• Optical illusions which fool computer vision raise security concerns

    Computers are learning to recognize objects with near-human ability. But researchers have found that computers, like humans, can be fooled by optical illusions, which raises security concerns and opens new avenues for research in computer vision

  • Kaplan launches cybersecurity education company

    Education provider Kaplan announced Wednesday that it has created a 12-person spin-off, split from a separate sister company called Cybervista, to offer Web-based cybersecurity courses. The creation of this new cybersecurity unit is an indication that the private sector is aware of, and trying to benefit from, the shortage of qualified security employees.

  • Tool improves government computer network security

    Government agencies, along with state and local governments, could receive a helping hand from a computer network security tool developed by computer scientists and engineers at DOE’s Lawrence Livermore National Laboratory. The LLNL software-based technology, known as the Network Mapping System (NeMS), does not allow a rogue computer which has gained access to a computer network to use a company’s virus protection systemd. The goal is to uncover any unauthorized devices to ensure a company is not at risk.

  • In our Wi-Fi world, the internet still depends on undersea cables

    By Nicole Starosielski

    Not many people realize that undersea cables transport nearly 100 percent of transoceanic data traffic. These lines are laid on the very bottom of the ocean floor. They’re about as thick as a garden hose and carry the world’s Internet, phone calls and even TV transmissions between continents at the speed of light. A single cable can carry tens of terabits of information per second. The cables we all rely on to send everything from e-mail to banking information across the seas remain largely unregulated and undefended. Any single cable line has been and will continue to be susceptible to disruption. And the only way around this is to build a more diverse system, because the thing that protects global information traffic is the fact that there’s some redundancy built into the system. But as things are, even though individual companies each look out for their own network, there is no economic incentive or supervisory body to ensure the global system as a whole is resilient. If there’s a vulnerability to worry about, this is it.

  • PNNL to help DHS address critical infrastructure vulnerabilities

    The Department of Energy’s Pacific Northwest National Laboratory (PNNL) has been named a supporting laboratory to the National Infrastructure Simulation and Analysis Center (NISAC). NISAC is a Department of Homeland Security (DHS) program which addresses the potential vulnerabilities and consequences of disruption of U.S. critical infrastructure. PNNL says it will contribute advanced computer modeling and simulation capabilities to look at the dependencies, interdependencies, vulnerabilities, and complexities of important critical infrastructure sectors such as dams, water, transportation, energy, and information technology.

  • NSF awards $74.5 million to 257 interdisciplinary cybersecurity research projects

    The NSF the other day announced the awarding $74.5 million in research grants through the NSF Secure and Trustworthy Cyberspace (SaTC) program. In total, the SaTC investments include a portfolio of 257 new projects to researchers in thirty-seven states. The largest, multi-institutional awards include research better to understand and offer reliability to new forms of digital currency known as cryptocurrencies, which use encryption for security; invent new technology to broadly scan large swaths of the Internet and automate the detection and patching of vulnerabilities; and establish the “science of censorship resistance” by developing accurate models of the capabilities of censors.

  • Two new projects tackle e-mail security

    In the early, halcyon days of the Internet, researchers were more interested in sharing information rather than securing it. Now, decades later, securing the world’s most widely used medium for business communication is a full-time job for researchers and IT specialists around the globe. The modern working world cannot exist without e-mail, but hackers exploit this vital service to steal money and valuable information. The National Institute of Standards and Technology (NIST) is tackling this threat with two new projects.

  • Strengthening U.S. cybersecurity capabilities by bolstering cyber defense, deterrence

    Top officials from the Defense Department and the intelligence community told a Senate panel that defense and deterrence are two of the highest priorities for bolstering the nation’s cybersecurity capabilities. Director of National Intelligence James R. Clapper said that for the third year in a row, cyberthreats headed the list of threats reported in the annual National Intelligence Worldwide Threat Assessment. “Although we must be prepared for a large Armageddon-scale strike that would debilitate the entire U.S. infrastructure, that is not … the most likely scenario,” Clapper said. Rather, the primary concern is low- to moderate-level cyberattacks from a growing range of sources that will continue and probably expand, adding that in the future he expects to see more cyber operations that manipulate electronic information to compromise its integrity, as opposed to deleting or disrupting access to it.

  • DHS S&T awards $10.4 million in mobile security research contracts

    The mobile technology industry has continuously expanded with new devices and apps, allowing people to simplify how and where business is conducted. While increasing the use of mobile technology can enhance productivity, improved security is needed to ensure that sensitive information is not at risk to current and emerging cyber threats. DHS S&T the other day announced $10.4 million in cybersecurity Mobile Technology Security (MTS) research and development (R&D) awards to enhance the security of mobile devices for the federal government.

  • Federally funded network anomaly-detection technology licensed to Ernst & Young

    The Transition to Practice (TTP) program, established in 2012 as part of S&T’s Cybersecurity Division, looks to transition federally funded cybersecurity technologies from the laboratory to enterprise consumers. S&T the other day announced that the PathScan technology, a network anomaly-detection tool developed by Los Alamos National Laboratory, has been licensed to Ernst & Young LLP (EY).

  • U.S. should promote international cybersecurity standardization: Interagency report

    A new draft report by an interagency working group lays out objectives and recommendations for enhancing the U.S. government’s coordination and participation in the development and use of international standards for cybersecurity. The report recommends the government make greater effort to coordinate the participation of its employees in international cybersecurity standards development to promote the cybersecurity and resiliency of U.S. information and communications systems and supporting infrastructures. These efforts should include increased training, collaborating with private industry and working to minimize risks to privacy.

  • New tool to improve government computer network security

    Researchers have developed a computer network security tool to help government agencies, along with state and local governments. The software-based technology, known as the Network Mapping System (NeMS), discovers and characterizes computer networks. “It is important to know what you have on your networks, so that you can decide what best practices to apply,” says one of the researchers.

  • D.C.-area becoming the Silicon Valley of cybersecurity

    A recent string of multi-billion dollar cybersecurity acquisitions in the greater Washington, D.C. metro area has led to the region being seen as a major hotbed for the industry. Spending by the Department of Defense (DOD) and a number of federal agencies has led to big contracts for many in the region, fuelling much of the growth. As the DOD focuses more of its budget on cyber issues and defense, the market has grown. “The D.C./NoVA/MD area, also known as the Cyber Corridor, is becoming the Silicon Valley of security,” say the CEO of one cybersecurity firm.

  • Pentagon to invest in Silicon Valley tech startups to help develop advanced cyber solutions

    The Pentagon will begin to invest in Silicon Valley tech startups as part of the department’s plan to develop and acquire more advanced cyber solutions to secure the country and military’s digital infrastructure. The investments will be made through In-Q-Tel, a nonprofit strategic investing firm the Central Intelligence Agency launched sixteen years ago. In-Q-Tel does not invest in companies alone, but rather relies on traditional venture firms to partner and contribute the lion’s share of the funding, so having them on board is critical for the program’s success.

  • Computer engineers battle malicious bots

    Defending Web sites from malicious intruder bots is not unlike fighting viruses: neutralize them and they reinvent themselves, finding new ways to penetrate. IT security designers, however, still hold an advantage over some automated programs masquerading as people. To date, there are human abilities too complex to imitate. Exploiting that weakness is central to an Internet security technology developed by researchers who have come up with a new method for distinguishing humans from computers. Their next-gen CAPTCHA — a brief test that computer users must pass in order to access a Web site — requires viewers to identify text, but presents it in video animation rather than in the distorted, static letters users now identify and reproduce to gain admittance.