• “Marked ghost imaging” offers enhanced security for data storage, transmission

    Ghost imaging” sounds like the spooky stuff of frivolous fiction, but it is an established technique for reconstructing hi-res images of objects partly obscured by clouds or smoke. Now researchers are applying the same idea in reverse to securing stored or shared electronic data. Their work establishes “marked ghost imaging” technology as a new type of multi-layer verification protocol for data storage or transmission.

  • A first: San Francisco to feature encrypted Wi-Fi service

    The Chief Information Officer (CIO) for the city of San Francisco has announced that the city will implement a small, free Wi-Fi spot within the city which will offer encrypted service and, it is hoped, usher in a new standard for other urban centers.

  • DARPA’s Cyber Grand Challenge aims to see fully automated network security systems developed

    There is an increasingly serious cybersecurity problem: the inadequacy of current network security systems, which require expert programmers to identify and repair system weaknesses — typically after attackers have taken advantage of those weaknesses to steal data or disrupt processes. Such disruptions pose greater risks than ever as more and more devices, including vehicles and homes, get networked in what has become known as “the Internet of things.” DARPA is addressing this problem, with teams from around the world starting a two-year track toward the world’s first tournament of fully automated network security systems. Computer security experts from academia, industry, and the larger security community have organized themselves into more than thirty teams to compete in DARPA’s Cyber Grand Challenge — first-of-its-kind tournament designed to speed the development of automated security systems able to defend against cyberattacks as fast as they are launched.

  • West Point wins Cyber Defense Exercise, launches Army Cyber Institute

    The U.S. Military Academy at West Point has won the annual Cyber Defense Exercise (CDX) which brought together senior cadets from the five service academies for a 4-day battle to test their cybersecurity skills against the National Security Agency’s (NSA) top information assurance professionals. West Point’s win comes just as the academy announced plans for its Army Cyber Institute(ACI), intended to develop elite cyber troops for the Pentagon.

  • British intelligence agency promotes cybersecurity education

    As part of its national cybersecurity strategy to “derive huge economic and social value from a vibrant, resilient, and secure cyberspace,” the United Kingdom will issue certifications to colleges and universities offering advanced degrees in cybersecurity. The British intelligence agency, Government Communications Headquarters(GCHQ), has notified various institutions to apply for certification by 20 June 2014. Students who complete the approved courses will carry a “GCHQ-certified degree.”

  • DHS repairing internal security operations

    Last week DHS announced plans to overhaul its security operations center (SOC), the organization which protects DHS’ internal networks, and deploy a Next Generation Enterprise Security Operations Center (NextGen ESOC) which will incorporate state-of-the-art SOC technologies, concepts, and capabilities to address future security needs.

  • Delaware launches cyber initiative

    Delaware is joining the number of states that have decided to invest in a statewide cybersecurity workforce to combat the growing threat of cyberattacks directed at both private and public institutions.Delaware hopes its cyber initiative will accelerate current efforts to develop a stronger cyber workforce. The Delaware Cyber Initiative proposes $3 million for a collaborative learning and research network in the form of part research lab, part business park, dedicated to cyber innovation.

  • Howard County, Md. attracts cybersecurity firms

    Howard County, Maryland boasts a growing presence of cybersecurity firms and specialists at a time when the industry is gaining attention. The proximity of the county to government agencies has helped cybersecurity firms gain federal contracts, and the proximity of large cybersecurity consumers like the NSA offers cybersecurity firms in Howard County a large pool of cybersecurity specialists to select from when NSA employees decide to shift to the private sector.

  • Washington, D.C. area leads nation in cybersecurity jobs

    The Washington, D.C metropolitan area had more than 23,000 cybersecurity job postings in 2013, making the region the leading destination for cybersecurity jobs, followed by the New York metro area with 15,000 cybersecurity job postings in 2013. On a state-by state basis, Virginia ranks second and Maryland ranks sixth, with Virginia reporting 25.1 cybersecurity job postings per 10,000 residents and Maryland posting 18.1 jobs per 10,000 residents.

  • Ukrainian computer systems attacked by sophisticated malware with "Russian roots"

    Ukrainian computer systems and networks have been targeted by at least twenty-two attacks launched by “committed and well-funded professionals” since January 2013, defense contractor BAE Systems found. BAE declined to identify the source of the attacks, but a German company said the espionage software has “Russian roots.” The malware design “suggests that attackers possess an arsenal of infiltration tools and bears all the hallmarks of a highly sophisticated cyber operation,” the BAE report said.

  • FERC orders development of physical security standards for transmission grid

    The Federal Energy Regulatory Commission (FERC) on Friday directed the North American Electric Reliability Corporation (NERC) to develop reliability standards requiring owners and operators of the Bulk-Power System to address risks due to physical security threats and vulnerabilities.

  • BGU startup Titanium Core wins Cybertition cyber security competition

    Ben-Gurion University of the Negev startup Titanium Core won the first Jerusalem Venture Partners (JVP)-sponsored Cybertition cyber security competition. Titanium Core uses a multilayered security approach to repel attacks on mission-critical systems, provide real-time attack information, and prevent threats from moving onto other computer systems. The company will receive $1 Million investment from JVP and space in the JVP Cyber Labs incubator, located in the cyber center in Beer-Sheva, adjacent to Ben-Gurion University.

  • Experts call for a new organization to oversee grid’s cybersecurity

    In 2013, U.S. critical infrastructure companies reported about 260 cyberattacks on their facilities to the federal government. Of these attacks, 59 percent occurred in the energy sector. A new report proposes that energy companies should create an industry-led organization to deflect cyber threats to the electric grid. Modeled after the nuclear industry’s Institute of Nuclear Power Operations, the proposed organization, to be called the Institute for Electric Grid Cybersecurity, would oversee all the energy industry players that could compromise the electric grid if they came under a cyberattack.

  • Collegiate cyber defense competition advances to regional finals

    Seven members of the University of Maine Cyber Defense Team will compete at the annual Northeast Collegiate Cyber Defense Competition at the University of New Hampshire in March. The team was one of nine out of a pool of fourteen schools that qualified for the regional competition. The competition simulates security operations for a small company. Teams must quickly familiarize themselves with network systems and software before beginning to defend against attacks while also providing customer service to users.

  • Latest cybersecurity threat: WiFi virus

    Researchers have shown for the first time that WiFi networks can be infected with a virus that can move through densely populated areas as efficiently as the common cold spreads between humans. The team designed and simulated an attack by a virus and found that not only could it spread quickly between homes and businesses, but it was able to avoid detection and identify the points at which WiFi access is least protected by encryption and passwords.