Biggest ever cyber security exercise in Europe today

European Commission,  Thursday, October 30, 2014

More than 200 organisations and 400 cyber-security professionals from 29 European countries are testing their readiness to counter cyber-attacks in a day-long simulation, organised by the European Network and Information Security Agency (ENISA). In Cyber Europe 2014 experts from the public and private sectors including cyber security agencies, national Computer Emergency Response Teams, ministries, telecoms companies, energy companies, financial institutions and internet service providers are testing their procedures and capabilities against in a life-like, large-scale cyber-security scenario.

Microsoft unveils CJIS-capable cloud platform for law enforcement

Infotech,  Tuesday, October 28, 2014

Microsoft has announced a cloud platform that helps public safety departments meet Criminal Justice Information Services (CJIS) policies and connect to the FBI’s systems to securely access data. Law enforcement agencies adopting cloud platforms have concerns about meeting CJIS policies. Microsoft is addressing this concern by offering Microsoft Azure Government cloud, which helps these agencies address compliance obligations like CJIS. A number of Justice and Public Safety customers and partners of Microsoft are building new solutions on this platform, Microsoft said.

Operation SMN – Disruption of Axiom Group – Prolific Chinese Cyber Espionage Team

Brian Bartholomew, iSight Partners,  Tuesday, October 28, 2014

Earlier today iSIGHT Partners proudly participated in the public disclosure of threat intelligence on a prolific Chinese Cyber Espionage group. This disclosure included the sharing of technical indicators which can be used to determine the potential of compromise, as well as detail on the tactics, techniques and procedures of this group which can be used to inform better security decisions. This release was made as part of a coalition of security vendors, security researchers and major technology companies called “Operation SMN” which was announced on October 14th. The effort was led by Novetta and Microsoft and is the first joint effort under Microsoft’s Coordinated Malware Eradication program.

Final NIST cloud roadmap sets 'action plans' for gov't cloud adoption

Molly Bernhart Walker, FierceGovernmentIT,  Wednesday, October 22, 2014

The National Institute of Standards and technology Oct. 21 published a final version of its U.S. Government Cloud Computing Technology Roadmap. The document lays out 10 requirements – each accompanied by "priority action plans" and target completion dates – necessary for cloud adoption by the federal government. The 10 specific requirements relate to the broader priorities of security, interoperability, portability, performance and accessibility.

Russia and China to join forces as cyber superpowers

Russia Direct,  Tuesday, October 21, 2014

Russia and China could soon sign an agreement on cooperation in the field of cybersecurity, a move that some see as an attempt to reduce American influence in the information technology field.

Chinese government launches man-in-middle attack against iCloud

Sean Gallagher, Ars Technica,  Monday, October 20, 2014

GreatFire.org, a group that monitors censorship by the Chinese government’s national firewall system (often referred to as the “Great Firewall”), reports that China is using the system as part of a man-in-the-middle (MITM) attack on users of Apple’s iCloud service within the country. The attacks come as Apple begins the official rollout of the iPhone 6 and 6 Plus on the Chinese mainland. The attack, which uses a fake certificate and Domain Name Service address for the iCloud service, is affecting users nationwide in China. The GreatFire.org team speculates that the attack is an effort to help the government circumvent the improved security features of the new phones by compromising their iCloud credentials and allowing the government to gain access to cloud-stored content such as phone backups.

FBI Director Calls On Congress To 'Fix' Phone Encryption By Apple, Google

Ryan Reilly and Matt Sledge, Huffington Post,  Thursday, October 16, 2014

FBI Director James Comey called Thursday for "a regulatory or legislative fix" for technology companies' expanding use of encryption to protect user privacy, arguing that without such a fix, "homicide cases could be stalled, suspects could walk free, and child exploitation victims might not be identified or recovered."

Microsoft says NSA spying hit trust in the cloud

Doug Drinkwater, SC Magazine UK,  Friday, October 10, 2014

A senior Microsoft spokesman says that government surveillance has damaged trust in the cloud and in the company itself, pushing the latter to focus more on data privacy and security. The firm's principal cyber-security strategist Jeff Jones was presenting at the IP Expo Europe exhibition in London on Thursday, where he suggested that the leaks from NSA whistleblower Edward Snowden had impacted the Redmond technology giant and the cloud computing market as a whole. He then suggested that that the leaks had ‘affected' cloud in the enterprise, as well as the company's own ambitions in this area, before adding that the growing distrust in the cloud had come at a time where ‘perceptual concerns' around cloud security were dissipating on deployment.

Software group launches student privacy pledge

Julian Hattem, The Hill,  Tuesday, October 07, 2014

The software industry is making moves to beef up privacy protections for students. The Software and Information Industry Association (SIIA) joined with the Future of Privacy Forum, a think tank, to announce a new pledge for companies that make products for students in kindergarten through 12th grade. Under the pledge, a handful of companies have promised not to sell student information or target their ads based on students’ behavior. Companies will also only use data for specific educational purposes and will impose limits on how long that information is held.

Players picked for first federally-funded R&D center for cybersecurity

Aaron oyd, FederalTimes,  Tuesday, October 07, 2014

With cyber attacks being volleyed at U.S. infrastructure daily, the National Cybersecurity Center of Excellence (NCCoE) has awarded the first federally-funded research and development center (FFRDC) contract designed specifically to enhance the nation's cybersecurity. The new FFRDC — part of the National Institute of Standards and Technology’s (NIST) NCCoE — will be managed by non-profit MITRE Corp. with assistance from the University System of Maryland (USM), which includes campuses in College Park (UMCP) and Baltimore County (UMBC).