China steps up fight against cybercrime

From CSO (Robert McMillan)
In the face of increased attacks by its citzens against Chinese networks, China is stepping up the severity and enforcement of its computer crime laws. China often is cited as one of the major havens for hackers and malware authors, but as this IDG News Service report shows, the country is beginning to crack down on its own citizens for computer crimes in an effort to change that image.

Do we really need a cybersecurity czar?

The back-and-forth in Washington over who should run the cybersecurity program for the federal government has reached a fever pitch, as lawmakers, federal agencies and other interested parties jockey for position and budget dollars in the run-up to the release of the results of the Obama administration’s review of cybersecurity operations in the federal government. But perhaps the question isn’t which agency or office should have ultimate authority over cybersecurity, but whether any of them should.

From (Eric Ogren)
The federal government has whipped itself into a frenzy on the issue of cybersecurity recently, as evidenced by the numerous competing bills in the House and Senate and the high-level wrangling over which agency should run cybersecurity. Washington certainly has a key role to play in cybersecurity, but lawmakers and regulators should keep their hands off the Internet as much as possible and look to the private sector to lead on this issue, Eric Ogren writes.

There is a good old-fashioned backroom brawl shaping up in Washington over the cybersecurity issue, and the forces are aligning in some interesting ways on a variety of different sides of the debate. The latest installment in this long-running drama involves not just the fight over which, if any, of the numerous House and Senate bills addressing cybersecurity will ever see the light of day, but also the wisdom of handing authority for federal information security to the White House.

The head of the National Security Agency on Tuesday will recommend that the United States needs a major upgrade to its capabilities in both offensive and defensive cyber capabilities, handing that responsibility to a new military command in Maryland. In a hearing before the House Armed Services Committee, Lt. Gen. Keith Alexander will deliver a blunt assessment of the country’s information warfare skills, and it won’t be pretty.

From AFP (Via Yahoo News)
The North Korean regime is in the process of building up its capabilities to launch offensive computer attacks, according to news reports out of South Korea. The reports say that North Korea is specifically strengthening its information warfare program with the intention of targeting its two traditional antagonists, the United States and South Korea, AFP reports.

The recent flood of stories on attacks against the electrical grid, various government agencies and other portions of the critical infrastructure has renewed the calls for improvements in federal cybersecurity and, especially, information sharing between the government and the private sector on attacks and vulnerabilities. Some of this has been going on behind the scenes in Washington for a long time in an ad hoc fashion, but it appears it’s been getting more organized of late.

From CNet News (Stephanie Condon)
The Conficker Working Group several months ago discovered several hundred medical devices that had been infected with the Conficker worm and set about alerting the affected hospitals to the problem. The disinfection process should have been straightforward, but the tangle of regulations that govern medical facilities prevented the hospitals from making changes to the devices for three months.

Microsoft has developed an ultra-secure version of Windows XP, with many settings locked down by default. But the hardened OS isn’t for sale to the general public; it’s made specifically for the military. Microsoft built the secure version of XP a few years ago at the direction of the Air Force, which had grown weary of the constant updates to other Windows versions and had just seen its network defenses abused in a pentration test by the National Security Agency.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.