Friday, January 15, 2010

China's Google Hack Shouldn't Surprise Anyone

Ira Winkler writes on PC World:

What surprises me about the latest hack of Google , supposedly by the Chinese government, is that it was surprising to anyone. Stories about the incident are flooding Computerworld.com and other sites throughout the Internet. Google is threatening to pull out of China in response to the hacking , which is giving people the impression that Google is protecting its Web mail subscribers and itself. In reality, I doubt that it will do either.

The whole affair reminds me of a scene in the movie There Will Be Blood , when Daniel Day Lewis' corrupt oil baron tries to buy drilling rights from several landowners, and only one holds out. Years later, the farmer, in need of money, reconsidered. The oil baron, in a drunken rage, laughs at the landowner's representative and tells him that all of the oil was in one common pool, and that when he pumped the oil out of the ground from one piece of land, he got the oil under everybody else's land. It was as if he had stuck a really long straw in the farmer's milkshake, he said, adding "I drank your milkshake." Given the nature of the Internet, whether or not Google pulls out of China, China will drink Google's milkshake.

More here.

DARPA: U.S. Geek Shortage Is National Security Risk

Katie Drummond writes on Danger Room:

Sure, we’re all plugged in and online 24/7. But fewer American kids are growing up to be bona fide computer geeks. And that poses a serious security risk for the country, according to the Defense Department.

The Pentagon’s far-out research arm DARPA is soliciting proposals for initiatives that would attract teens to careers in science, technology, engineering and math (STEM), with an emphasis on computing. According to the Computer Research Association, computer science enrollment dropped 43 percent between 2003 and 2006.

DARPA’s worried that America’s “ability to compete in the increasingly internationalized stage will be hindered without college graduates with the ability to understand and innovate cutting edge technologies in the decades to come…. Finding the right people with increasingly specialized talent is becoming more difficult and will continue to add risk to a wide range of DoD [Department of Defense] systems that include software development.”

More here.

'Misdirected Cookie' Lands Family on Strangers' Facebook Accounts

An AP newswire article by Jordan Robertson, via MSNBC.com, reports that:

A Georgia mother and her two daughters logged onto Facebook from mobile phones last weekend and wound up in a startling place: strangers' accounts with full access to troves of private information.

The glitch — the result of a routing problem at the family's wireless carrier, AT&T — revealed a little known security flaw with far reaching implications for everyone on the Internet, not just Facebook users.

In each case, the Internet lost track of who was who, putting the women into the wrong accounts. It doesn't appear the users could have done anything to stop it. The problem adds a dimension to researchers' warnings that there are many ways online information — from mundane data to dark secrets — can go awry.

More here.

Russian Hackers Jam Automobile Traffic with Porn

Via FOX News.

Traffic jerked to a standstill as rubbernecking motorists ogled a pornographic clip posted by hackers on big-screen video billboards in Moscow, Russian news agencies reported Friday.

The company that operates the billboards, Panno.ru, said hackers were behind a graphic sex video broadcast late Thursday night on two roadside screens along Moscow's Garden Ring Road, one of the city's busiest arteries.

"This was an attack by hackers on the computers, as a result of which one of the commercial video clips was swapped for an indecent video," Panno.ru commercial director Viktor Laptev told RIA-Novosti.

More here.

Chinese Authorities Behind Google Attack, Researcher Claims

Gregg Keizer writes on ComputerWorld:

The malware used to hack Google is so sophisticated that researchers brought in by the company to investigate believe the attack code was designed and launched with support from Chinese authorities.

According to Carlos Carrillo, a principal consultant for Mandiant, a Washington D.C.-based security incident response and forensics firm, the attack against Google last month was "definitely one of the most sophisticated attacks I've seen in the last few years."

Mandiant was called in by Google to look into the attack, and Carrillo was the project manager for the Google investigation. During an interview Friday, he frequently chose his words carefully, saying that there was much he couldn't discuss because the work was ongoing.

"The malware was unique," Carrillo said. "It had unique characteristics ... it was ... let's just say it was unique."

More here.

Thursday, January 14, 2010

Interesting: WHOIS Privacy Considered 'Material Falsification'

Ryan Sadler writes on Sedo Domain News:

A recent decision by the Court of Appeals for the 9th Circuit has determined that using WHOIS privacy on domains may be considered “material falsification” under federal law. The defendants in US v. Kilbride (9th Cir., 2009) were convicted under the CAN-SPAM Act in a case that involved criminal charges of intentional email spamming.

Enacted by the US Congress in 2003, the CAN-SPAM Act prohibits false or misleading transmission information, deceptive headers, and requires email solicitations to give an easy opt-out method and be labeled as an advertisement, including the senders physical post address. Commercial emails that use false or misleading headers, or violate other CAN-SPAM provisions, such as falsified registration information, are subject to fines of up to $11,000 for each unsolicited email sent.

The court then made it clear in their ruling that the defendants’ use of private WHOIS information in this case materially falsified the registration information. The court declared that “It should have been clear to the defendants that intentionally falsifying the identity of the contact person and phone number [through WHOIS privacy] for the actual registrant information constitutes intentionally decreasing the ability of a recipient to locate and contact the actual registrant, regardless of whether a recipient may still be left some avenue to do so. We therefore conclude defendants had notice that their conduct violated the CAN-SPAM act.”

More here.

Juniper, Symantec Investigating After Google Attack

Robert McMillan writes on PC World:

Juniper Networks and Symantec said Thursday that they were investigating a widespread cyber-espionage incident that has hit dozens of technology companies, including Google and Adobe.

Sources familiar with the situation say that 34 companies, most of them large Fortune 500 names, were hit by a sophisticated cyber-attack, first uncovered by Google last month. The attackers used a previously unknown "zero-day" attack on Internet Explorer, and possibly other techniques, to break into company networks and steal sensitive information.

The Washington Post reports that Yahoo, Dow Chemical and Northrop Grumman were also attacked.

Juniper and Symantec both acknowledged that they were investigating incidents, but stopped short of saying they had been hacked or of providing any details.

More here.

Tensions Between Google and China Complicate U.S. Diplomacy

Ellen Nakashima and Ariana Eunjung Cha write in The Washington Post:

Google's threat to pull out of China after revelations by the search-engine giant that hackers in China stole valuable corporate secrets from its computer systems comes as the United States is making a concerted push for closer ties with the Asian giant.

A pullout could complicate a delicate diplomatic dance: The Obama administration would like China to make progress on human rights but also needs it to help press Iran and North Korea on nuclear issues and to restructure its economy so its people buy more and export less.

Still, some analysts said, Google's bombshell announcement Tuesday -- which included the news that it would stop filtering Internet searches on its site in China -- could also give the administration an opening to raise sensitive issues, such as human rights and cyber-espionage, without seeming like the aggressor. The broad, sophisticated nature of the attack on Google and at least 33 other firms, including Juniper Networks, Adobe, Yahoo, Symantec, Dow and Northrop Grumman, may move the issue of cyberattacks up on the diplomatic agenda, experts said.

On Thursday, the tech firm McAfee announced that it had isolated the malicious software used to target Google and other companies, exploiting an unknown vulnerability in Microsoft Internet Explorer that allowed the attackers to secretly commandeer the victims' systems.

More here.

SCADA Watch: U.S. Preps Cyber Outfit to Protect National Electric Grid

Michael Cooney writes on the NetworkWorld "Layer 8" Blog:

The US Department of Energy said it would spend $8.5 million to set up a "National Energy Sector Cyber Organization" that would help protect the nation's bulk power electric grid and help integrate smart grid technology with the electric grid.

The idea is to set up an independent national energy sector cyber security organization that would hopefully speed research, development and deployment priorities, including policies and protocols, the DOE stated.

Recently the DOE's acting assistant secretary, Patricia Hoffman stated: "The scope and nature of security threats and their potential impact on our national security require the ability to act quickly to protect the bulk power system and to protect sensitive information from public disclosure. At the same time, we must continue to build long-term programs that improve information sharing and awareness between the public and private energy sector.

"The electric system is not the Internet. It is a carefully tended and balanced system that is critical to the Nation and the people. We must continue to strive towards an electric system that can survive an intentional cyber assault with no loss of critical functions," she stated.

More here.

Note: Gee, somehow that doesn't make me feel any better at all. - ferg

Chinese Hackers Pose a Growing Threat to U.S. Firms

Jessica Guynn writes in The Los Angeles Times:

The scale and sophistication of the cyber attacks on Google Inc. and other large U.S. corporations by hackers in China is raising national security concerns that the Asian superpower is escalating its industrial espionage efforts on the Internet.

While the U.S. focus has been primarily on protecting military and state secrets from cyber spying, a new battle is being waged in which corporate computers and the lucrative valuable intellectual property they hold have become as much of a target of foreign governments as those run by the Pentagon and the CIA.

"This is a watershed moment in the cyber war," James Mulvenon, director of the national-security firm Center for Intelligence Research and Analysis at Defense Group Inc., said Thursday. "Before, the Chinese were going after defense targets to modernize the country's military machine. But these intrusions strike at the heart of American innovation community."

The attacks on Google and several dozen other companies have alarmed government officials and lawmakers who warned that the U.S. may already be losing the battle to protect the nation's besieged cyber infrastructure.

More here.

Google China Cyber Attack Part of Vast Espionage Campaign, Experts Say

Ariana Eunjung Cha and Ellen Nakashima write in The Washington Post:

Computer attacks on Google that the search giant said originated in China were part of a concerted political and corporate espionage effort that exploited security flaws in e-mail attachments to sneak into the networks of major financial, defense and technology companies and research institutions in the United States, security experts said.

At least 34 companies -- including Yahoo, Symantec, Adobe, Northrop Grumman and Dow Chemical -- were attacked, according to congressional and industry sources. Google, which disclosed on Tuesday that hackers had penetrated the Gmail accounts of Chinese human rights advocates in the United States, Europe and China, threatened to shutter its operations in the country as a result.

Human rights groups as well as Washington-based think tanks that have helped shape the debate in Congress about China were also hit.

Security experts say the attacks showed a new level of sophistication, exploiting multiple flaws in different software programs and underscoring what senior administration officials have said over the past year is an increasingly serious cyber threat to the nation's critical industries.

More here.

In Wake of Google’s Stance on China, Silence From U.S.

David E. Sanger and John Markoff write in The New York Times:

Last month, when Google engineers at their sprawling campus in Silicon Valley began to suspect that Chinese intruders were breaking into private Gmail accounts, the company began a secret counteroffensive.

It managed to gain access to a computer in Taiwan that it suspected of being the source of the attacks. Peering inside that machine, company engineers actually saw evidence of the aftermath of the attacks, not only at Google, but also at at least 33 other companies, including Adobe Systems, Northrop Grumman and Juniper Networks.

Seeing the breadth of the problem, they alerted American intelligence and law enforcement officials and worked with them to assemble powerful evidence that the masterminds of the attacks were not in Taiwan, but on the Chinese mainland.

But while much of the evidence, including the sophistication of the attacks, strongly suggested an operation run by Chinese government agencies, or at least approved by them, company engineers could not definitively prove their case. Today that uncertainty, along with concerns about confronting the Chinese without strong evidence, has frozen the Obama administration’s response to the intrusion, one of the biggest cyberattacks of its kind, and to some extent the response of other targets, including some of the most prominent American companies.

More here.

Stanford Student Caught in Google Cyber Attack

Mike Swift writes on The Mercury News:


When Tenzin Seldon, a 20-year-old sophomore at Stanford, logged onto her Gmail account from New York over winter break, she may have helped Google understand the widespread penetration of its network by unidentified hackers in China.

Unknown to Seldon, a regional coordinator of Students for a Free Tibet, at the same moment she was reading her e-mail in Queens, someone in China was logged into her account as well. Top Google officials, including chief legal officer David Drummond, later told Seldon that the suspicious situation alerted them that she was one of the human rights activists whose electronic mail was routinely being spied upon by someone in China.

"That the long arm of Chinese security could reach all the way to my home here at Stanford is something I never would have suspected," said Seldon, the first activist targeted in the cyberattack to be identified. "It's very disturbing when your Gmail account, which is as personal as it gets, can be hacked into and breached."

More here.

Yahoo Reportedly Also Hit by China Hackers

Robert McMillan writes on ComputerWorld:


Yahoo was one of more than 30 companies hit by a sophisticated online attack from China, designed to steal intellectual property and collect information on Chinese dissidents, several news sources reported Thursday.

The news follows revelations Tuesday that Silicon Valley giants Google and Adobe had also been targeted by the hackers, who are thought to be from China. According to sources familiar with the matter, 34 companies in total have been affected -- and more names are expected to come to light in the next few days.

Google has threatened to effectively pull its business out of China, in part, because of the incident.

Bloomberg and other news outlets named Yahoo as a victim Thursday, citing unnamed sources familiar with the situation.

More here.

Pizza Delivery Man Cops to Life in DarkMarket

Dan Goodin writes on The Register:

A former London pizza delivery man faces a 10-year prison sentence after admitting he helped found the notorious DarkMarket forum for computer crime, several news sites reported.

Renukanth Subramaniam, a 33-year-old Sri Lanka-born man from North London, pleaded guilty at Blackfriars Crown Court in London to conspiracy to defraud and furnishing false information. Authorities say he joined DarkMarket on its first day of operation in late 2005 and helped build it into an online resource for payment card fraud, with a thriving exchange for buying and selling stolen data and its own secure payment system.

DarkMarket operated for three years and had about 2,500 members at its peak. To be accepted, candidates had to provide details of 100 compromised cards to reviewers, who would then verify their validity. Members were required to adhere to a strict code of conduct that forbid foul language and pornography and demanded a kind of honor among thieves.

More here.

Hackers Used IE Zero-Day, Not PDF, in China-Google Attacks

Gregg Keizer writes on ComputerWorld:

Hackers exploited an unpatched vulnerability in Microsoft's Internet Explorer (IE) browser to break into some of the firms targeted in a widespread attack that compromised Google's and Adobe's corporate networks, McAfee said today.

According to Dmitri Alperovitch, vice president of threat research at McAfee, the unpatched vulnerability in IE was the only exploit used to hack into several of the companies attacked in December and early January. McAfee did not collaborate with all victims of the attacks -- researchers from VeriSign iDefense have put the total at 33 -- but in all its cases the evidence was the same.

"There could be other forms of attacks," Alperovitch said, "but in all we investigated, it was the same kind of attack, and the same exploit of IE, which was the only exploit we have found in all the malware we have examined."

Alperovitch said that Microsoft would release additional information about the IE vulnerability in a later security advisory. Other sources, who asked to remain anonymous because they were not officially allowed to comment, said that Microsoft would release its advisory today.

More here.

Alleged China Attacks Could Test U.S. Cyber Security Policy

Jaikumar Vijayan writes on ComputerWorld:

The attacks on Google and more than 30 other Silicon Valley companies by agents allegedly working for China is focusing renewed attention on the issue of state-sponsored cyber attacks and how the U.S. government should respond to them.

The U.S. has no formal policy for dealing with foreign government-led threats against U.S. interests in cyberspace. With efforts already under way to develop such a policy, the recent attacks could do a lot shape the policy and fuel its passage through Congress.

In a revelation that was surprising for its boldness, Google on Tuesday said that agents possibly working on behalf of the Chinese government had hacked into its computers -- and those of more than 30 other multi-national companies.

This is not the first time Beijing has been accused of state-sponsored espionage. Over the past five years, China has been implicated in dozens of attacks involving U.S. commercial, government and military targets. The most sensational of these involved a Chinese hacking group called Titan Rain, which in the early 2000s is believed to have stolen U.S. military and nuclear information.

More here.

Researchers Identify Command Servers Behind Google Attack

Ryan Paul writes on ARS Technica:

VeriSign's iDefense security lab has published a report with technical details about the recent cyberattack that hit Google and over 30 other companies. The iDefense researchers traced the attack back to its origin and also identified the command-and-control servers that were used to manage the malware.

The cyber-assault came to light on Tuesday when Google disclosed to the public that the Gmail Web service was targeted in a highly-organized attack in late December. Google said that the intrusion attempt originated from China and was executed with the goal of obtaining information about political dissidents, but the company declined to speculate about the identity of the perpetrator.

Citing sources in the defense contracting and intelligence consulting community, the iDefense report unambiguously declares that the Chinese government was, in fact, behind the effort. The report also says that the malicious code was deployed in PDF files that were crafted to exploit a vulnerability in Adobe's software.

"The source IPs and drop server of the attack correspond to a single foreign entity consisting either of agents of the Chinese state or proxies thereof," the report says.

More here.

Wednesday, January 13, 2010

Mark Fiore: Whose Marriage Is It?



More Mark Fiore brilliance.

Via The San Francisco Chronicle.

Enjoy.

- ferg

In Passing: Teddy Pendergrass


Teddy Pendergrass
March 26, 1950 — January 13, 2010

Law Firm That Sued Chinese Government Reports Cyber Attack

Sam Diaz writes on the ZDNet "Between The Lines" Blog:

The Los Angeles law firm representing a software company that filed a software piracy suit against the People’s Republic of China last week said today that it has been the victim of a cyber-attack that originated in China this week.

On Monday evening, the lawyers at the firm of Gipson, Hoffman and Pancione in Los Angeles began receiving trojan e-mails made to appear as if they were sent from within the firm. It remains unclear yet whether any of attacks were successful at allowing attackers access to any data. The attacks, which have been reported to the FBI and are under investigation, come a day after Google announced that it had been attacked from within China and threatened to shutter its Google.cn site.

Google said yesterday that at least 20 other large companies in the Internet, finance, technology, media and chemical sectors were similarly targeted. Adobe confirmed yesterday that it was victim of a “sophisticated” and “coordinated” attack on its corporate network systems, though it was unclear if that attack originated in China. Adobe became aware of the attack on January 2, 2010.

More here.

Hackers Used Rigged PDFs to Hit Google - And Adobe, Says Researcher

Gregg Keizer writes on ComputerWorld:

Adobe today confirmed that the cyberattack that hit its corporate network earlier this month was connected to the large-scale attacks Google cited yesterday as one reason it might abandon China.

Meanwhile, some researchers have hinted, and others have claimed, that the attacks against both Google and Adobe were based on malicious PDFs that exploited a just-patched vulnerability in Adobe's popular Reader software.

Adobe is the first company to step forward after Google announced yesterday that the attacks were aimed at accessing Gmail accounts of human rights activists.

"We are still in the process of conducting our investigation into the incident," said Wiebke Lips, Adobe's senior manager of corporate communications, in an e-mail reply to questions today. "[But] It appears that this incident and the one Google announced earlier are related."

Yesterday, Google and Adobe acknowledged that their company systems had been struck by what both firms characterized as "sophisticated" attacks. Google added that it believed the attacks against its network, which took place last month, originated in China.

More here.

Hacking Risks Persist Even if Firms Leave China

Jeremy Kirk writes on ComputerWorld:

Google and other enterprises still face a bleak computer security landscape that makes their companies vulnerable to hackers, whether they do business in China or not, analysts say.

Google's chief legal officer revealed on Tuesday that the company and more than 20 other technology, financial and software companies were targeted by hackers, motivated to steal intellectual property and intelligence on human rights activists.

In protest, Google said it would stop censoring search engine results as demanded by the Chinese government and is considering halting its business within the country.

"I think the logic is clear: Google is disappointed, perhaps, with the result of its policy to agree to be censored in China," said Whit Andrews, lead Google analyst for Gartner. "They are no doubt frustrated by security breaches which they perceive are related to their existence in China."

But Andrews and others analysts say the distributed nature of the Internet means Google and other enterprises are at no less risk from hackers sympathetic to Chinese policy by not doing business in that country.

More here.

Money Mules Helped to Rob W. Va. Bank

Brian Krebs:

I have written a great deal about how organized cyber gangs in Eastern Europe drained tens of millions of dollars from the bank accounts of small- to mid-sized businesses last year. But new evidence indicates one of the gangs chiefly responsible for these attacks managed to hack directly into a U.S. bank last year and siphon off tens of thousands of dollars.

On July 30, 2009, at least five individuals across the United States each received an electronic transfer of funds for roughly $9,000, along with instructions to pull the cash out of their account and wire the funds in chunks of less than $3,000 via Western Union and Moneygram to three different individuals in Ukraine and Moldova.

The recipients had all been hired through work-at-home job offers via popular job search Web sites, and were told they would be acting as agents for an international finance company. The recruits were told that their job was to help their employers expedite money transfers for international customers that were — for some overly complicated reason or another — not otherwise able to move payments overseas in a timely enough manner.

The money was sent to these five U.S. recruits by an organized ring of computer thieves in Eastern Europe that specializes in hacking into business bank accounts. The attackers likely infiltrated the bank the same way they broke into the accounts of dozens of small businesses last year: By spamming out e-mails that spoofed a variety of trusted entities, from the IRS, to the Social Security Administration and UPS, urging recipients to download an attached password-stealing virus disguised as a tax form, benefits claim or a shipping label, for example. Recipients who opened the poisoned attachments infected their PCs, and the thieves struck gold whenever they managed to infect a PC belonging to someone with access to the company’s bank accounts online.

More here.

Google Hack Hit 33 Other Companies

John E. Dunn writes on Techworld.com:

The plot thickens. According to iDefense Labs, the recent Internet attack that has so upset Google affected 33 other US tech and defence firms and is directly related to an Adobe Reader-based attack of last July.

The US flaw-hunting specialist said that the attack was an attempt to steal source code on an industrial scale and was, in many cases, probably successful. If correct, this might explain why Google has by its own normally quite restrained standards gone ballistic to the extent of threatening to quit China.

"Two independent, anonymous iDefense sources in the defense contracting and intelligence consulting community confirmed that both the source IPs and drop server of the attack correspond to a single foreign entity consisting either of agents of the Chinese state or proxies thereof," said the iDefense press statement, confirming what the world already knows.

It now turns out that Adobe itself was targeted in the latest alleged Chinese attacks, as a statement on its own website explains.

More here.

Tuesday, January 12, 2010

Google Hack Raises Serious Concerns, U.S. Says

Robert McMillan writes on PC World:

A coordinated hacking campaign targeting Google, Adobe Systems and more than 30 other companies raises serious concerns, U.S. Secretary of State Hillary Clinton said Tuesday.

In a statement released late Tuesday night, Clinton said that the U.S. government is taking the attack -- which Google said came from China -- very seriously. "We have been briefed by Google on these allegations, which raise very serious concerns and questions," she said. "We look to the Chinese government for an explanation."

Sources familiar with the situation say that more than 30 U.S. companies, including Adobe Systems, were hit by this targeted attack, which Google first discovered in mid-December. Using an attack that exploited an unpatched bug in widely used software, the attackers were able to gain footholds in these companies and siphon out valuable intellectual property.

In Google's case the attackers also gained access information about the e-mail accounts of Chinese dissidents.

More here.

U.S. Army Housing Website Hacked

Kelly Jackson Higgins writes on Dark Reading:

Romanian hackers continue to have a field day with SQL injection flaws in major Website applications: A vulnerability in a U.S. Army Website that leaves the database wide open to an attacker has now been exposed.

"TinKode," a Romanian hacker who previously found holes in NASA's Website, has posted a proof-of-concept on his findings on a SQL injection vulnerability in an Army Website that handles military housing, Army Housing OneStop. TinKode found a hole that leaves the site, which has since been taken offline, vulnerable to a vulnerable to a SQL injection attack. "With this vulnerability I can see/extract all things from databases," he blogged.

TinKode was able to gain access to more than 75 databases on the server, according to his research, including potentially confidential Army data. He also discovered that the housing site was storing weak passwords in plain text. One password was AHOS, like the site's name.

"Four-character passwords that are the same name as the database table names are inexcusable," says Robert "RSnake" Hansen, founder of SecTheory.

More here.

E-Mail Leak Has Google Threatening to Leave China

An AP newswire article by Michael Liedtke, via SFGate.com, reports that:

Google Inc. said Tuesday it might end its operations in China after it discovered that the e-mail accounts of human rights activists had been breached.

The company disclosed in a blog post that it had detected a "highly sophisticated and targeted attack on our corporate infrastructure originating from China." Further investigation revealed that "a primary goal of the attackers was accessing the Gmail accounts of Chinese human rights activists," Google said in the post written by Chief Legal Officer David Drummond.

Google did not specifically accuse the Chinese government. But the company added that it is "no longer willing to continue censoring our results" on its Chinese search engine, as the government requires. Google says the decision could force it to shut down its Chinese site and its offices in the country.

More here.

Hackers Pluck 8,300 Customer Logins From NY Bank Server

Dan Goodin writes on The Register:

Hackers have stolen the login credentials for more than 8,300 customers of small New York bank after breaching its security and accessing a server that hosted its online banking system.

The intrusion at Suffolk County National Bank happened over a six-day period that started on November 18, according to a release [.pdf]) issued Monday. It was discovered on December 24 during an internal security review. In all, credentials 8,378 online accounts were pilfered, a number that represents less than 10 percent of SCNB's total.

"Although the intrusion was limited in duration and scope, SCNB immediately isolated and rebuilt the compromised server and took other measures to ensure the security of data on the server," the bank, located about an hour east of New York City, stated. "To date, SCNB has found no evidence of any unauthorized access to online banking accounts, nor received any reports of unusual activity or reports of financial loss to its customers."

More here.

DARPA's Massive Cyber Security Project Awards $56 Million for Research

Michael Cooney writes on the NetworkWorld 'Layer 8' Blog:

Researchers at the Defense Advanced Research Projects Agency (DARPA) today awarded almost $56 million to two contractors it expects will develop the second phase of technologies that it promises will be revolutionary and bolster current cyber security technology by orders of magnitude. DARPA spent $30 million to develop Phase 1.

The contracts are part of DARPA's ambitious National Cyber Range program the agency says will develop revolutionary cyber research and development technologies. DARPA states that the NCR will advance myriad security technologies and "conduct unbiased, quantitative and qualitative assessment of information assurance and survivability tools in a network environment."

Today's announcement shows Lockheed Martin got $30,803,319 and John Hopkins University Applied Physics Laboratory received $24,777,235 to continue developing the program. Lockheed got $5.3 million in the first round of development and Johns Hopkins got $7.3 million. Others such as BAE Systems, General Dynamics and Northrop Grumman split up the rest of the initial $30 million contract for phase 1.

More here.

ISP Operators Among 19 Arrested in Cyber-Fraud Case

Robert McMillan writes on ComputerWorld:

The owner of a Dallas-based Internet service provider that was raided last April has been charged with participating in a conspiracy to defraud more than US$15 million from companies such as Verizon, AT&T and XO Communications.

Matthew Simpson, 25, of Red Oak, Texas, is one of 19 people charged in the case, according to a grand jury indictment that was unsealed late last week.

His Dallas company, Core IP Networks, was raided by FBI agents on April 2, 2009. At the time, Simpson claimed that his company and nearly 50 of his customers were the innocent victims of another's actions.

"The only data that I have received thus far is that the FBI is investigating a company that has purchased services from Core IP in the past," he wrote in a note posted to Google Sites on the day of the raid. "This company does not even colocate with us anywhere."

But according to federal prosecutors, Simpson was an active participant in a long-running scam to set up companies that fraudulently obtain lines of credit and then resell telecommunications services before skipping out on the bills.

More here.