Archive for the ‘technology and internet’ Category

Continuing Federal Cyber Breaches Warn Against Cybersecurity Regulation

October 29, 2014 Comments off

Continuing Federal Cyber Breaches Warn Against Cybersecurity Regulation
Source: Heritage Foundation

Recent high-profile private-sector hacks have once again put a spotlight on the issue of cybersecurity. This is a serious problem that requires legislation to improve the United States’ cybersecurity posture, but the U.S. should not reflexively adopt government regulation of cyberspace as a solution. There are concerns that such a response would not be cost-effective and would have an adverse effect on innovation. It could also potentially create a mindset of compliance rather than of security. Additionally, the government’s own cybersecurity track record raises questions about the effectiveness of government cyber regulations.

The following is a list of federal government cybersecurity breaches and failures, most of which occurred during 2013 and 2014. This list is part of a continuing series published by Heritage that serves as a long-term compilation of open-source data about federal cybersecurity breaches dating back to 2004.

This list is in no way complete: Some hacks might not be reported or are classified, and others have yet to be realized. In September 2014, Robert Anderson, executive assistant director of the Criminal, Cyber, Response, and Services Branch of the FBI told the Senate Homeland Security Committee that if a federal department believes it hasn’t been hacked, it is likely that they are simply unaware of the hack. When Senator Coburn asked for a list of all the government hacks the panelists were aware of, he acknowledged that they may have to be discussed in a closed Senate hearing. Furthermore, the list below does not include the large number of private-sector failures. Nevertheless, the seriousness and number of known U.S. government cybersecurity failures undercut the argument for a government-led regulatory approach to cybersecurity.

About these ads

Cyber Attacks on U.S. Companies in 2014

October 29, 2014 Comments off

Cyber Attacks on U.S. Companies in 2014
Source: Heritage Foundation

The spate of recent data breaches at big-name companies such as JPMorgan Chase, Home Depot, and Target raises questions about the effectiveness of the private sector’s information security. According to FBI Director James Comey, “There are two kinds of big companies in the United States. There are those who’ve been hacked…and those who don’t know they’ve been hacked.”

A recent survey by the Ponemon Institute showed the average cost of cyber crime for U.S. retail stores more than doubled from 2013 to an annual average of $8.6 million per company in 2014. The annual average cost per company of successful cyber attacks increased to $20.8 million in financial services, $14.5 million in the technology sector, and $12.7 million in communications industries.

This paper lists known cyber attacks on private U.S. companies since the beginning of 2014. (A companion paper discussed cyber breaches in the federal government.) By its very nature, a list of this sort is incomplete. The scope of many attacks is not fully known. For example, in July, the U.S. Computer Emergency Readiness Team issued an advisory that more than 1,000 U.S. businesses have been affected by the Backoff malware, which targets point-of-sale (POS) systems used by most retail industries. These attacks targeted administrative and customer data and, in some cases, financial data.

This list includes only cyber attacks that have been made known to the public. Most companies encounter multiple cyber attacks every day, many unknown to the public and many unknown to the companies themselves.

The data breaches below are listed chronologically by month of public notice.

Cyber Attacks Likely to Increase

October 29, 2014 Comments off

Cyber Attacks Likely to Increase
Source: Pew Research Internet Project

Experts believe nations, rogue groups, and malicious individuals will step up their assaults on communications networks, targeting institutions, financial services agencies, utilities, and consumers over the next decade.

State of the App Economy 2014

October 29, 2014 Comments off

State of the App Economy 2014
Source: ACT | The App Association
From full report (PDF):

This is ACT | The App Association’s third annual report on the mobile economy. In 2012, we published our first study, Apps Across America, a report originally requested by the Energy and Commerce Committee at the U.S. House of Representatives for its hearing, “Where the Jobs Are: There’s an App for That.” Last year we took a closer look at the Apple App Store on its five-year anniversary to chart the greatest influences impacting app economy growth.

Only six years old, the app industry has grown at a tremendous rate that shows no signs of slowing down. Having risen to an $87 billion marketplace, analysts project growth beyond $150 billion by 2017.3 Much of this is derived from incredible innovation by app makers that have harnessed the power of mobile connectivity to change the way we work, play, shop, and communicate.

Most recently we have seen advances in mobile technology that offer new ways for consumers to monitor their health and connect with medical professionals. As more schools have implemented curricula using interactive touchscreen displays, there has been dramatic growth in education and children’s apps.

To explore the evolution of the app industry, we reviewed the top 650 apps across key categories in Google Play and the Apple App Store. In addition to the categories featured in our previous reports, we broadened our focus this year to include the categories Kids, Health, and Medical. We found that the app industry is growing and diversifying while creating new companies and jobs across the country.

Enabling the Hyperconnected Age: The role of semiconductors

October 29, 2014 Comments off

Enabling the Hyperconnected Age: The role of semiconductors
Source: Oxford Economics

The semiconductor is one of the most pervasive and powerful inventions in human history—the material core of the Internet age. In a recent poll of scientists, historians, and technologists, asked to rank the top innovations since the wheel, the semiconductor came in fourth—just behind the printing press, electricity, and penicillin, but ahead of eyeglasses, paper, and the steam engine. An Oxford Economics analysis found that the semiconductor contributed $2.7 trillion in global GDP in 2012, and directly supported 1.3 million high-value jobs.

As our planet grows ever more connected and our societies become more able to measure, analyze, and predict behaviors in the physical world, continued advances in the capabilities of the semiconductor will help whole new industries flourish, while stimulating further dramatic increases in global productivity, economic growth, innovation, and sustainability. As a result, it will be crucial for policy-makers to support a healthy semiconductor ecosystem, and for educators to provide a steady stream of young minds to reach new frontiers.

Free registration required to access report.

Telecom — The World in 2014: ICT Facts and Figures

October 29, 2014 Comments off

The World in 2014: ICT Facts and Figures
Source: International Telecommunications Union

The World in 2014: ICT Facts and Figures features end 2014 estimates for ITU’s key telecommunication/ICT indicators. The brochure highlights the latest global ICT facts and trends and includes figures on mobile-cellular subscriptions, Internet use, trends of fixed and mobile broadband services, home ICT access, and more.

HHS OIG — Penetration Test of the Food and Drug Administration’s Computer Network

October 29, 2014 Comments off

Penetration Test of the Food and Drug Administration’s Computer Network
Source: U.S. Department of Health and Human Services, Office of Inspector General

We conducted an external penetration test of the Food and Drug Administration’s (FDA) network and information systems. Although we did not obtain unauthorized access to the FDA network, we identified the following issues: Web page input validation was inadequate, external systems did not enforce account lockout procedures, security assessments were not performed on all external servers, error messages revealed sensitive system information, and demonstration programs revealed sensitive information. These could have led to (1) the unauthorized disclosure or modification of FDA data or (2) FDA mission critical systems being made unavailable. We recommended that FDA implement necessary corrective actions to address the specific cybersecurity vulnerabilities that we identified during this audit.


Get every new post delivered to your Inbox.

Join 944 other followers