Get on-the-go access to the latest insights featured on our Trustworthy Computing blogs.
In August we started posting the Weekly Roundup to share trending security news from many viewpoints. Week by week the flow of news provides insights into the ever growing challenges faced in the global efforts to secure cyberspace, as well as the progress made and security guidance as well as new and emerging security issues. As 2011 gives way to 2012, here’s a look back at the security news stories that caught our eye. Wishing you a Happy New Year!
Probably the most widely discussed and interesting story in security news this week was the follow-on activity from McAfee’s disclosures last week of “Operation Shady Rat.” As we noted previously, Vanity Fair called it an “unprecedented cyber-espionage campaign and intellectual property bonanza,” while others say the hacking claims are overblown. Analysis continued this week with other security vendors weighing in and everything from a denial of involvement by China to claims that Shady Rat could benefit investors. Other lingering news from the previous week’s Black Hat included coverage of the analysis by iSec Partners on Apple Mac OSX (Lion), “… not recommended for corporate use unless it's in islands within larger networks, the OSX operating system has made strides.”
DigiNotar continued to reverberate through the industry this week. Companies scrambled to block and eliminate potentially compromised certificates. Meanwhile security experts took time to ponder what the event meant for security going forward. This led to headlines that included: Are Digital Certificates Doomed? and Cracked digital certificates endanger 'web of trust'. Against this backdrop, and other security breach stories that have been with us this year, law makers in Washington, D.C. held hearings that inspired headlines including: Senate Considers Using Mob Law To Go After Cybercriminals and Treat Hackers As Organized Criminals, Says Government. These suggestions resonate with the Threat Post article Cybercrime Profits Approaching Those Of The Drug Trade?
Governments around the world highlight the need for stronger cybersecurity as the Washington Post reports: Janet Napolitano: Hackers have ‘come close’ to major cyberattack. The New York Times carried the story Virus Infects Computers in Japan’s Parliament. The consequences of such government breaches were underscored by an InformationWeek story reporting that Hackers Likely Have Japanese Warplane, Nuclear Data. Meanwhile, Threat Post reported Biggest Hack in Swedish History Affects Politicians, Journalists Among Others. In other news, Windows XP turns 10, enjoys its golden years and slow transition into retirement.
Another win for the good guys this week as a multi-year, international operation dubbed “Operation Ghost Click” resulted with the result of cyber criminals in their native Estonia. The investigation, led by the FBI, is credited with taking down an international click fraud scheme that included infecting with malware more than four million computers in over 100 countries, including about 500,000 in the United States. Brian Krebs titled his coverage ‘Biggest Cybercriminal Takedown in History’. Dark Reading wrote about how the operation represented a successful private-public effort in its story Teaming Up To Take Down Threats, while Government Computer News coverage looked at the need for a faster roll out of the protocol to authenticate DNS queries, with its FBI busts clickjacking ring, but could the crime have been prevented? Bank Info Security wonders Will Cybercrime Arrests Be a Deterrent?
The big news this week centered on how Iran managed to electronically intercept a U.S. spy drone (analysts suggest use of GPS spoofing), and cause it to land safely within the country. The Christian Science Monitor, in its article Exclusive: Iran hijacked US drone, says Iranian engineer,quoted an Iranian engineer who said the country’s electronic warfare specialists were able to cut off communications links of the American bat-wing RQ-170 Sentinel and cause it to land safely in Iran. Bloomberg Businessweek wrote of gauging the significance of the event with its Iran Shows Downed Spy Drone as U.S. Assesses Technology Loss, while Computerworld tried to gauge the degree to which control was gained with its article Analysts wary of Iran's spy drone hacking claims. Meanwhile InformationWeek made a connection between the drone and another GPS-related story, pointing readers from its drone coverage to its Lightsquared Disrupts Airplane Navigation GPS, Feds Say. Bruce Schneier’s blog provides More on the Captured U.S. Drone, pointing to extensive coverage in the Aviationist and other publications.