• FERC adopts critical infrastructure protection standards

    Federal Energy Regulatory Commission approves eight new mandatory critical infrastructure protection reliability standards; move taken against the backdrop of growing worries in the U.S. intelligence community about attacks on U.S. critical infrastructure

  • EDI to use Xyratex to manage Beijing Airport security

    EDI Technology, a Chinese storage integrator, will use Xyratex F5412E RAID system from Xyratex, a U.K.-based enterprise data storage subsystems and storage process technology provider, for online and archive storage of video surveillance at Beijing Capital International Airport

  • Companies, government responses to war game draw mixed reviews

    Details emerge of a $3 million, invitation-only war game — Cyber Storm —which simulated what DHS described as plausible attacks over five days in February 2006 against the technology industry, transportation lines, and energy utilities by anti-globalization hackers

  • One way to fight criminals, terrorists: Register pre-paid cell phones

    Texas state senator offers legislation, with the support of state police chiefs, which would help in fighting crimes — and terrorism: Legislation would require prepaid cellphone customers to present ID and limit purchases to three phones at a time; it also would require prepaid cellphone service providers to make phone records accessible to police

  • Swedish bank stops sophisticated digital theft

    Forget ski masks and machine guns: Savvy Swedish bank robbers stealthily placed an electronic device under the desk of a bank employee; the device gave instructions to the computer atop the desk to transfer millions of dollars from bank deposits to an account the robbers had set up

  • Spam, Q4 Email Threat Trends of 2007

    A steep rise in attacks using social networking techniques which target user psychology and behavior patterns; spammers launched attacks by predicting user behavior patterns, such as looking for easy cash and discounted gifts during the holiday season, and preying on consumer trust to generate interest in cheap pharmaceutical products and stocks

  • Emphasis shifts to analytical tools rather than building sturdier walls

    The $169 million PayPal paid for Israeli on-line security specialist Fraud Sciences is part of a larger trend in security: “Security is less a matter of keeping everyone outside the outer wall and more one of detecting them sneaking through the premises,” as one analyst put it

  • U.K. Ministry of Defense selects BAE for SSEI

    The Software Systems Engineering Initiative (SSEI) aims to reduce the cost and speed up production of the software; the government has identified such software as “the critical enabling technology” for modern platforms; BAE’s Military Air Solutions will lead a consortium to manage the project

  • Marks & Spencer loses personal information on 26,000 staff

    A laptop belonging to Marks and Spencer was stolen in May 2007, joining a lengthening list of personal data breaches in the United kingdom; Information Commissioner’s Office takes action against company

  • NSA, other spy agencies enlisted in effort to address cyber vulnerability

    Prepare for another heated NSA-domestic spying debate: The Bush administration issues secret directive on 8 January — informally known as the “cyber initiative” — expanding the intelligence community’s role in monitoring Internet traffic; the goal is to protect against a rising number of attacks on federal agencies’ computer systems

  • Estonian student convicted for 2007 attack against Estonian Web sites

    A 20-year-old Estonian student has been fined $1,642 for launching a cyber attack which crippled the Web sites of banks, schools, and government agencies

  • OMB wants privacy review details in FISMA reports

    U.S. government agencies will have to provide more details about the privacy reviews they conduct as part of annual reporting in compliance with FISMA

  • SPARQL is a new, format-independent query technology

    Many successful query languages exist, including standards such as SQL and XQuery, but they were primarily designed for queries limited to a single product, format, type of information, or local data store; SPARQL is the key standard for opening up data on the Semantic Web, and the goal of the Semantic Web is to enable people to share, merge, and reuse data globally

  • Swiss move on quantum cryptography

    Ensuring effective data security is the next challenge for global data networks; quantum cryptography offers such effective security; the Swiss national election in October 2007 provided first real-life test of the technology, and Swiss now move to implement it in security-sensitive sectors of the economy

  • Reviewing -- and fixing -- Open Source code security holes

    Popular open source projects such as Samba, the PHP, Perl, Tcl dynamic languages, and Amanda were found to have dozens or hundreds of security exposures; some are quicker than others in fixing the problem