Cloud Computing, Cyber Security, IT Security, Security, Technology

Drones and cybersecurity Part 2: Solutions

Drones and cybersecurity part 1: The challenges we face and cybersecurity’s role,” we’ve heard of more incidents of drones flying around and near airports, discussions about the exploding use of drones for official, commercial, and private use, …and a private drone crashing on the White House lawn. Safe to say the sense of urgency has ratcheted up quite a bit.

Conventional methods to detect and mitigate threats from drones are limited; radars either don’t detect drones or characterize them incorrectly (i.e. migratory birds). Additionally, if radar does detect the drone, it cannot mitigate the threat or identify the source. Clearly a comprehensive solution that finds and IDs the drone platform, mitigates the threat safely, and provides forensic evidence to government and law enforcement officials is necessary whether you’re protecting the Super Bowl, an airport, or a government facility.

As I mentioned last time, drones have onboard logic and communications channels, therefore the use of advanced cybersecurity platform protection techniques can be employed. Defense contractors and technology companies alike are developing cybersecurity solutions to address the aforementioned challenges. One approach that has been developed creates a “cyber fence” that employs the use of cyber defense techniques found on traditional IT networks, except it uses those techniques against platforms such as drones. This cyber fence can be integrated into other physical, electronic, and cyber defense mechanisms to offer full protection against this threat.

Read More

Cyber Security World Conference 2015 New York City, July 10, brings together information security experts and senior executives focused on protecting today’s enterprises from internal and external cyber attacks; the list of firms just keeps growing: Adobe, ADP, Citigroup, E*Trade, Fidelity, Home Depot, HSBC, JPMorgan Chase, Nasdaq, Neiman Marcus, Target and Wal-mart. Our experts will discuss strategies to strengthen corporate defenses, the cybersecurity framework, risks brought by mobile computing, lessons for the boardroom and protecting national infrastructure against foreign attacks. More information at http://cybersecurityworldconference.com.

Standard
Cloud Computing, Cyber Security, IT Security, Security, Technology

Cyber-attacks rising in Utah, likely due to NSA facility

Utah state officials have seen what they describe as a sharp uptick in attempts to hack into state computers in the last two years, and they think it related to the NSA data center south of Salt Lake City.

The increase began in early 2013 as international attention focused on the NSA’s $1.7 billion warehouse to store massive amounts of information gathered secretly from phone calls and emails.

“In the cyber world, that’s a big deal,” Utah Public Safety Commissioner Keith Squires told a state legislative committee this week.

While most of the attempts are likely innocuous, cyber experts say it is possible low-level hackers, “hactivists” unhappy with the NSA’s tactics, and some foreign criminal groups might erroneously think the state systems are linked to the NSA.

Read More

Cyber Security World Conference 2015 New York City, July 10, brings together information security experts and senior executives focused on protecting today’s enterprises from internal and external cyber attacks; the list of firms just keeps growing: Adobe, ADP, Citigroup, E*Trade, Fidelity, Home Depot, HSBC, JPMorgan Chase, Nasdaq, Neiman Marcus, Target and Wal-mart. Our experts will discuss strategies to strengthen corporate defenses, the cybersecurity framework, risks brought by mobile computing, lessons for the boardroom and protecting national infrastructure against foreign attacks. More information at http://cybersecurityworldconference.com.

Standard
Cloud Computing, Cyber Security, IT Security, Security, Technology

Why hackers are targeting the medical sector

A hack at Anthem, the second-largest health insurer in the country, exposed personal information about millions of employees and customers. But the attack is just the latest evidence that cybercriminals are increasingly targeting the medical sector where they can collect health information that can be sold for a premium on the black market.

“What we’ve seen in the last few years is that attackers have realized the economics of health-care data are very, very attractive,” says Lee Weiner, senior vice president at cybersecurity firm Rapid7.

Anthem said hackers collected several pieces of personal information about its employees and customers, including Social Security numbers, birthdays and street and e-mail addresses. But the hack also included medical information numbers, which can be among the most damaging types of stolen data and be used to commit medical fraud, according to security experts.

Complete health insurance credentials sold for $20 a piece on underground markets in 2013, according to Dell SecureWorks. That is 10 to 20 times more than a U.S. credit card number with a security code.

Read More

Cyber Security World Conference 2015 New York City, July 10, brings together information security experts and senior executives focused on protecting today’s enterprises from internal and external cyber attacks; the list of firms just keeps growing: Adobe, ADP, Citigroup, E*Trade, Fidelity, Home Depot, HSBC, JPMorgan Chase, Nasdaq, Neiman Marcus, Target and Wal-mart. Our experts will discuss strategies to strengthen corporate defenses, the cybersecurity framework, risks brought by mobile computing, lessons for the boardroom and protecting national infrastructure against foreign attacks. More information at http://cybersecurityworldconference.com.

Standard
Cloud Computing, Cyber Security, IT Security, Security, Technology

State-sponsored Chinese hackers reportedly suspected in Anthem breach

Hackers involved in the data breach at U.S. health insurer Anthem may have ties to the Chinese government, according to a news report.

Investigators see techniques used by a nation-state attacker, with China a leading suspect, reported Bloomberg Business. The news report cited information from three people close to the investigation, being conducted by the U.S. FBI and private cybersecurity firm Mandiant.

The investigation is in its early stages, but some of the software and techniques used in the Anthem attack are similar to other attacks used almost exclusively in the past by China, according to the Bloomberg article.

The personal information, including Social Security numbers and email addresses, of about 80 million people may be exposed in the breach, according to Anthem. Anthem has 37.5 million subscribers for its health plans, and more than 68 million people are customers of its affiliated companies under brands including Blue Cross and Blue Shield, Empire Blue Cross and Amerigroup.

Read More

Cyber Security World Conference 2015 New York City, July 10, brings together information security experts and senior executives focused on protecting today’s enterprises from internal and external cyber attacks; the list of firms just keeps growing: Adobe, ADP, Citigroup, E*Trade, Fidelity, Home Depot, HSBC, JPMorgan Chase, Nasdaq, Neiman Marcus, Target and Wal-mart. Our experts will discuss strategies to strengthen corporate defenses, the cybersecurity framework, risks brought by mobile computing, lessons for the boardroom and protecting national infrastructure against foreign attacks. More information at http://cybersecurityworldconference.com.

Standard
Cloud Computing, Cyber Security, IT Security, Security, Technology

EXCLUSIVE: OPM MONITORING ANTHEM HACK; FEDS MIGHT BE AFFECTED

The Office of Personnel Management is keeping a close eye on details emerging about a hack at the second biggest U.S. health insurer, Anthem Inc., which provides coverage to 1.3 million federal employees.

Anthem runs the Blue Cross-Blue Shield Service Benefit Plan, better known as the Federal Employee Program, or FEP, in many states, including Virginia, California and New York.

“OPM is closely monitoring the situation,” an agency spokesman told Nextgov. “Anthem informed OPM that it shut down the network in question and is working to ensure the security of its systems as it investigates the extent of the breach.”

When contacted by Nextgov on Thursday, Anthem officials were not ready to discuss the potential ramifications of the incident for current or former federal employee members.

In a statement, officials said intruders perpetrated “a very sophisticated attack” to break into Anthem’s systems, and the offenders “have obtained personal information relating to consumers and Anthem employees who are currently covered, or who have received coverage in the past.”

The affected database housed records on roughly 80 million customers and tens of millions of records were copied, according to The Wall Street Journal, which first reported the incident.

Read More

Cyber Security World Conference 2015 New York City, July 10, brings together information security experts and senior executives focused on protecting today’s enterprises from internal and external cyber attacks; the list of firms just keeps growing: Adobe, ADP, Citigroup, E*Trade, Fidelity, Home Depot, HSBC, JPMorgan Chase, Nasdaq, Neiman Marcus, Target and Wal-mart. Our experts will discuss strategies to strengthen corporate defenses, the cybersecurity framework, risks brought by mobile computing, lessons for the boardroom and protecting national infrastructure against foreign attacks. More information at http://cybersecurityworldconference.com.

Standard
Cloud Computing, Cyber Security, IT Security, Security, Technology

Army CIO unveils new IT strategy

Army CIO Lt. Gen. Robert Ferrell has released a set of ambitious IT modernization plans that seek to accelerate progress in key areas such as cybersecurity and cloud computing for the service’s more than 1.4 million network users.

The strategy includes bolstering the throughput of Army networks and delivering voice-over-IP technology, and it establishes a clear IT road map for the Army through the end of the decade. In unveiling the strategy at an AFCEA NOVA conference for defense IT executives on Feb. 4, Ferrell sought industry help on specific technological challenges, such as distributed cloud nodes and mobile solutions, and offered a timeline for vendors to follow.

The strategy, which stretches through fiscal 2021 and is dubbed the Army Network Campaign Plan, has five broad goals:

Read More

Cyber Security World Conference 2015 New York City, July 10, brings together information security experts and senior executives focused on protecting today’s enterprises from internal and external cyber attacks; the list of firms just keeps growing: Adobe, ADP, Citigroup, E*Trade, Fidelity, Home Depot, HSBC, JPMorgan Chase, Nasdaq, Neiman Marcus, Target and Wal-mart. Our experts will discuss strategies to strengthen corporate defenses, the cybersecurity framework, risks brought by mobile computing, lessons for the boardroom and protecting national infrastructure against foreign attacks. More information at http://cybersecurityworldconference.com.

Standard
Cloud Computing, Cyber Security, IT Security, Security, Technology

Army turns to commercial partners to keep ISR edge

Facing both shrinking research and development budgets and a need to adopt faster and more flexible ISR network technologies, such as software-defined networks (SDNs), the Army is now looking to its commercial partners for assistance in developing innovative solutions.

“We work closely with both internal — Army and [Department of Defense] — research facilities, as well as contractors from multiple fields supporting cyberspace,” said Lt. Col. Jackie Jones, a spokesman for the Advanced Concepts and Technology Directorate (ACTD) of Army Cyber Command in Fort Belvoir, Virginia. Jones said the decision to work in closer collaboration with commercial partners is being made out of necessity. “While DoD research facilities may expand the number of technologies they develop and evaluate, they are not growing in capacity at the same rate as the civilian marketplace.”

Jones noted that by forming close ties with industry, academic and other external R&D organizations, the Army hopes to achieve and maintain a thorough understanding of all emerging ISR network technologies. “Currently, not all cyberspace capability requirements from commanders can be accomplished with existing technologies,” he said. “As operations being conducted in and through cyberspace become more integrated within military operations … research and development into new capabilities will be necessary for the Army to stay at the leading edge of technology with respect to our adversaries.”

Read More

Cyber Security World Conference 2015 New York City, July 10, brings together information security experts and senior executives focused on protecting today’s enterprises from internal and external cyber attacks; the list of firms just keeps growing: Adobe, ADP, Citigroup, E*Trade, Fidelity, Home Depot, HSBC, JPMorgan Chase, Nasdaq, Neiman Marcus, Target and Wal-mart. Our experts will discuss strategies to strengthen corporate defenses, the cybersecurity framework, risks brought by mobile computing, lessons for the boardroom and protecting national infrastructure against foreign attacks. More information at http://cybersecurityworldconference.com.

Standard