• New state-of-the-art cybersecurity resource available to software developers

    Cybercrime is booming; it is an estimated $100 billion industry in the United States and shows no signs of slowing down. Attackers have an arsenal of weapons at their disposal, including social engineering — or phishing — penetrating weak security protocols and exploiting software vulnerabilities that can serve as an “open window” into an organization’s IT environment. Closing those windows requires effective and accessible tools to identify and root out software vulnerabilities. Supported by a $23.4 million grant from DHS’s Science and Technology Directorate (S&T), the Software Assurance Marketplace, or SWAMP, provides a state-of-the-art facility that serves as an open resource for software developers, software assurance tool developers, and software researchers who wish to collaborate and improve software assurance activities in a safe, secure environment.

  • DARPA makes agency-sponsored software, publications available to R&D community

    DARPA has invested in many programs that sponsor fundamental and applied research in areas of computer science, programs which have led to new advances in theory as well as practical software. The R&D community has asked about the availability of results, and now DARPA has responded by creating the DARPA Open Catalog, a place for organizing and sharing those results in the form of software, publications, data, and experimental details. The Web site aims to encourage communities interested in DARPA research to build off the agency’s work, starting with big data.

  • Making the U.S. grid sturdier, smarter, and more secure to thwart blackouts

    In August 2003, fifty million customers throughout the northeastern United States and southeastern Canada lost power for up to two days. More than ten years later, the U.S. electric power system continues to be challenged. In the United States, 149 power outages affecting at least 50,000 customers occurred between 2000 and 2004, a number which grew to 349 between 2005 and 2009. In 2012, the prolonged power outages in New York and New Jersey caused by Hurricane Sandy once again demonstrated the system’s vulnerability. A broad, multidisciplinary effort by Georgia Tech researchers aims to revolutionize the delivery of electricity, advance the smart grid, thwart blackouts, integrate renewable energy sources, and secure utilities from cyberattacks.

  • Chemical, defense companies subject to Chinese Nitro attacks

    More and more chemical and defense companies around the world are victims of Nitro attacks. These attacks, launched by government-backed Chinese hackers, install PoisonIvy, a Remote Access Tool (RAT) stealthily placed on computer systems to steal information. The majority of the computers infected belong to firms in the United States, Bangladesh, and the United Kingdom.

  • National Guard units help states ward off cyberattacks

    Governors across the United States are mobilizing their states’ National Guard units to combat threats from cyberattacks. The state of Washington was the first state to assign the state’s National Guard cybersecurity responsibilities. The state recognized the potential of its National Guard as a cyberforce when it realized that many of its soldiers, who are full-time employees and part-time soldiers, worked for tech employers such as Google, Boeing, Cisco, Verizon, and Microsoft.

  • National cyber complex to open next to Ben-Gurion University of the Negev campus

    A new national cyber complex called CyberSpark will open at the Advanced Technology Park (ATP) which is located next to Ben Gurion University of the Negev. Fortune 500 companies Lockheed Martin and IBM announced they would invest in CyberSpark R&D facilities, joining other cybersecurity leaders Deutsche Telekom, EMC, RSA, and many startups. The 15-building ATP is the only type of complex of its kind in the world that includes Fortune 500 companies and cyber-incubators, academic researchers, and educational facilities as well as national government and security agencies. The CyberSpark will also include a high school geared toward science and technology.

  • Gaza-based Palestinian hackers compromise Israeli defense ministry computer

    Hackers broke into a computer at the Israeli Ministry of Defense through an e-mail attachment tainted with malicious software. The attachment looked as if it had been sent by the country’s internal security service, the Shin Bet. it was likely that Palestinians were behind the cyberattack, saying that the more recent attacks were similar to cyberattacks against Israeli computers more than a year ago. Those attacks originated in the Hamas-controlled Gaza Strip. The attackers used an e-mail attachment to infect the computers with Xtreme RAT malware, which is a remote access Trojan. The malware allows hackers complete control of an infected machine. They can steal information, load additional malicious software onto the network, or use the invaded computer as a base of operations from which to conduct reconnaissance and attempt to gain deeper access into the network.

  • Cal Poly unveils ambitious cybersecurity educational initiative

    Cal Poly, with a grant from the Northrop Grumman Foundation, has established a Cybersecurity Center, opened a new cyber lab, and is developing a cybersecurity curriculum with an ambitious set of goals in mind: educating thousands of students in cybersecurity awareness and readiness; producing experts in cyber technologies and systems, including many professionals who will serve the military and defense industry; and graduating cyber innovators who are prepared for advanced study and applied research in emerging cyber issues.

  • Botwall: New Web security solution uses real-time polymorphism to ward off attacks

    Malware has long used polymorphism — that is, rewriting its code — every time a new machine was infected in order easily to evade antivirus detection systems. Shape Security says its new product, the ShapeShifter, is reversing this advantage which malware has so far enjoyed: the new product uses polymorphic code as a new foundational tool for Web site defense. The patent-pending technology implements real-time polymorphism, or dynamically changing code, on any Web site, to remove the static elements that botnets and malware depend on for their attacks.

  • Many VSATs operated with no security, leaving them vulnerable to hacking

    Very-small-aperture terminals, or VSATs, are used by the oil and gas industry, utilities, financial firms, and news media to transmit information, often sensitive, from remote locations to headquarters. There are more than 2.9 million VSATs in operation around the world, with about two-thirds based in the United States. New security report says that at least 10,500 VSATs are operated with minimal or no security, and are wide open to being hacked.

  • House approves $447 for Cyber Command

    The House of Representatives approved a fiscal 2014 stop-gap budget last Monday (it approved to full spending bill on Wednesday), which allocates $447 million to the Defense Department’s Cyber Command. This is more than twice the $191 million budget for Cyber Command in 2013.

  • Healthcare industry to conduct cyberattack drill in March

    The American health care industry, in partnership with the federal government, will in March conduct simulated cyberattacks targeting industry networks and resources in an effort to test the industry’s vulnerability to cyberattacks. This will be the first time insurers, hospitals, pharmaceutical manufacturers, and HHS will run coordinated drills. Healthcare is one of seventeen critical infrastructure sectors which, if attacked, could have damaging consequences for the country.

  • Estimating the best time to launch a cyberattack

    Of the many tricks used by the world’s greatest military strategists, one usually works well — taking the enemy by surprise. It is an approach that goes back to the horse that brought down Troy. But surprise can only be achieved if you get the timing right. Timing which, researchers at the University of Michigan argue, can be calculated using a mathematical model — at least in the case of cyber-wars. “The question of timing is analogous to the question of when to use a double agent to mislead the enemy, where it may be worth waiting for an important event but waiting too long may mean the double agent has been discovered,” the researchers say.

  • Palo Alto Networks acquires Morta Security

    Palo Alto Networks has acquired Morta Security, a Silicon Valley-based cybersecurity company operating in stealth mode since 2012. Financial terms of the acquisition were not disclosed. Palo Alto Networks says that the acquisition of Morta Security further strengthens its position as a provider of next-generation enterprise security.Palo Alto Network says that most organizations still rely on legacy point technologies that address only specific types of attacks, or phases of the attack. Because of the singular nature of these technologies, they are ill-equipped to detect and prevent today’s advanced cyberattacks.The company says that to address these challenges, a new approach is required.

  • Bringing anthropological insights to bear on cybersecurity

    Michael Polanyi (1891-1976), in his book Personal Knowledge, rejected the British Empiricists’ notion that experience can be reduced to sense data, and Alan Turing’s assertion that human minds are reducible to collections of rules. Rather, Polanyi said, it is tacit awareness — he later called it the “structure of tacit knowing”— which connects us, albeit fallibly, with reality. It provides us with the context within which our words and actions have meaning. Princeton’s anthropologist Clifford Geertz (1926-2006), in his The Interpretation of Cultures, built on Polanyi’s argument to say that the task of ethnography is thus to discover and interpret the secondary, or underlying (Polnayi would say “tacit”) meanings of social behavior — the “deep structure” of culture and social life. Cybersecurity experts at Kansas State University, in a 3-year, $700,000 project, take an anthropological approach to cybersecurity: they are examining the unspoken knowledge shared by cybersecurity analysts as a way to develop new automated tools that help analysts strengthen their cyberdefenses.