The Cybersecurity Money Pit
Nov 8, 2011 5:00 AM PT
Despite the hundreds of millions of dollars the U.S. federal government spends on cybersecurity, it seems that shoestring-budget attackers are still often able to get a foot in the door.
At a security colloquium in North Virginia on Monday, the Defense Advanced Research Projects Agency (DARPA) told reporters it's losing ground in the battle to secure cyberspace.
To remedy that, it's seeking more funding and reaching out to hackers for help.
Meanwhile, investors around the world might be at risk following reports that an employee of Computershare, a technology provider to financial markets worldwide, took with her thousands of pages of internal documents and emails when she quit.
On the malware front, Microsoft has issued a temporary fix for Duqu, the worm that seems to be a cousin of the dreaded Stuxnet worm. As this happens, the DroidKungFu malware is chopping away at Android devices.
Finally, there's news that the hacker collective Anonymous has rethought plans of launching cyberattacks against Mexico's Zetas drug cartel in the wake of reports that such actions will trigger violent retribution.
Sleeping With the Enemy
DARPA's own research apparently shows that securing sensitive information on the U.S. military's networks requires millions of lines of code, while the average piece of malware used to attack these defenses rely on a little over 100 lines.
Now, the agency reportedly wants to bring in hackers to help set policy and design the military IT framework to keep pace with the speed of advances in cyberspace.
DARPA has the money to throw at the problem -- or will have, if its request to Congress for $208 million to be spent on cybersecurity research in fiscal 2012 is granted. In fiscal 2011, the agency obtained $120 million.
Secret Agent, Man ...
The National Counterintelligence Executive has reported to Congress that intelligence services, the private sector and individuals in several nations, some of which are U.S. allies, are stealing American business and trade secrets over the Internet.
The report warned that these attacks will continue to grow and threaten U.S. economic security and will evolve with continuing technological advances.
The situation's made worse by the U.S. workforce's shift away from privacy and data protection and toward ready access to information, the report cautioned.
"We're probably in that shift," commented Charles King, principal analyst at Pund-IT. "Younger folks post astoundingly personal information on publicly accessible social networking sites.
"The real question is how business and governmental organizations will cope with employees and citizens who act in this manner," King told TechNewsWorld.
Organizations should focus more on cybersecurity, suggested Scott Crawford, managing research director at Enterprise Management Associates.
"A healthy dose of reality at the very least is long overdue," he added.
Sharper Than a Serpent's Tooth
A reported insider theft at Computershare, which has a global share registry system used in the financial industry, may have endangered the privacy and financial records of millions of shareholders.
Computershare claims the Boston-based employee had copied internal documents and emails from a corporate laptop she took without authorization when she left to a USB flash drive that she claims is missing.
The incident is yet another instance of the threat to corporate data from insiders.
Issues With Malware
Microsoft released a temporary fix on Friday for a vulnerability in the TrueType font parsing feature in Microsoft Word that could be exploited by the Duqu virus.
However, that only plugs the Microsoft Word flaw; the malware could use other avenues, such as PDF documents or Excel files.
PC owners should ensure their antivirus software is up to date, Jerry Bryant, group manager of response communications at Microsoft Trustworthy Computing, told TechNewsWorld.
Meanwhile, Fortinet has warned that DroidKungFu, a new piece of malware, has emerged.
DroidKungFu, which targets Android smartphones, disguises itself as a legitimate virtual private network client application. Once downloaded, DroidKungFu can download more malware, open URLs in a browser, start applications and delete files on the target system.
"There are many variants of this Android malware, which have some different functionality," Derek Manky, senior security strategist at FortiGuard Labs, told TechNewsWorld.
The malware is mainly found in third-party Android app markets, although some were spotted in the official Android Market and taken out shortly afterward, Manky said.