Cybersecurity

Internet Access: A Chokepoint for Development

In the 1980's internet connectivity meant allowing general public to communicate and share knowledge and expertise with each other instantly and where it was not possible otherwise. Take the story of Anatoly Klyosov, connecting Russia to the western world for the first time in 1982, as an example. A bio-chemist who was not allowed to leave the soviet territory for security reasons. The internet enabled him to participate in meetings with his counterparts at Harvard University, University of Stockholm and beyond. more

ICANN Gets an In-House Physical Security Operations Professional

ICANN has announced a new hire, Mark Jardina – an expert in global security and health and safety as Vice President of Security Operations. more

Russian Central Bank Announces Mandatory Cyber-Security Regulations for Domestic Banks

"Russian banks will be faced with a whole range of new regulations, and penalties for non-compliance, when it comes to cyber-security, according to the country's Central Bank," Eugene Gerden reported today in SC Magazine UK more

Clothing Retailer Eddie Bauer Confirms Point-Of-Sale Malware, All US, Canadian Stores Infected

In a press release yesterday evening, retailer Eddie Bauer confirmed a point-of-sale malware infection suspected by some sources as early as beginning of last month. more

Massive Cyberattack Aimed at Flooding .Gov Email Inboxes With Subscription Requests

"Massive Email Bombs Target .Gov Addresses," Brian Krebs writes in Krebs on Security: "Over the weekend, unknown assailants launched a massive cyber attack aimed at flooding targeted dot-gov (.gov) email inboxes with subscription requests to thousands of email lists." more

China’s QUESS and Quantum Communications

In mid-August China launched "QUESS" (Quantum Experiments at Space Scale), a new type of satellite that it hopes will be capable of "quantum communications" which is supposed to be hack-proof, through the use of "quantum entanglement". This allows the operator to ensure that no one else is listening to your communications by reliably distributing keys that are then used for encryption in order to be absolutely sure that there is no one in the middle intercepting that information. more

Chinese Cloud Vendors Benefitting from Home-Field Advantage While Expanding Globally

China's home grown firms are not only grabbing domestic businesses but also venturing to different countries across the world. On the other hand, foreign players face regulatory walls that make it difficult to tap businesses in China." Saibal Dasgupta reporting today in VOA more

Security Against Election Hacking - Part 2: Cyberoffense Is Not the Best Cyberdefense!

State and county election officials across the country employ thousands of computers in election administration, most of them are connected (from time to time) to the internet (or exchange data cartridges with machines that are connected). In my previous post I explained how we must audit elections independently of the computers, so we can trust the results even if the computers are hacked. more

Security Against Election Hacking - Part 1: Software Independence

There's been a lot of discussion of whether the November 2016 U.S. election can be hacked. Should the U.S. Government designate all the states' and counties' election computers as "critical cyber infrastructure" and prioritize the "cyberdefense" of these systems? Will it make any difference to activate those buzzwords with less than 3 months until the election? First, let me explain what can and can't be hacked. Election administrators use computers in (at least) three ways... more

Code Released by ‘Shadow Brokers’ Raises Alarming Concerns on Whether NSA Was Hacked

The release on websites this week of what appears to be top-secret computer code that the National Security Agency has used to break into the networks of foreign governments and other espionage targets has caused deep concern inside American intelligence agencies, raising the question of whether America's own elite operatives have been hacked and their methods revealed. more

Video: Interview with Jari Arkko at IETF 96 in Berlin

Would you like to understand the major highlights of the 96th meeting of the Internet Engineering Task Force (IETF) last month in Berlin? What were some of the main topics and accomplishments? How many people were there? What else went on? If so, you can watch a short video interview I did below with IETF Chair Jari Arkko. more

Australia’s First Online Census Halted Due to Multiple DDoS Attacks

The Australian Bureau of Statistics reports deliberate and "malicious" attacks from offshore, designed to sabotage nation's first online 2016 Census. more

Reports Provide Details on ‘Project Sauron’ Malware, Highly Advanced, Remained Hidden for 5 Years

"Security experts have discovered a malware platform that's so advanced in its design and execution that it could probably have been developed only with the active support of a nation-state," reports Dan Goodin in Ars Technica. more

Kazakhstan Using Malware Against Journalists, Political Activists, Lawyers

Journalists and political activists critical of Kazakhstan's authoritarian government, along with their family members, lawyers, and associates, have been targets of an online phishing and malware campaign believed to be carried out on behalf of the government of Kazakhstan, according to a new report by the Electronic Frontier Foundation (EFF). more

FBI Withheld Warning Democratic National Committee of Suspected Russian Role in Hack

Russian hackers believed to be affiliated with the Russian government continued to have access to Democratic Party computers for months during the critical phase in the U.S. presidential campaign, the sources have said. more