Category: Trends

Walters, who says he has 22 years of experience in the field, helped prepare 48 students from Marshall Academy in Falls Church, Va., who competed in the CyberPatriot contest this year.

Listings for cybersecurity positions rose 73 percent in the five years through 2012, 3.5 times faster than postings for computer jobs as a whole, according to Boston-based Burning Glass, a labor market analytics firm that collects data from more than 22,000 online jobs sites.

Just more than a month after graduating in December from Carnegie Mellon University in Pittsburgh with a master’s degree in information security technology and management, he started working at defense contractor Raytheon Co.

“Cybersecurity is a good field these days to get into — there are a lot of people out there looking for talent,” said the 24-year-old, who got offers from all six of the potential employers he interviewed with.

To prepare the next generation of specialists, the federal government’s National Security Agency is working to strengthen college-level education through its National Centers of Academic Excellence in Cyber Operations program, which gives a designation to universities that meet curriculum and other criteria.

Companies and government agencies are finding many candidates exiting college programs inadequately prepared for high-skill jobs crucial to cybersecurity, said Frank Reeder, co- founder of the Center for Internet Security in East Greenbush, N.Y., and former senior official at the U.S.

A spate of recent disclosures by corporations about security breaches include social network Facebook, which said it was targeted in a “sophisticated attack” by hackers in January who installed malware on laptops used by company employees.

U.S. companies and public sector organizations will raise outlays on computer security to an estimated $89.1 billion in the fiscal year ending October 2013, more than double the 2006 level, according to data collected by the Ponemon Institute. and analyzed for Bloomberg.

Each year JPMorgan Chase “spends approximately $200 million to protect ourselves from cyberwarfare and to make sure our data are safe and secure,” with 600 people dedicated to it, Chief Executive Officer Jamie Dimon wrote last month in a letter to shareholders.

“There’s a lot of really talented hackers or people with cybersecurity skills — it’s finding those folks who want to use their skills for good, not evil.”

A participant in last year’s CyberPatriot contest earned certifications and went from high-school to a job paying $62,000, said Bernie Skoch, the commissioner for the competition at the Air Force Association, a nonprofit, independent group that supports the service through educational and promotional programs.

Link: http://www.dailyherald.com/article/20130525/business/705259991/

Despite the numerous security incidents that took place during the first quarter of the year, the fight against cyber crime is on the right track, and though there is still a long way to go, international co-operation among security agencies is beginning to pay off and criminals around the world are being brought to justice.

“The start of the year has seen some serious cyber attacks, including the hacking of the Twitter accounts of major organizations such as the BBC or Burger King, and one of the biggest attacks ever, targeting some of the world’s leading technology companies: Apple, Facebook, Microsoft and Twitter. But there have been some victories for security forces as well, including the arrest of a group of hackers accused of extortion using the infamous ‘Police Virus,’” says Luis Corrons, technical director of PandaLabs.

Also in January, the FBI published details of an investigation that began in 2010 and thwarted a gang of cyber criminals who had infected more than a million computers since 2005.

On February 1, Twitter published an article on its blog (“Keeping our users secure”) detailing how the social network had fallen victim to an attack resulting in unauthorized access to the details of some 250,000 Twitter users. A couple of weeks later, Facebook also released an article on its blog, “Protecting People On Facebook,” acknowledging that their systems had been targeted by a sophisticated attack. The Twitter account of car company Jeep was also the victim of a similar attack, in this case stating that the company had been bought out by Cadillac. On January 30, The New York Times ran a front-page article explaining how they had been victims of an attack that had allowed their computers to be accessed and spied on for months.

Interestingly, in both incidents the attackers were able to access all types of data (customer details, etc.), yet only focused on information about journalists and employees, trying to find any reference to investigative journalism regarding China, and in particular, looking for the papers’ sources.

Some weeks later, Mandiant published a damning 76-page report (APT1: Exposing One of China’s Cyber Espionage Units, http://intelreport.mandiant.com/) explaining how Unit 61398 of the Chinese army has specialized in cyber-espionage. The report revealed more than 3,000 pieces of evidence showing how this unit has been running since at least 2006, stealing information from no less than 141 organizations worldwide.

For some years now, people have turned their gaze to China whenever this type of incident occurs, yet without any real evidence that the Chinese government is behind such attacks. Now, for the first time, it has been proven that the Chinese army is actively involved in espionage on a global scale, infiltrating companies across many sectors and stealing information,” explained Corrons.

Link: http://www.dfinews.com/news/2013/05/fight-against-cyber-crime-right-track

Formed in 2005 to help address the problem of compromised computers – sometimes referred to as bots, or drones – connected to the internet, AISI collects data from various sources on devices exhibiting odd bot-like behaviour on Australian IP addresses.

The detailed statistics on malware infections show that on average during this financial year about 16,500 malware reports have been provided to AISI participants each day – representing what the authority says is a “significant level of malware” affecting Australians.

“Once infected with malware, a user’s personal identity information can be stolen and their infected computing device used to harm and infect other internet users,” said Richard Bean, the authority’s deputy chairman. “Just as the internet increasingly provides rapid access to information about news, events and the activities of friends and family, it should also enable Australians to quickly get information about online risks and threats such as malware infections.”

The authority said the most prevalent infection type currently being reported are numerous variants of Zeus, which is primarily used for banking fraud, and, among other things, can intercept and modify an infected user’s online banking transactions.

Link: http://www.smh.com.au/it-pro/security-it/malware-fight-goes-public-on-the-web-20130522-2k036.html

The lobby group is concerned that the cost to the wider economy could be much greater, as small businesses refuse to trade online because they believe the security framework does not give them adequate protection.

Mike Cherry, FSB chairman, said: “Cyber crime poses a growing threat for small firms and it isn’t something that should be ignored. “While we want to see clear action from the Government and the wider public sector, there are clear actions that businesses can take to help themselves.”

The FSB issued 10 tips to help businesses protect themselves, including a combination of standard security protection steps (e.g. putting up a firewall and using antivirus and anti-spam software); carrying out regular security updates on all software and devices; and ensuring there is a resilient IT system and email password policy. The Government has urged small companies to spend more on security to address the rise in cyber crime and meet the terms of a tough EU directive.

Link: http://www.telegraph.co.uk/finance/yourbusiness/10069374/Cyber-crime-costs-small-companies-800m-a-year.html