Collaborate Disseminate
When it comes to encryption and data we solved different problems. Since the invention of algorithms like DES, 3DESand/or AES symmetric encryption is something we understand and can solve. With RSA and Diffie-Helman key management and key exchange can … Continue reading Confidential Computing – A Silver Bullet for the Cloud?
The Office of Personnel Management continues to struggle with cybersecurity more than two years after the agency first publicly acknowledged they were breached due to poor security practices, according to a newly released Office of the Inspector General report. The report, which focuses on the state of systems during fiscal year 2017, concludes that while OPM has “made improvements in its Security Assessment and Authorization (Authorization) program,” inspectors were nonetheless able to find a “significant deficiency in OPM’s information security management structure.” This translated to a poor overall cybersecurity score, as defined by the National Institute of Standards and Technology, of two out of five for OPM. The score from the OIG is supposed to define the “maturity” level of an organization in relation to the security of information systems. This lackluster rating is due in large part to inaction by the agency regarding prior security recommendations referenced in other audits. “OPM is not […]
The post More than two years after historic breach, OPM continues to struggle with cybersecurity appeared first on Cyberscoop.
Two recent thefts of NSA documents were made possible simply because workers who handled sensitive material decided to walk out the door with some of it, serving to highlight challenges facing the U.S. intelligence community as it seeks to implement, and in some cases create, next generation insider threat programs. Former U.S. intelligence officials tell CyberScoop the rudimentary nature of these incidents makes it extremely difficult to create programs that keep material secure without negatively impacting workforce morale. “It’s impossible to totally stop from what I can see,” said a former U.S. intelligence official who spoke on condition of anonymity to discuss their experience. “There’s just way too many people walking in and out for nothing to get stolen.” Newly released court documents provide details about recent leaks of classified documents to The Intercept, a national security focused news publication known for its work with Edward Snowden. A transcript of an interview with […]
The post Recent NSA leaks show challenge of a software ‘solution’ for insider threats appeared first on Cyberscoop.
Continue reading Recent NSA leaks show challenge of a software ‘solution’ for insider threats
“Never again,” says Aaron Trujillo, chief of staff for the Democratic Congressional Campaign Committee. “That’s the message.” Roughly one year ago, the DCCC — the campaign arm for Democrats in the House of Representatives — revealed that its systems were breached by hackers. The cyberattacks, as it was later reported, were connected to a broader operation that included multiple computer intrusions into the Democratic National Committee, the party’s national organization. Closer to Election Day, it was revealed that there were links between the DCCC breach incident and the GRU, Russia’s premier military intelligence agency. Russian government officials quickly denied that the Kremlin was involved in either incident. The breach marked the beginning of a larger issue. In August 2016, less than one month after the DCCC hack had been publicly disclosed, a blog written under the moniker of “Guccifer 2.0” began publishing thousands of sensitive, internal DCCC documents. They included […]
The post How the Democrats plan to stop hackers from breaching 2018 campaigns appeared first on Cyberscoop.
Continue reading How the Democrats plan to stop hackers from breaching 2018 campaigns