infosec

Hackers breach 20 Texas government agencies in ransomware cyber attack

State officials say they are responding to a coordinated ransomware attack that has affected at least 20 government agencies throughout Texas. The state's Department of Information Resources is leading the response to the breach, assisted by the Division of Emergency Management, the department said in a
/
Reuters news

China cries foul over Facebook, Twitter block of fake accounts

BEIJING (Reuters) - China said on Tuesday it had a right to put out its own views after Twitter and Facebook said they had dismantled a state-backed social media campaign originating in mainland China that sought to undermine protests in Hong Kong. Twitter Inc said
/

What Did Cyber Week Achieve?

What Did Cyber Week Achieve?

Last week’s “Cyber Week” was all about cybersecurity and the ongoing threat of cyber attacks against the federal government, non-profits and private companies in the US. But what did it achieve?

Ultimately, two new bills were passed by the House both aiming to enable both companies and government to withstand cyber attack and increase the country’s cybersecurity.

One aims primarily to strengthen government’s ability to deal with the ongoing cyber war in an attempt to effectively fight hackers more effectively. The other strives to enable companies to legitimately share cyber-threat and -attack information without the fear of being held liable.

Recent cyber attacks include the Home Depot hack last year that involved credit cards and effectively exposed 56 million card numbers. In January this year hackers accessed insurance provider Anthem’s database and accessed information relating to 80 million people, reportedly targeting social security numbers. In 2014 there were in excess of 1,500 data breaches reported worldwide – an increase in 50 percent from 2013.

While both pieces of legislation have been widely welcomed, there is some concern that they overlap and possibly undermine one another. For instance, during the floor debate, Colorado’s Democratic Representative, Jared Polis drew attention to this fact, stating that there seemed to be “some kind of turf war” going on between the government’s Homeland Security and Intelligence Committees.

While both bills have privacy protection that has been designed to restrict companies from sharing personal information, and in that way safeguard personal data, there are differences. Perhaps the most obvious difference is where cybersecurity issues must be reported.

The Protecting Cyber Networks Act (also referred to as the Intelligence Committee’s information sharing bill) is aimed at US companies, and encourages them to report any high-profile data breach to any federal agencies except the Department of Defense. Information will be shared with civilian agencies and not the Department of Homeland Security.

The National Cybersecurity Protection Advancement Act focuses on liability protection for companies sharing information on cyber attacks and cybersecurity breaches. Introduced by the Homeland Security Committee, the Act specifies that information must be reported to the Department of Homeland Security’s National Cybersecurity and Communications Integration Center. It may then be shared with other companies to increase “network awareness.”

It has been reported that the legislation will be “merged” before it goes to the Senate.

In spite of the focus on US cybersecurity during Cyber Week, some have warned that the new legislation will not be enough to stop the ongoing threat. Even the White House has conceded that the liability protection offered is too broad, and could protect “grossly negligent and even reckless” entities.

In a statement of administration policy  issued on the eve of Cyber Week, the White House said that appropriate liability protections should not “grant immunity to a private company for failing to act on information it receives about the security of its networks.” Instead, it was important that liability protection was in place to ”incentivize good cybersecurity practices.”

Further, since the first major cybersecurity breach was reported in 2005, more than 40 bills have been introduced to Congress, and yet the threat appears to continue to increase.

It has been reported that President Barrack Obama has earmarked an amount of $14 billion to fight cyber attacks. He has also announced that a new government agency will be created. The Cyber Threat Intelligence Integration Center will be the pivotal body, presumably relying partly on the new legislation voted on during Cyber Week. In addition, the Senate is expected to consider the Cybersecurity Information Sharing Act and additional data-security very soon.

At the end of the day (or week), it is not clear how much was achieved during Cyber Week 2015, if anything.

By Penny Swift

Penny Swift

Penny has been a professional writer since 1984 - Penny has written more than 30 general trade books and eight college books. She has also written countless newspaper and magazine articles for: Skills on Site, Popular Mechanics (SA) and SA Conference, Exhibitions and Events Guide.

Penny has a BA in Social Sciences and currently resides in Cape Town, South Africa.

3 Challenges of Network Deployment in Hyperconverged Infrastructure

3 Challenges of Network Deployment in Hyperconverged Infrastructure

Hyperconverged Infrastructure In this article, we’ll explore three challenges that are associated with network deployment in a hyperconverged private cloud environment, and then we’ll consider several ...
Big Commerce

Ecommerce and Social Media: Shopping In The Cloud

Ecommerce and Social Media By 2018, retail ecommerce will reach nearly $2.5 trillion worldwide, according to eMarketer’s forecasts. Currently, China tops the ecommerce markets, followed ...
Cloud Security Risks: The Top 8 According To ENISA

Cloud Security Risks: The Top 8 According To ENISA

Cloud Security Risks Does cloud security risks ever bother you? It would be weird if it didn’t. Cloud computing has a lot of benefits, but ...
Glassdoor’s 10 Highest Paying Tech Jobs Of 2018

Glassdoor’s 10 Highest Paying Tech Jobs Of 2018

Glassdoor is best known for its candid, honest reviews of employers written anonymously by employees. It is now common practice and a good idea for anyone ...
infosec

Hackers breach 20 Texas government agencies in ransomware cyber attack

/
State officials say they are responding to a coordinated ransomware attack that has affected at least 20 government agencies throughout Texas. The state's Department of Information Resources is leading the ...
ISC2

Most Cyber Workers Plan to See Out Their Careers in the Field

/
Recruiting cybersecurity professionals is a major challenge because of the scarcity of qualified candidates, but at least employers don’t have to worry about them wanting to change professions. Most cybersecurity ...
Reuters news

Exclusive: U.S. set to give Huawei another 90 days to buy from American suppliers – sources

/
SINGAPORE/WASHINGTON (Reuters) - The U.S. Commerce Department is expected to extend a reprieve given to Huawei Technologies that permits the Chinese firm to buy supplies from U.S. companies so that ...