More than 50 percent of the video surveillance data the federal government collects is not being analyzed. This fact may not be surprising since cameras appear to be everywhere these days, and the amount of data they gather is so huge it’s unwieldy. But MeriTalk, the public-private partnership that conducted a survey of 151 federal decision makers, likens this situation to government agencies seeing only half a movie: They would have challenges following the plot and leveraging the information to achieve the goal—improved security.
Some of the hackers who have persistently attacked Lockheed Martin’s networks have “gone quiet” in recent months, officials told reporters yesterday at an Arlington, Virginia, media summit hosted by the company’s recently restructured Defense and Intelligence Solutions division. “We’ve seen a number of the adversaries—I wouldn’t say they’ve disappeared—but they’ve gone quiet,” said Darrell Durst, Lockheed Martin’s vice president, cyber solutions. “I think we have been able to counter a number of the adversaries relative to our networks.”
The National Institute of Standards and Technology (NIST) primary external advisory board today announced a report calling for the agency to increase its staff of cryptography experts and to implement more explicit processes for ensuring openness and transparency to strengthen its cryptography efforts. In making its recommendations, the Visiting Committee on Advanced Technology (VCAT) specifically addressed NIST’s interactions with the National Security Agency (NSA).
Lawrence Livermore National Laboratory, Los Alamos National Laboratory and Bechtel BNI are joining forces to a new class of cyberdefense professionals to protect the nation’s critical digital infrastructure. The Bechtel-Lawrence Livermore-Los Alamos Cyber Career Development Program is designed to allow the national labs to recruit and rapidly develop cybersecurity specialists who can guide research at their respective institutions and create solutions that meet the cyberdefense needs of private industry, which owns about 80 percent of the nation’s critical digital infrastructure and assets.
The National Security Agency (NSA) has selected five more schools for the National Centers of Academic Excellence (CAE) in Cyber Operations Program, which is designed to cultivate more U.S. cyber professionals. These schools are now designated as Cyber Operations CAEs for the 2014-2019 academic years:
Research on the state of cybersecurity of the U.S. critical infrastructure companies reveals that 67 percent have experienced at least one security compromise that led to the loss of confidential information or disruption to operations during the past year. In addition, 24 percent of a survey’s respondents said the compromises involved insider attacks or negligent privileged information technology users. Only 6 percent provide cybersecurity training for all employees.
Today the U.S. Defense Department released its strategy for countering weapons of mass destruction (WMD). This strategy will direct the department’s efforts to prevent hostile actors from acquiring WMD, contain and reduce WMD threats and ensure the department can respond effectively to WMD crises.
People with access to privileged data—such as health care records, sensitive company information, intellectual property or personal records—frequently put their organization’s sensitive information at risk, according to a new report by Raytheon Company. The survey report, “Privileged User Abuse & The Insider Threat,” finds that many individuals often are granted access to data and areas of the network not necessary for their roles and responsibilities. Furthermore, 65 percent of survey respondents indicated that curiosity—not job necessity—drives them to access sensitive or confidential data.
Key findings include:
High school students and teachers get to learn about the world of cybersecurity through Sandia National Laboratories' Cyber Technologies Academy (CTA), which offers free classes for those interested in computer science and cybersecurity.
The Department of Veterans Affairs (VA) remains plagued by decades-old problems of unreliable and vulnerable networks and computer systems, putting the veterans they serve at risk, according to a recent government report. Despite years of documented weaknesses, the VA still has failed to shore up vulnerabilities, according to the Government Accountability Office (GAO) report.
During the past six years alone, computer security incidents at the VA doubled, from 4,834 in 2007 to 11,382 in 2013, GAO investigators write. Incidents included unauthorized access, denial-of-service attacks, installation of malicious code and improper usage of computing resources, among others.
Middle and high school student teams from 14 states will gather next week for CyberPatriot, a culminating competition in which they will be tested defend computers against cyberattacks.
After months of preparation, the CyberPatriot event on March 28 will test students on their defensive measures and skills to trounce cyber and computer vulnerabilities, a much-needed emerging skill in the cybersecurity industry.
The real challenge to keeping the homeland secure is dealing with the world's increasing complexity, Adm. Thad Allen, USCG, (Ret.), executive vice president of Booz Allen Hamilton and former commandant of the U.S. Coast Guard, told the audience at the AFCEA Homeland Security Conference in Washington, D.C., on Monday during his luncheon keynote address.
Every year in the January issue, SIGNAL Magazine introduces a new columnist for its Incoming opinion column. Next year’s columnist, Lt. Gen. Daniel P. Bolger, USA (Ret.), picked a timely topic for his first column. He worries that with social media posts, warfighters and civilian military employees “merrily are doing the work of a million foreign spies.” Gen. Bolger warns of a broad trend toward posting too much information in social media.
Supervisory control and data acquisition (SCADA) systems face numerous threats from cybermarauders coming at them from any of a number of directions. Some systems could suffer malware attacks even though they are not the intended targets, according to a leading security expert.
Eugene Kaspersky, chief executive officer and co-founder of Kaspersky Lab, described the threat to SCADA systems to the audience at the AFCEA Global Intelligence Forum in the National Press Club in Washington, D.C. Kaspersky described several SCADA attacks that already occurred and warns of new potential vulnerabilities.
The most damaging cyber attacks possible are among the least likely to happen, because the powers capable of undertaking them are unlikely to launch them, according to an expert with the Office of the Director of National Intelligence (ODNI). Sean Kanuck, national intelligence officer for cyber issues at the National Intelligence Council, ODNI, told the audience at the second day of the AFCEA Global Intelligence Forum in the National Press Club in Washington, D.C., that cyber attack capability need not translate to immediate threat.
A “digital Pearl Harbor Armageddon” that inflicts catastrophic damage on the United States is not likely soon or in the foreseeable future. The worst cyber attack that could be expected would have less of an effect for a shorter period of time, said an expert with the Office of the Director of National Intelligence (ODNI).
Sean Kanuck, national intelligence officer for cyber issues at the National Intelligence Council, ODNI, told the audience at the second day of the AFCEA Global Intelligence Forum in the National Press Club in Washington, D.C., that predictions of destruction that would bring the United States to its knees are unnecessarily pessimistic and unlikely to materialize.
Democracy has only 20 years left to live if an effective means of digital identification is not developed before that deadline. As young people growing up with social media reach voting age in increasing numbers, they will lead a major shift to online voting. A lack of identity security will throw open the gates to massive voter fraud that will destroy the fidelity of elections, and with it, true representative government.
One of the world’s leading experts on cybersecurity calls cyber sabotage attacks “the worst innovation of this century.” Cyberweapons have become too dangerous, and cyberattack can lead to visible and important damage to the critical infrastructure or telecommunications. And, attribution is almost impossible.
The most serious national security threat looming in cyberspace may be the potential for vital data to be altered by cybermarauders, according to a cyber expert with the Office of the Director of National Intelligence (ODNI). Speaking to an attentive audience at the AFCEA Global Intelligence Forum in the National Press Club in Washington, D.C., Sean Kanuck, national intelligence officer for cyber issues at the National Intelligence Council in the ODNI, admitted that the threat to data integrity keeps him awake at night.
Resistance to change may prove to be the biggest impediment to information sharing among the cyber intelligence community. Both government and industry must break out of their existing paradigms to share cyber intelligence that may prove vital to national security.
Panelists on the second day of the AFCEA Global Intelligence Forum in the National Press Club in Washington, D.C., outlined some of the cultural obstacles that hold back information sharing. In the intelligence community, the conflict is the traditional need to know versus the new need to share.