Hacktivists and cyber criminals threaten "OpUSA"—a denial-of-service attack on US financial and governmental targets—for May 7. If it follows the recent pattern of OpIsrael, expect a fizzle, but should some of the more capable hacking groups join, the attacks could be consequential. One interesting point wryly noted by Credit Union Times—the Pastebin posts announcing the threat appear to advise depositors to shift their money from big banks to credit unions. Whatever happens, enterprises would be prudent to dust off their mitigation plans.
Twitter has warned its users to expect more account hijacking, and Business Insider interviews someone who claims to have executed last week's AP hack.
Chinese (and, to a lesser extent, Russian) intrusion into QinetiQ North America's infrastructure continues to raise questions about the extent of the compromise—some observers describe the successful attack as, in effect, a backdoor into US Defense networks. Among the tools attackers used was the remote access Trojan (RAT) "lprinp.dll."
Widespread use of open-source components raises supply chain issues (the irreversible globalization of the supply chain is also a matter for concern) but developers say they lack time and resources to address them.
The Electronic Frontier Foundation rates companies on their effectiveness (and resolution) in protecting customers from government snooping: Twitter, Sonic, Dropbox, Google, LinkedIn, and SpiderOak get good marks.
Jane Holl Lute departs the US Department of Homeland Security, and in her valediction warns against handling cyber security like an intelligence program: reliability and integrity of personal identity are central.