-
Virginia medical records hijacking -- update
A hacker claimed to have broken into the Web site of the Virginia Department of Health Professions, encrypted more than 8 million patient records and 35 million prescriptions in the database, and then deleted the original data; the hacker sought a $10 million ransom for the password to decrypt the data; Virginia health agency says all of its files have been backed up and secured
-
-
U.S. air traffic vulnerable to "serious harm" from cyber attacks
New FAA report: “{U}nless effective action is taken quickly, it is likely to be a matter of when, not if, ATC [air traffic control] systems encounter attacks that do serious harm to ATC operations”
-
-
Hackers hold medical records hostage
Hackers broke into a Virgina pharmaceutical clearinghouse Web site, deleted records of more than 8 million patients, and replaced the site’s homepage with a ransom note demanding $10 million for the return of the records
-
-
NSA boss: U.S. needs unified cyber-command center
Head of the secretive NSA tells Congress that the cyber-threats the United States faces require a centralized digital command center which will operate under the U.S. Strategic Command
-
-
China rising: the increasing threat of Chinese cyber-warfare
The only way to stop the proliferating cyber-attacks against the United States and Western powers is to raise the political and economic cost to China in order to make it in the interests of the government of China to stop such attacks
-
-
Industry group urges creation of cyber czar post
Intelligence and National Security Alliance (INSA), a coalition of defense, intelligence, and IT security companies, urges President Obama to create a cyber czar post with cabinet rank
-
-
U.K. moves forward with comprehensive eavesdropping scheme
The U.K. government announced last week that it was abandoning the plan to create a centralized super-database in which the personal information of Britons will be kept — but a £1 billion intelligence gathering project is moving forward; the scheme will monitor all all e-mails, Web site visits, and social networking sessions in Britain
-
-
Making quantum cryptography's promise a reality
New research details how quantum communication can be made possible without having to use cryogenic cooling or complicated optical setups, making it much more likely to become commercially viable soon
-
-
KTN launches global information systems initiative
Cyber Security Knowledge Transfer Network unveils roadmap to help achieve a global security network that will ensure that software and systems have security and privacy defined at project initiation and “implemented as a matter of course”
-
-
Experts: U.S. military's cyberwar rules "ill-formed"
Experts panel criticizes U.S. plans for cyberwarfare as “ill-formed,” “undeveloped,” and “highly uncertain”; as a result, many nuances of cyberwar have remained poorly understood, even as the military actively prepares for it
-
-
US-CERT warns of swine flu-related phishing scams
The swine flu outbreak is about two weeks old, but criminals are already e-mailing millions of phishing e-mails which purport to offer the latest information about the disease
-
-
NIST in new password management policy
NIST offers, and opens for public comment, new password policy for government and private organizations
-
-
U.K. government drops central database scheme
Burden of storing communication logs will now fall to ISPs
-
-
A lost or stolen laptop costs companies nearly $50,000
A company may pay $1,000-$2,000 for a laptop computer for one of its employees; if the employee lost the laptop or it was stolen, the cost to the employer would average $49,246
-
-
U.K. considering joining EU cyberwar effort
U.K. government says it is considering taking part in the EU equivalent of the U.S. Cyber Storm drill, but is worried not all EU members are ready
-
More headlines
The long view
States Rush to Combat AI Threat to Elections
This year’s presidential election will be the first since generative AI became widely available. That’s raising fears that millions of voters could be deceived by a barrage of political deepfakes. Congress has done little to address the issue, but states are moving aggressively to respond — though questions remain about how effective any new measures to combat AI-created disinformation will be.
Ransomware Attacks: Death Threats, Endangered Patients and Millions of Dollars in Damages
A ransomware attack on Change Healthcare, a company that processes 15 billion health care transactions annually and deals with 1 in 3 patient records in the United States, is continuing to cause massive disruptions nearly three weeks later. The incident, which started on February 21, has been called the “most significant cyberattack on the U.S. health care system” by the American Hospital Association. It is just the latest example of an increasing trend.
Chinese Government Hackers Targeted Critics of China, U.S. Businesses and Politicians
An indictment was unsealed Monday charging seven nationals of the People’s Republic of China (PRC) with conspiracy to commit computer intrusions and conspiracy to commit wire fraud for their involvement in a PRC-based hacking group that spent approximately 14 years targeting U.S. and foreign critics, businesses, and political officials in furtherance of the PRC’s economic espionage and foreign intelligence objectives.
Autonomous Vehicle Technology Vulnerable to Road Object Spoofing and Vanishing Attacks
Researchers have demonstrated the potentially hazardous vulnerabilities associated with the technology called LiDAR, or Light Detection and Ranging, many autonomous vehicles use to navigate streets, roads and highways. The researchers have shown how to use lasers to fool LiDAR into “seeing” objects that are not present and missing those that are – deficiencies that can cause unwarranted and unsafe braking or collisions.
Tantalizing Method to Study Cyberdeterrence
Tantalus is unlike most war games because it is experimental instead of experiential — the immersive game differs by overlapping scientific rigor and quantitative assessment methods with the experimental sciences, and experimental war gaming provides insightful data for real-world cyberattacks.