• Maryland wants to become cybersecurity’s Silicon Valley

    Governor Martin O’Malley: “Our federal facilities are a big part of the reason that we not only think that Maryland can be the national epicenter for cybersecurity, the fact of the matter is our state already is the epicenter of cybersecurity for our country and therefore an important epicenter for the entire world”

  • FTC to examine cloud computing privacy concerns

    The FTC says it wants to examine potential threats to consumer privacy and data security posed by cloud computing services; David Vladeck, director of the FTC’s Bureau of Consumer Protection: “The ability of cloud computing services to collect and centrally store increasing amounts of consumer data, combined with the ease with which such centrally stored data may be shared with others, create a risk that larger amounts of data may be used by entities in ways not originally intended or understood by consumers”

  • China offers Internet pirates bulletproof havens for illegal file sharing

    Most bulletproof hosts which allow music, video, and software to be illegally shared online are located in China, where criminals are able to take advantage of low costs and legal loopholes to avoid prosecution; despite officials in Beijing talking in tough terms about computer crime — hacking potentially carries a death sentence in China — the authorities rarely cooperate with other countries to take action against hi-tech criminals; as a result, just a handful of firms in China are responsible for hosting thousands of criminal enterprises online; one example: more than 22,000 Web sites which sent pharmaceutical spam were hosted by six bulletproof servers in China

  • New techniques to strengthen the security of information systems

    Highly developed societies rely more and more on information systems to maintain and enhance their economic vitality, societal welfare, and military effectiveness; as data are exchanged between various users, there is a danger that information could be released to unauthorized parties; the ability to guarantee secure information flow is becoming more critical as government and industry push toward increasingly complex information systems in many areas; K-State computer scientists are developing high-level policy languages and verification techniques to strengthen the security and integrity of such systems

  • Symantec issues South Africa cybercrime warning

    Crime is not new to South Africa, but cybercrime is; broadband rollouts and World Cup creating “perfect storm” for cyber criminals

  • 2010: Topics for homeland security discussion

    The only thing we can say for sure about 2010 is terrorists, criminals, and mother nature will surprise us at some point during 2010; still, based on what we do know, we offer a short list of topics we predict will dominate the homeland security discussion in the coming year – from whole-body scanners to 100 percent air cargo screening to social Web sites to communication interoperability to the consequences of climate change (or is there a climate change?)

  • FBI issues a new code breaking challenge

    The FBI posts its annual code-breaking challenge on its Web site; this is the longest code-breaking challenge to date; the FBI says that the code-breaking task is similar to work being done in its labs

  • Obama to name Howard Schmidt as cybersecurity coordinator

    Howard Schmidt chosen as the White House cybersecurity coordinator; Schmidt, a former Bush White House official, will coordinate cybersecurity policy across the federal government, from the military to civilian agencies; questions remain as to whether his authority will be commensurate with the responsibilities he assumes

  • Drone security questions raised years ago

    Questions about the security of drone communications were raised years ago; in 2004, U.S. officials raised concerns about Russia and China intercepting and manipulating video from drone aircraft, but the military believed it was facing more pressing issues; officers at the time were not concerned about communications being intercepted in Iraq or Afghanistan because they believed militants were technically unsophisticated.

  • U.S. Army working to encrypt UAV video feeds

    The Army is scrambling to secure the live video feeds from its UAVs from being intercepted by insurgents in Iraq and Afghanistan; Raven drones will be retrofitted with encryption technology as early as this month; the U.S. Air Force has known for more than a decade that the live video feeds from its unmanned aerial vehicles can be intercepted by the enemy but opted not to do anything about it until this year.

  • Pentagon says U.S. fixed drones hacked by Iraqi insurgents

    Iraqi insurgents, using a $25.95 off-the-shelf commercial application, were able to intercept communication between U.S. surveillance UAVs and the UAVs’ command center; the hacking was discovered when the U.S. military found files of intercepted drone video feeds on laptops of captured militants; U.S. soldiers discovered “days and days and hours and hours of proof,” one U.S. officer said; the same hacking technique is known to have been employed in Afghanistan; the U.S. government has known about the UAV communication flaw since the 1990s, but assumed its adversaries would not be able to take advantage of it.

  • Adobe to patch zero-day Reader, Acrobat hole

    On 12 January Adobe will release patches to fix zero-day vulnerabilities in Reader and Acrobat; malicious Adobe Acrobat PDF files are distributed via an e-mail attachment that, when opened, executes a Trojan that targets Windows systems, according to Symantec; the rate of infection is extremely limited and the risk assessment level is very low, the company said.

  • Prediction for 2010: The coming cloud crash

    Technology maven Mark Anderson predicts a big remote-computing service disaster; “My hunch is that there will never really be a secure cloud,” he says; businesses will view cloud services more suspiciously and consumers will refuse to use them for anything important, he says

  • Michigan in cyber-security partnership with DHS

    Michigan will deploy EINSTEIN 1, the DHS-run cyber security system which all federal agencies are required to use; EINSTEIN 1 automates the collection and analysis of computer network security information from participating agency and government networks to help analysts identify and combat malicious cyber-activity

  • DHS launches virtual cyber job fair

    In October DHS announced it was given the authority to hire 1,000 cyber security professionals during the next three years; late last week the department launched a virtual job fair to begin and recruit these cyber specialists; DHS is looking for applicants with experience in cyber risk and strategic analysis, malware/vulnerability analysis, incident response, exercise and facilitation management, vulnerability detection and assessment, intelligence analysis, and cyber-related infrastructure inderdependency analysis