Shows & Panels
- AFCEA Answers
- Ask the CIO
- The Big Data Dilemma
- Carrying On with Continuity of Operations
- Connected Government
- Constituent Servicing
- Continuous Monitoring: Tools and Techniques for Trustworthy Government IT
- The Cyber Imperative
- Cyber Solutions for 2013 and Beyond
- Expert Voices
- Federal Executive Forum
- Federal IT Challenge
- Federal Tech Talk
- Mission-critical Apps in the Cloud
- The Path from Legacy Systems
- The Real Deal on Digital Government
- The Reality of Continuous Monitoring... Is Your Agency Secure?
- Veterans in Private Sector: Making the Transition
Shows & Panels
Search Tags: The Cyber Security Report
Homeland Security News is reporting that if hackers can steal a company's top-secret data, they can just as easily destroy a company's network. Richard Bejtlich, chief security officer for Mandiant, a cyber-security company, said not only are hackers getting into networks to steal huge amounts of intellectual property but they can also permanently erase data.
Cyber security advocates are frustrated that new legislation is caught between a rock and a hard place. It's stuck in contentious debates over government surveillance and the government shutdown. NSA's highly skilled cyber workers have been told to stay home, weakening the nation's ability to protect critical cyber infrastructure. Thousands of people with PHDs and math whizzes and thousands of computer scientists have been sitting idly at home.
Officials say that an advertising firm must immediately stop using its network of high-tech trash cans to track people walking through London's financial district. The City of London Corporation says it has demanded Renew pull the plug on the program, which measures the Wi-Fi signals emitted by smartphones to follow commuters as they pass the garbage cans.
Kelly Jackson Higgins wrote in her "Hacking The Adobe Breach" column, "At first glance, the massive breach at Adobe that was revealed last week doesn't neatly fit the profile of a pure cybercrime attack." She said not only did the bad guys steal customer data and payment info, but they also got ahold of the company's source code for Adobe's ColdFusion, Acrobat, and Reader software. Criminal investigators are looking into whether it was an accident or they deliberately went after the source code.
Recent revelations about secret U.S. surveillance programs could significantly impede progress on negotiations over new laws and regulations meant to beef up the country's defenses against the growing threat of cyber-attacks. Current and former cyber security officials say they worry the ongoing disclosures about secret National Security Agency spying programs by former NSA contractor Edward Snowden could trigger knee-jerk reactions by Congress or the private sector.
How does DHS detect and respond to malicious cyber activity. DHS also operates a cyber-information coordination center, the National Cybersecurity and Communications Integration Center (NCCIC), and several operational units. These units respond to incidents and provide technical assistance to information system operators. The NCCIC coordinates the information collected through these channels to create a common operating picture for cyber communities across all levels of government and the private sector.
How do you know if your computer is vulnerable to cyber-attack? USCERT The U.S. Computer Emergency Readiness Team. says many computers are sold with software already loaded. Whether installed by a computer manufacturer, operating system maker, Internet Service Provider, or by a retail store, USCERT says the first step in assessing the vulnerability of your computer is to find out what software is installed and how one program will interact with another. Unfortunately, it is not practical for most people to perform this level of analysis.
What is DHS's role in cyber security. DHS uses intrusion detection tools to monitor .gov network traffic for malicious activity and uses this resulting data to address cyber vulnerabilities. In addition, DHS issues bulletins and alerts that provide information on potential cyber threats. Last year, DHS issued more the 5,000 alerts and advisories, which it shared with various government, private sector, and critical infrastructure stakeholders; as well as the public.
Cyber criminals --what's their M.O.? USCERT says Attackers focus on exploiting client-side systems (your computer) through various vulnerabilities. They use these vulnerabilities to take control of your computer, steal your information, destroy your files, and use your computer to attack other computers. A low-cost way attackers do this is by exploiting vulnerabilities in web browsers. An attacker can create a malicious web page that will install Trojan software or spyware that will steal your information.
To promote cyber security practices and develop these core capabilities, DHS says it is working with critical infrastructure owners and operators to create a Cyber security Framework - a set of core practices to develop capabilities to manage cyber security risk. These are the known practices that many firms already do, in part or across the enterprise and across a wide range of sectors. The draft Framework will be complete in October.