cybersecurity

The Obama administration said today that it's moving ahead with a plan for broad adoption of Internet IDs despite concerns about identity centralization, and hopes to fund pilot projects next year.

At an event hosted by the U.S. Chamber of Commerce in Washington, D.C., administration officials downplayed privacy and civil liberties concerns about their proposal, which they said would be led by the private sector and not be required for Americans who use the Internet.

There's "no reliable way to verify identity online" at the moment, Commerce Secretary Gary Locke said, citing the rising … Read more

SAN FRANCISCO-- A top Defense Department official said today that the U.S. military should "extend" a technological shield used to protect its own networks to important private sector computers as well, which could sweep in portions of the Internet and raise civil liberty concerns.

William Lynn, the deputy secretary of defense, proposed at the RSA Conference extending "the high level of protection afforded by active defenses to private networks that operate infrastructure" that's crucial to the military or the U.S. economy.

What Lynn refers to as "active defenses" were pioneered by … Read more

The Conficker worm may have been squashed, but this nasty piece of malware is still squirming around millions of computers around the world.

Those were the findings of the Conficker Working Group, a collection of antivirus vendors and several other parties that joined forces in 2009 and 2010 to try to stomp out the worm.

Releasing a "Lessons Learned" document (PDF) yesterday, the CWG claimed success in ultimately stopping Conficker from communicating with its creator, thus preventing it from updating into newer and more dangerous variants. The group seemed especially proud of the way the various organizations and … Read more

While governments need to prepare for cyberattacks involving espionage or malware, the likelihood of a sophisticated attack like Stuxnet is small, according to a study by the Organisation for Economic Co-operation and Development.

In a cyberwarfare report (PDF) released today, the OECD said that the risk of a catastrophic attack on critical national systems has been exaggerated. The majority of cyberattacks are low-level and cause inconvenience rather than serious or long-term disruption, according to a co-author of the report, professor Peter Sommer of the London School of Economics.

"There are many scare stories, which, when you test, don't … Read more

STANFORD, Calif.--President Obama is planning to hand the U.S. Commerce Department authority over a forthcoming cybersecurity effort to create an Internet ID for Americans, a White House official said here today.

It's "the absolute perfect spot in the U.S. government" to centralize efforts toward creating an "identity ecosystem" for the Internet, White House Cybersecurity Coordinator Howard Schmidt said.

That news, first reported by CNET, effectively pushes the department to the forefront of the issue, beating out other potential candidates, including the National Security Agency and the Department of Homeland Security. The move … Read more

Democratic politicians are proposing a novel approach to cybersecurity: fine technology companies $100,000 a day unless they comply with directives imposed by the U.S. Department of Homeland Security.

Legislation introduced this week would allow DHS Secretary Janet Napolitano to levy those and other civil penalties on noncompliant companies that the government deems "critical," a broad term that could sweep in Web firms, broadband providers, and even software companies and search engines.

"This bill will make our nation more secure and better positions DHS--the 'focal point for the security of cyberspace'--to fulfill its critical homeland … Read more

If you feel safer online using your PC instead of your mobile phone, you are not alone.

A majority 87 percent of people polled for a new study think their home PCs offer better defense against viruses, malware, and hackers than do their mobile phones. Released today by the National Cyber Security Alliance and Symantec, the study (PDF) also discovered that people may be overconfident in the power of their computers to protect them as less than half are using full security software.

Though only 24 percent of those polled said they feel very safe using their home computers to … Read more

If the U.S. were hit by a severe cyberattack, would you want the president to be able to control or even shut down portions of the Internet?

A majority 61 percent of Americans polled by Unisys for a new security study believes the president should have the power to control or effectively "kill" portions of the Internet if key U.S. systems (military, financial, electrical) were hit by a malicious cyberattack from a foreign government.

These findings from the latest biannual Unisys Security Index suggest that the public may support a pending cybersecurity bill that would give … Read more

Although it has touted privacy as a key concern, the White House isn't faring as well as it should in that area, at least according to a report card from a noted privacy group.

Released last week by the Electronic Privacy Information Center (EPIC), the 2010 privacy report card (PDF) gave the Obama administration a grade of C in consumer privacy, a B in medical privacy, a D in civil liberties, and a B in cybersecurity. Offered by a group of privacy experts at a Capitol Hill briefing, the 2010 report card reflects lower grades in a couple of … Read more