IT Security

The FBI, DHS, ODNI, and DoD will continue their work to keep private industry informed of threats to intellectual property from foreign Cyber threats under a new strategy unveiled by the Obama administration.

When, in 2010, Boeing bought Narus, a firm that specialized in “Big Data” analytics, Boeing probably thought it had acquired a highly-capable firm in a hot new niche. But, before too much time had passed, Boeing decided that Big Data analytics might not be all that it was cracked up to be, and that it should probably poke around in Narus’s intellectual property closet to see what else it could find.

The White House Under took aim at curbing the electronic theft of U.S. companies’ intellectual property with a new strategy that improves coordination among U.S. intelligence, diplomatic and law enforcement agencies.

As the latest report detailing substantial Chinese Cyber attack capabilities against western targets was released, U.S. officials said there were “substantial and growing” concerns at the highest levels about the threats to national security and the U.S. economy.

Press reports on Feb. 20 said the White House is set to issue a new action aimed at taking more aggressive steps, like fines and trade actions, against China’s Cyber espionage efforts.

More than one-third of the public employees who work for the State of Texas -- about 110,000 employees out of a total of 300,000 -- will participate in a statewide IT modernization strategy that will migrate the state’s communication and collaboration capabilities to the Cloud, with the help of Microsoft’s Office 365.

A huge, sprawling Cyber espionage operation emanating from a bureau of the Chinese army that employs dozens, if not hundreds, of hackers, but some of them are a little careless, a report by a U.S. cyber security company alleges.

The cyber threat, from what Alexandria, VA-based Mandiant calls “APT1,” is only one of more than 20 groups with Chinese origins prowling the Internet and hacking into Western companies’ computer systems.

Online scammers have again taken to using the name of Immigration and Customs Enforcement’s Cyber Crimes Center (IC3) to extort money from unsuspecting victims online.

ICE issued a scam alert on Feb. 15 that said cyber criminals were using emails purporting to be from the Cyber Crimes Center to lure potential victims to a “drive-by download” Website, where ransomware was installed on the user’s computer.  

President Obama’s recent executive order related to enhancing the cyber security at the nation’s critical infrastructure sites won applause from a strange corner of cyberspace on Feb. 15, when Huawei -- the China-based communications technology company that has been accused on Capitol Hill of cyber-snooping on both public and private organizations in the United States -- welcomed the president’s executive order and supported its push for greater information-sharing between the government and the private sector.

The Government Accountability Office (GAO) lightened up a bit on its criticism of DHS’s management in its report aimed at calling attention to high-risk areas in government agencies, but still found issues of concern at the agency.

The GAO issues its high risk list every two years at the start of a new Congress to highlight agencies and programs that need to pay particular attention to their vulnerabilities to fraud, waste, abuse and mismanagement, or are most in need of transformation.

According to a survey of nearly 700 SCADA and other control system operators, awareness of risk is high, while protections are lagging.

"Control system cyber assets are vulnerable, threats are escalating and the industry is aware of these facts," says survey paper author Matthew Luallen, a senior SANS analyst and SCADA/process control system expert who teaches on this subject at DePaul University. "Stuxnet can be cited for finally raising risk awareness, but some of this awareness is experiential: In the survey, 33% of respondents know or suspect they've been breached."