By Alex Mooney
The U.S. is seeking a more muscular response to the growing threat from foreign hackers interested in obtaining U.S. businesses’ trade secrets.
The response, in the guise of a 150-page report unveiled by Attorney Gen. Eric Holder and other leading government officials on Wednesday, includes new pledges by the Justice Department and FBI to crack down on hacking, a guide for corporations vulnerable to attacks on how to beef up their own security, and a proposal to better coordinate efforts with U.S. allies to prosecute foreign hackers.
“In this time of economic recovery, this work is more important than it has ever been before,” Holder said Wednesday at a White House event that outlined the new response. “I am pleased to report we are fighting back more aggressively and collaboratively than ever before.”
The announcement comes a day after the Virginia-based Mandiant published a 60-page report that alleges the Chinese government is sponsoring cyber-espionage to attack top U.S. companies.
By CNN Money's Charles Riley
An American cybersecurity firm has linked one of the world's most prolific groups of computer hackers to the Chinese government, saying in a new report that an extensive cyber-espionage campaign is being waged from a location near Shanghai.
The security firm, Mandiant, detailed the allegations in a 60-page report published Tuesday that describes the group's tactics and history over a six-year period.
The Virginia-based Mandiant, which helps companies detect and respond to cyber threats, said it has observed the group of hackers - called the "comment crew" - systematically steal hundreds of terabytes of data from at least 141 organizations across 20 industries worldwide since 2006.
Mandiant claims the activity can be traced to four networks near Shanghai - with some operations taking place in a location that is also the headquarters of Unit 61398, a secret division of China's military.
Editors Note: Jane Harman is director, president and chief executive officer of the Woodrow Wilson International Center for Scholars. She was a nine-term congresswoman from California, the ranking Democrat on the House Intelligence Committee from 2002 to 2006, and a principal coauthor of the Intelligence Reform Law of 2004 and the FISA Amendments of 2008.
By Jane Harman, Special to CNN
In the debate on drone policy that is raging in Washington, a simple solution is available. Why not use the framework established in the 35-year-old Foreign Intelligence Surveillance Act, or FISA, to cover drone strikes and offensive cyberoperations?
FISA was enacted in response to the abuses of the Nixon years and established a special court and congressional oversight procedures to review intelligence collection activities against Americans and foreigners. For 23 years, that framework worked well in a very different threat environment. The FISA court was able to manage a reasonable caseload, and the Senate and House intelligence committees – created to do oversight over the program – carefully reviewed all activities.
September 11, 2001, was a game changer, forcing the United States to rethink the existing security paradigms. In response to the graveness of the terrorist threat, the Bush administration decided that the existing FISA framework was antiquated and inadequate, and began warrantless foreign intelligence surveillance outside the FISA structure. The president claimed this extra-legal action was justified under his "commander in chief" powers in Article II of the Constitution.
By David Goldman
Having run out of patience for Congress to act on a cybersecurity bill, President Obama has decided to take matters into his own hands.
Obama signed an executive order on Tuesday addressing the country's most basic cybersecurity needs and highlighted the effort in his State of the Union address.
"We cannot look back years from now and wonder why we did nothing in the face of real threats to our security and our economy," Obama said.
The order will make it easier for private companies in control of the nation's critical infrastructure to share information about cyberattacks with the government. In return, the Department of Homeland Security will share "sanitized" classified information with companies about attacks believed to be occurring or that are about to take place.
The order also directs the government to work with the private sector on standards that will help protect companies from cybercrime, though there is nothing in the order about how this will be enforced.
By David Goldman
Security analysts are predicting that 2013 is when nation-sponsored cyberwarfare goes mainstream - and some think such attacks will lead to actual deaths.
In 2012, large-scale cyberattacks targeted at the Iranian government were uncovered, and in return, Iran is believed to have launched massive attacks aimed at U.S. banks and Saudi oil companies. At least 12 of the world's 15 largest military powers are currently building cyberwarfare programs, according to James Lewis, a cybersecurity expert at the Center for Strategic and International Studies.
So a cyber Cold War is already in progress. But some security companies believe that battle will become even more heated this year.FULL STORY
By Pam Benson
Some of the nation's biggest banks are at risk of a massive cyber attack next year that could potentially siphon funds from unsuspecting customers, according to a leading digital security firm.
The fraud campaign, known as Project Blitzkrieg, is a credible threat, the Internet security firm McAfee Labs concluded in a new report.
The malware has been lying dormant in U.S. financial systems and is scheduled to go active by the spring of 2013, McAfee researchers concluded.
The project "appears to be moving forward as planned," the report states.
People familiar with the study said some 30 financial institutions are targets of the campaign.
By David Goldman
Iran's quest for a nuclear weapon has been the subject of much debate this election season, but the presidential candidates rarely discuss the most imminent danger Iran poses to the United States: cyberwarfare.
Iran is believed to be behind a slew of massive attacks in September that took down a string of U.S. banks' websites. The country is also thought to have launched a devastating cyber time bomb on Saudi Oil company Aramco in August and to have coordinated a similar attack on Qatar's RasGas, an Exxon Mobil subsidiary.FULL STORY
By Mike Mount, with reporting from Suzanne Kelly and Pam Benson
Although officials have not made such an assertion publicly, they have characterized the attacks that occurred in recent months as initiated by a "state actor." The U.S. intelligence apparatus observed and tracked the attacks as coming out of Iran, a third official said Monday. The official would not describe further what was observed but said the belief is the perpetrators were surrogates working with the Iranian government.
“We strongly believe there is a relationship between the people typing the code and people running the government,” according to the official.
"It certainly is the case that Iran is improving its capabilities in the cyber field. We're paying attention. We are concerned about their increasing ability to operate in this realm," a U.S. intelligence official said.
Defense Secretary Leon Panetta noted the attacks in a speech last week and warned that United States must beef up its cyber defenses or risk a potentially devastating strike. FULL POST
By Pam Benson
The United States must beef up its cyber defenses or suffer as it did on September 11, 2001 for failing to see the warning signs ahead of that devastating terrorist attack, the Secretary of Defense told a group of business leaders in New York Thursday night.
Calling it a “pre-9/11 moment,” Leon Panetta said he is particularly worried about a significant escalation of attacks.
In a speech aboard a decommissioned aircraft carrier, Panetta reminded the Business Executives for National Security about recent distributed denial of service attacks that hit a number of large U.S. financial institutions with unprecedented speed, disrupting services to customers.
And he pointed to a cyber virus known as Shamoon which infected the computers of major energy firms in Saudi Arabia and Qatar this past summer. More than 30-thousand computers were rendered useless by the attack on the Saudi state oil company ARAMCO. A similar incident occurred with Ras Gas of Qatar. Panetta said the attacks were probably the most devastating to ever hit the private sector.
Department of Homeland Security Secretary Janet Napolitano acknowledged Friday her Luddite-like ways, despite the fact her position puts her in a critical leadership role when it comes to defending the nation's infrastructure from cyberattacks.
Napolitano said she does not use email "at all."
"For a whole host of reasons. So, I don't have any of my own accounts and that, you know, I'm very secure," Napolitano noted at a Washington conference about cyber security.
"Some would call me a Luddite but you know. But that's my own personal choice and I'm very unique in that regard I suspect," Napolitano added.
The Obama administration has been pushing Congress to revisit legislation that would have given DHS authority to enforce security standards. Legislation faltered earlier this year over concerns that it was too intrusive in requiring business to share data about intrusions, rather than it being voluntary.
In the meantime, an executive order is being drafted by the Obama administration that would help clarify security standards, Napolitano said. She said President Barack Obama has not reviewed it yet.
Napolitano said legislation would not dictate to companies how to run their security but rather would be a public-private partnerships to defend critical infrastructure.