Government

The U.S. and other advanced nations face a drastic cyber security skills gap. Attacks from sophisticated and unsophisticated attackers are on the rise, even as more and more companies and government agencies move more of what they do online to Web based services and the cloud. Of course, the skills gap requires a bottom-up rethink of the way that technology skills are taught at both the primary and secondary level. That’s no easy task in a decentralized and highly regulated education system such as the one that exists in the U.S. where resources are addressed more towards basic skill acquisition than to teaching advanced cyber skills. Still, the Obama Administration has put cyber security at the top of its domestic and military security agendas, and there’s some evidence of positive change. 

A British teenager believed to be the hacker TriCk, a founding member of TeaMp0isoN has reportedly been arrested after launching a denial of service attack against an anti-terrorism hotline in the UK.

Industrial control system vendor Koyo moved to fix vulnerabilities in its ECOM brand programmable logic controllers (PLCs) after researchers, in January, revealed that the devices were vulnerable to brute force password guessing attacks.

While much has been made of recent efforts to provide parity in prosecutions and punishments for cybercrimes across the 27-nation European Union, less has been said about how it may impact security researchers who use the same hacker tools to perform their work.

The U.S. Navy recently hired an outside contractor, Obscure Technologies, to develop computer forensics tools capable of analyzing network traffic and stored data on gaming consoles.

Corporate executives and other high value employees traveling abroad need to be on guard for attempts to compromise their mobile devices, and could even have their mobile phone compromised before they even disembark the plane following their arrival, according to security researcher Justin Morehouse. A thirst for intellectual property and trade secrets, and a bugeoning market of sophisticated mobile surveillance tools means that executives need to begin thinking and acting like spies in order to avoid being spied upon themselves, according to a presentation at the OWASP AppSec DC 2012 conference in Washington DC on Thursday.

Editor’s Note: This is the second of a two-part podcast with independent security researcher Chris Soghoian. In the first part of our podcast with independent security researcher Chris Soghoian, we talked about the way that the proliferation of “free” applications have forced consumers into the position of increasingly trading privacy for access to cool new Web sites and tools.