Cybersecurity News

The Wall Street Journal this morning outlined a recent report released by the Department of Energy to warn that the US power grid is vulnerable to cyber attacks.

Conducted by the DOE’s Idaho National Lab, the report “reinforces concerns that intelligence officials have raised in recent years about growing surveillance of the electric grid by Chinese and Russian cyber-spies,” WSJ noted.

But the announcement comes as old news to most in the cyber world, including former US-CERT director Mischel Kwon, who acknowledged, “We have so many known vulnerabilities that have not been patched.”  Kwon, now a vice president for RSA, went on to include, “The report offers common sense and best-practice recommendations that have been available for years.”

In other old news making headlines today: “There still is a long way to go before Congress sends Barack Obama legislation he can sign.”  That’s according to an article in The Economist which takes a closer look at current cybersecurity issues, legislation and delays on Capitol Hill.

Citing the Google-China incident earlier this year, as well as issues involving public-private partnerships, The Economist declared, “It’s telling that the relatively small number of lawmakers briefed on the classified aspects of cybersecurity come away feeling quite spooked.”

The cyber solution?  “Learning to share,” suggested Tim Starks in a CQ Weekly cover story.

According to Starks, “How to handle the role of the private sector is one of the hardest problems to solve in the cybersecurity realm, and it falls squarely in Congress’ lap. It’s a sprawling topic that includes international, educational and technological dimensions. And it includes everything from major Internet switch points and wireless networks to the computers connected to them, whether at a bank or a power plant.”

Noting the “P3” idea (i.e. public-private partnership), Starks goes on to point out, “Some voluntary collaboration is already happening. Over time, some of the big software companies have recognized that they can save money by collaborating earlier with the government, rather than worrying about security after the product is out.”

Additional cybersecurity news follows:

US needs to improve global security approach, says GAO (Federal Computer Week)

The 19 most influential cybersecurity organizations in the world (Network World)

Cybercrooks use Web apps to infiltrate smartphones (USA Today)

Cybersecurity is evolving, increasingly important (Signal Magazine)

Cyberwar? It’s a phoney war, says IT expert (The New Zealand Herald)

FAA’s Air Traffic Organization considers much with cloud pilots (Federal News Radio)

Army moves closer to private cloud with release of RFP (Defense Systems)

Seven myths about zero day vulnerabilities debunked (ZDNet)

Two-thirds of people in favor of cyber-spying (Computer Active UK)

Next wave of security attacks to target governments (PC Pro UK)