Schmidt Resigns from White House Cyber Post. Howard Schmidt, who coordinated the Obama Administration's push for cybersecurity policy and legislation, is stepping down after two-and-a-half years on the job, the Washington Post reports.
Michael Daniel, who heads the intelligence branch of the White House budget office, will take over the post when Schmidt departs at the end of May. The move comes as the administration is at loggerheads with Congress over cybersecurity and the fate of the Cyber Intelligence Sharing and Protection Act (CISPA). In a policy statement released April 25, the Obama administration hammered at CISPA, arguing the measure would not protect critical infrastructure, on the grounds that it would not protect infrastructure while compromising personal liberties and ceding a domestic law enforcement task to the intelligence community. New Jersey mayor, son, arrested on charges they nuked recall website.
The mayor of a small New Jersey hamlet has been arrested, along with his son, on federal charges that they shut down a website advocating the mayor's recall after breaking into the online accounts of political foes.
According to federal officials, Felix Roque, the 55-year-old mayor of West New York, New Jersey, and his son, Joseph Roque, 22, were arrested early Thursday morning by FBI agents. In February, the pair planned and executed the silencing of www.recallroque.com by gaining unauthorized access to the GoDaddy account used to control the domain name. An FBI special agent filed documents with these allegations in a New Jersey federal court. The father-and-son team also obtained e-mails and messages sent among opponents after gaining unauthorized access to e-mail and Facebook accounts. According to the account of FBI Special Agent Ignace Ertilus, Felix and Joseph Roque took a keen interest in the recall site as early as February.
How to Create a Strong Password (and Remember It) You can create strong passwords that don’t make you memorize a cryptic string of letters, numbers, and punctuation symbols.
Here are three techniques: Use a sentence. It’s easy to remember the first letters of the words in a sentence. For example, children have used this sentence to remember the names of the nine planets: My Very Excellent Mother Just Served Us Nine Pickles. You could use the first letters of those words to generate this strong 9-character password: m*Emjsu9p, where Venus (the morning or evening star) is represented by *, the letter for Earth is capitalized, and nine is a numeral.
White House Unveils Initiative to Fight Computer Viruses. Internet-service providers and financial-services companies would share data about networks of infected computers known as botnets under a pilot program announced today by the Obama administration.
The White House also unveiled a voluntary set of principles developed by an industry group to prevent and detect botnets and a consumer-education campaign about the computer viruses. Botnets are networks of infected computers that can be used for malicious purposes, such as stealing information, generating spam or flooding corporate or government systems with unwanted traffic that can cripple websites.
To build a botnet, hackers send out programs, often disguised as links or hidden in e-mail attachments, that infect a computer when opened. “The issue of botnets is larger than any one industry or country,” Howard Schmidt, the White House cybersecurity coordinator, said in an e-mailed statement. “This is why partnership is so important.” U.S. Launched Its Biggest Cyberattack From a Thumb Drive. The U.S. and Israel were responsible for creating the Stuxnet computer worm that wreaked havoc with Iranian nuclear facilities, later spreading to the Internet in 2010.
That's according to a report from The New York Times, since confirmed by other news organizations. And the first salvos in the massive cyberattack were launched via an unassuming piece of technology: a thumb drive. The report, excerpted from the upcoming book Confront and Conceal: Obama’s Secret Wars and Surprising Use of American Power, details how the U.S. conceived, created, tested and deployed Stuxnet, in partnership with Israel. After the program, code-named Olympic Games, successfully tested the worm, the big challenge was physically getting it into Iran's Natanz nuclear plant.
The answer turned out to be simpler than U.S. officials thought, since some plant personnel weren't very careful with the thumb drives they were carrying. U.S. and China Team Up to Stop Cyberattacks. In an unexpected announcement, the U.S. and China have announced they will be working together on matters of cybersecurity, despite many cybersecurity experts' assessments that China is the main source of digital attacks against the U.S.
The partnership was announced after a Monday meeting between U.S. Defense Secretary Leon Panetta and Chinese Minister for National Defense Liang Guanglie in Washington, D.C, according to the BBC. It's "extremely important" for the two nations to be working together to "avoid a crisis in this area," said Panetta. Lost Your Phone? The Government Wants to Find it For You. If you're one of the many cellphone owners who've ever left their mobile device behind at a crowded restaurant, packed bar or city-crossing taxi, you know the heart-sinking shock felt when you reach for your phone only to find it missing — all because some quick-fingered swindler grabbed it while you were distracted.
Hackers Will Replace Terrorists as Top Threat, Says FBI. Could Anonymous be the next al-Qaeda?
FBI Director Robert Mueller warned a group of cybersecurity experts on Thursday that online attacks will replace terrorism as the most serious threat facing the U.S., according to The Associated Press. Mueller pressed private businesses and Internet security firms to secure American digital infrastructure from rogue hackers and attacks sponsored by foreign governments. "We are losing data, we are losing money, we are losing ideas and we are losing innovation," Mueller said at the RSA Digital Security Conference in San Francisco.
Official: Anonymous May Be Able to Disable Power Grids by Next Year. Anonymous, the loosely affiliated group of "hacktivists," have had a wide array of targets: The Boston and Oakland Police Departments, the FBI, Scotland Yard and the Greek government, just to name a few.
Targets are selected because of a perceived injustice: police brutality, Internet censorship or the rich oppressing the poor. Once perceived as a minor nuisance, Anonymous is getting some serious attention: According to the Wall Street Journal, the Director of the National Security Agency, or NSA, has cautioned that Anonymous could have the capability to knock out power in the U.S. through cyberattacks within the next one to two years.
NSA director Gen. Keith Alexander issued his warning in private government meetings, and Anonymous hasn't yet been added to any public "threat list. " However Alexander, and other government officials, have expressed growing concern about America's vulnerability to cyberattack. SEE ALSO: Anonymous Hacks Syrian President’s Email. Computer spyware is newest weapon in Syrian conflict. Syrians demonstrate against the regime after Friday prayers in the north Syrian city of Idlib on February 17. Activists working against the regime now have to worry about malware that can expose their activities. U.S. antivirus experts say a virus is sending information to a server in SyriaActivists: Regime supporters are stealing oppositionists' online identities'Imposters use stolen identities to pass the viruses to activists, opposition claimsAntivirus software may not yet optimally protect against the new viruses.
Senator Joseph Lieberman (CT) - LIEBERMAN, COLLINS, ROCKEFELLER, FEINSTEIN OFFER BIPARTISAN, COMPREHENSIVE BILL TO SECURE FED AND CRITICAL PRIVATE SECTOR CYBER SYSTEMS. – To guard against the nation’s increasing vulnerability to cyber attack, a group of Senate Committee leaders introduced bipartisan legislation Tuesday to secure the cyber systems of the essential services that keep our nation running.
The Senators were Homeland Security and Governmental Affairs Committee Chairman , ID-Conn., Ranking Member Susan Collins, R-Maine, Commerce Committee Chairman Jay Rockefeller, D-W.Va., and Select Intelligence Committee Chairman Dianne Feinstein, D-Ca. Senate's Cybersecurity Bill Doesn't Have 'Internet Kill Switch' The U.S.
Senate released a comprehensive cybersecurity bill Tuesday after months of closed-to-the-public negotiations. If passed, the bill would require tighter protection of federal agencies' networks, encourage government-business cooperation and regulate private companies whose networks are vital to the American public. It does not, as some feared it might, feature a "kill switch" that would allow the president to turn off the Internet during a national crisis. It also does not build a dedicated cybersecurity office in the White House, which earlier versions of the bill included. Researchers Find Flaw in an Online Encryption Method.
The flaw — which involves a small but measurable number of cases — has to do with the way the system generates random numbers, which are used to make it practically impossible for an attacker to unscramble digital messages.
While it can affect the transactions of individual Internet users, there is nothing an individual can do about it. The operators of large Web sites will need to make changes to ensure the security of their systems, the researchers said. The potential danger of the flaw is that even though the number of users affected by the flaw may be small, confidence in the security of Web transactions is reduced, the authors said. The system requires that a user first create and publish the product of two large prime numbers, in addition to another number, to generate a public “key.” OpenDNS Adds Encrypted Security Today. OpenDNS announced a technology preview today for Macs running their DNS services called DNSCrypt. Think of this as doing for the DNS protocol what HTTPS does for the Web protocols. Like its mainline service, it is freely available, and Windows and Linux versions are promised for next year.
You can download the code here for the Mac OS. They will eventually post all of their code on GitHub for public scrutiny. DNSCrypt solves one critical flaw in the DNS process: the ability to snoop as a "man in the middle" of a conversation between two computers, because it encrypts all DNS traffic between your computer and the Internet. Just in Time for "Anonymous" Attacks, U.S. NIST Drafts a New Readiness Plan. Cybersecurity: Helping businesses defend against cyber threats. Analysts with the National Security Agency see the threats coming at corporate America: viruses, worms and other malware targeting the computer networks that serve the nation's banks, utilities and businesses. But the 64-year-old law that established the modern U.S. intelligence community prevents them from sharing the classified details with the private businesses in the cross hairs. Big Data, Big Attraction for Organized Crime - ReadWriteCloud. Supercookies: What You Need to Know About the Web's Latest Tracking Device.
New Security Threat: Infected QR Codes.
Surveillance Company Says It Sent Fake iTunes, Flash Updates - Digits. The Surveillance Catalog - The Wall Street Journal. How To Tell If Your Boss Is Spying On You.