• Infosec 2010: Prepare for the information security revolution

    New PwC report shows how information security threats will evolve until 2020; the huge increase in the amount of data available on the Web is largely the result of the number of people who have internet access. This will mean more money is transacted online, which will attract cyber criminals

  • New research offers security for virtualization, cloud computing

    Virtualization allows the pooling of the computational power and storage of multiple computers, which can then be shared by multiple users; problem is, gains in efficiency and cost-saving are offset by increased cyber vulnerability; researchers have now developed software, called HyperSafe, that leverages existing hardware features to secure hypervisors against such attacks

  • Passwords may be passé, but biometrics is not yet viable for portable devices

    Passwords may be heading toward extinction, but biometric identification is not yet a viable means of authentication for mobile devices; smart phones and other portable devices do not currently have the sophistication to be adapted easily for biometric technology, and users are likely to be reluctant to carry yet another device and its electrical charger along with their smart phone simply to login to their bank account when not at their desktop computer

  • Data protection manager for the cloud

    More and more companies begin to offer cloud security solutions; Iron Mountain offers CloudRecovery links into DPM; Seagate’s i365 business has launched the EVault for DPM 2010 backup and recovery appliance

  • Companies ignore cloud security

    New study finds that few businesses build security into cloud contracts; in fact, three-quarters of businesses surveyed said they had no procedures and policies for using cloud computing; Sixty-eight percent said end users and business managers — not the organization’s IT professionals — are made responsible for evaluating cloud computing vendors

  • National Security Agency holds 2010 Cyber Defense Exercise

    NSA, service academy experts test advanced tactics and technologies for cyber security in 2010 Cyber Defense Exercise; teams will compete in real-world strategies and tactics for building smart cyber defenses, fending off hackers, and eradicating malware; the West Point teams have won the competition in the last three years

  • Breakthrough: new record bit rate for quantum key distribution

    Quantum encryption is the ultimate in unbreakable encrypted communication; it is based upon sending encoding single photons (particles of light) along the fiber; the laws of quantum physics dictate that any attempt by an eavesdropper to intercept and measure the photons alters their encoding, meaning that eavesdropping on quantum keys cannot not be detected; the major problem quantum encryption faces is the relatively short distance of encrypted transmissions

  • World's youngest known hacker caught

    A 9-year old student outwits Virginia school district’s cxybersecurity measures; the youngster used teacher’s login to access Blackboard, and then modify class enrollment lists, change the password login details of teachers, and modify homework assignments

  • Floating security tools make the cloud more secure

    Cloud computing offers efficiency and economy — but the Achilles Heel of the technology is security; where there is a security need there is a business opportunity, and some companies begin to offer cloud security tools, hoping to enjoy the benefits of first movers

  • Commercial networks are now victims of targeted cyberattacks

    State-sponsored groups with deep technical skills and computing resources have long been directing targeted cyberattacks at government organizations and military targets; the Chinese intelligence services’ cyberattacks on Google are but the latest indication that cybercrooks are expanding their horizons and start aiming targeted attacks at commercial networks

  • Cybersecurity incidents in industrial control systems on the rise

    The good news is that only about 10 percent of U.S. industrial control systems are actually connected to the Internet; the bad news is that even with minimal Internet access, malware and breaches are increasingly occurring in utility, process control systems; cybersecurity incidents in petroleum and petrochemical control systems have declined significantly over the past five years — down more than 80 percent — but water and wastewater have increased 300 percent, and power/utilities by 30 percent

  • Safer e-cards for passports, e-IDs, and electronic voting

    Researchers find serious security drawbacks in chips that are being embedded in e-passports and other e-IDs, and in credit, debit, and “smart” cards; the vulnerabilities of this electronic approach — and the vulnerability of the private information contained in the chips — are becoming more acute; using simple devices constructed from $20 disposable cameras and copper cooking-gas pipes, the researchers demonstrated how easily the cards’ radio frequency (RF) signals can be disrupted; the method can also be used to corrupt the results of electronic voting machines

  • Congress to address important cybersecurity initiatives

    Congress is setting to tackle important cybersecurity-related issues — including the confirmation hearing on Army Lt. Gen. Keith Alexander to be military cyber commander, markup sessions on bills to fund cybersecurity research and development, and realign the National Institute of Standards and Technology’s (NIST) laboratories

  • New York Computer Forensics Show to be held in New York 19-20 April

    Like it or not, every computer is a potential crime scene and must be treated with care” — this may serve as the motto for the New York Computer Forensics Show; IT professionals, lawyers, and accountants must acquaint themselves with the emerging field of computer forensics so they can better serve and protect the companies for which they work

  • First computer forensics private investigation firm opens in Nevada

    Expert Data Forensics is the first computer forensics-only PI firm in the state of Nevada; the firm says it has already helped in almost a hundred clients get the electronic evidence used to make a difference in the outcome of their cases; the data is retrieved from cell phones, PDAs, and computers