-
U.S. "cyber flank" exposed
Former head of the CIA and the NSA warns the U.S.“cyber flank” was exposed and it was losing clout to influence rules of war on the Internet; “Our flank is totally exposed,” Michael Hayden said at the Black Hat computer security gathering in Las Vegas, comparing the U.S. tactical position on the Internet to a battle of land troops; “If tomorrow they show up on that flank they are going to roll down.”; the retired general said he was in “absolute awe and wonderment” at the Chinese cyber espionage campaign but that they were certainly not the only nation doing it; he faulted an Internet built on the premise of quickly and freely sharing information for creating an open landscape that gives attackers an edge over defenders
-
-
First Cyber Security Challenge winner announced
The United Kingdom suffers from a dearth of cybersecurity experts; several private and public organizations have launched the Cyber Security Challenge competition — a series of challenges and games that would test the talent and skills of people; the challenges is built around eight key skill areas which include digital forensics, network analysis, and logical thinking
-
-
First puzzle of U.K Cyber Security Challenge competition cracked
The United Kingdom suffers from a dearth of cybersecurity experts; several private and public organizations have launched the Cyber Security Challenge competition — a series of challenges and games that would test the talent and skills of people; the challenges is built around eight key skill areas which include digital forensics, network analysis and logical thinking; enthusiasts claim they have already solved he first test of the challenge
-
-
Shortage of cyber workers in the U.S.
The United States is lacking an adequate number of individuals within the federal government and private sector with the technical skills necessary to secure cyberspace; there is an even greater shortage of cybersecurity experts that can design secure systems and networks, write nonvulnerable computer code and create the tools needed to prevent, detect and mitigate damage due to malicious acts
-
-
Cybersecurity solution detects cyber attacks as they happen
A winning entry in a cyber security competition gives analysts a way to look at computer network traffic and determine how a system was penetrated; it also supplies critical data that can be used to reduce system vulnerabilities and limit future attacks
-
-
House's homeland security bill doubles cybersecurity R&D budget
The 2010 Homeland Security Science and Technology Authorization Act would double the cybersecurity research and development budget to $75 million for each of the next two years and authorize another $500 million for a study to find ways to promote industry best practices through, for example, liability requirements that hold hardware and software vendors responsible for damages caused by a security breach
-
-
Digital retaliation: Turkish hackers steal personal information of 122,000 Israelis
A month ago Israel stopped several ships, sponsored by a Turkish fundamentalist Islamic organization, which tried to breach the Israeli blockade of the Gaza Strip; nine Turkish militants were killed after they had attacked Israeli soldiers; Turkish hackers launched a retaliatory attack on Israeli digital databases, stealing the e-mail addresses and credit card and PayPal account information of 122,000 Israelis; the hackers also attacked 2,100 Israeli Web sites; security expert advises affected Israelis to change passwords, and credit cards.
-
-
Malicious virus targets SCADA systems
Supervisory Control and Data Acquisition, or SCADA, stands for large-scale distributed remote processing systems that gather data in real time to control critical industrial, infrastructure, or facility processes and equipment; SCADA is used to control U.S. critical infrastructure — power plants, oil and gas refining, telecommunications, transportation, dams, water, waste control, and more; Siemens is warning customers of a new and highly sophisticated virus that targets SCADA systems; these systems are typically not connected to the Internet for security reasons, but this virus spreads when an infected USB stick is inserted into a computer
-
-
UTSA's cyber security center moves into new home
The Institute for Cyber Security Center for Infrastructure Assurance and Security at the University of Texas at San Antonio is moving to a new home on campus; Congress, DHS, and the Defense departments have thrown their money behind UTSA, which the New York Times has named one of the best places to get training as a “cyber sleuth”
-
-
Experts: securing U.S. critical infrastructure against cyberattack not feasible
Experts say securing the U.S. power grid and other computer systems that operate the nation’s critical infrastructure against cyberattack is unrealistic, because companies cannot afford to check if suppliers have provided trustworthy products
-
-
U.S. nuclear safety agency unveils new data, physical security controls
NNSA the rollout of new information and physical security controls aimed at balancing efficiency and safety; officials said, though, that the implementation of cybersecurity improvements is about a year behind the progress the agency has made on physical protection
-
-
NSA: Perfect Citizen program is purely "research and engineering effort"
Perfect Citizen, a new National Security Agency (NSA) project, would deploy sensors in networks running critical infrastructure such as the electricity grid and nuclear-power plants; the sensors would detect intrusion and other unusual activity indicating a cyberattack on U.S. critical infrastructure; NSA spokeswoman says the program is “purely a vulnerabilities-assessment and capabilities-development contract—- This is a research and engineering effort” and “There is no monitoring activity involved, and no sensors are employed in this endeavor”
-
-
U.S. quietly launches protection program against cyber attacks on critical infrastructure
The administration has quietly launched Perfect Citizen, a digital surveillance project to be run by the NSA; the project’s goal is to detect and detect cyber attacks on private companies and government agencies running critical infrastructure such as the electricity grid, nuclear-power plants, dams, and more; the program would rely on a set of sensors deployed in computer networks for critical infrastructure that would be triggered by unusual activity suggesting an impending cyber attack — although it would not persistently monitor the whole system
-
-
GAO: U.S. lacks cybersecurity R&D master plan, leadership, coordination
GAO says United States does not have prioritized national cybersecurity research and development agenda; “Without a current national cybersecurity R&D agenda, the nation is at risk that agencies and private sector companies may focus on their individual priorities, which may not be the most important national research priorities,” auditors wrote
-
-
Secureworks World Cup of cyber security finds India the safest nation, U.S. the least safe
Digitally speaking, the United States is the least cyber-secure country in the world: with 265,700,000 active PCs, there were 441,003,516 attempted cyber attacks, or 1,660 attacks per 1,000 computers; India is the safest digital country in the world, with a mere 52 attacks per 1,000 PCs
-
More headlines
The long view
States Rush to Combat AI Threat to Elections
This year’s presidential election will be the first since generative AI became widely available. That’s raising fears that millions of voters could be deceived by a barrage of political deepfakes. Congress has done little to address the issue, but states are moving aggressively to respond — though questions remain about how effective any new measures to combat AI-created disinformation will be.
Tantalizing Method to Study Cyberdeterrence
Tantalus is unlike most war games because it is experimental instead of experiential — the immersive game differs by overlapping scientific rigor and quantitative assessment methods with the experimental sciences, and experimental war gaming provides insightful data for real-world cyberattacks.