News Items Related to the Course
|5/15/13||REUTERS SUMMIT-White House cites progress in cyber talks with China, Russia, by Joseph Menn, REUTERS|
|5/1/13||Groups denounce FBI plan to require Internet backdoors for wiretaps: U.S. task force reportedly working on plan to severely penalize companies that fail to comply quickly with wiretap orders, by Jaikumar Vijayan, COMPUTERWORLD|
As cyberthreats mount, hacker's conviction underscores criticism of government overreach,
by Jerry Markon, The Washington Post
A couple of hackers discovered that if they entered an iPad ID number on an AT&T website, the software would provide them with an email address. They wrote a program to collect email addresses and corresponding iPad IDs this way. One of them made this information available to Gawker. He was charged under the Computer Fraud and Abuse Act, found guilty by a jury, and sent to jail for 41 months. The other is awaiting sentencing.
|4/28/13||Draft proposal seeks to fine tech firms for wiretap-order noncompliance, by Ellen Nakashima, The Washington Post|
DDoS attack against Spamhaus overhyped, says website watcher Keynote, by Ellen Messmer, COMPUTERWORLD, March 28, 2013
This article provides a counterpoint to those that highlight the severity of the attack against Spamhaus.
|3/28/13||Online fight over spam becomes largest-ever Internet-snarling attack, Experts focus on a well-known web flaw that has allowed the problem to be greatly amplified, and could lead to worse attacks in the future. By Kate Allen, The Toronto Star|
|3/27/13||Attacks Used the Internet Against Itself to Clog Traffic, by John Markoff and Nicole Perlroth, The New York Times|
Firm Is Accused of Sending Spam, and Fight Jams Internet, by John Markoff and Nicole Perlroth, New York Times
This article describes a massive DDoS attack that, if accurate, almost rises to the level of a real cyberattack.
|3/22/13||Five Myths about Chinese Hackers, by James Lewis, Washington Post|
|3/19/13||Google fully implements security feature on DNS lookups, by Jeremy Kirk, COMPUTERWORLD|
|3/19/13||Researcher sets up illegal 420,000 node botnet for IPv4 internet map - Potentially risks thousands of years in jail, The Register|
|3/18/13||Sun Storm Forecast: Tiny Chance of Havoc, by Kenneth Chang, New York Times|
|3/13/13||WSJ.com - U.S. Steps Up Alarm Over Cyberattacks, by Siobhan Gorman and Siobhan Hughes, Wall Street Journal|
|3/12/13||Security Leader Says U.S. Would Retaliate Against Cyberattacks, by Mark Mazzetti and David E. Sanger, New York Times|
|3/11/13||What you Like on Facebook could reveal more than you think, by Sharon Gaudin, COMPUTERWORLD|
|3/7/13||Demand for IT security experts outstrips supply: Employers will pay more for certified -- and experienced -- IT security pros, studies find, by Jaikumar Vijayan, COMPUTERWORLD|
|3/6/13||How to blunt spear phishing attacks, by Neal Weinberg, Network World|
|3/3/13||As Hacking Against U.S. Rises, Experts Try to Pin Down Motive, by Nicole Perlroth, David E. Sanger and Michael S. Schmidt, The New York Times|
|2/28/13||China Alleges Cyberattacks Originated in U.S., by Paul Mozur, The Wall Street Journal.|
|2/28/13||White House debating actions to retaliate against foreign cyberattacks, by Jennifer Martinez, The Hill.|
|2/25/13||Crackdown on illegal file sharing begins, by Brendan Sasso, The Hill.|
Intel chairwoman: Report on China's cyber war unit 'essentially correct', by Brendan Sasso and Daniel Strauss, The Hill.
The reference here is to the Mandiant report.
|2/24/13||Video of discussion of Cyberwar on the MSNBC program "UP with Chris Hayes"|
U.S. Ups Ante for Spying on Firms, by Siobhan Gorman and Jared A. Favole, The Wall Street Journal
The White House threatened China and other countries with trade and diplomatic action over corporate espionage as it cataloged more than a dozen cases of cyberattacks and commercial thefts at some of the U.S.'s biggest companies.
|2/20/13||Chinese cyberspies have hacked most Washington institutions, experts say, by Craig Timberg and Ellen Nakashima, The Washington Post|
|2/20/13||Some Victims of Online Hacking Edge Into the Light, by Nicole Perlroth, New York Times, New York Times|
|2/20/13||China Says Army Is Not Behind Attacks in Report, by David Barboza, New York Times|
Chinese Army Unit Is Seen as Tied to Hacking Against U.S., by David Sanger, David Barboza and Nicole Perlroth, New York Times
This is a comprehensive assessment of long-term hacking of many organizations based on a 74-page report by Mandiant, an American computer security firm.
In Cyberwar, Software Flaws Are A Hot Commodity, by Tom Gjelten, NPR
It is currently legal in the US to sell software security bugs. Should this continue?
|2/8/13||Bit9, a company that provides security to other companies, was hacked: Security Firm Bit9 Hacked, Used to Spread Malware, KrebsonSecurity Blog|
Tech associations raise concerns with EU's proposed cybersecurity rules,
By Jennifer Martinez, THE HILL'S Technology Blog
The EU's proposed cyber rules would require "enablers of information society services" - such as search engines, social networks and cloud storage services - to report major intrusions on their "core services."
Crooks Net Millions in Coordinated ATM Heists, KrebsonSecurity Blog
$9 Million was stolen in one weekend by organized criminals around the globe. More than $500K was withdrawn on a single card.
|2/6/13||Linking Cybersecurity Policy and Performance, by Aaron Kleiner, Paul Nicholas, Kevin Sullivan, Microsoft Trustworthy Computing|
February 5, 2013, Ruppersberger: House Intelligence Committee to re-introduce CISPA this year, by Jennifer Martinez, Hillicon Valley, THE HILL's Technology Blog
A Wikipedia web page on the Cyber Intelligence Sharing and Protection Act (CISPA) is also available.
Read the views of the chairman of the House Intelligence Committee on this matter.
Internet Blackout in the U.S. a Near Impossibility, by Sheila Riley, Investor's Business Daily
This article is based on a renesys blog by James by James Cowie entitle Could It Happen In Your Country? published on November 30, 2012 11:32 AM
February 5, 2013, Hearing on "Fighting for Internet Freedom: Dubai and Beyond".
This memo describes the challenge to Internet Governance made by
the December 2012 World Conference on International Telecommunications (WCIT) run
by the International Telecommunications Union (ITU) in Dubai.
See also the hearing website for this meeting.
|2/3/13||Broad Powers Seen for Obama in Cyberstrikes, by David E. Sanger and Thom Shanker, New York Times|
|2/1/13||U.S. Weighs Tougher Action over China Cyberattacks, by Lolita C. Baldor, Time Magazine|
|1/30/13||Hackers in China Attacked The Times for Last 4 Months, by Nicole Perlroth, New York Times|
|1/27/13||Disruptions: A Fuzzy and Shifting Line Between Hacker and Criminal, Nick Bilton, New York Times|
|1/27/13||Pentagon Expanding Cybersecurity Force to Protect Networks Against Attacks, Elisabeth Bumiller, New York Times|
|1/27/13||Pentagon to boost cybersecurity force, Ellen Nakashima, Washington Post|
|1/24/13||In a French Case, a Battle to Unmask Twitter Users, by Eric Pfanner and Somini Sengupta, New York Times|
|1/17/13||Critical Infrastructure Systems Seen as Vulnerable to Attack, by Nicole Perlroth, New York Times|
The FBI Needs Hackers, Not Backdoors by Matt Blaze and Susan Landau, WIRED, January 14, 2013.
The Communications Assistance for Law Enforcement Act (CALEA) of 1994 required that all telephone switches include FBI-approved wiretapping capabilities. The FBI would like to extend this capability to the Internet. Is it prudent to design in backdoors to the Internet?
|1/14/13||Diplomatic and government agencies targeted in years-long cyberespionage operation:The attackers used custom malware to target organizations from 39 countries, Kaspersky Lab says, by Lucian Constantin, COMPUTERWORLD|
|1/11/13||Wiretapping law's renewal dismays rights groups, Jaikumar Vijayan, COMPUTERWORLD|
|1/9/13||Cyber security in 2013: How vulnerable to attack is US now? (+video) The Christian Science Monitor|
|1/3/13||John Mueller and Benjamin Friedman, The Cyberskeptics, CATO Institute|
|1/2/13||To Thwart Hackers, Firms Salting Their Servers with Fake Data, by Helen Nakashima, Washington Post.|
|11/12||The Cyber Terror Bogeyman, by Peter W. Singer, Armed Forces Journal|
|11/30/12||Collected Articles on the Internet Including the WCIT, Internet Society|
|11/30/12||'Father of the internet': Why we must fight for its freedom, by Vinton Cerf, CNN|
|11/30/12||EU set to fight Internet tax and "spying" at global summit, Reuters|
|11/27/12||Integrity of Internet Is Crux of Global Conference, New York Times|
|9/26/12||DoD Officials Worried About Built in Cyber Attacks, by John Reed, FP National Security|
|5/24/12||Keep the Internet Open, Vinton Cerf, International Herald Tribune|
|4/24/12||CISPA concerns spread in Congress, COMPUTERWORLD|
|4/24/12||Healthcare industry group builds cybersecurity threat center, COMPUTERWORLD|
|4/18/12||White House raises concerns over CISPA bill, COMPUTERWORLD|
|3/18/12||U.S. Accelerating Cyberweapon Research, Ellen Nakashima, Washington Post|
|3/15/12||China Corporate Espionage Boom Knocks Wind Out of U.S. Companies, Bloomberg News|
|3/13/12||New Interest in Hacking as Threat to Security, The New York Times - A heightened emphasis on the threat!|
|2/24/12||The cyber-weapons paradox: 'They're not that dangerous', The Register|
|2/21/12||Alert on Hacker Power Play, The Wall Street Journal|
|2/1/12||Power-Grid Cyber Attack Seen Leaving Millions in Dark for Montsh, Bloomberg News.|
|1/20/12||Could the Internet Ever Be Destroyed?: The coming threats to the global Internet could take many forms, Natalie Wolchover, Scientific American|
|12/8/11||Cyber-intruder sparks massive federal response - and debate over dealing with threats, Ellen Nakashima, Washington Post|
|10/26/11||10 ways to secure browsing in the enterprise, COMPUTERWORLD|
|10/26/11||Analysis: Agreement seen distant at London cyber conference, Reuters|
|10/21/11||China calls for joint efforts for peaceful, secure, equitable cyber space, Xinhua, Global Times|
|10/19/11||Technology and the Innovation Economy: Technology and the Innovation Economy Innovation, Job Creation, Technology, Growth through Innovation, U.S. Economic Growth, Darrell M. West, The Brookings Institution|
|10/12/11||Chinese military mobilises cybermilitias, The Financial Times|
|10/1/11||Homeland Security tries to shore up nation's cyber defenses, The Washington Post.|
|9/28/11||Analysis: Dim Prospects for Cybersecurity Law in 2011, GovInfo Security.|
|9/21/11||The ISP Role in Fighting Malware, The Federal Register.|
|8/15/11||The Threat, published in Nextgov by James Andrew Lewis, CSIS|
|8/12/11||Department of Internet Defense, David Ignatious, Washington Post|
|7/14/11||Critics: U.S. Cybersecurity Plan Has Holes, Few New Items, PCWorld|
|7/7/11||How digital detectives deciphered Stuxnet, the most menacing malware in history, Ars Technica|
|6/02/11||Chinese Government Denies Hacking Google Accounts, Wall Street Journal|
|6/02/11||Google Mail Hack Blamed on China, Wall Street Journal|
|5/31/11||Pentagon to Consider Cyberattacks Acts of War, New York Times|
|5/31/11||Cyber Combat: Act of War, Wall Street Journal|
|4/19/11||Oak Ridge National Labs shut down Internet, email after cyberattack, COMPUTERWORLD|
|4/18/11||Obama's online trusted ID plan (NSTIC) greeted with caution.|
|4/14/11||Special report: In cyberspy vs. cyberspy, China has the edge|
|4/11/11||U.S. needs cyber-emergency response, lawmaker says. A report on the URI conference on cybersecurity, April 11, 2010.|
|4/2/11||Bank customers warned after breach at Epsilon marketing firm|
|3/31/11||What a cyberwar with China might look like|
|3/16/11||It's Tracking Your Every Move and You May Not Even Know|
|3/16/11||Langevin Introduces Bill to Strengthen Cybersecurity, Prevent Attacks|
|3/8/11||Open Source an open goal for Health Care IT - Research finds both cost and security benefits|
|3/7/11||The new cyber arms race, The Christian Science Monitor|
|3/8/11||UK warned attacks on GPS systems could hit critical infrastructure|
|3/7/11||Android Market XSS Bug Allowed Code Execution on Mobile Devices|
Cyber security a potential nightmare for officials
"The nightmare that the DHS has," said former head of policy at DHS Stewart Baker, "is that a very sophisticated hacker, perhaps working for Hezbollah, manages to infiltrate our electric grid and to bring down power to a portion of the United States, not for an hour or two, but for days or weeks. This would create a major humanitarian crisis."
|3/1/11||Hospital Pays $1 Million Penalty For Loss Of Patient Data|
|2/28/11||In Huawei's Bid to Crack Market, U.S. Sees a Threat From China Inc.|
|2/28/11||Sophos warns of Mac OS X backdoor Trojan.|
Why you can't stop insider threats, Federal Computer Week.
"In the wake of the WikiLeaks disclosures, all the soul searching and mandated risk assessments have made one thing painfully clear: Some of the most damaging security breaches originate from inside an agency's firewalls."
When the Internet Nearly Fractured, and How It Could Happen Again
A fascinating story published by The Atlantic. Ira Magaziner of Brown fame is seen to play an important role in development of the Internet.
|2/24/11||Advances in health care IT increase data breach risks, says Deloitte|
Energy firms fear major cyber attack on grid this year
This article refers to a new report from the Center for Strategic and International Studies.
RSA: Act now on cyberwar, security experts caution
This article quotes experts on cybersecurity on the severity of the cybersecurity problem.
The world of cyber threats
This article quotes the head of Symantec, the biggest security company, comments on Stuxnet and the general cybersecurity threat.
Anonymous speaks: the inside story of the HBGary hack
Many of the attacks discussed in class are illustrated in this story.
|2/16/11||Egypt Leaders Found 'Off' Switch for Internet|
|2/14/11||Stuxnet scored quick hit on first target, says researcher|
|2/14/11||Drumming Up More Addresses on the Internet|
|2/14/11||U.S. Policy to Address Internet Freedom|
|2/11/11||The cyberweapon that could take down the Internet|
|2/11/11||Malware endemic even on protected PCs|
|2/11/11||'Sloppy' Chinese hackers scored data-theft coup with 'Night Dragon'|
|2/4/11||What is the Best Way to Protect U.S. Critical Infrastructure from a Cyber Attack?|
|2/4/11||Cyber War Needs 'Rules of Engagement"|
|2/3/11||'Kill switch' bill returns just as Egypt shuts down Internet|
|2/2/11||Egypt Restores Links to Internet|
|2/2/11||Researchers pry open Waledac, find 500,000 email passwords|
|2/1/11||DDoS Attacks Made Worse By Firewalls, Arbor Networks Reports|
|12/28/10||Putin Orders Russian Gov't to Move to Open Source|
|10/13/10||How Stuxnet Is Rewriting the Cyberterrorism Playbook|
|8/03/10||Who really sets global cybersecurity standards: The 19 most influential cybersecurity organizations in the world, NetworkWorld|
|08/05/09||How to Evaluate, Compare and Implement Enterprise Antivirus, CSO Online|
|03/31/09||Deep computer-spying network touched 103 countries, COMPUTERWORLD.|
|2007||The US-CCU Cyber-Security Check List, U.S. Cyber Consequences Unit.|
|1997||Unsung Heroes of Cryptography, Sunday Telegraph|