Network security

  • Digital ants protect critical infrastructure

    As the U.S. electrical power grid becomes more interconnected through the Internet, the chances of cyber attacks increase as well; a Wake Forest University security expert developed “digital ants” to protect critical networks; unlike traditional security approaches, which are static, digital ants wander through computer networks looking for threats such as computer worms, self-replicating programs designed to steal information or facilitate unauthorized use of computers; when a digital ant detects a threat, it summons an army of ants to converge at that location, drawing the attention of human operators to investigate

  • Pentagon to help protect U.S. cyber assets, infrastructure

    The U.S. Defense Department is now sharing cybersecurity information, capabilities, and expertise with DHS; this is in line with the administration’s cyber security plan, which calls for DHS to lead the effort to protect Americans, the U.S. critical infrastructure, and the federal government’s computer networks; the Defense Department would retain protections over its “dot-mil” domain, and it would work in close collaboration DHS and the departments of Justice and Commerce better to safeguard cyberspace

  • DHS to double cybersecurity staff

    DHS recently announced that it plans to increase its cybersecurity workforce by more than 50 percent so that it can lead government-wide efforts to secure federal networks against cyber attacks as outlined in President Obama’s recently proposed cybersecurity plan; DHS plans to hire 140 additional cybersecurity experts by October 2012 bringing the agency’s total to 400; under the president’s proposed legislation, DHS would act as the lead agency in coordinating cybersecurity measures across the government and would also be responsible for ensuring that private operators of critical infrastructure have adequate security measures in place

  • DHS cybersecurity chief resigns

    Just days after the White House unveiled its comprehensive plan for securing government networks from cyber attacks, one of the government’s top cyber security officials announced that he was resigning; Phil Reitinger, the deputy undersecretary of DHS’s National Protection and Programs Directorate (NPPD), was careful to note that the timing of his resignation was not meant as a reflection or a statement on the recently released government-wide cyber plan; at NPPD, Reitinger was DHS’s senior interagency policymaker and top cyber and computer crimes official.

  • Government launches cybersecurity plan

    Last week the Obama administration unveiled its plan to secure federal computer networks, critical industries, and consumers from cyberattacks; under the proposed plan, DHS will lead government efforts to secure networks with “primary responsibility within the executive branch for information security” ; DHS would also be empowered to set policies and activities for government systems; the plan would require critical infrastructure operators like electric companies and large financial firms to present cybersecurity plans to DHS for approval; DHS auditors would review the plans with the operators, discuss any shortcomings and “take other action as may be determined appropriate”

  • Memphis flood fear eases, Louisiana and Mississippi brace for worst

    Residents living near the Mississippi River have been battling a record surge of water that is slowly making its way south sending a deluge of water beyond the river’s banks and into nearby communities; on Tuesday, the river’s crest made its way through Memphis hitting near record levels of 47.8 feet; so far the levees along the river have been holding up; residents of Louisiana and Mississippi are bracing for similar record water levels as the crest winds southward; to help ease the pressure on the levee system, the Army Corps of Engineers opened up several spillways on Monday including parts of the Bonnet Carre spillway; the region has received 600 percent more rain than usual for this time of year

  • DOJ report finds FBI agents lacks critical cyber security skills

    A recent government report found that the FBI’s cybersecurity experts are incompetent and overly focused on investigating child pornography; the study, conducted by the Department of Justice (DOJ), said that many of the FBI agents trained in cyber security lacked the ability to investigate national security related intrusions and threats; out of the thirty-six agents interviewed, only 64 percent said they had the expertise to handle national security related cyber investigations; the remaining 36 percent “lacked the networking and counterintelligence expertise to investigate national security intrusion cases” ; five agents even admitted that they “did not think they were able or qualified to investigate national security intrusions effectively”

  • Dramatic increase in critical infrastructure cyber attacks, sabotage

    A new study by McAfee and CSIS reveals a dramatic increase in cyber attacks on critical infrastructure such as power grids, oil, gas, and water; the study also shows that that many of the world’s critical infrastructures lacked protection of their computer networks, and revealed the staggering cost and impact of cyberattacks on these networks

  • Firm pushes for open wireless sensor data

    As wireless sensors are becoming increasingly ubiquitous in electrical grids, homes, and businesses, electronic enthusiasts and programmers believe that this data could be used to create a host of new devices with practical uses; making sensor data freely available allows engineers to build software and apps that monitor data in real time for things like local radiation levels, water quality, or even your home’s energy consumption; leading the push for open sensor data is U.K. based Pachube (pronounced “patchbay”) which has developed a network of sensors that collect six million points of data per day; the majority of sensor information is currently encrypted and therefore inaccessible

  • Siemens, McAfee team up to defend against critical infrastructure attacks

    McAfee and Siemens will work together to help secure critical infrastructure against cyber attacks that target industrial control processes like the Stuxnet worm which destroyed nuclear centrifuges at an Iranian nuclear enrichment facility; the two companies are targeting Advanced Persistent Threats aimed at the manufacturing and process industry; this new security product could help ease security fears for critical infrastructure operators who rely on industrial control programs for nearly every automated process; McAfee says it’s Application Control system product would have protected Iran’s centrifuges from the Stuxnet virus that caused them to spin out of control

  • Joint EU and U.S. cyber security exercise to be held this year

    The United States and the European Union (EU) recently announced that they will hold joint cyber war exercises by the end of 2011; the exercise comes as part of a broader agreement to expand efforts to jointly defend against cyber security threats; the two sides agreed to share best practices, engage the private sector, and increase global cyber incident response capabilities; in particular, the agreement will focus on fighting botnets, securing industrial control systems, and enhancing the resilience and stability of the internet

  • Call for creating a U.S. cybersecurity emergency response capability

    Lawmakers call for the creation of a cybersecurity emergency response capability to help businesses under major cyber attacks; “Who do you call if your CIO is overwhelmed, if you’re a local bank or utility?” Senator Sheldon Whitehouse (D-Rhode Island) asked; “How can we preposition defenses for our critical infrastructure, since these attacks come at the speed of light?”

  • Demand for gov. cybersecurity specialists outstrips supply

    The demand for IT personnel continues to grow, but there has been a subtle shift with regard to the qualifications most sought after; new studies found that professionals with the right IT skills and an active government security clearance earned 12 percent more than non-cleared personnel; in the Washington, D.C., area, the pay bump is 20 percent

  • Senator seeks to end wasteful government cybersecurity spending

    Senator Tom Carper (D – Delaware) is actively seeking ways to end wasteful government cybersecurity spending; Carper believes that the government can spend its money more efficiently on IT security; he believes that too many government programs are expensive, inefficient, and do not actually secure government networks; Carper was careful to note that he was not advocating for budget cuts, but rather more efficient spending; Carper has proposed mandating that all agencies only purchase technology that is preconfigured with encryption or other security measures; he is currently working with Senators Joseph Lieberman (I-Connecticut) and Susan Collins (R-Maine) on the Cybersecurity and Internet Freedom Act of 2011, which contains many of his proposals

  • U.S. industrial processes vulnerable to Stuxnet-like attack

    Cyber security experts recently warned that U.S. manufacturing plants and critical infrastructure were vulnerable to a Stuxnet-like attack; industrial plants, transportation systems, electrical grids, and even nuclear plants could be crippled by new cyber weapons that target specialized control core processes; concern has spread after the Stuxnet virus targeted these systems and created physical damage; experts have likened Stuxnet to “the arrival of an F-35 into a World War I battlefield”