National Cybersecurity
Rockwell, M. (2012, January 17). DHS cyber security operations see leadership changes. Government Security News. Retrieved from http://www.gsnmagazine.com/node/25449
The Department of Homeland Security’s cyber security organization saw
the retirement of one of its leaders on Jan. 13, but also the
appointment of a new director on the same day. In a blog post,
DHS Deputy Secretary Jane Holl Lute thanked Rear Admiral Mike Brown for
his service as the deputy assistant secretary for cyber security and
communications. In a following post, Deputy Under Secretary for
Cybersecurity Mark Weatherford said John Streufert was appointed as the
new director of the cybersecurity and communications (CS&C)’s
national cybersecurity division.
Strohm, C., & Lerman, D. (2011, January 15). Pentagon interest in cybersecurity may ease contractors' pain from cuts. Washington Post. Retrieved from http://www.washingtonpost.com/business/economy/pentagon-interest-in-cybersecurity-may-ease-contractors-pain-from-cuts/2012/01/12/gIQAFbPe1P_story.html
Plans by the Pentagon to invest more in cybersecurity and
space-based capabilities may ease the blow for defense contractors such
as Northrop Grumman and Lockheed Martin that are facing cuts in other
programs. The Defense Department intends to beef up spending on computer
network protections and satellite intelligence systems while targeting
troops for cuts under a global strategy released last week. Funding
levels, which were not specified, will be detailed in next month’s
federal budget proposal.
Global Cybersecurity
& broadly applicable items
& broadly applicable items
Bahadur, G., Inasi, J., & Carvalho, A. (2012). Securing the clicks: Network security in the age of social media. New York, NY: McGraw-Hill / Osbourne. [E-book available via the Books 24x7 database.]
Explaining the latest threats along with
detailed fixes, best practices, and "from the headlines" case studies,
this comprehensive guide will show you how to analyze risk, implement
robust security protocols, and enforce social media usage policies.
Garber, L. (2012, January). The challenges of securing the virtualized environment. Computer, 45(1), 17-20. doi:10.1109/MC.2012.27 [Full text available in the IEEE Computer Science Digital Library database.]
As virtualization has become more popular, concern over the technology's
security has grown. Traditional security techniques often don't work
well with virtualization, so vendors are trying different approaches.
Johnson, C. (2012). CyberSafety: Cybersecurity and safety-critical software engineering. Paper to be presented at the 20th Safety-Critical Systems Symposium, Bristol, England. Retrieved from http://goo.gl/pra1x
A range of common software components are gradually being integrated
into the infrastructures that support safety critical
systems. These include network management tools, operating
systems especially Linux, Voice Over IP (VOIP) communications
technologies,
and satellite based augmentation systems for
navigation/timing data etc. The increasing use of these common
components creates
concerns that bugs might affect multiple systems across many
different safety related industries. It also raises significant
security concerns. Malware has been detected in power
distribution, healthcare, military and transportation infrastructures.
Most previous attacks do not seem to have deliberately
targeted critical applications. However, there is no room for
complacency
in the face of increasing vulnerability to cyber attacks on
safety-related systems. This paper illustrates the threat to air
traffic management infrastructures and goes on to present a
roadmap to increase our resilience to future CyberSafety attacks.
Some components of this proposal are familiar concepts from
Security Management Systems (SecMS), including a focus on incident
reporting and the need for improved risk assessment tools.
Other components of the roadmap focus on structural and organizational
problems that have limited the effectiveness of existing
SecMS; in particular there is a need to raise awareness amongst
regulators
and senior management who often lack the technical and
engineering background to understand the nature of the threats to
safety-critical
software.
Mobile devices in the workplace cause more security breaches, say firms. (2012, January 20). Infosecurity. Retrieved from http://www.infosecurity-magazine.com/view/23350/mobile-devices-in-the-workplace-cause-more-security-breaches-say-firms/
Close to three-quarters of businesses believe mobile devices
have caused an increase in security incidents, according to a survey
sponsored by IT security firm Check Point Software Technologies.
The 750 IT and security professionals surveyed
by Dimensional Research on behalf of Check Point cited significant
security concerns about the loss of sensitive information stored on
employee mobile devices, including corporate email (79%), customer data
(47%) and network login credentials (38%).
Ning, H., & Liu, H. (2012). Cyber-physical-social based security architecture for future internet of things. Advances in Internet of Things, 2, 1-7. doi:10.4236/ait.2012.21001 [Full text.]
As the Internet of Things (IoT) is emerging as an attractive paradigm, a
typical IoT architecture that U2IoT (Unit IoT and Ubiquitous IoT) model
has been presented for the future IoT. Based on the U2IoT model, this
paper proposes a cyber-physical-social based security architecture (IPM)
to deal with Information, Physical, and Management security
perspectives, and presents how the architectural abstractions support
U2IoT model. In particular, 1) an information security model is
established to describe the mapping relations among U2IoT, security
layer, and security requirement, in which social layer and additional
intelligence and compatibility properties are infused into IPM; 2)
physical security referring to the external context and inherent
infrastructure are inspired by artificial immune algorithms; 3)
recommended security strategies are suggested for social management
control. The proposed IPM combining the cyber world, physical world and
human social provides constructive proposal towards the future IoT
security and privacy protection.
Pingree, L., & McDonald, N. (2012, January 18). Best practices for mitigating advanced persistent threats. [Full text available in the Gartner database.]
Many
security practitioners see the term "advanced persistent threat" (APT)
as primarily a marketing term and do not acknowledge that there are
advanced threats that have bypassed their traditional security
protection techniques and reside undetected on their systems.
Organizations face an evolving threat scenario that they are
ill-prepared to deal with. They must respond to these threats with the
proper techniques and technologies. This research will enable security
practitioners to understand the new threats they face and the
best-practice steps they must take in order to reduce the risk of
compromise against the advanced adversaries taking direct aim at their
organizations.
Sridhar, S., Govindarasu, M., & Liu, C. (2012). Risk analysis of coordinated cyber attacks on power grid. Power Electronics and Power Systems, 3(3), 275-294. doi:10.1007/978-1-4614-1605-0_14 [Full text can be requested via UMUC DocumentExpress.]
The supervisory control and data acquisition (SCADA) network provides
adversaries with an opportunity to perform coordinated
cyber attacks on power system equipment as it presents an
increased attack surface. Coordinated attacks, when smartly structured,
can not only have severe physical impacts, but can also
potentially nullify the effect of system redundancy and other defense
mechanisms. This chapter proposes a vulnerability assessment
framework to quantify risk due to intelligent coordinated attacks,
where risk is defined as the product of probability of
successful cyber intrusion and resulting power system impact. The cyber
network is modeled using Stochastic Petri Nets and the
steady-state probability of successful intrusion into a substation
is obtained using this. The model employs a SCADA network
with firewalls and password protection schemes. The impact on the
power system is estimated by load unserved after a
successful attack. The New England 39-bus system is used as a test model
to run Optimal Power Flow (OPF) simulations to determine
load unserved. We conduct experiments creating coordinated attacks
from our attack template on the test system and evaluate the
risk for every case. Our attack cases include combinations of
generation units and transmission lines that form
coordinated attack pairs. Our integrated risk evaluation studies provide
a methodology to assess risk from different cyber network
configurations and substation capabilities. Our studies identify
scenarios, where generation capacity, cyber vulnerability,
and the topology of the grid together could be used by attackers
to cause significant power system impact.
Zetter, K. (2012, January 19). Hoping to teach a lesson, researchers release exploits for critical infrastructure software. Wired. Retrieved from http://www.wired.com/threatlevel/2012/01/scada-exploits/#more-36404
A group of researchers has discovered serious security holes in six
top industrial control systems used in critical infrastructure and
manufacturing facilities and, thanks to exploit modules they released on
Thursday, have also made it easy for hackers to attack the systems
before they’re patched or taken offline.
The vulnerabilities were found in widely used programmable logic
controllers (PLCs) made by General Electric, Rockwell Automation,
Schneider Modicon, Koyo Electronics and Schweitzer Engineering Laboratories.