Censorship, Cybersecurity

D.C. area contractors ramp up cybersecurity offerings

Local contractors continue to ramp up their cybersecurity offerings -- adding new hires and establishing new offices -- in anticipation of significant growth in the burgeoning market.

The industry activity comes as the Pentagon establishes a Cyber Command.

Army Gen. Keith Alexander, who heads the National Security Agency and the new U.S. Cyber Command, told members of the House Armed Services Committee on Sept. 23 that hiring is under way to find people with the right skills, though final decisions have not been made on the exact mix of military personnel and civilians.

The command "is going to have to grow," Alexander testified. "We see that as our number one mission: be ready. And right now, we have to build that force to get there; that's going to take some time."

Area contractors are moving to align themselves with the government's new priorities. Science Applications International Corp., based in McLean, last week formally opened its seven-story cyber innovation center in Columbia, not far from the site of the new Cyber Command at Fort Meade.

SAIC is no newcomer to cybersecurity, however. The company has had as many as nine different facilities in that area for over a decade, said Larry Cox, an SAIC senior vice president and the general manager of the company's cyber unit.

http://www.washingtonpost.com/wp-dyn/content/article/2010/10/01/AR2010100106554.html

Seeker relates to your cybersecurity post...nothing is private...beware!

Obama signs first intelligence authorization bill in five years

President Obama Thursday signed the fiscal 2010 intelligence authorization bill into law, the first time such a bill has been enacted in five years.

Although the bill technically applies to the fiscal year that ended Sept. 30, lawmakers and intelligence officials say it includes many provisions that will have an impact for years to come.

snip
“The enactment of [the bill] puts the intelligence committees back in the business of authorizing,” Reyes added. “It represents substantial gains for congressional oversight of national security. More importantly, this law gives the [intelligence] community the tools it needs to keep America safe.”

The bill also includes a provision that requires Director of National Intelligence James Clapper and the Government Accountability Office to come up with a directive that will allow government auditors to inspect intelligence operations.

Speaking at an intelligence conference Wednesday, Clapper acknowledged that GAO can be helpful, especially in the area of overhauling the process for giving security-clearances to intelligence personnel and contractors. But he said he is concerned about GAO getting into “the core essence” of intelligence, such as by evaluating sources and methods and critiquing national intelligence estimates.

Clapper said giving GAO auditors who have subject matter expertise access to certain activities would be appropriate.
http://www.govexec.com/dailyfed/1010/100710cdpm1.htm

not sure what any of that means…other than…I bet it isnt good for the hens.

sounds like wank..as if they are going to let anyone know what their intelligence agencies are doing

Cyber Threats Forecast For 2011

Botnets and attacks on pervasive devices and social networks rank among the biggest information security threats expected next year, according to the Georgia Tech Information Security Center.

What will be the biggest information security threats in 2011? “Further proliferation and sophistication of botnets, attacks on pervasive devices and social networking and the impact of cyber security issues on physical systems.” So says the new Georgia Tech Information Security Center (GTISC) 2011 Emerging Cyber Threats Report, released Friday.

snip
Also in 2011, expect online threats to increasingly target critical infrastructure. “As physical systems become more information-driven, the kind of attacks we have seen in other areas will show up here as well,” said Ahamad.

Another significant security concern will be attacks on pervasive devices and social networks. According to Patrick Traynor, assistant professor at Georgia Tech’s School of Computer Science, “while more than 1.5 billion people use the Internet daily, over 4.5 billion use a cell phone every day, creating an attractive target for cyber criminals.” Furthermore, expect the number of cell phone users to double or triple by 2020, he said.

As the number of smartphones — running numerous third-party applications, some of which may behave in unexpected ways — rises, so too do the potential ways in which these devices can be attacked.

“Attackers are notorious for going where people are — and people are on their phone, using apps around Facebook, Twitter, LinkedIn or dating sites,” said Matt Jonkman, CEO of Emerging Threats, “What’s worse is the size of attacks is increasing. In the past, there’d be a spam run, on a smaller scale, that was changed frequently. Now, attackers can go out with a large-scale run on one major, popular platform, because people will respond quickly, making the attack very effective.”

http://www.informationweek.com/news/security/reviews/showArticle.jhtml?articleID=227701135&cid=RSSfeed_IWK_All

lots of platforms they can use now..thanks nikki

Cyber Threats Very Real For Britain: Official
Posted on: Wednesday, 13 October 2010, 11:45 CDT

The head of Britain’s electronic spying agency warned Wednesday that the country is facing a “real and credible” threat of cyber attacks from hostile criminals abroad which could potentially damage its critical infrastructure.

Iain Lobban, director of the Government Communications Headquarters (GCHQ), said Britain’s infrastructure -- such as emergency services and power grids -- was at an increased risk as the rapid growth of the Internet made communications systems more vulnerable.

“We already provide expert advice and incident response to the operators of critical services,” he said. “We must continue to strengthen these capabilities and be swifter in our response, aiming to match the speed at which cyber events happen.”

Speaking at the International Institute for Strategic Studies in London, Lobban said he didn’t want to go into great detail about the threat to the UK’s “critical national infrastructure.” But said the threat posed by terrorists, organized criminals and hostile foreign governments was “real and credible” and he demanded a quicker response to match the speed with which cybercrime happened.

He warned that Britain’s economy could be at risk if effective protection measures against cyber attacks was not further developed.
http://www.redorbit.com/news/international/1930918/cyber_threats_very_real_for_britain_official/

saw that..australia had it to..

Apple has been granted a patent that prevents young people from using, sending and receiving sexually explicit text messages -- known in modern day as "sexting."

The patent -- filed by Apple in 2008 and granted by the US Patents Office -- is based on "systems, devices and methods" for filtering "text-based messages" that contain "objectionable content." Ultimately, it prevents youngsters from using their iPhones to send messages that contain swear words or lewd language.

Currently, no other device has a way "to monitor and control text communications and make them user appropriate."
http://www.chicagotribune.com/business/ipad/wpix-apple-patent-sexting,0,2423047.story

prevents young people from sexting...I would imagine the wives of Brett Favre and Tiger Woods would be interested in the app.

U.S. Government Exploits Our Facebook 'Narcissism' To Detect Fraud, Fake Marriages


Get Technology Alerts

A 2008 memo obtained by the Electronic Frontier Foundation (EFF) confirms it: big brother is watching.

The report by the Department of Homeland Security's U.S. Citizenship and Immigration Services, which is entitled "Social Networking Sites and Their Importance to FDNS" (Office of Fraud Detection and National Security), offers agents detailed instructions on the ins-and-outs of social networks, including how to join, how to expand friend networks once one is a member, what the most popular social networking sites are, and more.

But the document also raises privacy concerns as it stresses the importance of social media for surveillance--while presuming the accuracy of the information we post about ourselves online--and highlights how agents can and should use social networks to sniff out fraud.

"Narcissistic tendencies in many people fuels a need to have a large group of 'friends' link to their pages and many of these people accept cyber-friends that they don't even know," the USCIS explains. "This provides an excellent vantage point for FDNS to observe the daily life of beneficiaries and petitioners who are suspected of fraudulent activities."

http://www.huffingtonpost.com/2010/10/14/government-facebook_n_762581.html

thats a fairly accurate portrayal i must say..

Google's Schmidt sees Web access for billions more

There are 4 billion phones in the world, and between 800 million and 1 billion smartphones already in use. And with Moore's Law-like speed of technology development, more people will have access to a smartphone with a Web browser, connecting them to the already 2 billion people online.

This has big implications for society as a whole and global businesses, Schmidt said.

"What happens when you have a powerful browser in the hands of people who have never seen anything but a TV, perhaps in a shared model?" he asked. "We haven't heard from them yet. We don't know what they think."

Most likely, many people tapping into the Web for the first time will seek out entertainment, which is human nature, Schmidt said. But having more people with access to information forces transparency and openness in countries that don't have the same notions of free speech as the United States, he added. It also means that global brands are more important.

Google's strategy is to get more people online and more data digitized, which, on the whole, is positive for society, Schmidt said.



Read more: http://news.cnet.com/8301-11386_3-20019808-76.html#ixzz12ddywvEo

more people online and more data digitized = more data gathering

smartphone..smart for who?

Commodity Futures Trading Commission

Business Continuity and Disaster Recovery

Dated
July 22, 2010

snip
The Commission believes that some of the registered entities regulated by the Commission may be “critical financial markets” or “core clearing and settlement organizations.” They provide the means for financial institutions to adjust their financial positions and those of their customers in order to manage liquidity, market, and other risks, and provide support for provision of a wide range of financial services to U.S. businesses and consumers. Their products include futures on U.S. government and agency securities, equity indexes, foreign exchange and physical commodities that comprise critical components of the world financial system.

For these reasons, it might present unacceptable risks to the U.S. financial system if these entities were to become inoperative and unavailable for an extended period of time for any reason up to and including a wide-scale disruption. The ability of critical financial markets and core clearing and settlement organizations to recover and resume trading and clearing promptly in the event of a wide-scale disruption is important to the U.S. economy.

The White Paper calls for core clearing and settlement
organizations to have the capacity to meet a same-day recovery time objective (“RTO”); that is, the capacity to recover and resume clearing and settlement activities within the business day on which the disruption occurs.

Further, the White Paper recognizes that the ability to meet a same-day RTO during a wide-scale disruption requires
an appropriate level of geographic diversity between primary and backup sites, with the latter as far away as necessary to avoid being subject to the same set of risks as the primary site. Backup sites should not rely on the same transportation, telecommunications, power, water, or other critical infrastructure components as the primary location. In addition, operation of the backup site should not be impaired by a wide-scale evacuation at, or the inaccessibility of staff that service, the primary site.

Therefore, the White Paper calls for core clearing
and settlement organizations to maintain backup facilities that are a significant distance away from their primary facilities, a distance sufficient to address the risk that a wide-scale disruption could make the organization’s labor pool across the entire metropolitan or other geographic area of the primary site (including adjacent communities
economically integrated with it) unavailable to support achievement of the organization’s RTO.


The White Paper also mentions, as an aspirational “overall goal,” an RTO of two hours for core clearing and settlement organizations.http://www.cftc.gov/LawRegulation/FederalRegister/ProposedRules/2010-17606.html

Nine years after 9/22 the CFTC decides it needs a disaster recovery plan. Noted a fire in March 2010 cuased the NYC CFTC office to temp relocate. Test?
Link to that story (noted in another article that the CFTC site posted on their site that the office was closed and then removed the post)
http://www.economicpolicyjournal.com/2010/03/fire-at-new-york-city-cftc-offices.html

Pentagon Will Help Homeland Security Department Fight Domestic Cyberattacks

The Obama administration has adopted new procedures for using the Defense Department’s vast array of cyberwarfare capabilities in case of an attack on vital computer networks inside the United States, delicately navigating historic rules that restrict military action on American soil.

The system would mirror that used when the military is called on in natural disasters like hurricanes or wildfires. A presidential order dispatches the military forces, working under the control of the Federal Emergency Management Agency.

Under the new rules, the president would approve the use of the military’s expertise in computer-network warfare, and the Department of Homeland Security would direct the work.

Officials involved in drafting the rules said the goal was to ensure a rapid response to a cyberthreat while balancing concerns that civil liberties might be at risk should the military take over such domestic operations.

snip
The new approach will begin with a Department of Homeland Security team deploying to Fort Meade, Md., home to both the National Security Agency, which specializes in electronic espionage, and the military’s new Cyber Command. In exchange, a team of military networking experts would be assigned to the operations center at the Homeland Security Department.

The rules were detailed in a memorandum of agreement signed in late September by Janet Napolitano, the secretary of homeland security, and Defense Secretary Robert M. Gates, but they were not released until last week
http://www.nytimes.com/2010/10/21/us/21cyber.html?src=mv


something is up!