April 2010

Malware Tunneling and Internet Protocol Vulnerability

The Internet Protocol, version 6 (IPv6) was designed to alleviate the address space
limitations of IPv4 and provide additional security and routing capabilities. The protocol
itself, however, can be misused to deliver malware in a way that eludes detection by
firewalls or intrusion detection systems (IDS) not configured to recognize IPv6 traffic.
This problem can be amplified in cases where malware is used to reconfigure vulnerable hosts to allow IPv6 traffic.

Conditions and Technology

Tags:

Cyber Espionage is the Real Problem

Dr. Jim Lewis sees the issue of economic cyber espionage as the greatest threat the United States currently faces in cyberspace. “The real problem is economic espionage,” Lewis said today at an event hosted by the Potomac Officers Club.

Lewis is one of the premier experts in cybersecurity. He led the CSIS Commission on Securing Cyberspace for the 44^th Presidency and has given testimony before Congress.

“His involvement goes so much farther than that,” said Lt. Gen. Harry Raduege. “He has been the executive director of more than 50 of our nation’s top cyber experts.”

Lewis discussed the concerns and challenges currently facing the U.S. in the field of cybersecurity. “We face real opponents in cyberspace. One of the things that constantly draws attention to this topic is other people doing bad things to the United States,” he said. “We’ve woken up as a nation to the fact that we depend on these technologies…but they are exceptionally vulnerable.”

Cyber Gangs Mimic Legitimate Corporations

Cyber Gangs Mimic Legitimate Corporations with Roles, Duties

This was written by Camille Tuutti on Tuesday, March 30, 2010, 8:24.

Through a series of sting operations, the FBI has uncovered how cyber criminals have begun adopting a hierarchy commonly found in the corporate world, with distinctive roles and responsibilities delegated to each individual, according to Steven Chabinsky, deputy assistant director of FBI’s cyber division.

As opposed to legitimate organizations and employees, cyber criminals don’t have to adhere to regular 9-5 schedules, and they’re often willing to work as much as they need to plan out new opportunities within a short period of time, Chabinsky said during a presentation titled “The Cyber Threat: Who’s Doing What to Whom?” at last week’s FOSE conference.