Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Connected Government: How to Build and Procure Network Services for the Future
- Continuing Diagnostics and Mitigation: Discussion of Progress and Next Steps
- Federal Executive Forum
- Federal Tech Talk
- The Intersection: Where Technology Meets Transformation
- Maximizing ROI Through Data Center Consolidation
- Moving to the Cloud. What's the best approach for me
- Navigating Tough Choices in Government Cloud Computing
- The New Generation of Database
- Satellite Communications: Acquiring SATCOM in Tight Times
- Transformative Technology: Desktop Virtualization in Government
- Value of Health IT
Shows & Panels
National Security Correspondent J.J. Green has traveled three continents covering intelligence, terrorism, and security issues. From Afghanistan to Africa, Iraq to Ireland, there isn't anywhere J.J. won't go, nor anyone he won't talk with, to get the stories affecting the cyber security community.
The Department of Defense recognizes that it and American companies are prime targets for hackers, whether they be a nation-state or individuals. So it's put in place an operating strategy. That strategy is comprised of 5 elements: 1) a defensible architecture; 2) global situational awareness and a common operating picture; 3) a concept for operating in cyberspace; 4) trained and ready cyber forces; and 5) capacity to take action when authorized.
USCYBERCOM, according to testimony before Congress, is working on several elements to defend against cyber attacks. Those elements include tactics, techniques, and procedures, as well as policies and organizations. Officials say that also means turning plans into doctrine and training - and building a system that our Combatant Commanders can think, plan, and integrate cyber capabilities as they would capabilities in the air, land and sea domains. Cyber is different from all of them because it's mostly invisible.
Sen. Tom Carper (D-Del.), chairman of the Homeland Security and Governmental Affairs Committee, said Thursday the committee plans to mark up a bill on May 21 to give DHS more tools to hire cyber workers more easily.
As agencies strive to make legacy applications available on any device, NIST is providing help by developing metrics and focusing on portability.Listen
Congress will try again this session on cybersecurity legislation, but some of the problems that prevented it from passing the last several years are back again. Sen. Tom Carper (D-Del.), chairman of the Senate Homeland Security and Governmental Affairs Committee, talked to In Depth with Francis Rose about cyber legislation in his office on Capitol Hill today. He says the landscape looks a little different for the legislation this time around.Listen
California Attorney General Kamala Harris says her state has become a major U.S. target of cyber-crimes committed by outlaw groups with ties to Eastern Europe, China and Africa. As part of a broader report on international organized crime groups, Harris said about 17 percent of attempts to hack into major computer networks in the United States in 2012 were aimed at California.
Microsoft, is admitting it searched emails in a blogger's Hotmail account to track down who was leaking company secrets. John Frank, deputy general counsel for Microsoft, which owns Hotmail, said in a statement the software company ``took extraordinary actions in this case.'' But, In the future, he said, Microsoft would consult an outside attorney who is a former judge to determine if a court order would have allowed such a search.
PwC has released a new survey that indicates, cybercrime is the second most common type of fraud reported by financial firms, more than double the level across other industries. According to the report, 39 percent of financial services companies that suffered from economic crime last year said they had been hit by cybercrime, compared to 17 percent in other industries.
There's some new spyware that's been infecting hundreds of government computers in Europe and the United States. Several security researchers and Western intelligence officers, according to Reuters believe the malware, called Turla, is from the Russian government. They also think it's inked to the same software used in a U.S. military breach in 2008.
Chinese President Xi Jinping, according to the Associated Press, "has put himself in charge of a new body to coordinate cyber security, in a sign of Beijing's concern over its vulnerability to online attacks and its desire to retain tight control over the Internet." AP says Chinese state media reports the central Internet security and information leading group will draft policy for boosting the country's defenses, as well as expanding and improving Internet access.
The Mt. Gox bitcoin exchange in Tokyo filed for bankruptcy protection Friday and its chief executive said 850,000 bitcoins, worth several hundred million dollars, are unaccounted for. The exchange's CEO Mark Karpeles appeared before Japanese TV news cameras, bowing deeply. He said a weakness in the exchange's systems was behind a massive loss of the virtual currency involving 750,000 bitcoins from users and 100,000 of the company's own bitcoins. That would amount to about $425 million.
U.S. banks and retail groups say they are joining forces to work on cyber security, getting past recent finger pointing for data breaches. The Financial Services Roundtable, Retail Industry Leaders Association and several other trade associations said the new partnership would focus on sharing more information on cyber threats.
Utah lawmakers are sending mixed messages to the National Security Agency, which runs a massive data-storage warehouse outside of Salt Lake City. One proposal is calling for legislators not to collect utility taxes from the center. Meanwhile, another lawmaker wants to cut off water to the center, which uses more than 1 million gallons daily to cool its computer processers.
The Financial Industry Regulatory Authority is looking at the measures that Wall Street's brokerages take to protect their businesses and customers from cyber security threats. FINRA, which conducts periodic "sweeps," or targeted checks on Wall Street brokerages, says it is conducting the review, in part, because of the growing threat to information technology systems from "a variety of sources.
App River email and security experts says Bank of America customers have been targeted by a new virus campaign they're calling a Bredo virus. It comes in the form of phishing email that claiming to be from BofA and asking the recipient of download a security file. The main goal of this virus is to steal information such as banking info or recording keystrokes. The software may also have abilities to further infect a system by downloading more malware on to the machine.
How can you tell if your system has been compromised? Internet security firm Mandiant says there are numerous signs. Included are evidence of unauthorized use of valid accounts, trace evidence & partial files, command and control activity, known and unknown malware, suspicious network traffic, valid programs used for other purposes and files that have obviously been accessed by attackers. IT managers are reminded that threats can slip in undetected and lay dormant for long periods of time before striking.
How do you shop securely online. The Center for Internet Security says you should "know your online merchants. Limit online shopping to merchants you know and trust. Only go to sites by directly typing the URL in the address bar. If you are unsure about a merchant, check with the Better Business Bureau or the Federal Trade Commission to ensure its legitimacy. Confirm the online seller's contact information in case you have questions or problems. Use a credit card, not a debit card. Credit cards are protected by the Fair Credit Billing Act and may reduce your liability if your information is used improperly.
Devices such as smartphones and tablets are being used more and more often for online shopping and the Center for Internet Security is warning that means the volume of attacks against them will increase as well. The "center" says every time you download an app, you open yourself to potential vulnerabilities. Their advice is to research those apps you plan to download to verify their legitimacy. Update all apps when notified and disable Bluetooth and Near Field Communications when not in use to reduce the risk of your data, such as a credit card number, being intercepted by a nearby device.
Recently several large U.S. companies were hacked online and like other victims of similar attacks, they were not aware until well after the attack happened. In some cases it was months. Online security firm Mandiant says, often attacks are blamed on malware, but they say 46% of compromised machines have no malware on them. Mandiant says hackers can navigate through conventional safeguards easily leaving little or no trace.
With so much gloom and doom about Cyber vulnerabilities, the Rand Corporation has some good news. In his book Cyberdeterrence and Cyber war, Martin Libicki puts it into perspective --suggesting Cyberspace has its own laws; for instance, it is easy to hide identities and difficult to predict or even understand battle damage, and attacks deplete themselves quickly. But the overall message is… cyber war is nothing so much as the manipulation of ambiguity.