![]( "Cellular Forensics")
Government and the private sector still don’t share enough information about cyber threats because each doubts the other’s ability to protect it, according to a recent survey by the U.S. Government Accountability Office (GAO).
The GAO’s survey of 56 leading private sector stakeholders and their government counterparts showed that old concerns persist: companies worry the government will share data with their competitors, while the government worries information shared with the private sector will end up in the hands of foreign governments.
GAO offered two recommendations: that the Obama administration consider the findings in its ongoing effort to beef up cybersecurity, and that the White House and the Department of Homeland Security (DHS) ensure the success of the new National Cybersecurity and Communications Integration Center. The center is a collaboration between DHS’s U.S. Computer Emergency Readiness Team and its National Coordinating Center for Telecommunications.
(For more on the ongoing struggle to stop cyber threats, see Yet Another Cyber Wake-Up Call from April’s Homeland Security department, and New Cybersecurity Push, Old Problem, from the September 2009 issue.)
Only 27 percent of private sector respondents said they get timely and accurate cyber threat information from the federal government, while only nine percent said their federal partners are providing the technical expertise to face the problem.
Meanwhile federal officials told GAO that while the private sector is doing a good job of following recommendations to shore up vulnerabilities, it does not provide the personnel necessary to maintain a robust partnership, according to the report.
Read more…
The FBI is outsourcing cybersecurity to the tune of nearly $1 billion to a Washington-area managed services company. The deal shows a willingness in the federal government to place IT services more and more in the hands of third parties as agencies don’t have enough staff on hand to do the job.
The five-year contract awards $99.5 to Fairfax, Va.-based ManTech International for round-the-clock intrusion-detection monitoring; security engineering; incident identification and response; vulnerability assessment and penetration testing; cyber-threat analysis; and specialized cyber training services. ManTech will use ISO 9001-compliant security processes to provide its services, as well as introduce new technology aimed at reducing cyber-threat risks, according to the company. ISO 9001 is a global quality standard from the International Organization for Standardization (ISO) for good management practices.
Federal agencies across the board are beefing up their cybersecurity, especially agencies like the FBI that deal with sensitive and highly classified intelligence information. But the federal government doesn’t have enough manpower to do this all themselves, and it’s likely there will be more deals to use managed security services in the future.
Read more…
While cyberthreats from external sources are still the dominant vector, criminals have begun shifting tactics and more often are partnering with rogue insiders, according to a report released Wednesday from Verizon Business and the U.S. Secret Service.
As a result, data thieves, mostly going after credit card numbers, are becoming less reliant on software vulnerabilities as an attack vector.
The “2010 Data Breach Investigations Report,” which takes into account more than 900 breaches and 900 million compromised records probed by Verizon and the Secret Service last year, found that 69 percent of data-loss incidents were linked to outsiders, while 49 percent were caused by insiders.
But the percentage of breaches attributed to outsiders has dropped nine percent since last year’s study, while breaches caused by threats originating from within an organization more than doubled.
Successful cybercriminal prosecutions, such as the 20-year sentence handed down to TJX and Heartland hacker Albert Gonzalez, have signaled to cybercriminals that they need to shift their tactics to better evade law enforcement, Bryan Sartin, director of investigative response at Verizon Business, told SCMagazineUS.com.
Read more…
Business needs to be more proactive in its approach to security in the face of increased insider threats and customised malware, says Verizon Business.
Both types of attack have increased in the past year, according to the 2010 Verizon Data Breach Investigations report in partnership with the US Secret Service.
This is the first time private and commercial data has been combined in a data breach report, said Matthijs Van der Wel, head of the EMEA forensics team at Verizon Business.
The data from the financial crime investigations from the Secret Service has enabled a broader and deeper perspective on cybercrime, he said.
“Most breaches are caused by external sources, but we now see a lot more cases that involve insiders combined with social engineering that we did not see in our previous data set,” said Van der Wel.
The data also highlights an increased use of customised malware in smaller attacks to avoid detection by anti-virus and intrusion detection software, he said.
“Detection is extremely difficult, especially when mixed with stolen credentials, which enable attackers to mimic legitimate traffic,” said Van der Wel.
The report recommends a more proactive approach to security in which businesses actively monitor log files for anomalies.
A sudden increase in the size and volume log files is usually a good indication of malicious activity, according to Van der Wel.
Read more…
The Perfect Citizen project is purely a research-and-engineering effort, not an attempt to monitor companies against cyberattack, the National Security Agency said Thursday.
The NSA issued a brief explanation of the new project in response to a Wall Street Journal story that described Perfect Citizen as a government system designed to monitor vital agencies and private utilities against potential cyberthreats. The project would establish a series of sensors installed throughout various computer networks that would raise an alarm in case of a pending cyberattack, according to the Journal.
But in an e-mail statement attributed to NSA spokeswoman Judith Emmel, the agency denied that Perfect Citizen would involve any type of monitoring activity or sensors, and labeled it as “purely a vulnerabilities assessment and capabilities development contract.” She added that “it does not involve the monitoring of communications or the placement of sensors on utility company systems.”
Although the agency called the Journal’s story an “inaccurate portrayal of the work performed at the National Security Agency,” it said that due to the highly sensitive nature of its work, it could not confirm or deny specific allegations addressed in the article. As a result, the NSA shared few details on the project.
Specifically referring to it as a contract, the NSA said Perfect Citizen “provides a set of technical solutions that help the agency better understand the threats to national-security networks, which is a critical part of NSA’s mission of defending the nation.” The Journal had pinpointed Raytheon as the recipient of the initial phase of the contract in a deal worth up to $100 million, though neither the NSA nor Raytheon would confirm that report, according to Reuters.
Read more…
