• Hyperion cyber security technology receives commercialization award

    The commercial licensing of a cybersecurity technology developed at the Department of Energy’s Oak Ridge National Laboratory has been recognized by the Federal Laboratory Consortium for Technology Transfer (FLC) as a good example of moving technology to the marketplace. Hyperion, which has the capability automatically to analyze executable programs and recognize behaviors that signal malicious intent and vulnerabilities, was licensed to Virginia-based R&K Cyber Solutions, LLC, in late 2014.

  • Realistic data needed to develop the 21st century power grid

    Say you have a great new theory or technology to improve the nation’s energy backbone — the electric grid. Would it not be great to test it against a model complete with details that would tell you how your ideas would work? But it is a challenge, because existing sets of data are too small or outdated; and you do not have access to real data from the grid because of security and privacy issues. To overcome this problem, is helping to create open-access power grid datasets for researchers and industry.

  • Reframing the encryption debate

    A new report examines the high-profile debate around government access to encryption, and offers a new perspective gleaned from the discussion, debate, and analyses of an exceptional and diverse group of security and policy experts from academia, civil society, and the U.S. intelligence community. The report takes issue with the usual framing of the encryption debate and offers context and insights that widen the scope of the conversation more accurately to reflect the surveillance landscape both now and in the future.

  • Building cyber security testbed to help protect the power grid

    It is easy to think of the electrical grid as the power plants, the high voltage lines, the transmission towers, the substations, and all the low-voltage distribution lines that bring power to our homes and businesses. An attack on that grid would involve getting out and cutting lines or dropping towers. But there is another, less visible piece to the grid — all the computers and communication networks that make it work. Attackers can go after the cyber grid, too. They can do it from a desktop. At no real cost. Potentially from anywhere in the world. With few if any clues left behind.

  • NIST seeks vendors to help secure wireless medical devices

    Medical devices such as the infusion pumps that deliver medication intravenously were once standalone instruments that interacted only with the patient. Today, they have operating systems and communications hardware that allow them to connect to other devices and networks. While this technology has created more powerful tools and the potential for improved patient care, it also creates new safety and security risks.

  • Researchers use advanced algorithms to identify six botnets

    Ben-Gurion University of the Negev (BGU) cyber security researchers have discovered and traced approximately six “botnets” by analyzing data collected from past cyberattacks. Botnets are networks of malicious, remotely updatable code that covertly lurk on infected computers.

  • Navigations systems are vulnerable to hackers

    When it comes to route planning, drivers have almost blind faith in GPS. The technology plays an important role in identifying location and time in other areas, too. If hackers attack the system, they can cause great damage. Information security researches look to develop defensive measures.

  • Using unpredictability to defend computers from cyberattacks

    We want our computers to perform the way we expect. But what if the key to defeating malware is introducing a bit of chaos? Researchers think a bit of unpredictability could help outsmart malware. This is the logic behind Chameleon, the operating system they are developing. In Chameleon, which is still in the conceptual phase, unknown programs that could be malware run in a special “unpredictable” environment, where the OS intentionally introduces some unpredictability to the way they operate.

  • Intel unveils new security-on-a-chip system

    Intel on Tuesday unveiled a new password security-on-a-chip system called Intel Authenticate. The new security system aims to thwart hackers who use fake e-mails to trick employees into revealing sensitive information like user names and passwords. Intel said that putting the authentication process on a chip makes the PC itself part of the security system.

  • U Wyoming could become cybersecurity hub

    Wyoming Governor Matt Mead has requested state funding to develop a program at the University of Wyoming to become a center of excellence in cyber defense. According to the Wyoming Cybersecurity Education Initiative, proposed curriculum in the College of Engineering and Applied Science’s Department of Computer Science would educate students to defend against such attacks and “provide meaningful and sustainable impact to Wyoming’s technology sector through cybersecurity and information assurance higher-education programs.”

  • ISIS should be kicked off the open Web: Google official

    Jared Cohen, director at Google Ideas and an advisor to the heads of parent company Alphabet Google, said ISIS should be kicked off the open Web. He noted that the Islamist group is always going to be in a position to use some aspects of the Internet, such as anonymized browsing through Tor and the uncatalogued dark Web, but it should be chased away from the open Web.

  • Young women’s warning to other women: Don’t be fooled by ISIS

    A young woman who converted to Islam after being drawn to ISIS on social media has publicly warned other girls about how the jihadist group uses social media to reach vulnerable individuals such as herself. Her mother called the national hotline and the French police was able to intervene before the two women left for Syria. The young woman has since joined other youngest girls in France’s deradicalization program.

  • Mining social media improves disaster response efforts

    Leveraging publicly available social media posts could help disaster response agencies quickly identify impacted areas in need of assistance, according to a team of researchers. By analyzing the September 2013 Colorado floods, researchers showed that a combination of remote sensing, Twitter and Flickr data could be used to identify flooded areas.

  • SplashData releases annual “Worst Passwords” list -- “123456” maintains top spot

    SplashData has announced its annual list of the twenty-five most common passwords found on the Internet — thus making them the “Worst Passwords” that will expose anybody to being hacked or having their identities stolen. The 2014 list of worst passwords demonstrates the importance of keeping names, simple numeric patterns, sports, and swear words out of your passwords. In this year’s report – the company’s fourth annual report — compiled from more than 3.3 million leaked passwords during the year, “123456”and “password” continue to hold the top two spots that they have held each year since the first list in 2011. Other passwords in the top 10 include “qwerty,” “dragon,” and “football.”

  • Cyberattack on Ukraine grid: here’s how it worked and perhaps why it was done

    On 23 December 2015, two days before Christmas, the power grid in the Ivano-Frankivsk region of Ukraine went down for a reported six hours, leaving about half the homes in the region with a population of 1.4 million without power. Because of its success, the incident has sent shock waves through cybersecurity circles. Could this happen in the West? In short, yes. This incident underscores the need for diligence and the increased effort in cybersecurity that we are seeing in the government and private sectors. The continuously increasing dependence on the power grid is driving the need for cybersecurity to be part of the design of all new systems.