• Medical devices vulnerable to hacking

    The U.S. Food and Drug Administration (FDA) has alerted manufacturers of medical devices to the possibility of hacking, saying that “cybersecurity vulnerabilities and incidents could directly impact medical devices or hospital network operations.” Cybersecurity monitors have noted the new threat after U.S. security experts said the hacking of devices such as pacemakers and insulin pumps is possible.

  • HHS IG warns of lax USB security practices

    A new report from the inspector general of the Health and Human Services Department (HHS) pointedly criticizes a government contractor’s USB drive security practices. The report should serve as a timely reminder of why healthcare organizations need to control the use of mobile storage media and ports. Among the risks posed by USBs are the spread of malware and the inappropriate download, storage, and removal of data by users, resulting in breaches or possible fraud.

  • States tighten cybersecurity practices

    Ordinary Americans may wonder whether their private phone calls and e-mails are being monitored by government agencies, and businesses may be concerned that proprietary and other sensitive business information could be stolen by local or foreign competitors. State and local governments, too, are working to tighten protocols and institute safeguards to prevent outsiders from hacking into their information.

  • Technology trade shows pay more attention to cybersecurity

    Confirmation of China’s vast cyber espionage campaign against Western technology companies has increased the attention to cybersecurity by aerospace and defense companies showing off their wares at this year’s Paris Airshow. Trade shows, especially in foreign countries, pose tough challenges given the large number of people coming in contact with top executives who have access to sensitive information. In recent years, training of executives and employees attending these shows has focused on avoiding any violations of U.S. export control laws, but cybersecurity has been a major focus this year.

  • More cyberattacks now emanate from the Middle East

    Security experts are warning that the recent instances of cyberattacks emanating from the Middle East are an indication of a growing trend, and that around ten U.S. utility companies were the target of attempts to take over plant processes. So far, no group or country has claimed responsibility for the attacks – although suspicion has focused on Iran — but DHS has put companies on alert.

  • U.K. SMBs spend too little on cybersecurity

    U.K. small to medium sized businesses (SMBs) are spending as little as £200 a year on their cyber security budgets, leaving themselves vulnerable to attacks from hackers, a report just issued by the U.K. Home Office said. The report revealed that a firm’s average IT spend increased in line with its size, with companies with 50 to 100 employees spending roughly £4,000 per year on IT security and firms with 100-plus employees around £10,000.

  • Companies seriously underestimate number of new malicious malware appearing daily

    Most companies significantly underestimate the number of new malicious programs appearing daily, and only 6 percent of these companies recognize the true scale of the threat, says the 2013 Global Corporate IT Security Risks survey. The survey was conducted by analytical authority B2B International and Kaspersky Lab in spring this year. Kaspersky Lab says that nearly 200,000 new malware samples appear around the world each day. Asked to estimate this figure, 90 percent of global participants in the survey named a lower figure; 4 percent guessed too high and only 6 percent gave an accurate estimate.

  • Africa's cybersecurity movement gains momentum

    More and more African countries have recently suffered an increase in phishing scams, malware, advance-fee scams (commonly known as Nigerian 411 scams), and mobile-money related fraud, according to industry insiders. Africa’s cybersecurity movement has gained momentum with the formation of Africa Computer Emergency Response Teams (CERTs), a body which coordinates the reporting and response to cases of malicious malware or criminal activity. Eleven African countries have already set up CERT teams: South Africa, Kenya, Burkina Faso, Tunisia, Morocco, Cameroon, Sudan, Egypt, Ghana, Mauritius, and Ivory Coast.

  • Questions about U.S.-Russia cybesecurity agreement

    After two years of negotiations, the United States and Russia finalized a cybersecurity agreement aiming to improve cyber relations between the two countries. Observers say that the agreement, however, has so far not amounted to much more than a piece of paper, and that it is not clear whether implementing the policies outlined in the agreement will improve U.S. cybersecurity.

  • Japan's NTT acquires Nebraska-based Solutionary

    Omaha, Nebraska-based technology security provider Solutionary has been acquired by Japanese telecommunications firm NTT Group. The deal is expected to close in the third quarter of this year, pending regulatory approval. The NTT acquisition will allow Solutionary to continue its global expansion, improve its security intelligence capabilities, and fuel its research and development work. The company will expand its lineup of services, including cloud security offerings and real-time global threat research.

  • Also noted

    Regional cyber security imperative in the Middle East | Five ways to boost your company’s cybersecurity posture | Quantum mechanics may offer the answer to cybersecurity | EU cybersecurity agency receive new mandate | Cybersecurity, bribery leading topics in SEC filings | Security breaches a problem for 87 percent of U.K. firms | Massachusetts man orders a tie, gets social security numbers instead | U.K. GCHQ and security services “need parliamentary oversight”: opposition | Organizations, companies not doing enough to defend against cybercrime | Cloud can simplify vulnerability management For SMBs