[ISN] IG: DHS Does Not Track Security Training of System Administrator Contractors

http://www.nextgov.com/cybersecurity/2013/06/ig-dhs-does-not-track-security-training-system-administrator-contractors/64976/ By Aliya Sternstein Nextgov June 17, 2013 The Homeland Security Department does not keep tabs on whether contractors that monitor vulnerabilities on federal networks have undergone training, according to a new inspector general audit. These private sector system administrators support CyberScope, a central reservoir for incoming streams of data summarizing every federal agency’s computer security posture. The composite view of threat-levels is intended to help Homeland Security leaders manage cyber risks governmentwide. The account of an inadequate security training program for system administrator contractors at DHS follows the alleged breach of top secret files by a system administrator contractor at the National Security Agency. Homeland Security does not maintain records on who has taken security awareness and specialized information technology training; nor does the department ensure that all training requirements have been completed, according to auditors. “CyberScope contractors may not have received the appropriate skills or knowledge to properly administer and secure the systems against potential cyber threats,” Frank Deffer, assistant inspector general for the office of IT audits, wrote in the report. […] _______________________________________________ ISN mailing list ISN@lists.infosecnews.org http://lists.infosecnews.org/mailman/listinfo/isn_lists.infosecnews.org




Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Coming to Wall Street This Month: Quantum Dawn 2 — Cyberwar!

http://allthingsd.com/20130617/coming-to-wall-street-this-month-quantum-dawn-2-cyberwar/ By Arik Hesseldahl All Things D June 17, 2013 If anything seems a little off on Wall Street later this month, you can blame the cyberwar. Or rather the simulated cyber attack exercise dubbed Quantum Dawn 2. As reported by Lauren Tara LaCapra at Reuters, it’s an exercise that will run through most of the business day on June 28, simulating a significant cyber attack against several Wall Street banks. Organized by the Securities Industry and Financial Markets Association, it will involve numerous banks, including Citigroup and Bank of America, the U.S. departments of Treasury and Homeland Security, the Federal Reserve and the Securities and Exchange Commission. At least three executives from each participating organization will take part. It will start off at first with some seemingly random bursts of confusing information, followed by a pause that will give execs a chance to make decisions. Later on, it will accelerate, and conditions will appear to get a lot worse. […] _______________________________________________ ISN mailing list ISN@lists.infosecnews.org http://lists.infosecnews.org/mailman/listinfo/isn_lists.infosecnews.org


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Cyberespionage Operators Work In Groups, Process Enormous Data Workloads

http://www.darkreading.com/advanced-threats/cyberespionage-operators-work-in-groups/240156664 By Robert Lemos Dark Reading June 13, 2013 In a study of the life cycle of cyberespionage attacks, a group of researchers at a Taiwanese security startup have found that the nation’s major government agencies encounter a dozen such attacks each day and that the operators behind the attacks have virtual data centers that appear to be processing enormous workloads. The research, which will be presented at the Black Hat Briefings later this summer, focuses on a part of the espionage life cycle that most incident responders do not see: the attackers sifting through their data caches and processing the stolen information in virtual “APT [advanced persistent threat] operation centers,” says Benson Wu, co-founder and lead security researcher at Taiwan-based Xecure Lab and one of the presenters. “[We] will show that there are lots of people in these APT operation centers,” Wu says. “We can’t see [the] data that is being stolen, but there are a lot of operators. The workloads are so high that there must be tons of victims.” Wu — along with researchers at Academia Sinica/Taiwan, a top research university — describes the life cycle of cyberespionage attacks in five steps: the enemy creates their tools and infrastructure; they then get by their victim’s defenses; they search for and exfiltrate data using their command-and-control servers; they use a back-end console to gain access to the data; and they process the stolen information in an APT operations center. Their research focuses on the last two steps, he says. […] _______________________________________________ ISN mailing list ISN@lists.infosecnews.org http://lists.infosecnews.org/mailman/listinfo/isn_lists.infosecnews.org


Facebooktwittergoogle_plusredditpinterestlinkedinmail