Group items tagged

Should responsibility for defending against cyberattacks be moved from the Dept. of Homeland Security to the military? Air Force Gen. Kevin Chilton suggested as much at a Congressional hearing where he warned of U.S. vulnerability to cyberwarfar "across the spectrum." Such attacks "potentially threaten not only our military networks, but also our critical national networks," Chilton told a House Armed Services subcommittee, the Washington Post reported. As head of Strategic Command, the general isn't responsibel for defending civilian networks, just government computers. [Stratcom's responsibility is] "to operate and defend the military networks only and be prepared to attack in cyberspace when directed. I think the broader question is, who should best do this for the other parts of America, where we worry about defending power grids, our financial institutions, our telecommunications, our transportation networks, the networks that support them." Well, that's where the 60-day interagency overview of cybersecurity comes in. At the end of that, Chilton said, responsibility for protecting private sector networks may well fit under Stratcom's duties. So what impact in having the military at the center of cybersecurity? Importantly, it brings offensive ops into the defense game. And where the military is involved, can NSA be far behind? No. Operational control over both [offensive and defensive ops], Chilton said, has been delegated to Lt. Gen. Keith B. Alexander, the head of the National Security Agency. … NSA, according to Chilton, already has a role in information security, and the agency's support "has been instrumental in our efforts to operate and particularly to defend our networks," he said. Combining oversight of cyber defense and offense made sense, Chilton said, "because they're so interconnected. . . . As you consider offensive operations, you want to make sure your defense are up."

Rarely is the response to a new government initiative a unanimous round of "thumbs up," but so far that seems to be the case regarding yesterday's (April 9) announcement that The Defense Department and the Department of Veterans Affairs will collaborate on building an electronic database of administrative and medical information for U.S. servicemen and women. Since developing a broad electronic health records (EHRs) initiative is a prominent feature of the Obama Administration's economic stimulus plan, it makes sense to start (or at least focus) on a defined segment of the population -- current and past military personnel. But, apart from the specific technology, architecture and technical administration aspects of this program, there will be other challenges in pursuing the goal of EHRs for the military -- challenges that insurance technology executives know only too well. These include collaboration among different and sometimes competing interests (in this case, the Department of Defense (DOD) and the Department of Veterans Affairs (VA), which historically have not worked together as closely as one might imagine); and concerns about privacy and security. In fact, the ways in which the military EHRs initiative addresses the privacy issue could provide some interesting best practices (or actions to avoid) for private-sector players. "Currently, there is no comprehensive system in place that allows for a streamlined transition of health records between DOD and the VA," President Barack Obama said at yesterday's announcement, "and that results in extraordinary hardship for an awful lot of veterans who end up finding their records lost, unable to get their benefits processed in a timely fashion. And that's why I'm asking both departments to work together to define and build a seamless system of integration with a simple goal: When a member of the Armed Forces separates from the military, he or she will no longer have to walk paperwork from a DOD

www.killdo.de.gg Most quality online stores. Know whether you are a trusted online retailer in the world. Whatever we can buy very good quality. and do not hesitate. Everything is very high quality. Including clothes, accessories, bags, cups. Highly recommended. This is one of the trusted online store in the world. View now www.retrostyler.com

Reports on Tuesday of a New Zealand man who purchased a secondhand MP3 player containing the personal information of U.S. soldiers highlighted the federal government's continuing inability to protect private information on unauthorized, third-party storage devices. New Zealander Chris Ogle bought a used MP3 player in Oklahoma about a year ago, according to New Zealand's public television station, ONE News. A few weeks ago, when he plugged the player into his computer to download a song, Ogle found 60 military files stored on the device, which included names, addresses, and phone and Social Security numbers of U.S. soldiers. The files also contained what appears to be a mission briefing and lists of equipment deployed to Iraq and Afghanistan. Most of the files are dated 2005. ONE News reported that some of the phone numbers on the player are still active. "The more I look at it, the more I see and the less I think I should be," Ogle told ONE News. Ogle offered to return the MP3 player to U.S. officials if requested. Privacy experts say the breach is just the latest example of the federal government's inability to manage the security risk posed by removable storage devices. In November the Defense Department banned the use of removable storage devices after reports that hardware that can be inserted into a USB drive could infect the computer with viruses and worms. A Pentagon spokesman said the military is aware of the latest report form New Zealand, but does not know of any action the department has taken. Michael Maloof, chief technology officer for the information security firm TriGeo Network Security in Post Falls, Idaho, said individuals do not view devices like MP3 players as computers that can store large amounts of private data. "Myself and security experts have been saying for some time that phones and MP3 players are really mass storage devices," he said. The military should "ban all mass storage devices. It may make some people unhappy, but you see the

A New Zealand man has found confidential United States military files on an MP3 player he bought at an op shop in the US. Chris Ogle, 29, from Whangarei, bought the player from an Oklahoma thrift shop for $NZ18 ($A14.50), and found the files when he hooked it up to his computer, TV One News reported on Monday night. The 60 files on the player contained the names and personal details of American soldiers, including ones who served in Afghanistan and Iraq. There was also information about equipment deployed to bases and a mission briefing. "The more I look at it, the more I see and the less I think I should be," Ogle said. Victoria University strategic studies director Peter Cozens said one of the first rules of military endeavour was to not give the opposition information that could compromise your position. "This is just slack administrative procedures which are indeed a cause of embarrassment. It's the sort of thing which ought not really be in the public domain, he said. Ogle said the player never worked as a music player and he would hand it over to the US Defence Department if asked.

A third (34 per cent) of discarded hard disk drives still contain confidential data, according to a new study which unearthed copies of hospital records and sensitive military information on eBayed kit. The study, sponsored by BT and Sims Lifecycle Services and run by the computer science labs at University of Glamorgan in Wales, Edith Cowan University in Australia and Longwood University in the US, also found network data and security logs from the German Embassy in Paris on one purchased drive. Researchers bought 300 drives from eBay, other auction sites, second-hand stalls and car boot sales. A disk bought on eBay contained details of test launch routines for the THAAD (Terminal High Altitude Area Defence) ground to air missile defence system. The same disk also held information belonging to the system's manufacturer, Lockheed Martin, including blueprints of facilities and personal data on workers, including social security numbers. Lockheed Martin denies that the disk came from it. The arm manufacturer has launched an investigation that aims to uncover just how the sensitive data might have been wound up on the disk. Two discs bought in the UK apparently came from Lanarkshire NHS Trust, including patient medical records, images of X-rays and staff letters. Lanarkshire NHS Trust runs the Monklands and Hairmyres hospitals. In Australia, the exercise turned up a disk from a nursing home that contained pictures of actual patients and their wound photos, along with patient details. A hard disk from a US bank contained account numbers and details of plans for a $50bn currency exchange through Spain. Details of business transactions between the bank and organisations in Venezuela, Tunisia and Nigeria were also included. Correspondence between a member of the Federal Reserve Board and the unnamed banks revealed that one of the deals was already under scrutiny by the European Central Bank, and that federal investigators were also taking an interest. Yet anothe

An explosion in threats against the nation's cybernetworks has led the Pentagon to develop a cyberwar strategy and prompted states to open cybersecurity offices.

The Army says it's investigating allegations that eight male soldiers took pictures and video of as many as 21 female soldiers in their unit showering at Fort Dix. The photos were allegedly taken last fall, before the 266th Military Police Company of the Virginia Army National Guard shipped out to Iraq in December. Lt. Col. Christopher Garver said Friday the Army is conducting a criminal investigation and that no charges have been filed. Fort Dix spokeswoman Carolee Nisbet says the allegations are disappointing. She said most soldiers who train at the New Jersey installation before being deployed "live up to the Army values." The 266th is now serving in Basra. A spokesman for the Virginia Army National Guard did not immediately return a phone call seeking comment.

"The inspector general of the National Archives and Records Administration is investigating a potential data breach affecting tens of millions of records about U.S. military veterans, Wired.com has learned. The issue involves a defective hard drive the agency sent back to its vendor for repair and recycling without first destroying the data. The hard drive helped power eVetRecs, the system veterans use to request copies of their health records and discharge papers. When the drive failed in November of last year, the agency returned the drive to GMRI, the contractor that sold it to them, for repair. GMRI determined it couldn't be fixed, and ultimately passed it to another firm to be recycled. The incident was reported to NARA's inspector general by Hank Bellomy, a NARA IT manager, who charges that the move put 70 million veterans at risk of identity theft, and that NARA's practice of returning hard drives unsanitized was symptomatic of an irresponsible security mindset unbecoming to America's record-keeping agency."

Obama administration cybersecurity advisor Melissa Hathaway, in her much anticipated speech before the RSA Conference on Wednesday, suggested that the findings of a study she submitted Friday to President Obama calls for cybersecurity policy to be run from the White House. "The White House must lead the way forward with leadership that draws upon the strength, advice and ideas of the entire nation," said Hathaway, acting senior director for cyberspace for the National Security and Homeland Security Councils. Scant on details, Hathaway in her 2,400-word speech did not explain how federal cybersecurity should be governed, even if it's based in the White House. Two months ago, President Obama charged Hathaway to head up a team to review current cybersecurity policies and processes. "It can be said that the federal government is not organized appropriately to address this growing problem because responsibilities for cyberspace are distributed across a wide array of federal departments and agencies, many with overlapping authorities and none with sufficient decision authority to direct actions that can address the problem completely," Hathaway said. "We need an agreed way forward based on common understanding and acceptance of the problem." Hathaway said the team she assembled addressed all missions and activities associated with the information and communications infrastructure, including the missions of computer network defense, law enforcement investigations, military and intelligence activities and the intersection of information assurance, counter intelligence, counter terrorism, telecommunications policies and general critical infrastructure protection. Task force members held more than 40 meetings with different stakeholder groups during the 60 days and received and read more than 100 papers that provided specific recommendations and goals, she said. "We identified over 250 needs, tasks, and recommendations," Hathaway said. "We also solicited input from gov

IT directors are adding multiple layers of protection to their networks and constantly upgrade those measures to adjust for new threats. Is this good? Is the Internet too broken to fix? Is there a better path to enterprise network security? One option is a new "gated community" Internet, where users give up their freedoms and anonymity for safety. My initiation to the Internet and the World Wide Web occurred in 1994 in a large meeting room at an Atlanta hotel. Most of the 100 or so seats were empty. Those in attendance seemed fairly rabid about this new network and took exception to one speaker's prediction that the Web would become a major marketing vehicle. "Not gonna happen," said one attendee. "We'll spam them into submission if they try. We won't let this become commercialized." I kind of chuckled to myself. Those early adopters were mainly concerned with protecting the Internet from commercialization and marketing. Security was not even part of the discussion. Now, it is threatening to dismantle the Internet as a communication and commerce tool. Cyber attacks on U.S. government computer networks increased a reported 40 percent in 2008, according to data from the U.S. Computer Emergency Readiness Team. More than 100 million credit card accounts at Heartland Payment Systems were compromised last year. In November, the Pentagon suffered from a cyber attack in the form of a global virus or worm that spread rapidly throughout a number of military networks, and caused the agency to ban the use of external storage devices, such as flash drives and DVDs. And this is just the tip of the Internet security Relevant Products/Services iceberg. Enterprise networks are being used to launch phishing Relevant Products/Services and other Internet scams, such as the Conficker worm that infected 12 million computers late last year. IT directors everywhere are adding multiple layers of protection to their networks and constantly having to upgrade those measures to adjust fo

Playboy.com journalist Mike Guy underwent waterboarding by a trained member of the U.S. military in the site's new Lab Rat feature. Guy bet that he could endure 15 seconds of the interrogation technique used by the Bush administration on al Qaeda chief Khalid Sheikh Mohammed and Abu Zubaydah. Watch the results

The rap on the iPhone and iPod touch is that it's chiefly an entertainment device. (After all the software keyboard is damn irritating.) But the Army doesn't think so. Newsweek reports that the military is very high on the touch, since it's priced at about a third the price of an iPhone. Since it's a app platform, the Army can update soldiers' capabilities with the touch of a button and touch lets soldiers network their intelligence. Next Wave Systems in Indiana, is expected to release iPhone software that would enable a soldier to snap a picture of a street sign and, in a few moments, receive intelligence uploaded by other soldiers (the information would be linked by the words on the street sign). This could include information about local water quality or the name and photograph of a local insurgent sympathizer. The U.S. Marine Corps is funding an application for Apple devices that would allow soldiers to upload photographs of detained suspects, along with written reports, into a biometric database. The software could match faces, making it easier to track suspects after they're released.

Like this http://www.hdfilmsaati.net Film,dvd,download,free download,product... ppc,adword,adsense,amazon,clickbank,osell,bookmark,dofollow,edu,gov,ads,linkwell,traffic,scor,serp,goggle,bing,yahoo.ads,ads network,ads goggle,bing,quality links,link best,ptr,cpa,bpa. www.killdo.de.gg

Data breaches are running at record levels, according to the San Diego-based Identity Theft Resource Center, a non-profit that tracks cybercrime. ITRC says it recorded 342 data breaches from Jan. 1 through June 24, up 69% from the same period in 2007. But, like the origins and perpetrators of so many individual data breaches, mystery also lies behind the aggregated numbers. "I'm not sure that this says breaches are increasing," ITRC founder Linda Foley tells Digital Transactions News. "What we know is the reporting of breaches is increasing." A handful of states now require some disclosure of data breaches to authorities, Alaska being the most recent. And some companies that have been hacked are starting to report breaches voluntarily, Foley says. While data breaches can compromise all manner of personal and business records, they often involve credit and debit card data and bank-account information. ITRC lists five major categories of breached entities, with the so-called banking/credit/financial sector accounting for 10% of 2008's breaches. Businesses, which include physical and Internet retailers, insurance companies and other private enterprises, accounted for 36.8%. Schools accounted for 21.3%; government and military facilities, 17%; and health-care facilities, 14.9%. IRTC also categorizes breaches by how they happened, such as through hackings-break-ins into computers and related systems, insider thefts, data lost in physical transit, and by other methods. The number of 2008 hackings through late June in the banking/credit/financial category was 10-double the five for all of 2007. The estimated number of records compromised as a result was 227,864. In 2007, the reported number of compromised records at financial institutions through hackings was 83,500. But Foley says not to put too much stock in the records numbers because so many breached organizations don't know or fail to report the number of compromised records when they report a bre

Cyber espionage, attacks, breaches, viruses - they are all among the concerns President Barack Obama cited Friday when he announced he will create a new White House office of cyber security, with that cyber czar reporting to the National Security Council as well as to the National Economic Council. The nation's vulnerability to cyber attacks has long been a concern. The Center for Strategic and International Studies said in a December report that the U.S. Defense Department alone has said its computers are probed hundreds of thousands of times each day. These publicly known cases of hacks, thefts and viruses at government, military, utilities and educational sites are just some examples

There's a great deal of classified information in federal government databases that never should become public. Some of this information, involving the military or the intelligence world, must be made available to contractors by necessity, and that data should be closely guarded and kept confidential. But an alarming new article that we report on this week illustrates this is not always the case, and that information can inadvertently seep out from a classified venue and make it into the public's hands. It turns out that secret information about a U.S. missile defense system was found on the hard drive of a computer discarded by a major contractor, and sold on eBay. The discarded computer, reported the Guardian newspaper in Great Britain, contained documents from defense contractor Lockheed Martin that included detailed test launch procedures, photos and personal data of employees. The hard drive was turned over to the FBI, but one has to wonder how this could have happened and why sufficient controls were not put in place. Apparently, this is not an isolated incident.

The Air Force is seeking an entrepreneurial innovator to develop technology to analyze the conduct of insiders to determine if they pose a threat to government IT systems. In a call for proposals aimed at small businesses, posted on Tuesday, the Air Force is asking outside developers to "define, develop and demonstrate innovative approaches for determining 'good' (approved) versus 'bad' (disallowed/subversive) activities, including insiders and/or malware." For their initial efforts, the Air Force will pay up to $100,000. The proposal says current techniques that monitor illicit activities only address the most blatant violations of policy or the grossest deviations from accepted behavior. Most systems concentrate their resources on repelling attacks at the network borders with little attention devoted to threats that evade detection and/or emanate from within. The proposal states: "As such, there currently exists a great need across the federal, military and private sectors for a viable and robust means to provide near-real-time detection, correlation and attribution of network attacks, by content or pattern, without use of reactive previously-seen signatures. Many times, these trusted entities have detailed knowledge about the currently-installed host and network security systems, and can easily plan their activities to subvert these systems."

It's not exactly what anyone might expect to find at a garbage dump in Ghana. Journalism students from the University of British Columbia discovered intact hard drives containing secret international security data and personal information at a digital dumping ground in Ghana, said their teacher, Peter Klein. Mr. Klein, a producer for the PBS television program Frontline and an Emmy Award winning journalist, said the drives included information about U.S. Homeland Security and Pentagon defence contracts as well as social security numbers, credit card numbers, and family photos. The dumps are frequented by criminal gangs in the country, he said. The findings are part of a project by Mr. Klein's graduate students investigating electronic waste, or e-waste. The team also travelled to Guiyu, China, and India, piecing together the afterlife of discarded computers, drives and parts. To find out if cyber criminals could get information stored on the computers, the students bought several hard drives from vendors near the Ghana dumps to test at home in Vancouver. One of the drives came from Northrop Grumman, a large U.S. military contractor. It contained "details about sensitive, multimillion-dollar U.S. government contracts" as well as contracts with the defence intelligence agency and NASA, according to a synopsis of the project on the PBS website.

Yet another breach of sensitive, unencrypted data is making news in the United Kingdom. This time the breach puts Royal Air Force staff at serious risk of being targeted for blackmail by foreign intelligence services or others. The breach involves audio recordings with high-ranking air force officers who were being interviewed in-depth for a security clearance. In the interviews, the officers disclosed information about extra-marital affairs, drug abuse, visits to prostitutes, medical conditions, criminal convictions and debt histories - information the military needed to determine their security risk. The recordings were stored on three unencrypted hard drives that disappeared last year. The interviews were conducted to ensure that the officers "can be trusted with sensitive government information and property," the Ministry of Defense said. But the interviews have now become a huge security risk for the officers and the Ministry of Defence, which has proven itself to be untrustworthy when it comes to guarding sensitive information and property.

This post is one in a series on Privacy & Security, and covers some of the intersections of these domains for those who are not practitioners with in-depth understanding of the associated disciplines.
History Points to Privacy's Future
Today's post explores the history of privacy a bit mor

With so many workers being axed, the threat to sensitive customer, corporate, military information should be examined. Once workers leave with sensitive information, good luck controlling exposure. Cross International borders and the issue potentially expands into an national "incident" with dire consequences for corporate reputation. Protectionism vs Patriotism. Issues raised in the Great Depression revisited with more impact due to expansion of the economy to global status.

Microsoft Corp.'s plan to eliminate U.S. workers after lobbying for more foreigner visas is stirring resentment among lawmakers and employees. As many as 5,000 employees are being shown the door at Microsoft, which uses more H1-B guest-worker visas than any other U.S. company. Some employees and politicians say Microsoft should get rid of foreigners first. "If they lay people off, are they going to think of America first or are they going to think of the world first?" Chuck Grassley, a Republican Senator from Iowa, said in an interview. He sent a letter to Microsoft Chief Executive Officer Steve Ballmer the day after Microsoft announced the job cuts last month, demanding Ballmer fire visa holders first. Across the technology industry, some of the biggest users of H1-B visas are cutting jobs, including Intel Corp., International Business Machines Corp. and Hewlett-Packard Co. The firings at Microsoft, the world's largest software maker, came less than a year after Chairman Bill Gates lobbied Congress for an expansion of the visa program. Even before Microsoft announced the cuts, its first-ever companywide layoffs, comments on a blog run by an anonymous Microsoft worker angrily debated getting rid of guest workers first. The author of the Mini-Microsoft blog eventually had to censor and then completely block all arguments about visas, after the conversation "got downright nasty."