• DARPA working on major cyber security break through

    The DOD’s advanced research arm, DARPA, is currently working on two programs that could radically change cyber security; one program, CRASH, is based on the human immune system and will make it less likely that computers will spread cyber infections to other networks; DAPRA is also working on another program, PROCEED, which will allow programmers to work directly with encrypted data without having to decrypt it first; both are highly experimental and may not succeed, but researchers have high hopes

  • Australia unprepared for cyber attacks

    The head of cyber security at BAE Systems Australia is calling for expanded training for cyber security experts in Australia; he believes that there is a lack of proper training and there must be greater cooperation between the government and the private sector; a government report finds that the Australian government is underprepared for cyber security threats; in February 2010 hackers brought down the government’s main site and the parliament’s homepage for two days

  • U.S. federal investment in cybersecurity to reach $13.3 billion by 2015

    U.S. federal investment in information security will rise from $8.6 billion in 2010 to $13.3 billion by 2015 at a compound annual growth rate of 9.1 percent, nearly twice the rate of overall federal IT spending

  • Pentagon revamps security in wake of Wikileaks

    There are 2.2 million people in the United States with access to one or more levels (confidential, secret, and top secret) of classified information; there are 854,000 people with top secret clearances — of which 265,000 are contractors; the 9/11 Commission recommended more sharing of information among agencies — but critics say that too much sharing is as risky as too little sharing

  • DHS slowly moving government's Internet traffic to secure networks

    It will take several more years for the U.S. government fully to install high-tech systems to block computer intrusions, a drawn-out timeline that enables criminals to become more adept at stealing sensitive data, experts say; DHS is responsible for securing government systems other than military sites, and the department is slowly moving all the government’s Internet and e-mail traffic into secure networks — known as Einstein 2 and Einstein 3 — which eventually will be guarded by intrusion detection and prevention programs

  • WikiLeaks episode demonstrates insider security threat

    Even the toughest security systems sometimes have a soft center that can be exploited by someone who has passed rigorous screening; the U.S. Defense Department’s Secret Internet Protocol Router Network (SIPRNet), a system of dedicated and encrypted lines and servers set up by the Pentagon in the 1990s globally to transmit material up to and including “secret,” the government’s second-highest level of classified information; in 1993, GAO report estimated more than three million U.S. military and civilian personnel had the clearance to access SIPRNet

  • Defeating detector blinding attacks on quantum cryptography

    Quantum cryptography is a method to distribute digital encryption keys across an optical fiber; the protocol has been proven to be perfectly secure from eavesdropping; any differences between the theoretical protocol and its real-world implementation, however, can be exploited to compromise the security of specific systems; one form of attack on quantum cryptography is called a detector blinding attack — but Toshiba researchers show how such attacks can be rendered ineffective

  • Second round of CyberPatriot competition sees 80 teams advance

    CyberPatriot, an education initiative produced by AFA to inspire students to consider science, technology, engineering, and mathematics fields in their studies, completed a second round of competition; nearly 400 teams registered in the All-Service Division, and approximately 80 teams scored high enough to compete again come 4 December; teams raced against time and their opponents quickly to find and effectively correct vulnerabilities in a virtual network

  • Fujitsu develops inter-cloud data security technology

    With the advent of cloud computing, the boundary separating internal and external data has become increasingly blurred due to the utilization of external services; as a result, existing methods of preventing data leakage, such as only using a gateway to block the outflow of confidential data, have become insufficient, and there is increased demand for new security technology to allow the safe use of confidential data even in the cloud; Fujitsu offers a new data leakage prevention technology in cloud computing environments

  • Briton gets 4-months jail for refusing to disclose password

    A 19-year old Briton used a 50-charcter password to protect child pornography files he kept in his computers; the court ordered him to reveal the password, but he refused and was sentenced to sixteen weeks imprisonment

  • Impact of cyberattack on U.S. could be "an order of magnitude surpassing" 9/11

    Former director of national intelligence and director of the National Security Agency Mike McConnell and Bush administration Homeland Security Adviser Fran Townsend say the United States is unprepared for a cyberattack and must overhaul its defenses; they said a large-scale cyberattack against the United States could impact the global economy “an order of magnitude surpassing” the attacks of 9/11; McConnell: “The warnings are over; it could happen tomorrow”

  • Faster cybersecurity with merging of two protocols

    Combination of unrelated protocols — a suite of automated network access control standards from the Trusted Computing Group and the government’s Security Content Automation Protocols (SCAP) — now being tested in South Carolina to enable automated policy enforcement on networks; the two standards offer a complementary set of capabilities, each valuable in its own right but much more powerful when combined

  • ITU chief supports governments' need to access BlackBerry communications

    In an interview with AP, ITU head Hamadoun Toure said RIM should provide law enforcement access to customer data; Toure characterized the governments’ needs as “genuine” concerns that cannot be ignored

  • India gives BlackBerry reprieve, saying Google, Skype are next

    BlackBerry users in India have received a 60-day reprieve: RIM has offered the Indian government a solution to interception issue (the Indian government wants to have the ability to intercept BlackBerry communications), and the government says it will examine the offer during the next two months; the government also said that services offered by Google and Skype are next, but unlike BlackBerry, Skype and Google Talk are both encrypted end-to-end, so intercepting communications is extremely difficult

  • U.S. intensifies campaign to train, hire, retain cybersecurity professionals

    The cyber threats to both government and public network intensify, and the U.S. federal agencies must find ways to attract qualified workers and develop new skills internally; NIST’s Dr. Ernest McDuffie: “We’ve got a problem of where the next generation of engineers are going to come from— Awareness, education, workforce, and training all have to come together”