• Britain faces "real and credible" cyber threat: intelligence chief

    In a rare public speech, Iain Lobban, director of the Government Communications Headquarters (GCHQ), said that there is a “real and credible” cyber threat to U.K. infrastructure, and that Britain’s economy could be at risk if effective protection against cyber attacks was not developed

  • Briton gets 4-months jail for refusing to disclose password

    A 19-year old Briton used a 50-charcter password to protect child pornography files he kept in his computers; the court ordered him to reveal the password, but he refused and was sentenced to sixteen weeks imprisonment

  • Experts: Stuxnet "a game changer"

    EU cybersecurity agency warns that the Stuxnet malware is a game changer for critical information infrastructure protection; PLC controllers of SCADA systems infected with the worm might be programmed to establish destructive over/under pressure conditions by running pumps at different frequencies; Dr. Udo Helmbrecht, chief of EU’s cybersecurity agency: “Stuxnet is a new class and dimension of malware—- The fact that perpetrators activated such an attack tool, can be considered as the ‘first strike’ against major industrial resources. This has tremendous effect on how to protect national [cyber and critical infrastructure] in the future’

  • Skullduggery on a massive scale

    Stuxnet, the malware which attacked more than 30,000 computers used in industrial control systems in Iran, including that country’s nuclear weapons facilities, represents a new class and dimension of malware; it can reach into the physical world, allowing attackers to run motors so fast they burn out, to turn off alarms and safety cut-offs, open effluent valves and activate pumps — in the words of Paul Marks, it allows attackers to “carry out industrial sabotage and skullduggery on a massive scale”

  • Malware will soon steal behavioral patterns

    Examples of malware which steals personal information are all around us, sometimes for the purpose of making it public and at other times for profit; computer scientists predict that a new generation of malware will mine social networks for people’s private patterns of behavior

  • U.S. implements president's cybersecurity recommendations

    GAO reports that of the 24 recommendations included in the president’s May 2009 cyber policy review report, 2 have been fully implemented and 22 have been partially implemented; the two fully implemented recommendations involve appointing within the National Security Council (NSC) a cybersecurity policy official (Special Assistant to the President and Cybersecurity Coordinator) responsible for coordinating the U.S. cybersecurity policies and activities, and a privacy and civil liberties official. Examples of partially implemented recommendations include

  • Iran: Stuxnet infected industrial computers cleaned

    Iran claims that Stuxnet, the sophisticated virus which has infected more than 30,000 computers used in industrial control systems in Iran, has been removed; Iranian officials also denied that the Bushehr nuclear reactor was among the addresses penetrated by the worm

  • Impact of cyberattack on U.S. could be "an order of magnitude surpassing" 9/11

    Former director of national intelligence and director of the National Security Agency Mike McConnell and Bush administration Homeland Security Adviser Fran Townsend say the United States is unprepared for a cyberattack and must overhaul its defenses; they said a large-scale cyberattack against the United States could impact the global economy “an order of magnitude surpassing” the attacks of 9/11; McConnell: “The warnings are over; it could happen tomorrow”

  • U.S. Cyber Command will not go operational today as planned

    The U.S. Cyber Command was to become operational today — but difficulties in recruiting qualified uniformed staff and lack of clarity about the Command’s mission have led the Command leaders to say that rather than fully operational, the Command, for the time being, will remain only at “initial operational capability”

  • Stuxnet shows how nuclear plants may be attacked

    Security experts say that critical infrastructure firms need to respond quickly in order to protect their systems from Stuxnet, and warn that its spread may mark the beginning of increased cyber espionage and sabotage; what is especially worrisome about Stuxnet is that a pattern in its code — designed to match that of a specific application — suggests that the worm’s authors had a specific facility in mind

  • October's National Cyber Security Awareness Month launched

    Dozens of cybersecurity initiatives to reach consumers, students, and businesses; the National Cyber Security Alliance (NCSA), DHS, and the Multi-State Information Sharing and Analysis Center, have sponsored National Cyber Security Awareness Month every October since its founding in 2003

  • Faster cybersecurity with merging of two protocols

    Combination of unrelated protocols — a suite of automated network access control standards from the Trusted Computing Group and the government’s Security Content Automation Protocols (SCAP) — now being tested in South Carolina to enable automated policy enforcement on networks; the two standards offer a complementary set of capabilities, each valuable in its own right but much more powerful when combined

  • Ethical hacking conference coming to Charleston, WVA

    A major ethical hacking event will take place in Charleston, West Virginia, 23-24 October; the event will focus on “white hat hacking” — meaning learning how to think like the “black hat hackers” or bad actors and how they operate; a Hacker Village will be set up at the Charleston Civic Center featuring a network of systems designed with vulnerabilities so attendees can try their stuff with mentors on hand

  • Cyber innovation center launches in Maryland

    SAIC opens a new Cyber Innovation Center in Columbia, Maryland; SAIC employees in Columbia and throughout the United States will have remote access to the Center’s technical-solutions lab