Cyber Arms Intelligence Report for August 31st
Cyber War issues were in the news a lot last week. The Washington Post had a very interesting article titled “Pentagon’s cybersecurity plans have a Cold War chill“. Although the US working with allies gives the cyberarms race a Cold Waresque feeling, the government wants to harden our infrastructure and has created offensive cyber weapons as a path of deterrence to cyber attack.
It also mentions the threats of providing the US with cheap electronics. “A U.S. laptop maker that once would have boasted that its components were assembled in 50 countries must now worry about 50 points where an intruder could plant malicious code. The Defense Department calls this problem “supply chain vulnerability.”
The White house is trying to rein in 26 high risk IT project where costs are getting out of hand. A little “whodunnit” action going on today when a British code breaker who helped the NSA intercept Al-Qaeda communications was found dead in his apartment.
An Army Colonel in Afghanistan was relived of duty after criticising the military’s reliance on Power Point presentations. “For headquarters staff, war consists largely of the endless tinkering with PowerPoint slides to conform with the idiosyncrasies of cognitively challenged generals in order to spoon-feed them information, even one tiny flaw in a slide can halt a general’s thought processes as abruptly as a computer system’s blue screen of death.“
Talking about the military, the DOD released information on a major cyber attack that occurred in 2008. “The most significant breach of U.S. military computers was caused by a flash drive inserted into a U.S. military laptop on a post in the Middle East in 2008“
Just how dangerous are USB and removable media to computer security? Recently, Security company PandaLabs, claimed that 1 in 4 worms spread through USB flash drives.
In other news, Cisco patches a bug that crashed 1% of the internet. And Google continues growing as it acquires its 5th company this month.
Some other top stories from around the web:
First rootkit targeting 64-bit Windows spotted in the wild
Alureon rootkit is back, and has acquired the ability to hijack computers running 64-bit versions of Microsoft Windows, proclaimed Marco Giuliani, security researcher with security company Prevx.
The penultimate guide to stopping a DDoS attack – A new approach
In this post we (UNIXY) are going to share our experience fending off a large Distributed Denial of Service (DDoS) attack for a client.
DEFCON survey reveals vast scale of cloud hacking
An in-depth survey carried out amongst 100 of those attending this year’s DEFCON conference in Las Vegas recently has revealed that an overwhelming 96 percent of the respondents said they believed the cloud would open up more hacking opportunities for them.
Scam preys on required TweetDeck update
On Monday, TweetDeck warned that some Twitter messages were advising people to upload an untrustworthy executable file, called tweetdeck-08302010-update.exe.
Rustock Botnet Responsible for 40 Percent of Spam
More than 40 percent of the world’s spam is coming from a single network of computers that computer security experts continue to battle, according to new statistics from Symantec’s MessageLabs’ division.
Social Engineering 101 (Q&A)
Today, people get duped over the phone, but also over e-mail and via Facebook and other online avenues. In this edited interview CNET talked to Chris Hadnagy, operations manager at Offensive Security, which organized the Defcon social-engineering contest and does security auditing and training for companies, about the risks to this type of attack, what people can do to protect themselves, and why women might be less susceptible.