• U.S. will "view major cyber attacks as acts of war"

    The Pentagon has adopted a new strategy that will classify major cyber attacks as acts of war, paving the way for possible military retaliation; “If you shut down our power grid, maybe we will put a missile down one of your smokestacks,” a U.S. military official said; the move to formalize the Pentagon’s thinking was borne of the military’s realization the United States has been slow to build up defenses against cyber attacks, even as civilian and military infrastructure has grown more dependent on the Internet; the military established a new command last year, headed by the director of the National Security Agency (NSA), to consolidate military network security and attack efforts

  • Data breaches compromise nearly 8 million medical records

    The revelation that millions of people have had their personal medical records stolen could slow the Obama administration’s efforts to digitize the nation’s health care records; in the last two years alone nearly eight million people have had their medical records stolen or compromised; 1.7 million patients, staff members, contractors, and suppliers at several New York hospitals had their information stolen when thieves removed them from an unlocked van; to ensure that medical records are safe, HHS has begun imposing penalties on health care providers who compromise their patient’s records; but some health care experts wonder if enforcing HIPAA alone will be enough to address the problem

  • Digital ants protect critical infrastructure

    As the U.S. electrical power grid becomes more interconnected through the Internet, the chances of cyber attacks increase as well; a Wake Forest University security expert developed “digital ants” to protect critical networks; unlike traditional security approaches, which are static, digital ants wander through computer networks looking for threats such as computer worms, self-replicating programs designed to steal information or facilitate unauthorized use of computers; when a digital ant detects a threat, it summons an army of ants to converge at that location, drawing the attention of human operators to investigate

  • DHS to double cybersecurity staff

    DHS recently announced that it plans to increase its cybersecurity workforce by more than 50 percent so that it can lead government-wide efforts to secure federal networks against cyber attacks as outlined in President Obama’s recently proposed cybersecurity plan; DHS plans to hire 140 additional cybersecurity experts by October 2012 bringing the agency’s total to 400; under the president’s proposed legislation, DHS would act as the lead agency in coordinating cybersecurity measures across the government and would also be responsible for ensuring that private operators of critical infrastructure have adequate security measures in place

  • DHS cybersecurity chief resigns

    Just days after the White House unveiled its comprehensive plan for securing government networks from cyber attacks, one of the government’s top cyber security officials announced that he was resigning; Phil Reitinger, the deputy undersecretary of DHS’s National Protection and Programs Directorate (NPPD), was careful to note that the timing of his resignation was not meant as a reflection or a statement on the recently released government-wide cyber plan; at NPPD, Reitinger was DHS’s senior interagency policymaker and top cyber and computer crimes official.

  • U.S. intelligence sets up cyber defense office in Estonia

    Since gaining its independence in 1991, Estonia has become one of the most cyber-focused nations in the world; it also has its own experience with cyberwar: in 2007 Russian government-inspired hackers launched a massive cyber attack on Estonia after the Estonian government decided to move a statue commemorating the Red Army from the center of the capital to a more modest location; now the U.S. intelligence community has decided to open an office in the Estonian capital Tallinn to help bolster the fight against cyber-crime

  • Is Google's Chromebook impervious to viruses?

    In a potential blow to the antivirus industry, Google recently announced the release of a series of laptops which the company claims to be so secure that there is no need to buy antivirus software; Chromebooks are designed to run nothing but a browser, which means nothing can be installed on the computer itself; with no executable files to be installed that also means antivirus and the malicious code it protects against have no room on the laptop; but, not all analysts are convinced that Google’s Chromebook is as secure as they claim; this move to a cloud based computer could signal a broader shift that could hamper the antivirus industry’s future prospects

  • 25 million more users hit in second cyber attack on Sony

    Japanese electronics giant Sony recently announced that hackers successfully broke into its networks and stole sensitive data from more than twenty-five million online gaming subscribers; the announcement comes days after Sony’s admission that seventy-seven million users had their personal information stolen; in the most recent attack, hackers infiltrated Sony’s Online Entertainment network and stole names, addresses, emails, birth dates, and even phone numbers from online gamers; some analysts estimate that the attacks could cost Sony and credit card companies as much as $1 to $2 billion

  • Sony's gaming network hacked, Microsoft's follows suit

    Gamers are in a frenzy over Sony’s announcement that its PlayStation network security had been breached, resulting in the exposure of a large amount of each user’s personal and financial information; the first of an expected flood of lawsuits, as well as class action is filed in U.S. District Court; Microsoft announces an exploited vulnerability in one of their game titles leading to phishing attempts, and acknowledged that previously banned “modded” consoles were attaching to the network again

  • Cell phone privacy

    Apple faces questions about an undisclosed, hidden geographical tracking file in its 3G products; the existence of the system was included in an operating system update downloaded and installed by users; a free mapping program can be downloaded to view your own history

  • Dramatic increase in critical infrastructure cyber attacks, sabotage

    A new study by McAfee and CSIS reveals a dramatic increase in cyber attacks on critical infrastructure such as power grids, oil, gas, and water; the study also shows that that many of the world’s critical infrastructures lacked protection of their computer networks, and revealed the staggering cost and impact of cyberattacks on these networks

  • Weak passwords get robust protection

    The combination of simple codes and Captchas, which are even more encrypted using a chaotic process, produces effective password protection; the passwords of the future could become more secure and, at the same time, simpler to use; researchers have been inspired by the physics of critical phenomena in their effort significantly to improve password protection; the researchers split a password into two sections; with the first, easy to memorize section they encrypt a Captcha — an image that computer programs per se have difficulty in deciphering; the researchers also make it more difficult for computers, the task of which it is automatically to crack passwords, to read the passwords without authorization; they use images of a simulated physical system, which they additionally make unrecognizable with a chaotic process; these p-Captchas allowed the researchers to achieve a high level of password protection, even though the user need only remember a weak password

  • Russian bloggers fall victim to cyber attacks

    Earlier this month LiveJournal, a major Russian blogging site, was the victim of a large cyber attack; bloggers believe that it was a move meant to silence political dissent in advance of the country’s elections; the site was brought down by a distributed denial of service (DDos) attack; SUP, the owners of LiveJournal, said that the recent attacks were the worst in its company’s history and unprecedented in that it targeted the entire website rather than individual blogs; the majority of Russia’s opposition leaders and political activists maintain blogs on LiveJournal that they use as platforms to gain support and spread their message

  • Call for creating a U.S. cybersecurity emergency response capability

    Lawmakers call for the creation of a cybersecurity emergency response capability to help businesses under major cyber attacks; “Who do you call if your CIO is overwhelmed, if you’re a local bank or utility?” Senator Sheldon Whitehouse (D-Rhode Island) asked; “How can we preposition defenses for our critical infrastructure, since these attacks come at the speed of light?”

  • Senator seeks to end wasteful government cybersecurity spending

    Senator Tom Carper (D – Delaware) is actively seeking ways to end wasteful government cybersecurity spending; Carper believes that the government can spend its money more efficiently on IT security; he believes that too many government programs are expensive, inefficient, and do not actually secure government networks; Carper was careful to note that he was not advocating for budget cuts, but rather more efficient spending; Carper has proposed mandating that all agencies only purchase technology that is preconfigured with encryption or other security measures; he is currently working with Senators Joseph Lieberman (I-Connecticut) and Susan Collins (R-Maine) on the Cybersecurity and Internet Freedom Act of 2011, which contains many of his proposals