Cybercriminals exploiting popular interest in trending topics on search engines have recently caught on to stories about President Obama's Nobel Peace Prize and Google Wave for distributing malware.
Web security researchers at Websense reported that cybercriminals are poisoning Google search results for Google Wave with search engine optimization (SEO) tactics - or black hat SEO - to lure searchers to their websites laden with malware.
Trend Micro reported on its Counter Measures blog that scammers are offering to sell Google invites to the beta-testing phase of Google Wave, a service that combines instant messaging with email for live communications.
Obama's receipt of the Nobel Peace Prize and the subsequent debate about its merits have also triggered a spam campaign that asks users to visit a website to download a phony report on the issue which contains malware, McAfee reported on its security blog.
Cybercriminals have recently used similar tactics to spread viruses and malware with websites and spam related to news stories such as celebrity deaths like Michael Jackson and Patrick Swayze and earthquakes and tsunamis in Asia.
Tag Archives: Obama
Former U.S. cybersecurity director Hathaway lands at Harvard
Filed under Security News
Tagged as cybersecurity, Harvard, Hathaway, National Security Council, Obama, rsigned, White House
Tagged as cybersecurity, Harvard, Hathaway, National Security Council, Obama, rsigned, White House
Melissa Hathaway, who resigned in August as acting senior director for cyberspace at the National Security Council, has joined the Harvard Kennedy School's Belfer Center for Science and International Affairs as a senior advisor to its cybersecurity initiative.
Hathaway served under President George W. Bush and led the 60-day cybersecurity review under President Obama that recommended the appointment of a White House cybersecurity official - a cyber czar - to replace her.
Obama has still not appointed a top White House cybersecurity official - reportedly, several people including former Virginia Senator Tom Davis have turned the administration's job offers down.
Harvard said its Belfer Center's Project Minerva, which Hathaway will join, is a joint effort between the Department of Defense, Massachusetts Institute of Technology and Harvard.
"I believe the United States must take a broader and more active leadership position abroad to drive the future security of this global infrastructure and help galvanize the establishment of norms of behavior in cyberspace," Hathaway said.
As director of the Joint Interagency Cyber Task Force within the Office of the Director of National Intelligence from March 2007 to February 2009 under Presidents Bush and Obama, Hathaway led efforts at developing a cybersecurity strategy on an "unprecedented scope and scale," Harvard said.
Hathaway served under President George W. Bush and led the 60-day cybersecurity review under President Obama that recommended the appointment of a White House cybersecurity official - a cyber czar - to replace her.
Obama has still not appointed a top White House cybersecurity official - reportedly, several people including former Virginia Senator Tom Davis have turned the administration's job offers down.
Harvard said its Belfer Center's Project Minerva, which Hathaway will join, is a joint effort between the Department of Defense, Massachusetts Institute of Technology and Harvard.
"I believe the United States must take a broader and more active leadership position abroad to drive the future security of this global infrastructure and help galvanize the establishment of norms of behavior in cyberspace," Hathaway said.
As director of the Joint Interagency Cyber Task Force within the Office of the Director of National Intelligence from March 2007 to February 2009 under Presidents Bush and Obama, Hathaway led efforts at developing a cybersecurity strategy on an "unprecedented scope and scale," Harvard said.
Spam offers Obama opponents chance to DDoS White House
A spam email detected by email security firm Proofpoint attempts to exploit anti-Obama sentiment by offering recipients a chance to launch distributed denial-of-service (DDoS) cyberattacks on the White House - if they just download malware onto their PC.
The email subject heading says "Here You can buy DDoS" and in the body says "If You dont like Obama come here, you can help to ddos his site with your installs [sic]."
A link in the body takes users to a website that offers to pay visitors to install malware on their machines and advises them to return to the website for updated versions of the malware if it is detected by anti-virus software on their PC.
As the security experts at Proofpoint noted, voluntarily downloading malware onto your computer is a very bad idea.
But this spam points to how well the spammers and cybercriminals track popular trends to better target victims with their scams and malicious payloads.
In the wake of the inauguration of the new president, when his popularity was sky high, spammers tried to exploit pro-Obama sentiment. Now that his popularity is waning, the spammers shift gears to exploit the surge in opposition to his policies.
The email subject heading says "Here You can buy DDoS" and in the body says "If You dont like Obama come here, you can help to ddos his site with your installs [sic]."
A link in the body takes users to a website that offers to pay visitors to install malware on their machines and advises them to return to the website for updated versions of the malware if it is detected by anti-virus software on their PC.
As the security experts at Proofpoint noted, voluntarily downloading malware onto your computer is a very bad idea.
But this spam points to how well the spammers and cybercriminals track popular trends to better target victims with their scams and malicious payloads.
In the wake of the inauguration of the new president, when his popularity was sky high, spammers tried to exploit pro-Obama sentiment. Now that his popularity is waning, the spammers shift gears to exploit the surge in opposition to his policies.
U.S. cybersecurity effort understaffed, is cyber czar appointment imminent?
Federal cybersecurity initiatives are hampered by a shortage of skilled IT personnel, as well as a lack of leadership, planning and coordination among agencies, according to a new report. Meanwhile, several reports indicate President Obama may be ready to name a "cyber czar" in the near-term.
Despite a high-level cybersecurity review ordered by the Obama administration within its first 100 days, Obama has yet to find a point person to lead the effort.
Forbes.com cited unnamed cybersecurity insiders as saying that the administration has offered the cyber czar job to at least three people who have turned it down. Former Virginia Senator Tom Davis, now a consultant for Deloitte, announced last month that he wouldn't take the cyber czar job, according to Forbes.
The staffing problem extends throughout the government, as highly-skilled IT professionals are snapped up by private companies, according to the nonprofit Partnership for Public Service (PPS) and Booz Allen Hamilton.
Max Stier, president and CEO of PPS, said that a lack of cybersecurity talent is a major problem for the government, in calling for "a vibrant, highly trained and dedicated federal cybersecurity workforce."
Fragmentation and uncoordinated leadership and an insufficient pipeline of skilled network security professionals, the PPS report says, has hamstrung U.S. efforts to defend against cyberattacks.
Despite a high-level cybersecurity review ordered by the Obama administration within its first 100 days, Obama has yet to find a point person to lead the effort.
Forbes.com cited unnamed cybersecurity insiders as saying that the administration has offered the cyber czar job to at least three people who have turned it down. Former Virginia Senator Tom Davis, now a consultant for Deloitte, announced last month that he wouldn't take the cyber czar job, according to Forbes.
The staffing problem extends throughout the government, as highly-skilled IT professionals are snapped up by private companies, according to the nonprofit Partnership for Public Service (PPS) and Booz Allen Hamilton.
Max Stier, president and CEO of PPS, said that a lack of cybersecurity talent is a major problem for the government, in calling for "a vibrant, highly trained and dedicated federal cybersecurity workforce."
Fragmentation and uncoordinated leadership and an insufficient pipeline of skilled network security professionals, the PPS report says, has hamstrung U.S. efforts to defend against cyberattacks.
Iranian hackers hijack University of Oregon network
Filed under Security News
Tagged as Cyber Secure Institute, hackers, hijack, Iran, iranian, network, Obama, Rob Housman, University of Oregon
Tagged as Cyber Secure Institute, hackers, hijack, Iran, iranian, network, Obama, Rob Housman, University of Oregon
Hackers sympathetic to Iran's ruling regime hijacked the University of Oregon website on Wednesday to redirect visitors to a site that said the regime "never cheated" in the disputed June 12 election.
The Associated Press reported that visitors to the university's web system during a 90-minute window Wednesday were taken to an 89-word pro-Iranian message that warned President Obama to stay out of Iranian affairs.
The hackers used the university's network to send the message to AP and others. The message addressed the president as "Hey Stupid Fly Catcher Obama!"
Diane Saunders, spokeswoman for the university, told AP that the hackers were able to gain control of the site through third-party software that had not been updated. Saunders said the computers of visitors to the site were not compromised.
Rob Housman, executive director of the Cyber Secure Institute, a research and advocacy firm, said the hack highlighted how the United States is engaged in a "low-level conflict" across cyberspace.
Housman said it reveals the extent to which U.S. network security is inadequate.
"[C]onsider the damage possible if the attackers weren't less sophisticated Iranian protestors but the Chinese military's cyber-special-forces or the legions of Russian cyber-irregulars," he said.
The Associated Press reported that visitors to the university's web system during a 90-minute window Wednesday were taken to an 89-word pro-Iranian message that warned President Obama to stay out of Iranian affairs.
The hackers used the university's network to send the message to AP and others. The message addressed the president as "Hey Stupid Fly Catcher Obama!"
Diane Saunders, spokeswoman for the university, told AP that the hackers were able to gain control of the site through third-party software that had not been updated. Saunders said the computers of visitors to the site were not compromised.
Rob Housman, executive director of the Cyber Secure Institute, a research and advocacy firm, said the hack highlighted how the United States is engaged in a "low-level conflict" across cyberspace.
Housman said it reveals the extent to which U.S. network security is inadequate.
"[C]onsider the damage possible if the attackers weren't less sophisticated Iranian protestors but the Chinese military's cyber-special-forces or the legions of Russian cyber-irregulars," he said.
DHS names Philip Reitinger cybersecurity center director
Filed under Security News
Tagged as cybersecurity center director, cybersecurity coordinator, Department of Homeland Security, deputy, DHS's National Protection and Programs Directorate, director, Janet Napolitano, last director, Microsoft, National Cybersecurity Center, National Security Agency, Obama, Philip Reitinger, President, Rod Beckstrom, secretary, White House
Tagged as cybersecurity center director, cybersecurity coordinator, Department of Homeland Security, deputy, DHS's National Protection and Programs Directorate, director, Janet Napolitano, last director, Microsoft, National Cybersecurity Center, National Security Agency, Obama, Philip Reitinger, President, Rod Beckstrom, secretary, White House
U.S. Department of Homeland Security (DHS) secretary Janet Napolitano announced on Monday that Philip Reitinger will take over as the new director of the National Cybersecurity Center (NCSC). The NCSC's last director resigned abruptly earlier this year due to concerns about military control of cybersecurity.
Napolitano said Reitinger, who is currently the deputy under secretary for DHS's National Protection and Programs Directorate and formerly worked on IT security for Microsoft, will hold both positions simultaneously - "to provide broader strategic direction."
The announcement came just days after President Obama unveiled his administration's cybersecurity policy review. Obama has yet to name the new cybersecurity coordinator, a high-level position that will be located inside the White House.
"This is a crucial time to strengthen the core of our cybersecurity leadership team," Napolitano said in the announcement. "Centralizing our cybersecurity efforts under Phil's leadership will help create a unified DHS as we continue to adapt to an ever-changing array of threats."
The previous NCSC director, Rod Beckstrom, stirred up controversy when he suggested in his resignation letter that the National Security Agency had dominated civilian agencies in the area of cybersecurity.
Napolitano said Reitinger, who is currently the deputy under secretary for DHS's National Protection and Programs Directorate and formerly worked on IT security for Microsoft, will hold both positions simultaneously - "to provide broader strategic direction."
The announcement came just days after President Obama unveiled his administration's cybersecurity policy review. Obama has yet to name the new cybersecurity coordinator, a high-level position that will be located inside the White House.
"This is a crucial time to strengthen the core of our cybersecurity leadership team," Napolitano said in the announcement. "Centralizing our cybersecurity efforts under Phil's leadership will help create a unified DHS as we continue to adapt to an ever-changing array of threats."
The previous NCSC director, Rod Beckstrom, stirred up controversy when he suggested in his resignation letter that the National Security Agency had dominated civilian agencies in the area of cybersecurity.
Defense companies ramp up IT security recruiting
Filed under Security News
Tagged as China, cybersecurity coordinator, department manager, Falls Church, federal government, General Dynamics, Lockheed Martin, manager for the company, Northrop Grumman, Obama, Pentagon, President, Raytheon, recruitment site, Russia, The New York Times, the Times, Virginia, web-based attacks
Tagged as China, cybersecurity coordinator, department manager, Falls Church, federal government, General Dynamics, Lockheed Martin, manager for the company, Northrop Grumman, Obama, Pentagon, President, Raytheon, recruitment site, Russia, The New York Times, the Times, Virginia, web-based attacks
Defense companies have been accelerating recruitment of IT security experts in order to gain lucrative Pentagon contracts as the federal government attempts to tighten the security of strategic networks.
The New York Times, which has previously reported that the Pentagon is considering implementing a cybercommand to coordinate cyberwarfare and network defense, reported Sunday that the Pentagon now employs thousands of "hacker soliders."
Large military contractors including Northrop Grumman, General Dynamics, Lockheed Martin and Raytheon have major contracts with the military and intelligence agencies, the Times reported.
In light of President Obama's announced plans to name a cybersecurity coordinator to oversee the nation's defense against web-based attacks and new efforts to combat hackers from foreign powers including Russia and China, defense companies are vying for top talent in the field.
"[The companies] have been buying smaller firms, financing academic research and running advertisements for 'cyberninjas' at a time when other industries are shedding workers," the Times reported.
Raytheon, for example, has posted an ad at the IT recruitment site Dice.com seeking a department manager for the company's Falls Church, Virginia-based Cyber Security Engineering organization.
The New York Times, which has previously reported that the Pentagon is considering implementing a cybercommand to coordinate cyberwarfare and network defense, reported Sunday that the Pentagon now employs thousands of "hacker soliders."
Large military contractors including Northrop Grumman, General Dynamics, Lockheed Martin and Raytheon have major contracts with the military and intelligence agencies, the Times reported.
In light of President Obama's announced plans to name a cybersecurity coordinator to oversee the nation's defense against web-based attacks and new efforts to combat hackers from foreign powers including Russia and China, defense companies are vying for top talent in the field.
"[The companies] have been buying smaller firms, financing academic research and running advertisements for 'cyberninjas' at a time when other industries are shedding workers," the Times reported.
Raytheon, for example, has posted an ad at the IT recruitment site Dice.com seeking a department manager for the company's Falls Church, Virginia-based Cyber Security Engineering organization.
Obama lays out cybersecurity proposals
Filed under Security News
Tagged as cybersecurity coordinator, internet privacy, military systems, National Economic Council, National Security Council, Obama, President, technology research, terrorist networks
Tagged as cybersecurity coordinator, internet privacy, military systems, National Economic Council, National Security Council, Obama, President, technology research, terrorist networks
President Obama today proposed expanding coordination of cybersecurity efforts between government and the private sector in developing a strategic response to threats to the nation's computer networks that control critical infrastructure, financial markets and military systems.
In discussing the threats from cybercriminals, terrorist networks and state actors, the president mentioned how hackers have infiltrated military computers and even the website of his presidential campaign.
"For all these reasons, it's now clear this cyber threat is one of the most serious economic and national security challenges we face as a nation," Obama said.
The president did not reveal who he will appoint to fill the new post of a "cybersecurity coordinator," a position that will report to both the National Security Council and the National Economic Council.
But the role of the office of cybersecurity will be orchestrating and integrating all cybersecurity policies for the government and, "in the event of major cyber incident or attack, coordinating our response," Obama said.
Obama said the government will "not dictate security standards for private companies," but seek to collaborate with the IT industry on technology research and development.
He also pledged that he remains committed to internet privacy, civil liberties and net neutrality.
In discussing the threats from cybercriminals, terrorist networks and state actors, the president mentioned how hackers have infiltrated military computers and even the website of his presidential campaign.
"For all these reasons, it's now clear this cyber threat is one of the most serious economic and national security challenges we face as a nation," Obama said.
The president did not reveal who he will appoint to fill the new post of a "cybersecurity coordinator," a position that will report to both the National Security Council and the National Economic Council.
But the role of the office of cybersecurity will be orchestrating and integrating all cybersecurity policies for the government and, "in the event of major cyber incident or attack, coordinating our response," Obama said.
Obama said the government will "not dictate security standards for private companies," but seek to collaborate with the IT industry on technology research and development.
He also pledged that he remains committed to internet privacy, civil liberties and net neutrality.