By Suzanne Kelly
Senate members sparred Thursday over whether a new cybersecurity bill will effectively give the U.S. government and private security what it needs to defend itself against the dozens of attacks occurring daily on both government and private computer networks.
The Cybersecurity Act of 2012 proposes to house the government's cybersecurity headquarters within the Department of Homeland Security, which has already taken the lead among the government agencies on coordinating efforts to tackle sticky cybersecurity problems in cooperation with the National Security Agency.
Specifically, the act sets out guidelines for determining cybersecurity vulnerabilities, protecting and promoting innovation and encouraging companies to share information about cyberthreats, improving the security of the government's own cyber networks, and coordinating research and development while clarifying the roles of federal agencies.
EDITOR'S NOTE: Ed Stroz is a former Special Agent at the Federal Bureau of Investigation, where he was responsible for the formation of the FBI’s Computer Crime Squad in New York City. Currently he is co-president and founder of Stroz Friedberg, a cybersecurity consulting firm. Carl Young is managing director at the same firm. Prior to joining Stroz Friedberg, Mr. Young was a risk strategist and Global Head of Physical Security Technology at Goldman Sachs, and previously held a succession of senior posts at the FBI.By Ed Stroz and Carl Young, for CNN
The attacks in New York and Washington, D.C. on September 11, 2001 signified the unofficial start of the U.S. war on terror. Although the images of that day remain fixed in our memories, the ten-year anniversary of 9/11 is an opportunity to examine how we have changed the way we think about the importance of security in our lives.
At the same time, the ten years since 9/11 have witnessed an explosive dependency on information technology around the world. One statistical indicator of this growth is the 480% increase in the global use of the Internet since 2001, where the number of Internet users comprises nearly a third of the seven billion inhabitants of the planet.
Much of the U.S. information technology infrastructure and associated software is owned and operated by private organizations that conduct business using web applications that can be accessed through the Internet or utilize network devices with similar risk exposure to computer viruses. Such viruses, also known as malware, are increasingly sophisticated and have become ubiquitous on the Internet. A computer system that is infected by such malware can still work perfectly well with no signs of infection. The malware can sit silently waiting for instructions to take destructive action later. For the first time, the number of new computer viruses introduced in a single year (2011) is expected to exceed two million. FULL POST
By Dugald McConnell and Brian Todd
A top-secret National Security Agency team uses spyware and hacking to gather intelligence on targets, according to a new report based on internal agency documents.
According to Der Spiegel, a German magazine that published some of the documents, the unit's interception techniques are worthy of James Bond: intercepting a computer being shipped to a target and installing spyware before it is delivered; supplying an altered monitor cable that transmits everything on a computer's screen to the NSA; or planting a USB plug with a secret radio transmitter.
The unit, called Tailored Access Operations, also uses hacking in addition to spy craft. The most basic method involves phishing, sending an e-mail that lures a target into clicking on it and unknowingly downloading NSA spyware. More sophisticated techniques include identifying exploitable computer vulnerabilities by eavesdropping on a target's error messages; tracking a target's cookies to shadow their Internet use; and even surreptitiously diverting a target's web surfing to phony replica web pages of commonly used sites such as LinkedIn and Facebook.
Agents could use such fake sites both to see what a target is typing and to try to insert spyware on the target's computer, according to cybersecurity expert Michael Sutton at ZScaler, a California-based information technology security company.FULL STORY
By Laurie Segall
National Security Agency Director Keith Alexander defended the U.S. government's controversial spying program to a group of hackers on Wednesday, urging them to join in.
"The whole reason I came here was to ask you to help make it better," Alexander said during his keynote address at the Black Hat cybersecurity convention in Las Vegas. "If you disagree with what we're doing, you should help make it better."
Alexander's comments come nearly two months after Edward Snowden, a former employee at a government contractor, leaked the NSA's sweeping system for monitoring emails, photos, search histories and other data from major American Internet companies. The program, known as "Prism," is aimed at gathering data on foreign intelligence targets.
Alexander outlined details of the Prism program, the terrorist threats thwarted because of it, and a look into the techniques the NSA uses to collect user data.FULL STORY
Editor's note: This is one in a series of stories and opinion pieces surrounding the Aspen Security Forum currently taking place in Aspen, Colorado. Security Clearance is a media sponsor of the event, which is taking place from July 17 to 20 in Aspen, Colorado.
A senior-level defense official said Thursday that keeping top-secret information on one shared server and giving an individual the ability to view and move that data were two mistakes that allowed NSA leaker Edward Snowden to disclose top-secret information.
Although Ashton Carter, the deputy secretary of defense, said he didn't want to directly comment on Snowden - "because that is a criminal investigation" - he spent a portion of a panel at the Aspen Security Forum laying out the "root causes of all of this."
"This is a failure to defend our own network," Carter said. "That failure originated from two practices that we need to reverse."
The first mistake: "In an effort for those in the intelligence community to be able to share information with one another, there was an enormous amount of information concentrated in one place. ... It creates too much information in one place."
The second: "You had an individual who was given very substantial authority to access that information and move that information. That ought not to be the case, either."
From CNN’s Nunu Japaridze
Defense Secretary Chuck Hagel pointed the finger at China Saturday when addressing cybersecurity threats, the latest in a series of rhetorical skirmishes between the United States and China on the issue.
Speaking to an audience of defense professionals at a regional security summit in Singapore, Hagel said the United States was concerned about “the growing threat of cyber intrusions, some of which appear to be tied to the Chinese government and military.”
By Ashley Killough
The highest-ranking officials on the House intelligence committee continued to warn Sunday of the increasing cybersecurity threat to the U.S. economy and national security.
Republican Rep. Mike Rogers, the committee's chairman, spelled out the different levels of cyberattacks during an appearance on CNN's "State of the Union" and cautioned that the worst of those – a debilitating hit by a terrorist group - could become reality.
"We know that terrorists, non-nation states, are seeking the capability to do a cyberattack. They're probably not there yet," he said, sitting next to the ranking member on the committee, Democratic Rep. Dutch Ruppersberger.
Read more on CNN's Political Ticker.
By Alex Mooney
President Obama has invited a handful of CEOs to the White House Situation Room on Wednesday to discuss the growing threats posed by cyberattacks.
Administration officials are so far staying tight-lipped about who is attending the closed-door meeting, but one White House official tried to downplay the choice of convening it in the Situation Room, which is ordinarily reserved for high-ranking members of the president's national security team.
Instead, the White House official said, the Situation Room is the only conference room available Wednesday to accommodate the meeting.
The president is expected to discuss his administration's latest steps to beef up cybersecurity, including a recently signed executive order designed to improve intelligence sharing between the government and the private sector over potential cyber vulnerabilities, particularly those posed by Chinese hackers.
Among the CEOs invited are the leaders of AT&T, Honeywell and Northrop Grumman, the White House said Wednesday. FULL POST
By CNN Money's Charles Riley
An American cybersecurity firm has linked one of the world's most prolific groups of computer hackers to the Chinese government, saying in a new report that an extensive cyber-espionage campaign is being waged from a location near Shanghai.
The security firm, Mandiant, detailed the allegations in a 60-page report published Tuesday that describes the group's tactics and history over a six-year period.
The Virginia-based Mandiant, which helps companies detect and respond to cyber threats, said it has observed the group of hackers - called the "comment crew" - systematically steal hundreds of terabytes of data from at least 141 organizations across 20 industries worldwide since 2006.
Mandiant claims the activity can be traced to four networks near Shanghai - with some operations taking place in a location that is also the headquarters of Unit 61398, a secret division of China's military.
By David Goldman
Having run out of patience for Congress to act on a cybersecurity bill, President Obama has decided to take matters into his own hands.
Obama signed an executive order on Tuesday addressing the country's most basic cybersecurity needs and highlighted the effort in his State of the Union address.
"We cannot look back years from now and wonder why we did nothing in the face of real threats to our security and our economy," Obama said.
The order will make it easier for private companies in control of the nation's critical infrastructure to share information about cyberattacks with the government. In return, the Department of Homeland Security will share "sanitized" classified information with companies about attacks believed to be occurring or that are about to take place.
The order also directs the government to work with the private sector on standards that will help protect companies from cybercrime, though there is nothing in the order about how this will be enforced.