The US Office of Personnel Management (OPM) suffered a devastating data breach that has impacted millions of people - and the agency is now trying to move too fast and isn't following best practices. The OPM is relying on systems that are "decades-old" and apparently has no idea what they are actually doing to prevent future cybersecurity issues.
"It may sound counterintuitive, but OPM must slow down and not continue to barrel forward with this project," said Patrick McFarland, Inspector General of the OPM, while speaking to the Senate Homeland Security Committee. "The agency must take the time to get it right the first time."
Sen. Ron Johnson (R - WI) and Sen. John McCain (R - AZ) have called into question the Obama Administration's commitment to overall cybersecurity. The "OPM has become a case study in the consequences of inadequate action and neglect," Johnson recently said. Meanwhile, McCain questioned if OPM agency director Katherine Archuleta should stay in her current role, especially after offering conflicting reports regarding OPM's breach damage.
The US government and military cannot be left alone to keep data safe from outside threat, and it's up to the private sector, security planners and citizens to lend a hand. Officials hope to create a new national cybersecurity strategy that will better protect the federal government from cyberespionage attempts.
"You do not want this to be a military approach," said Mark Troutman, director of the Center for Infrastructure Protection & Homeland Security at George Mason University, during a meeting at the US Army War College. "We are Americans. We secure ourselves at the end of the day with an active and engaged citizenry."
It's appropriate timing for the talks, as the United States and China interact with one another at the Strategic and Economic Forum, with US officials assuming China is behind the devastating Office of Personnel Management (OPM) attack.
Passwords and PIN codes remain the most popular first line of security for smartphones and tablets, but researchers continue researching biometrics.
There are some devices that use fingerprint scans to help unlock phones, but new solutions could include using a retina scan or your palm print to help unlock devices. As more devices contain sensitive data, and rising interest in mobile payments, the need for biometrics to evolve may become necessary.
The first wave of Apple products with biometrics, however, had some issues - and hopefully was a learning experience for other smartphone manufacturers.
Eugene Kaspersky is the founder of the Kaspersky Lab cybersecurity software company, and believes hackers will have plenty of opportunities when it comes to targeting connected Things.
"You call it Internet of things; I call it Internet of threats," Kaspersky recently said on NBC News. Kaspersky noted that hackers could be able to display messages on a smart TV, smartwatch and other connected devices, or be malicious and compromise personal information.
It's no secret that IoT is expected to be more disruptive, but cybersecurity experts are concerned. Even though more Things will be in our apartments and homes, consumers don't appear completely sold on the technology - so manufacturers will have to address that problem while also trying to improve security protocols.
The GCHQ British intelligence agency didn't follow protocol when it intercepted data on two non-government organizations, according to the country's Investigatory Powers Tribunal (IPT). Retaining emails for longer than it is supposed to is a violation of GCHQ internal procedures - but the IPT says the data interception was legal.
"We welcome the IPT's confirmation that any interception by GCHQ in these cases was undertaken lawfully and proportionately, and that where breaches of policies occurred they were not sufficiently serious to warrant any compensation to be paid to the bodies involved," a government spokesman said, in a statement published by the BBC.
The GCHQ intercepted communications from the Legal Resources Centre and Egyptian Initiative for Personal Rights, with both groups saying their data was illegally examined and retained. However, the IPT didn't offer a statement regarding claims from Amnesty International and other NGOs.
Polish airline company LOT had to ground some flights at Warsaw Chopin airport, leaving around 1,400 passengers stranded, after hackers were able to successfully compromise its systems. In total, 10 flights were cancelled and 12 other flights were delayed due to the problem on Sunday.
It took about five hours to resolve the computer issues, and LOT said there was no risk to ongoing flights that were already in the air.
"We're using state-of-the-art computer systems, so this could potentially be a threat to others in the industry," said Adrian Kubicki, spokesman at LOT, in a statement to the media.
The Anonymous hacker collective targeted Canadian government websites in retribution for the recent passing of the anti-terror Bill C-51. The distributed denial of service (DDoS) attacks took place on Wednesday and temporarily disrupted web sites belonging to the Canadian Senate, Justice Department and two different spy agencies.
The Canadian Security and Intelligence Service (CSIS) has been awarded new powers to investigate and disrupt suspected terror-related activities after Bill C-51 passed. The bill, which was heavily criticized by privacy and citizen watch groups, has angered many Canadian citizens - and Anonymous was more than willing to take aim. There is fear that the government will be able to monitor legitimate Internet activity, and then sweep it under the rug.
Here is what Anonymous said regarding the hack: "Greetings citizens of Canada, we are Anonymous. Today, this 17th of June 2015 we launched an attack against the Canadian Senate and government of Canada websites in protest against the recent passing of Bill C-51. A bill which is a clear violation of the universal declaration of human rights, as well as removing our legal protections that have stood, enshrined in the Magna Carta for 800 years."
Swann Security has announced the SwannCloud Plug & Play security camera and SwannCloud HD Pan & Tilt security camera.
Both cameras are able to record and capture 720p HD video and 1280 x 720 HD images, which can be saved to a smartphone or tablet. In addition, the Pan & Tilt camera can be remotely operated using the SwannCloud app for Google Android and Apple iOS users. Both cameras also make use of on-board infrared LEDs to provide higher quality nighttime video and image viewing.
The SwannCloud HD Plug & Play has a $129.99 MSRP, while the SwannCLoud HD Pan & Tilt is available for $179.99.
The North Korean regime didn't like news that the United States tried to launch a Stuxnet-like cyberattack against the country, and threatened it could "wage a cyber war against the US to hasten its ruin."
A report in a North Korean newspaper also said the country "can react to any forms of wars, operations and battles sought by the US imperialists," and added "the US is greatly mistaken if it thinks the DPRK will just overlook with folded arms the provocations in the cyber space."
North Korea has threatened a cyber-based apocalypse against the US in the past - and was reportedly behind the attack against Sony Pictures Entertainment.
A union representing federal employees claims that cybercriminals were able to successfully steal Social Security numbers and other personal data of every federal employee. Following news that the Office of Personnel Management (OPM) was hacked, suspected by "the Chinese," it's turned out to be a bigger issue than the Obama Administration publicly stated.
Hackers were able to compromise the Central Personnel Data File, which holds records for current federal employees, retired personnel, and as many as one million former federal employee records. The data files reportedly have up to 780 data points about a federal worker - an alarming amount of personal information that wasn't properly secured.
"We believe that Social Security numbers were not encrypted, a cybersecurity failure that is absolutely indefensible and outrageous," said J. David Cox, president of the American Federal of Government Employees, in an open letter to the OPM. The group has described the OPM breach as "an abysmal failure on the part of the agency to guard data that has been entrusted to it by the federal workforce."