Global Security — News

US military learning cybersecurity lessons from businesses

In its new <a href="http://www.defense.gov/news/d20110714cyber.pdf">cyberdefense strategy</a>, the <a href="http://www.networkworld.com/news/2011/071511-pentagon-unveils-five-steps-for.html?hpg1=bn">Pentagon is drawing on lessons</a> about agility, lifecycle management and supply-chain protection that have already been learned by private corporations.

Tim Greene | 16 Jul | Read more

24,000 Pentagon Files Stolen in Major Cyberattack

The Department of Defense says it was hit by a cyberattack by a "foreign intelligence service" that managed to pilfer 24,000 sensitive files.The attack, which occurred in March, was perpetrated by an unnamed "nation state," according to Deputy Defense Secretary William J. Lynn III. Lynn who disclosed the breach during a speech Thursday outlining the Pentagon's new cyber strategy for dealing with cyber-breaches.

Sarah Jacobsson Purewal | 16 Jul | Read more

"Depraved" Wi-Fi hacker gets 18 years in prison

A Minnesota man has been sentenced to 18 years in prison after he hacked a neighbor's Wi-Fi <a href="http://www.networkworld.com/news/2009/120909-network-router-cheat-sheet.html?ts0hb&amp;story=rtrcheat">router</a> and then launched a vengeful two-year campaign to frame them with child pornography and threats to government officials, including Vice President Joe Biden.

John Cox | 14 Jul | Read more

Leverage government innovation to reduce identity management risks

Managing consumer or citizen identities comes with two key problems--scale and cost--prompting organizations that require onboarding, authentication, and <a href="http://www.csoonline.com/article/684895/password-management-systems-how-to-compare-and-use-them">password management</a> to look for ways to outsource this effort. Entertainment websites, online retailers, and even US federal government-to-citizen websites are experimenting with a federated model for more of their identity management life cycle. By using single sign-on (SSO) and attribute-sharing between "social" identity providers (IdPs) (i.e. Google and Facebook) and relying parties (RPs), this model effectively reduces cost and improves the customer experience.

Eve Maler | 14 Jul | Read more

Cyberwar and cyber-isolationism

There has been a bit of a splash in the press recently about a mention by former CIA Director Gen. Michael Hayden of the idea of creating new, extra secure internets for government or commerce. Users would have to give up their privacy to use these versions of the Internet, with a requirement for the use of real names and all their traffic subject to deep packet inspection. The vision seems to be that government would use one such network and services such as banking would use another.

Scott Bradner | 13 Jul | Read more

Lulzsec: the rise and fall of a hacking collective

The curtain has fallen on the 50 day performance by hacker group LulzSec. Its campaign of mayhem and destruction, peppered with witty commentary captivated the world. In an alternate universe where Lulzcats reign and anti-security is the norm, it might have even earned a spot on its first target, The X-Factor. But on this earth its members may still be captured by its later targets: the CIA, US law enforcement and the FBI.

Liam Tung | 12 Jul | Read more