Posts Tagged ‘CyberWar’

Home Affairs Select Committee: ‘UK Losing the War on Cyber Crime’

July 30th, 2013 by

Today the Home Affairs Committee published its report on e-crime, and the results didn’t make for pretty reading. The Committee Chair, Rt Hon Keith Vaz MP held no punches in his summation of the 10 month inquiry into e-crime:

We are not winning the war on online criminal activity. We are being too complacent about these E-wars because the victims are hidden in cyberspace. The threat of a cyber attack to the UK is so serious it is marked as a higher threat than a nuclear attack.

Read the full report here.

The committee found worrying evidence about the lack of ability to fight e-crime “At a time when fraud and e-crime is going up, the capability of the country to address it is going down,” the report concluded.

Today’s report follows last week’s joint letter from GCHQ & MI5 to FTSE350 Chairman asking them to conduct a cyber security governance assessment, known as the Cyber Governance Health Check.

Based on the 10 Steps to Cyber Security For Business plan, this initiative reflects the government’s concern about cyber vulnerabilities and its desire to make the UK the most cyber-secure place in the world to do business.

The truth about cyber attacks and e-crime is that they are growing, and the government know this.  In 2011 the National Audit Office stated that UK organisations suffered 44 million cyber attacks causing between £18bn and £27bn.

GCHQ believes that 80% of these attacks could have been prevented by ‘basic security hygiene’.

The question is, are you and your business going to invest in basic security hygiene? Or are you going to wait for the inevitable attack to come?

IT Governance offers Cyber Health Tests in line with the governments 10 Steps to Cyber Security plan. Find out more information here.

Europe’s cyber Achilles heel

May 2nd, 2013 by

The Dutch hacker believed to be responsible for the world’s largest DDoS attack a few weeks ago has been arrested. Apparently he was caught 35km north of Barcelona in an orange van that doubled as a mobile computing office, (in my mind it’s like a  malicious Mystery Machine) remotely controlling his ‘cyber bunker’.

Anyone outside of the cyber security industry would be forgiven for thinking that this kind of event was a one-off. In reality, these kinds of events are taking place 24 hours a day, 365 days a year. Eighteen cybercrimes PER SECOND according to one Symantec report.

Admittedly it is quite unusual to find a Dutchman declaring cyber war from a van in Spain, but cybercrime is a real problem across Europe, and one that is widely under-reported by the media.

Seth Berman, a digital risk management expert based in London, told CNBC in March that this under reporting could actually be damaging Europe’s ability to face the cyber threats posed in 2013. A lack of mandatory reporting regulations and a history of organisations being shamed for breaches have led to companies hiding their problems from customers and even staff.

Until the regulation catches up and forces organisations to be more open about their problems, cyber security will continue to be Europe’s Achilles heel, data breaches will continue to happen and organisations will fail to live up to their responsibilities.

In the meantime there some simple steps you can take to keep your information safe:


US companies warned to end dealings with Huawei and ZTE – is this the start of a ‘Cyber Cold War’?

October 11th, 2012 by

US companies have been warned against using Chinese technology giants, Huawei and ZTE, in fear of leaving the country open to espionage and cyberattack.

The US House Intelligence Committee’s report concluded that “Huawei and ZTE cannot be trusted to be free of foreign state influence and thus pose a security threat to the United States and to our systems”.

In response to these allegations, both Huawei and ZTE have come back fighting, suggesting the findings of the report were politically motivated.

But with a growing number of cyberattacks being traced back to China, there is increasing suspicions about its companies, feulling the build up to what many cybersecurity experts have named as the ‘Cyber Cold War’.

Currently the UK has kept quiet about this report, but with Huawei and ZTE operating in the UK too - investing millions of pounds and creating hundreds of jobs – the focus will soon be on whether the UK will take advice from the US.

Brian Honan, author of ISO27001 in a Windows® Environment and information security consultant told the BBC that Huawei should be ‘closely monitored’.

“One of the challenges we face these days with globalisation is that it’s very hard to verify the supply chain,” Brian said.

For more information on the Chinese cyber threat, take a look at William Hagestad’s latest book, titled 21st Century Chinese Cyberwarfare. William believes that China uses state sponsored 21st Century hacking technology to carry out campaigns of targeting and collecting intelligence against their chosen cyber targets, supporting the information necessary to become the next superpower. This book touches heavily on Huawei and ZTE.

Find out more >>

Source: BBC

Chinese Hackers Target the White House

October 2nd, 2012 by

Hackers linked to the Chinese Government hacked into the White House Military Office, according to a report published by the Washington Free Beacon on Sunday. The White House commented that it had been targeted by a spear fishing attack however these attacks were not infrequent and that mitigation measures were in place.

An unnamed official stated that the hackers breached a system used by the White House Military Office, which is used for sensitive communications and nuclear commands. An official spokesman commented “In this instance the attack was identified, the system was isolated, and there is no indication whatsoever that any exfiltration of data took place.”

Whilst publically America must tread a careful line when it comes to accusing foreign governments of cyber espionage, it is no secret that hacking at state level is increasing.

Former McAffee cyber threat researcher Dmitri Alperovitch is less democratic than the politicians when he recently said “I can tell you that the Chinese have an aggressive goal to infiltrate all levels of U.S. government and private sector networks.” “The White House network would be the crown jewel of that campaign so it is hardly surprising that they would try their hardest to compromise it.”

One man who has more knowledge than most on Chinese cyber activities is Lieutenant Colonel Hagestad. A renowned expert on China’s People’s Liberation Army and Government Information Warfare, Colonel Hagstad has recently published 21st Century Chinese Cyberwarfare, a book that presents and discusses all the salient information regarding the use of cyber warfare doctrine by the People’s Republic of China.

Colonel Hagestad see’s Chinese Cyberwarfare as a very clear and present danger.

Read more about his book 21st Chinese Cyber Warfare here >>>

UK Government warn UK board members and CEOs about cyber crime threat.

September 5th, 2012 by

Today, the Government is issuing advice to British business leaders on how to protect themselves from cyber threats. Ministers and officials from communications intelligence agency, GCHQ will stress the importance of a more security-conscious culture for UK companies.

Iain Lobban, the head of GCHQ, will tell business leaders that any confidence they may have in their cyberdefences is likely to be misplaced, with potentially major implications. He will ask board members and chief executives whether they are aware of the impact on a company’s reputation, share price or even existence if sensitive information is stolen.

Read more about the conference on the BBC News website.

Effective cyber security depends on coordinated, integrated preparations for rebuffing, responding to and recovering from, a range of possible cyber attacks. In an Internet environment where a substantial number of initial attacks are automated, and any assault on critical national infrastructure (‘CNI’) is likely to be widespread, all organisations urgently need to take steps to adequately prepare themselves.

The IT Governance website is the No 1 corporate destination for anti-cybercrime products and solutions contains everything that organisations need for tackling the cyber crime threat. Start by downloading our free White Paper: Cyber Security: a Critical Business Risk which sets out a Seven-Step Cyber Security Strategy that every organisation should adopt.

IT Governance books and pocket guides offer unique insights and advice for dealing with the challenging and ever-changing cyber security and information security landscape.

Cyber Security Self Assessment Tool (Download) Cyber Security Self Assessment Tool (Download)

Enables any organisation to quickly assess and demonstrate which areas of its operations are up to scratch and which require more attention.

Learn more

Buy Now

International best practice and standards for Cyber security and resilience

ISO 27001 is the internationally recognised best-practice framework for addressing the entire range of cyber risks. ISO 22301 is the international standard for business continuity management, which is also essential to cyber resilience.

IT Governance consultancy and public training courses provide practical, leading-edge support for organisations that are turning to ISO27001 for an independently validated information security management system.

Other essential products and services include:

MI5 Warning Elevates Cyber Security to the Boardroom

June 26th, 2012 by

According to a BBC News report published this morning, MI5 are working to counter ‘astonishing’ levels of cyber-attacks on UK industry. Jonathan Evans, MI5 chief, spoke of MI5′s efforts to tackle “‘industrial-scale processes involving many thousands of people lying behind both state sponsored cyber espionage and organised cyber crime”.

This is a threat to the integrity, confidentiality and availability of government information but also to business and to academic institutions,” Mr Evans said. “What is at stake is not just our government secrets but also the safety and security of our infrastructure, the intellectual property that underpins our future prosperity and… commercially sensitive information“.

How can you mitigate the threat to the Confidentiality, Integrity & Availability (CIA) of your information assets?

The best way to do this is to align your information security management system to ISO 27001 – the world’s only recognised cyber security management system. ISO 27001 is the international cyber security standard which, through a risk based approach, addresses the three interdependent principles of the CIA triad.

Our specially developed ISO27001 Cyber Security Toolkit provides all the tools and resources you need to implement your own cyber security project and align your business with ISO 27001. This week only we are giving 3 additional resources away free …

Title ISO27001 Cyber Security Toolkit
3 extra resources Free during June:

Learn more

Buy Now


Risk assessment is critical to effective deployment of an ISO/IEC 27001 Information Security Management System, and this toolkit enables you to demonstrate that you have a repeatable risk assessment process and appropriate documentation.

Your focus need to be on protecting your business from cyber attack.

Protect your business and kick start your cyber security project with this toolkit today!

Flame: New cyber-attack described as an ‘Industrial Vacuum Cleaner for Sensitive Information’

June 7th, 2012 by

A complex and targeted cyber-attack has been uncovered by Russian security firm, Kaspersky Labs. The malware (known as Flame) is believed to have been operating since August 2010 and is considered to be a state-sponsored attack.

What makes this news story frightening is the fact that experts believe it is backed by a government. Professor Alan Woodward from the Department of Computing at the University of Surrey concludes;

“This wasn’t written by some spotty teenager in his/her bedroom. It is large, complicated and dedicated to stealing data whilst remaining hidden for a long time.”

There is a growing discovery of state-sponsored cyber-attacks, whether they are from Russia or China. Understand more about cyber warfare and the underground economy of cyber attacks with 21st Century Chinese Cyber Warfare. Lieutenant Colonel Hagestad and author of this book, researches into the Chinese cyber threat and the initiatives behind the Chinese government.

21st Century Chinese Cyberwarfare 21st Century Chinese Cyberwarfare
by Lieutenant Colonel Hagestad

Price: €74.95

Learn more

Buy Now


21st Century Chinese Cyberwarfare discusses:

  • Statistics of the Chinese Cyber Threat
  • Chinese Government Cyber Initiatives
  • Understanding the key motivators for Government Sponsored Cyber Warfare
  • Commercial Enterprises as a Cyber Threat Vector
  • Nationalistic threads of Chinese Hackers
  • And much more.

Buy your copy today and delve in to the growing underground economy of cyber-attacks >>

More to explore:

Standalone ISO27001 ISMS Documentation Toolkit
Standalone ISO27001 ISMS Documentation Toolkit
Download a FREE demo version here!

Learn more

Buy Now

ITSM, ITIL® & ISO/IEC 20000 Implementation Toolkit
ITSM, ITIL® & ISO/IEC 20000 Implementation Toolkit
Download a FREE demo version here!

Learn more

Buy Now

Nine Steps to Success: an ISO 27001 Implementation Overview
Nine Steps to Success: an ISO 27001 Implementation Overview

Learn more

Buy Now

Tackle the Flame with this eBook for the weekend

May 31st, 2012 by

A vicious piece of malware (known as Flame) was uncovered this week and is believed to have infected over 600 targets, be 20 times larger than Stuxnet and to have been backed by state sponsorship.

Realise the underground economy of hacking and crimeware with this handy pocket guide. It will provide you with a valuable list of up-to-date, authoritative sources of information, so you can stay abreast of new developments and safeguard your business.

Available in a format suitable for any eReader, you should buy today and read this weekend:

An Introduction to Hacking & Crimeware: A Pocket Guide (eBook) An Introduction to Hacking & Crimeware: A Pocket Guide (eBook)

RRP: £14.95
Price: £12.95
You Save: £2.00

Learn more

Buy Now


More to explore:

21st Century Chinese Cyberwarfare
21st Century Chinese Cyberwarfare

Learn more

Buy Now

CyberWar, CyberTerror, CyberCrime
CyberWar, CyberTerror, CyberCrime

Learn more

Buy Now

Cyber Risks for Business Professionals: A Management Guide
Cyber Risks for Business Professionals: A Management Guide

Learn more

Buy Now

Cybersecurity is a critical business issue. Avoid becoming the next Sony

May 17th, 2012 by

Cybersecurity is a critical business issue that is climbing the agenda in boardrooms everywhere.

This is no surprise considering the high profile media storm that has been building since the Sony hacking scandal. A year has now passed since Sony shut its Playstation Network.

The attacks reflect an approach to information security that was at best easy-going and at worst downright negligent. As a result, Sony’s reputation for software excellence was shredded as personal data relating to millions of its customers was stolen. Its online revenue strategy was imperilled, and its share price tumbled.

CEO’s should be looking at ISO 27001 to mitigate the risk of becoming the next Sony.

ISO 27001 is recognised as the international Cybersecurity standard and together with the Code of Practice, ISO27002, provide an internationally recognised best-practice framework for addressing the entire range of risks.

No 3 ISO27001 Comprehensive ISMS Toolkit No 3 ISO27001 Comprehensive ISMS Toolkit
All the tools you need to do-it-yourself.

Use this unique toolkit to accelerate your ISO 27001 project and develop an ISO27001-compliant Information Security Management System (ISMS).

Learn more

Buy Now


The No 3 ISO27001 Comprehensive ISMS Toolkit really does contain everything you need to implement ISO 27001 yourself. Our consultants use it and so should you.

Don’t just take our word for it …

IT Governance Ltd “gets it”. Their toolkits are all you really need to produce documentation that upholds the integrity of ISO and puts you in an audit-ready position for SOX and PCI compliance…They deliver toolkits with easy to follow instructions and pre-written templates to help you produce documentation for your Information Security Manual
Tim Moreton, President, Moreton & Co.,

Buy this toolkit before May 25th and receive the Olympics 2012 Continuity & Security Policy and Checklist free.

Find out more today and begin your route to becoming Cyber Secure!

Uncover the Chinese Cyberwarfare Threat

April 17th, 2012 by

With China having the world’s second largest economy (after the U.S), it is no wonder that the western world sees China as a threat when it comes to cyber warfare. With reason to believe, William T. Hagestad II pulls together a strong argument for the allegation of Chinese Cyberwarfare in his latest title; 21st Century Chinese Cyberwarfare.

Inside, readers will uncover the truth of Chinese Cyberwarfare and the involvement of its own government behind these claims. Hagestad answers these questions:

  • Who is behind Chinese cyberwarfare?
  • Is it state sponsored?
  • What is the Chinese Government promoting and what are their initiatives and motives?
  • And much more

Uncover the Chinese Cyberwarfare threat with 21st Century Chinese Cyberwarfare; an intereting, gripping and eye-opening read…

Read more >>>

21st Century Chinese Cyber Warfare 21st Century Chinese Cyberwarfare

RRP: $150
Price: $90
You save: $60

Learn more

Buy Now


Buy 21st Century Chinese Cyberwarfare today >>>

About the author

William is an internationally recognized subject matter expert on the Chinese People’s Liberation Army and Government Information Warfare. William served in the Marine Corps for 27 years and also holds Master’s degrees in Science in Security technolgies and Science in the management of technology.

Read more about 21st Century Chinese Cyberwarfare >>>

%d bloggers like this: