-
Ensuring that software security policies reflect user needs
Researchers have developed a new natural language processing tool that businesses or other customers can use to ensure that software developers have a clear idea of the security policies to be incorporated into new software products
-
-
Dutch law enforcement wants the authority to hack foreign computers
The Dutch government plans to give Dutch law enforcement services the ability to hack into computers – not only in the Netherlands, but also those located in other countries – for the purpose of discovering and gathering evidence in cybercrime investigations
-
-
Kaspersky Lab working on a secure operating system for critical infrastructure
Antivirus firmKaspersky Lab is set to make a major contribution to the security of critical infrastructure systems by developing an operating system specifically designed for such systems; the new operating system will protect information used in infrastructure such as nuclear power plants, transportation control facilities, gas and electrical systems,and other facilities “criticallyimportant” to the economy and well-being of industrialized societies
-
-
Cybersecurity bill supporters want a vote on bill in this Congress
Last week, lawmakers and top White House officials appeared in different events, conferences, and industry gatherings to promote the cyber security bill which has been stalled in the Senate since August; administration’s officials and lawmakers supporting the bill warned that the current situation leaves U.S. critical infrastructure and businesses vulnerable to attack from hackers and spies
-
-
Experts, engineers gather to contribute to DARPA’s Plan X
DARPA’s Plan X will attempt to create revolutionary technologies for understanding, planning, and managing DoD cyber missions in real-time, large-scale, and dynamic network environments; Proposers’ Day dialogue cements program approach
-
-
Cyber criminals target small businesses
A recent study conducted by the National Cyber Security Alliance and Symantec found that 77 percent of small business owners in the United States think their company is safe from cyber criminals; trouble is, 83 percent of them do not have a cyber security plan
-
-
Sen. Rockefeller asks Fortune 500 CEOs for cybersecurity best practices
Last month, Senator Jay Rockefeller (D-West Virginia) sent a letter to the CEOs of fortune 500 companies asking them what cybersecurity practices they have adopted, how these practices were adopted, who developed them, and when they were developed; many saw Rockefeller’s letter as an admission that the Obama administration does not have a basis for trying to impose cybersecurity practices on the private sector through the Cybersecurity Act of 2012, now stalled in Congress
-
-
More companies adopt cloud disaster recovery solutions
More and more companies adopt a cloud disaster recovery solution; in a recent 2012 TechTarget Cloud Pulse survey, a majority of the 926 companies that responded have said they are now using a cloud disaster recovery system or plan to in the next six months
-
-
States may join feds in regulating infrastructure cybersecurity
Dealing with cybersecurity issues relating to U.S. inmfrastructure has largely been a federal responsibility, carried out through the North American Electric Reliability Corporation Critical Infrastructure Requirements (NERC-CIP)’ the limitations of these requirements have led state regulators to consider increasing state role in infrastructure protection
-
-
NIST awards $9 million to promote online security and privacy
The National Institute of Standards and Technology (NIST) last month announced more than $9 million in grant awards to support the National Strategy for Trusted Identities in Cyberspace (NSTIC); five U.S. organizations will pilot identity solutions which increase confidence in online transactions, prevent identity theft, and provide individuals with more control over how they share their personal information
-
-
New solution helps thwart “smash-and-grab” credential theft
Of the data breaches investigated in 2011, servers were among the primary target assets in 64 percent of investigations and those accounted for 94 percent of compromised records; a new solution from RSA scrambles, randomizes, and splits authentication credentials across multiple servers, data centers, and the cloud
-
-
Washington National Guard keeps an eye on cyberattacks
The Washington National Guard is working on a project that will protect state and local governments as well as utilities and businesses in the state from cyberattacks
-
-
Congressional panel says two Chinese telecom companies pose “national security threat” to U.S.
A report by the House Intelligence Committee recommended that the U.S. government be barred from doing business with two Chinese telecommunications firms – Huawei and ZTE – and that American companies should avoid buying their equipment; a committee report said the two companies pose a threat to U.S. national security; installing these companies’ technology in U.S. communication network will not only allow these companies, acting on behalf of the Chinese military and intelligence, to steal sensitive national security information and trade secrets of private U.S. companies – it will also allow China to attack and paralyze large portions of U.S. critical infrastructure
-
-
The administration set to issue a cybersecurity executive order
President Obama issued a proclamation the other day making October National Cyber Security Awareness month. The administration’s efforts to push a cybersecurity bill through Congress, however, have so far failed, so the administration is opting for a solution other administrations have adopted in the face of a recalcitrant Congress: executive order
-
-
Self-contained, Android-based network to study cyber disruptions, help secure hand-held devices
Researchers linked together 300,000 virtual hand-held computing devices running the Android operating system so they can study large networks of smartphones and find ways to make them more reliable and secure; the work is expected to result in a software tool that will allow others in the cyber research community to model similar environments and study the behaviors of smartphone networks
-
More headlines
The long view
States Rush to Combat AI Threat to Elections
This year’s presidential election will be the first since generative AI became widely available. That’s raising fears that millions of voters could be deceived by a barrage of political deepfakes. Congress has done little to address the issue, but states are moving aggressively to respond — though questions remain about how effective any new measures to combat AI-created disinformation will be.
Ransomware Attacks: Death Threats, Endangered Patients and Millions of Dollars in Damages
A ransomware attack on Change Healthcare, a company that processes 15 billion health care transactions annually and deals with 1 in 3 patient records in the United States, is continuing to cause massive disruptions nearly three weeks later. The incident, which started on February 21, has been called the “most significant cyberattack on the U.S. health care system” by the American Hospital Association. It is just the latest example of an increasing trend.
Chinese Government Hackers Targeted Critics of China, U.S. Businesses and Politicians
An indictment was unsealed Monday charging seven nationals of the People’s Republic of China (PRC) with conspiracy to commit computer intrusions and conspiracy to commit wire fraud for their involvement in a PRC-based hacking group that spent approximately 14 years targeting U.S. and foreign critics, businesses, and political officials in furtherance of the PRC’s economic espionage and foreign intelligence objectives.
Autonomous Vehicle Technology Vulnerable to Road Object Spoofing and Vanishing Attacks
Researchers have demonstrated the potentially hazardous vulnerabilities associated with the technology called LiDAR, or Light Detection and Ranging, many autonomous vehicles use to navigate streets, roads and highways. The researchers have shown how to use lasers to fool LiDAR into “seeing” objects that are not present and missing those that are – deficiencies that can cause unwarranted and unsafe braking or collisions.
Tantalizing Method to Study Cyberdeterrence
Tantalus is unlike most war games because it is experimental instead of experiential — the immersive game differs by overlapping scientific rigor and quantitative assessment methods with the experimental sciences, and experimental war gaming provides insightful data for real-world cyberattacks.