The hackers hit the “Book of the Dead,” defacing the site designed to commemorate the camp’s victims. Additionally, the hackers took down the web pages for the Mittelbau-Dora camp nearby. Volkhard Knigge, speaking on behalf of the Buchenwald memorial foundation, said the attacks were reported to the police, according to the BBC.

Portions of the website were restored later. The defacing slogans included “We will return” in German and “Brown is beautiful” in English.

According to Knigge, the hackers were “trying to efface the memory of the victims of the crimes of the Nazis.”

Both the Buchenwald and Mittelbau-Dora camps provided forced labor to nearby factories during World War II.

Key Role:
Work in a challenging and dynamic environment that combines knowledge in cyber security with business consulting skills to deliver high-value IT security compliance solutions to federal agencies. Engage in Certification and Accreditation (C&A) Security Test and Evaluation (ST&E) work, conduct security reviews, and provide security advisory to a number of high-visibility government clients. Maintain knowledge of C&A ST&E as they apply to various stages of the systems security life-cycle and comprehend FISMA requirements.

Qualifications

Basic Qualifications:
-1+ years of experience with C&A, ST&E, or IT security auditing
-Experience with NIST guidance, such as NIST SP 800-37 and NIST SP 800-53
-Experienced with developing C&A documentation
-Experience with creating security documentation and conducting hands-on security testing and reviews
-Knowledge of federal security requirements and industry best practices
-Ability to obtain a security clearance
-BA or BS degree

Click to learn more

Julius Genachowski

In testimony before the Senate Commerce Committee yesterday, Julius Genachowski, chairman of the FCC, told Committee members that the FCC’s regulatory authority is vital to the security and privacy of the Internet.

“The Commission also recognizes that privacy has more than intrinsic value: it is critical for promoting investment, innovation, and adoption of cutting edge communications technologies and services that bolster our economy, promote our global competitiveness, and improve our daily lives,” he said. “When consumers fear that their privacy is at risk, they are less likely to use new means of communication.”

The FCC is looking to ensure that consumers are able to control how their information is used and that providers are transparent in their practices. Additionally, personal data must be protected from third parties, Genachowski said.

“In some respects the Internet presents unique privacy challenges, but these principles remain the starting point for protecting consumer privacy,” he said.

The FCC is also working to develop strategies to inform consumers about good cyber hygiene, such as the use of encryption and password protected WiFi.

“In addition, the FCC is a leading member of OnGuard Online, a coalition of public and private organizations spearheaded by the FTC that provides advice to
consumers on protecting their personal information, guarding against Internet fraud, and protecting children’s privacy online,” the chairman said.

Genachowski also discussed the FCC’s forthcoming participation in October’s National Cybersecurity Awareness month, which seeks to raise public awareness regarding cyber issues.

“The National Broadband Plan emphasized that the vulnerability of our communications networks to malicious attack—including malware and other attacks that
can expose personal information—is a vital issue that is appropriately receiving broader and more focused attention,” he said. “This October, the Commission will work closely with the FTC and other federal agencies to launch a consumer education campaign for National Cybersecurity Awareness Month.

“As we move forward on online privacy, cybersecurity, and other vital issues, it is important that uncertainties in the regulatory framework be resolved,” he added.

The scam, which is highly automated, begins with the infiltration of online check archiving and verification services which often store vast records of previously cashed checks. It then goes through job websites to find email addresses of people looking for employment and sends a personalized message offering a position doing financial transactions, according to Joe Stewart, director of malware research for SecureWorks. The scammers then used stolen financial information to make close replicas of checks.

“They’re able to utilize this high-tech botnet to go out there, get the shipping labels, print them and pay for them with stolen credit cards,” Stewart said. “That’s the cleverness of it. So much of it is reliant on 21st century botnet technology to carry out what’s an old-school kind of crime.”

The cyber criminals managed to breach sites used by merchants to prevent check fraud and use them to create the fake checks.

“They’re actually abusing anti-fraud systems in order to commit fraud,” Stewart said. “The systems that are designed to prevent check fraud are actually being used to help the bad guys commit check fraud.”

He claims that when he approached several of the money mules, they told him that many of the checks didn’t go through.

Photo: KurtHanson.com

A new change to the Digital Millennium Copyright Act (DMCA) will now keep users who jailbreak their iPhones or other mobile devices from worrying about the threat of prosecution. An additional change allows will provide further protections for security researchers.

According to the Library of Congress’s Patent Office, which oversees the DMCA and conducts regular reviews, jailbreaking a mobile device does not violate copyright. Following the initial release of the iPhone and similar mobile devices, the Electronic Frontier Foundation requested some exemptions to the DMCA.

“When one jailbreaks a smartphone in order to make the operating system on that phone interoperable with an independently created application that has not been approved by the maker of the smartphone or the maker of its operating system, the modifications that are made purely for the purpose of such interoperability are fair uses,” according to the Patent Office.

Another change was also added to allow researchers in legal possession of a device or software to conduct “good faith” testing and research by circumventing protections on the software.

“Overall, the Register has concluded that the factors set forth in 17 U.S.C. 107 tend to strongly support a finding that such good faith research constitutes fair use,” the Patent Office said. “The socially productive purpose of investigating computer security and informing the public do not involve use of the creative aspects of the work and are unlikely to have an adverse effect on the market for or value of the copyrighted work itself. Aggregating the evidentiary record, the proponents have shown that they need to be able to fix flaws that are identified in this class of works and they need to be able to investigate other alleged security vulnerabilities in this class.”

Since its discovery, law enforcement organizations in the United States and Europe have been working to close down the operators. Police in Spain arrested three individuals suspected of running the botnet. The malware is designed to steal financial data and was even found on computers in major companies and financial institutions.

“To use an analogy here, as opposed to arresting the guy who broke into your home, we’ve arrested the guy that gave him the crowbar, the map and the best houses in the neighborhood,” Jeffrey Troy, deputy assistant director for the FBI cyber division to an Associated Press reporter.

The Mariposa botnet was one of the largest in world. Cyber expert Rick Ferguson told the BBC that the botnet actually got much larger than the attackers anticipated.

“The guys behind it said it was more successful than they had intended to be,” he said. “As is the case with most botnets, the more widespread they are the more likely they are to be discovered. They were a victim of their own success.”

Anthony Scott Harrison, 21, from the area near Adelaide, pleaded guilty on Monday to seven counts of computer hacking violations, according to UPI. He will be sentenced in September.

Harrison used unnamed malware to steal credit card and banking login information from infected users. He also admitted to creating a botnet of 74,000 infected PCs for carrying out denial of service attacks.

He pleaded guilty to four counts of modifying computer data to cause harm or inconvenience; one count of dishonestly manipulating a machine for his own benefit; and two counts of possessing or controlling data to commit a serious computer offense.

Technology Growth Platform (TGP) offers a full range of global delivery services-from enterprise solutions, system integration, technical architectures, business intelligence, infrastructure consulting, and technology research/development.

Our TGP consultants can expect to:
work with cutting edge technology
deliver high-quality solutions across multiple industries
work on a variety of projects ranging in both size and scope
receive continuous training
gain rapid career progression
Accenture Technology Labs falls under TGP and investigates how technology will shape: 1) the future of our clients and their customers, and 2) our own consulting and outsourcing businesses. We build prototypes that demonstrate how advances in technology will change the way we live, work, and do business in the next 3 to 5 years. Our external clients range from large, established firms to innovative new startup companies.

Job Description:
The position will apply technical strategy and architecture to solve client relevant challenges in the areas of cyber situational awareness and information assurance. This person will work with other team members to envision and create prototypes that use emerging technologies to achieve measurable business results and outcomes.This new role within Accenture’s Technology Labs will help deliver a new-class of innovative cyber solutions to the federal civilian, defense/intelligence and critical infrastructure

Click to learn more

“This is about jobs, jobs, jobs – jobs that keep the country safe and keep the economy strong,” Sen. Barbara A. Mikulski said. “It’s about giving people the tools they need to prepare for the jobs of the future.”

With these funds, the Anne Arundel Workforce Development Corporation, the Mid-Maryland Workforce Investment System in Howard and Carroll Counties, and Baltimore Mayor’s Office of Employment Development will train workers to fill jobs in cybersecurity, she said.

“This is a win-win opportunity to help save lives, transform lives and transform communities,” Mikulski added.

The Anne Arundel Workforce Development Corporation, in partnership with community colleges in Anne Arundel, Carroll and Howard counties; University of Maryland-University College; and more than a dozen industry and government partners was awarded $4,953,035 to develop a new cybersecurity-training program that will help more than 765 students get  industry credentials in cybersecurity and provide 1,000 students with training in the field.

“This [Department of Labor] grant is important for job creation and will help ensure our nation’s future cyber security,” said Benjamin L. Cardin, chairman of the Homeland Security and Terrorism Subcommittee of the Judiciary Committee. “I am committed to making sure that Marylanders have the training and skills to get jobs in the growing field of cyber security and I applaud the partnership that it creates between Anne Arundel Community College and the business community. We all have the same goal and that is to protect our nation’s Internet from an attack by terrorists who want to disrupt our communications network.”

Congressman John Sarbanes said he was pleased these federal job training funds are flowing into Maryland.

“Cybersecurity is a tremendous growth field for this region and we must prepare Marylanders to take advantage of job opportunities in the cybersecurity industry,” he said.

O’Malley said identity theft, network viruses, loss of sensitive information and other malicious activity are part of the ever-evolving world of cyber information and communications.

“As public servants, our most solemn obligation is to protect the safety of the citizens we serve, and that includes protection from cyber threats,” he said. “All Marylanders have an obligation to protect themselves as well, as we address this modern security threat as One Maryland.”

Nationwide, the Department of Labor awarded $125 million in Community-Based Job Training grants through a competitive process to support workforce training for high-growth/high-demand industries through the national system of community, technical and tribal colleges. A wide range of industries, from green industries to healthcare, transportation and advanced manufacturing, are considered high growth or high demand.

Photo: Energy and Utility Conference

Over the weekend, severe thunderstorms wrecked havoc on Washington, D.C. and Maryland, knocking out power to thousands of residents.  The storms left some 430,000 customers without power, according to press reports.

Of course, with power outages come traffic problems as traffic lights within the District and Maryland were out on a number of major roadways. Trying to drive in was a nightmare, as many residents took the opportunity to ignore traffic laws, rather than act amicably and with prudence.

When approaching an intersection with all lights out, the intersection is supposed to become a 4-way stop. However, some drivers thought it really presented an opportunity to flout traffic laws and drive as they wished.

While this outage was caused by a natural disaster, it is similar to what has been touted as a possible result from a cyber attack on the nation’s power grid. What if another nation, or terrorists, were able to take out the U.S. electrical grid in the Washington, D.C. area?

In such an event, traffic lights would be out and power to homes shut off. If you don’t have a car or a radio with batteries (and really, who does have a radio with batteries these days), you have no way to get information.

If you are able to get information regarding the situation, knowing that the Washington, D.C. area is under cyber attack is likely to spread panic and cause citizens to flee the city quickly. Which brings us to the problem of no traffic lights.

As evinced by the recent driving chaos with the storm, power outages can cause some drivers to behave inappropriately and unsafely on the roadways. Imagine how that would escalate in the instance of a cyber attack, with people trying to flee the city as quickly as possible. Who knows what might follow the cyber attack? Perhaps a terrorist explosion or a conventional assault?

While this might seem a bit far-fetched, the panic levels in the city would rise and the situation would only get worse. If people are willing to be complete jerks on the road from a natural disaster, imagine how they would act if they feel their lives are threatened.

In that case, survival of the fittest (or meanest) would rapidly come into play.