From Cnet (Elinor Mills)
The security of U.S. networks is in such disarray that the Pentagon has spent $100 million in the last six months alone to repair damage done by cyber attacks. That huge number presumably includes cleaning up after external attacks, viruses and internal problems.
Browsing Category: Government
From Cnet (Elinor Mills)
The received wisdom in the security industry is that trying to qualitatively assess the security of a given piece of software is an incredibly difficult task. Some of the sharpest minds in software security–Gary McGraw, Brian Chess and Michael Howard among them–have spent years trying to nail down a framework for this task, with varying degrees of success. Not to worry, though. As Eric Rescorla writes, the government has now joined the fray with a proposal to develop standards for software security.
A bill introduced in the Senate on Wednesday would make major changes to the way that cybersecurity is handled both within the government and in the private sector, including giving the federal government more control over private networks.
Federal legislators are working on a bill that would make major changes to the way that both government and private networks are protected. The Washington Post reports that the legislation not only will include more enforcement for regulations, but also will push for a federal cybersecurity czar to be stationed in the White House, a measure that security experts have been recommending for years.
In the next few weeks President Barack Obama will be handed a report detailing the country’s cybersecurity defenses and laying out what’s needed to protect America’s technology resources from hostile nations and organized crime groups.
As a result of some tremendous work done by researchers at the University of Toronto, we now know that there is an enormous network of compromised machines in more than 100 countries around the world, many of them in government agencies, embassies and other sensitive locations.
By Kim Zetter, Wired.com
U.S. authorities are investigating the possibility of indicting and extraditing an Israeli man [wired.com] accused of hacking into Canadian banks as part of a credit and debit card scam that may also have affected two American banks. Ehud Tenenbaum has been in Canadian jail since last year and now U.S. law enforcement officials are looking into whether he was responsible for an attack on two U.S. banks that netted about $10 million.
USB Malware Mess – Fri, November 28, 2008
The boys explain the latest news around Lenovo distributing a malware-infected driver software and the network worm that forced the U.S. military to ban the use of USB drives and other forms of removable media.
By Byron Acohido (LastWatchdog.com)
If President Obama thinks fixing the broken U.S. economy is a challenge, and ending the ground wars in the Middle East a conundrum, wait until he gets around to tackling cybersecurity.
Obama must reverse the abject lack of any sort of meaningful coordinated defense against intensifying and overlapping cyber attacks [lastwatchdog.com] on U.S. citizens, businesses, schools, hospitals, governments and military from unseen enemies.
Despite what you may have seen on 24 or read in Tom Clancy’s novels, the United States is well behind much of the rest of the world in developing both defensive and offensive cybersecurity capabilities, and that’s a deficit that may end up costing us dearly in the long run, according to a longtime government security expert.