News

Cybersecurity Framework feedback shows need for update process, best practices, awareness

Now that critical infrastructure leaders have had a chance to weigh in on the National Institute of Standards and Technology's Cybersecurity Framework, the agency is ready to move forward with evaluating and incorporating the suggestions it received.

DOJ charges 7 Iran-sponsored hackers with attacks on US financial sector, New York dam

The Justice Department has indicted seven Iranian hackers who were responsible for a 176-day distributed denial of service, or DDoS, campaign aimed at the U.S. financial sector. This is the first time the U.S. government has formally charged state-sponsored individuals for trying to disrupt networks of key U.S. industries, according to The Washington Post.

Spotlight: Army not so sure of DoD's Windows 10 adoption

The U.S. Department of Defense CIO Terry Halvorsen stressed how important moving to Windows 10 is earlier this week, according to Federal News Radio, but the Army isn't so sure the Pentagon's one-year transition mandate is realistic.

Reviewing Tony Scott's first year as federal CIO

A lot can happen in a year. Since Tony Scott was named U.S. Chief Information Officer in 2015, federal IT modernization has taken center stage as a bipartisan issue – and for good reason.

DARPA thinks spectrum allocation challenges can be addressed through machine learning

Last week the Defense Advanced Research Projects Agency announced its latest "grand challenge," which asks teams to develop smart systems that leverage machine learning to optimize available wireless spectrum.

Halvorsen: DoD's cybersecurity training, culture have improved

Defense Department Chief Information Officer Terry Halvorsen said cybersecurity training and overall awareness of cyberthreats have improved across the organization since a phishing scheme last summer compromised the Joint Chiefs of Staff unclassified email network.

Spotlight: House appropriators approach VistA funding with caution

A draft version of the fiscal 2017 Military Construction and Veterans Affairs and Related Agencies Appropriations Act would earmark $260 million to fund the modernization of VA's electronic health record. However, the proposal would limit funding for the VistA Evolution program to $168 million. 

DOJ charges Syrian Electronic Army members with several hacking conspiracies

The three accused Syrian nationals largely undertook spear-phishing and extortion schemes in support of Syrian President Bashar al-Assad's government, according to two criminal complaints the U.S. District Court of the Eastern District of Virginia unsealed Tuesday. However, some of the activities appeared to be targeted purely for personal gain.

Labor launches online tool to help companies recruit people with disabilities

The Labor Department is taking steps to make it easier for people with disabilities to apply for jobs online, launching a free online tool called TalentWorks that walks employers through accessible online job applications and e-recruiting techniques.

Security and privacy controls on Healthcare.gov data hub remain weak

Over a 17-month period, Healthcare.gov experienced 316 security incidents – none of which resulted in the leak of sensitive data or compromised systems – but the Government Accountability Office remains concerned that the technical controls that protect information flowing from the website to federal partners' data systems are inadequate.

NPPD proposes plan to redefine itself as operational cybersecurity body

The Homeland Security Department would rename and restructure the National Protection and Programs Directorate, or NPPD, in a new proposal redefining its mission. Its new identity of "Cyber and Infrastructure Protection," or CIP, would serve as a central cybersecurity taskforce and take a more operational role.

Spotlight: Israel's Cellebrite reportedly helping FBI unlock San Bernardino iPhone

An Israeli newspaper has reported that Israel-based mobile forensics company Cellebrite is working with the FBI in an effort to unlock an iPhone used by one of the San Bernardino shooters.

TIGTA: IRS cut conference spending by $150M over 4 years

The IRS updated its policies and procedures and designed controls to rein in its conference and event spending following a critical May 2013 report by the Treasury Inspector General for Tax Administration. However, the agency still has more work to do, TIGTA said in a follow-up report.

DHS/OCIA: Cyberattack on seaports could have wide-ranging effects on key infrastructure

U.S. seaports are vulnerable to cyberattacks that could cripple not just the ports, but business sectors including critical manufacturing, energy, chemical, transportation and food and agriculture.

VA cyber intrusion attempts down, non-cyber data loss incidents up in February

The Veterans Affairs Department saw cyber intrusion attempts drop by more than 10 million attempts in February, but reported non-cyber data loss incidents increased significantly.

Former State Dept. employee sentenced for hacking, cyberstalking, 'sextortion'

36-year-old Michael C. Ford of Atlanta, Ga., was sentenced yesterday to 57 months in prison for a far-reaching scheme that involved email phishing, hacking and cyberstalking. The case involved hundreds of victims both in the United States and internationally.

Next administration, transition teams should foster a more cohesive government, says report

Developing an enterprise government – or one that coordinates across department and agency boundaries to solve complex challenges – should be a key issue for the next administration and transition teams, said a new report.

VA CIO places renewed focus on cloud, data center consolidation

The Veterans Affairs Department will launch a major push to adopt cloud computing technologies next month, according to VA Chief Information Officer LaVerne Council. The agency will kick off a contract in the coming weeks to begin using email as a service and secure cloud storage.

Report: Encryption wasn't key to carrying out Paris attacks

The New York Times reported that the coordinated Paris attacks in November 2015 did not rely heavily on encryption technology, but rather on prepaid "burner" phones that were brand new and promptly discarded after the attackers exchanged communications over only several activated minutes.

Spotlight: Teachable moments, coming soon to the State Department via phishing email simulation

The State Department earlier this month issued an updated solicitation for information on phishing email simulation services.