Monday, 17 June 2013

Staff negligence pose threat to data security

Corporate policies to protect sensitive and confidential data are frequently violated when employees use personal devices such as laptops, tablets and smartphones at work.
Most often, it is through these devices that confidential information leaves the company without authorisation. Removable media may also introduce malicious software which, after it penetrates into the corporate network, can eventually lead to data leakage or more damaging consequences.
According to a survey conducted by research firm IDC, employee negligence poses a serious threat to the security of corporate confidential data.
As the ‘Bring Your Own Device’ (BYOD) concept gains momentum regionally and globally, the region faces bigger insider threats than from hackers outside.
The prevalent use of smartphones and ‘BYOD’ are the biggest trends driving the network security market in the region.
New technologies
According to Bala Venkatramani, marketing manager of IT security solutions at ManageEngine, newer threats keep cropping up as new technologies evolve. Today’s enterprises are facing unprecedented security threats as organisations embrace new technologies.
He said that sacked employees and unhappy staff have been involved in several security breaches.
“It is essential that all employees, irrespective of their status in a company, understand how their misguided actions [innocent or unintended] can impact their organisation,” said Kevin Bailey, research director, EMEA Software Security Products and Services Policies at IDC, in a statement. “Policies that control access, movement and communication of data in a secure manner will be needed by organisations.”
The study said that about 36 per cent of companies expressed serious concern about the growing number of mobile clients. Preventing leaks of confidential data is one of the top concerns of 41 per cent of the companies surveyed.
“Organisations need to control access of employees to its IT resources as insider threats loom large,” said Bashar Bashaireh, regional director at Fortinet.
According to a survey conducted by Fortinet, more than 65 per cent of companies in the UAE allowed staff some form of access to personal devices last year.
With the adoption of ‘BYOD’, organisations need to “have security policies and control access to resources in place and review them regularly”.

Second Cyber- Security-Day June 19 2013

Second Cyber-Security-Day
19 June 2013, Darmstadt
"Cyber security in mobile communication" - according to this slogan the Alliance for cyber security organizes the second Cyber-Security-Day. Sirrix-Ceo Alkassar will give a speech about new concepts for mobile security.
Smartphones are being used more and more frequently in companies and public authorities. This holds high risks for corporate networks respectively networks of public authorities and critical data from organizations.
The number of attacks on mobile devices by viruses, Trojans and any other malware is increased enormously. These risks in combination with the users needs to use their smartphones preferably undiscerning create general problems for organizations.
Referring to this actuality, the second Cyber-Security-Day focuses on mobile security.
You can have a look at the program here.
The Alliance for cyber-security is an initiative of the Federal Office for Security in Information Technology (BSI). The BSI was founded in cooperation with the Federal Association for Information Industry, Telecommunication and New Media e. V. (BITKOM).
By establishing an extensive knowledge base for participants and by supporting the exchange of experiences and information, the Alliance aims to make prevailing and valid information available nationwide.

Click here to be forwarded to the online application form for the second Cyber-Security-Day!
Save the Date: 19 June 2013                                                                 
Frauenhofer - Institut für Sichere Informationstechnologie                             Rheinstraße 75 | 64295 Darmstadt

Malware attacks demonstrate security vulnerabilities

Malware has become a rising concern, and as recent cyberattacks have highlighted, many organizations have inadequate security solutions in place for thwarting these infections from compromising data protection.
The University of Massachusetts recently had to tell almost 1,700 clients of its Center for Language, Speech and Hearing that confidential data, including addresses, names of health insurers and doctors, and Social Security Numbers, may have been accessed when a computer workstation was infected with malware. Dan Gerber, associate Dean of the School of Public Health and Health Sciences, recommended that clients monitor any abnormal access or activity relating to their health insurance information to minimize the risk of misuse.
A Phoenix Distribution report for ITWeb revealed that malware is continually evolving, being rewritten and re-released in infinite unique ways, which makes detection challenging. The source noted that sophisticated phishing attacks and other scams have worsened these threats, which will only continue due to the proliferation of new channels, such as social networks and mobile technologies. According to the news provider, Kaspersky and Symantec have determined that the volume of advanced malware that evades signature-based detection increased by nearly 400 percent in 2012. Simon Campbell-Young, CEO of Phoenix Distribution, stressed concerns regarding BYOD and mobile devices.
"Cyber criminals are changing their tactics to target fast-growing mobile platforms and social networks where consumers are less aware of security risks," he stated, ITWeb reported. "The integrity of mobile apps can be easily compromised through new tampering/reverse-engineering attack vectors, so mobile device owners must be increasingly aware of these vulnerabilities."
Campbell-Young also emphasized that beyond awareness of these issues, anti-virus and anti-spam tools are the most important factors for reducing the opportunity for an infection. By leveraging zero-day technologies, enterprises can better prepare for continually emerging new strains of malware and safeguard critical information.

Few things you need to know about Malware

How They Attack

Malware Malware is a category of malicious code that includes viruses, worms, and Trojan horses. Destructive malware will utilize popular communication tools to spread, including worms sent through email and instant messages, Trojan horses dropped from web sites, and virus-infected files downloaded from peer-to-peer connections. Malware will also seek to exploit existing vulnerabilities on systems making their entry quiet and easy.

How Do You Know

  • Malware works to remain unnoticed, either by actively hiding or by simply not making its presence on a system known to the user

What To Do

  • Only open email or IM attachments that come from a trusted source and that are expected
  • Have email attachments scanned by Norton Internet Security prior to opening
  • Delete all unwanted messages without opening
  • Do not click on Web links sent by someone you do not know
  • If a person on your Buddy list is sending strange messages, files, or web site links, terminate your IM session
  • Scan all files with an Internet Security solution before transferring them to your system
  • Only transfer files from a well known source
  • Use Norton Internet Security to block all unsolicited outbound communication
  • Keep security patches up to date

The laws of cyberwar --- setting rules for a battlefield no one can see

Michael Schmitt of the United States Naval War College. 
Amid the flurry of national security documents leaked in the last weeks was one that got less attention than the PRISM surveillance program, but also opened a window on a secretive new realm: Presidential Policy Directive 20, issued last October, which instructed national security and intelligence officials to develop America’s capacity to wage cyberwarfare.
Cyberwarfare is emerging as the latest uncertain frontier of international relations, a way for developed nations to attack one another without appearing to do anything at all. The issue lay at the center of President Obama’s recent meeting in California with China’s leader, Xi Jinping: Obama confronted Xi about cyberattacks on government and corporate websites apparently hacked by a secret directorate of the Chinese military, People’s Liberation Army Unit 61398. The United States, of course, has its own alleged history of cyberattacks: It is believed to have helped launch the Stuxnet computer worm against Iran’s nuclear program several years ago.
Are these attacks permissible? How should nations respond? The first efforts to answer those questions are now coming to fruition. A group of 20 independent experts on international law has just completed a manual that attempts to lay out how the established rules of war might apply to cyberspace. The Tallinn Manual on the International Law Applicable to Cyber Warfare, published in March, is the result of an unofficial three-year-long project hosted by NATO in Estonia, intended to start the debate about how nations should conduct themselves on a field of battle that would have been unimaginable just a few decades ago.
Michael Schmitt, chairman of the international law department at the United States Naval War College, led the project. He spoke to Ideas from Germany, where he is on a lecture tour introducing the manual to academic audiences.
IDEAS: It seems almost impossible to match traditional rules of war to this new virtual world. How do you begin?
SCHMITT: First you have to look closely at what is known as “use of force.” That’s a legal term that comes from the UN charter, which tells us in article 2 that uses of force by one state against another are forbidden unless they are pursuant to a Security Council resolution or an act of self-defense on the part of the state. The question then is, in cyberspace, when do you have a use of force, and when can you defend yourself? The group of experts that put together the manual said that it is almost certainly a use of force if there was physical damage to objects or if there was injury to individuals. And that can definitely be the result of cyberwarfare—as conducted by a state, or groups of hackers that are armed and trained by a state to engage in this type of activity.
IDEAS: We don’t normally think of cyberwarfare as causing physical damage.
SCHMITT: A cyberattack could be huge. You could literally shut a small country down. The classic example is you interfere with the traffic control system of a country, which could of course cause death. You could interfere with navigational systems such that everyone is 100 feet off, so that when airplanes try to land they actually land not on the runway but next to it. You could hack into a nuclear reactor and cause a meltdown. Open the gates of a dam to release flood waters downstream. Interfere with medical data such that individuals are given the wrong blood type. There are many examples of truly catastrophic harm that could be caused to people and places.
IDEAS: In putting together the manual, you must have come across some contentious issues. What triggered the most debate?
SCHMITT: We really struggled with identifying a bright line, a threshold, across which you can say, “That’s a use of force.” What actions below the level of damage or injury would also qualify? We thought that training hacktivists counted, but what about financing a cyberactivist group? We thought that that didn’t make the cut. It’s gray and it remains gray and we acknowledged that in the text.
Another big question is related but different. Someone is conducting operations against you. When can you use force, either cyberforce or regular force to respond, like hacking back in a way that will cause damage to them, or firing a cruise missile into the location where the cyberattack is coming from? In current international law, before you can do that you have to be the victim of an armed attack. All the experts agreed that if the cyberattack caused significant injury or damage, then a state could respond. The big question we had was, what if you had an operation that was really devastating—something directed at the New York Stock Exchange that bottoms our economy out and causes massive loss of assets—but it doesn’t cause any physical damage or injury whatsoever?
And this is where the group split. Some of the group said—and I’m one of these—that I anticipate that the law will move in the direction of not looking so much at the nature of the harm but rather the severity of the consequences. But the law hasn’t done that yet....Others said, no, no, if we interpret that law in the cyber context, then we are there now. We need to be looking at the severity of the consequences. Speaking personally, that argument appeals to me. I believe that’s where we will be in 10 years, but I don’t believe that’s where we are today.
IDEAS: How about the Chinese military hacking The New York Times?
SCHMITT: It doesn’t rise to the level of use of force, but it certainly isn’t lawful.
IDEAS: The recently leaked Presidential Policy Directive 20 indicates pretty clearly that the Obama administration is aggressively trying to build up its ability to do catastrophic damage to its enemies in cyberspace. At the same time, it also demands that national security experts ensure that any US cyberattacks are legal.
SCHMITT: There are some states that are saying this is the fifth domain after land, water, air, and space, and international law doesn’t reach it. But Obama is telling operators that if the United States engages in operations, understand that there is a body of law, understand that the body of law will limit when you can engage, the level at which you can engage, and who you target....If we are in an armed conflict with the Taliban or with Al Qaeda, and we are going to use cyber, we are going to have to abide by rules like minimizing harm to the civilian population in strikes.
IDEAS: What about the rest of the world, though?
SCHMITT: Most of the states that we operate with on the battlefield and most of the states that are close friends and allies, most of them accept the notion that international law applies. I would characterize the view that it does not apply as really a fringe view, albeit one that is held by states that are quite important.
IDEAS: Like China?
SCHMITT: With regard to China, I’m not a Sinologist, but I will tell you that I have heard from Chinese in and out of government and I am surprised sometimes at the positions that have been taken. They are very sophisticated international lawyers, but the assertion that international law doesn’t apply simply doesn’t fly.
Gal Beckerman is a journalist and author. His first book, “When They Come for Us, We’ll Be Gone: The Epic Struggle to Save Soviet Jewry,” was named a best book of the year by The New Yorker and The Washington Post in 2010, and has been released in paperback.

PRISM: Apple gets 5,000 government data release requests in six months

Apple logo
Apple has revealed that it received up to 5,000 requests for customer data from US government authorities over a six-month period.

In a detailed statement posted on its website Apple maintained that it had never heard of the PRISM system until it was first reported but acknowledged that it does receive, and fulfill, data requests from the government.
“We do not provide any government agency with direct access to our servers, and any government agency requesting customer content must get a court order,” it said.
“Like several other companies, we have asked the US government for permission to report how many requests we receive related to national security and how we handle them. We have been authorised to share some of that data, and we are providing it here in the interest of transparency.”
Apple then detailed that between 1 December 2012 and 31 May 2013, between 4,000 and 5,000 requests were received, which specified access requests for 9,000 to 10,000 individual accounts. These requests were from federal, state and local authorities and related to both “criminal investigations and national security matter”.
“The most common form of request comes from police investigating robberies and other crimes, searching for missing children, trying to locate a patient with Alzheimer’s disease, or hoping to prevent a suicide,” Apple said.
However, the firm was adamant that such requests were only fulfilled after extensive examination of their contents.
“Regardless of the circumstances, our legal team conducts an evaluation of each request and, only if appropriate, we retrieve and deliver the narrowest possible set of information to the authorities. In fact, from time to time when we see inconsistencies or inaccuracies in a request, we will refuse to fulfill it.”
Apple reiterated that no content of conversations is recorded and cannot be decrypted.
“Conversations which take place over iMessage and FaceTime are protected by end-to-end encryption so no one but the sender and receiver can see or read them. Apple cannot decrypt that data. Similarly, we do not store data related to customers’ location, Map searches or Siri requests in any identifiable form.”
The release of data comes after other tech giants such as Google, Twitter and Microsoft all pushed for the right to reveal more information on the requests they receive form government. This was done in order to distance themselves from claims they provide unfettered access to the data stored on their servers.

Anonymous Dutch intelligence analyst said The Dutch use the U.S.'s PRISM surveillance program

An Anonymous Dutch Intelligence Analyst that worked at the AIVD in an specific case to track down Islamic extremists has told The Telegraaf that PRISM was used to collect information on targeted Dutch civilians.

The Dutch "Secret" Service 

The AIVD (Algemene Inlichtingen- en Veiligheidsdienst - General Intelligence - Security service) has set a high priority for cyber threats. On the website you can read that the AIVD thinks that cyber threats are on of the biggest threats that can hit The Netherlands.
On the website you can read that they are interested in States, extremists and terrorists.

Anonymous Dutc​h Intelligence analyst 

The source said that the Netherlands is using cyber weapons that are able to achieve the same like PRISM and some might do more or less.
Cyberwarzone has made a list of the cyberweapons that can be  used by your government because they popped up all over the world.

A Call to Arms for Banks

WASHINGTON—U.S. regulators are stepping up calls for banks to better-arm themselves against the growing online threat hackers and criminal organizations pose to individual institutions and the financial system as a whole.
The push comes as government officials grow increasingly concerned about the ability of a cyber attack to cause significant disruptions to the financial system. Banks such as J.P. Morgan Chase & Co., Bank of America Corp. BAC -1.07% and Capital One Financial Corp. COF -2.15% have been targeted by cyber assaults in recent years, including potent "denial-of-service" strikes that took down some bank websites off-and-on for days, frustrating customers. Banks have spent millions of dollars responding to or protecting against such attacks, including a wave of attempted online assaults targeting major banks beginning last year that U.S. defense officials say had the backing of the Iranian government.
Regulators are warning banks to better-arm themselves against the online threat from hackers. U.S. authorities intensify efforts to find Americans hiding money in tax havens. Photo: Getty Images.
The warnings reinforce the message from Washington that the private sector has primary responsibility for fending off attacks, even from groups the U.S. believes are tied to a foreign government. Some banks have bristled at the suggestion they can fend off a foreign nation and have asked the U.S. to intervene to mitigate such attacks, either by blocking the attacks or moving against those mounting them.
A banking industry official said the onus can't just be on banks to combat cyber attacks. "It needs to be collaborative; the industry can't take on foreign countries alone," the official said.
The U.S. has increasingly adopted a hard line toward firms whose systems are violated, holding companies more accountable for protecting themselves. Last year, the Federal Trade Commission filed a lawsuit against Wyndham Worldwide Corp. WYN -0.86% alleging the hotel chain failed to protect the credit-card information of its consumers. In 2011, the Securities and Exchange Commission issued guidance requiring companies to disclose to investors more details when their computer systems have come under attack by hackers.
Regulators and the banking industry are coordinating efforts to respond to the growing threat, including a major cyber "war game" exercise slated for later this month involving top regulators, the Department of Homeland Security and major banks. Organized by the Securities Industry and Financial Management Association and titled "Quantum Dawn 2," the exercise is supposed to replicate a large, coordinated cyber attack to test the industry's response.
Officials from the Treasury Department and other financial regulators have been conducting regular classified and non-classified briefings with bank officers about the increased likelihood banks of all sizes could come under attack. Treasury Secretary Jacob Lew last week met with roughly 40 executives in New York to discuss concerns, one in a series of meetings Mr. Lew has had on the topic with government and business leaders, according to the Treasury Department.
Last week, the Federal Reserve and other banking regulators formed a new "cyber security" working group to highlight the issue and better coordinate government responses. And earlier this week, the Office of the Comptroller of the Currency hosted a call with more than 1,000 community bankers, warning that cyber attacks are on the rise—particularly among small banks—as the number of potential targets expands.
"You have to think of cyber-risk as part of the other overall risks at your bank," said Valerie Abend, the OCC's senior critical infrastructure officer.
Regulators are counseling bank executives to change the way they think about cyber attacks, she said, and consider them as they do more traditional risks, such as lending and interest-rate risk, when making strategic decisions. As with regulators' recent push to step up enforcement of antimoney-laundering rules, banks are being told that they'll be judged on their preparation against cyber attacks when examiners gauge a bank's operational risk. Executives are being told to train workers on potential risks posed by hackers, and to be proactive in communicating risks to customers and employees.
The Financial Stability Oversight Council, which Mr. Lew leads, cited cyber security as one of its key "emerging threats" this year. Mr. Lew raised the issue of cyber theft of trade secrets with his Chinese counterparts on a recent visit to Beijing.
While no specific incident is behind the focus on cyber security, regulators are concerned that the number of cyber attacks spawned by increasingly sophisticated hackers, criminal organizations, hactivist groups and nation-states is going to rise. The OCC said in its presentation to bankers that cyber attacks overall, including on banks, increased 42% in 2012, ranging from malicious software or phishing attacks, to well-publicized denial-of-service attacks.
The threat became apparent late last year when Iranian hackers conducted a wave of cyber attacks targeting major U.S. banks. The attacks disrupted banks' websites, flooding them with high volumes of traffic in order to render them unavailable, and leading to warnings from U.S. officials to halt.
Karl Schimmeck, SIFMA's vice president of financial-services operations, said the industry needs to gird itself for the reality of cyber incursions.
"We're a big target…. People don't go out and physically rob banks anymore. This is the best way to get access to what banks have" including money and critical information, Mr. Schimmeck said.

NSA Leaker Had Legal Means to Reveal Information

Edward Snowden, who illegally leaked classified information about a National Security Agency intelligence gathering program to a British newspaper last week, had ample legal channels to report what he felt were illegal or improper activities.
The inspector general for the Defense Department runs a hotline for military and intelligence officials to report such conduct in ways that do not disclose classified information to the public.
Experts on national security whistleblower laws say Snowden could also have disclosed the information to members of Congress.
Director of National Intelligence James Clapper said Tuesday that Snowden’s leak did “huge, grave damage” to the country’s intelligence-gathering capabilities.
The Pentagon provides avenues for whistleblowers to disclose alleged wrongdoing in ways that avoid disclosures that could have that affect.
The foremost law providing such an avenue is the Intelligence Community Whistleblower Protection Act (ICWPA).
The law provides means for the disclosure of classified information to members of Congress in a way that protects the information from public disclosure and protects the identity of whistleblowers who do not believe that their direct superiors will act on allegations of wrongdoing.
“The whistleblower passing [classified information] through the ICWPA process knows they’re protected against giving it out impermissibly,” explained Dan Meyer, the DOD inspector general office’s director of whistleblowing and transparency, in a recent webinar on journalism involving military and intelligence whistleblowers.
“Whistleblowing and leaking are two fundamentally different activities,” Meyer said. “A leak is an unlawful communication, it’s one that is prohibited by law. Whistleblowing is one that is not only required by regulation, but protected by law.”
Exposing wrongdoing or illegal activity by military and intelligence officials, Meyer said, is a “patriotic duty.” However, there are channels that should be used to do so to avoid the illegal release of classified information, he said.
Meyer said he “even offered … to courier it up [to Congress] and pass the clearances to make sure the committee members were the right ones to pass it to,” in cases where whistleblowers did not feel comfortable going through the ICWPA process.
Mark Zaid, a national security attorney who has represented numerous military and intelligence whistleblowers, said Snowden had numerous formal and informal avenues to disclose the information in legal ways that did not compromise intelligence programs.
“At the very least, he should’ve started off at the different inspector general offices,” Zaid told the Washington Free Beacon in an interview.
Zaid noted that the ICWPA only applies to whistleblowers disclosing illegal information, and that the NSA program exposed by Snowden appears to have been approved by Congress and judicial authorities. However, he noted that Bush administration whistleblowers reported activities, such as enhanced interrogations, that had likewise been approved.
Even absent the ICWPA process, Zaid says Snowden could have personally disclosed the information to Congress.
“There are quite a number of members of Congress who he could’ve gone to who would have embraced him. Clearly [Sen.] Rand Paul [(R., Ky.)] would have been very interested in this, and Sen. [Ron] Wyden [(D., Ore.)]. On both sides of the aisle, there are members of Congress … who clearly would have embraced what he would have told them,” Zaid said.
If Snowden had come to his office, Zaid said, he would have brought him directly to Congress. “The way I handle it will give that person as much if not greater protection” than the ICWPA, he insisted.
“He could have revealed everything directly to Sen. Rand Paul, directly to Sen. Wyden,” Zaid said. “Any member of Congress has the appropriate security clearances for what he knew.”
Going to Congress could also be a more effective means of spurring policy changes, which was one of Snowden’s apparent motivations for the leak.
“When whistleblowers work with the media, media coverage in and of itself does not solve the problem that whistleblowers have brought to the disclosure process,” Meyer explained.
“Many whistleblowers believe that if there’s just exposure through the press, that somehow it stops,” Meyer said, but policy changes require that a congressman or federal or law enforcement official follow up on that disclosure.
“I’ll never say, ‘I could have made all the difference in the world,’” Zaid said. “I’d never say that, because I have no idea, and I’m sure we would’ve hit roadblock after roadblock. But the fact is we’ll never know if anything I could have done would have worked, because he went straight to the media.”
“And look at how that turned out,” Zaid said. “Mr. Snowden, are you having fun?”

Free Beacon Targeted In Hack Attack

The Washington Free Beacon last week monday became the latest victim in a wave of cyber attacks targeting conservative news outlets.
The Beacon, in what appears to be a coordinated assault, joined National Journal and radio station WTOP as a target after certain articles were featured on the Drudge Report, one of the most heavily trafficked and influential sites in the world.
The Drudge Report itself has not been infiltrated.
“There seems to be this concerted effort by this cyber criminal to take over news sites,” said Steve Ward, vice president of Invincea, the Internet security company that first identified the Free Beacon breach. He added that these particular attacks appear to have been perpetrated by criminals rather than by state actors such as China.
It is common for cyber criminals to target “communities of interest,” Ward said. “The goal is to catch in their web as many people as possible.”
“I think what’s happening is the bad guys are looking at Drudge as a great news aggregator and looking at some of the downstream news sites,” Ward said in an interview. “It’s easier to hit these sites.”
The Free Beacon was compromised on Monday when unidentified malicious code was embedded into two Free Beacon articles that had been featured on Drudge. Invincea, which sells unique Internet protection tools, reported on Monday that the Free Beacon was “redirecting user traffic to malware” that was infecting readers’ computers without their knowledge.
WFB staff took action, and by noon on Tuesday, June 11, had isolated and eliminated the threat. The site is now safe to browse.
One infected article focused on the NSA whistleblower, while the other focused on ammunition purchases for the Afghan National Army.
Invincea’s Ward said he discovered the malware upon clicking on the articles from Drudge.
“We browsed to Free Beacon [from the Drudge Report] and got hit,” Ward said.
“The Beacon is not a culprit,” Ward said. “This happens to a number of prominent news sites. It’s an ongoing campaign.”
In the Free Beacon’s case, malicious code was embedded deep into the website in code known as Javascript. Readers traveling to the site would not have been aware that their computers had been infected.
“It’s an unknown exploit so the user just goes to the website to get the news content and they don’t even know they’re infected,” Ward said.
Popular virus blocking software has trouble detecting these types of attacks because the malicious code is unfamiliar and anonymous, Ward said.
The only way to remedy the problem is to perform a full cleanse of the infected website’s servers and put in place protective measures to prevent another infiltration.
Aaron Harison, president of the Center for American Freedom, of which the Free Beacon is a project, emphasized the shared characteristics of the sites targeted by the hackers.
“The common thread is politics,” he told the Washington Business Journal  last Tuesday.
“Our first job is to protect our readers and today we failed,” Harison said in a separate statement to the Free Beacon. “We want to assure our readers that they’re now able to read the Beacon securely, and that we are taking every step to make sure this will not happen again.”
Harison continued, “As the commander of U.S. Cyber Command has said, there are two types of websites today: Those that have been hacked and those that have been hacked but their administrators don’t know it yet.”

PRISM: Snowden extradition likely as US attorney general vows justice

Judge's gavel
The US appears certain to seek the extradition of PRISM whistleblower Edward Snowden, a former CIA IT contractor, after attorney general Eric Holder claimed national security was put at risk by the leaking of documents revealing the programme's existence.
Holder, who didn’t refer to Snowden by name, said the nation would pursue every avenue to bring the person who leaked the information on PRISM to justice.
“I can assure you we will hold accountable the person responsible for those extremely damaging leaks,” he said, while speaking at a summit with the European Commission on Friday in Dublin to discuss more aspects of the PRISM programme.
“National security has been damaged as a result of those leaks, and the safety of the US people and people who reside in allied nations have been put at risk. We are confident the person responsible will be held accountable.”
The comments strongly suggest the US will seek the extradition of Snowden, who is believed to be hiding from the authorities in Hong Kong since his leaks of the PRISM project were revealed last Thursday.
Snowden is also now banned from trying to enter the UK after document surfaced showing that airlines around the world have been told not to allow him to board any flights to the country, as he will almost certainly be denied entry.

Dell SecureWorks launches APT and cyber attack Incident Response Resource Center

Security padlock image
Dell SecureWorks has launched a new Incident Response Resource Center aiming to help respond, recover and mitigate against attacks on firms' networks.
The centre will be hosted online on Dell SecureWorks' website. It will offer businesses security white papers, videos and webcasts with information on topics such as incident response, minimising the duration and impact of a security breach, how to recover compromised data and preserve evidence for legal action, and ways to assess how prepared the firm is for a cyber attack.
Dell SecureWorks general manager of Europe Jeffrey Longoria told V3 the centre is an essential step in its ongoing bid to protect its clients – many of which are involved in critical infrastructure areas – from the recent batch of evolved attacks facing them.
"The threat landscape is becoming more and more complex and it's harder and harder for organisations to understand and measure the risk they're facing. You break it down from one end to the other. On one end of the spectrum you have the commodity, not targeted threats that are just based on volume, and on the other end you have highly targeted threats we've all come to know as APTs," he said.
"These are very sophisticated and they take advantage of not only technology but people, the businesses processes and everything in between. This makes it extremely difficult for organisations to cover all their bases. The only way to do it is to collaborate to get the best-quality research available to plan ahead of time not only their strategy, but also their response capability so they can deal with these things in a timely manner."
The centre added to SecureWorks is one of many new security services launched by the firm this year. Dell SecureWorks previously expanded its cyber incident response (IR) portfolio to include stress test services.
The Advanced Threat Preparedness Assessment and Denial of Service (DoS) Preparedness Assessment services launched in March, and are designed to simulate attacks on customer's systems, letting them spot potential holes in their defences before they can be exploited by hackers.