Security Web Digest: Virus Attack Steaks Corporate Passwords

Financial organizations targeted by virulent BugBear.B worm. Department of Homeland Security announces new cyersecurity chief Senator Lieberman concerned about chip production Quantum Cryptography advances in the lab


The government is warning financial institutions about a virus-like infection that has targeted computers at roughly 1,200 banks worldwide, trying to steal corporate passwords. Virus experts studying the blueprints for the latest threat to Internet users were astonished to find inside the software code a list of roughly 1,200 Web addresses for many of the worlds largest financial institutions, including J.P. Morgan Chase & Co., American Express Co., Wachovia Corp., Bank of America Corp. and Citibank N.A. The destructive infection, known as "BugBear.B," has spread to tens of thousands of consumer computers across the Internet since last week, but investigators and industry experts said they were unaware if any financial institutions had been significantly affected.

Read the complete story in

British researchers say they are close to producing an off-the-shelf system that exploits quantum physics to create a secure communications channel. This week, the researchers demonstrated their system working over fibers 100 kilometers in length. "It is a radically different approach to computer security," said Andrew Shields, leader of the Quantum Information Group at Toshibas Cambridge lab where the encryption system is being developed. "Quantum cryptography allows users to swap a shared secret key that can be used to encrypt messages or authenticate messages sent across the network," said Dr Shields.

Read the complete story in the BBC

The AOL Time Warner Internet unit said Monday that the next version of its proprietary service, AOL 9.0, will offer a package of security-related software, such as e-mail virus scanning, firewall protection, spam filtering and beefed-up parental controls. The announcement follows the launch of a public campaign to highlight the dangers of unprotected broadband access. An AOL representative would not say when exactly the product would become available.

Read the complete story in

Homeland Security

The U.S. Department of Homeland Security (DHS) announced a new cybersecurity center last week. The 60-person division, called the National Cyber Security Division, will report to Robert Liscouski, the assistant secretary of homeland security for infrastructure protection, and will be part of the departments Information Analysis and Infrastructure Protection Directorate. The new division will focus on reducing the vulnerabilities to the U.S. governments computing networks and working with the private sector to help protect other critical pieces of cyberspace, DHS announced Friday.

Read the complete story in InfoWorld

Sen. Joseph Lieberman (D. Conn.) last week released a white paper charging that the escalating shift of production to Asian foundries and offshore joint ventures is endangering national security. Lieberman, a ranking member of the Senate Armed Services committee, asked the Defense Department to submit a report on how to deal with the growing loss of U.S. chip production. "If this accelerating shift in semiconductor manufacturing overseas continues, the U.S. will lose the ability to reliably obtain high-end semiconductor integrated circuits from trusted sources," Lieberman warned. He said Pentagon weapons systems, which increasingly use leading-edge semiconductors, could be endangered by the growing dependence on overseas production.

Read the complete story in EBN