-
Top U.S. cyber official: cyber threat poses existential threat to U.S.
Senior Obama administration official: “I am convinced that given enough time, motivation and funding, a determined adversary will always — always — be able to penetrate a targeted system”; as a result: “The cyber threat can be an existential threat — meaning it can challenge our country’s very existence, or significantly alter our nation’s potential”
-
-
iPhone, IE8, Firefox, and Safari easily hacked at Pwn2Own contest
Hackers gathered for an annual contest in Vancouver demonstrate easy hacking of iPhone and all major browsers; a non-jailbroken iPhone was also hacked and its SMS database stolen; security measures taken by Firefox, Safari, and IE8 no match for hackers
-
-
Israeli scientist invents a laser-based security tool for the CIA -- and for online shoppers
When the RSA system for digital information security was introduced in the 1970s, the researchers who invented it predicted that their 200-bit key would take a billion years to crack; well, it was cracked five years ago; it is still the most secure system for consumers to use today when shopping online or using a bank card, but as computers become increasingly powerful, the idea of using the RSA system becomes more fragile; the solution lies in a new kind of system to keep prying eyes off secure information
-
-
DHS to work with ISP to test Einstein 3 cyber security system
DHS will work with a commercial ISP to test the partially classified Einstein 3 system; Einstein 3 is designed to do real-time, deep packet inspection and threat-based decision making on data traffic entering or leaving federal agency networks
-
-
The Norton Top 10: Seattle is the riskiest U.S. city for cybercrime; Detroit is the safest
A study of the cybercrime-proneness of fifty American cities finds that from the perspective of cybersecurity, Seattle is the riskiest city in America: If you live and work there and use the Internet, your are more vulnerable to cybercrime than in any other place; the cyber-safest cities: Detroit, Michigan, El Paso, Texas, and Memphis, Tennessee
-
-
A small industry emerges to support would-be credit card thieves, malware writers
There is money to be made in credit card theft, so a small industry has emerged to help commercialize the business; a software kit, known as Zeus, epitomizes the commercialization of the malware services industry: as is the case with other malicious software, Zeus can easily be bought online, in this case for between $400 and $700; detailed instructions on how to use it are readily available, too; to check whether a piece of malware is on the security companies’ blacklists, hackers can send their creations to Web sites such as virtest.com, which for just $1 will try the code out on more than twenty antivirus products; if the malware fails the test, would-be criminals can simply upload their malware to another site that will tweak it to render it unrecognizable
-
-
U.S. government pours money into cyber security technologies and R&D
With a cumulative market valued at $55 billion (2010-15), the U.S. federal cybersecurity market will grow steadily at about 6.2 percent CAGR; new study says that Deep Packet Inspection (DPI) technology is in a very favorable position to emerge as a major line of cyber defense for years to come as the only technology that can deliver the good
-
-
U.S. cybercrime losses double
The value of Internet crime loss complaints in the United States rose from $265 million in 2008 to reach $560 million last year; U.S. businesses lost $120 million in the third quarter of 2009 to phishing and Trojan-based online banking scams, according to figures from the U.S. Federal Deposit Insurance Corporation
-
-
U.K. spy agencies replace failed secret messaging system, try to recover money from IBM
IBM was contracted by the British secret service to develop a secret, secure communication system for its operatives; after delays and technical failures, the contract was pulled and the intelligence services have launched a new project to extend a new secret messaging system to thousands of terminals across the intelligence agencies, as well as the Home Office, SOCA, Ministry of Defense, and other departments; at the same time, the government is still trying to recover the £24.4 million paid to IBM
-
-
Delay in start date for U.K. cyberdefense center
The U.K. government’s Cyber Security Operations Center, charged with protecting Britain’s critical IT infrastructure, was supposed to become operational yesterday; the government said it would become operational by the end of the month
-
-
Toronto police to buy encrypted radios
The Toronto police will spend CAN$35 million on encrypted radios; new system may shut out public eavesdroppers — by tow-truck drivers, the media, scanning enthusiasts — starting with the June 2010 G20 summit
-
-
GAO: U.S. government not properly coordinating cybersecurity efforts
The U.S. Government Accountability Office, in addressing the Obama administration’s Comprehensive National Cyber Security Initiative (CNCI), a secretive initiative inherited from the Bush administration, warned that “Federal agencies have overlapping and uncoordinated responsibilities for cybersecurity, and it is unclear where the full responsibility for coordination lies”
-
-
Top concern at RSA 2010: security of cloud computing
Cloud computing offers efficiency and cost reduction, but it also offer new opportunities to hackers and cybercriminals; Melissa Hathaway, former senior director for cyberspace for the National Security Council, said the migration toward the cloud is gaining momentum without having satisfactorily addressed several pressing concerns; former National Security Agency technical director Brian Snow said he does not trust the cloud
-
-
FBI: Cyber-terrorism a real and growing threat to U.S.
FBI director Robert Mueller: “The risks are right at our doorsteps and in some cases they are in the house”; Richard Clarke, former White House terrorism czar: “Every major company in the U.S. and Europe has been penetrated — it’s industrial warfare”
-
-
Private industry sees opportunities in cybersecurity
Nadia Short, director of Strategic Planning and Business Development Information Assurance Division at General Dynamics: “The release of the [DHS] budgets earlier this month indicate a growth in cyberspending across all the services…. With that, as well as continuing the natural evolution of what cyber will mean for dot-gov and dot-mil, it will mean nothing but opportunity for private industry”
-
More headlines
The long view
States Rush to Combat AI Threat to Elections
This year’s presidential election will be the first since generative AI became widely available. That’s raising fears that millions of voters could be deceived by a barrage of political deepfakes. Congress has done little to address the issue, but states are moving aggressively to respond — though questions remain about how effective any new measures to combat AI-created disinformation will be.
Ransomware Attacks: Death Threats, Endangered Patients and Millions of Dollars in Damages
A ransomware attack on Change Healthcare, a company that processes 15 billion health care transactions annually and deals with 1 in 3 patient records in the United States, is continuing to cause massive disruptions nearly three weeks later. The incident, which started on February 21, has been called the “most significant cyberattack on the U.S. health care system” by the American Hospital Association. It is just the latest example of an increasing trend.
Chinese Government Hackers Targeted Critics of China, U.S. Businesses and Politicians
An indictment was unsealed Monday charging seven nationals of the People’s Republic of China (PRC) with conspiracy to commit computer intrusions and conspiracy to commit wire fraud for their involvement in a PRC-based hacking group that spent approximately 14 years targeting U.S. and foreign critics, businesses, and political officials in furtherance of the PRC’s economic espionage and foreign intelligence objectives.
Autonomous Vehicle Technology Vulnerable to Road Object Spoofing and Vanishing Attacks
Researchers have demonstrated the potentially hazardous vulnerabilities associated with the technology called LiDAR, or Light Detection and Ranging, many autonomous vehicles use to navigate streets, roads and highways. The researchers have shown how to use lasers to fool LiDAR into “seeing” objects that are not present and missing those that are – deficiencies that can cause unwarranted and unsafe braking or collisions.
Tantalizing Method to Study Cyberdeterrence
Tantalus is unlike most war games because it is experimental instead of experiential — the immersive game differs by overlapping scientific rigor and quantitative assessment methods with the experimental sciences, and experimental war gaming provides insightful data for real-world cyberattacks.