Facebook now has 1.15 billion users who share 4.75 billion content items such as comments, photos and status updates and send more than 10 billion messages each day. When added to other social media platforms such as Twitter, LinkedIn and Google+, the number of users is staggering. With so many people disclosing personal details and often unknowingly leaking confidential organizational information, social media has become the main platform for hackers to execute social media engineering attacks, phishing attacks and identity theft; social networking is now the main vehicle for spreading malware.
You may be away from the office, but you should never take a vacation from cybersecurity. Keep these in mind on your next trip.
1. No Expectation of Privacy: When planning for international travel, remember that individuals have no expectation of privacy, including issues such as interception of digital communications. The country’s officials may require you to decrypt or otherwise unlock mobile devices when entering the country and, as a guest in a foreign country, you are subject to its laws.
Think you know your way around the internet? Even the most seasoned web surfer makes mistakes, and new phishing and linkjacking techniques pop up all the time. This quiz will help you identify and address your own security weaknesses.
1. Mobile applications downloaded from major brand online stores are always safe.
2. When viewing a link to a website online or on your mobile device, the address or URL you see in the link is actually the website to which you’re being directed.
3. What your family does on social media could have a negative impact on your safety or your organization.
In the most recent U.S. defense guidance of January 2012, signed for emphasis by both the president and the secretary of defense, cyber was one of the few areas that received both emphasis and increased funding—no small feat in the current budget environment. Part of that emphasis and increased funding goes to the intelligence community to support the cyber domain. Such support requires an expansion of the intelligence mission set, new processes and tools, and new interfaces to the operational community now emerging to command and control the cyber domain.
Intelligence needs cyber, and cyber needs intelligence. How they can function symbiotically is a less clear-cut issue, with challenges ranging from training to legal policy looming as government officials try to respond to a burgeoning cyber threat.
The cyber threat is growing, and the defense and homeland security communities must strive to keep up with new ways of inflicting damage to governments and businesses. Many experts believe the cyber threat has supplanted terrorism as the greatest national security issue, and new technologies are only one avenue for blunting the menace. Intelligence must expand its palette to identify and detect cyber threats before they realize their malicious goals.
Biometrics is on the verge of becoming more pervasive than ever in everyday life, setting the stage for personal identifiers to take the place of other common security measures. The expansion mirrors increased usage in fields such as military operations, citizen enrollment and public safety.
U.S. Army researchers are developing a software program that will provide signal corps officers will an improved common operating picture of the network, enhance the ability to manage the plethora of electronic systems popping up on the modern battlefield, advance information sharing capabilities and allow warfighters to make more informed and more timely decisions. In short, the system will assist in planning, building, monitoring and defending the network.
This is an important question for a number of reasons. Popular media often talk about the growing shortage of skilled cybersecurity workers needed to fill critical open positions both in government and the private sector. This is true, but employers need specific details on the work force so they can make informed decisions about whom to hire and potential employees need to know what to study to position themselves to be hired.
Recent insider security breaches have put increased scrutiny on the U.S. intelligence community’s cloud computing plans. But cloud computing initiatives remain unchanged as the technology is expected to enhance cybersecurity and provide analysts with easier ways to do their jobs in less time.
The Arab Spring, which rose from street-level dissent to form a mass movement, might not have come as a surprise to intelligence agencies if only they had been able to read the tea leaves of social media. The characteristics of social media that differentiate it from other messaging media are compelling intelligence officials to change the way they derive valuable information from it. As a result, experts are calling for the creation of a new discipline that represents a separate branch of intelligence activity.
The first step toward an enterprisewide information environment is taking place on desktops belonging to personnel with the National Geospatial-Intelligence Agency (NGA) and the Defense Intelligence Agency (DIA). Deployment has begun for the Intelligence Community Information Technology Enterprise, or ICITE, which aims to provide a common computing environment based on cloud technology (see SIGNAL Magazine articles Managing Change in the Intelligence Community and Intelligence CIOs Teaming for Change from October 2012).
Do you ever find yourself trying to reconcile with your environment? That is where I am now with regard to national security and reaction to leaks and programs designed to protect against terrorist threats.
In 2010, Julian Assange and his WikiLeaks organization got themselves on the world stage by publishing large volumes of classified documents, many provided by Pfc. Bradley Manning, USA, an intelligence analyst. At that time, and since, both Assange and Manning have been held up as villains by some and as heroes and whistle-blowers by others.
Officials at Auburn University, Auburn, Alabama, are developing a program that allows students from any academic discipline to work closely with the U.S. intelligence community in a variety of actual national security-related problems. The university is on track to begin offering a minor in intelligence analysis in the relatively near future and a major in the next five years.
In the next few years, usernames and passwords could gradually fade from popular use as a way to conduct business online. A public/private coalition is working on a new policy and technical framework for identity authentication that could make online transactions less dependent on these increasingly compromised identity management tools. A second round of federal grants from the group, expected this fall, will lead to continued work on what is expected to become a private sector-operated identity management industry.
NATO officials are laying the groundwork for a centralized enterprise networking architecture with invitations to bid expected to be released by year’s end. The new approach is expected to offer a number of benefits, including cost savings, improved network reliability, enhanced cybersecurity and greater flexibility for warfighters.
In his June interview with SIGNAL Magazine, Gen. Keith B. Alexander, USA, commander of the U.S. Cyber Command and director of the National Security Agency/Central Security Service, advocated bringing together the signal community, signals intelligence and the cyber community. In that interview, he said, “We need to think of ourselves not as signals, not as intelligence, not as cyber, but instead as a team that puts us all together.”
The U.S. Army Signal Corps is expanding the work its personnel conduct while dealing with technology and operational challenges that both help and hinder its efforts. On the surface, Army signal is facing the common dilemma afflicting many other military specialties—it must do more with fewer resources.
As a part of its ongoing efforts to protect critical national infrastructure, the Obama administration has been actively working on making government computer networks more robust and resistant to cyber attack. To do this, the White House has looked internally at federal agencies to put into place new metrics and policies to improve their security stance and externally, reaching out to foreign governments to set up international accords on cyber espionage, a top administration official said.
The U.S. Defense Advanced Research Projects Agency is developing new control software to reduce the vulnerability of unmanned systems to cyber attack. This effort is relying on new methods of software development that would eliminate many of the problems inherent in generating high-assurance software.
Unmanned vehicles suffer from the same vulnerabilities as other networked information systems. But, in addition to their data being co-opted, unmanned systems can be purloined if adversaries seize control of them. This problem also applies to human-crewed systems with computer-controlled components.