Cybersecurity

  • CybersecurityIdaho bolsters the state’s cyber defenses

    Idaho’s director of the Bureau of Homeland Security says that cyber threats remain the most important yet least understood risk to government and the private sector. He has announced plans to tackle that vulnerability in the state. The director of the Bureau says that cybersecurity will never be perfect, which makes it imperative for organizations like the Idaho Bureau of Homeland Security to focus on planning that incorporates not just defense, but also detection and the mitigation of damage that has already occurred.

  • CybersecurityPatriot Act’s reauthorization an obstacle for cyber information sharing bill

    Recent cyber hacking incidents have persuaded lawmakers to pass a cyber information sharing bill which will help protect U.S. private sector networks. Business groups and federal intelligence agencies insist that information exchange is critical to protecting the nation’s cyber infrastructure. One of the hurdles to passing such a bill is that by 1 June, Congress must reauthorize sections of the Patriot Act which are the basis for the NSA’s most controversial surveillance programs. Many lawmakers consider NSA reform to be essential before they can support the White House’s cybersecurity proposal, which would allow cyber information sharing between the public and private sector.

  • Drone securityNew technology proves effective in thwarting cyberattacks on drones

    Engineering researchers from the University of Virginia and the Georgia Institute of Technology have successfully flight-tested scenarios which could threaten drones, including ground-based cyber-attacks. The demonstration of U.Va’s System-Aware Cybersecurity concept and Secure Sentinel technology was part of a research project led by U.Va. engineers to detect and respond to cyber-attacks on unmanned aerial systems.

  • Terrorism & social mediaEuropean govts. urge U.S. tech companies to remove terrorist-related postings from sites

    The terror attacks in Paris have led French and German authorities to call on U.S. tech firms to help identify terrorist communications and remove hate speech from social media sites. The United Kingdom has also, for several months now, pressed Internet firms to be proactive in removing extremist content such as videos of sermons by radical Islamic preachers or recruitment material, from their sites. These recent requests for more cooperation between U.S. tech firms and European governments contrast with calls from many of the same governments who, following the Edward Snowden leaks, criticized U.S. tech firms for being too close to law enforcement agencies.

  • CybersecurityU.S.-U.K. cyber war games to test the two countries’ cyber resilience

    American and British security agencies have agreed to a new round of joint cyber “war games” to test each country’s cyber resilience. The move comes after a year of high profile cyberattacks against the U.S. private sector and after warnings from the U.K. Government Communications Headquarters that computer networks of British firms face daily attacks by hackers, criminal gangs, competitors, and foreign intelligence services.

  • Digital Security // By Todd Sexton8 Tips to prevent data breaches

    Securing electronic messages should be one of the top IT priorities for organizations in 2015. The process should not be overly complex or expensive, but it does require proper planning and regular revisions. While there is no such thing as a 100 percent breach-proof security system, the majority of attacks can easily be prevented by following the simple steps outlined in this article.

  • AuthenticationSmart keyboard can tell who you are – and also powers and cleans itself

    In a novel twist in cybersecurity, scientists have developed a self-cleaning, self-powered smart keyboard that can identify computer users by the way they type. The smart keyboard can sense typing patterns — including the pressure applied to keys and speed — that can accurately distinguish one individual user from another.

  • SurveillanceFormer head of MI6 calls for new surveillance pact between governments and ISPs

    The former head of British intelligence agency MI6, Sir John Sawers, has called for a new surveillance pact between Internet companies and U.S. and U.K. security services. Both groups could work together as they had in the past to prevent a repeat of terror events such as the recent Paris attacks, he said. American and British law enforcement and intelligence agencies are urging major Internet companies to provide backdoors or access to encrypted e-mails and other forms of Web communications. “I think one benefit of the last eighteen months’ debate [since Snowden’s leaks were made public] is that people now understand that is simply not possible [to keep the public secure without surveillance] and there has to be some form of ability to cover communications that are made through modern technology,” Sawers said.

  • CybersecurityMandatory cybersecurity regulations necessary to protect U.S. infrastructure: Experts

    Since last year’s cyberattacks made public the cyber vulnerabilities of major U.S. firms including Sony Entertainment, JPMorgan Chase, and Target, President Barack Obama has been on the offensive, proposing strict rules better to prosecute hackers and make U.S. firms responsible for protecting consumer information. Experts say, though, that private firms are unlikely, on their own, to make the necessary financial investment to protect against a critical infrastructure cyberattack. What is needed, these experts say, is a mandatory cybersecurity framework followed by all entities involved with critical infrastructure, strong protection of information regarding cyberattacks shared with DHS, and a sincere effort from the private sector to secure their own networks.

  • CybersecurityInformation assurance specialist licenses ORNL malware detection technology

    Washington, D.C.-based R&K Cyber Solutions LLC (R&K) has licensed Hyperion, a cybersecurity technology from the Department of Energy’s Oak Ridge National Laboratory that can quickly recognize malicious software even if the specific program has not been previously identified as a threat. By computing and analyzing program behaviors associated with harmful intent, Hyperion technology can look inside an executable program to determine the software’s behavior without using its source code or running the program.

  • CybersecurityProposed changes to CFAA, RICO would criminalize cybersecurity research: Critics

    Cybersecurity professionals are concerned that the White House’s proposed changes to the Computer Fraud and Abuse Act (CFAA) and the Racketeering Influenced and Corrupt Organizations (RICO) Act, could criminalize cybersecurity research. The legislative proposals would make accessing public documents illegal if the documents’ owner would not have approved; create stricter punishments for anyone convicted of a cybercrime; and would allow the government to seize assets connected to cybercrimes. The White House also proposes upgrading hacking to a “racketeering” offense.

  • EncryptionIf you seek to “switch off” encryption, you may as well switch off the whole Internet

    By Bill Buchanan

    Prime Minister David Cameron has stated that the U.K. government will look at “switching off” some forms of encryption in order to make society safer from terror attacks. This might make a grand statement but it is impossible to implement and extremely technologically naïve. Encryption is a core part of the Internet; its use is increasing every day — Google’s services, including search and e-mail, use encrypted streams, as do Facebook and Twitter and many other widely used sites. Encryption makes it almost impossible for eavesdroppers to read the contents of the traffic. It is the foundation upon which all e-commerce is based. The technical case for switching off encryption is thus simply a non-starter. In fact we are moving in the opposite direction, replacing the old, open Internet with one that incorporates security by design. If you wish to switch off encryption, it will unpick the stitching that holds the Internet together.

  • CybersecurityCyber protection of DHS’s and other federal facilities is weak: GAO

    While most cybersecurity threats against government agencies tend to focus on network and computer systems, a growing number of access control systems, responsible for regulating electricity use, heating, ventilation, and air-conditioning (HVAC), and the operation of secured doors and elevators are also vulnerable to hacking. .” GAO warns that despite the seriousness of the vulnerabilities, agencies tasked with securing federal facilities have not been proactive.

  • Cybersecurity researchU Wisconsin, shedding 1960s anti-classified research image, launches cybersecurity center

    A new cybersecurity research center being built in partnership with private firms and the University of Wisconsin(UW) system aims to attract high-tech research dollars to the state, but administrators must balance the secrecy required for classified research with the openness which is the foundation of academic science. The state legislature passed a 2014 law allowing UW to accept contract for classified work partly in hopes that the school system will lose the perception of being an anti-classified-research environment, a perception dating back to campus protests against military research in the 1960s.