U.S. CyberCom launches with first commander

With Army Gen. Keith Alexander named as its first commander, U.S. Cyber Command has a challenging mission and Alexander a demanding job.

Army Gen. Keith Alexander, the new commander of U.S. CyberCom.

(Credit: National Security Agency)

Receiving a promotion to four-star general, Alexander on Friday was officially given the reins of U.S. Cyber Command by Defense Secretary Robert Gates during a ceremony in Fort Meade, Md. That signaled the initial launch of the division, which won't be up to full capability until October 1.

The mission of U.S. Cyber Command, or CyberCom, is to synchronize the Defense Department's various networks and cyberspace operations to better defend them against the onslaught of cyberattacks.

"Given our increasing dependency on cyberspace, this new command will bring together the resources of the department to address vulnerabilities and meet the ever-growing array of cyberthreats to our military systems," Gates said in a statement.

Last June, Gates approved the birth of Cyber Command as a unified, subdivision of U.S. Strategic Command to manage the Defense Department's resources of 15,000 computer networks across 4,000 military bases in 88 countries. The launching of U.S. CyberCom had been stalled, awaiting Senate confirmation of Alexander. But with Senate approval having been cleared on May 7, CyberCom is now free to open for business.

About 1,000 people will work at CyberCom at Fort Meade, with most of them moving over from existing jobs.

Concerns have been raised, notably by Air Force Gen. Kevin Chilton--the commander of U.S. Strategic Command--over the segregation that currently exists among the different cybernetworks and information resources across the military.

"This segregation detracts from natural synergies and ignores our experience in organizing to operate in the air, land, sea, and space domains," Gates said before the House Armed Services Committee in March. "The establishment of U.S. CyberCom will remedy this problem in the cyberdomain."

To integrate the military's vast cyber-resources, Deputy Defense Secretary William Lynn III has spearheaded the effort to launch CyberCom. With the U.S. military more dependent on information technology than forces in other countries, Lynn believes the military must be able to safeguard its own networks and be free to utilize them across the world.

"We want to be able to maintain those advantages and protect the military missions, and that is the main mission of Cyber Command; it is to protect the military networks," Lynn said in a statement. "It will have a role, though, in protecting the government's networks and critical infrastructure."

"We didn't see Desert Storm coming. We didn't see the series of events that led to Afghanistan. Foreseeing the threats in cyberspace is harder. With Cyber Command, I think we need to be prepared for the unexpected."

--Deputy Defense Secretary William Lynn III

Coordinating all of the disparate agencies with a role in cyberdefense has been a huge challenge, as different groups in government have struggled to map out their own agendas. But Lynn seems optimistic that CyberCom can also help clean up some of the bureaucratic snafus and turf wars.

"It will be the place where the Department of Homeland Security will come to on cybersecurity matters," Lynn said. "And it will help rationalize the interagency process."

Since the initial inception of CyberCom almost a year ago, the military has been busy prepping it for launch, according to Lynn. People have been trained, task forces have been set up, investments have been made. Officials from the DOD have also worked with defense companies to focus on both cyberthreats and best practices. Lynn himself has traveled to Great Britain and Australia and will go to Canada to discuss how best to share common threats and technologies.

Questions still remain about the muddy legal waters of cybersecurity. What is considered a cyberattack? How do countries respond to them?

"We're in the midst of a series of meetings the White House is leading to work through a lot of those legal issues," Lynn said. "We've made progress organizationally, industrially, and internationally, but the legal regime in particular is an area we need to tackle further."

But other challenges await the new Cyber Command, especially with the growing threat of cyberattacks.

"It doesn't take the resources of a nation state to launch cyberwar, "noted Lynn. "Nations still have the best capabilities, but you can do very threatening and damaging things with modest investments...Our ability to predict where the threats are coming [from], even in conventional threats, is remarkably poor. We didn't see Desert Storm coming. We didn't see the series of events that led to Afghanistan. Foreseeing the threats in cyberspace is harder. With Cyber Command, I think we need to be prepared for the unexpected."

Source: news.cnet.com


Like this post?Why not to Subscribe to Trend Internet Security news by Email for FREE

An ultimate solution to Data Security: Unified Threat Management

Unified threat management (UTM) is a step above the conventional firewall features as it embraces the pooled features of e-mail spam filtering, IDS (Intrusion Detection System), anti-virus capability and World Wide Web content filtering. This is a novel trend which is emerging in IT world slowly. The multiple functionality of the Unified Threat Management appliance can be the justification for replacing older more basic firewalls with the new system. In simpler words, UTM is just like a blanket security cover for Internet-based threats.

Security is the biggest threat or in other words, the utmost requirement for internet users, as the virus attack incidents are growing in corporate information system environment and the end user is always recognized as most targeted obsession for security attacks.

The principal advantages of UTM are simplicity, streamlined installation and use, and the ability to update all the security functions or programs concurrently. Some other advantages include

• Reduced Complexity: Single security solution for a couple of security threat along with single vendor.

• Reduced training: require less technical training.

• Multi-Core processor : for balancing speed and performance

• Easy Troubleshoot: Single point of contact makes troubleshooting easy

• Easy management: Web based GUI environment for easy management

• Availability: Ensure uninterrupted access by providing protection against malicious contents

• Identity based security: Identifies ‘who is doing what”

• Improved performance: Zero hour protection without interrupting network performance

UTM Implementation: The usage of UTM system is increasing in the corporate world and many companies are launching their respective products. The promise of the UTM application can be observed in the e-governance sector too. Recently, In India the Jharkhand Government’s state information and communication network has installed a UTM device to embark multiple security threats to the sensitive data like treasury information, Commercial tax information, financial information etc.

Another UTM program implemented by IBM is, the IBM Unified Threat Management (UTM) Service, part of the IBM Managed Security Services “umbrella’ provides a comprehensive protection against all security threats. The IBM setup for security is named as IBM Internet Security Systems (ISS).

Market watch for UTM: The UTM market is growing with the growing needs of security. According to a recent market report, the threat management security appliance market will grew at annual growth rate of 17 percent from 2007 to 2008 which is equal to the global market of $3.45 billion.

UTM vendors in India include LokTek, Cyberoam, Secure Computing Corporation and Symantec, NetScreen (acquired by Juniper Networks), Symantec, NetScaler, WatchGuard Technologies and Elitecore Technologies.

UTM Products: Some significant UTM products in the market are IBM Proventia Network Multi-function Security System, MX5010, IBM Proventia Network Multi-function Security System, MX3006, Fortinet FortiGate-3810A UTM, Fortinet FortiGate-3600, ISS Proventia M50, Fortinet FortiGate-1000A V3.00 and TippingPoint X505 V2.2.4, AccessEnforcer All-in-One Security Appliance by Calyptix Security Corporation and Cyberoam 1000i, 100i, 500i, 1500i by Elitecore Technologies Ltd.



Satinder Kaur/ITVoir Network


Like this post?Why not to Subscribe to Trend Internet Security news by Email for FREE

Human behaviour key to cyber-security: Scott McIntyre

CYBER-GEDDON has been overhyped, but IT security professionals need to find new ways of dealing with the never-ending threats, says Scott McIntyre, chief security officer for Amsterdam-based ISP XS4ALL Internet.

"The sky is not falling, the situation is not as bad as many make out, but we need to accept that the internet has been 'pwned' (compromised or controlled by rivals)," he told the AusCERT 2010 conference on the Gold Coast last week.

"We need to maintain a sense of proportion and adjust our expectations about internet security,"' he said.

"Not everything that happens is a major crisis, you don't need huge cyber bunkers because there's a worm on the network -- this should be your daily routine by now."

Mr McIntyre, who is also a member of the Dutch computer security incident response team KPN-CERT, said the industry was stuck in "a weird loop of going backwards and forwards" on the same issues.

"Too many people are focused on the minutiae of internet security, but security professionals are being trained to sit and wait for the alerts to pop up," he said.

"We look at patterns of data and try to find a signature to fix it, while firewalls and other devices all work really well for the things they know about.

"There's all sorts of evidence of the evil that's out there, but we can't see it and certainly can't respond.

"We are doing a very bad job of anticipating new problems and should be better at expecting the unexpected."

Instead of worrying about the explosion of malware, Mr McIntyre said the industry needed to address human behaviour and provide technologies people would actually use.

Passwords were a failure because people still chose user name and "password", and people continued to click on phishing links.

"A lot of the approaches we're using now have failed," he said. "We need to change how we deal with these problems, as the incidents are not stopping."

Mr McIntyre said industry also needed to take more responsibility in relation to the "Chicken Little" scenario.

"We need to be careful about statements to the press.

"Security researchers go out and say, 'I found this amazing bug, and with a click of the button I can rape the internet'.

"But if you're going to release source code or proof of concept for an exploit you've found, have you already found a defence for it, have you done something responsible, or are you just out for glory?"


Like this post?Why not to Subscribe to Trend Internet Security news by Email for FREE

New ZoneAlarm is quietly effective (review)

The changes made to improve the default firewall in Windows 7 are impressive, but the newest version of the free ZoneAlarm Firewall argues that Microsoft still has a long way to go. ZoneAlarm 9.2 introduces multiple new features to one of the world's oldest computer security programs including quieter outbound protection, behavioral detection from the ZoneAlarm Internet security suite, automatic Wi-Fi security setting activation, antiphishing protection, an overhauled ZoneAlarm toolbar, and 2GB of online storage for free.

Installation

Program installation was largely a smooth experience, taking about 5 minutes. Users will have to reboot their computers after its done. Prior users of ZoneAlarm's paid security suites might encounter some odd behavior if the uninstallation process of one of those programs left remnants, but this should be the rare exception and not the rule.

ZoneAlarm Firewall Free (screenshots)

Interface

ZoneAlarm has unified its security interfaces, so users familiar with one program won't see dramatic changes in another. The left side contains navigation links; the center window is where all the action happens. As noted in the review of ZoneAlarm Extreme Security, it's not a bad design but it doesn't pop visually. The text links can be hard to read because of font choice, and although the center buttons are big, the details within could be easier to read.

Features and support

Designed to be used in conjunction with an antivirus program, the strongest tool in ZoneAlarm's belt is the outbound firewall. Though Windows does offer some outbound protection, it's not activated by default. Most users tend to leave it off because they either don't know about it, or when they do turn it on it regularly interrupts their workflow with pop-up security warnings. Older versions of ZoneAlarm used to be noisy with pop-ups as well, but the new version has been set to be quieter without changing the level of protection. If you prefer, this can be changed in the program settings.

The main window of ZoneAlarm Firewall Free.

(Credit: Screenshot by Seth Rosenblatt/CNET)

During a half-day of testing the default ZoneAlarm Firewall settings, the only pop-ups encountered were those blocking new software installations. The pop-ups for the three programs tested went away and allowed the installation to proceed with one click. More than just a low rate of interference, only encountering pop-ups for program installations is precisely the kind of warning that keeps you aware of what's occurring on your computer without distracting you simply for surfing the Web.

The benefits of an outbound firewall might not be readily apparent. An inbound firewall blocks threats coming in from the outside, but an outbound firewall does more than prevent your computer from spreading viruses and malware to others. If your computer has been compromised by a botnet, for example, outbound protection will stop it from sending your data back to its host servers. It can also stop program spoofing, which is when a malicious program pretends to be a good one, and IP spoofing, which is when harmful network transmissions dress up as safe ones.

This update includes DefenseNet, ZoneAlarm's behavioral detection system of anonymously contributed data that's used to verify and block threats. Previously, it had only been present in ZoneAlarm's antivirus programs. You can opt out from it when you install, but contributing doesn't negatively affect your system's performance.

The ZoneAlarm toolbar has also been given more than a simple spit-shine. You can opt out of installing it when you run the main installer, and install it later if you wish, but ZoneAlarm was quick to point out that it without it key security features are not activated. Hiding the toolbar after it's been installed won't disable its protections, which include the aforementioned signature and heuristic-based antiphishing protections.

It also adds a site check option that can be used to reveal the date founded and physical location of the site and has customizable safe site buttons for launching regularly visited sites such as Facebook or your banking site. The e-mail checker built into the toolbar is compatible with Hotmail, Gmail, Yahoo, RR, Univision, and POP3 accounts. Unfortunately, there's no IMAP support. Finally, the toolbar links to ZoneAlarm's free 2GB of online backup space, courtesy IDrive, and six months free identity theft protection from IdentityGuard.

One of the more annoying limitations of the toolbar is that it only works with Firefox and Internet Explorer, even though Chrome has supported extensions for a year. Given the instability that toolbars contribute to IE, and the clutter that they add to the browser interface, ZoneAlarm would probably get more mileage out of the feature if it was reduced to a single button that opened a new window or expanded a set of buttons.

ZoneAlarm's toolbar revamp includes new, useful features, but it's still a toolbar.

(Credit: Screenshot by Seth Rosenblatt/CNET)

The Help link in the bottom left of the interface only links to the program's Help file. The only in-program access to the online help Web site, in the form of the free knowledge base and forums or paid telephone support during business hours, comes as a link under the Product Info sub-option under Overview on the left nav.

Performance

ZoneAlarm's performance was notable simply for how unnoticeable it was. Shutdown time did not appear to be affected at all, and neither did starting up cold nor rebooting. Changing the antivirus program that it was partnered with didn't affect the firewall's behavior, either. These are big changes from previous versions of ZoneAlarm, and obviously, they're welcome ones, too.

Conclusion

This update of ZoneAlarm Firewall Free should make people do a double-take because of the features and low interference level from the program. It also should do wonders for ZoneAlarm's reputation, but that has more to do with whether years of substandard updates can be erased by a firewall that is the strong, silent type that users need.

Resource: download.cnet.com



Like this post?Why not to Subscribe to Trend Internet Security news by Email for FREE

Establishment of US cyber command may start online arms race

The U.S. Department of Defense declared on May 21 that the Army Forces Cyber Command was launched that day to defend U.S. Internet security. Each department of the U.S. Army has fought against Internet attacks separately for a long time, and now the command will integrate all forces and come up with more powerful countermeasures to hacker attacks.


According to the schedule, the cyber command will be fully operational in October. In an interview, Professor Meng Xiangqing from the National University of Defense said that the newly-launched cyber command in the United States may provoke an arms race on the Internet. It will bring new implications for the world’s safety and stability.

Reporter: The United States Department of Defense recently declared that the cyber command was established. What is the purpose of this cyber command?

Meng: We know that the United States Department of Defense submitted a four-year defense assessment report to Congress on February 1st this year. The report analyzed the new security situation, pointing out that the Internet threat had become more and more serious, and the Internet war might become one of the major tasks that the U.S. Army would be facing.

The Internet, as a public area, would be a major concern to the United States. Actually, the cyber command had already been founded last June. The declaration of the establishment now and the full operation in October was just a part of the cyber command plan last year.

Source: http://english.people.com.cn


Like this post?Why not to Subscribe to Trend Internet Security news by Email for FREE

Trend Micro Bundles Consumer Internet Security With Identity Protection and Laptop Theft Recovery Services

Trend Micro teams with IdentityTruth and Absolute Software to deliver computer protection for consumers in one retail package.

CUPERTINO, Calif., May 24 /PRNewswire/ -- Trend Micro announced today a new retail consumer bundle that includes identity protection and laptop theft recovery services for a comprehensive set of consumer security products in one package. The security bundle will offer:

* A one-year subscription of Trend Micro™ Internet Security Standard, which guards against viruses, spyware, spam, Trojans, rootkits, and emerging online security threats.
* A one-year subscription of Computrace® LoJack® for Laptops by Absolute® Software, a provider of firmware-based, patented, computer theft recovery, data protection and secure computer lifecycle management solutions.
* A one-year subscription of identity theft prevention and identity protection monitoring services from identityTruth®, including certified specialist assistance with replacing lost or stolen identification and the remediation of a stolen or compromised identity.


Computrace LoJack for Laptops is powered by the patented Computrace technology from Absolute Software. LoJack for Laptops is virtually undetectable and calls home to the Absolute Monitoring Center with location information. If a computer is reported stolen, the Absolute Theft Recovery Team can gather evidence from the computer to identify the thief's location and works with local police to recover the computer. As an added layer of security, Premium customers can remotely delete data from the stolen computer to help protect their personal information.

IdentityTruth's unique Faster than Fraud™ technology combines data from many different sources -- going beyond simple credit-based protection to deliver a more complete picture of an individual's identity risk. The service continuously combines and analyzes any and all information that is discovered specific to an individual to detect, predict, and alert consumers to suspicious activities, identifying potential identity fraud patterns before fraud happens and providing concrete next-steps to resolve a problem that may arise.

Trend Micro Internet Security provides simplicity and speed when it comes to powerful online protection. It leverages the Trend Micro™ Smart Protection Network™ infrastructure, which works in the background, correlating threat intelligence, protecting in the Internet cloud, and giving consumers -- wherever they are -- immediate, real-time protection competitive products don't offer.

"In today's mobile and connected world, our computers become an extension of our lives. We must protect these valuable assets from internet threats and from data and device theft," said Mark Grace, vice president of consumer business at Absolute Software. "We're excited to be bundled in this offering, and at an attractive price, it provides consumers with the critical security features needed to confidently embrace the power of their mobile devices."

"Financial transactions are no longer limited to the personal desktop computer. Today's consumers use laptops and mobile communication devices for online banking and shopping, to store financial documents, tax returns and more – all of which can put consumers at greater risk of identity theft," said Steven Domenikos, CEO of IdentityTruth "Our partnership with Trend Micro is bringing best-in-class protection to consumers in one retail package."

Pricing and Availability

The retail bundle of one-year subscriptions of Trend Micro Internet Security Standard, IdentityTruth's proactive identity monitoring services, Computrace® LoJack® for Laptops by Absolute® Software is available at Best Buy and www.bestbuy.com for MSRP US $89.99.

About IdentityTruth

IdentityTruth is the leading provider of a new breed of service to help consumers safeguard their Privacy and Identity. IdentityTruth's proprietary technology provides subscribers with advance notice of potential identity fraud so they can take better control to stop it before it becomes costly. IdentityTruth not only detects -- but can actually predict -- possible problems, and that is what makes IdentityTruth Faster than Fraud™. IdentityTruth is a privately-held, VC-funded company headquartered in Waltham, Massachusetts. Investors include Argonaut Ventures and Stata Venture Partners. For more information, go to www.IdentityTruth.com or call 781-684-1300.

About Absolute Software

Absolute Software Corporation (TSX: ABT) is the leader in tracking, managing and protecting computers and mobile devices. The Company's Computrace, Absolute Manage and LoJack® for Laptops solutions provide theft recovery, data protection and computer lifecycle management capabilities to organizations and consumers. The Company's software agent is embedded in the firmware of computers by global leaders, including Acer, ASUS, Dell, Fujitsu, General Dynamics Itronix, HP, Lenovo, Motion, Panasonic and Toshiba, and the Company has reselling partnerships with these OEMs and others, including Apple. For more information about Absolute Software, visit www.absolute.com and http://blog.absolute.com.

About Trend Micro:

Trend Micro Incorporated, a global leader in Internet content security, focuses on securing the exchange of digital information for businesses and consumers. A pioneer and industry vanguard, Trend Micro is advancing integrated threat management technology to protect operational continuity, personal information, and property from malware, spam, data leaks and the newest Web threats. Visit TrendWatch at www.trendmicro.com/go/trendwatch to learn more about the latest threats. Trend Micro's flexible solutions, available in multiple form factors, are supported 24/7 by threat intelligence experts around the globe. Many of these solutions are powered by the Trend Micro™ Smart Protection Network™ infrastructure, a next-generation cloud-client innovation that combines sophisticated cloud-based reputation technology, feedback loops, and the expertise of TrendLabs(SM) researchers to deliver real-time protection from emerging threats. A transnational company, with headquarters in Tokyo, Trend Micro's trusted security solutions are sold through its business partners worldwide. Please visit www.trendmicro.com.

Computrace and Absolute are registered trademarks of Absolute Software Corporation. LoJack is a registered trademark of LoJack Corporation, used under license by Absolute Software Corporation. LoJack Corporation is not responsible for any content herein.


Like this post?Why not to Subscribe to Trend Internet Security news by Email for FREE