Items tagged with cybersecurity

It should strike no one as a surprise at this point that the US and China have a bit of a strained relationship when it comes to trust. Both have accused each other of cyber offenses, and likewise, neither has much faith in the products it sources from the other. Post-Snowden, the situation has only become worse. That leads us to this point, where China is demanding that American companies that sell software products to Chinese banks must hand over their source code to be reviewed. And, it gets even better. China also wants these same companies to begin using Beijing-sanctioned algorithms in lieu of their preferred algorithms. Flickr: Yves Doutreligne This all boils down to the absolute lack... Read more...
Most of the time, when we hear about data breaches, it's because companies have either been compromised or failed to properly protect data. This time around, however, it's the United Postal Service in the limelight. Data on as many as 800,000 employees may have been stolen along with data on customers who called the USPS' various call centers between January and August of this year. USPS spokesperson David Partenheimer told Reuters that "The intrusion is limited in scope and all operations of the Postal Service are functioning normally." What appears to set this attack apart from most other intrusions is that the attackers apparently weren't interested in either identity theft or credit card... Read more...
It appears that hackers were able to breach the White House’s unclassified computer network, used by employees of the Executive Office of the President, according to anonymous White House officials. The breach has led to temporary disruptions to some of the services as cybersecurity teams work to contain the incursion. "In the course of assessing recent threats we identified activity of concern on the unclassified EOP network,” said a White House official. “Any such activity is something that we take very seriously. In this case we took immediate measures to evaluate and mitigate the activity.” The official continued, “Our actions are ongoing and some of our actions... Read more...
Zero-day exploits are a nightmare for end-users and vendors alike as both groups have to scramble to patch and resolve problems. Today, Microsoft got tagged with one of the worst types of disclosures -- not only is there a vulnerability in every single shipping version of Windows, the vulnerability has been exploited for years by a team of Russian hackers, codenamed Sandworm. According to the iSight Partners, the Sandworm Team has been caught seeking data on the Ukrainian crisis (further undercutting the idea that the crisis in that state was anything but a Russian operation -- if such evidence were still needed), data on Western European governments, and other issues related to diplomacy, telecommunications,... Read more...
News is out today of a survey from video advertising platform Ebuzzing claiming that it would cost an average of E140 per year per UK citizen to pay for an ad-free Internet and that the majority of users (98% of them, in fact) would never, ever be willing to pay such fees. I'm not surprised by results like this -- if someone asked me "Would you pay $185 a year to avoid pop-up ads?" my first thought would be "No, I'd install Ad Block" or "No, I'd just avoid the websites that show obnoxious ads I don't want to see." According to Ebuzzing's results, that's precisely what most of its respondents do. There is, however, a more interesting facet to this question. What would I pay to not be tracked online?... Read more...
Community Health Systems Inc revealed on Monday that personal had been stolen by hackers from its computer network. According to the U.S. Hospital operator, 4.5 million accounts were stolen that included patient names and addresses sometime in April and June. The 4.5 million people who were either referred to or received services from doctors affiliated with the service in the last five years were the ones affected by the attack. The attackers, according to Community Health, used malware and other technology to acquire the data from its system. The company, one of the largest hospital operators in the U.S. with 206 hospitals in 29 states, went on to say that the data stolen also included birth... Read more...
Over the past year, as criticism and anger have built over the NSA's numerous excesses and abuses of American civil rights, it's been easy to forget that underneath the justified anger, a genuine war has been raging. The NSA may have overreached in many respects, but that doesn't mean the government agency has invented problems from whole cloth -- and a new report drives that point home. According to the New York Times, top government officials have stated that Chinese hackers penetrated US government networks in March, potentially gaining access to thousands of dossiers on exactly which US citizens have applied for and been granted Top Secret clearance. The federal government did succeed in... Read more...
One of the most troubling facts that came out of Edward Snowden's disclosures last year was the degree to which the government has relied on National Security Letters to compel companies to reveal information about their clients without producing a warrant. Many NSLs were accompanied by non-disclosure orders that forbade the receiving company from revealing to the accused that their information had been demanded. Microsoft had previously gone to court over such tactics and today, the details of the company's strategic victory became public for the first time. Last year, the FBI demanded information on an unidentified Office 365 enterprise customer and included a non-disclosure requirement alongside... Read more...
Earlier this week, Apple released an updated set of legal guidelines spelling out exactly what it can and cannot access on your iDevice, what material it will turn over to the police, and under which circumstances it will surrender it. What's particularly interesting is the split response we've seen from different corners of the Internet. Everything Apple does tends to generate attention, but this particular set of announcements is getting a great deal of press -- and two very different narratives have emerged over what it means. Some readers and authors have reacted rather poorly to news that Apple can access user information even without knowing the passcode key. As my colleague, Rob Williams... Read more...
This sounds like the definition of a slippery slope: According to Reuters, the U.S. government is expanding its Internet traffic-scanning cybersecurity program to include more private sector workers, such as those at large banks, utility companies, and “key transportation” companies, and the NSA will use the Department of Homeland Security as a data-gathering middleman. The DHS will send the data on to certain telecommunication companies and cybersecurity firms for processing; those groups will aggregate certain statistics and report back to the government, which should keep some sensitive data veiled from federal eyes. This screening and data collection will be used to hunt for cybersecurity... Read more...
Amid increasing threats of cyber attacks by foreign forces, the White House is reportedly going to release an executive order intended to improve the nation's cyber defenses. Details of the directive are expected to be released during a briefing tomorrow morning at the U.S. Department of Commerce. According to The Hill, which claims to have spoken with two people familiar with the matter, the executive order would establish voluntary cybersecurity standards for businesses operating critical infrastructure. Government agencies, in turn, would be required to share information about potential threats with businesses. "It represents a huge challenge for our country. He has called on Congress to take... Read more...
After a NASA laptop containing sensitive, personally identifiable information was swiped from a locked vehicle in NASA’s Washington, D.C. headquarters parking lot on October 31st, NASA officials have banned employees from taking computers containing sensitive information from its facilities and are taking immediate steps to bolster device security. According to a BBC report, the stolen notebook was password protected but not encrypted, and NASA has warned its employees to be aware of phishing attacks as a result of the theft. In reaction to this latest loss, NASA’s chief information officer Linda Cureton has ordered that all of its computers must be encrypted. The agency has already... Read more...
There's a bill currently up for debate in the US House of Representatives that would give companies and government agencies the right to share information when issues of cybersecurity were at stake. If the first thing you thought after reading that was "Wait, don't we already do this," the answer is "Yes, we do." The Cyber Intelligence Sharing and Protection Act (CISPA) is drawing fire for certain provisions that drastically expand the definition of what data can be shared and for the way they handle existing data protections. At present, the government's ability to share data on its citizens is fairly restricted, insomuch as the various agencies must demonstrate cause and need. This has created... Read more...
First ... Prev 3 4 5 6 7