• Building cyber security testbed to help protect the power grid

    It is easy to think of the electrical grid as the power plants, the high voltage lines, the transmission towers, the substations, and all the low-voltage distribution lines that bring power to our homes and businesses. An attack on that grid would involve getting out and cutting lines or dropping towers. But there is another, less visible piece to the grid — all the computers and communication networks that make it work. Attackers can go after the cyber grid, too. They can do it from a desktop. At no real cost. Potentially from anywhere in the world. With few if any clues left behind.

  • NIST seeks vendors to help secure wireless medical devices

    Medical devices such as the infusion pumps that deliver medication intravenously were once standalone instruments that interacted only with the patient. Today, they have operating systems and communications hardware that allow them to connect to other devices and networks. While this technology has created more powerful tools and the potential for improved patient care, it also creates new safety and security risks.

  • Researchers use advanced algorithms to identify six botnets

    Ben-Gurion University of the Negev (BGU) cyber security researchers have discovered and traced approximately six “botnets” by analyzing data collected from past cyberattacks. Botnets are networks of malicious, remotely updatable code that covertly lurk on infected computers.

  • Navigations systems are vulnerable to hackers

    When it comes to route planning, drivers have almost blind faith in GPS. The technology plays an important role in identifying location and time in other areas, too. If hackers attack the system, they can cause great damage. Information security researches look to develop defensive measures.

  • Using unpredictability to defend computers from cyberattacks

    We want our computers to perform the way we expect. But what if the key to defeating malware is introducing a bit of chaos? Researchers think a bit of unpredictability could help outsmart malware. This is the logic behind Chameleon, the operating system they are developing. In Chameleon, which is still in the conceptual phase, unknown programs that could be malware run in a special “unpredictable” environment, where the OS intentionally introduces some unpredictability to the way they operate.

  • Intel unveils new security-on-a-chip system

    Intel on Tuesday unveiled a new password security-on-a-chip system called Intel Authenticate. The new security system aims to thwart hackers who use fake e-mails to trick employees into revealing sensitive information like user names and passwords. Intel said that putting the authentication process on a chip makes the PC itself part of the security system.

  • SplashData releases annual “Worst Passwords” list -- “123456” maintains top spot

    SplashData has announced its annual list of the twenty-five most common passwords found on the Internet — thus making them the “Worst Passwords” that will expose anybody to being hacked or having their identities stolen. The 2014 list of worst passwords demonstrates the importance of keeping names, simple numeric patterns, sports, and swear words out of your passwords. In this year’s report – the company’s fourth annual report — compiled from more than 3.3 million leaked passwords during the year, “123456”and “password” continue to hold the top two spots that they have held each year since the first list in 2011. Other passwords in the top 10 include “qwerty,” “dragon,” and “football.”

  • Cyberattack on Ukraine grid: here’s how it worked and perhaps why it was done

    On 23 December 2015, two days before Christmas, the power grid in the Ivano-Frankivsk region of Ukraine went down for a reported six hours, leaving about half the homes in the region with a population of 1.4 million without power. Because of its success, the incident has sent shock waves through cybersecurity circles. Could this happen in the West? In short, yes. This incident underscores the need for diligence and the increased effort in cybersecurity that we are seeing in the government and private sectors. The continuously increasing dependence on the power grid is driving the need for cybersecurity to be part of the design of all new systems.

  • Cloud security reaches silicon

    In the last ten years, computer security researchers have shown that malicious hackers don’t need to see your data in order to steal your data. From the pattern in which your computer accesses its memory banks, adversaries can infer a shocking amount about what’s stored there. The risk of such attacks is particularly acute in the cloud, where you have no control over whose applications are sharing server space with yours. An antagonist could load up multiple cloud servers with small programs that do nothing but spy on other people’s data. System for defending against memory-access attacks is being implemented in chips.

  • Optical illusions which fool computer vision raise security concerns

    Computers are learning to recognize objects with near-human ability. But researchers have found that computers, like humans, can be fooled by optical illusions, which raises security concerns and opens new avenues for research in computer vision

  • Teenage hacker breaks into personal e-mail of James Clapper, director of national intelligence

    A teenage hacker who, in October, broke into the personal e-mail account of John Brennan, the director of the Central Intelligence Agency, has now broken into the personal accounts of James Clapper, director of national intelligence. The high school student he managed to fool Verizon into giving him access to Brennan’s account.

  • U.S. assisting Ukraine investigate 23 December cyberattack on power grid

    The United States is helping Ukraine investigate last month’s cyberattack last month which disrupted the country’s power grid and left some 80,000 customers without power. Experts say that the 23 December attack against western Ukraine’s Prykarpattyaoblenergo utility was the first known power outage caused by a cyberattack.

  • Kaplan launches cybersecurity education company

    Education provider Kaplan announced Wednesday that it has created a 12-person spin-off, split from a separate sister company called Cybervista, to offer Web-based cybersecurity courses. The creation of this new cybersecurity unit is an indication that the private sector is aware of, and trying to benefit from, the shortage of qualified security employees.

  • Tool improves government computer network security

    Government agencies, along with state and local governments, could receive a helping hand from a computer network security tool developed by computer scientists and engineers at DOE’s Lawrence Livermore National Laboratory. The LLNL software-based technology, known as the Network Mapping System (NeMS), does not allow a rogue computer which has gained access to a computer network to use a company’s virus protection systemd. The goal is to uncover any unauthorized devices to ensure a company is not at risk.

  • Jihadi cyberattacks; ISIS’s sex slaves; Iran’s missile test

    Hackers affiliated with the Jihadist group have been developing the capabilities to attack U.S. government and civilian targets, and such targets in other countries; Theologians working with ISIS have issued detailed and specific ruling on women slaves – explaining when “owners” of these women can have sex with them and who else among ISIS members may be entitled for sex services from enslaved women; On 26 December, the Iranian navy fired several rockets near three Western warships in the Gulf of Hormuz.