Monday, 16 November 2009
14 tech firms form cybersecurity alliance for government
By Wyatt Kash
GCN.com
Nov 12, 2009
Thirteen leading technology providers, together with Lockheed Martin, today announced the formation of a new cybersecurity technology alliance. The announcement coincided with the opening of a new NexGen Cyber Innovation and Technology Center in Gaithersburg, Md., designed to test and develop new information and cybersecurity solutions for government and commercial customers.
The alliance represents a significant commitment on the part of competing technology companies to work collaboratively on new ways to detect and protect against cyber threats and develop methods that could automatically repair network systems quickly after being attacked.
The companies participating in the Cyber Security Alliance include APC by Schneider Electric, CA, Cisco, Dell, EMC Corp. and its RSA security division, HP, Intel, Juniper Networks, McAfee, Microsoft, NetApp, Symantec and VMware.
Art Coviello, EMC executive vice president and president of RSA, speaking on behalf of the new alliance at the center.s dedication ceremony, highlighted the importance of combining the strengths of the companies at the NexGen center.
GCN.com
Nov 12, 2009
Thirteen leading technology providers, together with Lockheed Martin, today announced the formation of a new cybersecurity technology alliance. The announcement coincided with the opening of a new NexGen Cyber Innovation and Technology Center in Gaithersburg, Md., designed to test and develop new information and cybersecurity solutions for government and commercial customers.
The alliance represents a significant commitment on the part of competing technology companies to work collaboratively on new ways to detect and protect against cyber threats and develop methods that could automatically repair network systems quickly after being attacked.
The companies participating in the Cyber Security Alliance include APC by Schneider Electric, CA, Cisco, Dell, EMC Corp. and its RSA security division, HP, Intel, Juniper Networks, McAfee, Microsoft, NetApp, Symantec and VMware.
Art Coviello, EMC executive vice president and president of RSA, speaking on behalf of the new alliance at the center.s dedication ceremony, highlighted the importance of combining the strengths of the companies at the NexGen center.
Kaspersky Internet Security SugarSync Bundle
Get 10gb free back up from SugarSync with Kaspersky Internet Security Purchase
Get 10gb free back up from SugarSync with Kaspersky Internet Security Purchase and save $29.99 Offer Expires 11/28/09
Coupon Code: no code needed
Get 10gb free back up from SugarSync with Kaspersky Internet Security Purchase and save $29.99 Offer Expires 11/28/09
Coupon Code: no code needed
Kaspersky AntiVirus 2010 and ID Vault Bundle
Kaspersky AntiVirus and ID Vault Bundle
Purchase AntiVirus and receive ID Vault for free! A limited time offer! Offer Expires 12/31/09
Coupon Code: No Code Needed!
Purchase AntiVirus and receive ID Vault for free! A limited time offer! Offer Expires 12/31/09
Coupon Code: No Code Needed!
DNS problem linked to DDoS attacks gets worse
By Robert McMillan
IDG News Service
November 13, 2009
Internet security experts say that misconfigured DSL and cable modems are worsening a well-known problem with the Internet's DNS (domain name system), making it easier for hackers to launch distributed denial-of-service (DDoS) attacks against their victims.
According to research set to be released in the next few days, part of the problem is blamed on the growing number of consumer devices on the Internet that are configured to accept DNS queries from anywhere, what networking experts call an "open recursive" or "open resolver" system.
As more consumers demand broadband Internet, service providers are rolling out modems configured this way to their customers said Cricket Liu, vice president of architecture with Infoblox, the DNS appliance company that sponsored the research. "The two leading culprits we found were Telefonica and France Telecom," he said.
In fact, the percentage of DNS systems on the Internet that are configured this way has jumped from around 50% in 2007, to nearly 80% this year, according to Liu.
Though he hasn't seen the Infoblox data, Georgia Tech Researcher David Dagon agreed that open recursive systems are on the rise, in part because of "the increase in home network appliances that allow multiple computers on the Internet."
IDG News Service
November 13, 2009
Internet security experts say that misconfigured DSL and cable modems are worsening a well-known problem with the Internet's DNS (domain name system), making it easier for hackers to launch distributed denial-of-service (DDoS) attacks against their victims.
According to research set to be released in the next few days, part of the problem is blamed on the growing number of consumer devices on the Internet that are configured to accept DNS queries from anywhere, what networking experts call an "open recursive" or "open resolver" system.
As more consumers demand broadband Internet, service providers are rolling out modems configured this way to their customers said Cricket Liu, vice president of architecture with Infoblox, the DNS appliance company that sponsored the research. "The two leading culprits we found were Telefonica and France Telecom," he said.
In fact, the percentage of DNS systems on the Internet that are configured this way has jumped from around 50% in 2007, to nearly 80% this year, according to Liu.
Though he hasn't seen the Infoblox data, Georgia Tech Researcher David Dagon agreed that open recursive systems are on the rise, in part because of "the increase in home network appliances that allow multiple computers on the Internet."
Little to Show for $433 MM Infosec Investment
By Eric Chabrow
Managing Editor
Gov InfoSecurity
November 13, 2009
Los Alamos National Laboratory has spent $433 million to secure its classified computer network between fiscal years 2001 and 2008, according to a report issued Friday by the Government Accountability Office, yet significant weaknesses remain in safeguarding the confidentiality, integrity and availability of information stored on and transmitted over its classified computer network.
The audit, requested by the House Committee on Energy and Commerce, cites Los Alamos' management as saying funding for its core classified cybersecurity program has been inadequate for implementing an effective program during fiscal years 2007 and 2008.
"LANL's security plans and test plans were neither comprehensive nor detailed enough to identify certain critical weaknesses on the classified network," the GAO said in its 39-page report.
The Energy Department-run laboratory in Los Alamos, N.M., also known as LANL, is among the world's largest science and technology institutions that conduct multidisciplinary research for fields such as national security, outer space, renewable energy, medicine, nanotechnology and supercomputing. Along with the Lawrence Livermore National Laboratory, LANL is one of two labs in the United States where classified work designing nuclear weapons takes place.
Managing Editor
Gov InfoSecurity
November 13, 2009
Los Alamos National Laboratory has spent $433 million to secure its classified computer network between fiscal years 2001 and 2008, according to a report issued Friday by the Government Accountability Office, yet significant weaknesses remain in safeguarding the confidentiality, integrity and availability of information stored on and transmitted over its classified computer network.
The audit, requested by the House Committee on Energy and Commerce, cites Los Alamos' management as saying funding for its core classified cybersecurity program has been inadequate for implementing an effective program during fiscal years 2007 and 2008.
"LANL's security plans and test plans were neither comprehensive nor detailed enough to identify certain critical weaknesses on the classified network," the GAO said in its 39-page report.
The Energy Department-run laboratory in Los Alamos, N.M., also known as LANL, is among the world's largest science and technology institutions that conduct multidisciplinary research for fields such as national security, outer space, renewable energy, medicine, nanotechnology and supercomputing. Along with the Lawrence Livermore National Laboratory, LANL is one of two labs in the United States where classified work designing nuclear weapons takes place.
The Cyberwar Plan
By Shane Harris
National Journal
Nov. 14, 2009
Cover Story
In May 2007, President Bush authorized the National Security Agency, based at Fort Meade, Md., to launch a sophisticated attack on an enemy thousands of miles away without firing a bullet or dropping a bomb.
At the request of his national intelligence director, Bush ordered an NSA cyberattack on the cellular phones and computers that insurgents in Iraq were using to plan roadside bombings. The devices allowed the fighters to coordinate their strikes and, later, post videos of the attacks on the Internet to recruit followers. According to a former senior administration official who was present at an Oval Office meeting when the president authorized the attack, the operation helped U.S.
forces to commandeer the Iraqi fighters' communications system. With this capability, the Americans could deceive their adversaries with false information, including messages to lead unwitting insurgents into the fire of waiting U.S. soldiers.
Former officials with knowledge of the computer network attack, all of whom requested anonymity when discussing intelligence techniques, said that the operation helped turn the tide of the war. Even more than the thousands of additional ground troops that Bush ordered to Iraq as part of the 2007 "surge," they credit the cyberattacks with allowing military planners to track and kill some of the most influential insurgents. The cyber-intelligence augmented information coming in from unmanned aerial drones as well as an expanding network of human spies. A Pentagon spokesman declined to discuss the operation.
Bush's authorization of "information warfare," a broad term that encompasses computerized attacks, has been previously reported by National Journal and other publications. But the details of specific operations that specially trained digital warriors waged through cyberspace aren't widely known, nor has the turnaround in the Iraq ground war been directly attributed to the cyber campaign. The reason that cyber techniques weren't used earlier may have to do with the military's long-held fear that such warfare can quickly spiral out of control. Indeed, in the months before the U.S. invasion of Iraq in March 2003, military planners considered a computerized attack to disable the networks that controlled Iraq's banking system, but they backed off when they realized that those networks were global and connected to banks in France.
Protect Yourself! Limited Offer.
Kaspersky Internet Security ID Vault Bundle
Purchase Internet Security and receive ID Vault for FREE!
A limited time offer Offer Expires 12/31/09
Coupon Code: No Code Needed!
Purchase Internet Security and receive ID Vault for FREE!
A limited time offer Offer Expires 12/31/09
Coupon Code: No Code Needed!
Subscribe to:
Posts (Atom)