Industrial Defender - Cyber Security Intelligence for Critical Infrastructure/SCADA

2008.11.13 - Industry News - Study: Critical Infrastructure Often Under Cyberattack

Fri, 14 Nov 2008 10:44:58 -0500

Robert McMillan,
CSO Online,
13 November 2008

Study: Critical Infrastructure Often Under Cyberattack

Computer systems that run the world's critical infrastructure are not as secure as they should be and insiders are mad.

2008.11.13 - Industry News - Chemical Sector Pursues Cyber Security

Fri, 14 Nov 2008 10:43:26 -0500
Wes Iversen,
Automation World,
13 November 2008

Chemical Sector Pursues Cyber Security

Six years after a chemical industry initiative in cyber security was launched involving just a few individuals, the program has expanded to involve participation by more than 30 major chemical companies, and the industry today is better prepared to fend off cyber attacks.

2008.11.11 - Industry News - Energy industry at risk of cyberattack, survey says

Wed, 12 Nov 2008 13:08:59 -0500
Elinor Mills,
CNET,
11 November 2008

Energy industry at risk of cyberattack, survey says

Asked which industry is the biggest target for cyberattack, critical infrastructure insiders in the U.S., Canada, and Europe point to the energy sector.

The energy industry also is the most vulnerable to cyberattacks and would have the most detrimental breach, while the financial sector is the best prepared in the case of a cyberattack, according to the survey sponsored by security firm Secure Computing. All other industries were deemed to be "not prepared" by greater than 50 percent of the respondents.

2008.11.10 - Industry News - Critical infrastructure security grim, study finds

Wed, 12 Nov 2008 12:05:04 -0500
Marcia Savage,
SearchSecurity.com,
10 November 2008

Critical infrastructure security grim, study finds

A recent study by Secure Computing Corp. paints a gloomy picture of cybersecurity readiness in critical infrastructure industries.

According to the study, which surveyed 199 security experts and industry representatives, most industries that make up the critical infrastructure are not prepared for cyberattacks. More than half of the respondents said that utilities, oil and gas, transportation, telecommunications, chemical, emergency services and postal/shipping sectors were not prepared.

2008.11.08 - Industry News - Inmate hacked prison network, broke into employee database

Mon, 10 Nov 2008 12:51:42 -0500
Dan Goodin,
The Register,
08 November 2008

Inmate hacked prison network, broke into employee database

A former prison inmate has been arrested and charged with hacking the facility's computer network, stealing personal details of more than 1,100 prison employees and making them available to fellow inmates.

2008.11.07 - Industry News - Defense Science Board warns of cyber problems

Mon, 10 Nov 2008 12:50:30 -0500
Alice Lipowicz,
FCW.com,
07 November 2008

Defense Science Board warns of cyber problems

The U.S. military’s dependence on sophisticated network-centric information technology has become its "Achilles heel," according to a new report from the Defense Science Board.

2008.11.07 - Incidents - Equipment failure sends raw sewage into Hempstead Bay

Mon, 10 Nov 2008 12:49:09 -0500
Jennifer Smith
Newsday.com,
2008.11.07

Equipment failure sends raw sewage into Hempstead Bay

An equipment failure early yesterday at Nassau County's Cedar Creek sewage treatment plant in Wantagh released 51,000 gallons of raw sewage, some of which spilled into East Hempstead Bay, where long-closed shellfish beds had been reopened recently.

2008.11.06 - Industry News - Chinese hack into White House network

Fri, 7 Nov 2008 12:20:43 -0500
Demetri Sevastopulo,
FT.com,
06 November 2008

Chinese hack into White House network

Chinese hackers have penetrated the White House computer network on multiple occasions, and obtained e-mails between government officials, a senior US official told the FT.

2008.11.06 - Industry News - Obama Urged to Take Immediate Cyber-security

Fri, 7 Nov 2008 12:19:13 -0500
Roy Mark,
Eweek.com,
06 November 2008

Obama Urged to Take Immediate Cyber-security

President-elect Barack Obama has promised to appoint a national cyber-security adviser. According to a report by the Defense Science Board, the cyber-security czar will inherit a civilian and military information infrastructure that is illprepared for advanced cyber-attacks, such as denial of service and malicious modification of information. The United States' vulnerability to cyber-attacks in space presents a particular challenge for the new leaders.

2008.11.06 - Industry News - Cyber-warfare 'the next battlefront,' experts say

Fri, 7 Nov 2008 11:22:28 -0500
Vito Pilieci,
Canada.com,
06 November 2008

Cyber-warfare 'the next battlefront,' experts say

North America needs to work fast if it is to protect itself from a new wave of cyber-warfare.

According to several Internet security experts meeting at the Casino du Lac-Leamy in Gatineau yesterday, terrorists are learning to hack and many countries are gathering people proficient in computer science to unleash lethal attacks on the communications systems of other countries.

2008.11.05 - Industry News - Cyber-crime Reportedly Touches Obama, McCain Campaigns

Fri, 7 Nov 2008 12:22:01 -0500
Brian Prince,
Eweek.com,
05 November 2008

Cyber-crime Reportedly Touches Obama, McCain Campaigns

Hackers targeted the presidential campaigns of Sen. Barack Obama and Sen. John McCain, says a report by Newsweek magazine. In addition, spammers are capitalizing on interest in Obama's victory to attempt to trick users into downloading malware.

2008.11.04 - Industry News - Power surge: SCADA industry must prep for attacks

Fri, 14 Nov 2008 10:41:49 -0500
Dan Kaplan,
SC Magazine,
04 November 2008

Power surge: SCADA industry must prep for attacks

Last fall, when a Department of Homeland Security-commissioned video depicted a turbine exploding in a test lab during a simulated hacker attack, viewers may have been expecting the credits to roll at the end.

But the film, produced by the Idaho National Laboratory and leaked to the Associated Press, was not dreamt up for a Hollywood soundstage. In fact, the footage was quite genuine, showing what could happen if a hacker gets control of a power company's network by exploiting a real-life vulnerability.

2008.11.04 - Industry News - Cyberattacks target U.K. national infrastructure

Thu, 6 Nov 2008 14:39:49 -0500
HS Daily Wire,
04 November 2008

Cyberattacks target U.K. national infrastructure

The computer systems of critical businesses in the United Kingdom, such as power companies and large financial institutions, are being repeatedly probed to steal information or uncover weaknesses that could take them down

2008.11.03 - Industry News - Partnering for Cyberspace Security

Mon, 3 Nov 2008 11:22:03 -0500
Walter Pincus,
Washington Post,
03 November 2008

Partnering for Cyberspace Security

In two recent speeches that have attracted little notice, Donald Kerr, principal deputy director of national intelligence, has called for a radical new relationship between government and the private sector to counter what he called the "malicious activity in cyberspace [that] is a growing threat to everyone."

2008.10.31 - Industry News - Cybersecurity panel places hill oversight on back burner

Thu, 6 Nov 2008 10:55:20 -0500
NextGov,
31 October 2008

Cybersecurity panel places hill oversight on back burner

An independent commission set up to make recommendations on improving national cybersecurity efforts will shy away from proposing any changes to congressional oversight, even though some experts believe an overhaul is needed.

2008.10.31 - Industry News - Air Force pursues Cyber Command again

Thu, 6 Nov 2008 10:54:43 -0500
NextGov,
31 October 2008

Cybersecurity panel places hill oversight on back burner

An independent commission set up to make recommendations on improving national cybersecurity efforts will shy away from proposing any changes to congressional oversight, even though some experts believe an overhaul is needed.

2008.10.28 - Incidents - Driver hits NIPSCO pole; surge fries sewage treatment plant

Thu, 30 Oct 2008 11:14:27 -0400
Kevin Nevers,
Chesterton Tribune,
2008.10.28

Driver hits NIPSCO pole; surge disables sewage treatment plant

When a motorist, at approximately 12:11 a.m. on Sunday, struck a NIPSCO pole on Woodlawn Ave. just west of North Eighth Street, he not only interrupted electric service to the Chesterton wastewater treatment plant, he caused a power surge which zapped into oblivion the whole of the plant’s automated computer system.

2008.10.28 - Industry News - Cyber advice for the next president

Wed, 29 Oct 2008 15:52:56 -0400
William Jackson,
Government Computer News,
28 October 2008

Cyber advice for the next president

A commission formed to offer advice on cybersecurity to the next president is nearing the completion of its work, and some of the recommendations are likely to conflict with elements of President Bush’s Cyber Initiative.

2008.10.22 - Industry News - Next president will need to make cybersecurity a priority, experts say

Mon, 27 Oct 2008 10:31:23 -0400
Jaikumar Vijayan,
Computerworld,
22 October 2008

Next president will need to make cybersecurity a priority, experts say

In an election season dominated by concerns over the economy and the war in Iraq, cybersecurity hasn't exactly been a top issue for the candidates or voters. But it's a topic the next administration will need to focus on -- and as a high priority, according to several tech industry representatives, including two former officials at the U.S. Department of Homeland Security (DHS) and a former White House cybersecurity czar.

2008.10.22 - Industry News - Risky behaviour still looms large

Thu, 23 Oct 2008 11:34:12 -0400
Shaun Nichols,
Vnunet.com,
21 October 2008

Risky behaviour still looms large

Many employees are continuing to behave in a way that puts company data at risk, according to a recent study.

2008.10.21 - Industry News - Report: Energy Companies Are Top Target of Web-Borne Malware

Thu, 23 Oct 2008 11:32:15 -0400
Dark Reading,
21 October 2008

Report: Energy Companies Are Top Target of Web-Borne Malware

Bad news for the energy industry: Energy companies worldwide have a nearly 200 percent rate of being hit with Web-borne malware attacks, according to a new report from ScanSafe.

2008.10.14 - Industry News - DHS study: CEOs need to do more for infrastructure security

Thu, 23 Oct 2008 11:31:04 -0400
Stephanie Condon,
CNET,
14 October 2008

DHS study: CEOs need to do more for infrastructure security

The government has made great strides working with private industry to secure the nation's critical infrastructure, an advisory board to the president and the U.S. Department of Homeland Security said Tuesday, but top executives in the private sector need to step up and do more.

2008.10.08 - Industry News - Chertoff urges caution on potential of new cybersecurity laws

Fri, 10 Oct 2008 11:33:17 -0400
Ben Ban,
FCW.com,
08 October 2008

Chertoff urges caution on potential of new cybersecurity laws

Policy-makers and Congress should “proceed in a measured way” as they consider passing new laws or granting new authorities aimed at improving cybersecurity, the head of the Homeland Security Department said Wednesday.

2008.10.07 - Industry News - Air Force pursues Cyber Command again

Wed, 8 Oct 2008 13:39:20 -0400
NextGov,
07 October 2008

Air Force pursues Cyber Command again

Top Air Force leadership has decided to pursue forming Cyber Command to defend Defense Department networks and to launch cyberattacks against foes after putting the project on hold in August.

2008.10.02 - Industry News - DHS: President’s Cyber Initiative paying off

Fri, 3 Oct 2008 17:24:27 -0400
William Jackson,
Government Computer News,
02 October 2008

DHS: President’s Cyber Initiative paying off

Assistant Homeland Security Secretary Greg Garcia kicked off the fifth annual National Cyber Security Awareness Month by saying that the government’s IT systems are safer this year than when he joined the department two years ago.

2008.10.02 - Industry News - NIST publishes security guidance for wireless links, industrial controls

Fri, 3 Oct 2008 17:23:09 -0400
William Jackson,
Government Computer News,
02 October 2008

NIST publishes security guidance for wireless links, industrial controls

The National Institute of Standards and Technology has released three information security documents in its 800 series of special publications; two final guidelines on information security assessment and Bluetooth security, and a draft of guidelines for security industrial control systems.

2008.10.01 - Industry News - Senate bill sets guidelines for cybersecurity center

Fri, 3 Oct 2008 17:21:57 -0400
Stephanie Condon,
CNET,
01 October 2008

Senate bill sets guidelines for cybersecurity center

A new authorization bill would give the White House more oversight of the Homeland Security Department's much-beleaguered cybersecurity efforts.

2008.09.29 - Industry News - U.S. urged to go on offense in cyberwar

Tue, 30 Sep 2008 11:10:50 -0400
Shaun Waterman,,
The Washington Times,
29 September 2008

U.S. urged to go on offense in cyberwar

The United States needs to do more to develop an offensive cyberwar capability rather than just focus on defending its networks from attack, says the chairman of the House cybersecurity subcommittee.

2008.09.25 - Industry News - World's electrical grids open to attack

Fri, 26 Sep 2008 12:26:46 -0400
Dan Goodin,
The Register,
25 September 2008

World's electrical grids open to attack

A serious vulnerability has been found in yet another computerized control system that runs some of the world's most critical infrastructure, this time in a product sold by a vendor known as the ABB Group.

2008.09.23 - Industry News - GAO report: U.S. needs to pep up cyber security efforts

Tue, 23 Sep 2008 15:06:20 -0400
ISA
23 September 2008

GAO report: U.S. needs to pep up cyber security efforts

The organization responsible for protecting the country from cyber attacks needs to develop a warning system that truly works, according to a Government Accountability Office (GAO) report.

2008.09.22 - Industry News - Homeland Security: Don't take away our cybersecurity responsibility

Tue, 23 Sep 2008 10:24:45 -0400
Stephanie Condon,
CNET,
22 September 2008

Homeland Security: Don't take away our cybersecurity responsibility

After a week of dealing with critics arguing that some agency other than the U.S. Department of Homeland Security should handle the nation's cybersecurity efforts, Homeland Security has come to its own defense.

2008.09.19 - Industry News - Energy's unclassified networks still open to cyberattack

Thu, 25 Sep 2008 13:16:26 -0400
NextGov,
19 September 2008

Energy's unclassified networks still open to cyberattack

The Energy Department has failed to implement cybersecurity measures, leaving its unclassified computer systems and data open to hackers and employees who may not have authorization to access certain files, according to an audit report released by the agency's inspector general.

2008.09.19 - Industry News - Cyber Attack Data-Sharing Is Lacking, Congress Told

Tue, 23 Sep 2008 10:24:43 -0400
Ellen Nakashima,
Washington Post,
19 September 2008

Cyber Attack Data-Sharing Is Lacking, Congress Told

U.S. intelligence agencies are unable to share information about foreign cyber attacks against companies for fear of jeopardizing intelligence-gathering sources and methods, cyber security expert Paul B. Kurtz told lawmakers yesterday.

2008.09.17 - Industry News - Critics: Homeland Security unprepared for cyberthreats

Wed, 17 Sep 2008 17:06:34 -0400
Stephanie Condon,
CNET,
17 September 2008

Critics: Homeland Security unprepared for cyberthreats

WASHINGTON--When politicians got together six years ago and decided to glue together a medley of federal agencies to create the U.S. Department of Homeland Security, one of the justifications was a better focus on cybersecurity.

2008.09.16 - Industry News - Government elaborates, slightly, on cybersecurity plan

Tue, 16 Sep 2008 13:38:38 -0400
Stephanie Condon,
CNET,
16 September 2008

Government elaborates, slightly, on cybersecurity plan

After ducking questions this year from both Congress and the private sector about its National Cyber Security Initiative, the Department of Homeland Security finally revealed a little more on Monday.

2008.09.15 - Industry News - Cybersecurity is crucial to protecting nation's water supply, official says

Wed, 17 Sep 2008 17:09:11 -0400
Gautham Nagesh,
Government Executive,
15 September 2008

Cybersecurity is crucial to protecting nation's water supply, official says

The greater use of computer systems to monitor and control the U.S. water supply has increased the importance of cybersecurity to protect the country's utilities, a top official for a large water company said on Monday.

2008.09.15 - Industry News - Homeland Security to direct cybersecurity initiative

Wed, 17 Sep 2008 17:07:32 -0400
NextGov,
15 September 2008

Homeland Security to direct cybersecurity initiative

The Homeland Security Department will lead President Bush's largely classified governmentwide cybersecurity initiative, an agency official said on Monday morning.

2008.09.15 - Industry News - U.S. Cybersecurity Is Weak, GAO Says

Tue, 16 Sep 2008 13:37:11 -0400
Keith Epstein,
Business Week,
15 September 2008

U.S. Cybersecurity Is Weak, GAO Says

The Government Accountability Office says the team responsible for protecting private- and public-sector computers isn't up to snuff

The federal government cybersecurity team with primary responsibility for protecting the computer networks of government and private enterprise isn't up to the job, according to a draft Government Accountability Office report obtained by BusinessWeek.

2008.09.15 - Industry News - Lawmakers Warned of Threats to the Grid

Tue, 16 Sep 2008 13:34:57 -0400
Kenneth Corbin,
Enterprise IT Planet,
15 September 2008

Lawmakers Warned of Threats to the Grid

Government and private sector executives pointed to [last week's] anniversary of the Sept. 11 terrorist attacks to warn lawmakers about protecting a critical piece of the nation's infrastructure: its electricity grid.

2008.09.12 - Industry News - Hackers break into Large Hadron Collider computer

Mon, 15 Sep 2008 15:49:46 -0400
Elinor Mills,
CNET,
12 September 2008

Hackers break into Large Hadron Collider computer

Hackers broke into a computer system at CERN's Large Hadron Collider, targeting a system that was "one step away" from a control computer, but otherwise appear to have done no major damage, according to a report on Friday in the British newspaper The Telegraph.

2008.09.12 - Industry News - 'Cybersecurity' worries spur Congress to rethink electrical grid

Fri, 12 Sep 2008 11:21:01 -0400
Stephanie Condon,
CNET,
12 September 2008

'Cybersecurity' worries spur Congress to rethink electrical grid

WASHINGTON--The potential for "cybersecurity" attacks on the United State's electric power grids has spurred politicians to consider legislation to broaden federal authority over electric companies.

Congress already has been consulting with federal agencies and industry associations over how to craft such legislation. On Thursday, legislators sought further input at a hearing before the House Energy and Commerce's subcommittee on energy and air quality.

2008.09.11 - Industry News - Power grid vulnerable to cyberattacks, committee told

Fri, 12 Sep 2008 14:12:04 -0400
Juliana Gruenwald,
Government Executive,
11 September 2008

Power grid vulnerable to cyberattacks, committee told

A House Energy and Commerce subcommittee is aiming to take up legislation next week that would provide the Federal Energy Regulatory Commission with additional authority to help protect the nation's power grid from a cyberattack.

2008.09.11 - Industry News - San Francisco hunts for mystery device on city network

Fri, 12 Sep 2008 11:21:00 -0400
Robert McMillan,
Computer World,
11 September 2008

San Francisco hunts for mystery device on city network

September 11, 2008 (IDG News Service) With costs related to an alleged rogue network administrator's hijacking of the city's network now estimated at $1 million, San Francisco officials say they are searching for a mysterious networking device hidden somewhere on the network.

2008.09.10 - Industry News - Computer threat for industrial systems now more serious

Thu, 11 Sep 2008 13:32:19 -0400
Robert McMillan,
Network World,
10 September 2008

Computer threat for industrial systems now more serious

A security researcher has published code that could be used to take control of computers used to manage industrial machinery, potentially giving hackers a back door into utility companies, water plants and even oil and gas refineries.

2008.09.09 - Industry News - Water sector is first critical infrastructure to measure security

Wed, 10 Sep 2008 10:28:59 -0400
Water Business Wire,
09 September 2008

Water sector is first critical infrastructure to measure security

There are eighteen industries or market segments defined by the U.S. government as critical infrastructure; the water utilities sector is the first to measure security progress under the U.S. Infrastructure Protection Plan

2008.09.08 - Industry News - Attack code released for SCADA software vulnerability

Tue, 9 Sep 2008 14:32:41 -0400
Dan Kaplan,
SC Magazine,
08 September 2008

Attack code released for SCADA software vulnerability

Security researcher Kevin Finisterre has created an exploit that takes advantage of a serious vulnerability reported earlier this summer in widely deployed industrial process control software.

2008.09.03 - Industry News - Securing the Grid

Tue, 9 Sep 2008 14:34:38 -0400
Ken Silverstein,
EnergyBiz Insider,
03 September 2008

Securing the Grid

The public may be aware of increased efforts to beef up grid reliability, but it isn't focused on the work being done to secure the bulk power system from cyber attacks.

2008.09.02 - Industry News - FBI Reaches Out to SCADA Users

Thu, 4 Sep 2008 12:20:40 -0400
Wes Iversen,,
Automation Times,
02 September 2008

FBI Reaches Out to SCADA Users

If a cyber security incident occurs at your plant, the Federal Bureau of Investigation would like to hear from you.

If a serious cyber security incident occurred in your plant, would you call in the FBI to investigate?

The Bureau certainly hopes that you would. To encourage such actions, the FBI is taking steps not only to strengthen its agents’ understanding of control system technology, but also to build stronger bridges to the control systems community.

2008.09.01 - Industry News - Infrastructure Security: Securing SCADA

Fri, 12 Sep 2008 11:19:08 -0400
Phil Leggiere,,
Homeland Security Today,
01 September 2008

Infrastructure Security: Securing SCADA

For too long, the software running America’s critical facilities has been known to be vulnerable to tampering. Now engineers and officials are doing something about it.

2008.08.26 - Industry News - Public, private sectors at odds over cyber security

Wed, 27 Aug 2008 10:30:34 -0400
Joseph Menn,
Las Angeles Times,
26 August 2008

Public, private sectors at odds over cyber security

Three very big and very different computer security breaches that have dominated recent headlines did more than show how badly the Internet needs major repairs. They also exposed the huge rift between corporate America and the federal government over who should fix it, cyber-security experts say.

2008.08.26 - Incidents - FAA computer glitch causes nationwide flight delays

Wed, 27 Aug 2008 10:30:32 -0400
Harry R. Weber,,
USA Today,
26 August 2008

FAA computer glitch causes nationwide flight delays

ATLANTA - The Federal Aviation Administration said Tuesday that a communication failure at a Georgia facility that processes flight plans for the eastern half of the U.S. was causing flight delays around the country.

2008.08.26 - Industry News - Utilities are Taking Cyber Security Seriously

Tue, 26 Aug 2008 15:28:50 -0400
Chris Posey ,
Power Engineering,
26 August 2008

Utilities are Taking Cyber Security Seriously

The North American Electric Reliability Council (NERC), having recognized potential threats to the energy infrastructure both virtual and material, established the critical infrastructure protection (CIP) program to address issues of online and network security within the power generation industry, as well as physical/structural challenges common to the industry.

2008.08.26 - Industry News - Minister warns of national grid hack threat

Tue, 26 Aug 2008 15:27:35 -0400
John Leyden ,
The Register,
26 August 2008

Minister warns of national grid hack threat

A UK government minister has warned that cyber-terrorists were attempting to take out the national grid.

2008.08.23 - Industry News - Thousands of cyber attacks each day on key utilities

Mon, 25 Aug 2008 13:06:56 -0400
Jonathan Richards ,
Times Online,
23 August 2008

Thousands of cyber attacks each day on key utilities

Computer networks controlling electricity supplies, telecommunications and banking are being attacked thousands of times a day in a new cyberwar against Britain waged by criminals and terrorists - some of them backed by foreign states - the Government has said.

2008.08.21 - Industry News - General: Cyber, arctic threats await president

Thu, 21 Aug 2008 15:36:41 -0400
John T. Bennett,
Air Force Times,
21 August 2008

General: Cyber, arctic threats await president

The next U.S. president will inherit ever-growing threats in cyberspace and the Arctic region, meaning the new commander-in-chief likely will be forced to craft an unprecedented collection of new security policies, a top military official said.

2008.08.21 - Industry News - Brits blast TCP/IP security

Thu, 21 Aug 2008 15:36:39 -0400
Shaun Nichols,
VNUNET.com,
21 August 2008

Brits blast TCP/IP security

A report from a top UK government defence body is calling into question the security of the basic internet protocol.

2008.08.20 - Incidents - FEMA phones hacked; calls made to Mideast, Asia

Thu, 21 Aug 2008 15:35:17 -0400
Eileen Sullivan,
MSNBC,
20 August 2008

FEMA phones hacked; calls made to Mideast, Asia

WASHINGTON - A hacker broke into a Homeland Security Department telephone system over the weekend and racked up about $12,000 in calls to the Middle East and Asia.

2008.08.18 - Industry News - U.S. at risk of cyberattacks, experts say

Mon, 18 Aug 2008 11:21:19 -0400
Brandon Griggs,
CNN,
18 August 2008

U.S. at risk of cyberattacks, experts say

(CNN) -- The next large-scale military or terrorist attack on the United States, if and when it happens, may not involve airplanes or bombs or even intruders breaching American borders.

2008.08.15 - Industry News - Energy told to tighten cybersecurity policies

Mon, 18 Aug 2008 17:34:01 -0400
Nextgov,
15 August 2008

Energy told to tighten cybersecurity policies

The Energy Department's inspector general on Thursday released an audit of the department's certification and accreditation procedures for national security information systems that revealed a number of potentially serious weaknesses.

2008.08.15 - Industry News - Court tells students to disclose hacker secrets in T case

Fri, 15 Aug 2008 12:19:50 -0400
Maddie Hanna,
The Boston Globe,
15 August 2008

Court tells students to disclose hacker secrets in T case

A federal judge yesterday refused to lift an order prohibiting three MIT students from publicly talking about how they allegedly hacked into the MBTA's automated ticketing system. However, he did order the trio to privately provide more information to the court about the security flaws they say they have uncovered.

2008.08.13 - Industry News - Before the Gunfire, Cyberattacks

Thu, 14 Aug 2008 10:46:25 -0400
John Markoff,
The New York Times,
13 August 2008

Before the Gunfire, Cyberattacks

Weeks before bombs started falling on Georgia, a security researcher in suburban Massachusetts was watching an attack against the country in cyberspace.

2008.08.12 - Industry News - U.S. power grid in better shape 5 years after blackout

Thu, 14 Aug 2008 10:45:06 -0400
Paul Davidson,
USA Today,
12 August 2008

U.S. power grid in better shape 5 years after blackout

Five years after the worst blackout in U.S. history, the nation's electrical system is far better equipped to prevent another big outage, but significant shortcomings remain, federal officials, grid operators and consultants agree.

2008.08.12 - Industry News - Air Force suspends Cyber Command program

Thu, 14 Aug 2008 10:05:46 -0400
Nextgov,
12 August 2008

Air Force suspends Cyber Command program

The Air Force on Monday suspended all efforts related to development of a program to become the dominant service in cyberspace, according to knowledgeable sources. Top Air Force officials put a halt to all activities related to the establishment of the Cyber Command, a provisional unit that is currently part of the 8th Air Force at Barksdale Air Force Base in Louisiana, sources told Nextgov.

2008.08.12 - Industry News - Estonia, Poland help Georgia fight cyberattacks

Tue, 12 Aug 2008 14:59:00 -0400
Jeremy Kirk,
Computer World,
12 August 2008

Estonia, Poland help Georgia fight cyberattacks

In an intriguing cyberalliance, two Estonian computer experts are scheduled to arrive in Georgia by evening to keep the country's networks running amid an intense military confrontation with Russia.

2008.08.11 - Industry News - MIT Students Ordered to Halt Report on Hacking Subway System

Tue, 12 Aug 2008 09:51:54 -0400
Associated Press,
The Wall Street Journal,
11 August 2008

MIT Students Ordered to Halt Report on Hacking Subway System

LAS VEGAS -- A federal judge ordered three college students to cancel a Sunday presentation at a computer hackers' conference where they planned to show security flaws in the automated fare system used by the Boston area's subway system.

2008.08.11 - Industry News - Cyberattacks knock out Georgia's Internet presence

Mon, 11 Aug 2008 09:50:01 -0400
Gregg Keizer
Computer World,
11 August 2008

Cyberattacks knock out Georgia's Internet presence

Hackers, perhaps affiliated with a well-known Russian criminal network, have attacked and hijacked Web sites belonging to Georgia, the former Soviet republic now in the fourth day of war with Russia, a security researcher claimed on Sunday. Some Georgian government and commercial sites are unavailable,

2008.06.26 - Incidents - Hacker illegally activates Brunswick emergency sirens

Fri, 8 Aug 2008 15:43:58 -0400
Terry Oblander,
Cleveland.com,
07 August 2008

Hacker illegally activates Brunswick emergency sirens

Brunswick -- A hacker armed with radio codes set off emergency sirens in Brunswick early Wednesday. If the blasts didn't wake the city's 35,000 residents, follow-up phone calls to residences probably did the trick.

2008.08.08 - Industry News - Hackers' attacks on U.S. government systems are frequent, serious

Fri, 8 Aug 2008 15:42:57 -0400
HS Daily Wire,
08 August 2008

Hackers' attacks on U.S. government systems are frequent, serious

U.S. government computer systems under frequent and serious attacks by other governments and organizations; James Finch, assistant director of the FBI's cybercrime division: "We're not worried so much about the noisy attacks as we are about the quiet ones"

2008.08.08 - Industry News - DHS: Networking security worth the money

Fri, 8 Aug 2008 15:41:20 -0400
Robert McMillan,
Computer World,
08 August 2008

DHS: Networking security worth the money

When it comes to investing in computer security, the U.S. federal government could get a good return on investment by shoring up its networking protocols, according to the man who's been hired to coordinate computer security between federal agencies.

2008.07.29 - Industry News - Cyber losses cost companies $637,000 a year: study

Wed, 30 Jul 2008 16:32:29 -0400
John T. Bennett,
The Canadian Press,
29 July 2008

Cyber losses cost companies $637,000 a year: study

TORONTO - Information technology security breaches cost the average publicly traded Canadian company $637,000 a year, says a new study by the University of Toronto's business school.

2008.07.29 - Industry News - House intel panel ‘conditionally supports’ cyber effort

Wed, 30 Jul 2008 16:25:01 -0400
John T. Bennett,
C4ISR Journal,
29 July 2008

House intel panel ‘conditionally supports’ cyber effort

A powerful House panel has given its 'conditional support' to President Bush’s new unprecedented cyber security initiative, despite its concerns about cost and government-industry collaboration.

2008.07.28 - Industry News - Frankly Speaking: Any single point of failure in IT is a big problem

Mon, 28 Jul 2008 14:01:49 -0400
Frank Hayes,
Computer World,
28 July 2008

Frankly Speaking: Any single point of failure in IT is a big problem

Single point of failure. That's the right term for talking about the mess in San Francisco, where last week the city government finally regained control of its backbone network. Terry Childs, the net admin jailed for locking down administrative access, turned over the passwords during a secret visit from Mayor Gavin Newsom.

2008.07.23 - Industry News - Internal security threats multiply

Thu, 24 Jul 2008 14:41:40 -0400
William Jackson,
Government Computer News,
23 July 2008

Internal security threats multiply

An evaluation of more than 100,000 endpoint devices at private-sector enterprises showed that significant numbers were missing essential software such as antivirus or security patches and were using unauthorized applications such as file sharing and remote control software.

2008.07.21 - Industry News - Cybersecurity Will Take A Big Bite of the Budget

Mon, 21 Jul 2008 15:07:41 -0400
Walter Pincus,
WashingtonPost.com,
21 July 2008

Cybersecurity Will Take A Big Bite of the Budget

President Bush's single largest request for funds and "most important initiative" in the fiscal 2009 intelligence budget is for the Comprehensive National Cybersecurity Initiative, a little publicized but massive program whose details "remain vague and thus open to question," according to the House Permanent Select Committee on Intelligence.

2008.07.17 - Industry News - Electrical infrastructure faces crisis, experts say

Mon, 21 Jul 2008 09:46:52 -0400
Edward Marshall,
The Journal,
17 July 2008

Electrical infrastructure faces crisis, experts say

SHEPHERDSTOWN - Experts said this week that the infrastructure that provides electricity to homes and businesses throughout the country is nearing the breaking point because of increased energy demands - and it remains vulnerable to cyber and terrorist attacks.

2008.07.15 - Industry News - NERC CEO announces plan to improve response to cyber security and CIP

Thu, 17 Jul 2008 09:51:16 -0400
Utility Automation & Engineering T&D and Electric Light & Power,
15 July 2008

NERC CEO announces plan to improve response to cyber security and CIP

Princeton, NJ, July 15, 2008 -- Rick Sergel, president and CEO of the North American Electric Reliability Corporation (NERC), recently announced the organization's plans to improve its response to cyber security and critical infrastructure protection (CIP) concerns for the bulk power system in North America. Revealed to NERC's board of trustees and stakeholders in a letter last week, the plan outlines six specific actions that will lay the foundation for improving grid reliability by enabling faster and more effective action to protect critical assets from cyber or physical threats.

2008.07.14 - Industry News - S.F. officials locked out of computer network

Wed, 16 Jul 2008 10:07:33 -0400
Jaxon Van Derbeken,
SFGate.com,
14 July 2008

S.F. officials locked out of computer network

A disgruntled city computer engineer has virtually commandeered San Francisco's new multimilliondollar computer network, altering it to deny access to top administrators even as he sits in jail on $5 million bail, authorities said Monday.

2008.07.14 - Industry News - Unpatched Windows PCs fall to hackers in under 5 minutes, says ISC

Wed, 16 Jul 2008 10:05:27 -0400
Gregg Keizer,
Computerworld,
14 July 2008

Unpatched Windows PCs fall to hackers in under 5 minutes, says ISC

July 14, 2008 (Computerworld) It takes less than five minutes for hackers to find and compromise an unpatched Windows PC after it's connected to the Internet, a security researcher said today.

The SANS Institute's Internet Storm Center (ISC) currently estimates the "survival" time of an Internetconnected computer running Windows at around four minutes if it's not equipped with the latest Microsoft Corp. security patches, said Lorna Hutcheson, a researcher and analyst, in a post to the ISC blog.

2008.06.26 - Industry News - Grid agency issues advisories after Feb. blackout

Mon, 30 Jun 2008 09:48:53 -0400
Reuters,
26 June 2008

Grid agency issues advisories after Feb. blackout

HOUSTON, June 26 (Reuters) - The North American electric grid watchdog issued three advisories on Thursday to urge utilities to take steps to avoid a repeat of events that ballooned into a four-hour blackout in Florida in February.

2008.06.26 - Incidents - Computer stops city, and that's the fifth time

Fri, 27 Jun 2008 16:48:16 -0400
Linton Besser and Alexandra Smith,
Sydney Morning Herald,
26 JUNE 2008

Computer stops city, and that's the fifth time

A COMPUTER failure in the M5 East tunnel yesterday left tens of thousands of motorists trapped in a traffic snarl that locked up Sydney - the fifth time such a malfunction has shut the vital artery.

2008.06.26 - Industry News - Committees approve more money for cybersecurity

Fri, 27 Jun 2008 16:48:18 -0400
Ben Bain,
FCW.com,
26 June 2008

Committees approve more money for cybersecurity

The House and Senate Appropriations committees have approved different measures to fund the Homeland Security Department in fiscal 2009, and each would provide more money for cybersecurity than the Bush administration requested.

2008.06.13 - Industry News - Disgruntled admin gets 63 months for massive data deletion

Mon, 16 Jun 2008 10:04:59 -0400
Dan Goodin,
The Register,
13 June 2008

Disgruntled admin gets 63 months for massive data deletion

An IT manager who sought revenge for an unfavorable job evaluation was sentenced to more than five years in federal prison after being convicted of intentionally triggering a massive data collapse on his former employer's computer network.

2008.06.12 - Industry News - EU States Extend Life of Internet Security Body

Fri, 13 Jun 2008 14:21:26 -0400
Reuters,
12 June 2008

EU States Extend Life of Internet Security Body

Telecom ministers agree to extend the life of the European Network and Information Security Agency by three years as threats to the Web increase.

LUXEMBOURG (Reuters) - European Union telecoms ministers agreed on Thursday to extend the life of the bloc's Internet security watchdog by three years as threats to the Web increase.

2008.06.11 - Industry News - New York nuclear plant shutdown triggered by digital camera

Fri, 13 Jun 2008 14:21:24 -0400
Newsday,
11 June 2008

New York nuclear plant shutdown triggered by digital camera

BUCHANAN, N.Y. (AP) _ An emergency shutdown of a reactor at the Indian Point nuclear power plant was caused by signals from a worker's digital camera, a newspaper reported Wednesday.

2008.06.11 - Industry News - Chinese hacking threatens U.S. critical infrastructure

Wed, 11 Jun 2008 11:00:01 -0400
Business Wire,
11 June 2008

Core Security Technologies Discovers Critical Vulnerability in SCADA Software from Citect

BOSTON--(BUSINESS WIRE)--Core Security Technologies, makers of CORE IMPACT, the world’s most comprehensive enterprise security assurance testing software, today issued an advisory disclosing a vulnerability that could severely impact organizations relying on Citect’s flagship industrial process control software, CitectSCADA. This discovery indicates that thousands of companies using Citect’s SCADA systems could unknowingly be exposing critical industrial processes and assets that they otherwise sought to protect if they do not immediately move to apply the vendor-provided patch, or other suggested workarounds for the vulnerability issued by the software maker.

2008.06.05 - Incidents - Cyber Incident Blamed for Nuclear Power Plant Shutdown

Thu, 5 Jun 2008 15:26:58 -0400
Brian Krebs,
Washington Post,
05 JUNE 2008

Cyber Incident Blamed for Nuclear Power Plant Shutdown

A nuclear power plant in Georgia was recently forced into an emergency shutdown for 48 hours after a software update was installed on a single computer.

2008.06.02 - Industry News - Chinese hacking threatens U.S. critical infrastructure

Wed, 4 Jun 2008 18:03:28 -0400
Homeland Security Daily Wire,
02 June 2008

Chinese hacking threatens U.S. critical infrastructure

U.S. government networks, and the computer systems of U.S. and Western European companies, are under broad and systemic Chinese hacking campaign; in the case of private Western companies, China steals industrial secrets and patent information in order to hasten its rise to a position of global economic hegemony; in the case of U.S. critical infrastructure -- for example, control of electric power stations, several of which Chinese hackers have managed to disable -- China may be preparing for more sinister contingencies.

2008.05.30 - Company News - Industrial Defender Continues to Enable Process Control and SCADA Cyber Security

Fri, 30 May 2008 09:25:12 -0400
Press Release,
Industrial Defender, Inc. ,
30 May 2008
FOXBOROUGH, Mass., May 30, 2008 - Industrial Defender, Inc., the global leader in Cyber Risk Protection(TM) , today announced that its Industrial Defender Enabled Partner Program is experiencing increased global traction, signing industry-leading partners Bow Networks, GarrettCom Inc., Innominate Security Technologies AG, and Teltone Corporation. The Industrial Defender Enabled Partner Program allows technology providers focused on the industrial control systems and SCADA market to collaborate on enhancing their technology offerings, providing end customers with comprehensive integrated cyber security solutions.

2008.05.30 - Industry News - Cybercrime keeps Canadians on their toes

Fri, 30 May 2008 09:23:31 -0400
Tom Keenan,
Business Edge
30 May 2008

Cybercrime keeps Canadians on their toes

Just-released studies show that Canadians are more likely to be victims of cybercrime than street violence, and that we're bigger software pirates than our American cousins.

2008.05.29 - Industry News - Chinese hackers pose serious danger to U.S. computer networks

Fri, 30 May 2008 12:25:56 -0400
Shane Harris,
GovernmentExecutive.com,
29 May 2008

Chinese hackers pose serious danger to U.S. computer networks

Computer hackers in China, including those working on behalf of the Chinese government and military, have penetrated deeply into the information systems of U.S. companies and government agencies, stolen proprietary information from American executives in advance of their business meetings in China, and, in a few cases, gained access to electric power plants in the United States, possibly triggering two recent and widespread blackouts in Florida and the Northeast, according to U.S. government officials and computer-security experts.

2008.05.23 - Industry News - Physical device recognition to the rescue

Tue, 27 May 2008 09:54:53 -0400
Wilson P. Dizard III,
Government Computer News,
23 May 2008

Physical device recognition to the rescue

Hardware fingerprinting technology migrates from fighting software piracy to shielding infrastructure

2008.05.21 - Industry News - Experts warn of cyberterrorism threat

Thu, 22 May 2008 10:02:20 -0400
Julia Zappei,
Associated Press,
21 May 2008

Experts warn of cyberterrorism threat

KUALA LUMPUR, Malaysia (AP) — Officials from around the world agree they must cooperate better to fight the threat of cyberterrorism at facilities such as nuclear power plants.

2008.05.19 - Industry News - Cost of cybersecurity initiative to triple, panel reports

Tue, 20 May 2008 09:40:53 -0400
Bob Brewin,
Nextgov,
19 May 2008

Cost of cybersecurity initiative to triple, panel reports

The Bush administration’s proposal to defend government networks against cyberattacks will cost $17 billion, nearly three times original estimates, and is so secret that it cuts the public out of the debate on the program, according to a Senate report.

2008.05.19 - Industry News - ELECTRICITY: Cybersecurity standards under review

Mon, 19 May 2008 17:38:36 -0400
Katherine Ling,
Environment & Energy Daily,
19 May 2008

ELECTRICITY: Cybersecurity standards under review

A House Homeland Security subcommittee will receive an update this week on new security measures to protect the nation's bulk power system from cyber attacks.

2008.05.19 - Industry News - More Transparency Needed in Cybersecurity Initiative

Mon, 19 May 2008 13:49:19 -0400
Phil Leggiere,
HS Today,
19 May 2008

More Transparency Needed in Cybersecurity Initiative

Senate committee report cites problems with excessive secrecy and lack of mission goal specificity in cybersecurity initiative.

With much fanfare Michael Chertoff in a widely noted speech to the top tier of security professionals attending the RSA security conference last month announced an ambitious Department of Homeland Security (DHS) initiative called the National Cybersecurity Center to secure federal government networks and critical information systems from attacks and intrusions. DHS’s center is to be a core component of the larger government wide National Cybersecurity Initiative announced by the Bush administration, which prominently includes, in addition to DHS, the National Security Agency (NSA).

2008.05.14 - Industry News - NATO allies sign agreement on cyber defense center

Wed, 14 May 2008 17:14:08 -0400
The Associated Press,
14 May 2008

NATO allies sign agreement on cyber defense center
BRUSSELS, Belgium: Seven NATO allies signed a deal Wednesday to fund a research center to boost the alliance's defenses against cyber attacks, seen as a growing threat to military and civilian computer networks.

2008.05.08 - Industry News - Hundreds of U.K. critical infrastructure facilities at flood risk

Fri, 9 May 2008 10:29:41 -0400
Homeland Security Daily Wire,
08 May 2008

Hundreds of U.K. critical infrastructure facilities at flood risk
A study triggered by last summer’s deadly U.K. floods concludes that hundreds of U.K. power substations and water treatment plants are at risk from flooding, thus compounding and exacerbating the consequences of natural disasters.

2008.05.08 - Industry News - Rare SCADA bug poses power plant risk

Fri, 9 May 2008 10:27:08 -0400
John Leyden,
The Register,
08 May 2008

Rare SCADA bug poses power plant risk
Security watchers warn of a rare vulnerability involving software used to control industrial systems. A denial of service vulnerability in monitoring software from Invensys poses a severe risk to the factories and utilities running its Wonderware subsidiary's InTouch SuiteLink application.

2008.05.08 - Industry News - Hundreds of U.K. critical infrastructure facilities at flood risk

Fri, 9 May 2008 10:20:50 -0400
Homeland Security Daily Wire,
08 May 2008

Hundreds of U.K. critical infrastructure facilities at flood risk
A study triggered by last summer’s deadly U.K. floods concludes that hundreds of U.K. power substations and water treatment plants are at risk from flooding, thus compounding and exacerbating the consequences of natural disasters.

2008.05.05 - Industry News -Defense, intelligence could take major role in cyber defense

Tue, 6 May 2008 11:16:06 -0400
Bob Brewin ,
nextgov.com,
05 May 2008

Defense, intelligence could take major role in cyber defense
The Bush administration this week could release its ambitious plan to defend government networks from cyberattacks, but recent news reports and a February 2008 budget supplement indicates that the Defense Department and intelligence agencies could lead the effort.

2008.05.05 - Industry News -DHS cybersecurity strategy draws fire

Tue, 6 May 2008 11:16:05 -0400
Alice Lipowicz,
FCW.com,
05 May 2008

DHS cybersecurity strategy draws fire
The Homeland Security Department’s ambitious cybersecurity initiative might be relying too much on contractors and might not be providing enough information to the public, according to two key senators.

2008.05.02 - Industry News -Lieberman and Collins Step Up Scrutiny of Cyber Security Initiative

Tue, 6 May 2008 10:18:47 -0400
Press Release,
Senate Committee on Homeland Security and Governmental Affairs,
02 May 2008

Lieberman and Collins Step Up Scrutiny of Cyber Security Initiative
Secrecy, Overuse of Contractors, Role of Private Sector at Stake
WASHINGTON - Homeland Security and Governmental Affairs Committee Chairman Joe Lieberman, ID-Conn., and Ranking Member Susan Collins, R-Me., are seeking detailed explanations from the Department of Homeland Security regarding a new initiative to secure federal information technology systems.

2008.04.30 - Industry News -The Art of Cyber Warfare, Part 2: Digital Defense

Thu, 1 May 2008 16:55:18 -0400
Jack Germain,
E-Commerce Times,
30 April 2008

The Art of Cyber Warfare, Part 2: Digital Defense
Cyber warfare is a sort of irregular warfare, a strategy usually employed by underdogs fighting a stronger enemy. Cyber attack tactics, however, are sometimes backed by strong forces. To defend against such an attack, exercises like Cyber Storm involve wide stretches of both public and private sectors of American infrastructure.

2008.04.29 - Industry News -The Art of Cyber Warfare, Part 1: The Digital Battlefield

Thu, 1 May 2008 16:51:48 -0400
Jack Germain,
E-Commerce Times,
29 April 2008

The Art of Cyber Warfare, Part 1: The Digital Battlefield
Computer network attacks are often perpetrated by gangs of criminal hackers attempting to break into a system for financial gain. However, cyber attacks for political purposes could just as easily be -- and sometimes are -- perpetrated. A country's national security could be severely threatened should a team of hackers successfully crack certain computer systems.

2008.04.28 - Industry News -Homeland security's cyber eyes

Thu, 1 May 2008 16:47:58 -0400
Alan Joch,
FCW,
28 April 2008

Homeland security's cyber eyes
Security experts roll out new techniques to try to keep up with today’s stealthy, transnational cyberattacks

When it comes to hacking and cyber espionage, few targets are as popular as the U.S. government. According to the U.S. Computer Emergency Readiness Team, federal agencies reported 12,986 cyberattacks in 2007 compared with 3,569 two years earlier.

2008.04.28 - Industry News -Cybersecurity’s new world order

Thu, 1 May 2008 16:44:08 -0400
Ben Bain,
FCW,
28 April 2008

Cybersecurity’s new world order
A year after massive cyberattacks virtually shut down Internet operations in Estonia, government officials here and abroad are still learning to adapt to a world in which technology, diplomacy and defense converge.

2008.04.28 - Industry News -Experts struggle with cybersecurity agenda

Thu, 1 May 2008 16:42:52 -0400
William Jackson,
Government Computer News,
28 April 2008

Experts struggle with cybersecurity agenda
Whoever becomes our next president will inherit a cyber infrastructure under almost constant attack and at greater risk than eight years ago, and a handful of experts and legislators have come together to ensure that cybersecurity has a high priority in his or her administration.

2008.04.25 - Industry News -DHS moves to ramp up cybersecurity in federal agencies

Tue, 29 Apr 2008 09:52:18 -0400
Chris Strohm,
GovernmentExecutive.com,
25 April 2008

DHS moves to ramp up cybersecurity in federal agencies
The Homeland Security Department plans to complete an analysis in about 45 days to determine which U.S. government computer networks are most vulnerable to cyberattacks, with the intention of deploying 50 new intrusion detection systems to federal agencies by the end of the year, a top U.S. cybersecurity official said Friday.

2008.04.25 - Industry News -Cyber-Attacks and Cyber-Disasters: Are You Prepared?

Fri, 25 Apr 2008 10:30:07 -0400
Kevin Coleman,
TechNewsWorld,
25 April 2008

Cyber-Attacks and Cyber-Disasters: Are You Prepared?
In 2007, a denial-of-service attack was launched every 53 minutes. Earlier this year, the loss of an undersea cable resulted to the loss of Internet service for entire regions. Businesses that rely to any measure on the Web must secure their businesses against the possibility of large-scale cyber-attacks and disasters, writes strategic management consultant Kevin Coleman.

2008.04.24 - Industry News -Critical infrastructure central to cyber threat

Fri, 25 Apr 2008 10:28:31 -0400
Ben Bain ,
FCW.com,
24 April 2008

Critical infrastructure central to cyber threat
The United States is increasingly vulnerable to cyberattacks that could have catastrophic effects on critical physical infrastructure, and severely damage the country’s economic, military and strategic interests, cybersecurity specialists said today.

2008.04.17 - Industry News -Beware the insider security threat

Thu, 17 Apr 2008 14:32:57 -0400
Andy McCue,
Silicon.com,
17 April 2008

Beware the insider security threat
Employees and insiders are bigger threats to corporate security than external threats such as denial of service attacks or malware.

2008.04.17 - Industry News -S'pore pledges US$52M against cyber threats

Thu, 17 Apr 2008 14:31:49 -0400
Vivian Yeo ,
ZDNet Asia,
17 April 2008

S'pore pledges US$52M against cyber threats

SINGAPORE--The government today announced it will pump S$70 million (US$51.6 million) over the next five years to boost its cyber defenses and guard against emerging threats.

2008.04.17 - Industry News -Security experts split on "cyberterrorism" threat

Thu, 17 Apr 2008 14:30:36 -0400
Mark Trevelyan,
Reuters,
17 April 2008

Security experts split on "cyberterrorism" threat

LONDON (Reuters) - International experts called on Wednesday for greater cooperation to fight threats to computer networks but they differed on the definition of cyberterrorism, with a top British security official describing it as a "myth".

2008.04.16 - Industry News -IG: DHS need cyber security coordination office

Thu, 17 Apr 2008 14:29:07 -0400
Alice Lipowicz ,
FCW.com,
16 April 2008

IG: DHS need cyber security coordination office

The Homeland Security Department is moving too slowly to protect its most critical internal computer systems, according to a new from the department’s inspector general, Richard Skinner.

2008.04.16 - Company News - Frost & Sullivan Acknowledges Industrial Defender as Market Leader in Critical Infrastructure Cyber Security Protection

Thu, 17 Apr 2008 14:28:24 -0400
Press Release,
Frost & Sullivan ,
16 April 2008
Palo Alto, Calif. - April 16, 2008 - Based on its recent analysis of the cyber risk management solutions market for process control & SCADA environment, Frost & Sullivan presents Industrial Defender Inc. with the 2008 Global Frost & Sullivan Company of the Year Award.

2008.04.16 - Company News - Frost & Sullivan Acknowledges Industrial Defender as Market Leader in Critical Infrastructure Cyber Security Protection

Wed, 16 Apr 2008 10:02:37 -0400
Press Release,
Industrial Defender, Inc. ,
16 April 2008
FOXBOROUGH, Mass., April. 16, 2008 - Industrial Defender, Inc., the global leader in Cyber Risk Protection(TM), today announced that it is the recipient of the 2008 Global Risk Management Process Control & SCADA Company of the Year Award by Frost & Sullivan, a leading global growth consulting company.

2008.04.10 - Industry News -Bush's Cyber Secrets Dilemma

Fri, 11 Apr 2008 14:30:27 -0400
Andy Greenberg,
Forbes,
10 April 2008

Bush's Cyber Secrets Dilemma

SAN FRANCISCO, CALIF. - There's a problem facing the Bush administration: It has $30 billion to spend over the next five to seven years to keep the U.S. safe from hackers and cyberspies. But to extend that protection to the nation's critical infrastructure--including banks, telecommunications and transportation--it needs the cooperation of the private sector.

2008.04.09 - Industry News -DHS Chief Says Current Defenses 'Insufficient' to Handle Evolving Threats

Fri, 11 Apr 2008 14:30:26 -0400
Tim Wilson,
Dark Reading,
09 April 2008

DHS Chief Says Current Defenses 'Insufficient' to Handle Evolving Threats

SAN FRANCISCO -- RSA Conference 2008 -- Michael Chertoff, secretary of the U.S. Department of Homeland Security, is a long way from feeling secure.

In a keynote address and press conference yesterday here, Chertoff discussed the threats faced by government and business, the progress of federal cyber security efforts, and the state of current security technology. And he believes a lot more work needs to be done on all of those fronts.

2008.04.09 - Industry News -Water, water, everywhere under attack

Fri, 11 Apr 2008 14:30:21 -0400
Alice Lipowicz,
Washington Technology,
09 April 2008

Water, water, everywhere under attack

Water utilities should begin work immediately to secure their systems against catastrophic cyberattack, according to a new strategy document sponsored by the American Water Works Association and Homeland Security Department.

2008.04.09 - Industry News -Experts hack power grid in no time

Fri, 11 Apr 2008 14:30:07 -0400
Tim Greene,
Network World ,
09 April 2008

Experts hack power grid in no time

SAN FRANCISCO -- Cracking a power company network and gaining access that could shut down the grid is simple, a security expert told an RSA audience, and he has done so in less than a day.

2008.04.09 - Industry News -Air Force pushing ahead on cyberspace

Fri, 11 Apr 2008 14:29:55 -0400
Ben Bain ,
FCW.com
09 April 2008

Air Force pushing ahead on cyberspace

The Air Force is finalizing a doctrine that will guide its operations in cyberspace, a domain in which the service plans to invest $5 billion during coming years as it works to establish its new Cyber Command. .

2008.04.09 - Industry News -Chertoff wants early warning system for infrastructure attacks

Thu, 10 Apr 2008 17:35:44 -0400
Associated Press,
CNN,
09 April 2008

Chertoff wants early warning system for infrastructure attacks

SAN FRANCISCO (AP) -- Federal cybersecurity officials are trying to develop an early warning system that alerts authorities to incoming computer attacks targeting critical U.S. infrastructure, Homeland Security Secretary Michael Chertoff said.

2008.04.08 - Industry News -Breaking into a power station in three easy steps

Wed, 9 Apr 2008 14:32:12 -0400
Elinor Mills,
Cnet News,
08 April 2008

Breaking into a power station in three easy steps

"I will tell (you) how to break into a nuclear reactor," Ira Winkler, president of security firm ISAG said as he launched into his presentation on "How to Take Down the Power Grid" at RSA 2008 on Tuesday night.

"Frankly, it's really easy to break into the power grid," he said. "It happens all the time."

2008.04.04 - Industry News -U.S. reveals plans to hit back at cyberthreats

Mon, 7 Apr 2008 11:22:42 -0400
Tom Espiner,
Cnet News,
04 April 2008

U.S. reveals plans to hit back at cyberthreats

The U.S. Air Force Cyber Command is developing capabilities to inflict denial of service, confidential data loss, data manipulation, and system integrity loss on its adversaries, and to combine these with physical attacks, according to a senior U.S. general.

2008.03.24 - Incidents- Limerick (PA) nuclear power station shut from full power

Tue, 25 Mar 2008 12:12:36 -0400
Reuters,
24 MAR 2008

Exelon Pa. Limerick 1 reactor shut

NEW YORK, March 24 (Reuters) - Exelon Corp's (EXC.N: Quote, Profile, Research) 1,134-megawatt Unit 1 at the Limerick nuclear power station in Pennsylvania shut from full power on March 22, the company said in a release.

The shutdown occurred due to a problem with the main turbine control system on the electrical distribution side of the plant. In the release, the company said operators were making repairs.

2008.03.13 - Industry News - Bush calls for tighter cybersecurity

Mon, 17 Mar 2008 10:22:14 -0400
Richard Wolf,,
USA Today,
13 March 2008

Bush calls for tighter cybersecurity

WASHINGTON - A sudden spike in the number of successful attacks against federal government information systems and databases has led President Bush to propose a multibillion-dollar response.

2008.03.13 - Industry News - Cyberexercise shows need for better training to avoid major network failures

Mon, 17 Mar 2008 09:46:07 -0400
Jill R. Aitoro,
GovernmentExecutive.com,
13 March 2008

Cyberexercise shows need for better training to avoid major network failures

Workers operating networks supporting the nation's critical infrastructure such as telecommunications and transportation need better training on how to manage backup systems in case cyberattacks take down main systems, said a top Homeland Security Department official Thursday.

2008.03.12 - Industry News - Insiders are the greatest threat to companies' security

Wed, 12 Mar 2008 14:29:51 -0400
DHSDailyWire.com,
12 March 2008

Insiders are the greatest threat to companies' security

There is a 72 percent likelihood that the next successful attack on your company will come from an insider, says IBM Tivoli executive

The recent scandal at French bank Société Générale has highlighted, if such highlighting was necessary, how vulnerable companies are to insider threats, speakers said Tuesday at the European Computer Audit Control and Security Conference in Stockholm. "Despite all the press and focus on hacking and viruses, there is a 72 percent likelihood that the next successful attack will come from an insider, according to statistics from ISCSA Labs," said Marne Gordan, GRC market manager at IBM Tivoli. Because such users are already on the inside they can cause a lot of damage, and go undetected for a long time. Reasons for users turning on their employers include financial gain, curiosity and good old-fashioned revenge, according to Gordan.

2008.03.10 - Industry News - U.S. officials: "Cyber Warfare Is Already Here"

Mon, 17 Mar 2008 10:36:11 -0400
HSDailyWire.com,
10 March 2008

U.S. officials: "Cyber Warfare Is Already Here"

U.S. officials say China, Russia, and possibly other nation-states are capable of collecting or exploiting data held on U.S. information systems; Director of National Intelligence says especially worrisome is the ability of other countries to destroy data in the system: "And the destroying data could be something like money supply, electric power distribution, transportation sequencing and that sort of thing"

2008.03.10 - Industry News - Analysis: DHS stages cyberwar exercise

Tue, 11 Mar 2008 09:49:07 -0400
Shaun Waterman ,
Middle East Times,
10 March 2008

Analysis: DHS stages cyberwar exercise

WASHINGTON, March 10 (UPI) -- Officials from 18 federal agencies, nine states, four foreign governments and more than three dozen private companies will take part in a cyberwar exercise staged by the U.S. Department of Homeland Security this week.

2008.03.09 - Industry News - Fed Networks Increasingly Under Siege

Mon, 10 Mar 2008 14:00:14 -0400
Courtney Mabeus ,
PCWorld,
09 March 2008

Fed Networks Increasingly Under Siege

Richard Westfield acknowledges his small agency, the National Labor Relations Board, doesn't possess the most sought-after data in government. But that doesn't mean his agency is not a target for hackers.

The agency’s computers are linked to other networks. "Once they have access to the network," Westfield said, "They can use that as a launch pad to other organizations."

2008.03.09 - Industry News - Chinese Hackers Worry Pentagon

Mon, 10 Mar 2008 13:58:51 -0400
PCWorld,
09 March 2008

Chinese Hackers Worry Pentagon

WASHINGTON (Reuters) - China is developing weapons that would disable its enemies' space technology such as satellites in a conflict, the Pentagon said in a report released last week.

The report also said "numerous" intrusions into computer networks around the world, including some owned by the U.S. government, in the past year seem to have originated in China.

2008.03.06 - Industry News - House Security Committee Passes Chemical Plant Anti-Terrorism Bill

Mon, 10 Mar 2008 17:51:29 -0400
Greenpeace,
06 March 2008,

House Security Committee Passes Chemical Plant Anti-Terrorism Bill

WASHINGTON, DC - March 6 - In a bipartisan vote, led by U.S. Rep. Bennie Thompson (D-MS), the House Homeland Security Committee today passed the "Chemical Facilities Anti-Terrorism Act of 2008." The bill would significantly strengthen the Department of Homeland Security's (DHS) regulations and create a permanent law to address the risks posed by chemical facilities.

2008.03.06 - Industry News - U.S. unprepared for ongoing cyberwar, say top military and intelligence officials

Fri, 7 Mar 2008 10:44:09 -0500
Bob Brewin,
GovernmentExecutive.com,
06 March 2008

U.S. unprepared for ongoing cyberwar, say top military and intelligence officials

The United States is in the midst of a cyberwar and is not prepared to deal with it, top Defense Department and intelligence officials acknowledged this week.

"Cyberwarfare is already here.... It's one of our major challenges," said Defense Deputy Secretary Gordon England on Monday at the annual National Community Service and Legislative Conference of the Veterans of Foreign Wars.