Could there be a “cyber 9/11”? Would there be an all-out cyberwar happening right now? There is a war going on, a cyber one at that, going on here in the states. If you work for a defense contractor, bank, train and plane transportation providers (also including RTAs and other digitally-depending transportation methods), power company, water and utilities plants, etc. are in direct line of fire of potential cyberwar problems.
A brewing cyberwar has been going on in the past year, and usually people view it as governments going head to head (like it would in actual wars). However, there is more of a cyberwar against governments, corporations, and of course the entities we named above.
With seeing government threats, like Stuxnet, Flame, etc., to cybercrime units like Red October, Rustock, even Virut/Waledec – seems like the threat is getting out of hand. With the use of tactics like from these malware powerhouses, our worry for a severe (life-threatening) attack should be a lot greater…mainly to the fact that the US should seriously prepare itself.
“The cyber war has been under way in the private sector for the past year,” says Israel Martinez, a board member of the U.S. National Cyber Security Council, a nonprofit group composed of federal government and private sector executives.
“We’re finding espionage, advanced persistent threats (APTs), and other malware sitting in networks, often for more than a year before it’s ever detected,” Martinez says.
Martinez studies different issues, such as US entities being targeted by fronts from China, Iran for intellectual property theft to other cybercrimes such as stealing identities or cash.
When we look at Stuxnet for example, the US and Israel crafted it jointly to disrupt Iranian nuclear facilities. Problem here is, doing that may have just been a provoking edge to the cybcerwar for Iran to develop something else and revenge. Doing this caused Iran then, to strike back with cyber attacks on US banks. Some have thought Iran was behind the Shamoon virus as well, which wipes out 30K hard drives and taking computers offline at Saudi Aramco for several weeks.
Defense firms in the US are hoping that some of the Fortune 500 cybersecurity companies have a good plan to counterattack and defend for the US to these opponents.
The Pentagon has come back with newer accounts of management for this cyberwar by planning to increase cybersecurity teams. The Senate is continually pushing for legislation for information sharing on threats and cyber attacks. President Obama prepares to issue executive order on cybersecurity, so the Department of Defense is looking for a massive increase in the number of trained cybersecurity personnel helping to defend our country’s public and even private networks.
The government has had trouble in the past looking for the right personnel, since most are employed by agencies that don’t discuss operations publicly (due to the risk of the information getting in to the wrong hands). The Pentagon is planning to push up the number of security professionals up to 5,000 in the next few years (which is up from a little under 1,000). They’re hoping for both military and civilian security personnel to join up, so the diversity helps the US prepare for any issue.
Expect a better take charge situation by corporate, government, and private firms in this cyberwar situation!
46 US House of Representatives Republicans joined in a letter (PDF) to urge President Barack Obama not to issue the executive order on cybersecurity. The White House is currently drafting an executive order that encourages operators of critical infrastructures (like banks, power grids, etc.) to meet cybersecurity standards.
“Instead of preempting Congress’ will and pushing a top-down regulatory framework, your administration should engage Congress in an open and constructive manner to help address the serious cybersecurity challenges facing our country,” the lawmakers wrote.
The executive order is expected for release in January, which will help protect these vital systems from hackers. It’s highly important that this gets put into action, or the United States can see some issues happen such as power loss, plane crashes, train derailments, etc.
“This framework will work better than attempts to place the government in charge of overseeing minimum standards for industries seeking to invest in new and innovative security solutions,” the Republicans wrote.
The letter of urgency, led by Representatives Marsha Blackburn (Tennessee) and Steve Scalist (Louisiana) is aimed at helping to reduce the amount of government involvement in cyberwar, in hopes not to stir rages with hackers and other pests. However, if something isn’t done very soon, America as we know it could be in a lot of trouble.
Windows 8 is apparently more secure than Windows 7. Perhaps this is true, and it is best to learn what security features there are for the new operating system. Some of these security features are verified to help out very well in the security of Windows 8, and some may not be in time, or lastly some may not work at all.
One of the most discussed security features is Secure Boot. Now, Secure Boot is a Unified Extensible Firmware Interface (UEFI) specified in the boot process to check cryptographic signatures of kernel-mode drivers, making sure they aren’t modified or corrupted. In other words, the boot process is now made to check if the operating system has been corrupted by malware or some other issue.
This is all part of a hardware restriction process called Hardware DRM. All non-ARM devices have the option to turn Secure Boot off, however ARM devices must keep it on. Experts state that it will be resistant to rootkits, since the MBR and BIOS cannot be accessed, unless if someone working on the computer penetrates it.
Next, Windows 8 features better built in antivirus software, with a much better improved Windows Defender. The software in Windows 8 is combined with the optional tool Microsoft Security Essentials. Now, with Windows Defender super-powered with MSE, it has much more anti-malware features.
With better anti-malware features, Internet Explorer is now made with better features as well. It has the ability to prevent zero-day exploits much greater than previous versions of Internet Explorer. With the challenges of exploiting Windows 7, there was the issue risen up again for Java and Flash Player, so hackers can gain control over the operating system. Those browser plugins are now easier to exploit than the Internet Explorer’s code.
A new application sandboxing environment called AppContainer provides the ability to run all apps in a controlled environment, where it controls how apps work. This prevents apps from disrupting the operating system. Of course, this is just supplemented by Internet Explorer’s SmartScreen filter, which prevents the download/install of known malicious software. However, Windows 8 now has SmartScreen available for any app, allowing even more prevention. Of course, this means Microsoft employees are going to increase in numbers, if they really want to keep up. Now that hackers know their new challenges, they will be relentless.
The questions are still played on whether Windows 8 will be a repeat of Vista or not. The reality of the situation, is if Windows 8 has big popularity, then the security issues will also light up big time. However, many will stick to Windows 7, so the security issues for Windows users are not close to be over. Feel free to take a look at related articles below for Symantec’s opinions, which aren’t too well on the new OS.
Added October 31, 2012: Trusted Platform Module, read more
Keep up with the latest security tips on our blog here. In addition, please donate to help us continue to write these awesome whitepapers.
- Over Half Of Windows 8 Users Still Prefer Windows 7 (webpronews.com)
- Gates: New Windows 8 system is `very exciting’ (seattletimes.com)
- Windows 8 Security Is Not Good – Symantec (news.softpedia.com)
- UEFI and Secure Boot: The Hell I Went Through (prismdragon.wordpress.com)
Over the past three years, about 21 million patients have had their medical records exposed in data security breaches that were big enough to require they be reported to the federal government.
Since Sept. 2009, 477 breaches affecting 500 people or more each have been reported to the Office for Civil Rights (OCR) under the U.S. Department of Health and Human Services. In total, the health records of 20,970,222 people have been compromised, the OCR said.
Six health care organizations listed on The Wall of Shame reported security breaches that involved one million or more records.
- ‘Wall Of Shame’ Shows 21 Million Data Breaches In Healthcare (teamshatter.com)
- ‘Wall of Shame’ Exposes 21M Medical Record Breaches (it.slashdot.org)
The cybersecurity bill discussed in congress earlier this Spring is now revised with newer details. The revision to the originally democratic bill is more based on disallowing the government to absolutely standardize new cybersecurity bills. The idea is for those with critical infrastructured networks get fully secure (as required). The new SECURE IT bill restricts the government from retaining and using information about cyberthreats.
According to Computer World: SECURE IT, backed by Sens. John McCain (R-Ariz.), Kay Bailey Hutchison (R-Texas), Chuck Grassley (R-Iowa), Saxby Chambliss (R-Ga.), Lisa Murkowski (R-Alaska), Dan Coats (R-Ind.), Ron Johnson (R-Wis.), and Richard Burr (R-N.C.), will allow companies to legally share real-time cyberthreat information from their networks with other industry stakeholders, law enforcement agents and government officials.
The restriction of the use of such information about cyberthreats is to help combat the ability of hackers from discovering the information and getting quicker revision time for their threats.
The mere investment in to tools to combat cybersecurity threats is crucial to American infrastructure, and infrastructure all around the world even!
The biggest deal is watching how cyberthreat information is shared. Programs like CISPA are not going to function very well. Which means cyberthreat information should be held between private parties for a temporary time, and once a mitigation is made, destroy the data.
Corporate and government systems are not immune to cyberattacks by hackers.
Some of the biggest computer security issues in the coming weeks of the Summer include (no specific order):
- Olympic games, possible terrorism involvement. Also, look out for scammy/spammy emails, including different issues – such as: Watch Olympic results online now, or even Win Free Tickets to the Olympics. Websites that allow broadcasting for the Olympics are going to be highly targeted. Look out for issues, especially when a lot of people from a lot of different countries want to check it they’re team won.
- Your Summer Vacation, may be the time where you lose your smartphone or laptop or tablet, etc. Be careful not to take too many gadgets…after all, the more you have with you, the more you have to keep track. If you’re commonly irresponsible or less careful, then try to take only one-to-two devices at maximum. Also, don’t be announcing to Twitter, Facebook, FourSquare, etc. that you are leaving your home for a while. This produces a great home security risk, mainly for people whom know where you live.
- Politics and cybercrime don’t mix well! Expect trouble in your inbox, pasted all over advertising, etc. about the upcoming Presidential Election. Don’t click on ads in different websites, or in spam emails about politics. It’s a bunch of propaganda, FUD, and mindless brainwashing…that’s just half. The other half: malware of course! 😀
- Black Hat & DefCon conferences are this Summer. Expect no less than a wild ride for vulnerabilities, strange new malware, and lots of fancy code to look at. But seriously, don’t fall for vulnerabilities. Keep your computer secure by following the ad below. It’s an ad you SHOULD click on!
In order to protect your computer against these types of threats, it is recommended to have a good Internet Security suite, that protects your computer against malware and protects your inbox against spam attacks: