The U.S. Cyberwar Plan

In May 2007, President Bush authorized the National Security Agency,
based at Fort Meade, Md., to launch a sophisticated attack on an enemy
thousands of miles away without firing a bullet or dropping a bomb. At the request of his national intelligence director, Bush ordered
an NSA cyberattack on the cellular phones and computers that insurgents
in Iraq were using to plan roadside bombings. The devices allowed the
fighters to coordinate their strikes and, later, post videos of the
attacks on the Internet to recruit followers. Read the full story [National Journal].

Federal Wiretaps Busted by Researchers

Researchers at the University of Pennsylvania say they’ve discovered a
way to circumvent the networking technology used by law enforcement to
tap phone lines in the U.S.The flaws they’ve found “represent a serious threat to the accuracy and completeness of wiretap records used for both criminal investigation and as evidence in trial,” the researchers say in their paper, set to be presented today at a computer security conference in Chicago. Read the full article. [PC World]

Security Pros React to Potential Federal Data Law

A federal cybersecurity law edged closer to reality late last week when the Senate Judiciary Committee approved a bill to protect the personal data of Americans. The bill is a bipartisan effort sponsored by Chairman Patrick Leahy, D-Vt., and co-sponsored by former Chairman Orrin Hatch, R-Utah, that would, among other things, force companies and data brokers to institute data privacy and security programs. Some technology professionals surveyed don’t think the Federal law will do much to help. Read the full article. [] 

Mohamed Abdel-Mottaleb, professor and chair in the UM Department of
Electrical and Computer Engineering has developed state-of-the-art
systems capable of photographing an image of someone’s face and ear and
comparing it against pre-stored images of the same person, with 95-100
percent accuracy. Read the full article. [Science Daily]

Microsoft’s Computer Online Forensic Evidence Extractor (COFEE) has made it into the hands of pirates, and their virtual ships are distributing it. The COFEE application lets officers grab data from password-protected or encrypted sources. That means you can now break the law twice over: download the software and then use it to steal information from other people’s computers.

The state of Maryland tested a new cryptographic voting system on Election day that allowed users to confirm their votes online, as well as allow anyone to independently audit the system. Scantegrity is an optical-scan, open-source system that uses a combination of paper ballots and unique cryptographic codes inside the ballots. It was designed by David Chaum and researchers from MIT, Univ. of Maryland, George Washington Univ., the Univ. of Ottawa, and the Univ. of Waterloo. Read the full article. [Wired]

The FBI reports it has seen a rise of malware over the past few months targeting small and medium businesses and municipal government entities and school districts. Once a malicious attachment or link is opened, keylogging tactics obtain bank account info where criminals then initiate wire transfers or Automated Clearinghouse Transfers (ACH). The report also cites that in some cases individuals have been recruited to unknowingly help criminals with “work at home” jobs that tell them they will be working on sending these fraudulent funds transfers by Western Union or Moneygram. FBI has links to US CERT for help. Read the statement. [FBI]

Hardware hacker and author, Ryan Harris, aka “DerEngel,” has been arrested in Boston for aiding and abetting intrusion and wire fraud. Harris oversees TCNiSO, a group who hacks cable modems and other hardware. Harris thinks he is being busted for the plights of those who took performance-boosting hacks and committed crime–something he says he never condoned or publicized on his website.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.