Government


Taking a Page From Singapore’s Cybersecurity Playbook

Guest editorial Pat ClawsonWe could all learn a thing or two about developing an effective cyber security strategy from the government of Singapore. I was recently in Singapore to do a keynote for Singapore GovWare on the Changing State of the Endpoint and, while I was out there, I witnessed something interesting the Singapore government was doing to strengthen its security posture. The Ministry of Home Affairs for this Asian island city-state launched a new organization last week, Singapore Infocomm Technology Security Authority (SITSA), to safeguard Singapore against IT security threats.

Free COFEE Helps Law Enforcement Forensics

Microsoft has announced plans to give away free versions of its COFEE (Computer Online Forensic Evidence Extractor) utility to help law enforcement agencies in cyber-crime investigations. COFEE uses digital forensic technologies to help investigators gather evidence of live computer activity at the scene of a crime, regardless of technical expertise.


In May, President Obama completed his long-awaited “cyberspace policy review,” concluding that cyberspace is a strategic asset that must be safeguarded from attack as a national security priority. 
The president promised to appoint a permanent “cyber czar” who would coordinate the work of federal agencies charged with protecting us. But since “acting cyber-security czar” Melissa Hathaway resigned in August, the post has been unfilled.  Why?   Read the full op-ed [LA Times/James D. Zirin]

The massive phishing scam broken up by federal authorities this week is only a hint at what many say is an insidious and growing problem on the Internet. The bust, dubbed Operation Phish Phry, was described by the FBI as the largest ever cyber-crime investigation and they held it up as a shining example of international cooperation in the realm of cybersecurity.

But as important and impressive as it was, the arrests barely scratch the surface of the phishing problem, according to several who have been tracking the issue for years.  Read the full story [IDG News Service/Jaikumar Vijayan]

The largest number of defendants ever charged in a cyber-crime case have been indicted in a multinational investigation conducted in the United States and Egypt that uncovered a sophisticated “phishing” operation that fraudulently collected personal information from thousands of victims that was used to defraud American banks.
Authorities in several United States cities arrested 33 of 53 defendants named in an indictment returned last week by a federal grand jury in Los Angeles. Several defendants charged in the indictment are being sought this morning by law enforcement. Additionally, authorities in Egypt have charged 47 defendants linked to the phishing scheme.  Read the full FBI statement [fbi.gov]

The head of the U.S. Federal Bureau of Investigation has stopped banking online after nearly falling for a phishing attempt. FBI Director Robert Mueller said he recently came “just a few clicks away from falling into a classic Internet phishing scam” after receiving an e-mail that appeared to be from his bank.
“It looked pretty legitimate,” Mueller said Wednesday in a speech at San Francisco’s Commonwealth Club. “They had mimicked the e-mails that the bank would ordinarily send out to its customers; they’d mimicked them very well.”  Read the full story [IDG News Service/Robert McMillan]

The Department of Homeland Security is planning a major hiring spree, looking to fill as many as 1,000 cybersecurity positions over the course of the next three years. The department announced the new initiative Thursday, marking DHS’s first real push to hire a large number of information security experts.

Q&A: Amit Yoran

Amit Yoran, CEO of NetWitness, is the former director of the National Cyber Security Division at the Department of Homeland Security and a longtime veteran of the security industry both inside and outside the Beltway. He spoke with Dennis Fisher recently about the current power vacuum in Washington on security matters and the priorities for the next cyber security coordinator.

The powers that be in Washington are not known for getting things done quickly, and the current power vacuum in information security in the capital is a painful case in point. The well-documented failure to find a coordinator to oversee security for the country is only one piece of the puzzle, and as time continues to pass with no help on the horizon, those in the know are growing increasingly restless and discouraged by the process.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.