Symantec sign
Cybersecurity cyber

Cybersecurity technologies provider Symantec reported that ransomware activity fell by 20 percent in 2018 on a year-over-year basis, but that the focus of attacks shifted sharply toward enterprises and away from consumers last year. […]

Symantec sign
BSA The Software Alliance

Akamai, a content delivery network and cloud service provider, and Slack, a provider of cloud-based collaboration tools and services, have joined BSA | The Software Alliance as new global policy members. […]

Election security, voting, midterms 2018

While political and military leaders debate the pros and cons of whether the United States needs a separate “Space Force,” Chinese hackers have offered a reminder of two truths: operations in space are extremely important, and the assets used in space are vulnerable to cyberattack. […]

Agencies undergoing digital transformation are combining on-premise, hybrid, and multiple cloud solutions into their environments. To that end, agencies need to weave cloud security and protection of on-premise systems into their broader security strategy for a true, defense-in-depth approach. […]

The Report to the President on Federal IT Modernization recommends modernizing the Trusted Internet Connections (TIC) program, which is critical to the Federal government’s broader digital transformation strategy. By the end of this month, the report calls for the Office of Management and Budget (OMB) to conduct data calls to agencies to discuss their cloud migration projects, and identify any delays caused by current TIC policy. And, by March 2, OMB will share a “preliminary update to the TIC policy,” and launch select pilot projects to test the new TIC requirements. […]

The rising frequency and intensity of cyberattacks on information technology systems that support the government, military, businesses, and critical infrastructure has raised awareness among senior Federal agency managers that security controls cannot be bolted on to systems as an afterthought. Security must be a core part of the design of systems from the beginning, and considered throughout the development lifecycle. […]

Password manager company, Dashlane, has added a twist with its list of the “Worst Password Offenders” of 2017, naming high-profile people and organizations that fell into the bad-password trap. President Trump was deemed the worst offender, primarily because of simple passwords reportedly used by cabinet members and policy directors. Outside parties were also the culprits for the Department of Defense, specifically for its contractor, Booz Allen, as well as the Republican Party (stemming from a careless data analytics firm). Paul Manafort, for using “Bond007” as a password, and Sean Spicer, for apparently tweeting his passwords, also came in for scorn. […]

Email is a core network application for both the private sector the and government, and has become an essential business communication tool. Since email is nearly ubiquitous and often poorly secured, it also has become a vector for fraud and data theft. Phishing emails can compromise not only Federal networks and databases, but also trust in government communications. […]

With rapid growth in smart devices, exploding data volumes, and the shift to the cloud, it is becoming more and more challenging to protect critical systems and information. Government and industry leaders convened at the Symantec Government Symposium in Washington, D.C. on Tuesday to discuss these complex challenges and the solutions needed to address them. […]

With $5 billion in global revenue, Symantec is the 500 pound yellow gorilla in the cybersecurity business. Some dimensions on the beast: installed at every Federal cabinet-level agency; supports 350,000 customers; tracks 700,000 hackers; and leverages more than nine trillion elements of security data. Now, that’s a big monkey. […]

Cybersecurity standards for Internet of Things devices need to be improved in order to secure medical devices that have created the “Internet of Bodies.” Terrell McSweeny, commissioner of the Federal Trade Commission, said that more regulation needs to be written before connected medical devices become commonplace. […]

Though new initiatives like the Cybersecurity Executive Order cover many of the same issues tackled by past administrations, the focus on IT modernization will make a big difference in actually improving cybersecurity, according to Barry West, senior adviser and senior accountable official for risk management at the Department of Homeland Security. […]

A hacker group named Dragonfly 2.0 has gained access to several companies that supply electricity to the U.S. power grid, according to Symantec. The new wave of cyberattacks could give attackers the means to severely disrupt affected operations centers in Europe and North America. Dragonfly 2.0 has been in operation since at least 2011 and is linked to the Russian government. […]

MeriTalk compiles a weekly roundup of contracts and other industry activity. Here’s what happened this week in the Federal Information Technology community. […]

Through its series of summer camps and competitions, the Air Force Association’s CyberPatriot program is aiming to expand the cybersecurity workforce for both the public and private sector. “What they have learned is if they wait until someone is a college graduate, it’s too late, if they wait until they’re in college, it’s too late,” said CyberPatriot National Commissioner Bernie Skoch. […]

MeriTalk compiles a weekly roundup of contracts and other industry activity. Here’s what happened this week in the Federal Information Technology community. […]

The cyberattack that spread across Europe on June 27 was declared not a ransomware attack after further observation by researchers. The “Not Petya” attack didn’t encrypt files on the infected computers. Instead, it wiped the entire drive, making it impossible to retrieve files if they weren’t backed up on another device. […]

Companies that paid the ransom to retrieve their data from the Petya ransomware attack have no way of receiving the encryption key. Although Symantec has verified the Ukrainian accounting service, MeDoc, as “patient zero” for the attack, the cybersecurity company hasn’t discovered who is behind the attack. The email account that the attack stemmed from has been shut down, so that companies that pay the ransom of $300 won’t receive the encryption key needed to return their data. […]

Another cyberattack with links to the stolen cache of National Security Agency materials is spreading across Europe on June 27, targeting banks, businesses, and a Ukraine power company. Infections have been reported in Russia, Ukraine, Spain, France, the United Kingdom, and India. […]

President Donald Trump’s executive order on cybersecurity, signed May 11, has received praise from both Congress and industry for continuing the progress of the previous administration and focusing on the issues of workforce development, IT modernization, and implementation of the NIST Cybersecurity Framework. […]

Categories