• New state-of-the-art cybersecurity resource available to software developers

    Cybercrime is booming; it is an estimated $100 billion industry in the United States and shows no signs of slowing down. Attackers have an arsenal of weapons at their disposal, including social engineering — or phishing — penetrating weak security protocols and exploiting software vulnerabilities that can serve as an “open window” into an organization’s IT environment. Closing those windows requires effective and accessible tools to identify and root out software vulnerabilities. Supported by a $23.4 million grant from DHS’s Science and Technology Directorate (S&T), the Software Assurance Marketplace, or SWAMP, provides a state-of-the-art facility that serves as an open resource for software developers, software assurance tool developers, and software researchers who wish to collaborate and improve software assurance activities in a safe, secure environment.

  • Chemical, defense companies subject to Chinese Nitro attacks

    More and more chemical and defense companies around the world are victims of Nitro attacks. These attacks, launched by government-backed Chinese hackers, install PoisonIvy, a Remote Access Tool (RAT) stealthily placed on computer systems to steal information. The majority of the computers infected belong to firms in the United States, Bangladesh, and the United Kingdom.

  • National Guard units help states ward off cyberattacks

    Governors across the United States are mobilizing their states’ National Guard units to combat threats from cyberattacks. The state of Washington was the first state to assign the state’s National Guard cybersecurity responsibilities. The state recognized the potential of its National Guard as a cyberforce when it realized that many of its soldiers, who are full-time employees and part-time soldiers, worked for tech employers such as Google, Boeing, Cisco, Verizon, and Microsoft.

  • Two Israeli startups with innovative cybersecurity solutions raise combined $25 million

    Two Israeli cybersecurity startups, launched by veterans of the IDF technology units, announced that, separately, they had raised a combined $25 million from investors. Adallom’s solution accumulates users’ behavioral data in order to protect databases. It monitors how software applications like the customer relationship management program Salesforce, Google apps, and Microsoft Office 360 are used, and protects data security. Aorato’s solution watches for suspicious usage of employee credentials – for example, multiple guessing attempts. “2013 showed the world the risks of advanced threats in parallel to the implications of insiders’ access to sensitive corporate data,” Aorato’s CEO Idan Plotnik noted, referring to the Edward Snowden’s leaks of secret government information.

  • Lawmaker wants to know how cyber-safe vehicles are

    Senator Ed Markey (D-Massachusetts) has asked twenty automobile manufacturers to submit details of their plans to prevent vehicles from wireless hacking attempts, as well as plans to prevent violations of driver privacy. Markey wants automobile manufacturers to apply computer-industry security processes and technology — including anti-virus software, incident logging, incident-response planning, software vulnerability patching, and third-party penetrating testing — to mass produced vehicles.

  • Cybersecurity giants adapt to changing cyberthreat landscape

    McAfee and Symantec, the two technology giants of traditional firewall and antivirus protection software, are shifting their attention to focus more on cybersecurity challenges. A rapidly changing landscape for computer networks, in which data is transmitted and stored via mobile devices and cloud computing, has created demand for products and services that can secure information against state-sponsored or organized cyber terrorism.

  • New Silicon Valley focus on cybersecurity

    The last time Silicon Valley focused on cybersecurity was in the 1990s. That focus saw the emergence of two giants: McAfee and Symantec. The two companies remain the most recognizable household names, thanks to their traditional firewall and anti-virus products. Now they find the arena which they thought was their own encroached from two sides. On one side there are tech giants like Hewlett-Packard and Cisco Systems, which see new revenue opportunity in cybersecurity. On the other side there is a rush of start-ups backed by large investments of venture capital.

  • Digital privacy services enjoying a surge in demand

    Digital privacy services such as encrypted e-mail, secure instant messaging, and services that provide hard-to-track IP addresses are enjoying a surge in demand as individuals and businesses seek to protect information from spies and hackers in the wake of the National Security Agency’s (NSA) surveillance program revelations. These services promise security, but may also slow down computer performance. Moreover, they are not likely to deter those who are determined to hack into a particular computer network.

  • Government, private sector prioritize cybersecurity education

    As government and private sector organizations transmit and store more information electronically, the need for professionals with skills to protect and evaluate sensitive information is increasing. American companies and government agencies are expanding various initiatives aimed at increasing the number of cybersecurity professionals in the country.

  • Using keyboard, mouse, and mobile device “fingerprints” to protect data

    Passwords are not secure because they can be hacked or hijacked to get at sensitive personal, corporate, or even national security data. Researchers suggest a more secure way to verify computer users and protect data: tracking individual typing patterns. The researchers are now working on developing ways to identify and track individual patterns of using a mobile device or a computer mouse.

  • Cyberdeviance, cybercrime start and peak in the teen years

    A snapshot survey indicates that cyberdeviance and cybercrime start among teens at about age 15 and peak at about age 18. This is in line with the traditional onset and peak ages for other types of misdemeanor and criminal offenses.

  • Coordinating responses to cloud, infrastructure vulnerabilities

    Cybercrime presents a significant threat to individual privacy, commerce, and national security. In order to tackle this cross-border threat properly, agents involved in managing and monitoring cyber-risk-critical assets need to be able to cooperate and co-ordinate their prevention strategies. Platforms enabling coordinated cross-border responses already work well for handling malicious activity on the traditional Internet. The advent of cloud computing, however, has created a new set of challenges for security professionals in securing the platforms that deliver the cloud.

  • IID raises $8 million to scale shared cyberintelligence offering

    Despite the growing danger posed by cybercrime, information vital to stemming the tide is fragmented across the Internet today. Pockets of data about threat activity are siloed within the repositories of individual enterprises, government organizations, vendor networks, and research institutions. IID’s ActiveTrust enables enterprises and government agencies to combat the rising frequency and sophistication of cyberattacks by sharing cyber incident data in real time. IID has raised $8 million in Series A funding from Bessemer Venture Partners (BVP), and said it will use the investment to accommodate growing demand for ActiveTrust.

  • Trustev closes $3 million seed funding round

    According to research by eMarketer, global e-commerce sales are expected to reach nearly $1.3 trillion in 2013, making online fraud prevention an urgent and important requirement for every merchant. Trustev addresses this requirement by using multiple dynamic data sources to independently verify a user’s identity on e-commerce sites. The company has just closed a $3 million seed funding round to finance the further development of its e-commerce security and online fraud protection technology.

  • U.S., China begin formal cybersecurity talks

    U.S. and Chinese officials have begun a week of formal discussions on cybersecurity. A bi-lateral group held its first meeting Monday at the State Department with both civilians and military officials included in the talks.