The Worst Security Hack Ever

Mikeknsah: Information Security News Update!

The Worst Security Hack Ever

Breach Extends Beyond the Victimized Company

Hackers at their best yet! They stole the private key of trusted digital certificate issuer to fool internet website visitors.

“The Worst Security Hack Ever” sent some chills down my spine simply because it spanned beyond the usual territory of the victim’s environment. Now the long arm of the breach effect, like an octopus, is threatening the very trust of the e world. The far reaching impact of the hackers’ success is that the foundation of INFOSEC – confidentiality, integrity and availability – is being shaken to its roots. That the hackers could break into DigiNotar’s computers is nothing novel, but the sophistication of the hacker’s operation and the carefully selected extended victims (the CIA, British and Israeli intelligence services, Google, Microsoft, Facebook, Twitter, Wordpress, and Equifax) according to preliminary audit, makes it scary.   

 The question that remains is whether the perpetrators will ever be brought to justice. And how long will it take, and at what cost, to deter another disaster of DigiNotar’s magnitude. Especially disheartening at this juncture is that other hackers have been emboldened by the success of DigiNotar attackers. The hackers have gained global publicity by bringing DigiNotar to its knees. So, what and who is next?

http://blogs.bankinfosecurity.com/posts.php?postID=1068&search_keyword=The+worst+security+hack+ever&search_method=exact

US agencies making progress on cybercrime, officials say

Mikeknsah: Information Security News Update!

But criminals continue to target U.S. businesses, with the FBI currently investigating 400 wire transfer cases!

The rise in cybercrime and the level of sophistication of the crimes have caught the attention of the U.S. Secret Service, the FBI, the Department of Homeland Security, and the Congress due to high volume of cases being investigated by the FBI. Sources of the cases are mainly in the financial industry. Tops on the list are payment processing breaches, ATM skimming, stock trading, and mobile banking attacks. Despite the fact that the FBI has made combating cybercrime one of its top priorities over the past decade, cyber attacks continue to be a major threat globally. For example, as much as $388 billion has been lost in time and money in a period of one year compared to about $288 billion lost in heroin and cocaine trading combined. It makes one to wonder what the cost of would have been if all the government agencies were not as committed to fighting the war against cybercriminals. Also, with rising global internet usage and the ease of sharing information, is the amount of resource capital – human and monetary – sustainable? It seems like the more the government agencies improve on their information sharing amongst themselves, the more aggressive the attackers get.      

http://www.networkworld.com/news/2011/091411-us-agencies-making-progress-on-250908.html?source=nww_rss

Pentagon unveils five steps for better cybersecurity

Mikeknsah: Information Security News Update!

In the fast and dynamic internet age, the only way to maintain a safe and secure information environment is by staying ahead of the bad guys. The United States Department of Defense (DoD) – Pentagon – is working overtime to ensure that the information age rouges will always be playing catch up. The DoD is working tough balancing act since it must guard the U.S. interest on land, sea, air, and space fronts. While attempting to defend the cyberspace, the DoD has to avoid being perceived as militarizing the cyberspace and violating the citizens basic freedoms, according to the department’s Deputy Secretary. But for how long can this balancing act be played with 100% success? One virtue that the bad guys always possess is the gift of patience.

http://www.networkworld.com/news/2011/071511-pentagon-unveils-five-steps-for.html?page=1