The Americas Security News.- Michael J. "Mike" Rogers

The chairman of the House Intelligence Committee Rep. Mike Rogers (R., Mich.), said Sunday that recent reports about Chinese hacking show the U.S. is losing a global cyber war. “We get [hit] every single day by a whole series … of attacks, everything from criminals trying to get into your bank account or steal your identity, to nation states like China who are investing billions and hiring thousands,” he said. READ MORE HERE

java logo

Computer users are being advised by security experts to disable Oracle Corp.’s widely used Java software after a security flaw was discovered that they say hackers are exploiting to attack computers.

“Java is a mess. It’s not secure,” said Jaime Blasco, Labs Manager with AlienVault Labs. “You have to disable it.”

Java, which is on hundreds of millions of PCs around the globe, is a computer language that lets programmers write software using just one set of code that will run on virtually any type of computer.

It lets Web developers make sites accessible from browsers running on Microsoft Corp. Windows PCs or Macs from Apple Inc.

Computer users access those programs through modules, or plug-ins, that run Java software on top of browsers such as Internet Explorer and Firefox. READ MORE HERE

Lieutenant General Keith B. Alexander, Director of National Security Agency

Frustration has grown on Capitol Hill, in no small part due to explicit warnings about the growing cyberthreat from the nation’s top military leaders, General Keith Alexander, director of the National Security Agency NSA, who also leads the Pentagon´s  new US Cyber Command and General Martin Dempsey, chairman of the Joint Chiefs of Staff.

“The cyberthreat is real and demands immediate action,” General Alexander wrote in a letter to  Senate Majority Leader Harry Reidin late July. “The time to act is now; we simply cannot afford further delay.” This created opposition from the US Chamber of Commerceand other business groups, and  Senator Jay Rockefeller (D) of west Virginiatook the unusual step Wednesday of writing the CEOs of the 500 largest US companies to request their views on cybersecurity and the legislation aimed at protecting the nation’s critical infrastructure from computer attacks.

The Americas Post - Shawn Henry says we're in for big trouble. Photo Credit: FBI

A high-ranking official retiring from the Federal Bureau of Investigation has grim words about public and private attempts to block cyberattacks on corporate targets: “We’re not winning.”

Shawn Henry, the FBI’s executive assistant director for cybersecurity, told the Wall Street Journal that the government and private companies are incapable of protecting sensitive data from hackers. He described current tactics as “unsustainable,” saying that cybercriminals penetrate defenses with relative ease.

Henry, now departing the FBI after twenty years, gave his pessimistic appraisal as Congress tries to deal with the problem via two competing measures aimed at improving security at power plants, nuclear reactors and other infrastructure.

One Senate bill, in an attempt at bipartisanship, strips away a controversial Internet “kill switch” and makes other concessions. The authors stress the desperate need for a new cybersecurity plan at a time when major data breaches and denial-of-service attacks are increasingly making the headlines, however, several Republican senators have raised concern with the bill and have urged Senate leaders to allow time for other committees to weigh in.

Henry, who is departing the FBI for a cybersecurity job at an unnamed Washington firm, advocates companies make major changes to persistently vulnerable networks.

“I don’t see how we ever come out of this without changes in technology or changes in behavior, because with the status quo it’s an unsustainable model. Unsustainable in that you never get ahead, never become secure, never have a reasonable expectation of privacy or security,” he told the Wall Street Journal.

On the congressional front, the bill introduced last month in the Senate, the Cybersecurity Act of 2012, calls on the Department of Homeland Security to consolidate cybersecurity programs into one office — the National Center for Cybersecurity and Communications.

At the heart of the bill is a requirement that the federal government identify the most critical components of the country’s cyber-infrastructure and require them to meet certain security standards. This would cover everything from the nation’s power to water to transportation services.

The bill would require DHS to look at systems that could, among other scenarios, severely damage the economy or cause widespread casualties if they were disrupted in a cyberattack. Operators would work with DHS to secure those systems.

The Americas Post Security News. U.S. Armed Forces, including this fighter, shift operations to the cloud. Photo Credit iStockPhoto

To defend the U.S. military’s information assets, Pentagon leaders say defense computers must be tied to the cloud — meaning an online environment that can be centrally locked down. Yet it’s difficult to police parts of that environment manufactured or even housed in countries that stand accused of cyberespionage, experts say.

The shift of military operations to the cloud  will require protecting electronics manufactured in Asia from supply chain tampering, say some private security auditors. But that won’t necessarily mean inspecting every network component made in China

“Our clouds are running off of hardware that’s built in China,” said…READ MORE HERE

The Americas Post - If Symantec can be hacked, it means that no one is safe

One of the biggest security firms in the world was embarrassed this week when hackers stole the source code for Symantec’s industry-leading anti-virus program.

The code theft from the security company will probably not affect the average computer user or compromise his computer, analysts say, but is a serious image problem for the Fortune 500 company.

In a statement to Computerworld.com late Thursday, the California-based firm confirmed that source code used in two of its older security products was publicly exposed by hackers this week.  The compromised code — between four and five years old — does not affect Symantec’s consumer-oriented Norton products as previously speculated, Symantec said.

“Our own network was not breached, but rather that of a third-party entity,” the statement claimed. “We are still gathering information on the details and are not in a position to provide specifics on the third-party involved. Presently, we have no indication that the code disclosure impacts the functionality or security of Symantec’s solutions.”

Symantec spokesman Cris Paden told Computerworld that the two affected products were Symantec Endpoint Protection 11.0 and Symantec Antivirus 10.2, both of which are more than five years old.

“We’re taking this extremely seriously, but in terms of a threat, a lot has changed since these codes were developed,” Paden told the website. “We distributed 10 million new signatures in 2010 alone. That gives you an idea of how much these products have morphed since then, when you’re talking four and five years.”

An Indian hacking group reportedly identifying itself as Lords of Dharmaraja claimed it had accessed source code for Symantec’s Norton AV products. Using the handle “YamaTough,” a member of the group initially posted several documents on Pastebin and Google+ that were purportedly proof that the group had accessed Symantec’s source code.

In a blog post on the code leak, Rob Rachwald, director of security for Imperva, a U.S.-based data security company based, said the incident isn’t likely to keep the Symantec folks “awake too late” at night.

“After all, there isn’t much hackers can learn from the code which they hadn’t known before,” Rachwald wrote. “Why? Most of the anti-virus product is based on attack signatures. By basing defenses on signatures, malware authors continuously write malware to evade signature detection (in 2007, antivirus could only detect between 20-30% of malware).”

This Campaign reminds online shoppers to be prepared and fully aware of the cybersecurity risks of theft, fraud and abuse.

While many businesses offer great deals during Cyber Monday, some cyber criminals may try to take advantage of unsuspecting online shoppers.

Follow these simple steps to protect yourself and your personal information online…READ MORE HERE

Photo Credit Matt Cardy Getty Images

The FBI is also warning about Cyber Monday and potential criminal activities.  The New England office of the FBIis warning consumers to be on guard for cyber-criminals, cyber-con men and cyber- snake oilpedlars. READ MORE HERE

Security: Joe Parry from Cambridge Intelligence and Victor Bjorgan, CEO og Global Security Services LLC and Publisher of TheAmericasPost.com, during the EISIC 2011 Conference.

How should we communicate the results of our analysis to decision-makers? How to visualize key information for decision makers?  The talk of Joe Parry argued that visualisations and infographics play a very important role, not only for analytical processes of data analysts, but also for explaining the analytical results to decision-makers at the highest of levels.

Some care must be taken to avoid various common pitfalls when designing such visuals: the talk will cover bad examples as well as good in order to uncover design guidelines and practical advice for those wishing to pursue a more visual approach.

in that sense, Joe Parry initiated his keynote that these visualization tools are specially important for law enforcement and National Security. In that sense he recalled an old saying ” a good sketch is better than a long speech”.

What is visualitation? asked Parry to the conferencists. Well , a good visualitation does not consist in just good pictures.

About graphs and numbers, Parry said that the use of interactive data and vissualy representation of data is used to amplify cognition. Parry briefly described how a good visualization helps in the Intel analysis. Described some common pitfalls in data visualization. he recommend the reading of the book written by Westell, Duncan and Weeks on visualization in Intel analyIntel analysissis.

Parry also described a model of intelligence analyzing processes. The final product of such analysis is a report.

In the reports, he does not recommend the use of colours to describe the visual variables. He recommend the use of Kinley Visual variables.

To start the visualization of the Analysis in its low phase, Parry mentioned the visualization of pattern of life, but said this is a analytical tool, not a decission tool. He also said that this analysis must be simplified, not use numbers.

During his keynote speech, Joe Parry showed a photograph of former President George Bush looking a wall full of sketches with the networks and interrelations of all individual terrorists participants in the attacks of September 9/11. It was a very confusing material, President Bush was looking at in this photo. Not the best intelligence visualization report.  President Bush was not looking in the photo at a screen with the three followings ingredients that are important in any report: geovisualization, timeline visualization and network visualization.

Parry said, that if only using that photo, it was impossible for former President Bush tot ake any intelligence decission, because there is no report, but only information.

In things not to do, Joe Parry also told participants that it is no good to put pies in the reports, neither 3D presentations. The intelligence reports for decission makers must avoid the use of colour since there is often a color blind among the public. He recommends not to use labels, simplicity instead  of complexity, no use of black backgrounds, no use of pie charts, not use of misleading scales.

Joe Parry showed enthusiasm while talking about the infographics reports of the New York Times NYT. He said the NYT infographics show all needed info to understand what is happening.

Summarizing, Parry described some of what he called as ” design guidelines” for any Intel report, like  first an overview, always  aim for clarity, show context, show how the situation has changed, make comparison easy, all visual elements must be backed by data, and that the report should be so clear and convincing that the decission makers will act backed by the report.

To know more about the subject, Joe Parry from Cambridge Intelligence mentioned some sites that can be of interest like:

flowingdata.com

infosthetics.com (slow uploading, be patient..)

visualcomplexity.com

nytgraphics.com

stamen.com

visualization.org

Finally, Joe Parry ended his keynote speech saying to all participants: “Back Up everything you say!”

Joe Parry´s email address is joe@cambridge-intelligence.com

His twitter is @parry_joe

Phone nr: 07973 787 233

His address is:

idea Space

The Entrepreneurship Centre

3 Charles Babbage Road

Cambridge CB 3 OGT

Biographical Details:
Joe Parry has worked on visualization and graphics systems for intelligence work for the last thirteen years.
During that time he has done software development, design, systems architecture and more experimental
research projects. He has worked with the intelligence communities of the UK, US and other countries. His
recent professional interests include social network analysis and web-based visualisation systems. This year he started his own software company which is producing what he hopes will be part of a new wave of
investigation software.

Dr.Nasrullah Memon, Program Chair of EISIC 2011 in exclusive interview with TheAmericasPost.com

On the occasion of the EISIC (September 12-14,2011) held in Athens, we interviewed the Program Chair of the event Dr. Nasrullah Memon, professor at the University of Southern Denmark and member of the Steering Committee of the European Intelligence & Security Informatics Conference EISIC on Counterterrorism and Criminology. The event was organized jointly with The International Symposium on Open Source Intelligence and Web Mining (OSINT-WM 2011), and having as Academic Sponsors The University of Arizona, University of Southern Denmark,  and The Hellenic American University, as technical co-sponsor the IEEE Computer Society, as local organizer the Hellenic American University and SPRINGER as the Industry Sponsor.

During the interview, Dr. Memon gave details about EISIC (past, present and future plans) , how the Intelligence Community can take advantage of the Intelligence & Security Informatics discipline, the relationship between counterterrorism and computational criminology, the role of Higher Education, as well as differents kinds of Crime involving information and communication technologies. The privacy problem was also analized during the conversation.

Here is an excerpt of a very interesting interview with one of the world´s most brilliant minds in Defense, Counterterrorism and Security Informatics, Dr. Nasrullah Memon.

Dear Dr. Memon, could you please tell us what is EISIC 2011? Please elaborate on its creation, mission, objectives and members.

EISIC is the European chapter of Intelligence and Security Informatics (ISI) series of conferences. The conference is dynamic and allows academicians, researchers and practitioners to keep abreast of new tools and methodologies in the area of Intelligence Security and Informatics. It is also a venue that fosters networking opportunities for people working in this scientific area.

After my graduation (PhD Defense), Professor Hsinchun Chen, Director, Artificial Lab, University of Arizona, the founder of ISI series of conferences encouraged us to organize the European chapter of ISI. In this context, the first event was organized under the name of EUROISI 2008 at Esbjerg, Denmark.  That event was organized more as a workshop than a conference and it was not very well attended.

In September 2010, while Professor Hsinchun Chen visited University of Southern Denmark, we discussed how to re-organize the European chapter of ISI as an annual event in order to create a consortium involving academic researchers in information technologies, computer science, public policy, criminology, and social and behavior studies as well as local, national, and European law enforcement and intelligence experts, and information technology industry consultants and practitioners to support counterterrorism and national/international security missions of anticipation, interdiction, prevention, preparedness and response to terrorist acts. In other words the mission and objectives for the organization of EISIC series of conferences that came out from the discussions with Prof. Chen are to provide opportunities to establish a European network in the area of Intelligence and Security Informatics.

The organization of the conference was a very difficult task and we started working for the success of the event from September 2010 with the collaboration of Hellenic American University, University of Southern Denmark and University of Arizona. We formed a team from the above mentioned academic institutes and Hellenic American University accepted to host EISIC 2011 in Athens, Greece while University of Southern Denmark accepted to host EISIC 2012 in Odense, Denmark.  As per program chairs, Daniel Zeng and me invited around 100 researchers from academia and industry to work as program committee members. We received 111 submissions for EISIC 2011 and we accepted 27% of high quality papers as LONG papers based on the peer-review process.  The research articles were received from 41 countries from all sub-continents.

The founding members of EISIC 2011 are: Prof. Hsinchun Chen, Prof. George J. Hagerty, Professor Uffe Kock Wiil, Professor Triant Flouris, Dr. Panagiotis Karampelas and myself.

What is your assessment of the conference in Athens?

As per feedback from the audience we found it was a very successful event. The keynote speeches as well as the paper presentations were very well attended by the participants and there were a lot of positive comments on the quality of the presentations. There were also a lot of opportunities for networking between the participants and we witnessed several discussions about future collaborations between the participants. I would like to mention at this point that the host organization played a vital role in the success of the conference sponsoring the expenses of keynote speakers and finding alternatives of certain problems we faced because of unforeseen incidents such as strikes, etc.

What activities does EISIC plan to carry out in the near future?

We have a number of long and short term plans in the area of Intelligence and Security Informatics.  We have established the Counterterrorism Research Lab at University of Southern Denmark in October 2009.  Behind the lab there is a small group of researchers (around 10, one Professor, one Associate Professor and several PhD students) working in the area of ISI. We are publishing our research articles in the area in various conferences and journals and we try to establish connections with various law enforcement bodies and intelligence services providing them with our cutting edge technology and experience. Concerning EISIC, we plan to organize EISIC 2012 at our University at Odense on August 22-24, 2012. We also received a number of informal proposals for the organization of collocated events. As soon as we receive formal proposals, we’ll decide accordingly. We have also received informal proposals for the organization of EISIC 2013 and EISIC 2014 in Italy and Sweden respectively. The steering committee will decide as soon as we receive formal proposals for the organization of EISIC and related events in future.

In regard to the Intel discipline, where do you classify the Intelligence Security Informatics ISI? Is it a separate intelligence discipline in and of itself, or part of other intel disciplines like HUMINT, SIGINT, IMINT, etc.?

ISI is a discipline where INTEL disciplines could be benefited. Let us take an example; we are working on a research project (sponsored by the Faculty of Engineering, University of Southern Denmark): Developing an Early Warning System to predict Terrorist Threats. Mostly we use OSINT (Open Source Intelligence), but there is room for counterterrorism experts/INTEL to work. We do not have yet a formal collaboration with INTEL agencies, but I’m sure INTEL people could be benefited as well from ISI research.

What role does higher education play in ISI?

As this is a new inter-disciplinary area, higher education can play a vital role in encouraging students from Sociology, Anthropology, Psychology, Criminology, Computer Science, and Applied Mathematics to adopt research in the area of ISI in order to educate experts to help us in building a SAFE AND SECURE WORLD. It is also a need of the hour to train INTEL people with this emerging area of research.

What is the relationship between counter-terrorism and computational criminology?

Computational criminology like Countering terrorism is an emerging blend of criminology, anthropology, social computing, computer science and applied mathematics. Modern concerns about public safety and security include a focus on a range of events from less serious everyday crimes like shoplifting to personal violent crimes like homicide and ultimately terrorism. Underlying all of these events is a decision process or a chain of steps in target identification, steps that focus first on rough and vague decisions and move towards the precise plot. The fields of counterterrorism and computational criminology involves the use of computational power to identify: (1) crime patterns and emerging patterns; (2) crime generators and attractors; (3) terrorism, organized crime and gang social and spatial networks as well as co-offending networks; and, (4) cybercrime/cyber terrorism. Algorithms are developed using computational topology, hyper-graphs, Social Network Analysis (SNA), Knowledge Discovery and Data-mining (KDD), agent based simulations, dynamic information systems analysis and more for detecting organized crime and predicting terrorist threats.

The methods and models used for counter terrorism and computational criminology can provide information about pattern theory and identification. In short, we treat terrorism as an organized crime, and therefore, it would be possible to use some of the traditional methods to detect terrorism evidences, but also new models can be developed looking into the new type of terrorism of 21^st century.

What is cybercrime and what current challenges does it pose?

Crime involving information and communication technologies (ICT), for example:

·        ICT as an instrument, where ICT can be used as primary tool to commit the offence (Identity theft, Internet scams and Fraud-misappropriation of funds are some of the examples)

·        ICT as target, where ICT is the target of the offence (Hacking, Misuse of  ICT resources, Denial of service, Stealing information)

·        ICT as Ancillary Resource, where conventional crime can be assisted by ICT; in other words technology can be used to commit conventional crime or technology can be used to store information about crime (Fraud, Money laundering, etc., are known examples)

As the cybercrime has border-less and transnational reach, therefore, there is urgent need to establish competency in predictive cyber analysis and to develop trusted relationships to encourage information sharing among the INTEL agencies.  There are number of challenges in cybercrime, for example

·        Enforcing extraterritorial/ trans-border law enforcement activity

·        Many offences are never detected

·        Many detected offences are never reported

·        Difficult to quantify the offence

·        Difficult to “Police” the cyber space

·        Evidence can be intangible

·        Issuing warrant without knowledge of the precise location of data (evidence) can be problematic

·        Evidence can be destroyed during search

·        Encryption and other concealment technologies are available to offenders

·        Human rights and privacy issue, etc.

How can the right to individual privacy be balanced against the need for protection from cybercrime?

It is a very difficult question; I think security is more important than privacy of individual person in some cases.  But according to the laws of each country, the privacy problem should be dealt in treating with cyber criminals.

"This is what happens to internet snitches"

This week the Mexican Zetas drug cartel sent a clear message to websites that report on the drug war, in a note with two mutilated corpses hung from an overpass near the U.S. border.

Officials at the state prosecutor’s office said a sign warning bloggers to stay quiet was found next to the disemboweled bodies of a man and a woman hanging from a pedestrian bridge in the city of Nuevo Laredo.

“Watch out, I’ve got my eye on you,” the placard said.  It warned that other internet troublemakers would meet a similar fate and was signed “Z,” a reference to the bloody Zetas drug gang active in the region.

The unidentified and badly mutilated victims were aged between 20 and 25,  said an official who declined to be named.

The threat specifically targeted two popular websites that cover the Mexico drug war: Blog del Narco and Frontera al Rojo Vivo.

The Rojo Vivo site, operated by border newspaper El Norte, announced that all archived material and contributor information has been cleared from the blog.

“From now on, we will only publish specific facts and information about border communities and not personal attacks,” stated a notice on the site Thursday.

Mexican drug traffickers often target local media to suppress coverage of their activities. During the last five years at least 42 local reporters have been killed, according to the Committee to Protect Journalists.

Many newspapers and other media have already ceased to publish photos of murder victims or the calling cards that drug gangs use to threaten their rivals, the police or public.

Approximately 42,000 people have been killed in the wave of violence that has followed President Felipe Calderon’s decision to deploy the military against drug cartels in late 2006.