-
Stuxnet heralds age of cyber weapons, virtual arms race
Mounting evidence indicates that Stuxnet was created by the United States and Israel to target Iran’s nuclear program; analysts call this the first use of a specially designed cyber weapon and fear the beginning of a cyber weapons arms race; one analyst hopes that a doctrine of mutually assured destruction will limit the use of these devastating weapons in the future; current trends and other analysts indicate that cyber space will continue to be militarized
-
-
NATO networks vulnerable to cyber threat: U.S.
U.S. says NATO’s military networks are not fully protected against cyber threats and the alliance must make good on a pledge to erect a virtual wall by 2012; U.S. Deputy Defence Secretary William Lynn warned at the end of a two-day visit to Brussels that the cyber threat was “maturing” from an espionage and disruption tool to a destructive force against vital infrastructure
-
-
Bill giving president power over Internet in cyber emergency to return
A controversial bill handing President Obama power over privately owned computer systems during a “national cyberemergency,” and prohibiting any review by the court system, will return this year; the bill which emerged from a Senate committee on 15 December 2010, is more restrictive in three respects than the original bill, made public June 2010: The revised version sayis that the federal government’s designation of vital Internet or other computer systems “shall not be subject to judicial review”; another addition expanded the definition of critical infrastructure to include “provider of information technology”; a third authorized the submission of “classified” reports on security vulnerabilities
-
-
Australia unprepared for cyber attacks
The head of cyber security at BAE Systems Australia is calling for expanded training for cyber security experts in Australia; he believes that there is a lack of proper training and there must be greater cooperation between the government and the private sector; a government report finds that the Australian government is underprepared for cyber security threats; in February 2010 hackers brought down the government’s main site and the parliament’s homepage for two days
-
-
Brivo: using the Internet to control, secure devices
Cloud computing offers efficiency and economy — but the Achilles Heel of the technology is security; Brivo uses software as a service (SaaS)-based physical access control systems (PACS) to leverage the power and versatility of the Internet to provide real-time device control for organizations that need to protect buildings and facilities
-
-
GAO finds critical shortfalls in cyber security guidelines for smart grid
The GAO issued a report that found critical shortfalls in the proposed guidelines for modernizing the smart grid; the proposed guidelines, released by NIST and the FERC, contained several shortcomings that would leave the nation’s security grid vulnerable to cyber attack; “missing pieces” in the guideline include a lack of metrics to evaluate cyber security, no enforcement mechanisms, and no coordination of disjointed oversight bodies; NIST and FERC agreed with the findings and is moving to address them in their next set of guidelines
-
-
Cyber Security Challenge finalists shortlisted
The nation-wide U.K. Cyber Security Challenge held the first round of competition over the weekend, with two teams making it through to the finals; the industry-sponsored Challenge aims to entice young people into choosing cyber security as a career and to find great IT talent that could be put to use for defending U.K.’s cyber infrastructure
-
-
Fears of cyberwar exaggerated: report
New report says that analysis of cyber-security issues has been weakened by the lack of agreement on terminology and the use of exaggerated language; the report says online attacks are unlikely ever to have global significance on the scale of, say, a disease pandemic or a run on the banks; the authors say, though, that “localized misery and loss” could be caused by a successful attack on the Internet’s routing structure, which governments must ensure are defended with investment in cyber-security training
-
-
Israel, with U.S. help, tested Stuxnet at Dimona before attacking Iran
The New York Times quoted intelligence and military experts to say that U.S. and Israeli intelligence services collaborated to develop a destructive computer worm to sabotage Iran’s efforts to make a nuclear bomb; the Stuxnet computer worm shut down a fifth of Iran’s nuclear centrifuges in November and helped delay its ability to make its first nuclear weapons; before using Stuxnet to attack Iran’s nuclear program, Israel has tested the effectiveness of the malware at the heavily guarded Dimona complex in the Negev desert which houses Israel’s undeclared — and the Middle East’s sole — nuclear weapons program
-
-
Estonia considers draft for newly created cyber army in emergency
Estonia just announced the creation of an all-volunteer cyber army; the Cyber Defense League unites computer experts from the private sector and the government; the League conducts regular drills and operates under a unified military command; Estonian defense officials are contemplating instituting a cyber expert draft in the event of a serious national crisis; Estonia is the first country to experience a cyber war — in 2007 Russian hackers, suspected of having been directed by the Russian military, systematically shut down major government, financial, political and news Web sites
-
-
Android phones more vulnerable to cyber attacks than Apple iPhone
Android smart phones are more susceptible to hacking and viruses than Apple’s iPhone; the Android operating system is open source, allowing hackers to understand the underlying code; Apple iPhone may have a safer operating system, but it is not impervious to attacks; McAfee warns that 2011 will see hackers increasingly target mobile devices like Android phones, iPads, and iPhones
-
-
NEC releases software that configures access policy automatically
NEC Corporation announced the development of technology that collectively distributes and configures access policy to a variety of computing resources in a cloud computing environment; the newly-developed technology helps to reduce operation costs and to improve security
-
-
Government IT contractors remain optimistic about future
Government services and information technology (IT) contractors remain optimistic about future growth; the defense industry still remains as “an $800 billion marketplace,” despite budget cuts and an increasing move by the federal government to insource contracts; IT firms are particularly positive about growth in key areas like cyber security, intelligence, and simulation; federal spending on cyber security is projected to reach $13.3 billion annually by 2015
-
-
Quick Heal introduces technology to track laptops
New laptop tracking technology will help Indian police track and locate stolen laptops across the country; Quick Heal, the company offering the technology, also aims to create a centralized database of lost or stolen laptops; the database will be accessible to retailers and consumers
-
-
Obama pushing for Internet ID for Americans
The Obama administration is currently drafting what it is calling the National Strategy for Trusted Identities in Cyberspace, which will give the Commerce Department the authority over a forthcoming cybersecurity effort to create an Internet ID for Americans
-
More headlines
The long view
States Rush to Combat AI Threat to Elections
By Zachary Roth
This year’s presidential election will be the first since generative AI became widely available. That’s raising fears that millions of voters could be deceived by a barrage of political deepfakes. Congress has done little to address the issue, but states are moving aggressively to respond — though questions remain about how effective any new measures to combat AI-created disinformation will be.
Ransomware Attacks: Death Threats, Endangered Patients and Millions of Dollars in Damages
By Dino Jahic
A ransomware attack on Change Healthcare, a company that processes 15 billion health care transactions annually and deals with 1 in 3 patient records in the United States, is continuing to cause massive disruptions nearly three weeks later. The incident, which started on February 21, has been called the “most significant cyberattack on the U.S. health care system” by the American Hospital Association. It is just the latest example of an increasing trend.
Chinese Government Hackers Targeted Critics of China, U.S. Businesses and Politicians
An indictment was unsealed Monday charging seven nationals of the People’s Republic of China (PRC) with conspiracy to commit computer intrusions and conspiracy to commit wire fraud for their involvement in a PRC-based hacking group that spent approximately 14 years targeting U.S. and foreign critics, businesses, and political officials in furtherance of the PRC’s economic espionage and foreign intelligence objectives.
Autonomous Vehicle Technology Vulnerable to Road Object Spoofing and Vanishing Attacks
Researchers have demonstrated the potentially hazardous vulnerabilities associated with the technology called LiDAR, or Light Detection and Ranging, many autonomous vehicles use to navigate streets, roads and highways. The researchers have shown how to use lasers to fool LiDAR into “seeing” objects that are not present and missing those that are – deficiencies that can cause unwarranted and unsafe braking or collisions.
Tantalizing Method to Study Cyberdeterrence
By Trina West
Tantalus is unlike most war games because it is experimental instead of experiential — the immersive game differs by overlapping scientific rigor and quantitative assessment methods with the experimental sciences, and experimental war gaming provides insightful data for real-world cyberattacks.