Commission Finds U.S. Is Unprepared for Major Cyberattacks

The Cyberspace Solarium Commission released a report based on a months-long study that showed the U.S. government’s lack of ability to block cyber threats. The Commission lists 75 recommendations for major structural changes, including the creation of Congressional committees dedicated to cybersecurity and a White House-based national cybersecurity director to be confirmed by the Senate. The report is blunt in its assessment that the U.S. government’s current approach to cyberattacks is “fundamentally flawed.” Continue reading Commission Finds U.S. Is Unprepared for Major Cyberattacks

5G Offers Wireless Carriers More Security, Privacy Options

One of the benefits of 5G, expected to be 100 times faster than 4G networks, is the improved protection of sensitive data. Much of the conversation about 5G networks has focused on the security issues related to Chinese vendors of gear used in 5G networks. But Verizon chief information officer Chandra McMahon noted that “security is designed into 5G and there will be additional [security] technical features.” Another advantage is that 5G providers will rely on the cloud, providing more capacity and flexibility. Continue reading 5G Offers Wireless Carriers More Security, Privacy Options

Russia Boosts Efforts to Foil Extradition of Hackers to U.S.

Russian hackers have been responsible for serious cybercrimes in the last few years, including Sandworm, a group of hackers who attacked the 2018 Olympics, among other targets. Now, Russia is seeking to replace the 2001 Budapest Convention on Cybercrime with a new agreement that will align with its interests. The country is playing hardball in its attempt to prevent its citizens arrested abroad to be extradited to the U.S. for trial, including holding an Israeli citizen for trade with a Russian hacker held in that country. Continue reading Russia Boosts Efforts to Foil Extradition of Hackers to U.S.

Drones in Delivery Tests, U.S. Agency Bars Chinese UAVs

Amazon, Alphabet’s Wing and Uber Technologies are conducting government-approved trials of drones to deliver packages. Wing is in Christiansburg, Virginia and Uber will begin tests in San Diego before the end of 2019. United Parcel Service also gained FAA approval to create a fleet of drones to deliver health supplies and, ultimately, consumer packages. The FAA predicts that drones for commercial purposes will reach 2.7 million by 2020. Meanwhile, the Department of the Interior is grounding more than 800 drones that were manufactured in China, citing national security concerns. Continue reading Drones in Delivery Tests, U.S. Agency Bars Chinese UAVs

Google’s Cloud Platform Updates Focus on Security Issues

During its Cloud Next 2019 developer conference, Google revealed its Advanced Protection Program would be widely released and Titan Security Keys will be more readily available in retail. The former, which is intended to prevent cyberattacks against high profile targets such as politicians and business leaders, will debut in beta for G Suite, Google Cloud Platform (GCP), and Cloud Identity customers. The Advanced Protection Program “enforces the use” of the Titan Security Key or compatible third-party hardware, blocking access to third-party accounts not approved by admin. Continue reading Google’s Cloud Platform Updates Focus on Security Issues

Researchers Identify Bugs in Microsoft Excel, Apple macOS

Threat intelligence firm Mimecast revealed that hackers are exploiting a Microsoft Excel feature called Power Query to facilitate Office 365 attacks. This feature lets legitimate users combine data from various sources by linking to those components in a spreadsheet. Hackers replace a link with another that leads to a site infected with malware. The hacked Excel spreadsheets then allow attackers to install backdoors, using the software program’s own tools. Meanwhile, Apple has yet to fix a macOS bug first identified by a cybersecurity researcher in February. Continue reading Researchers Identify Bugs in Microsoft Excel, Apple macOS

Report: Suspected Chinese Hackers Target Global Telecoms

Hackers likely associated with the Chinese government broke into at least 10 global telecom carriers, stealing call logs, users’ locations and text-messaging records, according to a report from Boston-based Cybereason. The cybersecurity firm spent 2018 scrutinizing a multi-year, ongoing campaign, suspected to be directed by China and aimed at 20 military officials, spies, law enforcement and dissidents in Africa, Asia, Europe and the Middle East. Cybereason believes the recent hacks point to Chinese group APT10. Continue reading Report: Suspected Chinese Hackers Target Global Telecoms

WhatsApp Calls Used to Inject Spyware on Mobile Phones

Hackers have reportedly been injecting Israeli spyware onto smartphones via the popular Facebook-owned messaging service WhatsApp. The surveillance software, named Pegasus, was developed by Israeli firm NSO Group and can access an iPhone with a single missed voice call on WhatsApp. NSO claims that it carefully vets its customers; the company’s software is intended for government agencies to combat crime and terrorism. While it is currently unknown how many users may have been affected at this point (the problem was first discovered in early May), WhatsApp says it has created a patch to address the vulnerability. Continue reading WhatsApp Calls Used to Inject Spyware on Mobile Phones

U.S. Tries Softer Tack to Limit Huawei at Prague 5G Confab

According to sources, on May 2-3 when officials from 30+ countries meet in Prague to discuss security principles for 5G networks, the U.S. will propose measures to prevent China’s Huawei from gaining dominance. The U.S. has long believed that the Chinese government can use Huawei’s gear to spy via Internet-connected products from AR to self-driving cars. Huawei has denied the accusations. The U.S. strategy at the upcoming meeting, said a U.S. official, is “softer” than its previous efforts to limit Huawei’s influence. Continue reading U.S. Tries Softer Tack to Limit Huawei at Prague 5G Confab

Senate Releases Reports with Details of Russian Interference

The Senate Intelligence Committee released two reports that reveal how Russia’s Internet Research Agency targeted groups including African-Americans, evangelical Christians and pro-gun activists to confuse voters, create division and support Donald Trump’s run for president. The Russian operation reportedly used every digital platform available, including Facebook, Instagram, Vine, LiveJournal and even “Pokémon Go.” The research also revealed how these same digital platforms delayed reporting the extent and type of interference. Continue reading Senate Releases Reports with Details of Russian Interference

Federal Government Takes Additional Steps to Block Huawei

The U.S. government is reportedly pushing for foreign allies to stop using hardware from China-based Huawei Technologies Co. According to people familiar with the initiative, the government is aiming to convince wireless and Internet service providers to avoid telecom equipment that comes from Huawei in an effort to increase security. Washington officials are particularly concerned about countries that host military bases. The U.S. and Australia already have bans in place to curb the risk of cyberattacks. Huawei is the world’s largest telecommunications provider. Continue reading Federal Government Takes Additional Steps to Block Huawei

A Debate Over Most Effective Strategy to Fight Cyberattacks

Cyberattacks could potentially disrupt U.S. infrastructure, from the electric grid to the financial system. In July, the Department of Homeland Security reported that Russian hackers gained access to the control rooms of electric utilities. Now, analysts and policymakers are debating the best way to protect our critical infrastructure. While many believe that federal and state government regulation, funding and oversight are necessary, others argue this tack may actually cause harm and we should consider alternative approaches. Continue reading A Debate Over Most Effective Strategy to Fight Cyberattacks

Justice Department Accuses Russian Spies of Cyberattacks

The Justice Department’s National Security Division claims that seven hackers suspected of working with Russia’s GRU military intelligence unit were part of a conspiracy to hack multiple organizations including the World Anti-Doping Agency, the Democratic National Committee, a nuclear energy company and several media outlets. The Fancy Bear cyber espionage group, also known as Sofacy or APT28, is accused of launching a disinformation campaign leading up to the 2016 U.S. presidential election, and “hacking to obtain non-public, health information about athletes and others in the files of anti-doping agencies in multiple countries.” Continue reading Justice Department Accuses Russian Spies of Cyberattacks

California Passes Security Bill to Regulate Connected Devices

The California State Legislature recently passed a bill called “Information Privacy: Connected Devices” that creates regulations for IoT devices sold in the United States. SB-327, which applies to all devices that connect to the Internet and include an Internet Protocol or Bluetooth address, would require that security audits be conducted on components purchased overseas. The bill is the first of its kind in the U.S. and has been forwarded to Governor Jerry Brown for his signature. While some have criticized the bill for not being specific or thorough enough, it could place pressure on manufacturers to offer better device-level protection against cyberattacks. Continue reading California Passes Security Bill to Regulate Connected Devices

Facebook Removes Fake Accounts Linked to Iran and Russia

Facebook identified and removed 652 fake accounts, pages and groups from Iran and Russia that were attempting to sow misinformation in several countries. Such campaigns in the past — most notably leading up to the 2016 presidential election — targeted the U.S., but these accounts targeted the U.K., Latin America and the Middle East as well. This discovery is dramatically larger than the 32 pages and accounts that Facebook removed last month. The Kremlin-linked Internet Research Agency was indicted for the 2016 campaign. Continue reading Facebook Removes Fake Accounts Linked to Iran and Russia

Page 1 of 3123