• Protecting the security for networks of the future

    Today’s company networks comprise hundreds of devices: routers for directing data packets to the right receiver, firewall components for protecting internal networks from the outside world, and network switches. Such networks are extremely inflexible because every component, every router and every switch can carry out only the task it was manufactured for. If the network has to be expanded, the company has to integrate new routers, firewalls or switches and then program them by hand. This is why experts worldwide have been working on flexible networks of the future for the last five years or so, developing what is known as software-defined networking (SDN). It presents one disadvantage, however; it is susceptible to hacker attacks. Researchers have now developed a way to protect these future networks.

  • The encryption debate is heating up

    The privacy vs. security debate is heating up. Should messages on private devices be encrypted to protect our privacy? Will this dangerously hamper national and international security efforts? If we go the encryption route, are technologies being implemented fast enough to protect sensitive data from criminals?

  • Privacy in the digital age essential to protecting basic liberties: Privacy law expert

    In our increasingly digital world, the balance between privacy and free speech is tenuous, at best. We often overlook, however, the important ways in which privacy is necessary to protect our cherished civil liberties of freedom of speech, thought, and belief, says Neil M. Richards, JD, a privacy law expert at Washington University in St. Louis and author of the new book, Intellectual Privacy: Rethinking Civil Liberties in the Digital Age, published 2 February.

  • U.S. yet to develop a strategy to secure nation’s critical infrastructure

    For years, the U.S. government has warned federal and state agencies about the threat posed by hackers who may target computer systems responsible for operating nuclear plants, electric substations, oil and gas pipelines, transit systems, chemical facilities, and drinking water facilities. In February 2013, President Barack Obama issued a directive stating, “It is the policy of the United States to strengthen the security and resilience of its critical infrastructure against both physical and cyber threats.” Two years later the federal government has yet to develop or adopt a consensus on how to secure America’s critical infrastructure from cyber criminals.

  • Assad regime employed Skype to steal military plans from moderate rebels

    A FireEye report details the activities of a cyber-espionage group that stole Syrian opposition’s strategies and battle plans. To undertake this operation, the threat group employed a familiar tactic: ensnaring its victims through conversations with seemingly sympathetic and attractive women. As the conversations progressed, the “women” would offer up a personal photo, laden with malware and developed to infiltrate the target’s computer or Android phone.

  • New Chinese cyber rules aim to facilitate intellectual property theft: U.S. tech companies

    The Chinese government’s cyberspace policy group in late 2014 approved a 22-page document which contained strict procurement rules for technology vendors. Those rules would require U.S. firms selling computer equipment in China to turn over sensitive intellectual property — including source codes — submit their products for “intrusive security testing,” and use Chinese encryption algorithms. U.S. companies selling equipment to Chinese banks will be required to set up research and development centers in China, get permits for workers servicing technology equipment, and build “ports” which allow Chinese officials to manage and monitor data processed by their hardware. U.S. tech companies charge that the new rules would make it easier for China to steal U.S. companies’ intellectual property.

  • Idaho bolsters the state’s cyber defenses

    Idaho’s director of the Bureau of Homeland Security says that cyber threats remain the most important yet least understood risk to government and the private sector. He has announced plans to tackle that vulnerability in the state. The director of the Bureau says that cybersecurity will never be perfect, which makes it imperative for organizations like the Idaho Bureau of Homeland Security to focus on planning that incorporates not just defense, but also detection and the mitigation of damage that has already occurred.

  • Patriot Act’s reauthorization an obstacle for cyber information sharing bill

    Recent cyber hacking incidents have persuaded lawmakers to pass a cyber information sharing bill which will help protect U.S. private sector networks. Business groups and federal intelligence agencies insist that information exchange is critical to protecting the nation’s cyber infrastructure. One of the hurdles to passing such a bill is that by 1 June, Congress must reauthorize sections of the Patriot Act which are the basis for the NSA’s most controversial surveillance programs. Many lawmakers consider NSA reform to be essential before they can support the White House’s cybersecurity proposal, which would allow cyber information sharing between the public and private sector.

  • New technology proves effective in thwarting cyberattacks on drones

    Engineering researchers from the University of Virginia and the Georgia Institute of Technology have successfully flight-tested scenarios which could threaten drones, including ground-based cyber-attacks. The demonstration of U.Va’s System-Aware Cybersecurity concept and Secure Sentinel technology was part of a research project led by U.Va. engineers to detect and respond to cyber-attacks on unmanned aerial systems.

  • European govts. urge U.S. tech companies to remove terrorist-related postings from sites

    The terror attacks in Paris have led French and German authorities to call on U.S. tech firms to help identify terrorist communications and remove hate speech from social media sites. The United Kingdom has also, for several months now, pressed Internet firms to be proactive in removing extremist content such as videos of sermons by radical Islamic preachers or recruitment material, from their sites. These recent requests for more cooperation between U.S. tech firms and European governments contrast with calls from many of the same governments who, following the Edward Snowden leaks, criticized U.S. tech firms for being too close to law enforcement agencies.

  • U.S.-U.K. cyber war games to test the two countries’ cyber resilience

    American and British security agencies have agreed to a new round of joint cyber “war games” to test each country’s cyber resilience. The move comes after a year of high profile cyberattacks against the U.S. private sector and after warnings from the U.K. Government Communications Headquarters that computer networks of British firms face daily attacks by hackers, criminal gangs, competitors, and foreign intelligence services.

  • 8 Tips to prevent data breaches

    Securing electronic messages should be one of the top IT priorities for organizations in 2015. The process should not be overly complex or expensive, but it does require proper planning and regular revisions. While there is no such thing as a 100 percent breach-proof security system, the majority of attacks can easily be prevented by following the simple steps outlined in this article.

  • Smart keyboard can tell who you are – and also powers and cleans itself

    In a novel twist in cybersecurity, scientists have developed a self-cleaning, self-powered smart keyboard that can identify computer users by the way they type. The smart keyboard can sense typing patterns — including the pressure applied to keys and speed — that can accurately distinguish one individual user from another.

  • Former head of MI6 calls for new surveillance pact between governments and ISPs

    The former head of British intelligence agency MI6, Sir John Sawers, has called for a new surveillance pact between Internet companies and U.S. and U.K. security services. Both groups could work together as they had in the past to prevent a repeat of terror events such as the recent Paris attacks, he said. American and British law enforcement and intelligence agencies are urging major Internet companies to provide backdoors or access to encrypted e-mails and other forms of Web communications. “I think one benefit of the last eighteen months’ debate [since Snowden’s leaks were made public] is that people now understand that is simply not possible [to keep the public secure without surveillance] and there has to be some form of ability to cover communications that are made through modern technology,” Sawers said.

  • Mandatory cybersecurity regulations necessary to protect U.S. infrastructure: Experts

    Since last year’s cyberattacks made public the cyber vulnerabilities of major U.S. firms including Sony Entertainment, JPMorgan Chase, and Target, President Barack Obama has been on the offensive, proposing strict rules better to prosecute hackers and make U.S. firms responsible for protecting consumer information. Experts say, though, that private firms are unlikely, on their own, to make the necessary financial investment to protect against a critical infrastructure cyberattack. What is needed, these experts say, is a mandatory cybersecurity framework followed by all entities involved with critical infrastructure, strong protection of information regarding cyberattacks shared with DHS, and a sincere effort from the private sector to secure their own networks.