16 Feb 11. Developers of “toxic malware” intended for specific targets must be careful not to lose control of the software, the Pentagon’s No. 2 official warned Feb. 15 at an information security conference in San Francisco. The comments by U.S. Deputy Defense Secretary William Lynn were widely interpreted as a message to the developers of the Stuxnet computer worm that reportedly damaged Iran’s nuclear-fuel centrifuges last year. The software reportedly made the centrifuges spin out of control while presenting false information to controllers monitoring computer displays. Though targeted at Iran, Stuxnet has now been discovered in more than 100 computer systems worldwide, including some in the U.S., although without reports of damage, experts said. The identity of the Stuxnet developers remains unconfirmed, but a January article in the New York Times linked the worm to a reported joint Israeli-U.S. effort to undermine Iran’s alleged nuclear weapon development program.
“A destructive tool could inadvertently escape its creator and be let loose in the wild,” Lynn told the audience at the RSA information technology conference. “We have to take the accidental release scenario very seriously, to prevent something as trivial as a thumb drive stuck in the wrong computer from having a calamitous effect on the global economy.”
Independent cyber expert Scott Borg, who also spoke at RSA, said he was surprised that the developers of the Stuxnet worm did not design it to erase itself after five or six iterations. During his talk, Lynn also provided a more detailed description of the 2008 thumb-drive malware attack against U.S. Central Command. Lynn said a foreign intelligence agency was able to “penetrate our most classified computer networks” – an apparent reference to the Joint Worldwide Intelligence Communications System – “something we thought until that point wasn’t possible.” He described the attack as “our worst fear: A rogue program operating silently on our system, poised to deliver operational plans into the hands of an enemy.” But the 2008 attack, and others that have “exfiltrated military plans and weapon systems designs,” could be nothing compared to what is in store, Lynn said “It is possible to imagine attacks on military networks, or critical infrastructure like our transportation system and energy sector, that could cause severe economic damage, physical destruction or even loss of life,” he said. He said the threats are climbing a ladder, with exploitation at the bottom and “destruction” at the top. (Source: Defense News)
23 Feb 11. Cassidian, Emiraje and Khalifa University of Science, Technology and Research have completed the first phase of establishing a Cyber Operations Centre of Excellence agreed under a Memorandum of
Understanding (MoU) that was signed in May 2010. The Centre of Excellence is intended to help increase the intellectual capital in cyber technology areas within Khalifa University in particular and in the United Arab Emirates (UAE) more generally. The Centre of Excellence will provide research and demonstration capabilities for cyber activities and developments. It will particularly focus on Cryptology, Forensics and Industrial Control Systems (ICS) security. The collaboration programme specified within the MoU also includes various activities such as an agreed collaborative research programme, summer internship opportunities for Khalifa University students in various Cassidian facilities, a programme of lectures on the topic of cyber security by visiting specialists in the field and the sponsorship of appropriate postgraduate studies.
16 Feb 11. In 2011, it is estimated that cybercrime will cost the British economy a total of £1.9bn, which equates to £103 for every person affected1. Today, Internet security specialist Norton launched its powerful new Cybercrime Index in London to help combat this issue, by tracking and warning computer users about daily cybercrime risks around the world. T