• Online tools help users adopt better privacy practices

    Research shows a growing concern for online privacy, but Internet users give up personal information every day in exchange for the convenience and functionality of a variety of online services. Online privacy is distinct from online security, which encompasses efforts to mitigate the theft of personal information. Most violations of online privacy are not illegal but rather the results of tacit consumer consent. The new Privacy Helper mobile app teaches users about the features on their phones that can affect privacy. The key to Privacy Helper, its developers say, is its flexibility in giving users better control over how they share personal information.

  • U.S. Army creates a Cyber branch

    Soldiers who want to defend the nation in cyberspace, as part of the U.S. Army’s newest and most technologically advanced career field, now have an Army branch to join that will take its place alongside infantry, artillery, and the other Army combat arms branches. Army Secretary John McHugh and Chief of Staff Gen. Raymond Odierno approved the creation of the Cyber branch in September. “The establishment of a Cyber Branch shows how important and critical the cyber mission is to our Army, and allows us to focus innovative recruiting, retention, leader development, and talent management needed to produce world-class cyberspace professionals,” said Lt. Gen. Edward Cardon, the commanding general of Army Cyber Command.

  • Internet security market to reach $42.8 billion globally by 2020

    According to a new report by Allied Market Research, the global Internet security market is expected to reach $42.8 billion by 2020, registering a CAGR of 8.1 percent during 2014-2020. The market, driven by demand for software solutions, would experience a shift toward the adoption of cloud-based systems. About 80 percent of the top companies today identify with cloud-based security services which have become a prominent market trend.

  • A malware more sophisticated than Stuxnet discovered

    Security experts at Symantechave discovered the world’s most sophisticated computer malware, Regin. Thought to have been created by a Western intelligence agency, and in many respects more advanced than Stuxnet — which was developed by the U.S. and Israeli government in 2010 to hack the Iranian nuclear program — Regin has targeted Russian, Saudi Arabian, Mexican, Irish, and Iranian Internet service providers and telecoms companies. “Nothing else comes close to this … nothing else we look at compares,” said one security expert.

  • Iran may resume cyberattacks on U.S. if nuclear deal is not reached

    A failure for the United States to reach a nuclear deal with Iran could result in more cyberattacks against U.S. companies, House Intelligence Committeechairman Mike Rogers (R-Michigan) said. Cyberattacks by Tehran declined dramatically after the United States, other permanent members of the Security Council, and Germany agreed to an interim nuclear deal with Iran in 2013, but should the parties fail to reach a permanent nuclear deal by the newly set March 2015 and July 2015 deadlines, financial firms, oil and gas companies, and water filtration systems could be targets of malware from Iran’s cyber army.

  • Cyber experts divided over the scope of damage of a cyberattack on U.S.

    Citing the risks of lack of preparation against future cyberattacks and the absence of security infrastructure, a new report urges across the board updates in the domain of cybersecurity. Most of the experts interviewed for the report pointed to the Stuxnet malware, which damaged Iranian nuclear-enrichment centrifuges and other nuclear-related machinery in 2010, as an example of the sort of future attacks that could disable and destroy vital infrastructure such as power grids, air-traffic controls, and banking institutions.

  • Scientist develops uncrackable security code for nuclear weapons

    Nuclear weapons exist, so control of nuclear weapons is essential. Intrinsic Use Control (IUC) is a concept which is capable of providing improved quantifiable safety and use control within a nuclear weapon. As a basic concept, use control is best accomplished in the weapon itself rather than depending on administrative controls, fences, and guards. Using established technology, IUC uses passive use control to resist any attacks or unauthorized use of a weapon at either the component or the fully assembled levels.

  • Pentagon mulls “byte for a byte” cyber retaliatory operations

    Much has been made of the phrase “an eye for an eye” throughout history, and it is beginning to appear that the oft-used motto will extend to the new fields of cyber warfare as well.This “approach is something our adversaries will readily understand,” one analyst writes. “If they escalate, we escalate. They know they will lose because we have far more cyber resources to draw on than they have, and we can cause real harm if they mess with us.”

  • NSA director: China and “one or two” other nations can damage U.S. critical infrastructure

    Adm. Michael Rogers, director of the National Security Agency and head of U.S. Cyber Command, told lawmakers yesterday that China and “one or two” other countries are capable of mounting cyberattacks which would paralyze the U.S electric grid and other critical infrastructure systems across the country. A cyberattacks of such scope has been discussed in the past – it was even dubbed a “cyber Pearl Harbor” – but Rogers was the first high official to confirm that such a crippling attack on the United States was not a mere speculation. Rogers said U.S. adversaries are conducting electronic “reconnaissance” on a regular basis so that they will be well-positioned to damage and disrupt the industrial control systems which run chemical facilities, nuclear power plants, water treatment facilities, dams, and much more.

  • New study shows people ignore online warnings

    You are your own worst enemy when it comes to online security. Say you ignored one of those “this Web site is not trusted” warnings and it led to your computer being hacked. How would you react? Would you: (A) Quickly shut down your computer? (B) Yank out the cables? (C) Scream in cyber terror? Researchers report that that for a group of college students participating in a research experiment, all of the above were true. These gut reactions (and more) happened when a trio of researchers simulated hacking into study participants’ personal laptops.

  • U.S. spends about $10 billion a year to protect the nation's digital infrastructure

    U.S. intelligence agencies have designated cyberattacks as the most alarming threat to national security. The federal government is spending roughly $10 billion a year to protect the nation’s digital infrastructure, but hackers, some sponsored by nation-states, are successfully infiltrating civilian and military networks.Professionals from DHS, the Pentagon, and private contractors all work together in U.S. cyber centers to detect, prevent, respond, and mitigate incoming and existing cyberattacks. Several of the U.S. top cybersecurity labs are housed in nondescript office buildings with no government seals or signs.

  • More companies adopt active defense to thwart hackers

    Some U.S. companies are beginningto counter-hack cybercriminals by using intelligence shared within industry circles. Federal officials have not openly endorsed active defense, but measures like tricking hackers into stealing fake sensitive data, then tracking its movements through the Web, are gaining support. Some firms have gone as far as hacking alleged criminals’ servers. “The government is giving ground silently and bit by bit on this [active defense] by being more open,” said former National Security Agencygeneral counsel Stewart Baker. “I have a strong sense from everything I’ve heard. . . that they’re much more willing to help companies that want to do this.”

  • Software detects, eradicates viruses, other malware – and repairs the damage they caused

    University of Utah computer scientists have developed software that not only detects and eradicates never-before-seen viruses and other malware, but also automatically repairs damage caused by them. The software then prevents the invader from ever infecting the computer again. A3, for Advanced Adaptive Applications, is a software suite that works with a virtual machine — a virtual computer which emulates the operations of a computer without dedicated hardware. The A3 software is designed to watch over the virtual machine’s operating system and applications.

  • Security experts worry BlackEnergy technology could soon be available to bad non-state actors

    DHS a few days ago has issued a cyberthreat alert to critical infrastructure firms warning of the malicious software called BlackEnergy, a variant of a Trojan horse believed to have originated from Russian government-sponsored hackers. BlackEnergy is similar to another Russian issued malware called Sandworm, which was used in a 2013 Russian cyber-espionage campaign against NATO, the European Union, and overseas telecommunication and energy assets. DHS believes the attack on U.S. critical systems is “part of a broader campaign by the same threat actor.”

     

  • Differences between hacking, state-sponsored cyberwarfare increasingly blurred: Experts

    Cybersecurity officials say that there is an increasing similarity between hacking attacks and full-on cyber warfare, as digital infrastructures continue to grow and play a larger role in everyday life. “It’s not a clear, bright red line,” said Mitchell Silber, the executive managing director of K2 Intelligence, “It really is more murky, the difference between where a cyber criminal hack ends and where some type of state or state-sponsored event begins.”