Posts Tagged ‘Homeland Security’

Cyber Threats Growing, Officials Tell Homeland Security Subcommittees

Thursday, May 22nd, 2014

Cyber Threats Growing, Officials Tell Homeland Security Subcommittees

By: Anthony Kimery, Executive Editor

Bookmark and Share

During a initial 7 months of Fiscal Year 2014, a Department of Homeland Security’s (DHS) National Cybersecurity Communications Integration Center (NCCIC) perceived 31,593 reports of incidents, rescued over 28,000 vulnerabilities, released some-more than 4,000 actionable cyber-alerts and had over 252,523 partners allow to a cyber hazard warning pity initiative, Larry Zelvin, executive of DHS’s National Cybersecurity and Communications Integration Center, told congressional panels Wednesday.


NCCIC is an around a time cyber situational recognition and occurrence response and supervision core that serves as a centralized plcae where operational elements concerned in cybersecurity and communications faith coordinate and confederate cyber confidence efforts.


Joseph Demarest, partner executive of a FBI’s Cyber Division, combined that, “The impact of botnets has been significant. Botnets have caused over $113 billion in waste globally, with approximately 378 million computers putrescent any year, equaling some-more than one million victims per day, translating to 12 victims per second.”


Demarest told a corner hearing of a House Committee on Homeland Security’s Subcommittee on Counterterrorism and Intelligence and a Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies that, “the magnitude and impact of cyber attacks on a nation’s private zone and supervision networks have increasing dramatically in a past decade and are approaching to continue to grow.”


Demarest said, “The United States faces cyber threats from state-sponsored hackers, hackers for hire, tellurian cyber syndicates and terrorists [who] find a state secrets, a trade secrets, a technology, a personal and financial information and a ideas, all of that are of implausible value to all of us.”


They might even find “to strike a vicious infrastructure and a economy,” he said.


“Given a operation of a cyber threat,” Demarest told a subcommittees, “agencies opposite a sovereign supervision are creation cyber confidence a tip priority. Within a FBI, we are prioritizing high-level intrusions — a biggest and many dangerous botnets, state-sponsored hackers and tellurian cyber syndicates. We wish to envision and forestall attacks, rather than simply conflict after a fact.”


Continuing, Demarest said, “The need to forestall attacks is a pivotal reason a FBI has redoubled a efforts to strengthen a cyber capabilities while safeguarding privacy, confidentiality and polite liberties. The FBI’s Next Generation Cyber Initiative, that we launched in 2012, entails a far-reaching operation of measures, including focusing a FBI Cyber Division on intrusions into computers and networks, as against to crimes committed with a mechanism as a modality. The Cyber Division determined Cyber Task Forces in any of a 56 margin offices to control cyber penetration investigations and respond to poignant cyber incidents. The Cyber Division has also hired additional mechanism scientists to support with technical investigations in a margin and stretched partnerships to raise partnership with a National Cyber Investigative
Joint Task Force (NCIJTF).”


“Cyber intrusions into vicious infrastructure and supervision networks are vicious and worldly threats,” Zelvin said. “The complexity of rising hazard capabilities, a fixed couple between a earthy and cyber domains, and a farrago of cyber actors benefaction hurdles to DHS and all of a customers. Because a private zone owns and operates a poignant commission of a nation’s vicious infrastructure, information pity becomes generally vicious between a open and private sectors.”


Zelvin offering an insider’s demeanour during DHS’s response to a scandalous “Heartbleed” vulnerability.


Heartbleed is a debility in a widely-used OpenSSL encryption program that protects a electronic trade opposite two-thirds of a Internet and in many electronic devices.


“Although new mechanism bugs and malware stand adult roughly daily, this disadvantage is surprising in how widespread it is, a potentially deleterious information it allows antagonistic actors to obtain and a length of time before it was discovered,” Zelvin said.


Zelvin pronounced NCCIC schooled of a of a Heartbleed disadvantage on Apr 7, and in reduction than 24 hours had “released warning and slackening information on a US-CERT website. In tighten coordination with a Departments of Defense and Justice, as good as private zone partners, a NCCIC afterwards combined a series of concede showing signatures for a EINSTEIN complement that were also common with additional vicious infrastructure partners.”


EINSTEIN is a member of a National Cybersecurity Protection System.


Zelvin pronounced DHS immediately began to work “with municipal agencies to indicate their .gov websites and networks for Heartbleed vulnerabilities, and supposing technical assistance for issues of regard identified by this process. The NCCIC and a components also began a rarely active overdo to cyber researchers, vicious infrastructure owners, operators, and vendors, sovereign and SLTT entities, and general partners to plead measures to lessen a disadvantage and establish if there had been active exploits.”


“Once in place,” Zelvin said, “DHS began notifying agencies that EINSTEIN signatures had rescued probable activity, and immediately supposing slackening superintendence and technical assistance.”



Article source:

The Blue Screen of Death during 30000 Feet

Saturday, April 26th, 2014

America’s confidence and comprehension agencies are teaming adult with airline manufacturers to urge opposite a inauspicious cyberattack that could ravage a atmosphere trade control system, meddle with a mechanism systems used by complicated aircraft, and potentially even move down a plane.
As partial of a new programme, that will be run from a sovereign trickery outward Washington, US supervision crew will work alongside private-sector aviation employees to share information about mechanism confidence threats, supervision and corporate officials said. Their idea is to mark antagonistic hacker activity on mechanism networks and to urge a confidence of airline manufacturing, during that formidable program programmes that could emanate entrance points for hackers are commissioned on newcomer aircraft.
For years, cybersecurity experts and supervision officials have warned that a mechanism networks underpinning a US atmosphere trade control complement could be penetrated by antagonistic hackers. President Barack Obama emphasised a hazard in his initial vital residence on inhabitant cybersecurity in 2009. The stream atmosphere trade control complement stays vulnerable, though some-more complicated aircraft also lift formidable navigation and automatic software, and in a destiny they will be connected to a atmosphere trade complement around new mechanism networks, creation any particular aeroplane a intensity exposed target.
The new supervision and courtesy information-sharing programme is meant to urge “the whole system. It’s a airports, a [air trade management] system, a supply chain, a airline manufacturers. There are a lot of conflict surfaces there,” pronounced Fred Schwien, a executive of Homeland Security during Boeing, that is participating in a programme.
To move all sides together, a new information-sharing and research centre will be built during a Transportation Security Administration trickery nearby Ft. Meade, Md., a domicile of a National Security Agency and US Cyber Command, that oversees troops mechanism security. According to a presidential directive, Cyber Command also would be concerned in responding to a cyberattack on any vicious infrastructure in a United States, including a atmosphere trade control system.
US officials pronounced a TSA is heading a programme in a partnership with a Office of a Director of National Intelligence, that oversees all American comprehension agencies, and a National Counterterrorism Center, that is now a heart for information about intensity threats to a aviation complement from terrorists and hijackers.
The TSA will launch a commander programme “that will concentration on aviation-related confidence and comprehension pity to embody a private and open sectors,” pronounced a TSA spokesperson, who combined it would be “premature to criticism on a particulars” before a programme begins. Officials didn’t contend when that would happen.
A orator for a Director of National Intelligence reliable a existence of a new programme though said, “We can't criticism during this time on a sum of this bid as a final combination and responsibilities are still being worked out.”
The supervision has been pity information about threats to aviation from passengers and explosives dark in luggage and load given shortly after a Sept 11 militant attacks. And it’s been pity some cyber-related hazard information on a singular basis. But a new centre “is going to make a information-sharing many tighter,” pronounced Schwien, a Boeing executive. “This will be a place where people will know any other and trust any other.”
Schwien pronounced that as a model, a aviation courtesy and supervision officials are looking to an existent complement that connects a supervision with mechanism confidence crew from banks and financial services companies. The ostensible Financial Services Information Sharing and Analysis Center is a well-regarded cyberthreat programme designed to opposite financial rascal and urge opposite attacks on bank networks. Both sides are ostensible to share comprehension about famous hacker techniques, network breaches, and antagonistic program that’s being used opposite supervision or corporate networks. The organisation has been credited with assisting banks to improved guard emails that enclose mechanism viruses.
Cyber threats to aviation are among a oldest and many feared, given they could means large repairs and detriment of life.
Cyber threats to aviation are among a oldest and many feared, given they could means large repairs and detriment of life. One of a initial vital cyber attacks to attract officials’ courtesy in Washington occurred in 1998, when a teen pennyless into a Bell Atlantic write network and infirm a communications complement during informal airfield in Worcester, Mass. The hacker cut off communications to a control building and incited off a conductor that authorised incoming aircraft to spin on runway lights. The teenager, who after reached a defence agreement with a Justice Department, exploited a smirch in a phone complement that let him also invalidate communications with a glow department, airfield security, and a continue use for 6 hours.
The complicated atmosphere trade control complement might transport no improved than that airfield in Massachusetts. Over a subsequent decade, a sovereign supervision skeleton to hurl out a so called NextGen system, that promises to revoke overload in a skies and, hopefully, make atmosphere transport some-more fit and reduction expensive. But NextGen will rest on tellurian positioning satellites, that are exposed to mechanism hackers. Two years ago, researchers during a University of Texas during Austin demonstrated that they could secrete a controls of a remote-piloted worker by tricking it with feign GPS coordinates.
The examination was organized by a Department of Homeland Security, that oversees a TSA and hence is in assign of a new cyber confidence programme for a aviation industry. The disadvantage a Texas researchers found in a GPS complement was “just a tip of a iceberg of a many bigger confidence emanate we have in this country,” Logan Scott, a GPS courtesy consultant, told Wired repository during a time.
Paul Rosenzweig, a cyber confidence consultant and former Homeland Security official, wrote final year that a hackable GPS complement poses a risk for blurb aviation. He pronounced that to forestall opposite a catastrophe, atmosphere trade controllers would have to use GPS that can commend when they’re being fooled or that cross-check their position opposite inner navigations systems that aren’t connected to mechanism networks.
Devising those kinds of defensive solutions, and putting them into practice, is what a new aviation confidence centre aims to do. –Foreign Policy

Article source:

GOP Report: Govt Agencies Failing during Basic Security Precautions

Thursday, February 6th, 2014

U.S. officials have warned that a awaiting of a cyber-attack is a nation’s tip threat, nonetheless sovereign officials competence be confused to urge networks opposite even a many pledge hackers, according to a news from a Republican members of a Senate Homeland Security and Governmental Affairs Committee.

In a report, previous unsuccessful attempts by sovereign officials to secure information systems were addressed. The news cited an try to mangle into a Emergency Broadcast System final February. Television stations in Michigan, Montana and North Dakota broadcasted zombie conflict warnings, underneath a control of hackers.

Editor’s Note: 5 Shocking Reasons a Dow Will Hit 60,000

The hacked promote message: “Civil authorities in your area have reported that a bodies of a passed are rising from their graves and aggressive a living. Do not try to proceed or detain these bodies as they are deliberate intensely dangerous.”

This instance highlighted a government’s weaknesses in securing many vicious systems via a government.

U.S. officials have allocated increasing spending for mechanism confidence to conflict threats of cyber-attacks, however according to a report, even modestly learned hackers can mangle into networks given sovereign agencies are ill-equipped.

Alan Paller, who is investigate executive during a SANS Institute, a cyber-security preparation group, and reviewed a breeze chronicle of a news forward of a central recover said in a matter to a Washington Post that as a taxpayer, he is outraged.

“We’re spending all this income and removing so small impact for it,” he said.

Federal officials unsuccessful to exercise confidence patches, refurbish antivirus software, promulgate on secure networks and exercise clever passwords, a news said. Weak passwords were detected on sovereign systems, a news said.

The Obama administration has concurred a hurdles of removing agencies to secure their systems.

“Almost each group faces a cyber-security challenge,” pronounced Michael Daniel, special partner to a boss on cyber-security policy. “Some are over along than others in pushing recognition of it. It mostly depends on either they’ve been in a cross-hairs of a vital cyber incident.”

The Department of Homeland Security took a lot of critique in a report. The news unprotected a department’s disaster to refurbish essential software  —  “the elementary confidence magnitude only about any American with a mechanism has performed.”

The ranking Republican on a committee, Sen. Tom Coburn of Oklahoma, oversaw a growth of a report. “None of a other agencies wish to listen to Homeland Security when they aren’t holding caring of their possess systems,” he said. “They aren’t even doing a elementary stuff.”

The Department of Homeland Security pronounced it is addressing issues identified in a news and is operative on removing to a bottom of those problems.

“DHS has taken poignant measures to urge and strengthen a capabilities to residence a cyber risks compared with a vicious information networks and systems,” dialect orator S.Y. Lee wrote in an e-mail.

Recent cases of cyber-security have unprotected a government’s weaknesses in confidence practices.

A group of cyber confidence professionals warned that a U.S. supervision has unsuccessful to exercise fixes to strengthen a website from hackers, some 3 months after experts initial forked out a problem, Reuters reported.

David Kennedy, conduct of computer-security consulting organisation TrustedSec LLC, recently told Reuters that a supervision has nonetheless to block some-more than 20 vulnerabilities that he and other confidence experts reported to a supervision shortly after went live on Oct. 1.

“If Americans’ information is not secure, afterwards a burglary of their identities is unavoidable and dangerous,” Rep. Lamar Smith, a Republican from Texas, pronounced in a statement. “The boss should take quick movement to safeguard that a American people are not a subsequent aim of cybercriminals.”

Editor’s Note: 5 Shocking Reasons a Dow Will Hit 60,000

Related Stories:

© 2014 Moneynews. All rights reserved.

Article source:

HSI finds 10000 images of child porn on internal man’s computer

Saturday, December 21st, 2013

The detain of a Turlock male by Homeland Security on child publishing allegations stemmed from an examination into an general ring regulating a internet to sell pithy images of children.

Jeffrey Randall Metcalfe, 46, was taken into control Thursday morning by Homeland Security agents and arraigned currently in sovereign justice on charges of receiving and distributing child pornography.

Homeland Security’s cyber crimes core and child exploitation examination section identified a website in Jun 2012 that had been used extensively to sell images depicting child pornography. The agents were means to brand an comment called “Asmodeusthe1st” and related a internet custom chateau to Metcalfe’s Turlock residence.

“Asmodeus” is a name of a demon of lust that twists people’s passionate desires, according to Binsfeld’s sequence of demons.

Law coercion served a hunt aver during Metcalfe’s chateau on Cedar Ridge Drive Thursday morning. At a home law coercion found a mechanism used by Metcalfe that had images of “child erotica and child pornography” on a shade saver, according to a rapist complaint.

Metcalfe was during a home during a time a aver was served and was interviewed by a Homeland Security agents. He certified he had during slightest 10,000 still photos and videos depicting child publishing in his home and that his “goal” was to obtain 100,000.

The cinema includes images of tiny children of a toddler and preschool age, preteens, teenagers and some people who seemed to be adults, according to a rapist complaint. In a images children were striking in intimately pithy and striking poses and acts with other children and with adults.

During doubt Metcalfe told a agents he had a problem and had attempted to get assistance before when he was formerly convicted on sovereign charges of receiving and possessing child pornography, though that he never got any assistance. He pronounced he wanted assistance again this time, according to a rapist complaint.

Agents asked Metcalfe if he ever had an inapt passionate attribute with a child and Metcalfe was primarily wavering to answer, a rapist censure states.

One of a agents told Metcalfe that he was “asking for assistance for himself, though by not revelation us (the agents) about his victims, they would never get help.”

Metcalfe relented and gave a agents a names of dual minors. He pronounced he had a passionate attribute with a 14-year-old when he was 18 years aged and a 9 or 10-year-old when he was 30 years old.

The website Homeland Security found that led them to Metcalfe is not being publically emitted since a examination is ongoing and additional suspects could be identified and apprehended.

The agents pronounced Metcalfe’s comment was traced to 17 usernames on a website.

A examination of Stanislaus County Superior Court annals uncover a misconduct assign of possession of child publishing was lodged opposite Metcalfe in 2003, though discharged a following year.

In 1992, Metcalfe pled guilty to dual depends of first-degree custodial division by interesting dual teenager girls to go with him out of state but a accede of their parents. At a time Metcalfe was on trial in California and had been systematic to have no hit with one of a girls. He was condemned to 3 years grave trial and systematic to bear an analysis as a sex offender.

Metcalfe stays in sovereign custody. A engagement print was not released.

Article source:

Homeland Security during risk of mechanism breach

Thursday, December 5th, 2013

Created to guarantee a nation, a Department of Homeland Security is instead carrying problem ensuring a possess computers are stable from hacking and cybersecurity breaches, a new news says.

Agency plans, policies and systems aren’t being updated to simulate a many new threats, a potentially harmful misstep in a ever-evolving universe of online confidence where new threats can cocktail adult overnight, pronounced a agency’s examiner general.

Some DHS cybersecurity discipline date behind to 2008, and “baseline confidence pattern settings are not being implemented for all systems,” investigators said.

In addition, 47 systems are being used but “authority to operate” certificates that safeguard a many present confidence protocols are in place. Of those, 17 are systems that hoop personal tip data.

“This news shows vital gaps in DHS‘ possess cybersecurity, including some of a many simple protections that would be apparent to any 13-year-old with a laptop,” pronounced Sen. Tom Coburn of Oklahoma, a tip Republican on a Homeland Security and Governmental Affairs Committee.

“DHS doesn’t use clever authentication,” he said. “It relies on superannuated program that’s full of holes. Its components don’t news confidence incidents when they should. They don’t keep lane of weaknesses when they’re found, and they don’t repair them in time to make a difference.”

The series of cybersecurity incidents during DHS has risen 17 percent over a past year, information shows, and attacks by some-more modernized antagonistic program have risen 134 percent given 2010.

While a dialect has done many improvements recently, a IG said, many weaknesses remain, including information stored outward DHS firewalls.

The group doesn’t lane what information is being stored in open clouds, inspectors said. Plus, DHS has 67 outmost Internet connectors that could be intensity gateways for hackers to get in.

The astringency of confidence breaches depends on a inlet of a information compromised, pronounced Paul Rosenzweig, a homeland confidence researcher during a Heritage Foundation, a regressive consider tank.

“If it’s a complement that contains all of yours and cave moody information, afterwards I’m a small some-more endangered than if it’s a complement they use to buy H2O bottles for a [airport] screeners,” pronounced Mr. Rosenzweig, a former DHS official.

What’s maybe some-more troubling, he said, is a government’s inability to get a possess affairs in sequence and a justification of a problems sovereign agencies have in procuring IT services and equipment.

“We have not managed to compare a means of purchasing mechanism cybersecurity systems to a dynamic, ever-changing sourroundings that is a cyberspace,” Mr. Rosenzweig said.

Officials during Homeland Security pronounced they are operative to seaside adult a agency’s vulnerabilities.

“DHS has also taken actions to residence a administration’s cybersecurity priorities, that enclosed doing of devoted Internet connections, continual monitoring of a department’s information systems and information that support a DHS mission,” a response from a group said.

Article source:

McAfee CTO to Lead Cybersecurity during Homeland Security

Wednesday, August 7th, 2013

By Danny Yadron

The U.S. Department of Homeland Security is set to daub a tip executive during mechanism confidence hulk McAfee, a section of Intel, as a subsequent central to conduct a cybersecurity division, several people informed with a matter said.

Phyllis Schneck, now a McAfee clamp boss and a company’s CTO for a open sector, will be picked as a subsequent emissary undersecretary of cybersecurity during a department, that takes a heading purpose in safeguarding U.S. networks from unfamiliar and domestic hackers.

A DHS central declined to comment. Reached by phone, Schneck also declined to comment.

Read a rest of a story during WSJ’s Digits blog.


Article source:

McAfee CTO to Lead Cybersecurity during Homeland Security

Monday, August 5th, 2013

The U.S. Department of Homeland Security is set to daub a tip executive during mechanism confidence hulk McAfee, a section of Intel, as a subsequent central to conduct a cybersecurity division, several people informed with a matter said.

Phyllis Schneck, now a McAfee clamp boss and a company’s CTO for a open sector, will be picked as a subsequent emissary undersecretary of cybersecurity during a department, that takes a heading purpose in safeguarding U.S. networks from unfamiliar and domestic hackers.

A DHS central declined to comment. Reached by phone, Schneck also declined to comment.

On paper, Schneck is tasked with safeguarding American networks from cyber threats. In practice, she has to navigate a sovereign bureaucracy and energy struggles that have prevented Washington from doing that. DHS meantime has to figure out how to exercise Obama’s executive sequence this year on cybersecurity protections. It also helps pass on supervision information on specific cyber threats to Internet use providers.

Schneck has endless knowledge operative with both a open and private sectors, and is a latest instance of a government’s tighten attribute with vast confidence companies. She’s worked 14 years in a confidence attention and has a Ph.D. in mechanism scholarship from a Georgia Institute of Technology, according to McAfee’s website. For 8 years, Schneck was authority of a inhabitant house of directors for a InfraGard module during a FBI, meant to promote information pity on cyberthreats between a feds and private companies.

She faces a plea in opposed a care mess-up in Washington over how to oversee Internet security. Her predecessor, cybersecurity maestro Mark Weatherford, stayed in a pursuit for reduction than 18 months and left in April. His halt replacement, Bruce McConnell, announced his depart from DHS in July.

There have also been care shifts aloft adult a food chain. Jane Holl Lute, a former emissary secretary of homeland security, stepped down this spring. In exit interviews, Lute warned opposite Washington using cybersecurity like an comprehension program, pulling behind opposite a National Security Agency holding a lead purpose in fortifying a Internet. (See: Snowden, Edward.)

And in July, Secretary of Homeland Security Janet Napolitano announced she would step down. President Barack Obama has not nonetheless tapped her replacement.

Schneck is “smart and one of a hardest workers in a field,” pronounced Alan Paller, owner of a Sans Institute, a cybersecurity investigate and preparation program. But DHS, as an institution, lacks a “tools since they don’t have a technical skills to expostulate change,” he said.

Recently, Napolitano has led an bid to sinecure 600 hackers.

A DHS central declined to criticism on a turnover.

Article source:

Strange Computer Message Came with ‘Homeland Security’ Warning: Blotter

Sunday, August 4th, 2013

Midlothian police said. The message, that claimed to be entrance from a sovereign agency, sensitive a lady a mechanism was sealed due to “looking during child porn.”

The questionable warning sensitive a Midlothian lady that she would have to compensate $300 by a income send use to get her computer unlocked, military said.

The lady also believes a print of her was taken during some point, military said. A design box with her picture showed adult during a ordeal.

Are You a Fan of True Crime? Like a Crime-N-Shame Facebook page to stay on tip of a large stories and a uncanny ones. 

Article source:

Experts advise of Homeland Security fraud disabling computers

Wednesday, July 24th, 2013

 (KMOV) — Experts are warning about a mechanism pathogen that is appearing as an central supervision warning.  

The fraud pops adult as a summary from Homeland Security and totally disables a computer.  The summary warns that mechanism laws were damaged and a $300 excellent contingency be paid immediately. 

The warning page is a fraud designed to shock people. 

Computer experts contend putrescent computers need to have a pathogen private professionally and to never compensate a excellent that is demanded. 

They also advise mechanism owners keep present with antivirus software.

Article source:

Government Watch: County joins Homeland Security module to accelerate …

Wednesday, April 17th, 2013

April 16, 2013

Government Watch: County joins Homeland Security module to accelerate mechanism security

By NewsPress Staff

Stillwater NewsPress
The Stillwater News Press

Tue Apr 16, 2013, 06:00 AM CDT

Payne County commissioners assimilated a Department of Homeland Security module to accelerate mechanism confidence during a Payne County building and administration building. The plan monitors a mechanism systems for hackers. When a penetrate conflict is detected, a confidence group tries to lessen a affects online. If it can’t, a group is sent to Stillwater.

The county also supposed a $100 concession from Campbell and Associates for highway construction on Yost and Sangre roads.

It also authorized 4 permits to concede tube crossings adjacent to or underneath roads.

Text Only
| Photo Reprints

Stillwater NewsPress. All rights
reserved. This element might not be published, broadcast,
rewritten or redistributed.

Article source: