-
Researchers say spoofed GPS signals can be countered
From cars to commercial airplanes to military drones, global positioning system (GPS) technology is everywhere — and researchers have known for years that it can be hacked, or as they call it, “spoofed”; the best defense, they say, is to create countermeasures that unscrupulous GPS spoofers can not deceive
-
-
Game lets players try their hand at computer security
A new game — Control-Alt-Hack — gives teenage and young-adult players a taste of what it means to be a computer-security professional defending against an ever-expanding range of digital threats; the game’s creators will present it this week in Las Vegas at Black Hat 2012; educators in the continental United States can apply to get a free copy of the game while supplies last; it is scheduled to go on sale in the fall for a retail price of about $30
-
-
Mobile device necessitate “stateless” IT security architecture
I n a new report, Forrester analysts say that to stay ahead of evolving mobile business requirements, security and risk (S&R) and infrastructure and operations (I&O) executives cannot rely on the old approach of end-to-end control over the data path, device, and applications; instead, they must embrace a “stateless” architecture in which IT decouples security controls from the devices and the infrastructure, derives trust dynamically, and avoids costly new investment of in-house applications and infrastructure
-
-
Sharp increase in cyberattacks on U.S. critical infrastructure
The number of reported cyberattacks on U.S. critical infrastructure increased sharply – from 9 incidents in 2009 to 198 in 2011; water sector-specific incidents, when added to the incidents which affected several sectors, accounted for more than half of the incidents; in more than half of the most serious cases, implementing best practices such as login limitation or properly configured firewall, would have deterred the attack, reduced the time it would have taken to detect an attack, and minimize its impact
-
-
Infrastructure security market to reach $32.55 billion in 2012
The global infrastructure security market, in terms of government spending, will reach a value of $32.55 billion in 2012; a new report says that spending on bolstering the cyber aspects of infrastructure security has little utility by itself unless the physical integrity of the infrastructure is also appropriately safeguarded
-
-
First successful "spoofing" of UAVs demonstrated
A research team successfully demonstrated for the first time that the GPS signals of an unmanned aerial vehicle (UAV), or drone, can be commandeered by an outside source — a discovery that could factor heavily into the implementation of a new federal mandate to allow thousands of civilian drones into the U.S. airspace by 2015
-
-
DHS FY2013 $5.75 billion IT budget request focuses on mobility, data center consolidation
DHS FY2013 IT spending requests are roughly even with FY2012 levels, with emphasis on commodity IT, mobility, and data center consolidation; the overall 2013 DHS budget request is just under $40 billion; the department’s IT budget request is just over $5.75 billion; down from $5.79 billion in FY2012
-
-
DHS awards Unisys IT services contract with a total potential value of $3 billion
Unisys among thirty companies to compete for task orders for infrastructure support and operations and maintenance services under $3 billion contract; Unisys shares were trading sharply higher Wednesday morning after the company released the news about the contract
-
-
nCircle’s new solution offers coverage for six SCADA suppliers
Critical infrastructure is designated by DHS and the North American Reliability Corporation (NERC) as the assets, systems, and networks so vital to the United States that their incapacitation or destruction would have a debilitating effect on security, national economic security, and public health or safety; nCircle offers a security solution which covers vulnerabilities from six SCADA equipment suppliers
-
-
New program to educate next generation of U.S. cybersecurity specialists
University of Maryland and Northrop Grumman create a cybersecurity honors program for undergraduates; the program, Advanced Cybersecurity Experience for Students (ACES), will immerse undergraduate students in all aspects of the field to meet growing manpower needs in the nation and the State of Maryland
-
-
Experts: Flame represents a new level of state-sponsored cyber attacks
The latest cyber espionage malware, Flame, represents a new level of sophistication in state-sponsored cyberattacks; experts note that Flame circumvented anti-virus programs, and remained undetected between two and five years; one expert says: “[Flame] uses multiple exploit combinations so it is pretty significant that it hid itself, but maybe the best ones have not been discovered yet”; another expert says: “The failure to detect Flame means simplistic signature-based detection is obsolete”
-
-
QinetiQ North America to provide cybersecurity services to DOT
QinetiQ North America (QNA) was awarded a new task order by the Volpe National Transportation Systems Center to provide cybersecurity services to protect the U.S. transportation and control systems and critical infrastructure
-
-
NSA launches cyber operations academic program
The NSA has launched National Centers of Academic Excellence (CAE) in Cyber Operations Program; the program is intended to be a deeply technical, inter-disciplinary, higher education program grounded in the computer science (CS), computer engineering (CE), or electrical engineering (EE) disciplines, with extensive opportunities for hands-on applications via labs and exercises
-
-
Malware intelligence system allow organizations to share threat information
As malware threats expand into new domains and increasingly focus on industrial espionage, researchers are launching a new tool to help battle the threats: a malware intelligence system which will help corporate and government security officials share information about the attacks they are fighting
-
-
How govt. can achieve IT savings, innovation
Innovative shifts in technology can springboard government into a new era of efficiency, effectiveness, and transparency; lawmakers urged to focus not only on technology infrastructure to achieve savings and efficiencies, but also consider how the government procures and delivers
-
More headlines
The long view
Ransomware Attacks: Death Threats, Endangered Patients and Millions of Dollars in Damages
A ransomware attack on Change Healthcare, a company that processes 15 billion health care transactions annually and deals with 1 in 3 patient records in the United States, is continuing to cause massive disruptions nearly three weeks later. The incident, which started on February 21, has been called the “most significant cyberattack on the U.S. health care system” by the American Hospital Association. It is just the latest example of an increasing trend.
Chinese Government Hackers Targeted Critics of China, U.S. Businesses and Politicians
An indictment was unsealed Monday charging seven nationals of the People’s Republic of China (PRC) with conspiracy to commit computer intrusions and conspiracy to commit wire fraud for their involvement in a PRC-based hacking group that spent approximately 14 years targeting U.S. and foreign critics, businesses, and political officials in furtherance of the PRC’s economic espionage and foreign intelligence objectives.
Autonomous Vehicle Technology Vulnerable to Road Object Spoofing and Vanishing Attacks
Researchers have demonstrated the potentially hazardous vulnerabilities associated with the technology called LiDAR, or Light Detection and Ranging, many autonomous vehicles use to navigate streets, roads and highways. The researchers have shown how to use lasers to fool LiDAR into “seeing” objects that are not present and missing those that are – deficiencies that can cause unwarranted and unsafe braking or collisions.