Microsoft has developed an ultra-secure version of Windows XP, with many settings locked down by default. But the hardened OS isn’t for sale to the general public; it’s made specifically for the military. Microsoft built the secure version of XP a few years ago at the direction of the Air Force, which had grown weary of the constant updates to other Windows versions and had just seen its network defenses abused in a pentration test by the National Security Agency.
Browsing Category: Government
A study conducted by the National Academy of Sciences found that the United States military needs to create an open, public dalogue to clarify its plans around using offensive weapons in cyberspace. The study also recommends that the military explain what offensive capabilities it has and how they might be used to counter conventional military attacks.
In case you’ve missed it, there’s been a lot of talking in Washington lately about the need for major changes to the way that information security is handled in the federal government as well as the private sector. So far that talk hasn’t led to much in the way of action, but that may be on the horizon, as lawmakers and members of the Obama administration continue to look at the problems facing the country’s critical infrastructure. A Senate hearing on Tuesday laid out, again, how critical the problem is and what experts believe should be done to fix it.
By Ozzie Diaz
There are those that would argue U.S. House Representative Pete Hoekstra is too connected. According to a recent article in a top security trade publication, Rep. Hoekstra sent tweets during his recent trip to Iraq. Some of the tweets included: “Just landed in Baghdad. I believe it may be first time I’ve had bb service in Iraq. 11th trip here.” and “Moved into green zone by helicopter Iraqi flag now over palace. Headed to new US embassy Appears calmer less chaotic than previous here.”
A bill set to be introduced in the Senate on Tuesday would make wholesale changes to the way that the federal government handles information security, including the establishment of a Nation Officer for Cyberspace, which would sit right below the president. According to a story on SearchCompliance.com, the bill, known as the Information and Communications Enhancement Act, also contemplates an overhaul of the controversial FISMA legislation.
Much of the talk at the RSA Conference last week centered on the lack of the unifying theme or big-time story that usually emerges to take over the show by mid-week. But there was, in fact, a major story, and it was the abject failure of the Obama administration, in the person of Melissa Hathaway, to deliver any concrete details on its plans to drag the country’s information security infrastructure out of the quagmire it’s been in for nearly a decade.
By George Hulme
In her much anticipated talk, acting senior director for cyberspace by President Obama, Melissa Hathaway generally reviewed what we already knew, and what has been previously reported when it comes to federal cyber security: The White House should coordinate IT security efforts; private sector needs to play a bigger role in securing cyberspace (hey, wasn’t this also the mantra for Richard Clarke’s National Strategy to Secure Cyber Space?); and a handful of agencies should be responsible for the security of federal computer networks.
Contrary to a number of media reports, as well as statements by other intelligence officials, Lt. Gen. Keith Alexander, the director of the National Security Agency, said on Tuesday that his agency is not interested in taking charge of the country’s cybersecurity efforts.
One of the more widely anticipated keynotes at the RSA Conference this week is the talk by Melissa Hathaway, who was in charge of the Obama administration’s recently completed review of the country’s information security standing. However it now looks unlikely that Hathaway will actually reveal any of the key findings or recommendations in the review during her talk on Wednesday afternoon at the conference.
The FBI has been using an in-house spyware program for several years to monitor the activities of suspected online criminals and hackers, according to recently released documents. The documents, obtained by Wired.com, show that the FBI was able to plant the program on target machines by encouraging their subjects to click on a link that silently installed the software.