• CybersecurityU.S. adopts a more assertive cyber defense posture

    Recent cyberattacks and intrusions by hackers, operating alone or backed by nation-states, have prompted the Pentagon and DHS to reaffirm their commitment to upholding the reliability and integrity of America’s cyber network and the systems connected to it. Americans rely on the connected Web to deliver critical services such as water and electricity, and should the Web be breached by bad actors, the consequences could threaten national security. “If we look at cyberspace as a hostile environment and there are bad people out there who want to do bad things to us, it may cause a wholesale re-examination of the way we build our systems in the first place,” noted one expert.

  • CybersecurityCybersecurity firms hire former military, intelligence cyber experts

    Over the past two years, U.S. cybersecurity firms have brought in several former military and intelligence community computer experts to help combat hackers targeting the U.S. private sector. For the new private sector employees, the wages are higher and opportunities are endless. Hundreds of ex-government cybersecurity workers represent the competitive advantage of a cybersecurity services industry expected to bring in more than $48 billion in revenue next year, up 41 percent from 2012. “The people coming out of the military and the intelligence community are really, really good,” says a cyber startup founder. “They know the attackers. They know how they work.”

  • Data protectionDo you know where your data is?

    Bitglass, a data protection company, undertook an experiment aiming to gain better understanding of what happens to sensitive data once it has been stolen. In the experiment, stolen data traveled the globe, landing in five different continents and twenty-two countries within two weeks. Overall, the data was viewed more than 1,000 times and downloaded forty-seven times; some activity had connections to crime syndicates in Nigeria and Russia. “This experiment demonstrates the liquidity of breached data, underscoring the importance of discovering data breaches early,” said Nat Kausik, Bitglass CEO.

  • CybersecurityPolice department pays ransom after hackers encrypt department’s data

    Last December, cyberterrorists hacked into servers belonging to the Tewksbury Police Department, encrypted the data stored, and later asked for a $500 bitcoin ransom to be paid before department officials could regain control of their files. The attack is known as the CryptoLocker ransomware virus, and it points to a new frontier in cyberterrorism.

  • view counter
  • CybersecurityNew technology combats mobile malware attacks

    As mobile phones increase in functionality, they are becoming increasingly ubiquitous in everyday life. At the same time, these devices also are becoming easy targets for malicious activities.One of the primary reasons for such malware explosion is user willingness to download applications from untrusted sources that may host apps with hidden malicious codes. Once installed on a smartphone, such malware can exploit it in various ways. Researchers have developed simple but effective techniques to prevent sophisticated malware from secretly attacking smartphones.

  • PrivacyGuaranteeing online anonymity

    Anonymity on the Internet is possible only up to a certain degree. Therefore, it is possible that others may see who is visiting an online advice site on sexual abuse, or who frequently looks up information about a certain disease, for example. Seeing that this kind of private information can be linked to their identity, users will often resort to special online anonymization services. One of the most popular tools is Tor. “The Tor network isn’t perfect, however,” says a researcher at the Research Center for IT Security (CISPA). CISPA researchers have developed a program that can provide an accurate assessment of the level of anonymity an individual user achieves, even while basing the estimate on the fluctuations of the Tor network.

  • view counter
  • CybersecurityCyber researchers need to predict, not merely respond to, cyberattacks: U.S. intelligence

    The Office of the Director of National Intelligence wants cybersecurity researchers to predict cyberattacks rather than just respond to them, according to the agency’s Intelligence Advanced Research Projects Activity (IARPA) program. Current cyber defense methods such as signature-based detection “haven’t adequately enabled cybersecurity practitioners to get ahead of these threats,” said Robert Rahmer, who leads IARPA’s Cyber-attack Automated Unconventional Sensor Environment (CAUSE) program. “So this has led to an industry that’s really invested heavily in analyzing the effects or symptoms of cyberattacks instead of analyzing [and] mitigating the cause.”

  • Aviation securityAviation industry under-prepared to deal with cyber risk: Expert

    The aviation industry is behind the curve in terms of its response and readiness to the insidious threat posed by cyber criminality whether from criminals, terrorists, nation states, or hackers, according to Peter Armstrong, head of Cyber Strategy for Willis Group Holdings, the global risk adviser, insurance and reinsurance broker. Armstrong explained that the aviation industry’s under-preparedness is noteworthy in a sector that abhors uncertainty and works tirelessly to eradicate it.

  • Cybersecurity businessDHS S&T announces licensing of cyber security technology

    The other day, the Department of Homeland Security (DHS) Science and Technology Directorate (S&T) announced that technology from its Cyber Security Division Transition to Practice (TTP) program has been licensed for market commercialization. This is S&T’s second technology that has successfully gone through the program to the commercial market. The technology, Hyperion, developed by Oak Ridge National Laboratory, is a malware forensics detection and software assurance technology which has been licensed to R&K Cyber Solutions LLC, a Manassas, Virginia-based application development and cyber solution company.

  • CybersecurityGrants competition to improve security, privacy of online identity verification systems

    The National Institute of Standards and Technology (NIST) is launching a competition for a fourth round of grants to pilot online identity verification systems that help improve the privacy, security, and convenience of online transactions. The pilot grants support the National Strategy for Trusted Identities in Cyberspace (NSTIC), a White House initiative launched in 2011. NSTIC’s goal is to improve trust online through the creation of a vibrant “Identity Ecosystem,” in which individuals and organizations are able to better trust one another because they follow agreed-upon standards and processes for secure, privacy-enhancing and interoperable identity solutions online.

  • CybersecurityIdaho bolsters the state’s cyber defenses

    Idaho’s director of the Bureau of Homeland Security says that cyber threats remain the most important yet least understood risk to government and the private sector. He has announced plans to tackle that vulnerability in the state. The director of the Bureau says that cybersecurity will never be perfect, which makes it imperative for organizations like the Idaho Bureau of Homeland Security to focus on planning that incorporates not just defense, but also detection and the mitigation of damage that has already occurred.

  • CybersecurityCybercrime imposing growing costs on global economy

    A new report has found that the cost of cybercrime to the global community and infrastructure is not only incredibly high, but steadily rising as well. The study concluded that up to $575 billion a year — larger than some countries’ economies — is lost due to these incidents. The emergence of the largely unregulated, and unprotected, Internet of Things will make matters only worse.

  • CybersecurityFBI, DHS study threats against news organizations covering “The Interview” incident

    Last week, the FBI and DHS issued a joint intelligence bulletin to law enforcement agencies across the country urging them to remain vigilant, citing a series of threats against movie theaters that show “The Interview” and news organizations that continue to cover the incident between Sony Entertainmentand Guardians of Peace, the hacking group allegedly backed by North Korea. A Tennessee man has since emerged saying he issued the threat against the news organizations and that he was just “messing around,” but the FBI is trying to determine whether the threat to news organizations was indeed a hoax.

  • Sony hackingU.S. says evidence ties North Korea to Sony cyberattack

    U.S. intelligence agencies said they have concluded that the North Korean government was “centrally involved” in the attacks on Sony’s computers. This conclusion, which will likely be confirmed today (Thursday) by the Justice Department, was leaked to the media only hours after Sony, on Wednesday, canceled the Christmas release of the comedy — the only known instance of a threat by a nation-state pre-empting the release of a movie. Senior administration officials, speaking on condition of anonymity, said the White House was still debating whether publicly and officially to accuse North Korea of the cyberattack.

  • Sony hackingSony cancels Christmas release of “The Interview”

    Sony Pictures announced it has cancelled the Christmas release of “The Interview,” the a film at the center of a hacking campaign, after dire threats to moviegoers and a decision by major movie theater groups to cancel screenings in the United States. “Those who attacked us stole our intellectual property, private e-mails, and sensitive and proprietary material, and sought to destroy our spirit and our morale — all apparently to thwart the release of a movie they did not like,” the company said in a statement.