Cloud Computing, Cyber Security, IT Security, Security, Technology

State of the Union: Ready for bipartisan cyber action

This should be the year that significant bipartisan progress is made on cybersecurity legislation, with new laws set to pass on issues ranging from data breach notification to sharing sensitive cyber intelligence between the public and private sectors. In fact, since President Obama and Republican congressional leaders can’t agree on much else, cybersecurity action is moving to center stage.

Obama Tablet

When President Obama delivers his seventh State of the Union address tomorrow night, cybersecurity plans will be one of many topics – but cyber action is at the top of a short bipartisan “to do” list.

While many other proposals that will be championed by the President, such as free community college tuition and higher taxes on the wealthy, have grabbed recent news headlines in the run up to the annual State of the Union address, most agenda items are thought to be dead-on-arrival because of Republican congressional opposition.

However, after years of disagreements and dashed expectations regarding cybersecurity legislation, Republicans and Democrats are finally promising to work together on cyber measures to provide additional online protections for Americans.

Read More

Business, Cloud Computing, Cyber Security, Data Breach, Defense, Finance, IT Security, Security, Technology

Ex-Federal Cybersecurity Director Gets 25 Years for Child Porn

A former cybersecurity chief at the Department of Health and Human Services Timothy DeFoggi was sentenced to 25 years in prison on child pornography charges Monday, according to the Department of Justice. “Using the same technological expertise he employed as Acting Director of Cyber Security at HHS, DeFoggi attempted to sexually exploit children and traffic in child pornography through an anonymous computer network of child predators,” Assistant Attorney General Leslie Caldwell said in a statement.

A federal jury in the District of Nebraska convicted DeFoggi of child exploitation and conspiracy to distribute child pornography on Aug. 26. The 56-year-old was a member of a pornography website on the Tor network — a web browser that helps users remain anonymous online — from May 2012 until December 2012 when it was taken down by the FBI, according to the statement. He is the sixth person to be convicted in an ongoing federal investigation into three Tor-network-based child pornography websites, according to the DOJ.

Read More

Cyber Security, Defense, IT Security, Technology

U.S. suspects North Korea had help attacking Sony Pictures: source

According to Reuters, U.S. investigators believe that North Korea likely hired hackers from outside the country to help with last month’s massive cyberattack against Sony Pictures, an official close to the investigation said on Monday.

As North Korea lacks the capability to conduct some elements of the sophisticated campaign by itself, the official said, U.S. investigators are looking at the possibility that Pyongyang “contracted out” some of the cyber work. The official was not authorized to speak on the record about the investigation.

An entrance gate to Sony Pictures Studios is pictured in Culver City, California December 19, 2014. REUTERS/Mario Anzuoni

The attack on Sony Pictures is regarded to be the most destructive against a company on U.S. soil because the hackers not only stole huge quantities of data, but also wiped hard drives and brought down much of the studio’s network for more than a week.

Read More

Business, Cloud Computing, Cyber Security, IT Security, Security, Technology

FBI Won’t Stop Blaming North Korea for Sony Hack — Despite New Evidence

In spite of mounting evidence that the North Korean regime may not have been wholly responsible for a brazen cyberassault against Sony—and possibly wasn’t involved at all—the FBI is doubling down on its theory that the Hermit Kingdom solely bears the blame.

“We think it’s them,” referring to the North Koreans, an FBI spokesperson told The Daily Beast when asked to respond to reports from private investigators that other culprits were responsible. The latest evidence, from the cyberanalysis firm the Norse Corp., suggests that a group of six individuals, including at least one disgruntled ex-Sony employee, is behind the assault, which has humiliated Sony executives, led to threats of terrorist attacks over the release of a satirical film, and prompted an official response from the White House.

The FBI said in a separate statement to journalists on Monday that “there is no credible information to indicate that any other individual is responsible for this cyberincident.” When asked whether that left open the possibility that other individuals may have assisted North Korea or were involved in the assault on Sony, but not ultimately responsible for the damage that was done, the FBI spokesperson replied, “We’re not making the distinction that you’re making about the responsible party and others being involved.”

Read More

Cloud Computing, Cyber Security, Security, Technology

Sony Hacked By N. Korea, Hacktivists, Ex-Employee, Or All Of The Above?

Researchers at Norse Corp. who say an ex-Sony employee may have had a hand in the epic breach of the entertainment company shared their intelligence on the finding with the FBI yesterday. But the FBI today still maintained its stance that North Korea is behind the massive cyber attack.

Norse found no link whatsoever with North Korea in the intelligence it gathered independently on the attacks, which evolved out of its interest prior to the breach in landing Sony as a security customer. But an FBI spokesperson — who declined to comment on the Norse research and briefing — today reiterated the agency’s unwavering position that North Korea was behind the attack: “Nothing has changed” in that assessment, the spokesperson told Dark Reading.

“There is no credible information to indicate that any other individual is responsible for this cyber incident,” according to a statement provided today by the FBI spokesperson.

Read More

Business, Cyber Security, Finance, IT Security, Security

Researchers investigate, suggest fired employees assisted in Sony hack

Researchers are saying that one or more former employees may have aided in the massive hack of Sony.

Operating under an assumption that at least one insider must have aided in the attack, Norse Corporation posted on Monday that it is focusing on a group of six individuals, one of whom seems to be an ex-employee with a technical background and knowledge of Sony’s systems.

As leaks continue, Sony's legal team tells press to destroy 'stolen info'

“System administrators have very deep knowledge about internal networks, systems and data, as well as very broad access that gives them ‘god-like’ privileges,” Eric Chiu, president and cofounder of HyTrust, said in a statement emailed to on Tuesday.

Read More

Business, Cloud Computing, Cyber Security, cyber security legislation, Cybersecurity, Defense, Finance, Government, IT Security, Security, Technology

Sony hack could be game changer

The high-profile hack at Sony Pictures has injected new urgency into the years-old push for cybersecurity legislation, with a broad spectrum of lawmakers suddenly vowing to take action in the new Congress.

“It’s basically fair game for everything cyber” after the cyberattack on Sony, said Jessica Herrera-Flanigan, a lobbyist at Monument Policy Group, which represents tech giants like Microsoft.

The recent cyber assault caused Sony to briefly pause the release of a multi-million dollar movie, spurred a White House response and escalated tensions between the U.S. and North Korea, which the FBI has blamed for the attack.

It has also transformed what some viewed as a stale debate on Capitol Hill over cybersecurity issues.

Read More