• Cyber trends in 2017: The rise of the global cyberattack

    A new report, Cyber maturity in the Asia–Pacific region 2017, distils the major trends from a year’s worth of cyber events and looks at how countries in the region are measuring up to the challenges and opportunities posed by the internet and ever-more-connected IT infrastructure. Although cyber maturity and cybersecurity generally improved over the past year, the threat landscape worsened. Cybercriminals are investing in more advanced and innovative scams, and nation-states are prepared to launch massively destructive attacks causing huge collateral damage.

  • Simple tool tells whether websites suffered a data breach

    Computer scientists have built and successfully tested a tool designed to detect when websites are hacked by monitoring the activity of email accounts associated with them. The researchers were surprised to find that almost 1 percent of the websites they tested had suffered a data breach during their 18-month study period, regardless of how big the companies’ reach and audience are. “No one is above this—companies or nation states— it’s going to happen; it’s just a question of when,” said the senior researcher.

  • The “Russia Story”; Russia’s meddling was U.S. “intelligence failure”; cyber forensics, and more

    · What is the “Russia Story”?

    · Defending the West from Russian disinformation: The role of institutions

    · What Putin really wants

    · Russian bots manipulate online conversation about Olympics, sexual harassment

    · WikiLeaks faces four U.S. probes into its 2016 election role and CIA leaks

    · Rep. Eric Swalwell breaks down how Russia infected the U.S. election

    · As Russia subverts missile treaty, U.S. looking at new weapons

    · Exposing Russian interference – the value of real-time forensics

    · Ex-spy chief: Russia’s election hacking was an “intelligence failure”

    · Company that used Russian coders for Pentagon project strikes deal

  • Cybersecurity expert: Iranian hacking is a “coordinated, probably military, endeavor”

    On the heels of a report this week documenting Iran’s increasingly aggressive hacking attacks around the globe, a cybersecurity expert assessed that the advanced nature of the attacks suggests a “coordinated, probably military, endeavor.” A report released this week, by FireEye, a cybersecurity firm, noticed increased and increasingly advanced cyber-espionage efforts by groups that have been tied to Iran, and to the nation’s Islamic Revolutionary Guard Corps (IRGC).

  • Lawmakers request additional documents from DHS re: Kaspersky investigation

    U.S. House Science, Space, and Technology Committee chairman Lamar Smith (R-Texas) sent a letter Tuesday to the Department of Homeland Security (DHS) requesting documents and information related to the DHS directive to all government agencies to identify and remove Kaspersky Lab software from their computer systems.

  • Power grid test bed helps national grid resilience

    Essential services like hospitals and water treatment depend on energy distribution to ensure reliable and continuous operations. As the power grid evolves, becoming more connected and responsive, those new, smart devices can introduce greater cyber vulnerabilities. To address this challenge, the power grid test bed at the U.S. Department of Energy’s 890-square-mile Idaho National Laboratory has been transitioned to a more adaptive architecture.

  • NIST offers help for contractors secure unclassified government information

    It is crunch time for government contractors. They only have until 31 December 2017 to demonstrate they are providing appropriate cybersecurity for a class of sensitive data called Controlled Unclassified Information (CUI). Otherwise, they risk losing their contracts. For organizations that may be struggling to meet the deadline, the National Institute of Standards and Technology (NIST) has a new publication intended to help.

  • U.K. government agencies told to remove Kaspersky software from their systems

    In another example of a Western government taking decisive action to limit the ability of Russian government hackers to steal sensitive information, The U.K. cyber security agency on Friday has advised U.K. government agencies to remove Kaspersky Lab’s products from their systems.

  • Improving critical sectors’ cybersecurity by bolstering sharing, acting on information

    New initiative aims to operationalize the Integrated Adaptive Cyber Defense (IACD) framework for cybersecurity automation, orchestration and information sharing. This initiative will enable companies, including those in the financial services sector, to improve the ability to quickly and broadly share information and prevent and respond to cyberattacks.

     

  • Federal agencies complete second phase of Kaspersky product removal

    The U.S. federal government has completed the first two phases of a three-part plan to remove all Kaspersky Lab’s products from government computer systems. The U.S. intelligence community said that the Russian cybersecurity company’s anti-virus software was used to collect sensitive information from the systems on which it was installed, and deliver that information to Russia’s intelligence agencies.

  • Russia increasingly uses hacker mercenaries for cyberattacks: FBI

    FBI director Christopher Wray told lawmakers Thursday that state-actors such as Russia are increasingly relying on hacker mercenaries, blurring the lines between government-backed hackers and cyber criminals. Wray told lawmakers that increasingly, such hybrid government-criminal breaches are becoming a reality. “You have the blend of a nation-state actor, in that case, the Russian intelligence service, using the assistance of criminal hackers, which you think of almost like mercenaries, being used to commit cyberattacks,” the FBI director said.

  • Harnessing game theory for cybersecurity of large-scale nets

    Researchers have laid the groundwork for a method to improve cybersecurity for large-scale systems like the power grid and autonomous military defense networks by harnessing game theory and creating new intelligent algorithms. The project harnesses the Nash equilibrium, developed by Nobel laureate John Nash, whose life was chronicled in the film “A Beautiful Mind.” The work also applies “prospect theory,” which describes how people make decisions when there is uncertainty and risk, decisions that are often “only partly rational.”

  • Nanomaterials’ cryptographic potential may be ultimate defense against hackers

    The next generation of electronic hardware security may be at hand as researchers introduce a new class of unclonable cybersecurity security primitives made of a low-cost nanomaterial with the highest possible level of structural randomness. Randomness is highly desirable for constructing the security primitives that encrypt and thereby secure computer hardware and data physically, rather than by programming.

  • HADES misleads hackers by creating an alternate reality

    The Russian novelist Fyodor Dostoevsky once postulated that the devil no longer uses fire and brimstone but instead simply tells you what you want to hear. Sandia National Laboratories cyber researchers go with that second option when it comes to foiling a hacker. Rather than simply blocking a discovered intruder, the researchers deploy a recently patented alternative reality, dubbed HADES for High-fidelity Adaptive Deception & Emulation System, which feeds a hacker not what he needs to know but what he wants to believe.

  • Antivirus but not anti-spy

    The late senator William Proxmire of Wisconsin (he died in 1989) made a name for himself for his Golden Fleece Awards — awards given each year to the most wasteful U.S. government programs. Senator James Lankford (R-Oklahoma), continuing in Proxmire’s tradition, has just released the third volume of his annual of his Federal Fumbles: 100 Ways the Government Dropped the Ball. One of the U.S. federal government’s major fumbles has been the way it has dealt with Russian cybersecurity firm Kaspersky Lab. The U.S. intelligence community has long suspected that Kaspersky Lab was using its popular antivirus software – used not only by individuals and corporations, but also by U.S. government agencies – to collect sensitive information from the computer systems on which the software was installed, and deliver that information to the GRU and the FSB, the KGB’s successor agency.