Observatory

 

News

[WashingtonPost] US said to be target of massive cyberespionnage campaign

In a report recently published, the National Intelligence Estimate (NIE) stated that a wave of a cyberattacks was repeatedly striking American businesses and administrations, the most targeted sectors being energy, finance, aerospace and automotives. The damages caused by such attacks are estimated to be in the tens of billions of dollars. The report, to which several intelligence agencies contributed, designates China as the main perpetrator of the attacks – mostly because of its aggressive cyberespionnage campaign – but also Russia, Israel and France.

Source : WashingtonPost

 

[NYTimes] Broad Powers Seen for Obama in Cyberstrikes

The Obama administration allowed the Pentagon Cyber Space Command to throw pre-emptive cyberattacks on foreign targets. According to the New York Times, these attacks will be carried away in case of credible evidence of a major attack imminently threatening the national security or any critical infrastructure of the United States of America, before any damage can be caused.

Source : NYTimes

 

[NEurope] EC publishes Cyber Security Strategy

The new action aims to prevent and respond to cyber disruptions and attacks that are taking or may take place across Europe. In this way, EU wants to achieve cyber resilience, reduce cybercrime, and develop cyber defence policies, as well as expand industrial and technological resources for cyber-security, and establish a coherent international cyberspace policy. So far, reactions to the strategy have been varied. ALDE MEP Sophie Veld finds the strategy unclear and affirmed that « this strategy is not a strategy, is a mishmash of different measures ».

Source : NEurope

 

Cyberespionage, another watering hole attack against US website

The website of the Council on Foreign Relations (CFR), an American think tank, has been targeted by a “watering hole” attack, that exploited an Internet Explorer 0-day vulnerability. “Watering hole” attacks inject a malicious code in the targeted webpage, but contaminate this webpage’s visitors, who are the true targets of the attack. It allows hackers to discriminate their targets according to the profile of people visiting a webpage, in this case American officials and journalists amongst others. The CFR’s spokesman said the security team was aware of the issue and was investigating it in order to fix it and avoid similar future events.

Source : SecurityAffairs

 

Cybercrime and the Underground Market

Symantec Security’s “Internet Security Threat Report” accounts for 5.5 billion cyberattacks in 2011, which represents an 81% rise since 2010. Cybercriminals have become increasingly organized – with forums and underground chat channels – and the amount of cyberattacks accounted for in this report certainly represents just about the tip of the iceberg. According to Symantec Security, this increasing trend should continue at a considerable rate over the next few months.

Source : InfoSecInstitute

 

Israël youth training to combat cyber threat

Israel will create a centre of excellence for cybersecurity in the Ashkelon Academic College, in charge of training hundreds of youngsters aged 16-18. This program will aim at improving Israel cybercapacities, in terms of both security and defense, but will also contribute to bettering the socioeconomic integration of disadvantaged youngsters within strategic sectors.

Source : JewishNews

 

New weapons for cyber warfare. The CHAMP project

In “cyberspace” as some call it the fifth domain of war, new solutions emerge to destroy enemy capabilities, such as the new generation of missile tested by Boeing, which is capable of attacking the computer systems of a country without causing loss of life. This project developed in Research Laboratory of the U.S. Air Force was appointed CHAMP and materializes as a directed-energy weapon that uses microwaves to permanently knock out the targeted computers. This new generation of cyber weapons has yet to be analyzed, especially with regard to its impact on the environment or the high power consumption necessary to generate the beam of energy capable of paralyzing the target system.

Source : securityaffairs.co

 

Keith Alexander: Cyberattacks Move from Disruption to Destruction, DHS Should Lead Federal Cyber Team

Speaking at an event at the Woodrow Wilson Center for Scholars in Washington, the director of the National Security Agency (NSA), Keith Alexander was concerned about developments in cyber-attacks.  According to him, the next step ahead is the destruction of networks and infrastructure. He spoke in favor of a partnership between industry transparency and the Ministry of the Interior so that this one can lead the federal cyber team. He suggested the FBI would lead law enforcement and identifying attackers, the National Security Agency would focus on foreign intelligence and Cyber Command on defending the nation, while all three would handle the technical requirements.

Source : thenewnewinternet.com

 

NSA Award for the Best Scientific Cybersecurity Paper

A panel of experts will review applications to select the winner and finalists for the award for best scientific paper of cyber security. The competition is open to the public and is not limited to U.S. citizens. The finalists and winning papers will be announced on the website of the NSA. The winner will be invited to submit his text to an audience of experts in cyber security and government personnel.

Source : NSA

 

Cybersecurity’s Black Hole

The Blackhole exploit kit is such a resource, and it’s a hacker’s paradise. Sophos has called it “the world’s most popular and notorious malware exploit kit” and reports it accounts for 28% of all web threats. The author explains the industry need to pay attention because the United States hosts the largest amount of Blackhole exploits in the world.  The kit also uses a polymorphic code that is constantly regenerated. This makes it hard for antivirus software to keep up with it. In version 2.0, the creators have gone to even more trouble to obscure it. First, the new addition allows hackers to keep an IP blacklist. This allows users of Blackhole to keep track of anyone visiting an infected URL hosting the binary. Secondly, users can now create their own URLs instead of relying on standard ones. This makes it extremely difficult to identify the kit.

Source : blog.dlt