05/21/13: The Washington Times reports a cheap new encryption technology for mobile phones completely blocks eavesdropping, even from warrant-wielding law enforcement agents – raising fears the technology could fall into the hands of terrorists or criminals. The software poses a growing problem that US law enforcement agencies call “going dark” – the spread of communications technologies that cannot be intercepted even with a warrant because agencies lack the technical capabilities. But experts say the feds’ proposed solution to get around the blackout – by legally mandating the insertion of “back doors” into such software to allow eavesdropping – creates an opening which could be exploited by hackers, online criminals or cyberspies. The issue is not unique to the United States. Intelligence and counter-terrorism officials in the United Kingdom are concerned about the new mobile phone application, called Seecrypt, according the London Mail on Sunday. The app provides individual users with military grade encryption — sending voice and text over the Internet in an a scrambled data stream that can only be deciphered by another user. The new application, which is free to download and will cost $3 a month, is made by a South African-based company, Porton Group, that boasts “we don’t comply” with such mandates, said CEO Harvey Boulter. The program does not have a “Legal Intercept” capability. Last year, the US company Silent Circle caused consternation in law enforcement circles when they launched a similar package here.
04/28/13: BBC News reports Spanish police have arrested a Dutch man suspected of being behind one of the biggest cyberattacks in history. The 35-year-old man was detained in Barcelona following a request from the Dutch public prosecutor. The attack bombarded the websites of anti-junk mail outfit Spamhaus with huge amounts of data in an attempt to knock them offline. It also slowed data flows over closely linked networks and led to a massive police investigation. The suspect is believed to be Sven Kamphuis, the owner and manager of Dutch hosting firm Cyberbunker that has been implicated in the attack. Spamhaus servers were hit with a huge amount of data in a Distributed Denial of Service (DDoS) attack. It overwhelms a web server by sending it many more requests for data than it can handle.
03/29/13: The New York Times reports the assault, which took American Express offline for two hours, was the latest in an intensifying campaign of unusually powerful attacks on American financial institutions that began last September and have taken dozens of them offline, costing millions of dollars. JPMorgan Chase was taken offline by a similar attack this month. And last week, a separate, aggressive attack incapacitated 32,000 computers at South Korea’s banks and television networks. The culprits of these attacks, officials and experts say, appear intent on disabling financial transactions and operations. Corporate leaders have long feared online attacks aimed at financial fraud or economic espionage, but now a new threat has taken hold: attackers, possibly with state backing, who seem bent on destruction. “The attacks have changed from espionage to destruction,” said Alan Paller, director of research at the SANS Institute, a cybersecurity training organization. “Nations are actively testing how far they can go before we will respond.” Security experts who studied the attacks said that it was part of the same campaign that took down the Web sites of JPMorgan Chase, Wells Fargo, Bank of America and others over the last six months. A group that calls itself the Izz ad-Din al-Qassam Cyber Fighters has claimed responsibility for those attacks. The group says it is retaliating for an anti-Islamic video posted on YouTube last fall. But American intelligence officials and industry investigators say they believe the group is a convenient cover for Iran. Just how tight the connection is is unclear. Government officials and bank executives have failed to produce a smoking gun. North Korea is considered the most likely source of the attacks on South Korea, though investigators are struggling to follow the digital trail, a process that could take months. The North Korean government of Kim Jong-un has openly declared that it is seeking online targets in its neighbor to the south to exact economic damage.
03/25/13: The Washington Times reports a new manual commissioned by NATO’s cyberwarfare center says the cyberattack by the US and Israel that crippled Iran’s nuclear program by sabotaging industrial equipment constituted “an act of force” and was possibly illegal under international law. The Tallinn Manual on the International Law Applicable to Cyber Warfare says, “Acts that kill or injure persons or destroy or damage objects are unambiguously uses of force.” The international group of researchers who wrote the manual were unanimous that Stuxnet — the self-replicating cyberweapon that destroyed Iranian centrifuges that were enriching uranium — was an act of force, but were divided on whether its effects were severe enough to constitute an “armed attack,” which would trigger hostilities under the UN Charter and allow Iran to retaliate in self-defense. Neither Israel nor the United States has publicly acknowledged being behind Stuxnet, but they are widely believed to have been responsible.
03/15/13: The New York Times reports North Korea, a country paranoid about perceived threats from the outside world, said on Friday that it had found new foreign invaders: hackers from the United States and its allies shutting down the North’s Web sites, the country’s main tool of spreading propaganda abroad. Until now, the complaint came from the other direction, with South Korean officials suspecting that North Korea was behind a recent series of hacking attacks on South Korean and American Web sites. After North Korea’s recent threats to retaliate against United Nations sanctions, South Korea warned of possible North Korean efforts to disrupt the Internet in the South, one of the most wired countries in the world. These accusations, although denied by the opposing sides, showed how inter-Korean tensions are increasingly spreading into cyberspace. North Korea’s often strident rhetoric has escalated to a feverish new pitch in recent weeks, complete with a threat to launch a “pre-emptive nuclear attack” at the United States and South Korea after the allies started joint military drills on March 1, followed by new United Nations sanctions for the North’s Feb. 12 nuclear test.
02/11/13: The Hill reports a cybersecurity bill that received pushback from privacy advocates and the White House last year will be re-introduced on Wednesday, setting up a potential battle between Congress and the Administration over cybersecurity legislation. House Intelligence Committee Chairman Mike Rogers (R-Mich.) and Ranking Member Dutch Ruppersberger (D-Md.) will reintroduce the Cyber Intelligence Sharing and Protection Act (CISPA) and hold a public hearing analyzing the current state of cyber threat information-sharing between the US Government and industry next week. The bill aims to thwart cyberattacks by making it easier for private companies to share information about threats and malicious source code with the intelligence community and the Department of Homeland Security. The privacy and civil liberties groups that fought CISPA last year plan to revive their efforts to oppose the bill.
02/04/13: The New York Times reports a secret legal review on the use of America’s growing arsenal of cyberweapons has concluded that President Obama has the broad power to order a preemptive strike if the United States detects credible evidence of a major digital attack looming from abroad. That decision was among several reached in recent months as the administration moves, in the next few weeks, to approve the nation’s first rules for how the military can defend, or retaliate, against a major cyberattack. The rules will be highly classified, like those governing drone strikes. John Obama’s chief counterterrorism adviser and his nominee to run the Central Intelligence Agency, played a central role in developing the administration’s policies regarding both drones and cyberwarfare, the two newest and most politically sensitive weapons in the American arsenal.
01/28/13: The New York Times reports the Pentagon is moving toward a major expansion of its cybersecurity force to counter increasing attacks on the nation’s computer networks, as well as to expand offensive computer operations on foreign adversaries. The expansion announced by defense officials Sunday would increase DOD’s Cyber Command by more than 4,000 people, up from the current 900. As part of the expansion, officials said the Pentagon was planning three different forces under Cyber Command: “national mission forces” to protect computer systems that support the nation’s power grid and critical infrastructure; “combat mission forces” to plan and execute attacks on adversaries; and “cyber protection forces” to secure the Pentagon’s computer systems. In October outgoing Defense Secretary Leon Panetta warned in dire terms that the United States was increasingly vulnerable to cyberattacks.
01/27/13: The blog Space War reports hacker group Anonymous said it disabled the US Sentencing Commission’s website Saturday and vowed to release government data in revenge for the death of Internet freedom advocate Aaron Swartz. The Commission’s website was apparently hacked early Saturday. Anonymous threatened to make public the encryption keys to files that could potentially embarrass judges and other federal employees, saying it acted in protest at how the Justice Department handled Swartz’s case. Swartz was facing thirty-five years in prison and a $1 million fine for breaking into a closet at the Massachusetts Institute of Technology to plug into the computer network. He downloaded millions of scholarly articles he allegedly planned to distribute for free.
12/14/12: The New York Times reports talks on a proposed treaty governing international telecommunications collapsed in acrimony on Thursday when the United States rejected the agreement on the eve of its scheduled signing, citing an inability to resolve an impasse over the Internet. The United States announcement was seconded by Canada and several European countries after nearly two weeks of talks that had often pitted Western governments against Russia, China and developing countries. The East-West and North-South divisions harked back to the cold war, even though that conflict did not stop previous agreements to connect telephone calls across the Iron Curtain.
11/25/12: The Hill reports government officials from around the world will arrive in Dubai next month to revise a treaty that could have a major effect on the future of the Internet. The 193 member nations of the UN’s International Telecommunications Union (ITU) will meet in Dubai to update the International Telecommunications Regulations treaty for the first time since 1988. The treaty governs how telephone calls and other communications traffic are exchanged internationally. The negotiations will take place over a two-week period December 3-14. Ambassador Terry Kramer will lead the 95-person US delegation during the conference. Kramer has made clear in a series of public appearances that the US is committed to maintaining liberalized markets in the telecom industry and upholding human rights and free speech principles during the treaty negotiations.
11/19/12: The blog Space War reports Israel’s cybersecurity czar said Sunday it has been targeted in a mass cyberwarfare campaign that has witnessed millions of attempts to hack state websites since the start of its Gaza offensive four days ago. Finance Minister Yuval Steinitz told reporters the government had been forced to wage war on “a second front” of cyberattacks against Israel. “This is an unprecedented attack,” Steinitz said, indicating that Israel had “deflected 44 million cyber attacks on government websites” since it began a widespread air campaign over Gaza on Wednesday. “All the attacks were thwarted except for one, which targeted a specific website that was down for six or seven minutes,” he said. On Saturday the online activist group Anonymous claimed it had disrupted dozens of websites of Israeli state agencies.