News

DARPA working to reduce IT vulnerabilities in complex military systems

The massive, monolithic technology platforms upon which U.S. defense systems rely are inflexible, increasingly difficult to manage and hostile to advances in technology, said the director of the Defense Advanced Research Projects Agency. They're also vulnerable to malicious actors, said DARPA Director Arati Prabhakar during a Nov. 12 event hosted by the Center for Strategic and International Studies.

Complex, sophisticated malware 'Regin' used for espionage since at least 2008, Symantec says

Cybersecurity company Symantec says it has discovered a highly complex, advanced malware that has been developed and used – likely by a nation state – to systematically spy on governments, individuals and other international targets since at least 2008.

VA fails annual cybersecurity audit for 16th straight year, says it will invest more resources

For the 16th straight year, the Veterans Affairs Department will fail its annual cyberseurity audit, the VA's deputy assistant inspector general said at a recent congressional hearing. Most of the IT security recommendations issued in their reports persist year after year.

Ex-Navy serviceman sentenced to 2 years in prison for hacking, stealing personal records

A former Navy nuclear systems administrator and co-founder of a computer hacking group was sentenced to two years in prison for hacking into the Navy and National Geospatial-Intelligence Agency, among others, and stealing and releasing thousands of personal records, a U.S. attorney announced Nov. 21.

European Commission views sought on whether US can compel provider to disclose data stored abroad

The Center for Democracy and Technology says it would be beneficial for the European Commission to provide its views on a case in which a U.S. federal court has ordered Microsoft to produce a customer's information that's stored in a data center in Ireland – an order the company has refused to comply with.

NSA director: "Totally defensive" a losing strategy

Although there are no established principles for norms in cyberspace, such as what qualifies as an "act of war," the idea that nations should refrain from offensive action and operate day-to-day completely on the defensive is not acceptable to the U.S. military, said Vice Adm. Mike Rogers, the dual-hatted head of the National Security Agency and Cyber Command.

Education Department must address some persistent info security issues, IG says

While the Education Department has strengthened its information security programs, an internal audit said "longstanding weaknesses" could potentially leave systems vulnerable to serious threats. The department's inspector general said it had identified about a half dozen issues from reports in previous fiscal years. In some cases, the department didn't implement fixes even though it said it had done so.

NRC must beef up information systems security practices, processes, IG says

The Nuclear Regulatory Commission needs to perform continuous monitoring of its information systems and update its system security plans, according to a recently released internal audit.

Fierce 15 winners prove innovation breeds innovation

After two solid years I was worried we had already found and recognized most of the fierce people in government IT. Fortunately, innovation breeds innovation. And there are more dynamic people in government than ever to inspire us. 

FAA IG: NextGen by 2020 a "tall order"

The Federal Aviation Administration could have a tough time meeting its deadline for the Next Generation Air Transportation program, or NextGen – a 20-year, $40 billion initiative designed to modernize a decades-old U.S. aviation system by using satellite-based, digital technologies to make air travel safe, reliable, convenient and more predictable – according to the Transportation Department's inspector general.

NATO launches largest ever cyber attack training exercise

NATO launched its largest ever multinational cyber-defense exercise Nov. 18 – a three-day training event that includes 670 technical, government and cyber experts operating from dozens of locations from across partner nations, NATO said in a statement. The training will test NATO's ability to defend its networks in the event of a cyber attack, NATO says in the statement.

Niall Brennan to become first chief data officer for CMS

He will lead the newly formed Office of Enterprise Data and Analytics, which will provide data access to outside health care providers and other stakeholders in an effort to help them make better decisions related to improving patient care, while lowering costs.

USPS delayed breach notification so as not to tip off hackers

The Postal Service didn't notify some 800,000 USPS employees immediately when it was believed their personally identifiable information was compromised because it did not want to jeoprodize the investigation and alert the perpetrators, said a USPS officia Nov. 19 before a House Oversight and Government Reform subcommittee. In fact, the investigation is still very much underway, said Randy Miskanic, vice president of secure digital solutions at USPS.

FierceGovernmentIT's 2014 Fierce 15

FierceGovernmentIT is proud to announce our third annual Fierce 15 – a recognition of federal employees and teams who have done particularly innovative things.

Most of the civil servants recognized in the Fierce 15 won't be found keynoting event after event across Washington. Instead, they handle behind-the-scenes orchestration of some of the most progressive projects underway in government and work tirelessly to make government more efficient, service- and mission-oriented, and accountable. See the list...

NIST issues FISMA-based data security guidance for non-federal entities

Non-federal organizations such as contractors, state governments and academic institutions often handle controlled unclassified information, and the National Institute of Standards and Technology is offering specific guidance on protecting that information based on the Federal Information Security Management Act.

Intelligence community seeks advanced speech-to-text technology, launches contest

U.S. intelligence officials are seeking innovative technology that can better help them translate speech into text in various acoustic environments. The Intelligence Advanced Research Projects Activity announced a challenge Nov. 18 called the Automatic Speech recognition in Reverberant Environments to do just that.

Cybersecurity remains top-five challenge for Justice Department, IG says

As cyber threats, attacks and espionage escalate against the United States, the Justice Department needs to make sure it's properly addressing these issues in a coordinated manner and sharing critical information with industry, among other measures, the inspector general said.

Persistent problems keep USDA from achieving secure, sustainable IT systems

While the security of the Agriculture Department's IT systems continues to improve, they're still vulnerable due to "longstanding weaknesses." The inspector general evaluated the department's overall security program as part of the Federal Information Security Management Act, or FISMA, which establishes baseline security standards for all agencies.

GAO finds holes in VA cyber incident response protocols

It's sometimes unclear whether corrective response to information technology vulnerabilities identified by the Veterans Affairs Department have been effective because the department has done little follow-up on its mitigation techniques, says the Government Accountability Office.

DoD's Kendall worries about decline of US military's technological superiority

A top Defense Department official said the U.S. military's technological dominance is being threatened by budget constraints, complacency and China's investments.