-
Infosec 2010: Prepare for the information security revolution
New PwC report shows how information security threats will evolve until 2020; the huge increase in the amount of data available on the Web is largely the result of the number of people who have internet access. This will mean more money is transacted online, which will attract cyber criminals
-
-
New research offers security for virtualization, cloud computing
Virtualization allows the pooling of the computational power and storage of multiple computers, which can then be shared by multiple users; problem is, gains in efficiency and cost-saving are offset by increased cyber vulnerability; researchers have now developed software, called HyperSafe, that leverages existing hardware features to secure hypervisors against such attacks
-
-
Passwords may be passé, but biometrics is not yet viable for portable devices
Passwords may be heading toward extinction, but biometric identification is not yet a viable means of authentication for mobile devices; smart phones and other portable devices do not currently have the sophistication to be adapted easily for biometric technology, and users are likely to be reluctant to carry yet another device and its electrical charger along with their smart phone simply to login to their bank account when not at their desktop computer
-
-
Data protection manager for the cloud
More and more companies begin to offer cloud security solutions; Iron Mountain offers CloudRecovery links into DPM; Seagate’s i365 business has launched the EVault for DPM 2010 backup and recovery appliance
-
-
Companies ignore cloud security
New study finds that few businesses build security into cloud contracts; in fact, three-quarters of businesses surveyed said they had no procedures and policies for using cloud computing; Sixty-eight percent said end users and business managers — not the organization’s IT professionals — are made responsible for evaluating cloud computing vendors
-
-
National Security Agency holds 2010 Cyber Defense Exercise
NSA, service academy experts test advanced tactics and technologies for cyber security in 2010 Cyber Defense Exercise; teams will compete in real-world strategies and tactics for building smart cyber defenses, fending off hackers, and eradicating malware; the West Point teams have won the competition in the last three years
-
-
Breakthrough: new record bit rate for quantum key distribution
Quantum encryption is the ultimate in unbreakable encrypted communication; it is based upon sending encoding single photons (particles of light) along the fiber; the laws of quantum physics dictate that any attempt by an eavesdropper to intercept and measure the photons alters their encoding, meaning that eavesdropping on quantum keys cannot not be detected; the major problem quantum encryption faces is the relatively short distance of encrypted transmissions
-
-
World's youngest known hacker caught
A 9-year old student outwits Virginia school district’s cxybersecurity measures; the youngster used teacher’s login to access Blackboard, and then modify class enrollment lists, change the password login details of teachers, and modify homework assignments
-
-
Floating security tools make the cloud more secure
Cloud computing offers efficiency and economy — but the Achilles Heel of the technology is security; where there is a security need there is a business opportunity, and some companies begin to offer cloud security tools, hoping to enjoy the benefits of first movers
-
-
Commercial networks are now victims of targeted cyberattacks
State-sponsored groups with deep technical skills and computing resources have long been directing targeted cyberattacks at government organizations and military targets; the Chinese intelligence services’ cyberattacks on Google are but the latest indication that cybercrooks are expanding their horizons and start aiming targeted attacks at commercial networks
-
-
Cybersecurity incidents in industrial control systems on the rise
The good news is that only about 10 percent of U.S. industrial control systems are actually connected to the Internet; the bad news is that even with minimal Internet access, malware and breaches are increasingly occurring in utility, process control systems; cybersecurity incidents in petroleum and petrochemical control systems have declined significantly over the past five years — down more than 80 percent — but water and wastewater have increased 300 percent, and power/utilities by 30 percent
-
-
Safer e-cards for passports, e-IDs, and electronic voting
Researchers find serious security drawbacks in chips that are being embedded in e-passports and other e-IDs, and in credit, debit, and “smart” cards; the vulnerabilities of this electronic approach — and the vulnerability of the private information contained in the chips — are becoming more acute; using simple devices constructed from $20 disposable cameras and copper cooking-gas pipes, the researchers demonstrated how easily the cards’ radio frequency (RF) signals can be disrupted; the method can also be used to corrupt the results of electronic voting machines
-
-
Congress to address important cybersecurity initiatives
Congress is setting to tackle important cybersecurity-related issues — including the confirmation hearing on Army Lt. Gen. Keith Alexander to be military cyber commander, markup sessions on bills to fund cybersecurity research and development, and realign the National Institute of Standards and Technology’s (NIST) laboratories
-
-
New York Computer Forensics Show to be held in New York 19-20 April
“Like it or not, every computer is a potential crime scene and must be treated with care” — this may serve as the motto for the New York Computer Forensics Show; IT professionals, lawyers, and accountants must acquaint themselves with the emerging field of computer forensics so they can better serve and protect the companies for which they work
-
-
First computer forensics private investigation firm opens in Nevada
Expert Data Forensics is the first computer forensics-only PI firm in the state of Nevada; the firm says it has already helped in almost a hundred clients get the electronic evidence used to make a difference in the outcome of their cases; the data is retrieved from cell phones, PDAs, and computers
-
More headlines
The long view
States Rush to Combat AI Threat to Elections
This year’s presidential election will be the first since generative AI became widely available. That’s raising fears that millions of voters could be deceived by a barrage of political deepfakes. Congress has done little to address the issue, but states are moving aggressively to respond — though questions remain about how effective any new measures to combat AI-created disinformation will be.
Ransomware Attacks: Death Threats, Endangered Patients and Millions of Dollars in Damages
A ransomware attack on Change Healthcare, a company that processes 15 billion health care transactions annually and deals with 1 in 3 patient records in the United States, is continuing to cause massive disruptions nearly three weeks later. The incident, which started on February 21, has been called the “most significant cyberattack on the U.S. health care system” by the American Hospital Association. It is just the latest example of an increasing trend.
Chinese Government Hackers Targeted Critics of China, U.S. Businesses and Politicians
An indictment was unsealed Monday charging seven nationals of the People’s Republic of China (PRC) with conspiracy to commit computer intrusions and conspiracy to commit wire fraud for their involvement in a PRC-based hacking group that spent approximately 14 years targeting U.S. and foreign critics, businesses, and political officials in furtherance of the PRC’s economic espionage and foreign intelligence objectives.
Autonomous Vehicle Technology Vulnerable to Road Object Spoofing and Vanishing Attacks
Researchers have demonstrated the potentially hazardous vulnerabilities associated with the technology called LiDAR, or Light Detection and Ranging, many autonomous vehicles use to navigate streets, roads and highways. The researchers have shown how to use lasers to fool LiDAR into “seeing” objects that are not present and missing those that are – deficiencies that can cause unwarranted and unsafe braking or collisions.
Tantalizing Method to Study Cyberdeterrence
Tantalus is unlike most war games because it is experimental instead of experiential — the immersive game differs by overlapping scientific rigor and quantitative assessment methods with the experimental sciences, and experimental war gaming provides insightful data for real-world cyberattacks.