cybersecurity

Botnets are now responsible for sending 95 percent of all spam, up from 84 percent in April, and almost half of that spam comes from a single botnet, Rustock.

Rustock sent 41 percent of the world's botnet spam in August, up from 32 percent in April. This is despite the network actually shrinking in size from 2.5 million to 1.3 million bots over the same period, security company Symantec said on Tuesday. This means Rustock is currently responsible for 39 percent of all the world's spam e-mails.

"Overall, the total amount of spam in circulation … Read more

Cameron Diaz fans, look out. The actress has made McAfee's list as the most dangerous celebrity to search for in cyberspace.

Released Thursday, McAfee's fourth annual Most Dangerous Celebrities report tracked the top performers, models, and other celebrities that cybercriminals use to trick people into hitting malicious Web sites. Search for a hot photo or the latest gossip on your favorite star, and you could find your PC infected with a payload of malware instead.

In grabbing this "award," Diaz bumped last year's riskiest celebrity, Jessica Biel, to the No. 3 spot.

Being No. 1 … Read more

The U.S. is leaving its energy infrastructure open to cyberattacks by not performing basic security measures, such as regular patching and secure coding practices, according to a report prepared by the Department of Energy.

Researchers at the Idaho National Laboratory tested 24 industrial control systems (ICSs) between 2003 and 2009 and published the results in a report completed in May and publicly released last month. (Click for PDF.) Steven Aftergood, secrecy expert at the Federation of American Scientists, blogged about the report on Monday.

The report comes on the heels of a discovery of malware written specifically for systems … Read more

The Perfect Citizen project is purely a research-and-engineering effort, not an attempt to monitor companies against cyberattack, the National Security Agency said Thursday.

The NSA issued a brief explanation of the new project in response to a Wall Street Journal story that described Perfect Citizen as a government system designed to monitor vital agencies and private utilities against potential cyberthreats. The project would establish a series of sensors installed throughout various computer networks that would raise an alarm in case of a pending cyberattack, according to the Journal.

But in an e-mail statement attributed to NSA spokeswoman Judith Emmel, the … Read more

The National Security Agency is reportedly launching a program to monitor for cyberattacks against government agencies and private companies responsible for key services such as electricity, nuclear power, and transportation, according to a story in Thursday's Wall Street Journal.

The program, known as "Perfect Citizen," is already triggering mixed reactions, says the Journal. Some in industry and government see it as an attempt by the NSA to intrude into domestic matters, while others believe it's a much-needed step in fighting the threat of cyberattacks.

Perfect Citizen would establish a series of sensors across various computer networks … Read more

The White House is hoping to come up with a comprehensive strategy to better protect people in cyberspace and is asking the public for help.

Releasing a draft of the potential new National Strategy for Trusted Identities in Cyberspace (PDF) last Friday, the government is aiming to set up a system that would let people voluntarily create trusted identities to use in online transactions.

The goal, as described in a blog post by White House cybersecurity chief Howard Schmidt, is to secure and protect transactions in cyberspace through use of a special ID--a smart card or digital certificate--that would prove … Read more

Sen. Joseph Lieberman on Tuesday defended his proposal to grant the president far-reaching emergency powers to seize control of or shut down portions of the Internet.

It's vital that the president can "say to an electric company or to say to Verizon, in the national interest, 'There's an attack about to come, and I hereby order you to put a patch on this, or put your network down on this part, or stop accepting any incoming from country A,'" said Lieberman, an independent from Connecticut who caucuses with Democrats.

Lieberman's bill, introduced last week, could … Read more

A new U.S. Senate bill would grant the president far-reaching emergency powers to seize control of or even shut down portions of the Internet.

The legislation announced Thursday says that companies such as broadband providers, search engines, or software firms that the government selects "shall immediately comply with any emergency measure or action developed" by the Department of Homeland Security. Anyone failing to comply would be fined.

That emergency authority would allow the federal government to "preserve those networks and assets and our country and protect our people," Joe Lieberman, the primary sponsor of the … Read more

Despite the efforts of IT departments, many PCs in the corporate and government world are littered with unauthorized software, most notably malware, says application-whitelisting company Bit9.

The results of Bit9's "2010 What's Running on Your Users' Desktops?" survey, released Monday, uncovered PCs with a significant amount of non-business software, including games, toolbars, and torrent software. Of greater concern, IT pros surveyed also discovered malware, such as ransom-ware, Trojans, and Chinese spyware.

Among the 1,282 IT professionals questioned for the survey, 68 percent of them said they have software restrictions in place, but 45 percent said … Read more