• NSA director: China and “one or two” other nations can damage U.S. critical infrastructure

    Adm. Michael Rogers, director of the National Security Agency and head of U.S. Cyber Command, told lawmakers yesterday that China and “one or two” other countries are capable of mounting cyberattacks which would paralyze the U.S electric grid and other critical infrastructure systems across the country. A cyberattacks of such scope has been discussed in the past – it was even dubbed a “cyber Pearl Harbor” – but Rogers was the first high official to confirm that such a crippling attack on the United States was not a mere speculation. Rogers said U.S. adversaries are conducting electronic “reconnaissance” on a regular basis so that they will be well-positioned to damage and disrupt the industrial control systems which run chemical facilities, nuclear power plants, water treatment facilities, dams, and much more.

  • New study shows people ignore online warnings

    You are your own worst enemy when it comes to online security. Say you ignored one of those “this Web site is not trusted” warnings and it led to your computer being hacked. How would you react? Would you: (A) Quickly shut down your computer? (B) Yank out the cables? (C) Scream in cyber terror? Researchers report that that for a group of college students participating in a research experiment, all of the above were true. These gut reactions (and more) happened when a trio of researchers simulated hacking into study participants’ personal laptops.

  • U.S. spends about $10 billion a year to protect the nation's digital infrastructure

    U.S. intelligence agencies have designated cyberattacks as the most alarming threat to national security. The federal government is spending roughly $10 billion a year to protect the nation’s digital infrastructure, but hackers, some sponsored by nation-states, are successfully infiltrating civilian and military networks.Professionals from DHS, the Pentagon, and private contractors all work together in U.S. cyber centers to detect, prevent, respond, and mitigate incoming and existing cyberattacks. Several of the U.S. top cybersecurity labs are housed in nondescript office buildings with no government seals or signs.

  • More companies adopt active defense to thwart hackers

    Some U.S. companies are beginningto counter-hack cybercriminals by using intelligence shared within industry circles. Federal officials have not openly endorsed active defense, but measures like tricking hackers into stealing fake sensitive data, then tracking its movements through the Web, are gaining support. Some firms have gone as far as hacking alleged criminals’ servers. “The government is giving ground silently and bit by bit on this [active defense] by being more open,” said former National Security Agencygeneral counsel Stewart Baker. “I have a strong sense from everything I’ve heard. . . that they’re much more willing to help companies that want to do this.”

  • view counter
  • Software detects, eradicates viruses, other malware – and repairs the damage they caused

    University of Utah computer scientists have developed software that not only detects and eradicates never-before-seen viruses and other malware, but also automatically repairs damage caused by them. The software then prevents the invader from ever infecting the computer again. A3, for Advanced Adaptive Applications, is a software suite that works with a virtual machine — a virtual computer which emulates the operations of a computer without dedicated hardware. The A3 software is designed to watch over the virtual machine’s operating system and applications.

  • Security experts worry BlackEnergy technology could soon be available to bad non-state actors

    DHS a few days ago has issued a cyberthreat alert to critical infrastructure firms warning of the malicious software called BlackEnergy, a variant of a Trojan horse believed to have originated from Russian government-sponsored hackers. BlackEnergy is similar to another Russian issued malware called Sandworm, which was used in a 2013 Russian cyber-espionage campaign against NATO, the European Union, and overseas telecommunication and energy assets. DHS believes the attack on U.S. critical systems is “part of a broader campaign by the same threat actor.”

     

  • view counter
  • Differences between hacking, state-sponsored cyberwarfare increasingly blurred: Experts

    Cybersecurity officials say that there is an increasing similarity between hacking attacks and full-on cyber warfare, as digital infrastructures continue to grow and play a larger role in everyday life. “It’s not a clear, bright red line,” said Mitchell Silber, the executive managing director of K2 Intelligence, “It really is more murky, the difference between where a cyber criminal hack ends and where some type of state or state-sponsored event begins.”

  • U.S. government networks vulnerable despite billons spent on protecting them

    Experts say that cybersecurity has leaped over terrorism as the top threat to U.S. security, and with the awareness of the threat comes funding better to secure government systems. There are currently 90,000 information technology security professionals working for the government, 33 percent of them are contractors. The federal government is projected to hire more cyber professionals and spend $65 billion on cybersecurity contracts between 2015 and 2020, but today, federal cybersecurity officials are still struggling to keep sensitive data from hackers and cyber criminals. Some have warned of a “Cyber Pearl Harbor” — but Pearl Harbor was a surprise. No one in business or government today can continue to plead surprise when it comes to the possibility of cyberattack.

  • Information sharing is key in responding to cyberattacks

    Time is not your friend when your information systems are under cyberattack, but sharing threat information before, during, and after an attack with a trusted group of peers can help. Not only does it alert the other members of your community to a potential attack, it can provide critical actionable information to speed and bolster your own defenses. Participating in a formal information sharing group can greatly enhance an organization’s cybersecurity capabilities.

  • The best cyberdefense is cyber offense, some experts say

    In response to the surge in cyberattacks against the U.S. private sector, some firms are exploring “active defense” measures which they hope will send a message to hackers.Some cyber analysts say tougher defense will not deter new cyberattacks, and some sort of offensive action is needed. “I think you are morally justified for sure” in taking such actions, a former high DHS official says. “And I think the probability of being prosecuted is very low.” If a firm locates its stolen data and is capable of recovering it, “they would be crazy not to.”

  • Lapses in Heartbleed bug fix discovered

    First disclosed in April 2014, Heartbleed presents a serious vulnerability to the popular OpenSSL (Secure Sockets Layer) software, allowing anyone on the Internet to read the memory of systems that are compromised by the malicious bug. A detailed analysis by cybersecurity experts found that Web site administrators nationwide tasked with patching security holes exploited by the Heartbleed bug may not have done enough.

  • Is social media responsible for your safety during a disaster?

    By Andrew Quodling and Emma Potter

    Given the popularity of Facebook and Twitter, it is not surprising so many people use social media in crises such as floods, fires, and earthquakes. While social media can be a handy resource in crises, people must be careful not to take their access for granted during emergencies. Floods, fires, and earthquakes often disrupt the power and communications infrastructures that smartphones rely upon, as our access is constrained by the limitations of copper, fiber, hybrid, and cellular Internet technologies, and their vulnerability to the elements. Also, some questions about the features of tools such as Facebook’s Safety Check are yet to be answered persuasively. Still, such concerns notwithstanding, it is encouraging to see an organization such as Facebook taking responsibility for its users and entering the crisis communication space. A tool that helps family and friends during a crisis, and facilitates easy communication is a welcome development.

  • Mission Secure closes round of seed financing to commercialize cybersecurity technology

    Charlottesville, Virginia-based Mission Secure Inc. (MSi), a cyberdefense technology and solutions provider focusing on protecting physical systems and autonomous vehicles, last week announced it had recently closed its seed financing round led by Ballast Fund investors, a private equity firm and several high net worth angel investors.

  • FBI: Lawmakers should mandate surveillance “backdoors” in apps, operating systems

    FBI director James Comey said that the agency was pushing lawmakers to mandate surveillance functions in apps, operating systems, and networks, arguing that privacy and encryption prevent or disrupt some of the agency’s investigations. According to Comey, new privacy features implemented by Google and Apple in the wake of the Snowden revelations, automatically encrypt user communication and data, making it difficult for law enforcement to gather evidence and connect links among suspected criminals and terrorists.

  • Russian government hackers insert malware in U.S. critical infrastructure control software

    Investigators have uncovered a Trojan Horse named BlackEnergy in the software that runs much of the U.S. critical infrastructure. In a worst case scenario, the malware could shut down oil and gas pipelines, power transmission grids, water distribution and filtration systems, and wind turbines, causing an economic catastrophe. Some industry insiders learned of the intrusion last week via a DHS alert bulletin issued by the agency’s Industrial Control Systems Cyber Emergency Response Team(ICS-CERT). The BlackEnergy penetration had recently been detected by several companies. Experts say Russia has placed the malware in key U.S. systems as a threat or a deterrent to a U.S. cyberattack on Russian systems – mutual assured destruction from a cold war-era playbook.