Access Control

Russian election meddling blocked

Facebook has suspended Instagram and Facebook accounts linked to Russian efforts to manipulate America’s 2020 election. That came several hours after Czech Republic officials said they had dismantled a Russian espionage cell, disguised as a cybersecurity company, in anticipation of a wave of cyber attacks. [node:read-more:link]

Pentagon “help wanted” notice

As it contemplates how to manage the digital identities of all users of the U.S. military's IT infrastructure, the Defense Information Systems Agency is reaching out to the private sector. Its proposed Enterprise Identity Service would store usernames and passwords for employees, vendors and other authorized users in a single record, facilitating broad oversight of digital credentials and online. [node:read-more:link]

Business attacks costing billions

A U.S. Department of Defense official says more needs to be done to evaluate and reinforce the security of contractors facing cyberattacks. “We’re losing,” says Katie Arrington, special assistant to the assistant secretary of defense for acquisition for cyber within the office of the undersecretary of defense for acquisition and sustainment. She says the attacks cost the U.S. $600 billion annually and with 5G looming, that will be multiplied by the “umpteenth” in just a few years. [node:read-more:link]

Power grid protection

The National Institute of Standards and Technology is asking for technical advice on how to secure Internet-connected devices attached to the U.S. electricity grid. It is soliciting products and proposals as a prelude to having suppliers demonstrate them for the energy sector. The principal concern is securing the flow of data from distributed energy resources such as wind farms, which are becoming increasingly common in the shift to renewables. [node:read-more:link]

Multi-factor authentication warning

The Federal Bureau of Investigation has warned the U.S. telecom sector that companies could be vulnerable to attacks which bypass multi-factor authentication to gain access to accounts. It cites several examples, including the use of stolen credentials to bypass banks’ two-factor authentication protocols.  “When reaching the secondary page where the customer would normally need to enter a PIN and answer a security question, the attacker entered a manipulated string into the Web URL setting the computer as one recognized on the account,” the FBI says. [node:read-more:link]

Privacy rules threaten research

Privacy rules on Facebook and other social media sites are frustrating a scientific study of social media’s influence in democracies. It apparently is at a point where the study’s financial backers are considering dropping out. [node:read-more:link]

Internet neutrality ruling

The U.S.Federal Communications Commission has been told that it cannot prevent states from implementing their own net neutrality laws. Neutrality means Internet service providers cannot discriminate or charge differently based on subscribers' content, website and other factors. Nor can they intentionally block, slow down, or charge money for specific online content. However, the D.C. District Court of Appeals also court upheld the FCC’s repeal of net neutrality laws. [node:read-more:link]

Tightening U.S. data protection

The Department of Defense is being forced to revamp various databases in response to protect personal data on millions of active military personnel and veterans which allegedly have been exposed to identity thieves. The president of Vietnam Veterans of America, which has filed suit against the DoD, says “monetizing our service members by sharing their personal information for profit while compromising their identities is despicable and damaging to our national defense.” [node:read-more:link]

Voting machines still vulnerable

For the third consecutive year, hackers have confirmed that voting machines still in use across the U.S. remain vulnerable to cyberattack. A Georgetown University professor in Washington says each of more than 100 machines were vulnerable to at least some form of attack. [node:read-more:link]

Energy grid vulnerable

The U.S. government and “other relevant stakeholders” are being advised by the Government Accountability Office to develop a plan for implementing the federal cybersecurity strategy for the country’s electricity grid, which the GAO says is becoming more vulnerable to cyberattack. Noting that industrial control systems are particularly at risk, it warns that recent assessments indicate attacks could cause widespread power outages. [node:read-more:link]

USAF taking to the Cloud

The U.S. Air Force is seeking bids on a proposal to spend up to $95 million on cloud services from several companies as part of a Unified Platform. The technology could enable cyberwarfare teams to share information for planning and prosecuting missions. [node:read-more:link]

Alleged spy’s lawyer awaits more information

The lawyer for Cameron Ortis, the RCMP intelligence director accused of preparing to share classified secrets, says he is waiting for key information. Ian Carter says he only has an initial synopsis of the case against his client but does expect more disclosure by the Crown this week. [node:read-more:link]

Allies worry about Ortis fallout

Australia, Britain, France and the U.S., Canada’s partners in the Five Eyes intelligence community, are raising questions about the type of information accessible to Cameron Ortis as the director of an intelligence unit within the RCMP. Diplomatic sources say the alliance is concerned that Ortis, who has been arrested and charged, had access to their intelligence information. [node:read-more:link]

Kaspersky ban finalized

All U.S. civil and military organizations will be prohibited, effective Sept. 17, from using cybersecurity products or other software produced by Russia-based Kaspersky Lab. In finalizing the decision, the administration is acting on legislation approved by Congress in response to intelligence community concerns that Kaspersky executives could be forced by Moscow to share information. [node:read-more:link]

Lessons from Apple Inc.

Gen. David Goldfein, the U.S. Air Force Chief of Staff, says the military has much to learn from Apple’s “unleashing” of open-source technologies, which became a core in which other companies were founded and have flourished. He writes that the engineering and business lessons are important for the defence sector which he says has too often procured systems which cannot communicate with each other and are difficult to update. [node:read-more:link]


Subscribe to RSS - Access Control