-
GAO: U.S. government not properly coordinating cybersecurity efforts
The U.S. Government Accountability Office, in addressing the Obama administration’s Comprehensive National Cyber Security Initiative (CNCI), a secretive initiative inherited from the Bush administration, warned that “Federal agencies have overlapping and uncoordinated responsibilities for cybersecurity, and it is unclear where the full responsibility for coordination lies”
-
-
Top concern at RSA 2010: security of cloud computing
Cloud computing offers efficiency and cost reduction, but it also offer new opportunities to hackers and cybercriminals; Melissa Hathaway, former senior director for cyberspace for the National Security Council, said the migration toward the cloud is gaining momentum without having satisfactorily addressed several pressing concerns; former National Security Agency technical director Brian Snow said he does not trust the cloud
-
-
FBI: Cyber-terrorism a real and growing threat to U.S.
FBI director Robert Mueller: “The risks are right at our doorsteps and in some cases they are in the house”; Richard Clarke, former White House terrorism czar: “Every major company in the U.S. and Europe has been penetrated — it’s industrial warfare”
-
-
Private industry sees opportunities in cybersecurity
Nadia Short, director of Strategic Planning and Business Development Information Assurance Division at General Dynamics: “The release of the [DHS] budgets earlier this month indicate a growth in cyberspending across all the services…. With that, as well as continuing the natural evolution of what cyber will mean for dot-gov and dot-mil, it will mean nothing but opportunity for private industry”
-
-
Smart grid attack likely
The smart grid’s distributed approach exposes these networks and systems, especially in the early phases of deployment; the communication among these networks and systems will be predominantly wireless and it is assumed they will be sniffed, penetrated, hacked, and service will be denied
-
-
Former DNI: If U.S. went to war today in a cyberwar, it would lose
Former director of national intelligence Michael McConnell compared the danger of cyberwar to the nuclear threat posed by the Soviet Union during the cold war; “If we went to war today in a cyberwar, we would lose,” McConnell said
-
-
U.K. government: even modest cyber attacks will have "catastrophic" impact on public confidence
U.K. cybersecurity agency says that cyberattack do not have to be massively severe to undermine the public confidence in the government; agency says that government eavesdroppers also face a secret “cyber arms race” to develop quantum cryptography technology
-
-
New security threat against smart phone users
Researchers demonstrate how a software attack could cause a smart phone to eavesdrop on a meeting, track its owner’s travels, or rapidly drain its battery to render the phone useless; these actions could happen without the owner being aware of what happened or what caused them
-
-
Deadline for Massachusetts' “Written Information Security Program” looms
As of 1 March 2010, Massachusetts will require that all Massachusetts companies — and even companies operating outside the Commonwealth, but which do business in Massachusetts — to implement stringent personal data privacy law, the data protections pertain to not just electronically stored and transmitted information but also hard copy formats
-
-
How real is the threat of cyberattack on the United States?
Some experts compare the economic impact of a major cyberincident to the 2003 Northeast blackout, which cut service to fifty million people in the United States and Canada for up to four days; economists place the cost of that event between $4.5 [billion] and $10 billion — which they regard as a blip in the $14.2 trillion U.S. economy
-
-
House sponsors of the Cybersecurity Enhancement Act hopes for quick Senate approval
The The U.S. House of Representatives has passed the Cybersecurity Enhancement Act by an overwhelming majority; Rep. Michael McCaul (R-Texas) says: “When you’re talking about science and technology and national security….those are elements we should all be able to work together (on); Democrat, Republican, and that’s what we saw on the House floor”
-
-
Hackers to compete for $100,000 for smartphone, browser hacks
Hackers will compete for a $100,000 in prizes for exploits that successfully penetrate Apple’s iPhone 3GS, Research in Motion’s Blackberry Bold 9700, a Nokia device running the most recent version of Symbian, and a Motorola phone running Google’s Android
-
-
U.S. cyberattack drill exposes unsettling vulnerabilities
Experts, including current and former officials, conduct a cyberattack-on-the-U.S. drill; the results show that the peril is real and growing; no grand plan emerged, but the group did agree to advise the president to federalize the National Guard, even if governors objected, and deploy the troops — perhaps backed by the U.S. military — to guard power lines and prevent unrest
-
-
LGS on Lockheed Martin team for $31 million DARPA cyber assurance contract
LGS selected by Lockheed Martin as a subcontractor for a 31 milllion dollar DARPA-funded contract to develop cyber procedures which will provide military untis with dynamic bandwidth allocation
-
-
New group calls for holding vendors liable for buggy software
The group released draft language it advises companies to incorporate into procurement contracts between user organizations and software development firms; SANS Institute, Mitre also release 2010 list of Top 25 programming errors
-
More headlines
The long view
States Rush to Combat AI Threat to Elections
This year’s presidential election will be the first since generative AI became widely available. That’s raising fears that millions of voters could be deceived by a barrage of political deepfakes. Congress has done little to address the issue, but states are moving aggressively to respond — though questions remain about how effective any new measures to combat AI-created disinformation will be.
Ransomware Attacks: Death Threats, Endangered Patients and Millions of Dollars in Damages
A ransomware attack on Change Healthcare, a company that processes 15 billion health care transactions annually and deals with 1 in 3 patient records in the United States, is continuing to cause massive disruptions nearly three weeks later. The incident, which started on February 21, has been called the “most significant cyberattack on the U.S. health care system” by the American Hospital Association. It is just the latest example of an increasing trend.
Chinese Government Hackers Targeted Critics of China, U.S. Businesses and Politicians
An indictment was unsealed Monday charging seven nationals of the People’s Republic of China (PRC) with conspiracy to commit computer intrusions and conspiracy to commit wire fraud for their involvement in a PRC-based hacking group that spent approximately 14 years targeting U.S. and foreign critics, businesses, and political officials in furtherance of the PRC’s economic espionage and foreign intelligence objectives.
Autonomous Vehicle Technology Vulnerable to Road Object Spoofing and Vanishing Attacks
Researchers have demonstrated the potentially hazardous vulnerabilities associated with the technology called LiDAR, or Light Detection and Ranging, many autonomous vehicles use to navigate streets, roads and highways. The researchers have shown how to use lasers to fool LiDAR into “seeing” objects that are not present and missing those that are – deficiencies that can cause unwarranted and unsafe braking or collisions.
Tantalizing Method to Study Cyberdeterrence
Tantalus is unlike most war games because it is experimental instead of experiential — the immersive game differs by overlapping scientific rigor and quantitative assessment methods with the experimental sciences, and experimental war gaming provides insightful data for real-world cyberattacks.