As the level of sophistication of digital attacks grows rapidly, targeted organizations must devise a strategic, military-like response.
At a gathering of security experts on Thursday in New York, panelists warned that while launching an offensive strike against cyber attackers might be a tempting response to being breached, there are better -- and legal -- strategies for retribution.
An examination of the evolution from the 2010 and 2011 campaign operations provides some hints about what IT vendors might expect from hacktivists in 2012.
The National Security Agency claims a dozen groups connected to China's People's Liberation Army and six nonmilitary groups connected to universities are largely behind cyber spying campaigns.
The attacks, which occurred at four department locations, were not described in detail, but were deemed "successful" for adversaries, according to the annual audit.
Today's flurry of cybercrimes rely on an array of motivations, techniques and technologies, making the job of an investigator to track down the offender that much more difficult.
The Canadian intelligence service has singled out cyber attacks as one of the biggest threats facing Canada in its latest annual report.
Canada's telecommunications networks are vulnerable to homegrown terrorists, concluded the Special Senate Committee on Anti-terrorism.
The $1 trillion cybercrime industry is expertly - and competitively - run. Take a peek into the inner workings of these syndicates and how the good guys are closing in.
In 2011 and the new age of cyberwarfare, what differentiates a military corporation from a security corporation? Are you now working in a cyberwarfare capacity? If so, what restrictions on global trade should CIOs be concerned with?
As the holiday season continues, users should be on high alert for scams such as malware-laden electronic greeting cards and screensavers, US-CERT has warned. In addition, phishing attacks may be disguised as requests for charitable donations, credit card applications and online shopping advertisements. US-CERT recommends that users avoid opening unexpected email attachments or following untrusted links. When donating to charities, individuals should verify the organization's authenticity with the Better Business Bureau. — AM
Thefts of information belonging to customers of two major American chains may be traceable back to a breach at an email marketing services firm.
Though some have labeled the website attacks surrounding the WikiLeaks controversy to be the first-ever global cyberwar, security experts say the truth is much less sensational.
The FBI issued a warning on Wednesday about so-called "smishing" and "vishing" scams, which are likely to be prevalent this holiday season.
Social networking sites and search engines are expected to be hit hard as cybercriminals try to wrangle in unsuspecting holiday shoppers.
Google has fixed what is being described as a serious security flaw that allowed a hacker to harvest Gmail addresses and send spam from the search giant's servers.
The Stuxnet worm has prompted lawmakers to consider imparting additional cyber-oversight on the Department of Homeland Security.
The likelihood of a crippling cyberattack against the U.S. electric gird is 100 percent, a congresswoman said Wednesday at SC World Congress in New York.
According to an SC World Congress speaker, cybercriminals have over the past year grown more innovative and relied heavily on opportunistic, targeted and blended attacks.
An unauthorized individual recently gained access to a Louisiana state licensing database that contained the personal information of tens of thousands of emergency medical technicians (EMTs).
According to Iran, Stuxnet is no longer a threat - however use of a new zero-day exploit has extended its life cycle.
The cyberwar battlefield exists in every part of society in which we live and work, according to a national security expert who will be speaking at the third annual SC World Congress.
Is Stuxnet cyber warfare's Trinity Test?
Is Stuxnet cyber warfare's Trinity Test?
In the wake of the Stuxnet worm, a new survey found that 53 percent of critical infrastructure providers said their networks have experienced politically motivated attacks.
Governments, the IT industry and internet access providers should evaluate and ensure the health of consumer devices before allowing them full access to the internet, according to a Microsoft executive.
Becoming part of a supply chain failure for nation-states willing to bypass embargo could lead to life-changing consequences.
The Stuxnet worm should serve as a wake-up call that cyberwarfare is a reality, experts said.
Thousands of cybersecurity experts from across the country and abroad will converge this week for Cyber Storm III, a three-day-long exercise designed to evaluate America's ability to respond to a cyberattack. The exercise will offer the first test of the recently devised National Cyber Incident Response Plan by simulating a large-scale assault on the nation's critical infrastructure, according to a news release. Participants are expected to include representatives from federal agencies, 11 states, 60 private companies and 12 countries. Cyber Storm exercises previously were held in 2006 and 2008. — DK
One of the leaders of a cybercriminal gang that hacked into payment services provider RBS WorldPay and stole $9 million has received a six-year suspended sentence in Russia, according to reports.
Sign up to our newsletters
SC Magazine Articles
- Malware on Lime Crime website, payment cards compromised
- Florida law enforcement docs show widespread stingray use, secrecy
- After Superfish-Lenovo incident, Facebook probes larger issue of SSL-sniffing adware
- Gemalto investigates claims that gov't spies hacked SIM card encryption keys
- Disconnect yawns between CISOs, exec leadership, study says
- Carbanak APT campaign made off with $1B from banks globally
- BMW issues security patch for bug allowing attackers physical access into vehicles
- NIST requests final comments on ICS security guide
- New attack uses ransomware to drop trojans and keyloggers
- Microsoft phishing emails target corporate users, deliver malware that evades sandboxes
- State breakdowns: Anthem breach by the numbers
- Botnet of Joomla servers furthers DDoS-for-hire scheme
- Study: SMBs lack thorough understanding of state data breach notification laws
- Bug in popular WordPress plugin opens up websites to SQL injection attacks