• Senate bill would require minimum cybersecurity standards for Internet

    Senator Benjamin Cardin (D-Maryland) has introduced a bill that would require the U.S. government to work with the private sector to propose minimum standards for internet and cybersecurity safety; “Just as automobiles cannot be sold or operated on public highways without meeting certain minimum safety standards, we also need minimum Internet and cybersecurity safety standards for our information superhighway,” Cardin said

  • China's Huawei sets up U.K. cybersecurity center

    China’s top telecommunications equipment maker Huawei Technologies has seen its plans for global expansion crimped by national security concerns among foreign governments; the company hopes that its Cyber Security Evaluation Center, opened last month in Britain’s Banbury, will allay those fears

  • DHS slowly moving government's Internet traffic to secure networks

    It will take several more years for the U.S. government fully to install high-tech systems to block computer intrusions, a drawn-out timeline that enables criminals to become more adept at stealing sensitive data, experts say; DHS is responsible for securing government systems other than military sites, and the department is slowly moving all the government’s Internet and e-mail traffic into secure networks — known as Einstein 2 and Einstein 3 — which eventually will be guarded by intrusion detection and prevention programs

  • U.S. State Department disconnects its computers from government-wide network

    In response to the leaks published by WikiLeaks, the U.S. Department of States disconnected its computer files from the government’s classified network; by temporarily pulling the plug, the United States significantly reduced the number of government employees who can read important diplomatic messages; the network the Department has disconnected itself from is the U.S. Defense Department’s Secret Internet Protocol Router Network (SIPRNet), a system of dedicated and encrypted lines and servers set up by the Pentagon in the 1990s globally to transmit material up to and including “secret,” the government’s second-highest level of classified information; “Top secret” information may be shared electronically via the Joint Worldwide Intelligence Communications System (JWICS), another group of interconnected computer networks used by Defense and State to securely transmit classified information.

  • Defeating detector blinding attacks on quantum cryptography

    Quantum cryptography is a method to distribute digital encryption keys across an optical fiber; the protocol has been proven to be perfectly secure from eavesdropping; any differences between the theoretical protocol and its real-world implementation, however, can be exploited to compromise the security of specific systems; one form of attack on quantum cryptography is called a detector blinding attack — but Toshiba researchers show how such attacks can be rendered ineffective

  • DHS to set cybersecurity standards for some private networks

    A new law — “The Homeland Security Cyber and Physical Infrastructure Protection Act of 2010” — will empower DHS to set cybersecurity standards for some private networks that are considered critical infrastructure

  • Symantec: Stuxnet targeted Iran's uranium enrichment program

    Symantec says Stuxnet worm aimed to disrupt electrical motor controls, like those used by gas centrifuges to enrich uranium; Stuxnet, considered by many security researchers to be the most sophisticated malware ever, targeted Windows PCs that managed large-scale industrial-control systems in manufacturing and utility companies

  • Cybersecurity standard published to protect global critical infrastructure

    With industrial networks being increasingly connected to the hostile IT world, and the frequency and sophistication of malware growing exponentially, industrial stakeholders must act today to protect their critical systems; the International Instrument Users Association (WIB) releases comprehensive cybersecurity standard to protect critical industrial computers;

  • The time for cybersecurity contracting is now

    It is not just a fad: cybersecurity represented the largest request for funds in last year’s intelligence budget; it is an area for expansion government contractors cannot afford to pass up

  • Second round of CyberPatriot competition sees 80 teams advance

    CyberPatriot, an education initiative produced by AFA to inspire students to consider science, technology, engineering, and mathematics fields in their studies, completed a second round of competition; nearly 400 teams registered in the All-Service Division, and approximately 80 teams scored high enough to compete again come 4 December; teams raced against time and their opponents quickly to find and effectively correct vulnerabilities in a virtual network

  • Cybersecurity bill not likely to pass this year

    In an effort to give the president the power to combat any pending or existing cyber threat that could threaten critical infrastructure around the country, some lawmakers are looking to pass a new legislation that would give the president power to shut down some sections of the Internet during an attack or under the threat of an attack; the bill is not likely to pass in the Congress

  • Cybersecurity only bright spot among disappointing administration privacy grades

    The Electronic Privacy Information Center (EPIC) gave the Obama administration a “B” grade on its cybersecurity efforts; the 2010 report card shows declining grade — relative to 2009 — for the administration efforts in the cyber privacy areas; EPIC gave President Obama a dismal “D” on civil liberties in 2010, compared to a “C+” in 2009

  • Millions in cybersecurity money go to the usual suspects

    Both the U.S. and U.K. governments committed themselves to spending millions of dollars on enhanced cybersecurity — but industry insiders say that most of the money will not be used to buy innovative security solutions from start-ups, but rather go to the usual suspects; one insider says: “in the U.S., money gets spent on the vendors who spend millions lobbying Congress”

  • U.K. opens cybersecurity test range to test critical networks

    The U.K. Ministry of Defense has opened a cybersecurity test range, where utilities and banks can pit their networks against human hackers and computer viruses

  • GAO: U.S. slow to implement president's cyber security strategy

    In May 2009 President Obama outlined his cyber policy strategy; a year and a half later, much of that strategy is yet to be implemented; a GAO report reveals that officials are making slow progress on all but two of the twenty-four specific goals highlighted in the president’s strategy