Cybersecurity

Editor's note: This op-ed was co-authored by Sens. Joe Lieberman (I-Conn.), Susan Collins (R-Maine), John D. Rockefeller IV, (D-W.Va.), and Dianne Feinstein (D-Calif.). In February, these four senators jointly sponsored the Cybersecurity Act of 2012, a bill that has been in the works for more than three years.

Every day, rival nations, criminal syndicates and maybe even terrorists probe for weaknesses in our most critical computer networks, seeking to steal data, money, and identities. Even more dangerous is their potential to plant malicious code in industrial control systems that would allow them to seize control of a region'… Read more

Federal Communications Commission Chairman Julius Genachowski wants Internet service providers to work with government and security experts to adopt voluntary standards to protect consumers from cyber attacks.

On Wednesday, the chairman gave a speech in Washington, D.C., in which he discussed voluntary measures that ISPs and other technology companies could take to help protect the public from three major cyber threats: botnets, domain name fraud, and IP hijacking.

"Cyber attacks pose a critical threat to our economic future and national security," he said in his speech. "If you shut down the Internet, you'd shut down … Read more

A group of senators today introduced a bipartisan cyber security bill that includes some new regulation requirements but does not give the president emergency authorities to interfere with the Internet as a previous version did.

The Cybersecurity Act of 2012 calls for the Department of Homeland Security (DHS) to assess risks and vulnerabilities of computer systems running at critical infrastructure sites such as power companies and electricity and water utilities and to work with the operators to develop security standards that they would be required to meet.

The DHS would determine which companies fit the definition of critical infrastructure as … Read more

President Obama plans to increase U.S. funding by 5 percent next year for research and development of a broad swath of technologies, according to his proposed fiscal 2013 budget, which was released today.

The president's budget (see below) has earmarked $140.8 billion for overall R&D, specifically focusing on those areas that will "directly contribute to the creation of transformational technologies that can create the businesses and jobs of the future."

To further research of clean energy, smart infrastructure, wireless communications, and cybersecurity, Obama plans to divide $13.1 billion among the National Science … Read more

Move over, Cameron Diaz, there's a new leader in the race to be the "world's most dangerous celebrity."

Former Victoria's Secret model and current host of "Project Runway," Heidi Klum is the Internet's "most dangerous celebrity," security firm McAfee announced today. According to McAfee, when people type Klum-related queries into a search engine, nearly 10 percent of the results are "malicious."

"Fans searching for 'Heidi Klum and downloads,' 'Heidi Klum and 'free' downloads,' 'Heidi Klum and screensavers,' 'Heidi Klum and hot pictures' and 'Heidi Klum and videos' … Read more

A new flavor of Android malware is disguising itself as a Google+ app in an attempt to capture instant messages, GPS, location, call logs, and other sensitive data.

Uncovered by the team at Trend Micro, the new malware known as ANDROIDOS_NICKISPY.C can also automatically answer and record phone calls. To capture data, the app loads at boot-up and runs certain services that can monitor messages, phone calls, and the user's location, thereby stealing e-mail and other content.

Detailing its findings in a blog Friday, Trend Micro said it discovered that the malicious app tries to trick people by installing itself under the name Google++.

But instead of providing access to Google's new social network, the app sends its stolen user data to a remote site where presumably cybercriminals can grab it. Unlike some malware in the past that masqueraded as legitimate apps through Google's Android Market, this particular one must be downloaded by an unsuspecting user from a malicious Web site and then manually installed.

And even if installed, the app can be uninstalled from an Android device by selecting Settings > Application > Manage applications, choosing Google++ and then clicking Uninstall, according to Trend Micro.

Trend Micro gives the app a low-risk rating, but it's still something that Android owners should be sure to avoid.

Android users concerned about security can learn how to better protect themselves through Trend Micro's online guide "5 Simple Steps to Secure Your Android-Based Smartphones."… Read more

The Pentagon today elaborated on its plans to defend privately-owned Internet servers owned by banks, transportation and utility companies, and other key firms from electronic attacks, a proposal that has raised privacy concerns in the past.

"Our assessment is that cyberattacks will be a significant component of any future conflict, whether it involves major nations, rogue states, or terrorist groups," William Lynn, the deputy secretary of defense, said during a speech at the National Defense University in Washington, D.C.

To illustrate the sophistication of such attacks, Lynn said a foreign government was behind a cyberattack in March … Read more

Software made by a Chinese company and used around the world by chemical, defense, and energy companies contains security holes that attackers could exploit to hack into critical systems.

In an advisory issued yesterday (PDF), the Department of Homeland Defense warned of two vulnerabilities in software made by Beijing-based Sunway ForceControl (Google Translate English version). The Chinese company makes SCADA (supervisory control and data acquisition) software, which is used in computer systems that control and monitor manufacturing plants and equipment used by different industries.

Discovered by security researcher Dillon Beresford of NSS Labs, the security holes could allow cybercriminals to … Read more

Google grabbed the news spotlight this week as it hosted its annual I/O developer conference in San Francisco, but nothing shone as bright as its Chrome browser and the Chrome-based laptop the company introduced.

The Chromebook, touted as an always-on and always-connected computing experience, will be offered by Samsung and Acer starting June 15. The Samsung Chromebook will go for $429 in the U.S. for the Wi-Fi only version and $499 for the 3G version. Acer's Wi-Fi only Chromebook will cost $349.

The devices will be sold in the U.S. by Amazon.com and Best Buy. … Read more