-
EU moves on data breach notification law
Security professionals debate the recommendations of independent research to introduce tough European data breach and security regulations
-
-
Briefly noted
U.S. Army signs $75 million contract for passive RFID… U.S. government to take over screening from airlines… IT security sector faces major changes… Senators propose changes at DHS
-
-
A first: quantum cryptography used within a commercial network
European consortium demonstrates transmission of quantum-encrypted data within commercial telecommunications network
-
-
IT security hinders innovation
New IDC reports says businesses are struggling to find the right balance between security and innovation; information security concerns have caused 80 percent of companies surveyed to back away from new innovation opportunities
-
-
Setback: Laser breaks "unbreakable" quantum communications
Quantum encryption was supposed to make communication completely secure — because quantum mechanics makes it impossible for an eavesdropper to emulate the receiver’s photon detection methods; researchers find flaw in commonly used encryption devices which does allow an eavesdropper to fool the receiver
-
-
Schwarzenegger terminates RFID skimming
As RFID technology becomes more pervasive — people now use it to gain access to offices, properties, children’s nurseries, parking lots, and others areas — concerns have been growing about wireless “skimming” of the information on the RFID tags; California now bans the practice
-
-
China spying on Skype users
Canadian researchers find that China engages in a massive surveillance campaign of users of Tom-Skype, a joint venture between Chinese mobile firm TOM Online and U.S.owened Skype; sensitive words such as “Tibet,” “Taiwan independence,” the Falun Gong, and political opposition to the Communist Party of China are censored and logged
-
-
DHS, industry promote security awareness month
Companies offer tips on avoiding and dealing with attacks; October will also see major cybersecurity initiatives in Europe, Asia
-
-
Briefly noted
DoE’s networks open to cyberattacks… WiMax emulator debuts… DHS’s radiation program to exceed initial cost estimates…
-
-
FCC restarts public safety network in the 700 MHz band
The Federal Communication Commission revives plans for a nationwide emergency network; decision follows disappointing results of the “D Block” auction
-
-
Washington State, Microsoft sue cyber fear mongers
Washington State has one of the nation;s toughest anti-spyware laws, and the state attorney general joins with Microsoft to sue companies which use fear to sell security products
-
-
Web browsers affected by Clickjacking
US CERT issues a warning about a new cross-browser exploit technique called “Clickjacking”; clickjacking gives an attacker the ability to trick a user into clicking on something only barely or momentarily noticeable; thus, if a user clicks on a Web page, they may actually be clicking on content from another page
-
-
Stolen laptops "broadcast" their location to rightful owners
Huskies researchers develop a software tool which uses the Internet as a homing beam; if the thief uses the stolen laptop to connect to the Internet, the owner receives information on the laptop location (and Macintosh owners also recvied a picture of the thief)
-
-
U.S.-based computers launch most cyberattacks in 2008
Computers, or hackers, based in the United States launched most of the cyber attacks in the world between January and September 2008; China-based computers were in second place, and Brazil came in third; United States also led in the number of computers compromised
-
-
Satellite phone company Iridium acquired for $591 million
Iridium made a name for itself for going bankrupt eight years ago and being bought for $25 million; it later donated satellite phones to first responders in the aftermath of Katrina; now it is being acquired for half a billion dollars
-
More headlines
The long view
States Rush to Combat AI Threat to Elections
This year’s presidential election will be the first since generative AI became widely available. That’s raising fears that millions of voters could be deceived by a barrage of political deepfakes. Congress has done little to address the issue, but states are moving aggressively to respond — though questions remain about how effective any new measures to combat AI-created disinformation will be.
Ransomware Attacks: Death Threats, Endangered Patients and Millions of Dollars in Damages
A ransomware attack on Change Healthcare, a company that processes 15 billion health care transactions annually and deals with 1 in 3 patient records in the United States, is continuing to cause massive disruptions nearly three weeks later. The incident, which started on February 21, has been called the “most significant cyberattack on the U.S. health care system” by the American Hospital Association. It is just the latest example of an increasing trend.
Chinese Government Hackers Targeted Critics of China, U.S. Businesses and Politicians
An indictment was unsealed Monday charging seven nationals of the People’s Republic of China (PRC) with conspiracy to commit computer intrusions and conspiracy to commit wire fraud for their involvement in a PRC-based hacking group that spent approximately 14 years targeting U.S. and foreign critics, businesses, and political officials in furtherance of the PRC’s economic espionage and foreign intelligence objectives.
Autonomous Vehicle Technology Vulnerable to Road Object Spoofing and Vanishing Attacks
Researchers have demonstrated the potentially hazardous vulnerabilities associated with the technology called LiDAR, or Light Detection and Ranging, many autonomous vehicles use to navigate streets, roads and highways. The researchers have shown how to use lasers to fool LiDAR into “seeing” objects that are not present and missing those that are – deficiencies that can cause unwarranted and unsafe braking or collisions.
Tantalizing Method to Study Cyberdeterrence
Tantalus is unlike most war games because it is experimental instead of experiential — the immersive game differs by overlapping scientific rigor and quantitative assessment methods with the experimental sciences, and experimental war gaming provides insightful data for real-world cyberattacks.