262 entries categorized "Cyberlaw / Cyber Security"

May 21, 2013

Guantanamo wi-fi shut down after Anonymous threat

05/21/13:  The BBC reports the American military has turned off its wi-fi service inside the prison at Guantanamo Bay following threats by the hacker collective Anonymous. Access to social networks, including Facebook and Twitter, from military computers has also been blocked because of the threat. Anonymous had threatened to "disrupt activities" at the base, in solidarity with the prisoners on hunger strike. It launched "Operation Guantanamo" on Saturday, 18 May. At the end of April, 100 of the 166 Guantanamo Bay inmates were staging a hunger strike over conditions in the jail and their ongoing imprisonment. The Anonymous three-day campaign began on the 100th day of the strike. The group used social media to encourage others to send "twitterstorms, email bombs and fax bombs" in order to raise awareness of the protest. Protests were also staged outside the White House and the prison itself. The phone numbers of the White House and various military command centres were also posted on the Anonymous website. No disruption had been reported so far, Lt Col Samuel House told the Associated Press news agency.

May 21, 2013 at 11:44 AM in Detainees / Guantanamo, Cyberlaw / Cyber Security |

New weapon in the terror tool kit? Encryption software blocks all eavesdropping

05/21/13:  The Washington Times reports a cheap new encryption technology for mobile phones completely blocks eavesdropping, even from warrant-wielding law enforcement agents – raising fears the technology could fall into the hands of terrorists or criminals. The software poses a growing problem that US law enforcement agencies call “going dark” – the spread of communications technologies that cannot be intercepted even with a warrant because agencies lack the technical capabilities. But experts say the feds’ proposed solution to get around the blackout – by legally mandating the insertion of “back doors” into such software to allow eavesdropping – creates an opening which could be exploited by hackers, online criminals or cyberspies. The issue is not unique to the United States. Intelligence and counter-terrorism officials in the United Kingdom are concerned about the new mobile phone application, called Seecrypt, according the London Mail on Sunday. The app provides individual users with military grade encryption — sending voice and text over the Internet in an a scrambled data stream that can only be deciphered by another user. The new application, which is free to download and will cost $3 a month, is made by a South African-based company, Porton Group, that boasts “we don’t comply” with such mandates, said CEO Harvey Boulter. The program does not have a “Legal Intercept” capability. Last year, the US company Silent Circle caused consternation in law enforcement circles when they launched a similar package here.

May 21, 2013 at 07:45 AM in Intelligence, Terrorism / Counterterrorism, Cyberlaw / Cyber Security |

May 20, 2013

Chinese hackers resume attacks on US targets

05/20/13:  The New York Times reports three months after hackers working for a cyberunit of China’s People’s Liberation Army went silent amid evidence that they had stolen data from scores of American companies and government agencies, they appear to have resumed their attacks  using different techniques, according to computer industry security experts and American officials. The Obama administration had bet that “naming and shaming” the groups, first in industry reports and then in the Pentagon's own detailed survey of Chinese military capabilities, might prompt China’s new leadership to crack down on the military’s highly organized team of hackers — or at least urge them to become more subtle. But Unit 61398, whose well-guarded 12-story white headquarters on the edges of Shanghai became the symbol of Chinese cyberpower, is back in business, according to American officials and security companies. It is not clear precisely who has been affected by the latest attacks. Mandiant, a private security company that helps companies and government agencies defend themselves from hackers, said the attacks had resumed but would not identify the targets, citing agreements with its clients. But it did say the victims were many of the same ones the unit had attacked before. The hackers were behind scores of thefts of intellectual property and government documents over the past five years, according to a report by Mandiant in February that was confirmed by American officials. They have stolen product blueprints, manufacturing plans, clinical trial results, pricing documents, negotiation strategies and other proprietary information from more than 100 of Mandiant’s clients, predominantly in the United States.

May 20, 2013 at 08:51 AM in Intelligence, Military, Asia, China, Cyberlaw / Cyber Security |

May 14, 2013

Cyberattacks against US corporations are on the rise

05/14/13:  The New York Times reports a new wave of cyberattacks is striking American corporations, prompting warnings from federal officials, including a vague one issued last week by the Department of Homeland Security. This time, officials say, the attackers’ aim is not espionage but sabotage, and the source seems to be somewhere in the Middle East. The targets have primarily been energy companies, and the attacks appeared to be probes, looking for ways to seize control of their processing systems. The attacks are continuing, officials said. But two senior administration officials said Sunday that they were still not certain exactly where the attacks were coming from, or whether they were state-sponsored or the work of hackers or criminals. Another official said that in the new wave of attacks, “most everything we have seen is coming from the Middle East,” but he did not say whether Iran, or another country, appeared to be the source. Last week’s warning was unusual because most attacks against American companies — especially those coming from China — have been attempts to obtain confidential information, steal trade secrets and gain competitive advantage. By contrast, the new attacks seek to destroy data or to manipulate industrial machinery and take over or shut down the networks that deliver energy or run industrial processes.

May 14, 2013 at 09:38 AM in Intelligence, Military, Diplomacy / Foreign Assistance, International Law / Law of War / Human Rights, Middle East / Northern Africa, Cyberlaw / Cyber Security |

May 09, 2013

Syrian internet back after 19-hour blackout

05/09/13:  The BBC reports the internet in Syria appears to have returned after a nationwide blackout knocked the country offline for more than 19 hours. Monitoring company Renesys noted signs of activity at around 14:30 GMT (17:30 local time) on Wednesday. Local state-run media had reported earlier that a "fault in optical fibre cables" was to blame for the blackout. However, experts dismissed this explanation as "unlikely". David Belson, of Akamai, said: "Our monitoring shows that Syria's international internet connectivity is through at least four providers, and published submarine cable maps show connectivity through three active cables. "As such, the failure of a single optical cable is unlikely to cause a complete internet outage for the country." Syria last experienced a shutdown for three days last November. Activists say the regime of President Bashar al-Assad is attempting to "silence" rebel communications. The Syrian government blamed that incident on "terrorists", but internet experts said it was more likely that the regime had shut down the web. The government has been fighting a bloody internal conflict for two years. Activists suggested at the time of the previous internet shutdown that the regime might have been planning a major offensive, or that it might have been attempting to prevent rebels from using the internet to co-ordinate themselves and communicate with the wider world.

May 09, 2013 at 08:36 AM in Middle East / Northern Africa, Cyberlaw / Cyber Security, Syria |

May 08, 2013

FBI pushes for more online snooping powers, fines for violators

05/08/13:  The Washington Times reports the White House is likely to fulfill the FBI's request for more authority to eavesdrop online, administration and law enforcement insiders said.  The FBI has been arguing for expanded powers to monitor Internet communications, saying advances in technology have made it easier and faster for suspects to “go dark,” Newser reported. The White House is now poised to agree to these requests, The New York Times reported. On the horizon: The FBI’s ability to fine companies that don’t comply with wiretap orders. Foreign companies could be hardest hit, Newser reported. They could face fines of $25,000 per day for not giving the FBI access to communications. Technology companies — and privacy-rights activists — aren’t pleased. “We’ll look a lot more like China than America after this,” said one lawyer in the Newser report. And a spokesman for the Center for Democracy and Technology said the expanded FBI authorities “would also mean that innovators who want to avoid new and expensive mandates will take their innovations abroad and develop them there,” Newser reported.

May 08, 2013 at 11:45 AM in Law Enforcement / Criminal Law, Intelligence, Surveillance / Privacy, Cyberlaw / Cyber Security |

May 07, 2013

US directly blames China’s military for cyberattacks

05/07/13:  The New York Times reports the Obama administration on Monday explicitly accused China’s military of mounting attacks on American government computer systems and defense contractors, saying one motive could be to map “military capabilities that could be exploited during a crisis.” While some recent estimates have more than 90 percent of cyberespionage in the United States originating in China, the accusations relayed in the Pentagon's annual report to Congress on Chinese military capabilities were remarkable in their directness. Until now the administration avoided directly accusing both the Chinese government and the People’s Liberation Army of using cyberweapons against the United States in a deliberate, government-developed strategy to steal intellectual property and gain strategic advantage. “In 2012, numerous computer systems around the world, including those owned by the US government, continued to be targeted for intrusions, some of which appear to be attributable directly to the Chinese government and military,” the nearly 100-page report said. The report, released Monday, described China’s primary goal as stealing industrial technology, but said many intrusions also seemed aimed at obtaining insights into American policy makers’ thinking. It warned that the same information-gathering could easily be used for “building a picture of US network defense networks, logistics, and related military capabilities that could be exploited during a crisis.” It was unclear why the administration chose the Pentagon report to make assertions that it has long declined to make at the White House. A White House official declined to say at what level the report was cleared. A senior defense official said “this was a thoroughly coordinated report,” but did not elaborate.

May 07, 2013 at 01:58 PM in Intelligence, Military, Diplomacy / Foreign Assistance, International Law / Law of War / Human Rights, Asia, China, Cyberlaw / Cyber Security |

May 04, 2013

Dutch police may get right to hack in cyber crime fight

05/04/13:  The BBC reports the Dutch government has announced plans to give police far greater powers to fight cybercrime. Under a new bill, investigators would be able to hack into computers, install spyware, read emails and destroy files. They could also break into servers located abroad, if they were being used to block services. Critics say the proposed measures are unnecessary and could set a dangerous precedent for people living under oppressive governments. Use of the powers would be subject to the approval of a judge, the government stresses. The bill would also make it a crime for a suspect to refuse to decipher encrypted files during a police investigation. It is expected the draft legislation will be put to parliament by the end of the year.

May 04, 2013 at 08:03 AM in Law Enforcement / Criminal Law, Europe / Eurasia, Cyberlaw / Cyber Security |

May 02, 2013

Sensitive Army database of US dams compromised

05/02/13:  The Washington Times reports US intelligence agencies traced a recent cyber intrusion into a sensitive infrastructure database to the Chinese government or military cyber warriors, according to US officials. The compromise of the US Army Corps of Engineers' National Inventory of Dams (NID) is raising new concerns that China is preparing to conduct a future cyber attack against the national electrical power grid, including the growing percentage of electricity produced by hydroelectric dams. The database contains sensitive information on vulnerabilities of every major dam in the United States. There are around 8,100 major dams across waterways in the United States. The database categorizes US dams by the number of people that would be killed if a dam fails. They include “significant” and “high” hazard levels. Michelle Van Cleave, the former National Counterintelligence Executive, a senior counterintelligence policymaker, said the database compromise highlights the danger posed by hackers who are targeting critical U.S. infrastructure for future attacks.

May 02, 2013 at 07:25 AM in Intelligence, Military, China, Cyberlaw / Cyber Security, Emergency Preparedness |

April 30, 2013

Panel seeks to fine tech companies for noncompliance with wiretap orders

04/30/13:  The Washington Post reports a government task force is preparing legislation that would pressure companies such as Face­book and Google to enable law enforcement officials to intercept online communications as they occur, according to current and former US officials familiar with the effort. Driven by FBI concerns that it is unable to tap the Internet communications of terrorists and other criminals, the task force’s proposal would penalize companies that failed to heed wiretap orders — court authorizations for the government to intercept suspects’ communications. But law enforcement officials say the cloak drawn on suspects’ online activities — what the FBI calls the “going dark” problem — means that critical evidence can be missed. “The importance to us is pretty clear,” Andrew Weissmann, the FBI’s general counsel, said last month at an ANA discussion on legal challenges posed by new technologies. “We don’t have the ability to go to court and say, ‘We need a court order to effectuate the intercept.’ Other countries have that. Most people assume that’s what you’re getting when you go to a court.” There is currently no way to wiretap some of these communications methods easily, and companies effectively have been able to avoid complying with court orders. While the companies argue that they have no means to facilitate the wiretap, the government, in turn, has no desire to enter into what could be a drawn-out contempt proceeding. Under the draft proposal, a court could levy a series of escalating fines on firms that fail to comply with wiretap orders. A company that does not comply with an order within a certain period would face an automatic judicial inquiry, which could lead to fines. Instead of setting rules that dictate how the wiretap capability must be built, the proposal would let companies develop the solutions as long as those solutions yielded the needed data. That flexibility was seen as inevitable by those crafting the proposal, given the range of technology companies that might receive wiretap orders. Smaller companies would be exempt from the fines. The proposal, however, is likely to encounter resistance, said industry officials and privacy advocates.

 

April 30, 2013 at 11:19 AM in Law Enforcement / Criminal Law, Intelligence, Constitutional Law, Surveillance / Privacy, Cyberlaw / Cyber Security, Developing Technologies |

April 28, 2013

Dutch man arrested for huge cyberattack

04/28/13: BBC News reports Spanish police have arrested a Dutch man suspected of being behind one of the biggest cyberattacks in history.  The 35-year-old man was detained in Barcelona following a request from the Dutch public prosecutor.  The attack bombarded the websites of anti-junk mail outfit Spamhaus with huge amounts of data in an attempt to knock them offline.  It also slowed data flows over closely linked networks and led to a massive police investigation.  The suspect is believed to be Sven Kamphuis, the owner and manager of Dutch hosting firm Cyberbunker that has been implicated in the attack.  Spamhaus servers were hit with a huge amount of data in a Distributed Denial of Service (DDoS) attack.  It overwhelms a web server by sending it many more requests for data than it can handle.

April 28, 2013 at 10:27 AM in Law Enforcement / Criminal Law, Europe / Eurasia, Cyberlaw / Cyber Security |

April 27, 2013

Will Iran's national internet mean no world wide web?

04/27/13:  The BBC reports eight years ago, when President Mahmoud Ahmadinejad first took office, the Iranian government announced plans to develop a national internet network. The project attracted little attention at the time but now, with less than two months to go until the next presidential election, some analysts say it is so well advanced that the authorities could soon be in a position to cut off the entire country from the world wide web. When Iran's former Information Technology Minister Mohammad Soleimani complained last week about the difficulties he was having accessing the internet, he was expressing the frustrations of many. For months now, Iranian social media sites have been full of postings about slow download speeds and intermittent access. Internet 'demons' While some put the blame on the country's overloaded and outdated internet infrastructure, others have a more sinister explanation for what is going on.

April 27, 2013 at 12:49 PM in International Law / Law of War / Human Rights, Middle East / Northern Africa, Border Control, Cyberlaw / Cyber Security, Iran |

April 23, 2013

US and China put focus on cybersecurity

04/23/13:  The New York Times reports the United States and China held their highest-level military talks in nearly two years on Monday, with a senior Chinese general pledging to work with the United States on cybersecurity because the consequences of a major cyberattack “may be as serious as a nuclear bomb.” Cybersecurity has become a sudden source of tension between the two countries. China has bristled over the growing body of evidence that its military has been involved in cyberattacks on American corporations and some government agencies. Last month, the Obama administration demanded that the Chinese government stop the theft of data from American computer networks and help create global standards for cybersecurity. At a news conference on Monday after talks with the chairman of the Joint Chiefs of Staff, Gen. Martin E. Dempsey, the Chinese general, Fang Fenghui, said he would be willing to set up a cybersecurity “mechanism,” but warned that progress might not be swift. “I know how difficult it is,” General Fang said. “Anyone can launch the attacks — from the place where he lives, from his own country or from another country.” General Dempsey arrived in Beijing on Sunday for his first visit to China. His predecessor, Adm. Mike Mullen, held talks in Beijing in July 2011. General Dempsey’s three-day visit comes as mistrust has mounted between Beijing and Washington over a host of issues, including differences over North Korea, Washington’s strengthened military posture in the Asia Pacific region, China’s assertiveness in the South and East China Seas and basic problems of how the two militaries should communicate in a crisis.

April 23, 2013 at 10:34 AM in Military, Diplomacy / Foreign Assistance, International Law / Law of War / Human Rights, Asia, China, Cyberlaw / Cyber Security |

April 05, 2013

Anonymous 'hacks' North Korea social network accounts

04/05/13:  The BBC reports the hacking collective Anonymous has said it has been "hacking" and vandalising social networking profiles linked to North Korea. The group has issued several warnings since the country's threats have intensified. Uriminzokkiri, a news site, has been forced offline - while Twitter and Flickr accounts have been breached. Anonymous also claimed to have accessed 15,000 usernames and passwords from a university database. As part of action which the loosely organised collective has called "Operation Free Korea", the hackers have called for leader Kim Jong-un to step down, a democratic government to be put in place - and for North Koreans to get uncensored internet access. Currently, only a select few in the country have access to the "internet" - which is more akin to a closed company intranet with only a select few websites that are government-run. The country recently allowed foreigners to access mobile internet, but this service has since been shut off. In a message posted online, members of Anonymous wrote: "To the citizens of North Korea we suggest to rise up and bring [this] oppressive government down!

April 05, 2013 at 08:19 AM in Cyberlaw / Cyber Security, North Korea |

March 29, 2013

Corporate cyberattacks seem meant to destroy, not just disrupt

03/29/13:  The New York Times reports the assault, which took American Express offline for two hours, was the latest in an intensifying campaign of unusually powerful attacks on American financial institutions that began last September and have taken dozens of them offline, costing millions of dollars. JPMorgan Chase was taken offline by a similar attack this month. And last week, a separate, aggressive attack incapacitated 32,000 computers at South Korea’s banks and television networks. The culprits of these attacks, officials and experts say, appear intent on disabling financial transactions and operations. Corporate leaders have long feared online attacks aimed at financial fraud or economic espionage, but now a new threat has taken hold: attackers, possibly with state backing, who seem bent on destruction. “The attacks have changed from espionage to destruction,” said Alan Paller, director of research at the SANS Institute, a cybersecurity training organization. “Nations are actively testing how far they can go before we will respond.” Security experts who studied the attacks said that it was part of the same campaign that took down the Web sites of JPMorgan Chase, Wells Fargo, Bank of America and others over the last six months. A group that calls itself the Izz ad-Din al-Qassam Cyber Fighters has claimed responsibility for those attacks. The group says it is retaliating for an anti-Islamic video posted on YouTube last fall. But American intelligence officials and industry investigators say they believe the group is a convenient cover for Iran. Just how tight the connection is is unclear. Government officials and bank executives have failed to produce a smoking gun. North Korea is considered the most likely source of the attacks on South Korea, though investigators are struggling to follow the digital trail, a process that could take months. The North Korean government of Kim Jong-un has openly declared that it is seeking online targets in its neighbor to the south to exact economic damage.

 

 

March 29, 2013 at 10:24 AM in Military, Diplomacy / Foreign Assistance, International Law / Law of War / Human Rights, Cyberlaw / Cyber Security, Iran, North Korea |

Egypt: Naval forces capture 3 divers trying to cut undersea Internet cable

03/29/13:  The Washington Post reports Egypt’s naval forces captured three scuba divers who were trying to cut an undersea Internet cable in the Mediterranean on Wednesday, a military spokesman said. Telecommunications executives meanwhile blamed a weeklong Internet slowdown on damage caused to another cable by a ship. Col. Ahmed Mohammed Ali said in a statement on his official Facebook page that divers were arrested while “cutting the undersea cable” of the country’s main communications company, Telecom Egypt. The statement said they were caught on a speeding fishing boat just off the port city of Alexandria. The statement was accompanied by a photo showing three young men, apparently Egyptian, staring up at the camera in what looks like an inflatable launch. It did not further have details on who they were or why they would have wanted to cut a cable. Egypt’s Internet services have been disrupted since March 22. Telecom Egypt executive manager Mohammed el-Nawawi told the private TV network CBC that the damage was caused by a ship, and there would be a full recovery on Thursday. A cable cut can cause data to become congested and flow the long way around the world, he said. It’s not the first time cable cuts have affected the Mideast in recent years. Errant ships’ anchors are often blamed. Serious undersea cable cuts caused widespread Internet outages and disruptions across the Middle East on two separate occasions in 2008.

March 29, 2013 at 09:41 AM in Military, Middle East / Northern Africa, Cyberlaw / Cyber Security |

March 28, 2013

Global internet slows after 'biggest attack in history'

03/28/13:  The BBC reports the internet around the world has been slowed down in what security experts are describing as the biggest cyber-attack of its kind in history.  row between a spam-fighting group and hosting firm has sparked retaliation attacks affecting the wider internet. It is having an impact on popular services like Netflix - and experts worry it could escalate to affect banking and email systems. Five national cyber-police-forces are investigating the attacks. Spamhaus, a group based in both London and Geneva, is a non-profit organisation that aims to help email providers filter out spam and other unwanted content. To do this, the group maintains a number of blocklists - a database of servers known to be being used for malicious purposes. Recently, Spamhaus blocked servers maintained by Cyberbunker, a Dutch web host that states it will host anything with the exception of child pornography or terrorism-related material. Sven Olaf Kamphuis, who claims to be a spokesman for Cyberbunker, said, in a message, that Spamhaus was abusing its position, and should not be allowed to decide "what goes and does not go on the internet". Spamhaus has alleged that Cyberbunker, in cooperation with "criminal gangs" from Eastern Europe and Russia, is behind the attack. Cyberbunker has not responded to the BBC's request for comment.

March 28, 2013 at 09:24 AM in Diplomacy / Foreign Assistance, Europe / Eurasia, Cyberlaw / Cyber Security |

March 25, 2013

NATO manual: Stuxnet attack on Iran nuclear facilities was act of force

03/25/13: The Washington Times reports a new manual commissioned by NATO’s cyberwarfare center says the cyberattack by the US and Israel that crippled Iran’s nuclear program by sabotaging industrial equipment constituted “an act of force” and was possibly illegal under international law.  The Tallinn Manual on the International Law Applicable to Cyber Warfare says, “Acts that kill or injure persons or destroy or damage objects are unambiguously uses of force.”  The international group of researchers who wrote the manual were unanimous that Stuxnet — the self-replicating cyberweapon that destroyed Iranian centrifuges that were enriching uranium — was an act of force, but were divided on whether its effects were severe enough to constitute an “armed attack,” which would trigger hostilities under the UN Charter and allow Iran to retaliate in self-defense.  Neither Israel nor the United States has publicly acknowledged being behind Stuxnet, but they are widely believed to have been responsible.

March 25, 2013 at 08:46 AM in Military, International Law / Law of War / Human Rights, Secrecy / Transparency / FOIA, Middle East / Northern Africa, Cyberlaw / Cyber Security, Iran, Israel / Palestine, Nuclear Weapons |

March 22, 2013

South Korea says it misidentified source of cyberattack

03/22/13:  The New York Times reports the South Korean government said on Friday that it was mistaken when it identified an Internet address in China as the source of synchronized cyberattacks that paralyzed the computer networks of banks and broadcasters. The Korea Communications Commission, a government agency, said the Internet address actually belonged to a computer at NongHyup, one of the three banks affected by the hacking on Wednesday. It was mistaken earlier, it said, because the address, used only for the bank’s internal network, was identical to a public Internet Protocol address in China. South Korean investigators have found “indications that the malicious codes were installed from abroad,” the commission said in a news release on Friday. “There are so many similarities in the ways the attacks were executed and the viruses used that we believe that there was probably a single group behind them.” The coordinated attacks on Wednesday affected 32,000 computers and servers at the country’s two largest broadcasters, one cable channel and three banks. For hours the banks’ A.T.M.'s were shut down and account-holders could not use their debit cards. Many in South Korea suspect that North Korea was behind the shutdowns, partly because it was suspected in earlier attacks against South Korean Web sites. But South Korea has not officially assigned blame. Government investigators said it would take weeks to complete their analysis. Even after a lengthy investigation, they said, it is still sometimes impossible to identity the hackers.

March 22, 2013 at 09:12 AM in Military, Diplomacy / Foreign Assistance, International Law / Law of War / Human Rights, Asia, Cyberlaw / Cyber Security, North Korea |

March 21, 2013

Microsoft releases report on law enforcement requests

03/21/13: The New York Times reports Microsoft on Thursday disclosed for the first time the number of government law enforcement requests it had received for data on its hundreds of millions of customers around the world, joining the ranks of Google, Twitter and other Web businesses in publishing regular transparency reports. The report, which Microsoft plans to update every six months, showed that law enforcement agencies in five countries — Turkey, the United States, Britain, France and Germany — accounted for 69 percent of the 70,665 requests Microsoft received during 2012. In 8 of 10 requests, Microsoft provided agencies with elements of so-called non-content information such as an account holder’s name, gender, e-mail address, IP address, country of residence and dates and times of data traffic. In 2.1 percent of requests Microsoft disclosed the actual content of a communication, such as the subject headline of an e-mail, the contents of an e-mail, or a picture stored on SkyDrive, its cloud computing service. Microsoft said it disclosed the content of communications in 1,544 cases to US law enforcement agencies, and in 14 cases to agents in Brazil, Ireland, Canada and New Zealand.

March 21, 2013 at 01:41 PM in Law Enforcement / Criminal Law, Surveillance / Privacy, Cyberlaw / Cyber Security |

South Korea links cyberattack to China, North Korea

03/21/13:  The Washington Times reports a Chinese Internet address was the source of at least one of the wave of cyberattacks that hit South Korean banks and broadcasters, wiping as many as 32,000 computers and shutting down ATMs and online banking, according to authorities in Seoul Thursday. Mr. Park stressed that tracking down the IP source to China did not explain who was behind the attack, which might simply have been routed through the Chinese address from elsewhere. Wednesday’s cyberattack, the largest against South Korea for at least two years and what looks like the most sophisticated to date, came in the midst of rising tensions on the peninsula and just days after North Korea accused the United States and its South Korean allies of knocking several of Pyongyang’s websites offline last week. North Korean leaders have ratcheted up their bellicose rhetoric recently, and on March 11, Pyongyang abrogated the 1953 armistice that ended fighting in the Korean war — though not the conflict itself as the two sides remain technically in a state of hostilities. Pyongyang has been blamed for previous cyberattacks in 2009 and 2011 that had also targeted South Korean financial institutions and government agencies.

March 21, 2013 at 01:30 PM in Diplomacy / Foreign Assistance, International Law / Law of War / Human Rights, China, Cyberlaw / Cyber Security, North Korea |

March 15, 2013

North Korea sees South Korea and US behind cyberstrikes

03/15/13:  The New York Times reports North Korea, a country paranoid about perceived threats from the outside world, said on Friday that it had found new foreign invaders: hackers from the United States and its allies shutting down the North’s Web sites, the country’s main tool of spreading propaganda abroad. Until now, the complaint came from the other direction, with South Korean officials suspecting that North Korea was behind a recent series of hacking attacks on South Korean and American Web sites. After North Korea’s recent threats to retaliate against United Nations sanctions, South Korea warned of possible North Korean efforts to disrupt the Internet in the South, one of the most wired countries in the world. These accusations, although denied by the opposing sides, showed how inter-Korean tensions are increasingly spreading into cyberspace. North Korea’s often strident rhetoric has escalated to a feverish new pitch in recent weeks, complete with a threat to launch a “pre-emptive nuclear attack” at the United States and South Korea after the allies started joint military drills on March 1, followed by new United Nations sanctions for the North’s Feb. 12 nuclear test.

March 15, 2013 at 11:44 AM in Intelligence, Diplomacy / Foreign Assistance, International Law / Law of War / Human Rights, Asia, Cyberlaw / Cyber Security, North Korea |

March 12, 2013

Intelligence Official cites threat of cyberattacks on US

03/12/13:  The New York Times reports the nation’s top intelligence official warned Congress on Tuesday that a cyberattack could cripple America’s infrastructure and economy and suggested that such attacks pose the most dangerous immediate threat to the United States, more pressing than an attack by global terrorist networks.  James R. Clapper Jr., the director of national intelligence, said in prepared testimony to the Senate Intelligence Committee that American spy agencies saw only a “remote chance” in the next two years of a major cyberattack — what he defined as an operation that “would result in long-term, wide-scale disruption of services, such as a regional power outage.” Still, it was the first time that Mr. Clapper has listed cyberattacks first in his annual presentation to Congress about the various threats facing the United States, and the rare occasion since 2001 that intelligence officials have not listed international terrorism first in the catalog of dangers facing the United States. In 2009, the director of national intelligence, Dennis C. Blair, called the global financial crisis the “primary near-term security concern of the United States.”

March 12, 2013 at 11:56 AM in Congress, Intelligence, Cyberlaw / Cyber Security |

US official in China hacking call

03/12/13:  The BBC reports the Chinese government should acknowledge and investigate cyber-theft from China, a top US official has said. National Security Adviser Thomas Donilon said cyber security was a "growing challenge" to the US economic relationship with Beijing. The pointed remarks appeared to reflect growing US concern over cyber-crimes said to originate in China. On Saturday China's foreign minister criticised claims China was behind hacking attacks on US companies. In a speech at the Asia Society in New York on Monday, Mr Donilon said that US businesses were increasingly concerned about "cyber intrusions emanating from China" that stole confidential business information or intellectual property. "We seek three things from the Chinese side," he said. "First, we need a recognition of the urgency and scope of this problem. Second, Beijing should take serious steps to investigate and put a stop to these activities." "Finally, we need China to engage with us... to establish acceptable norms of behaviour in cyberspace." China has long been suspected of a role in cyber-hacking. But the issue has become more high-profile in recent months following widely reported hacks into media outlets including the New York Times - in that case apparently linked to a report by the paper on the wealth of relatives of outgoing Premier Wen Jiabao.

March 12, 2013 at 11:17 AM in Law Enforcement / Criminal Law, Intelligence, Military, Diplomacy / Foreign Assistance, International Law / Law of War / Human Rights, China, Cyberlaw / Cyber Security |

February 28, 2013

US hackers attacked military websites, says China's defence ministry

02/28/13:  The BBC reports hackers from the US have repeatedly launched attacks on two Chinese military websites, including that of the Defence Ministry, officials say. The sites were subject to about 144,000 hacking attacks each month last year, two thirds of which came from the US, according to China's defence ministry. The issue of cyber hacking has strained relations between the two countries. Earlier this month a US cyber security firm said a secretive Chinese military unit was behind "prolific hacking". Mandiant said that Unit 61398 was believed to have "systematically stolen hundreds of terabytes of data" from at least 141 organisations around the world. The White House has said that it has taken its concerns about cyber-theft to the highest levels of China's government. China denied the allegations, saying it was also the victim of cyber attacks. The US is yet to respond to these latest allegations from China.

February 28, 2013 at 08:16 AM in Intelligence, Politics, International Law / Law of War / Human Rights, China, Cyberlaw / Cyber Security |

February 22, 2013

North Korea to offer mobile internet access

02/22/13:  The BBC reports North Korean mobile phone provider Koryolink is planning to launch a 3G data service for foreign visitors and residents from abroad. Egyptian telecoms firm Orascom, which is a partner in Koryolink, estimates that more than 1 million North Koreans use mobile phones. They will not be able to use the new service, according to reports. Orascom launched a 3G phone network inside North Korea in 2008, but users can only use it to make phone calls. In January 2013 the government began allowing foreign visitors to bring their own mobile devices into the country with them for the first time. Current internet access is extremely limited for locals, with most people only having access to a small number of state-run pages.

February 22, 2013 at 02:50 PM in Intelligence, Cyberlaw / Cyber Security, North Korea |

February 19, 2013

Chinese Army unit is seen as tied to hacking against US

02/19/13:  The New York Times reports On the outskirts of Shanghai, in a run-down neighborhood dominated by a 12-story white office tower, sits a People’s Liberation Army base for China’s growing corps of cyberwarriors, headquarters of P.L.A. Unit 61398. A growing body of digital forensic evidence — confirmed by American intelligence officials who say they have tapped into the activity of the army unit for years — leaves little doubt that an overwhelming percentage of the attacks on American corporations, organizations and government agencies originate in and around the white tower.  An unusually detailed 60-page study, to be released Tuesday by Mandiant, an American computer security firm, tracks for the first time individual members of the most sophisticated of the Chinese hacking groups — known to many of its victims in the United States as “Comment Crew” or “Shanghai Group” — to the doorstep of the military unit’s headquarters.

February 19, 2013 at 09:08 AM in Intelligence, Military, Diplomacy / Foreign Assistance, International Law / Law of War / Human Rights, China, Cyberlaw / Cyber Security |

February 12, 2013

Obama to issue executive order on cybersecurity

02/12/13:  The Washington Times reports President Obama is set to issue on Wednesday an executive order to fight off electronic attacks and hackers, according to various media.  The order — which has undergone several revisions over the past few months — sets the Department of Homeland Security as overseer of an information-sharing network that distributes intelligence information about cybersecurity risks, Fox News reports. The information would help U.S. business owners block hackers and attacks on their compute systems, Fox News says.  Some Republicans decry the executive order as yet another presidential bypass of congressional authority, according to Fox News. The executive order comes after Congress failed to pass similar legislation last summer, Fox News reports.

February 12, 2013 at 10:34 AM in Congress, Executive Branch, Homeland Security / Immigration, Cyberlaw / Cyber Security |

February 11, 2013

Congress to renew cybersecurity push

02/11/13: The Hill reports a cybersecurity bill that received pushback from privacy advocates and the White House last year will be re-introduced on Wednesday, setting up a potential battle between Congress and the Administration over cybersecurity legislation.  House Intelligence Committee Chairman Mike Rogers (R-Mich.) and Ranking Member Dutch Ruppersberger (D-Md.) will reintroduce the Cyber Intelligence Sharing and Protection Act (CISPA) and hold a public hearing analyzing the current state of cyber threat information-sharing between the US Government and industry next week.   The bill aims to thwart cyberattacks by making it easier for private companies to share information about threats and malicious source code with the intelligence community and the Department of Homeland Security.  The privacy and civil liberties groups that fought CISPA last year plan to revive their efforts to oppose the bill.

February 11, 2013 at 07:56 AM in Congress, Executive Branch, Law Enforcement / Criminal Law, Surveillance / Privacy, Cyberlaw / Cyber Security |

February 07, 2013

Vulnerability lets hackers control building locks, electricity, elevators and more

02/07/13:  Wired's Threat Level reports a critical vulnerability discovered in an industrial control system used widely by the military, hospitals and others would allow attackers to remotely control electronic door locks, lighting systems, elevators, electricity and boiler systems, video surveillance cameras, alarms and other critical building facilities, say two security researchers.  The vulnerability in the Tridium Niagara AX Framework allows an attacker to remotely access the system’s config.bog file, which holds all of the system’s configuration data, including usernames and passwords to log in to operator work stations and control the systems that are managed by them.  Billy Rios and Terry McCorkle, noted security researchers with Cylance, who have found numerous vulnerabilities in the Tridium system and other industrial control systems in the last two years, demonstrated a zero-day attack on the system at the Kaspersky Security Analyst Summmit on Tuesday.

February 07, 2013 at 10:43 AM in Homeland Security / Immigration, Intelligence, Military, Cyberlaw / Cyber Security |

February 04, 2013

Obama Administration concludes President has broad cyberwarfare powers

02/04/13: The New York Times reports a secret legal review on the use of America’s growing arsenal of cyberweapons has concluded that President Obama has the broad power to order a preemptive strike if the United States detects credible evidence of a major digital attack looming from abroad.  That decision was among several reached in recent months as the administration moves, in the next few weeks, to approve the nation’s first rules for how the military can defend, or retaliate, against a major cyberattack.  The rules will be highly classified, like those governing drone strikes.  John Obama’s chief counterterrorism adviser and his nominee to run the Central Intelligence Agency, played a central role in developing the administration’s policies regarding both drones and cyberwarfare, the two newest and most politically sensitive weapons in the American arsenal.

February 04, 2013 at 08:12 AM in Executive Branch, Intelligence, Military, Terrorism / Counterterrorism, International Law / Law of War / Human Rights, Constitutional Law, Surveillance / Privacy, Analysis, Cyberlaw / Cyber Security, Emergency Preparedness |

February 01, 2013

Wall Street Journal 'also victim of China hacking attack'

02/01/13:  The BBC reports hackers from China have infiltrated the computer systems of the Wall Street Journal (WSJ), in the second reported attack on a major US news outlet.  The Journal says the hackers were trying to monitor its China coverage.  The New York Times reported earlier that Chinese hackers had "persistently" penetrated its systems for the last four months.  Beijing has been accused by several governments and companies of carrying out cyber espionage for many years.  The Journal's publisher, Dow Jones & Co, released a statement on Thursday saying hacking attacks related to its China coverage were "an ongoing issue".  "Evidence shows that infiltration efforts target the monitoring of the Journal's coverage of China, and are not an attempt to gain commercial advantage or to misappropriate customer information," a spokeswoman for the newspaper said.  The paper has completed a network overhaul to bolster security, she added.

February 01, 2013 at 10:05 AM in Intelligence, International Law / Law of War / Human Rights, Cyberlaw / Cyber Security |

January 31, 2013

New York Times 'hit by hackers from China'

01/31/13:  The BBC reports hackers from China have "persistently" infiltrated the New York Times for the last four months, the US paper says.  It said the attacks coincided with its report into claims that the family of Chinese Premier Wen Jiabao had amassed a multi-billion dollar fortune.  The hackers used methods which have been "associated with the Chinese military" to target the emails of the report's writer, the paper said.  China's foreign ministry dismissed the accusations as "groundless". The New York Times said the hacking initially focussed on the computers of David Barboza, the paper's bureau chief in Shanghai who wrote the report, and one of his predecessors, Jim Yardley.  Internet security firm Mandiant, which was hired by the Times to trace the attack, followed the hackers' movements for four months, to try to establish a pattern and block them.  The hackers installed malware which enabled them to access any computer using the New York Times network, steal the password of every employee, and access 53 personal computers, mostly outside the Times offices.

January 31, 2013 at 09:54 AM in Law Enforcement / Criminal Law, Intelligence, Diplomacy / Foreign Assistance, Asia, Cyberlaw / Cyber Security |

January 29, 2013

Help wanted at Pentagon to fend off hackers — 4,000 cybersecurity experts eyed

01/29/13:  The Washington Times reports the US Department of Defense gave the go-ahead to a massive expansion of its cybersecurity force to fight off computer hacks and security compromises, according to media.  The expansion comes on the heels of an Anonymous attack on the US Sentencing Commission's website.  The DoD's Cyber Command is expected to grow its staff from 900 to 4,900 over the next few years, according to media reports.  In public remarks at the Intrepid Sea, Air and Space Museum in New York in October 2012, Defense Secretary Leon Panetta warned of the potential for a “cyber-Pearl Harbor” and advised the United Stations to boost cybersecurity programs.  “An aggressor nation or extremist group could use these kinds of cyber tools to gain control of critical switches,” Mr. Panetta said then, according to media reports.

January 29, 2013 at 11:46 AM in Intelligence, Military, Cyberlaw / Cyber Security |

January 28, 2013

Pentagon to expand cybersecurity force

01/28/13: The New York Times reports the Pentagon is moving toward a major expansion of its cybersecurity force to counter increasing attacks on the nation’s computer networks, as well as to expand offensive computer operations on foreign adversaries.  The expansion announced by defense officials Sunday would increase DOD’s Cyber Command by more than 4,000 people, up from the current 900.  As part of the expansion, officials said the Pentagon was planning three different forces under Cyber Command: “national mission forces” to protect computer systems that support the nation’s power grid and critical infrastructure; “combat mission forces” to plan and execute attacks on adversaries; and “cyber protection forces” to secure the Pentagon’s computer systems.  In October outgoing Defense Secretary Leon Panetta warned in dire terms that the United States was increasingly vulnerable to cyberattacks.

January 28, 2013 at 07:02 AM in Executive Branch, Homeland Security / Immigration, Military, Cyberlaw / Cyber Security, Emergency Preparedness |

January 27, 2013

Anonymous claims attack on US Sentencing Commission site

01/27/13: The blog Space War reports hacker group Anonymous said it disabled the US Sentencing Commission’s website Saturday and vowed to release government data in revenge for the death of Internet freedom advocate Aaron Swartz.  The Commission’s website was apparently hacked early Saturday.  Anonymous threatened to make public the encryption keys to files that could potentially embarrass judges and other federal employees, saying it acted in protest at how the Justice Department handled Swartz’s case.  Swartz was facing thirty-five years in prison and a $1 million fine for breaking into a closet at the Massachusetts Institute of Technology to plug into the computer network.  He downloaded millions of scholarly articles he allegedly planned to distribute for free.

January 27, 2013 at 10:59 AM in Law Enforcement / Criminal Law, Homeland Security / Immigration, Cyberlaw / Cyber Security |

January 24, 2013

Google tells police to get warrants for e-mail, cloud data

01/24/13:  Wired's Threat Level reports Google demands probable-cause, court-issued warrants to divulge the contents of Gmail and other cloud-stored documents to authorities in the United States — a startling revelation Wednesday that runs counter to federal law that does not always demand warrants.  The development surfaced as Google publicly announced that more than two-thirds of the user data Google forwards to government agencies across the United States is handed over without a probable-cause warrant.  The Electronic Communications Privacy Act of 1986, the relevant law in question, was adopted at a time when e-mail wasn’t stored on servers for a long time, but instead was held there briefly on its way to the recipient’s inbox.  That law is still on the books today, even as the advancement of technology has undermined its original theory.  But clearly, changing the law to comport with Google’s interpretation has been met with unreceptive members of Congress.  The Senate Judiciary Committee approved a measure last year mirroring Google’s interpretation, but the bill died a quiet death. Moves to change the law have been scuttled over and again.

 

January 24, 2013 at 10:24 AM in Judiciary / Cases, Law Enforcement / Criminal Law, Surveillance / Privacy, Cyberlaw / Cyber Security |

January 15, 2013

Commentary: FBI needs hackers, not backdoors

01/15/13:  Wired published an article by Matt Blaze and Susan Landau discussing wiretap ready requirements versus the use of hackers in gathering digital information.  Whether we like them or not, wiretaps — legally authorized ones only, of course — are an important law enforcement tool. But mandatory wiretap backdoors in internet services would invite at least as much new crime as it could help solve.  Especially because we’re knee deep in what can only be called a cybersecurity crisis. Criminals, rival nation states, and rogue hackers routinely seek out and exploit vulnerabilities in our computers and networks — much faster than we can fix them. In this cybersecurity landscape, wiretapping interfaces are particularly juicy targets.

January 15, 2013 at 10:04 AM in Law Enforcement / Criminal Law, Intelligence, Surveillance / Privacy, Commentary / Opinion, Cyberlaw / Cyber Security |

'Red October' cyber-attack found by Russian researchers

01/15/13:  The BBC reports a major cyber-attack that may have been stealing confidential documents since 2007 has been discovered by Russian researchers.  Kaspersky Labs told the BBC the malware targeted government institutions such as embassies, nuclear research centres and oil and gas institutes.  It was designed to steal encrypted files - and was even able to recover files that had been deleted.  One expert described the attack find as "very significant".  In a statement, Kaspersky Labs said: "The primary focus of this campaign targets countries in Eastern Europe, former USSR Republics, and countries in Central Asia, although victims can be found everywhere, including Western Europe and North America.  "The main objective of the attackers was to gather sensitive documents from the compromised organisations, which included geopolitical intelligence, credentials to access classified computer systems, and data from personal mobile devices and network equipment."

January 15, 2013 at 09:19 AM in Intelligence, Asia, Europe / Eurasia, Cyberlaw / Cyber Security |

January 10, 2013

Delegation from US urges web access in North Korea

01/10/13:  The New York Times reports a private delegation to North Korea that includes Google’s executive chairman, Eric E. Schmidt, is urging North Korea to allow more open Internet access and cellphones, although it is unclear how that message is being heard by a leadership that has long depended on a near-total ban on outside information to maintain its totalitarian rule.

January 10, 2013 at 12:48 PM in Intelligence, Cyberlaw / Cyber Security, North Korea |

December 28, 2012

China toughens its restrictions of the use of the internet

12/28/12:  The New York Times reports the Chinese government issued new rules on Friday requiring Internet users to provide their real names to service providers, while assigning Internet companies greater responsibility for deleting forbidden postings and reporting them to the authorities.  The decision came as government censors have sharply stepped up restrictions on China’s international Internet traffic in recent weeks.  The new regulations, issued by the Standing Committee of the National People’s Congress, allow Internet users to continue to adopt pseudonyms for their online postings, but only if they first provide their real names to service providers.

December 28, 2012 at 10:20 AM in International Law / Law of War / Human Rights, Asia, China, Cyberlaw / Cyber Security |

December 27, 2012

Iran media report new cyberattack by Stuxnet worm

12/27/12:  The Washington Times reports an Iranian semiofficial news agency says there has been another cyberattack by the sophisticated computer worm Stuxnet, this time on the industries in the country’s south. Tuesday’s report by ISNA quotes provincial civil defense chief Akhavan as saying the virus targeted a power plant and some other industries in Hormozgan province in recent months.  Akhavan said Iranian computer experts were able to “successfully stop” the worm. Iran repeatedly has claimed having defused cyberworms and malware, including the Stuxnet and Flame viruses that targeted the vital oil sector, which provides 80 percent of the country’s foreign revenue.

December 27, 2012 at 11:43 AM in Middle East / Northern Africa, Cyberlaw / Cyber Security, Iran |

December 14, 2012

US rejects telecommunications treaty

12/14/12:  The New York Times reports talks on a proposed treaty governing international telecommunications collapsed in acrimony on Thursday when the United States rejected the agreement on the eve of its scheduled signing, citing an inability to resolve an impasse over the Internet.  The United States announcement was seconded by Canada and several European countries after nearly two weeks of talks that had often pitted Western governments against Russia, China and developing countries. The East-West and North-South divisions harked back to the cold war, even though that conflict did not stop previous agreements to connect telephone calls across the Iron Curtain.

December 14, 2012 at 09:22 AM in International Law / Law of War / Human Rights, Cyberlaw / Cyber Security |

December 07, 2012

US spy agencies to detail cyber-attacks from abroad

12/07/12:  The LA Times reports the US intelligence community is nearing completion of its first detailed review of cyber-spying against American targets from abroad, including an attempt to calculate US financial losses from hacker attacks based in China, officials said. The National Intelligence Estimate, the first involving cyber-espionage, also will seek to determine how large a role the Chinese government plays in directing or coordinating digital attacks aimed at stealing US intellectual property, according to officials who spoke on the condition of anonymity to discuss a classified undertaking.

December 07, 2012 at 10:09 AM in Intelligence, China, Cyberlaw / Cyber Security |

December 06, 2012

Analysis: Is it legal for the military to patrol American networks?

12/06/12:  Foreign Policy published an analysis by Tim Maurer concerning the legality of military cybersecurity and the Posse Comitatus Act.  Obama had signed a secret directive expanding the US military's authority in cyberspace to include defense of non-military networks. It is a sign that efforts to develop the capacity of the DHS to defend cyberspace have not kept pace with the perception of increasing threats. But it also risks eroding the fundamental distinction between the traditional roles of civilian and military forces in providing security. The Posse Comitatus Act of 1878 has restricted the deployment of federal troops in the homeland since the end of Reconstruction. It enshrined the idea that police forces are responsible for security within U.S. borders, while the military protects against threats beyond the country's borders.

December 06, 2012 at 09:10 AM in Military, Cyberlaw / Cyber Security |

November 30, 2012

Bank agrees to reimburse hacking victim $300k in precedent-setting case

11/30/12:  Wired's Threat Level reports in a case watched closely by banks and their commercial customers, a financial institution in Maine has agreed to reimburse a construction company $345,000 that was lost to hackers after a court ruled that the bank’s security practices were “commercially unreasonable.” The case raised important questions about how much security banks and other financial institutions should be reasonably required to provide commercial customers.

November 30, 2012 at 12:20 PM in Judiciary / Cases, Cyberlaw / Cyber Security |

November 25, 2012

Nations prepare for Dubai meeting to update telecom treaty

11/25/12: The Hill reports government officials from around the world will arrive in Dubai next month to revise a treaty that could have a major effect on the future of the Internet.   The 193 member nations of the UN’s International Telecommunications Union (ITU) will meet in Dubai to update the International Telecommunications Regulations treaty for the first time since 1988.  The treaty governs how telephone calls and other communications traffic are exchanged internationally.  The negotiations will take place over a two-week period December 3-14.  Ambassador Terry Kramer will lead the 95-person US delegation during the conference.  Kramer has made clear in a series of public appearances that the US is committed to maintaining liberalized markets in the telecom industry and upholding human rights and free speech principles during the treaty negotiations.

November 25, 2012 at 10:39 AM in Diplomacy / Foreign Assistance, International Law / Law of War / Human Rights, Surveillance / Privacy, Cyberlaw / Cyber Security |

November 22, 2012

Can police locate wireless internet moochers without a warrant?

11/22/12:  The Wall Street Journal reports a federal court in Pittsburgh has ruled that the government can track you to your location, sans search warrant, using free anti-moocher software. The courts have ruled that Internet subscribers have no reasonable expectation of privacy in their IP address, the number assigned to devices that connect to the Internet. Nor can they expect privacy protection for the information they give their Internet service providers.

November 22, 2012 at 01:03 PM in Judiciary / Cases, Cyberlaw / Cyber Security |

November 20, 2012

Anonymous declares 'cyber war' on Israel

11/20/12:  CNN reports in the digital age, war isn't contained to the ground. The Israeli government on Sunday said it has been hit with more than 44 million cyberattacks since it began aerial strikes on Gaza last week. Anonymous, the hacker collective, claimed responsibility for taking down some sites and leaking passwords because of what it calls Israel's "barbaric, brutal and despicable treatment" of Palestinians. Israel says the attacks have largely been unsuccessful. Anonymous, meanwhile, posted a list of more than 560 Israel-based websites it says it has taken down or defaced since last week.

November 20, 2012 at 09:20 AM in Military, Middle East / Northern Africa, Cyberlaw / Cyber Security, Israel / Palestine |

November 19, 2012

Israel says it's stopped over 40 million cyberattacks during Gaza campaign

11/19/12: The blog Space War reports Israel’s cybersecurity czar said Sunday it has been targeted in a mass cyberwarfare campaign that has witnessed millions of attempts to hack state websites since the start of its Gaza offensive four days ago.  Finance Minister Yuval Steinitz told reporters the government had been forced to wage war on “a second front” of cyberattacks against Israel.  “This is an unprecedented attack,” Steinitz said, indicating that Israel had “deflected 44 million cyber attacks on government websites” since it began a widespread air campaign over Gaza on Wednesday.  “All the attacks were thwarted except for one, which targeted a specific website that was down for six or seven minutes,” he said.  On Saturday the online activist group Anonymous claimed it had disrupted dozens of websites of Israeli state agencies.

November 19, 2012 at 08:47 AM in Terrorism / Counterterrorism, Middle East / Northern Africa, Cyberlaw / Cyber Security, Israel / Palestine |

Newer »

Categories

Archives

More...