• Britain faces "real and credible" cyber threat: intelligence chief

    In a rare public speech, Iain Lobban, director of the Government Communications Headquarters (GCHQ), said that there is a “real and credible” cyber threat to U.K. infrastructure, and that Britain’s economy could be at risk if effective protection against cyber attacks was not developed

  • Ethical hacking conference coming to Charleston, WVA

    A major ethical hacking event will take place in Charleston, West Virginia, 23-24 October; the event will focus on “white hat hacking” — meaning learning how to think like the “black hat hackers” or bad actors and how they operate; a Hacker Village will be set up at the Charleston Civic Center featuring a network of systems designed with vulnerabilities so attendees can try their stuff with mentors on hand

  • Students think hacking is "cool"

    A third of students surveyed thought that hacking was “cool,” and a similar number thought it was “easy”; the survey found that 37 percent had hacked Facebook accounts, 26 percent e-mail accounts, with 10 percent breaching online shopping accounts; an entrepreneurial 15 percent revealed that they hacked to make money

  • The most pressing cybersecurity issue

    According to Red Hat’s Gunnar Hellekson the most pressing cybersecurity issue is “the threat that comes from our reactions to real and perceived threats…I see this growing ‘Fortress America’ movement around computer security and the security of the software-supply chain”

  • Smartphone security products begin to make it to market

    A modern smartphone has many of the same capabilities as a PC and is way more vulnerable to certain kinds of attack; even so, few smartphone users see security apps as essential; Austrian security testing lab AV-Comparatives has justreleased a study comparing four smartphone security products

  • Need for digital security spurs growth of cyber security field

    The growing need for digital security has made the shortage of cyber security professionals in the United States even more apparent, and the U.S. government is now engaged in a campaign to train, hire, and retain thousands of cyber professionals; the private sector is doing its share, too: Raytheon initiated the MathMovesU program in 2005, to inspire middle school students to consider math, science, and engineering education and careers; Raytheon awards more than $2 million annually in scholarships and grants to students, teachers, and schools nationwide

  • U.S. intensifies campaign to train, hire, retain cybersecurity professionals

    The cyber threats to both government and public network intensify, and the U.S. federal agencies must find ways to attract qualified workers and develop new skills internally; NIST’s Dr. Ernest McDuffie: “We’ve got a problem of where the next generation of engineers are going to come from— Awareness, education, workforce, and training all have to come together”

  • Pentagon describes 2008 attack as a "network administrator's worst fear"

    The Pentagon admits that a 2008 cyber attack on the Pentagon’s computers was a “network administrator’s worst fear”; a USB device was
    plugged into a military laptop located on an undisclosed base in the Middle East, causing a malicious code to link highly sensitive machines to networks controlled by an unnamed foreign intelligence agency

  • Intel wants security built directly into silicon

    A consensus is emerging that the main reason for Intel’s acquisition of McAfee is that Intel wants to build directly into its hardware the kind of security features more traditionally provided by software like McAfee’s

  • Technological challenges to Intel's embedded security approach

    Embedding security in silicon faces many challenges, among them: how much can be placed into a chip, and the fact that patching hardware or firmware is when a security vulnerability is discovered, is much harder than patching software

  • Powerful GPU processor puts password security system at risk

    A readily available piece of hardware, a graphics processing unit (GPU) costing only a few hundred dollars, now brings supercomputer-level power to any desktop; this new capability puts power into many hands — and could also threaten the world’s ubiquitous password-protection model because it enables a low-cost password-breaking technique that engineers call “brute forcing”

  • Software vendors will be forced to fix vulnerabilities under deadline

    Software vendors tend to take their time fixing security vulnerabilities discovered in their products; Zero Day Initiative, which serves as a broker between security researchers who find flaws and software companies who need to fix them, says there are 122 outstanding vulnerabilities that have been reported to vendors and which have not been patched yet; the oldest on the list was reported to IBM in May 2007 and more than thirty of the outstanding vulnerabilities are older than a year; Zero Day Initiative has just announced a new policy: vendors will now have six months to fix vulnerabilities, after which time the Zero Day Initiative will release limited details on the vulnerability, along with mitigation information so organizations and consumers who are at risk from the hole can protect themselves

  • Criminals, spies dominate cyber world, with little to deter them

    White House cyber security coordinator Howard Schmidt says the U.S. economy essentially rests on safe Internet facilities; last year saw $10 trillion in online business, a figure forecast to hit $24 trillion in another decade, he noted; yet, incredibly, the business world has yet to grasp the threat that online thieves and vandals pose; almost half of small businesses don’t use antivirus software and even fewer use it properly, Schmidt warned

  • Worry: Hackers can take over power plants

    In many cases, operating systems at power plants and other critical infrastructure are decades old; sometimes they are not completely separated from other computer networks used by companies to run administrative systems or even access the Internet; those links between the administrative networks and the control systems provide gateways for hackers to insert malicious codes, viruses, or worms into the programs that operate the plants

  • Commerce Department seeks comments on cybersecurity and its impact on innovation

    The U.S. Commerce Department seeks comments from all stakeholders, including the commercial, academic and civil society sectors, on measures to improve cyber security while sustaining innovation; the department says that the Internet has become vitally important to U.S. innovation, prosperity, education, civic activity, and cultural life as well as aspects of America’s national security, and that a top priority of the department is to ensure that the Internet remains an open and trusted infrastructure, both for commercial entities and individuals