-
Cloud computing addressing security issues
With cloud improvements such as Google’s “sharding” — the dividing of an individual file among hundreds of systems to prevent someone from gaining a useful amount of information out of individual documents — being implemented and followed closely by competing providers, security and accessibility will become cloud facets continually improved upon
-
-
ITU chief supports governments' need to access BlackBerry communications
In an interview with AP, ITU head Hamadoun Toure said RIM should provide law enforcement access to customer data; Toure characterized the governments’ needs as “genuine” concerns that cannot be ignored
-
-
Sector Report for Thursday, 2 September 2010: Cybersecurity
This report contains the following stories.
Plus 1 additional story.
-
-
U.S. nuclear power plants bolster defenses against cyberattacks
The threat to digital systems at the U.S. nuclear power plants is considerable — especially for new nuclear power facilities that would be built in the United States and throughout the world, as control rooms would employ digital systems to operate the plants; these state-of-the-art instruments and systems make them targets for hackers
-
-
Need for digital security spurs growth of cyber security field
The growing need for digital security has made the shortage of cyber security professionals in the United States even more apparent, and the U.S. government is now engaged in a campaign to train, hire, and retain thousands of cyber professionals; the private sector is doing its share, too: Raytheon initiated the MathMovesU program in 2005, to inspire middle school students to consider math, science, and engineering education and careers; Raytheon awards more than $2 million annually in scholarships and grants to students, teachers, and schools nationwide
-
-
Commercial quantum cryptography vulnerable to attack
Quantum cryptography is one of the most secure known means of transmitting data; in fact, it is often described as “unbreakable” because it relies on the Heisenberg uncertainty principle — observation causes perturbation: if a third party does intercept a quantum signal, this very interception changes the encryption key, making the tampering apparent to parties at both ends; researchers, though, developed and tested a technique exploiting imperfections in quantum cryptography systems to implement an attack
-
-
India gives BlackBerry reprieve, saying Google, Skype are next
BlackBerry users in India have received a 60-day reprieve: RIM has offered the Indian government a solution to interception issue (the Indian government wants to have the ability to intercept BlackBerry communications), and the government says it will examine the offer during the next two months; the government also said that services offered by Google and Skype are next, but unlike BlackBerry, Skype and Google Talk are both encrypted end-to-end, so intercepting communications is extremely difficult
-
-
U.S. intensifies campaign to train, hire, retain cybersecurity professionals
The cyber threats to both government and public network intensify, and the U.S. federal agencies must find ways to attract qualified workers and develop new skills internally; NIST’s Dr. Ernest McDuffie: “We’ve got a problem of where the next generation of engineers are going to come from— Awareness, education, workforce, and training all have to come together”
-
-
U.S. military wants to cyber-protect critical infrastructure
The U.S. military wants to exert more influence over the protection of power grids, transportation networks, and financial network systems because the military relies on these networks to deal with suppliers and these networks could become military targets
-
-
RIM proposes industry encryption forum to demands for access to e-mail, messages
RIM has proposed that an industry forum be established to help governments manage lawful intercept, in the hope of forestalling India’s threatened ban, due this coming Wednesday; the proposed body would be led by RIM, but the company is hoping that others companies threatened by bans — Google, Skype, and others — will join in
-
-
Pentagon describes 2008 attack as a "network administrator's worst fear"
The Pentagon admits that a 2008 cyber attack on the Pentagon’s computers was a “network administrator’s worst fear”; a USB device was
plugged into a military laptop located on an undisclosed base in the Middle East, causing a malicious code to link highly sensitive machines to networks controlled by an unnamed foreign intelligence agency -
-
Intel wants security built directly into silicon
A consensus is emerging that the main reason for Intel’s acquisition of McAfee is that Intel wants to build directly into its hardware the kind of security features more traditionally provided by software like McAfee’s
-
-
Technological challenges to Intel's embedded security approach
Embedding security in silicon faces many challenges, among them: how much can be placed into a chip, and the fact that patching hardware or firmware is when a security vulnerability is discovered, is much harder than patching software
-
-
Powerful GPU processor puts password security system at risk
A readily available piece of hardware, a graphics processing unit (GPU) costing only a few hundred dollars, now brings supercomputer-level power to any desktop; this new capability puts power into many hands — and could also threaten the world’s ubiquitous password-protection model because it enables a low-cost password-breaking technique that engineers call “brute forcing”
-
-
The reason for Intel's acquisition of McAfee
The merger between the two companies takes place ahead of the release in 2011 of new — and as yet undisclosed — products developed by a joint venture the two companies have operated in the past eighteen months; those undisclosed products may be part of the reason why Intel decided to purchase McAfee instead of extending or expanding the two companies’ joint venture; says one analyst: “If what came out of that joint venture was revolutionary it could be that Intel wanted to lock that [intellectual property] down”
-
More headlines
The long view
States Rush to Combat AI Threat to Elections
This year’s presidential election will be the first since generative AI became widely available. That’s raising fears that millions of voters could be deceived by a barrage of political deepfakes. Congress has done little to address the issue, but states are moving aggressively to respond — though questions remain about how effective any new measures to combat AI-created disinformation will be.
Ransomware Attacks: Death Threats, Endangered Patients and Millions of Dollars in Damages
A ransomware attack on Change Healthcare, a company that processes 15 billion health care transactions annually and deals with 1 in 3 patient records in the United States, is continuing to cause massive disruptions nearly three weeks later. The incident, which started on February 21, has been called the “most significant cyberattack on the U.S. health care system” by the American Hospital Association. It is just the latest example of an increasing trend.
Chinese Government Hackers Targeted Critics of China, U.S. Businesses and Politicians
An indictment was unsealed Monday charging seven nationals of the People’s Republic of China (PRC) with conspiracy to commit computer intrusions and conspiracy to commit wire fraud for their involvement in a PRC-based hacking group that spent approximately 14 years targeting U.S. and foreign critics, businesses, and political officials in furtherance of the PRC’s economic espionage and foreign intelligence objectives.
Autonomous Vehicle Technology Vulnerable to Road Object Spoofing and Vanishing Attacks
Researchers have demonstrated the potentially hazardous vulnerabilities associated with the technology called LiDAR, or Light Detection and Ranging, many autonomous vehicles use to navigate streets, roads and highways. The researchers have shown how to use lasers to fool LiDAR into “seeing” objects that are not present and missing those that are – deficiencies that can cause unwarranted and unsafe braking or collisions.
Tantalizing Method to Study Cyberdeterrence
Tantalus is unlike most war games because it is experimental instead of experiential — the immersive game differs by overlapping scientific rigor and quantitative assessment methods with the experimental sciences, and experimental war gaming provides insightful data for real-world cyberattacks.