Cyber Brief - 1/23/12This Week’s Top Stories
REID TO INTRODUCE COMPREHENSIVE CYBER BILL SOON
A senior aide to Majority Leader Harry Reid confirmed the Senate will introduce a comprehensive cybersecurity bill before President's Day, February 18th, but possibly as early as this week. Over the past few years, dozens of cybersecurity bills have been written, but comprehensive legislation has never made it to the floor of either chamber of Congress. If the bill passes the Senate, its future would be unclear in the House where Republicans have several smaller pieces of cybersecurity legislation moving through various committees. A group of former high-ranking national security officials has written a letter to Reid and Minority Leader Mitch McConnell urging them to pass cybersecurity legislation that would protect the nation's critical infrastructure. (WashPost, National Journal, Bloomberg, CIO)
CYBERSECURITY ON AGENDA AT DAVOS
Cybersecurity is expected to be a significant topic of discussion at the World Economic Forum, which kicks off its annual meeting in Davos this week. Cybersecurity features prominently in the 2012 Global Risks Report, a publication of the Forum. (PDF)
ISRAELI HACKERS TARGET SAUDI, UAE STOCK EXCHANGES
Israeli hackers known as "IDF-Team" brought down the websites of the Saudi (Tadawul) and Abu Dhabi Securities Exchange (ADX). The attack is the latest round in an ongoing cyber war between hackers in the two countries. (Haaretz)
Treasury: A government contractor employee, Bo Zhang, was charged with stealing Treasury Department software used to track federal collections and payments. Zhang, a Chinese citizen, was a programmer working on source code at the New York Federal Reserve. (Bloomberg)
DOD: The cybersecurity firm AlienVault says a China-based cyber attack is targeting the Pentagon's Common Access Cards in an effort to steal data from military networks. Officials say the attacks are a variation of a “Sykipot” virus, which dates back as far as March 2011. (ArmyTimes)
Brokerages: U.S. officials charged two Russians, father and son, with fraud and conspiracy in Manhattan federal court. The indictment accuses the pair of stealing credit card information and hacking into brokerage and other accounts in the United States. (Reuters)
Videoconferencing: Videoconferencing equipment may be susceptible to hacker infiltration, according to security firm Rapid7. Potential weakness could allow outsiders access to the highly- guarded trade secrets that are openly discussed in such fora. (NYT)
Anti-Piracy Law: The House and Senate postponed their respective anti-piracy bills last week, the Stop Online Piracy Act (SOPA) and the Protect IP Act (PIPA), after extensive online and offline protests against them. (CNN)
Cyber Pilot: The Department of Homeland Security is taking over a Pentagon cybersecurity pilot project that shared classified intelligence with certain military contractors and their internet service providers. The White House will temporarily extend what was originally a 90-day initiative. (Nextgov)
EDITORIALS & MUST READS
Cassell Bryan-Low discusses hackers-for-hire: A recent legal battle between two Kuwaiti billionaire brothers, Kutayba and Bassam Alghanim, provides insight into the hacker-for-hire industry. "Although the brothers' feud involves big money, documents filed in two civil cases in September 2009 suggest just how simple and affordable online espionage has become," writes Bryan-Low in the Wall Street Journal. "One such site, hiretohack.net, advertises online services including being able to "crack" passwords for major email services in less than 48 hours. It says it charges a minimum of $150, depending on the email provider, the password's complexity and the urgency of the job."
David Goldman examines the motives of Anonymous hackers: Following the hacktivist group's cyber attack on the Department of Justice, the FBI, the Copyright Office, the Motion Picture Association, the Recording Industry Association, and other music industry sites on Thursday, David Goldman says the group is more nuisance than threat. "The Anonymous subculture attracts mostly young men with a decent but limited knowledge of hacking," Goldman says, "They tend to fight against government and corporate actions they deem to limit freedom of speech." He adds that, "The point of Anonymous' actions is to call attention to themselves and their causes. They're the graffiti artists of the Internet -- annoying, perhaps, but a real threat? Not really."