Welcome!

GovIT Authors: Pat Romanski, Kevin Jackson, Bob Gourley, Yakov Fain, Cloud Ventures

Blog Feed Post

Cyber Threats hitting Energy Sector, Hackers Secure F-35 Plans and more

By

DHSHere are the top cyber news and stories of the day.

  • Cyber Threats to Energy Sector Happening at ‘Alarming Rate’ - a recent report from DHS’s Industrial Control System’s CERT found that attacks on the energy sector are growing. Of the 198 incidents they had reported, over 40% were directed at the energy sector. These include USB infections at an electric utility and a power generation facility. Via WSJ, more here.
  • Patient safety requires coordinated public-private strategy, says ONC planPromoting the healthcare industry’s use of health information technology to make care safer is the primary objective of a Dec. 21 plan from the Office of the National Coordinator for Health IT. The ONC is making a push for shared responsibility and partnership to protect the safety and security of patient information. Via FierceGovernment IT, more here.
  • Hackers Secure F-35 Fighter Plans - recent attacks on US government contractors may have put the avionics of the F-35 fighter plane at risk. Apparently, the thought that China (or other nations) might be interested in the F-35 (after they did the same to the F-22) just never occurred to these people. BAE was the spot of the first intrusion, which included monitoring meetings and online data, for 18 months. Oops. Via ISS Source, more here.
  • Chrome Clickjacking Vulnerability Could Expose User Information on Google, Amazon - An apparent clickjacking vulnerability in Chrome could lead attackers to get PII on users, according to research released this week. Apparnetly, there is a malicious page in Google’s support forums which offers a treasure trove of information about the users to the attackers. An additional attack vector is by using an Amazon.com comment to gain the same information. Via ThreatPost, more here.
  • Growing confidence in cloud security - The CIO of Yale University, Len Peters, has undertaken a cost-savings analysis of many IT sectors and has found that not only do unit-cost decline, but he might be able to increase security compliance offerings. He found that while there are risks, if managed, they are no more or less than standard IT risks. Via CSO Online, more here.
  • 7 deadly sins of cloud computing - David Geer, of CSO Online, outlined his 7 top failings of cloud users. They range from failing to secure identification and authentication to not understanding the costs associated with cloud. If you are considering a cloud architecture, it is a solid checklist to guide you. Via CSO Online, more here.

Read the original blog entry...

More Stories By Bob Gourley

Bob Gourley, former CTO of the Defense Intelligence Agency (DIA), is Founder and CTO of Crucial Point LLC, a technology research and advisory firm providing fact based technology reviews in support of venture capital, private equity and emerging technology firms. He has extensive industry experience in intelligence and security and was awarded an intelligence community meritorious achievement award by AFCEA in 2008, and has also been recognized as an Infoworld Top 25 CTO and as one of the most fascinating communicators in Government IT by GovFresh.