News

Federal social media registry looks to expand

The General Services Administration's federal social media registry allows those with a .gov or .mil email address to register federal accounts on YouTube, Facebook, Twitter and, soon, Instagram. The registry – which serves as the federal government's solution for addressing copycat and unauthorized social media accounts – likely won't stop with Instagram either.

Most cyber espionage state-affiliated, targets United States

Cyber espionage in 2013 tended to be committed by state-affiliated actors, target the United States, and originate in East Asia or Eastern Europe, says an annual report by security researchers at Verizon.

USPS should expand social media presence to drive revenue, IG says

The Postal Service should expand its social media outreach and marketing to help drive sales and better compete in the digital age, says an April 21 USPS inspector general report says.

Proposed rule would ban electronic waste disposal for federal agencies

Monitors, computers, smart phones and other electronics would need to be sold, donated offered to other agencies or recycled through a certified electronic waste recycler, the proposed rule says. Office electronics are made with rare and precious metals, plastic and glass, all of which can be recycled.

DOJ immigration office unable to access case databases

The Justice Department can't currently handle some of its immigration cases because of a hardware failure that's left the agency unable to access databases. DOJ's Executive Office for Immigration Review issued a notice on its website saying the immigration courts are continuing to process cases but is prioritizing them for manual review.

FedRAMP program office releases transition plan to new controls baseline

Private sector cloud providers with a FedRAMP provisional authorization making them eligible to sell services to federal agencies will have about a year to implement the new minimum set of security controls.

NIST drops random number generator under suspicion of NSA tampering

A random number generating algorithm under suspicion of National Security Agency tampering will no longer carry government approval. The National Institute of Standards and Technology announced Monday it will remove the algorithm in question, the Dual Elliptic Curve Deterministic Random Bit Generator, from its publication containing pseudorandom generator standards.

Severe shortage of tech talent in government, says report

Existing levels of information technology talent within government and civil society do not meet the current needs, finds a report based on dozens of interviews and secondary research. Those technically skilled programmers, designers and engineers with expertise in computer science and data science that are in government are not distributed evenly across agencies, it adds.

SEC to examine securities industry cybersecurity measures

The Securities and Exchange Commission released earlier this month a checklist of cybersecurity measures it'll use as part of this year's examination of registered broker-dealers and investment advisers.

NIST notes progress in smart grid interoperability update

A proposed update to the National Institute of Standards and Technology's smart grid interoperability standards publication would incorporate changes in governance and international collaboration that have occurred since 2012.

Healthcare.gov passwords vulnerable to Heartbleed bug

Account passwords for healthcare.gov will be invalid pending a reset, on account of the Heartbleed web security bug.

FTC in position to enforce data stewardship standards among cloud providers, says paper

Enforcement actions by the Federal Trade Commission have laid a foundation for establishment of data stewardship standards controlling cloud services that involve processing personal data, say two academics. Data stewardship standards could fill a privacy controls vacuum in cloud services offered to school districts that process students' data, Solove and Hartzog suggest, since the Education Department lacks authority to regulate companies receiving education records.

SEC financial system went live with security issues

An important Securities and Exchange Commission financial system went live last summer before a contractor completed necessary security tasks, a report from the Government Accountability Office says. Auditors don't specify the "key financial system" or the required security tasks in an April 17 report, which says the SEC neglected to scrutinize its contractor's work.

Tomorrow's Internet less resilient, says report

The Internet of tomorrow will be less resilient, less available and not as robust as today's warns a think tank and an insurance company. So far, cyber incidents have had effects that are widespread but temporary, or persistent but narrowly focused, says a report published Wednesday by the Atlantic Council and Zurich Insurance Group.

 

NIST unveils AppVet for mobile application evaluation

The National Institute of Standards and Technology released version 1 of a free, open source system comprised of a web application, tools and clients for testing and evaluating the security of mobile applications.

Education Dept. wants student aid APIs

Application programming interfaces can allow third-party developers to build apps and tools that interact with government data and forms. The Education Department says it's interested both in read-only APIs, which would let tools push out information, and read-write APIs that would let users complete forms through third-party tools.

Paper tax returns mostly superseded by electronic filing

Paper federal tax returns increasingly are a relic of the time before ubiquitous Internet, shows Internal Revenue Service preliminary filing data.

DARPA tests drone-mounted WiFi

Warfare more dependent on the gathering and dispersal of battlefield data has long been in the making, but hobbled by the problem of assuring connectivity – especially at the level of soldiers rather than commanders.

FAA: ADS-B ground infrastructure complete

The nationwide ground infrastructure necessary for air traffic controllers to see airplanes according to their GPS-transmitted location is now complete, says the Federal Aviation Administration.

SAM 'inelegant and cumbersome' says GSA CIO

The System for Award Management is operational but it's not what the future of acquisition should look like, said Sonny Hashmi, chief information officer at the General Services Administration. Commonly called "SAM," the consolidated acquisition system launched in August 2012 to bring together three previously separate systems.