers.
In each of these cases—and many more like them—a member of an FBI-sponsored initiative called InfraGard made a difference by sharing valuable information that benefited our investigations, the organizations involved, and the larger community.
That’s precisely the point of the program, which brings together representatives from the private and public sectors to help protect our nation’s critical infrastructure and key resources from attacks by terrorists, criminals, and others who wish us harm.
It’s a partnership that makes sense, since most U.S. infrastructure components—like utility companies, transportation systems, telecommunication networks, water and food suppliers, public health, and financial services—are privately owned and operated.
Early Focus on Cyber Crime
InfraGard began in our Cleveland office in 1996 as a way to share information with local information technology (IT) experts and academia in support of our cyber investigations. We passed along what we knew about cyber intrusions and crime trends to our partners to help them secure their facilities and computer networks. And our partners shared with us their IT expertise and information they had on possible cyber crimes.
The program proved so successful that we replicated it in each of our 56 field offices…and expanded its initial focus on cyber crime to include terrorism, intelligence, criminal, and security matters.
Today’s Broader Focus
Now, 85 InfraGard chapters with a total of more than 35,000 members work with us through our field offices to ward off attacks against critical infrastructure that can come in the form of computer intrusions, physical security breaches, or other methods. These members represent state, local, and tribal law enforcement, academia, other government agencies, communities, and private industry.
At the chapter level, members meet to discuss threats and other matters that impact their companies. The meetings—led by a local governing board and an FBI agent who serves as InfraGard coordinator—give everyone an opportunity to share experiences and best practices.
InfraGard members have access to an FBI secure communications network featuring an encrypted website, web mail, listservs, and message boards. The website plays an integral part in our information-sharing efforts: we use it to disseminate threat alerts and advisories. We also use it to send out intelligence products from the Bureau and other agencies—last year, we posted more than 1,000 of them, and we recently gave InfraGard members the ability to offer feedback.
Dr. Kathleen Kiernan, chairman of the InfraGard national board of directors, said, “The information and intelligence flows seamlessly between everyone involved, a great testament to selfless public service.”
And in terms of our investigative efforts, over the past few years we have opened hundreds of cases as a result of information provided by InfraGard members and have received assistance on more than 1,000 others.
If you’re interested in joining this cause, go to InfraGard’s public website or contact your local FBI field office.
Continued sophistication of cyber crime: Microsoft
Posted by: | CommentsCyber crime is continuing to mature into a sophisticated industry, according to the latest Microsoft Security Intelligence Report (SIRv8).
“The study confirms that criminals continue to enhance their capability to execute attacks, including ‘productising’ and adding features to malware in order to target specific audiences,” said Microsoft Asia Pacific regional security and privacy lead, Jacqueline Peterson-Jarvis, speaking in Kuala Lumpur.
“SIRv8 provides compelling evidence that cyber criminals are becoming more sophisticated and are packaging online threats to create, update and maintain exploits kits that are sold on to others to deploy,” said Peterson-Jarvis.
“Malware creators are continually improving their ‘products’ by replacing poorly performing exploits with new ones,” she said.
Continue Reading HERE
