Tag Archive | United States Department of Homeland Security

Cybersecurity Order Signed by President Obama – Now What?

It’s been studied for months to issue an Executive Order for Cybersecurity on information sharing of cybersecurity threats between companies. It’s been talked about for years. It’s a pressing issue that with high-level attacks going on targeting critical infrastructures, that information sharing between companies is important. President Barack Obama agrees that this should take effect.

One core problem in information sharing is that data on new threats to security and other cybercrime attacks need to be shared when it happens rather than in the middle of an attack. Usually, some companies will provide some info to other companies, but put it on low priority where the other company (on the receiving end) receive it too late to do anything about it.

As we reported back in late December, 46 US House of Representatives Republicans joined in a letter (PDF) to urge President Barack Obama not to issue the executive order on cybersecurity. The letter of urgency, led by Representatives Marsha Blackburn (Tennessee) and Steve Scalist (Louisiana) was aimed at helping to reduce the amount of government involvement in cyberwar, in hopes not to stir rages with hackers and other pests.

However, if companies don’t band together to help defeat the cybersecurity problems scattering aggressively on the Internet, then every normal internet user will be doing some information and credit card sharing, which could cause money to be robbed out of the pockets of millions of people everyday. But, with this Executive Order, at least companies can share information about cybersecurity threats and prevent people from being robbed, and clean up the situations of data and identity theft.

As we reported late last month, critical infrastructure vulnerabilities are getting out of hand.

“The cyber war has been under way in the private sector for the past year,” says Israel Martinez, a board member of the U.S. National Cyber Security Council, a nonprofit group composed of federal government and private sector executives.

“We’re finding espionage, advanced persistent threats (APTs), and other malware sitting in networks, often for more than a year before it’s ever detected,” Martinez says.

With this information paired with the Department of Defense wanting more cybersecurity workers, the state of National Security will improve along with cybersecurity.

According to Wired Magazine Online, The order, which runs eight pages (.pdf), directs the Attorney General’s office, the office of Homeland Security Secretary Janet Napolitano and the Director of National Intelligence to issue instructions to their agencies that would “ensure the timely production of unclassified reports of cyberthreats to the U.S. homeland that identify a specific targeted entity” to Congress and also develop a program for providing “classified cyber threat and technical information from the Government to eligible critical infrastructure companies or commercial service providers that offer security services to critical infrastructure,” according to the document.

With the government wanting to expand operations to handle critical infrastructure vulnerabilities implementing more workers, to expediting security clearances, they have this to say in the Order:

“It is the policy of the United States Government to increase the volume, timeliness, and quality of cyber threat information shared with U.S. private sector entities so that these entities may better protect and defend themselves against cyber threats.”

Some worry about this order, and hope this is the right thing to do.

“I am concerned that the order could open the door to increased regulations that would stifle innovation, burden businesses, and fail to keep pace with evolving cyberthreats,” Republican Representative Michael McCaul, of Texas, said in a statement.

“The president’s executive order rightly focuses on cybersecurity solutions that don’t negatively impact civil liberties,” ACLU legislative counsel Michelle Richardson said in a statement. “Greasing the wheels of information sharing from the government to the private sector is a privacy-neutral way to distribute critical cyber information.”

We’ll see the state of the internet security landscape as time goes on, as this is just the beginning. In efforts to see this thing through, congress will be keeping a close eye on this issue, and perhaps start adding other measures to support it.

Information sharing between government agencies and corporations questioned

The sharing of information on threats and attacks between government agencies and companies in the private sector has been tried numerous times and in many different ways over the last decade, with varying degrees of success. The need for information flowing in both directions likely is more pressing than ever right now, with high-level attacks targeting critical infrastructure systems and utilities every day, but much of that data in the government realm remains classified and few enterprises are eager to reveal details, either. As the attacks continue, officials say there may be a need for a new mechanism to get the information flowing.

One of the main problems when it comes to information sharing programs is that the data on new threats and attacks needs to be shared as the attacks are happening, and that’s difficult to accomplish. In the middle of an attack, security teams and incident-response groups are concerned with stopping the attack, discovering what systems have been compromised and determining whether any data was stolen. Packaging up the information on what happened, even if it’s readily accessible, and making it available for others is typically a low priority.

Read more on ThreatPost

Software exploit code released for solar plant management devices

The US Department of Homeland Security is warning about vulnerabilities in a common SCADA (supervisory control and data acquisition) package that is used to remotely monitor and manage solar energy-generating power plants.

The DHS’s ICS-CERT issued an advisory on Wednesday that exploit code was circulating on the internet for security holes affecting the Italian vendor Sinapsi’s eSolar Light Photovoltaic System Monitor.

The eSolar Light Photovoltaic System Monitor is a SCADA product that allows solar power stations to simultaneously monitor different components of photovoltaic arrays, such as photovoltaic inverters, energy meters, gauges and so on.

ICS-CERT said in its advisory that the vulnerabilities, if successfully exploited, could allow attackers to remotely connect to the management server, “executing remote code, possibly affecting the availability and integrity of the device.”

General information pulled from the blog on Naked Security:

Avoid exploits on your computer with:

October is National Cyber Security Awareness Month

NCSAM official image (Department of Homeland Security)

Cyber security awareness is so important, and we’re going to display a few things you should be aware of this month, for you to try to make capable changes to your personal or business security perspective. You will notice some of the information below is linked to different posts here on the blog. This should help you understand each topic better! Please don’t be afraid to use each of the links below to learn more about protecting your system(s).

  • Email is one of the biggest attack methods. Since users are still highly dependent on email, it is so critical that email systems get fixed. Spam can be so cunning that it may disguise itself as your friend, someone you trust, or a bank. The main target in these spam attacks is phishing, which will allow an attacker to trick you into doing something or giving away personally identifiable information.The goal is to also download malware on to your computer, which can be used to take control of your computer and steal much more personal information. Some emails may claim to be a legitimate organization sending you an attachment, but it’s purpose is to distributed malware on your computer. It is best to secure email systems against spam. This can be done using a variety of products whether hardware or software. Make sure to secure your system(s) with the latest spam fighting utilities. Also, securing Outlook or Windows Live Mail is beneficial.
  • Instant Messaging still seems to be a vector for malware attacks. Just when people drop their guard about IM security, a new band of threats affects users. Most IM attacks come in the form of spam, a message from an apparent trusted friend, or a phishing attempt/scam from a legitimate looking company. A lot of the time, when the message appears from a trusted friend, it usually means that person’s IM account or email account has been hacked and the attacker has mined the email addresses or IM addresses in order to send you these attacks. It is important to have a good Internet Security product that protects against IM attacks along with network defense.
  • Exploits are the most common cause of infections on computers these days. Many of the exploits have been caused by out-of-date Java plugins or Adobe Flash Player plugins (or even fake Flash Player), among other types of plugins for your browser. Other exploits come in the form of advertisements that are catered to your interests, by the use of tracking cookies, which when you click on the ads it can lead to a site that will immediately download malware and attempt to take control of your computer.Those are just a couple of examples of why you need Internet Security protection as declared just above in the explanation for IM security. Also, having a second-opinion malware scanner can make sure that things don’t get missed, giving you maximum protection. Working on a defense-in-depth strategy for your computer can be a great way to avoid exploits.
  • Downloading and installing untrusted software products is a good way to get infected with viruses, spyware, and other threats and malware. Using tools such as Web-of-Trust for your browsers is a key idea in managing whether a site is safe. Also, reading reviews for the product you are getting ready to download and purchase will help you make an informed decision. It is important to have Total Internet Security protection, as stated above in IM security. Please refer to the “Internet Security product” link for more information on securing your system(s) with protection mechanisms.

There are many more vectors of cyber security problems. It is important to use the methods described above as well to secure your system(s) from attacks from cybercriminals.

Summary of mitigating most attacks:

LifeLock

Republican Senators Revise Cybersecurity Bill

Government Security

The cybersecurity bill discussed in congress earlier this Spring is now revised with newer details. The revision to the originally democratic bill is more based on disallowing the government to absolutely standardize new cybersecurity bills. The idea is for those with critical infrastructured networks get fully secure (as required). The new SECURE IT bill restricts the government from retaining and using information about cyberthreats.

According to Computer World: SECURE IT, backed by Sens. John McCain (R-Ariz.), Kay Bailey Hutchison (R-Texas), Chuck Grassley (R-Iowa), Saxby Chambliss (R-Ga.), Lisa Murkowski (R-Alaska), Dan Coats (R-Ind.), Ron Johnson (R-Wis.), and Richard Burr (R-N.C.), will allow companies to legally share real-time cyberthreat information from their networks with other industry stakeholders, law enforcement agents and government officials.

The restriction of the use of such information about cyberthreats is to help combat the ability of hackers from discovering the information and getting quicker revision time for their threats.

The mere investment in to tools to combat cybersecurity threats is crucial to American infrastructure, and infrastructure all around the world even!

The biggest deal is watching how cyberthreat information is shared. Programs like CISPA are not going to function very well. Which means cyberthreat information should be held between private parties for a temporary time, and once a mitigation is made, destroy the data.

Corporate and government systems are not immune to cyberattacks by hackers.

 

%d bloggers like this: