• Three arrested in PlayStation cyberattacks

    On Friday, Spanish law enforcement officials arrested three men suspected of hacking into Sony’s PlayStation Network in addition to other major government and corporate websites around the world; the three men are suspected of being the local leaders of a secretive group of international hackers that call themselves Anonymous; the group has claimed responsibility for several high profile attacks on major sites like YouTube, Amazon, the Australian Parliament’s House website, and PayPal

  • Pentagon outlines use of cyber weapons

    The Pentagon has developed a list of approved cyber weapons and tools along with parameters for their use; official says the classified list of cyber capabilities has been in use for several months and has been approved by several government agencies; the framework clearly delineates what capabilities can be used, in what circumstances, and when actions need presidential approval; a cyber weapon like Stuxnet can only be used with presidential authorization even if it were to be deployed in a country with which the United States was openly at war

  • Imation acquires MXI Security

    The cost of data breaches continues to rise annually, with the average organizational cost of a breach reaching $7.2 million in 2010; by 2014, the market for secure data solutions — protecting against data loss, theft, or breach — specifically designed to address secure portable storage, digital identity, and secure portable computing is expected to reach more than $4.5 billion; Imation, a major player in the field of secure data, further strengthens its offerings by acquiring the assets of MXI Security; the move is a continuation of Imation’s strategy of investing in key technology platforms to meet customers’ needs

  • FBI leads Lockheed Martin cyberattack investigation

    The FBI recently announced that it is leading a federal investigation into a cyberattack on defense giant Lockheed Martin’s networks; the investigation will be led by the National Cyber Investigative Joint Task Force and is aimed at determining if the attack was a result of “poor hygiene, if nothing was infiltrated and nothing taken or something more”; on 21 May, the company detected a “significant and tenacious” attack on its networks that was met with a swift response; the FBI declined to comment on what actions it would take if the investigation revealed that the attacks were perpetrated by state or non-state actors

  • Hackers using cloud networks to launch powerful attacks

    In a disturbing new trend, hackers have begun harnessing the vast computing power of cloud based servers to carry out powerful cyber attacks; cloud computing services piece together large strings of online servers and storage systems to provide users with enormous processing power and terabytes of storage space; earlier this year, a German researcher, demonstrated that a cloud server could fire 400,000 passwords a second at a secured Wi-Fi network; in the recent attacks that shut down Sony’s online customer networks in April, hackers used cloud based attacks to disrupt service to roughly 100 million users worldwide

  • U.S. will "view major cyber attacks as acts of war"

    The Pentagon has adopted a new strategy that will classify major cyber attacks as acts of war, paving the way for possible military retaliation; “If you shut down our power grid, maybe we will put a missile down one of your smokestacks,” a U.S. military official said; the move to formalize the Pentagon’s thinking was borne of the military’s realization the United States has been slow to build up defenses against cyber attacks, even as civilian and military infrastructure has grown more dependent on the Internet; the military established a new command last year, headed by the director of the National Security Agency (NSA), to consolidate military network security and attack efforts

  • Data breaches compromise nearly 8 million medical records

    The revelation that millions of people have had their personal medical records stolen could slow the Obama administration’s efforts to digitize the nation’s health care records; in the last two years alone nearly eight million people have had their medical records stolen or compromised; 1.7 million patients, staff members, contractors, and suppliers at several New York hospitals had their information stolen when thieves removed them from an unlocked van; to ensure that medical records are safe, HHS has begun imposing penalties on health care providers who compromise their patient’s records; but some health care experts wonder if enforcing HIPAA alone will be enough to address the problem

  • Digital ants protect critical infrastructure

    As the U.S. electrical power grid becomes more interconnected through the Internet, the chances of cyber attacks increase as well; a Wake Forest University security expert developed “digital ants” to protect critical networks; unlike traditional security approaches, which are static, digital ants wander through computer networks looking for threats such as computer worms, self-replicating programs designed to steal information or facilitate unauthorized use of computers; when a digital ant detects a threat, it summons an army of ants to converge at that location, drawing the attention of human operators to investigate

  • Pentagon to help protect U.S. cyber assets, infrastructure

    The U.S. Defense Department is now sharing cybersecurity information, capabilities, and expertise with DHS; this is in line with the administration’s cyber security plan, which calls for DHS to lead the effort to protect Americans, the U.S. critical infrastructure, and the federal government’s computer networks; the Defense Department would retain protections over its “dot-mil” domain, and it would work in close collaboration DHS and the departments of Justice and Commerce better to safeguard cyberspace

  • DHS to double cybersecurity staff

    DHS recently announced that it plans to increase its cybersecurity workforce by more than 50 percent so that it can lead government-wide efforts to secure federal networks against cyber attacks as outlined in President Obama’s recently proposed cybersecurity plan; DHS plans to hire 140 additional cybersecurity experts by October 2012 bringing the agency’s total to 400; under the president’s proposed legislation, DHS would act as the lead agency in coordinating cybersecurity measures across the government and would also be responsible for ensuring that private operators of critical infrastructure have adequate security measures in place

  • DHS cybersecurity chief resigns

    Just days after the White House unveiled its comprehensive plan for securing government networks from cyber attacks, one of the government’s top cyber security officials announced that he was resigning; Phil Reitinger, the deputy undersecretary of DHS’s National Protection and Programs Directorate (NPPD), was careful to note that the timing of his resignation was not meant as a reflection or a statement on the recently released government-wide cyber plan; at NPPD, Reitinger was DHS’s senior interagency policymaker and top cyber and computer crimes official.

  • DARPA building stronger cloud cyber defenses

    Pentagon researchers are seeking to develop cloud-based computing networks that can remain operational even while under cyber attack; the Defense Advanced Research Projects Agency (DARPA), the Department of Defense’s advanced research department, is working on a project called Mission oriented Resilient Clouds (MRC) which aims to build resiliency into existing cloud networks to preserve “mission effectiveness” during a cyberattack; the project is still in its early phases of development

  • U.S. intelligence sets up cyber defense office in Estonia

    Since gaining its independence in 1991, Estonia has become one of the most cyber-focused nations in the world; it also has its own experience with cyberwar: in 2007 Russian government-inspired hackers launched a massive cyber attack on Estonia after the Estonian government decided to move a statue commemorating the Red Army from the center of the capital to a more modest location; now the U.S. intelligence community has decided to open an office in the Estonian capital Tallinn to help bolster the fight against cyber-crime

  • Is Google's Chromebook impervious to viruses?

    In a potential blow to the antivirus industry, Google recently announced the release of a series of laptops which the company claims to be so secure that there is no need to buy antivirus software; Chromebooks are designed to run nothing but a browser, which means nothing can be installed on the computer itself; with no executable files to be installed that also means antivirus and the malicious code it protects against have no room on the laptop; but, not all analysts are convinced that Google’s Chromebook is as secure as they claim; this move to a cloud based computer could signal a broader shift that could hamper the antivirus industry’s future prospects

  • Government launches cybersecurity plan

    Last week the Obama administration unveiled its plan to secure federal computer networks, critical industries, and consumers from cyberattacks; under the proposed plan, DHS will lead government efforts to secure networks with “primary responsibility within the executive branch for information security” ; DHS would also be empowered to set policies and activities for government systems; the plan would require critical infrastructure operators like electric companies and large financial firms to present cybersecurity plans to DHS for approval; DHS auditors would review the plans with the operators, discuss any shortcomings and “take other action as may be determined appropriate”