• Quantum cryptography to help us keep our secrets secret

    In the history of secret communication, the most brilliant efforts of code-makers have been matched time and again by the ingenuity of code-breakers. Sometimes we can even see it coming. We already know that one of today’s most widely used encryption systems, RSA, will become insecure once a quantum computer is built. An article in Nature reviewing developments in quantum cryptography describes how we can keep our secrets secret even when faced with the double challenge of mistrust and manipulation.

  • Black markets for hackers increasingly sophisticated, specialized, and maturing

    Black and gray markets for computer hacking tools, services and byproducts such as stolen credit card numbers continue to expand, creating an increasing threat to businesses, governments and individuals, according to a new study. One dramatic example is the December 2013 breach of retail giant Target, in which data from approximately forty million credit cards and 70 million user accounts was hijacked. Within days, that data appeared — available for purchase — on black market Web sites.

  • New tool makes scanning the Internet for illegal images possible

    Researchers have developed a system that makes it possible to scan traffic on the Internet for illegal photographs. The system can, for example, help trace child pornography on the Internet without infringing on the privacy of Internet users. Internet service providers could use the tool to keep their network “clean.”

  • Quantum mechanics may lead to ultra-secure Internet

    In 1935 Einstein and researchers highlighted a “spooky” theory in quantum mechanics, which is the strange way entangled particles stay connected even when separated by large distances. In the 1990s, scientists realized you can securely transmit a message through encrypting and using a shared key generated by Einstein’s strange entanglement to decode the message from the sender and receiver. Using the quantum key meant the message was completely secure from interception during transmission.

  • Making the grid smarter makes it more vulnerable to hackers

    The U.S. electric grid is constantly under attack despite attempts by utilities to boost physical security and cyberdefenses. In 2013 a DHS cyber emergency team responded to more than eighty incidents involving energy companies. “If you’re a utility today, depending on your scale, you’re under attack at this moment,” says Robert Weisenmiller, chairman of the California Energy Commission.

  • Iran becoming serious cyber-warfare threat

    Both government and private cybersecurity experts are increasingly considering Iran as a “top ten” cyberthreat. Iran’s recent activities and its motives have led analysts to rank the country among other cyberspace heavy hitters such as Russia and China.

  • “Hacker schools” grow to meet growing demand for programmers

    The increasing demand for computer programmers in the job market has led to the growth of “hacker schools,” an alternative to traditional education that offers students a quicker, cheaper, and effective way to learn computer programing. Hacker schools do not offer certificates or diplomas, instead they target students who currently have degrees in other fields but who want a career change.

  • Universities struggle to balance cybersecurity, openness

    Since January 2013, more than fifty academic institutions across the country have been targets of cyberattacks, compromising personal information and intellectual property. Unlike other organizations, universities cannot mandate what devices are used to access their networks, and they must accommodate faculty, students, and researchers spread across the globe. Academic network systems are attractive to hackers because they contain valuable intellectual property.

  • Howard County, Md. attracts cybersecurity firms

    Howard County, Maryland boasts a growing presence of cybersecurity firms and specialists at a time when the industry is gaining attention. The proximity of the county to government agencies has helped cybersecurity firms gain federal contracts, and the proximity of large cybersecurity consumers like the NSA offers cybersecurity firms in Howard County a large pool of cybersecurity specialists to select from when NSA employees decide to shift to the private sector.

  • NERC drill finds U.S. grid preparedness insufficient

    The North American Electric Reliability Corporation (NERC) reported that its recent GridEx II exercise has highlighted the fact that nearly all the utilities which took part in the two-day drill last November – a drill aiming to test the preparedness of the U.S. power grid to withstand cyber and physical attacks – admitted that their planning for such attacks was insufficient. NERC’s president, Gerry Cauley, said that protecting utilities against cyber and physical attacks should be considered in the context of measures taken to protect the grid from other threats. He noted that utilities are already hardening their systems against storms like Hurricane Sandy, while working to determine their vulnerability to solar activity that changes the earth’s magnetic field.

  • Hacking prof’s computer to change a grade is easier than studying

    Academic institutions are easy targets since many do not invest in sophisticated IT personnel or employ the latest cybersecurity programs. Some students have noticed this, and more and more universities are facing a new hacking problem: students hacking their professors’ computers in order to improve their grades. “It became so much easier to change my grades than going to class and working real hard,” a Purdie University student told an Indiana court.

  • Washington, D.C. area leads nation in cybersecurity jobs

    The Washington, D.C metropolitan area had more than 23,000 cybersecurity job postings in 2013, making the region the leading destination for cybersecurity jobs, followed by the New York metro area with 15,000 cybersecurity job postings in 2013. On a state-by state basis, Virginia ranks second and Maryland ranks sixth, with Virginia reporting 25.1 cybersecurity job postings per 10,000 residents and Maryland posting 18.1 jobs per 10,000 residents.

  • Cyber war in Ukraine – business as usual for the Russian bear

    In a war — declared or otherwise — bravery and perseverance are not enough. Communications are important. Effectiveness means being able to command your troops and gather information. It also means being able to trust your communications. Disrupting and distorting communications is a dark art, the “new black” in overt and covert conflict. This is what we are seeing in Ukraine. Russia appears to be having a fine time covertly sabotaging Ukrainian networks.

  • Secret raises $10 million at a $50 million valuation

    Secret allows users to post messages to their circles of contacts without identifying themselves as the source of the posted message. The start-up, which was launched in January, has closed a $10 million round of funding at a $50 million post-money valuation. The funding was led by Google Ventures, with participation from KPCB.

  • Blackstone to acquire Accuvant, an enterprise information security specialist

    Denver, Colorado-based Accuvant, a specialist in enterprise information security, has reached a definitive agreement under which Blackstone will acquire a majority stake in Accuvant as part of their private equity portfolio. The transaction is expected to close in April pending relevant regulatory approvals.