Federal agencies may drop use of Kaspersky Lab software amid Russia spy fears

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someonePrint this page

The U.S. gov­ern­ment moved to ban the use of a Russ­ian brand of secu­ri­ty soft­ware by fed­er­al agen­cies amid con­cerns the com­pa­ny has ties to state-spon­sored cyber espi­onage activ­i­ties. Act­ing Home­land Secu­ri­ty Sec­re­tary Elaine Duke ordered that fed­er­al civil­ian agen­cies iden­ti­fy Kasper­sky Lab soft­ware on their net­works. After 90 days, unless oth­er­wise direct­ed, they must remove the soft­ware, on the grounds that the com­pa­ny has con­nec­tions to the Russ­ian gov­ern­ment, and its soft­ware pos­es a secu­ri­ty risk. The Depart­ment of Home­land Secu­ri­ty “is con­cerned about the ties between cer­tain Kasper­sky offi­cials and Russ­ian intel­li­gence and oth­er gov­ern­ment agen­cies, and require­ments under Russ­ian law that allow Russ­ian intel­li­gence agen­cies to request or com­pel assis­tance from Kasper­sky and to inter­cept com­mu­ni­ca­tions tran­sit­ing Russ­ian net­works,” the depart­ment said in a state­ment. “The risk that the Russ­ian gov­ern­ment, whether act­ing on its own or in col­lab­o­ra­tion with Kasper­sky, could cap­i­tal­ize on access pro­vid­ed by Kasper­sky prod­ucts to com­pro­mise fed­er­al infor­ma­tion and infor­ma­tion sys­tems direct­ly impli­cates U.S. nation­al secu­ri­ty.” Source: The Wash­ing­ton Post

Lawsuits against Equifax start to pile up after massive data breach

Equifax is fac­ing near­ly two dozen class-action law­suits, along with a sep­a­rate suit from Mass­a­chu­setts, over the data breach that com­pro­mised the per­son­al information—names, address­es, birth dates and Social Secu­ri­ty numbers—of more than 143 mil­lion peo­ple. Sen­si­tive data from about half of the U.S. pop­u­la­tion has been avail­able to hack­ers for weeks. Check your sta­tus on Equifax’s web­site: Equifaxsecurity2017.com. Source: PBS

One line in lengthy bill may allow law enforcement to pursue WikiLeaks

A Sen­ate pan­el may be try­ing to give fed­er­al law enforce­ment a new tool to go after the anti-secre­cy group Wik­iLeaks and its U.S. col­lab­o­ra­tors. A one-sen­tence “Sense of Con­gress” clause tacked onto the end of an 11,700-word bill approved by the Sen­ate Intel­li­gence Com­mit­tee is like­ly to come before the full Sen­ate this month. The clause says that Wik­iLeaks “resem­bles a non-state hos­tile intel­li­gence ser­vice” and that the U.S. gov­ern­ment “should treat it as such.” Source: The Sacra­men­to Bee

Latest iPhone would use facial recognition, but Apple says privacy preserved

The recent­ly announced iPhone X has an advanced array of cam­eras for facial recog­ni­tion, which allows the phone to become unlocked just by look­ing at it. The cam­eras can learn a user’s face and note grad­ual changes. Apple promised that it would not col­lect the data on faces, and the infor­ma­tion would only be kept on the smart­phone, not sent to Apple servers. Source: The Wash­ing­ton Post

Exploits would allow hackers into phones, computers

Secu­ri­ty com­pa­ny Armis found eight exploits, col­lec­tive­ly called Blue­Borne, which can allow an attack­er access to a phone with­out touch­ing it. The attack can allow access to com­put­ers and phones, as well as oth­er dig­i­tal devices. The vec­tor allows hack­ers to iden­ti­fy a device, con­nect to it via Blue­tooth, and con­trol the screen and apps. Source: Tech Crunch

National Intelligence leader warns of consequences of attacks on grid

Sev­er­al nations around the globe are capa­ble of launch­ing cat­a­stroph­ic cyber attacks but have refrained from doing so because it would be per­ceived as an act of war, a vet­er­an secu­ri­ty expert said. “We have not experienced—yet—a cat­a­stroph­ic attack. But I think every­one … is aware of the ever-grow­ing threat to our nation­al secu­ri­ty,” said Dan Coats, direc­tor of Nation­al Intel­li­gence, adding that attacks on elec­tri­cal grids and oth­er util­i­ties are a ris­ing con­cern. Source: South Chi­na Morn­ing Post

IT professionals feel they don’t get no respect, survey shows

A study shows that com­pa­nies are fail­ing to give IT professionals—the peo­ple imple­ment­ing and oper­at­ing secu­ri­ty strate­gies for most organizations—the train­ing and respon­si­bil­i­ty they need to take on a more proac­tive cyber­se­cu­ri­ty role. The study, from secu­ri­ty train­ing com­pa­ny (ISC)2 also reveals that many IT pro­fes­sion­als feel their secu­ri­ty guid­ance is being ignored. Only 35 per­cent agree that their secu­ri­ty sug­ges­tions are fol­lowed. Source: Beta News

Researchers consider possibility of vaccine against cyber attacks

Some cyber­se­cu­ri­ty experts are work­ing on what they describe as “vac­cines” to stop cyber attacks. In the case of the recent Petya ran­somware attack, researchers devel­oped a vac­cine in the form of a sin­gle com­put­er file that would instant­ly dis­able one type of virus as soon as it infect­ed a com­put­er, before it could cause any dam­age. This is dif­fer­ent from tra­di­tion­al anti-virus soft­ware that tries to spot and remove any mal­ware on a com­put­er, but this could be after it has done its work. Source: TechX­plore

European Commission proposes agency to fight cyber threats

The Euro­pean Com­mis­sion issued cyber­se­cu­ri­ty pol­i­cy pro­pos­als that include the des­ig­na­tion of a pan-Euro­pean agency with a man­date to address cyber threats and attacks. The pro­pos­al fol­lows Euro­pean Com­mis­sion Pres­i­dent Jean-Claude Juncker’s State of the Euro­pean Union speech, in which he backed set­ting up a “Euro­pean cyber secu­ri­ty agency.” The EU faced 4,000 ran­somware attacks per day last year. Source: Info Secu­ri­ty

English sports league seeks defense against cyber attacks from Russia

The Eng­lish Foot­ball Asso­ci­a­tion asked FIFA to shield its nation­al team from Russ­ian cyber attacks ahead of the 2018 World Cup in Rus­sia after emails between the foot­ball asso­ci­a­tions report­ed­ly were hacked. The request was made after emails between the FA and FIFA dis­cussing dop­ing were leaked by the Fan­cy Bears hack­ing group, which is sus­pect­ed of ties to the Russ­ian secu­ri­ty ser­vices. Source: The Moscow Times

Watch out for those sex robots, says professor who warns of hacks

A cyber­se­cu­ri­ty pro­fes­sor from Deakin Uni­ver­si­ty warned that robots could kill their own­ers if hack­ers get inside their heads. Cyber­se­cu­ri­ty lec­tur­er Nick Pat­ter­son said that hack­ing into mod­ern-day robots, includ­ing sexbots, would be easy com­pared with more sophis­ti­cat­ed gad­gets such as smart­phones and com­put­ers. “Hack­ers can hack into a robot or a robot­ic device and have full con­trol of the con­nec­tions, arms, legs and oth­er attached tools like, in some cas­es, knives or weld­ing devices,” he said. Source: Fox News