Cyber Security News of the Week, March 11, 2012

Cyber Commentary — ISSA-LA to hold Fourth Annual Information Security Summit, May 16

On May 16, ISSA-LA will hold its Fourth Annual Information Security Summit at the Universal Hilton Hotel. We designed the Summit to encourage participation and interaction among all three vital information security constituencies:

1.       Business Leaders: CEOs, COOs, CFOs, Managing Partners and other non-technical decision makers with top-level management responsibility for information security and compliance with information privacy laws and regulations, together with their Trusted Advisors

2.       Technology Leaders: CIOs, Technical Managers and other IT professionals with responsibility for maintaining the IT network and the data it contains

3.       Information Systems Security Leaders: CISOs and other information security specialists having day-to-day responsibility for ensuring the security of sensitive information, together with those responsible for auditing systems security.

Alan Paller, Director of Research at the prestigious SANS Institute and a columnist for Forbes Magazine, will Keynote this year’s Summit. Alan’s that rare individual who both understands the depth of the cyber crime challenges we face and is able to explain it to non-technical business leaders.

I encourage you to join us at this year’s Summit. For more  information and to register, please visit the Chapter’s newly designed website. It Takes the Village to Secure the Village SM

Cyber Security Management — Securing the Enterprise

Protecting Your Computer: An Example of Defense-in-Depth: A reader asks: “What is the possibility of my personal computer being affected? I have two virus protection programs on the computer.” Citadel Information Group, March 7, 2012.

Cyber Security Management – Securing the Village

U.S. Companies Need Flexible Laws to Boost Cybersecurity: You probably feel it intuitively. The grids underlying our digital lives — our bank accounts, mobile phones, e-mail, medical records — are more vulnerable than ever…Bloomberg, March 5, 2012

Court: 4 More Months for DNSChanger-Infected PCs: Millions of PCs sickened by a global computer contagion known as DNSChanger were slated to have their life support yanked on March 8. But an order handed down Monday by a federal judge will delay that disconnection by 120 days to give companies, businesses and governments more time to respond to the epidemic. KrebsOnSecurity, March 6, 2012

Cybersecurity Bills Duel Over Rules for Firms: A bipartisan Senate bill to bolster cybersecurity has sparked a competing proposal from Republicans wary of new regulations for businesses, a signal that burgeoning anti-government fervor has begun shaping national-security measures. Wall Street Journal, March 9, 2012

Cyber Crime

Sony Hackers Stole $253M Worth of Music Files: It appears that hackers who breached Sony’s networks last year absconded with more than just the personal information of millions of Sony PlayStation users. They also stole more than 50,000 music files, including Michael Jackson’s entire back catalog of published music, as well as previously unreleased tracks. Wired, March 5, 2012

Anonymous Claims Takedown of Several Vatican Websites: Anonymous hackers on Wednesday claimed to have taken down several Vatican websites run by the Catholic Church to protest the “corrupt Roman Apostolic Church.” The hacking attacks on www.vatican.va and other sites came the day after several alleged members of the Anonymous-associated hacking group LulzSec were charged by U.S. authorities and it was revealed that LulzSec’s leader had been an FBI informant. PC Magazine, March 7, 2012

Antisec hackers hit US police store after FBI arrests. Hackers identifying themselves with the Antisec movement have attacked the site of a company that sells equipment to US law enforcers such as the police. BBC News Technology, March 9, 2012

Porn site Digital Playground hacked to expose card numbers: Online intruders from a group calling itself The Consortium claimed this week to have invaded Digital Playground, a California-based erotic site, to make off with 40,000 plain-text credit card numbers, including names, CCV numbers and expiration dates. In addition, they said they looted the personal information on 72,000 users. SC Magazine, March 9, 2012

Cyber Threats and Vulnerabilities

Data, Laws, Cyber-Weapons Biggest Threats to Information Security: Companies monetizing user data, bad laws and the cyber-arms race are significant risks to information security, British Telecom CTO Bruce Schneier told attendees at the RSA Conference. eWeek, March 4, 2012

Cyber Criminals — Betrayal and Arrest of Anonymous Members

Hacker, Informant and Party Boy of the Projects: In his Lower East Side apartment, the nights were racket-filled and without end. Neighbors lived with the pounding music and the sound of a pit bull being chased around the living room. The revelry sent scores of calls to the city’s complaint line. The New York Times, March 8, 2012

Anonymous Posts Response Letter To Snitch Sabu (On A Hacked Security Firm’s Website): The hacker group Anonymous is dealing with the arrest and betrayal of one of its most vocal members the only way it knows how: By hacking a security firm and covering its website with a rant against feds and snitches. Forbes, March 7, 2012

Arrests Sow Mistrust Inside a Clan of Hackers: For months, The Real Sabu, as he called himself on Twitter, boasted, cursed and egged on his followers to take part in computer attacks against private companies and government agencies worldwide. The New York Times, March 6, 2012