The SIGNAL Blog

Gen. Michael Hayden, USAF (Ret.), former director of the CIA, indicated an astounding extent of Chinese cyber espionage and said he believes the Iranians are attacking U.S. banks with unsophisticated but pervasive cyber attacks.

Regarding the Chinese, Gen. Hayden said he believes the government solution to cyber espionage should be economic rather than cyber. “We have cyber espionage coming at us, and they’re bleeding us white. The reason the Chinese are doing this is economic. I think the government response should be economic. We can punish China in the economic sphere,” Gen. Hayden told the audience at the AFCEA Homeland Security Conference in Washington, D.C., on Wednesday.

He added that some believe we cannot punish China economically because the Chinese own too much U.S. debt. Gen. Hayden indicated he disagrees.

The general also said the U.S. engages in cyber thievery as well, but he indicated that it is more for security reasons than economic reasons. “We steal other people’s stuff, too. And we’re better at it. We’re number one. But we self-limit—we and a small number of other countries around the world, all of whom speak English,” Gen. Hayden said.

Regarding the Iranians, Gen. Hayden said the number of attacks on the U.S. banking industry has ballooned. “My sense is that we’ve seen a real surge in Iranian cyber attacks. The Iranians have committed distributed denial of service attacks against American banks. I’ve talked to folks in the game here, and they’ve reported to me there’s nothing sophisticated about the attacks, but they say they’ve never seen them on this scale,” Gen. Hayden revealed.

The National Institute of Standards and Technology (NIST) released a request for information on Tuesday, February 26, for the cybersecurity framework demanded by the recent White House executive order.

Speaking on the cybersecurity panel at the AFCEA Homeland Security Conference in Washington, D.C., on Tuesday, Jeff Voas, a NIST computer scientist, said he received his first briefing on the executive order about a week ago and NIST already has begun putting together working groups. The request for information process should be concluded in about 45 days. “We’re only a week or two into this,” Voas said.

The panel included Darren Ash, deputy executive director for corporate management and chief information officer for the U.S. Nuclear Regulatory Commission, which regulates the civilian use of nuclear power. Ash said that most nuclear power plants in this country were built decades ago in an analog environment, whereas more recent applications to build nuclear facilities are grounded in a digital environment.

“We know that cyber is important. What we expected and required of these licensees was to establish their plans on how to address cyber,” Ash said. “What’s important is what we do with it.” Recent nuclear license requirements have been accepted, he reported, and just this fiscal year, the commission has begun to inspect the cybersecurity capabilities to ensure they are meeting the requirements.

Richard Puckett, chief security architect for GE, argued that the term “cyber” is too vague, meaning different things to different sectors. To private sector clients, for example, cyber refers to protection of credit card numbers and other personal information, whereas government and military customers are more concerned with the cyber activities of other nation states and the protection of critical infrastructure.

Attacks on private email accounts are on the rise, but a simple added security layer could help keep your personal messages safe from hackers. Gmail account holders can download the Google Authenticator app for iOS or Android, which generates a numeric code for users to enter in addition to their passwords.

How does this help? It drastically reduces the risk of having your personal information stolen, because someone would need access to both your password and your phone to sign into your account.

With 2-step verification, you will sign into your email as usual using your password. You will then be prompted to enter a code, which will be generated by the Google Authenticator app. Simply input the code and access your emails. A new code will be generated each time.

If you're using a trusted computer, you can then check a box asking Google not to require a code again when you sign into that particular machine. Gmail will still ask for the code if you or anyone else tries to sign into your account from another computer.

The app can still send a verification code even if you don't have an Internet connection or mobile service.

Download the free app from the iTunes App Store or Google Play.

These sites are not affiliated with AFCEA or SIGNAL Magazine, and we are not responsible for the content or quality of the products offered. When visiting new websites, please use proper Internet security procedures.

Surfing the Web can be a pain on a smartphone or tablet, but the Feedly app helps you organize all your favorite blogs, news sites and YouTube channels in one convenient place.

The RSS news reader app from DevHD is a fast and stylish way to read and share content from sites. It transforms websites, making them easy to load and browse on a mobile device.

You can save articles across devices and share them with your friends on Facebook, Twitter and more.

Download the free app from the iTunes App Store for iOS or from Google Play for Android.

These sites are not affiliated with AFCEA or SIGNAL Magazine, and we are not responsible for the content or quality of the products offered. When visiting new websites, please use proper Internet security procedures.