Hackers

  • FBI: Lawmakers should mandate surveillance “backdoors” in apps, operating systems

    FBI director James Comey said that the agency was pushing lawmakers to mandate surveillance functions in apps, operating systems, and networks, arguing that privacy and encryption prevent or disrupt some of the agency’s investigations. According to Comey, new privacy features implemented by Google and Apple in the wake of the Snowden revelations, automatically encrypt user communication and data, making it difficult for law enforcement to gather evidence and connect links among suspected criminals and terrorists.

  • Russian government hackers insert malware in U.S. critical infrastructure control software

    Investigators have uncovered a Trojan Horse named BlackEnergy in the software that runs much of the U.S. critical infrastructure. In a worst case scenario, the malware could shut down oil and gas pipelines, power transmission grids, water distribution and filtration systems, and wind turbines, causing an economic catastrophe. Some industry insiders learned of the intrusion last week via a DHS alert bulletin issued by the agency’s Industrial Control Systems Cyber Emergency Response Team(ICS-CERT). The BlackEnergy penetration had recently been detected by several companies. Experts say Russia has placed the malware in key U.S. systems as a threat or a deterrent to a U.S. cyberattack on Russian systems – mutual assured destruction from a cold war-era playbook.

  • Banks collaborate to thwart cybercrime

    The Financial Services Information Sharing and Analysis Center (FS-ISAC), a cybersecurity information sharing group, has teamed up with the Depository Trust & Clearing Corporation to form Soltra. Named after a series of fire signals that were used in Europe hundreds of years ago to warn against invaders, the organization alerts member banks of incoming or potential cyber threats.

  • Mobile phones’ applications offering voice communication security vulnerable to attack

    Researchers examined the vulnerabilities in security of video- and voice-over-Internet protocol, or VoIP, communications. The team developed attacks that uncovered these vulnerabilities in a currently used security scheme, and once those weaknesses were identified, the team suggested alternatives that may protect against potential attacks.

  • view counter
  • Government tries better to define cybersecurity needs

    In a science advisory board meeting on 23 October at the White House Office of Science and Technology Policy (OSTP), officials attempted to glean just where the government cybersecurity workforce stood in terms of talent and hiring necessity. There is currently no government-wide federal job description in the cybersecurity field, and that has led to meetings similar to the October summit.

  • Security contractor USIS failed to notice months-long hacking of its computer systems

    A new report reveals that the cyberattack on security contractor USIS, similar to previous attacks by Chinese government hackers on U.S. firms, was infiltrating USIS computer systems for months before the company noticed. The breach, first revealed publicly by the company and the Office of Personnel Management(OPM) in August, compromised the records of at least 25,000 DHS employees.

  • view counter
  • A major cyberattack causing widespread harm to national security is imminent: Experts

    A new report found that more than 60 percent of the roughly 1,600 computer and Internet experts surveyed on the future of cyberattacks believe a nationwide cyberattack is imminent. They did so in response to the question: “By 2025, will a major cyberattack have caused widespread harm to a nation’s security and capacity to defend itself and its people?” The experts also warn about the risks to privacy which will accompany a growing focus on cybersecurity.

  • Identifying ways to improve smartphone security

    What information is beaming from your mobile phone over various computer networks this very second without you being aware of it? Experts say your contact lists, e-mail messages, surfed Web pages, browsing histories, usage patterns, online purchase records and even password protected accounts may all be sharing data with intrusive and sometimes malicious applications, and you may have given permission. The apps downloaded to smartphones can potentially track a user’s locations, monitor his or her phone calls and even monitor the messages a user sends and receives — including authentication messages used by online banking and other sites, he says, explaining why unsecured digital data are such a big issue. Assigning risk scores to apps may slow down unwarranted access to personal information.

  • New report details Russia’s cyber-espionage activities

    Researchers at FireEye, a Silicon Valley-based computer security firm, are connecting the Russian government to cyber espionage efforts around the world. The researchers released a report on Tuesday which says that hackers working for the Russian government have, for seven years now, been hacking into computer networks used by the government of Georgia, other Eastern European governments, and some European security organizations.

  • Georgia Tech releases 2015 Emerging Cyber Threats Report

    In its latest Emerging Cyber Threats Report, Georgia Tech warns about loss of privacy; abuse of trust between users and machines; attacks against the mobile ecosystem; rogue insiders; and the increasing involvement of cyberspace in nation-state conflicts.

  • New smart key software enhances security for homes businesses

    Computer scientists and security specialists have created an innovative electronic smart key system that aims to provide a safer and more flexible security system for homes and businesses. eLOQ is a new software system for the creation and management of electronic keys and locks which cannot be copied or picked.

  • China steals confidential data on the vulnerabilities of major U.S. dams

    The U.S. Army Corps of Engineers’ National Inventory of Dams(NID) contains critical information on the vulnerabilities of the roughly 8,100 major dams in the United States. Between January and April 2013, U.S. intelligence agencies spotted several attempts by China’s People’s Liberation Army (PLA) cyber-espionage unit to access the NID database and steal its contents. On Monday, National Weather Service (NWS) hydrologist Xiafen “Sherry” Chen, 59 was arrested for allegedly breaching the NID security and stealing confidential data on U.S. dam vulnerabilities. The Justice Department has raised the alarm over multiple attempts by China to steal data on U.S. critical infrastructure through individuals with privileged access to confidential databases.

  • FBI wants Congress to mandate backdoors in tech devices to facilitate surveillance

    In response to announcements by Appleand Googlethat they would make the data customers store on their smartphones and computers more secure and safer from hacking by law enforcement, spies, and identity thieves, FBI director James Comey is asking Congress to order tech companies to build their devices with “backdoors,” making them more accessible to law enforcement agencies.Privacy advocates predict that few in Congress will support Comey’s quest for greater surveillance powers.

  • Social media firms pledging to keep users anonymous still collect users’ information

    Social media firm Whisperprides itself on offering anonymity in a market where the biggest players are often considered too transparent. Its co-founder, Michael Heyward, a tech entrepreneur, describes the company as “the first completely anonymous social network,” an alternative to Facebookand Twitter. It now emerges that Whisper’s back-end systems that retain digital libraries of texts and photographs sent by users, and in some cases the location information of users.

  • Surge in cyberattacks drives growth in cybersecurity insurance

    More than 3,000 American businesses were hacked in 2013, many of them small and mid-size firms without cybersecurity insurance. That surge in cyberattacks has led to a growing cybersecurity industry, with firms offering products and solutions to secure network systems. Insurance companies are also claiming their stake in the booming industry. Today, roughly fifty U.S. companies offer cybersecurity insurance. American businesses will spend up to $2 billion on cyber-insurance premiums this year, a 67 percent increase from the $1.2 billion spent in 2013.