Government

Politicians, security researchers and others involved in the fight against cybercrime often compare the situation to efforts to combat traditional organized crime. Some of the tricks and tactics are comparable, and so are the motives, but there’s one major difference between the two groups: Cybercriminals have virtually no fear of being caught. The chances of a cybercriminal being caught, prosecuted and actually serving time in prison are incredibly small, especially in relation to the volume of cybercrime activity occurring today.

VANCOUVER–When Peiter Zatko, the security researcher and pioneering hacker known as Mudge, joined the federal government several years ago to help run a DARPA research program, some in the security industry wondered what effect someone with his background could have in an organization as famously change-resistant and slow as the Department of Defense. As it turns out, the Cyber Fast Track program he started has been a huge success and though the CFT is ending in less than a month, the program may well serve as a model for other agile research programs inside the U.S. government. 

Google today revealed – if in vague terms – it last year received less than 1,000 “national Security letters” from federal authorities seeking financial and communications data on up to almost 2,000 individuals. The disclosure of such government requests marks a first for a major Internet service provider.

On Thursday the Chinese government, long considered the aggressor in highly publicized U.S. cyberattacks, publicly spoke about being the victim. Two of its military Web sites were attacked an average of 144,000 per month and two-thirds of those strikes came from the United States, according to a ministry spokesman.

SAN FRANCISCO–In the current climate of continuous attacks and intrusions by APT crews, government-sponsored groups and others organizations, cryptography is becoming less and less important and defenders need to start thinking about new ways to protect data on systems that they assume are compromised, one of the fathers of public-key cryptography said Tuesday. Adi Shamir, who helped design the original RSA algorithm, said that security experts should be preparing for a “post-cryptography” world.

Dennis Fisher talks with Anup Ghosh of Invincea about the recent wave of companies admitting to being hacked by APT groups, the difference between cyberespionage and cyberwar, what the government can do to encourage more intelligence sharing and whether compromised companies are spending enough time on attribution.

Representative Ed Markey (D-MA) is urging the Chairman of the House Committee on Energy and Commerce, Fred Upton (R-MI), to take immediate action toward passing the Grid Reliability and Infrastructure Defense (GRID) Act, which Markey calls a bipartisan bill aimed at hardening the nation’s electrical grid and critical infrastructure against cyberattacks.