Archive for June, 2017
USCG: Cargo Disruption A Reminder That Cyber Risks Are Real
From: Marine Insight
The Coast Guard is actively monitoring and helping to mitigate the consequences of recent ransom ware attacks that have impacted cargo movement through several U.S. port facilities. The Coast Guard is uniquely capable of coordinating preparedness and response to maritime transportation disruptions, especially when partnering with federal, state, and local agencies that share responsibility for mitigating cyber threats and addressing cyber vulnerabilities. Our local operational commanders continue to facilitate recovery efforts at port facilities in order to ensure safe and secure port operations.
Nuclear breach opens new chapter in cyber struggle
From: E&E News | Energywire
Blake Sobczak and Peter Behr, E&E News reporters
U.S. authorities are investigating a cyber intrusion affecting multiple nuclear power generation sites this year, E&E News has learned.
There is no evidence that the nuclear energy industry’s highly regulated safety systems were compromised. But any cybersecurity breach — targeted or not — at closely guarded U.S. nuclear reactors marks an escalation of hackers’ probes into U.S. critical infrastructure.
CyCon 2018 Call for Papers is Now Open
From: NATO Cooperative Cyber Defence Centre of Excellence
NATO Cooperative Cyber Defence Centre of Excellence is proud to announce the Call for Papers for the anniversary conference on cyber conflict in 2018, CyCon C. To celebrate the milestone the cyber security community is invited to shape the focus of the 10th CyCon. Instead of setting a predefined core topic for this conference, the research community is welcomed to submit original research papers on their choice of the most topical and current cyber security issues, from technical, legal, policy, strategy or military perspectives.
Securing Nepali cyberspace
Narayan Koirala is an Information Security Practitioner/Information Systems Auditor, Cofounder/ Director at Eminence Ways.
In your opinion, what are the areas that Nepal still needs to work on?
First, we need to increase awareness about information security among organizations as well as users. Next, we need to have proper, applicable Information Security Policies to start with, on a national level. Regulatory bodies need to impose and monitor any violation of such policies. Then, we need proper planning for IT security in organizations along with proper human resource to manage it.
Israel’s blockchain blockbuster
Ferry Biedermann; special to CNBC.com
Blockchain is a distributed and cryptographically secured database method best known for its use in Bitcoin and other more recent cryptocurrencies such as Ethereum’s Ether. Bancor, which is still under development, sets out its business model in a ‘white paper’ on its website. Using its own tokens, it seeks to provide a method to easily switch between different cryptocurrencies, thus addressing the market’s liquidity problems. It intends also to allow users to create tokens for use in their own projects, for example for their own ICO.
GCC businesses are facing a major cybersecurity deficit
Comment: A lack of investment and awareness around cybersecurity is leaving GCC companies more at risk than others, writes Amar Diwakar.
A major obstacle to the effective control of cyber crime is its transnational nature. Attacks transpire across borders, and offenders have taken advantage of safe haven states that lack stringent cyber legislation and enforcement capabilities.
At present, 52 states have ratified the convention, but GCC member states are conspicuously absent. Nor is there any inter-state collaboration on cybercrime.
Estonia buoys cyber security with world’s first data embassy
To protect itself from cyberattacks, Estonia is about to open a “data embassy” outside its borders. The country’s critical infrastructure will be stored in Luxembourg, reports Isabelle de Pommereau from Tallinn.
When, 10 years ago, a massive cyber attack hit Hansabank, the bank he had worked for as a cyber specialist, Toomas Vaks felt that his entire country had been shaken to the core. It hadn’t been long since the former Soviet republic had rebuilt itself from scratch into one of the world’s most wired societies.
Cybersecurity and cryptography in the post-quantum world
Marc Van Allen & Umer Chaudhry
The U.S. government is currently researching solutions to potential challenges posed by quantum computers. For organizations that operate classified or unclassified national security systems (NSS), and companies that build products used in NSS, the National Security Agency (NSA) recommends moving to a more quantum-resistant Commercial National Security Algorithm Suite. As quantum computers approach market-readiness, cryptography and cybersecurity professionals in all industries should be assessing their security frameworks and the potential of post quantum-resistant encryption techniques to protect their digital communications.
Terrorism on web: Why it’s not fair to condemn tech companies and regulate cyberspace
New Delhi, Delhi, India
In the wake of the recent terror attack in London on Saturday night, British Prime Minister Theresa May issued a statement wherein she mentioned different ways that need to be adopted to counter terrorism. Emphasising on the need to overhaul strategies to combat extremism, May held tech companies partly responsible for providing extremists a “safe space” to grow.
It is true that extremist groups are using the web to recruit members, spread hate and extremist propaganda, send coded messages and coordinate attacks, but it wouldn’t be right to condemn internet companies for the same as these companies, seemingly, are doing a fair job to take down any content or accounts that are involved in terrorist activities and/or encourage support for terrorism.
GAO faults FDIC for slow progress in correcting data-security vulnerabilities
From: Inside Cybersecurity
The congressional Government Accountability Office is asking the Federal Deposit Insurance Corporation to report back next month on implementing data-security corrections to protect its sensitive, financial records from fraudulent misuse or destruction.
GAO in a new report finds the FDIC has failed to fully implement recommendations for securing data gathered in its role as a regulator and enforcer of national banking laws and in protecting the nation’s depositors.
Read Complete Article [paywall]