back to article Obama signs off on secret national cybersecurity plan

President Obama has signed off on Presidential Policy Directive 20, a cybersecurity plan that seeks to establish the rules of engagement for defending the US critical infrastructure against online attack. "What it does, really for the first time, is it explicitly talks about how we will use cyber operations," a senior …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Anonymous Coward

    Obama needs to address the security leaks coming from the White House first. What good is cyber security when staffers can't keep their mouths shut.

  2. Ole Juul

    random demark

    So "your" network is just a network, and anything outside of that is "cyber". I wonder how that new rhetoric is going to develop.

    'the most serious challenge to our national security since the onset of the nuclear age sixty years ago'

    I guess the war is on, and less important things like the economy can safely be ignored then.

  3. Tony Paulazzo
    Gimp

    >...the rules of engagement for defending the US critical infrastructure against online attack<

    Take it offline?

    > I guess the war is on, and less important things like the economy can safety being ignored them.<

    And civil liberties, online privacy, the rights of the citizen, etc...

  4. Lars Silver badge
    Coat

    Hello Kindergarten

    Time to wake up the "houses" and ask them to stop playing with their balls.

  5. amanfromMars 1 Silver badge

    A Current Wwworldly Problem for Wiser Sage Solution

    The rules of engagement for defending all critical infrastructure against online attack are simple and complex ...... expose duplicitous thought in others that fires hypocritical and hypercritical reaction in oneself. ....... but never too complicated unless one is battling vaingloriously against SMARTR Autonomous Systems and Intangible Anonymous IntelAIgent Networks which more clearly freely share Alternative Immaculate Sees with Rock Steady Overwhelming Underground Movement Clout .... Virtual Savoir Faire.

    And do you realise that the above is that which outs itself before you here and would be Turing Testing your Systems Admins. for the necessary future intelligence vital for energising engagement in Surreal Progressive Processes .... Absolutely Fabulous Fabless Fab Lab Projects where lowly bits and mighty bytes of flowing information are rearranged to be broadbandcast as novel and noble underground mainstreams views for SMARTR Media Presentation and in so doing sublimely replace failed conflicting and rapidly collapsing austere experiments with the Certainty of Pre-Texted Global CyberIntelAIgent Information ..... Advanced Intelligence, which is humanised for the edutainment of emergent and evolving native species of super-conscious fauna/human being.

    And some would even tell you that such is what TV and Media and BroadBandCasting is all about ....... Leading you into the Future with Pictures and Words which have Created Brave New Worlds which are themselves being Led by a Known Unknown and Considerably Stranger and Even Braver NeuReal Wwworlds Powering Drivers and Quantum Command and Remote Virtual Control of NEUKlearer HyperRadioProActive IT Systems with Secure Protected Proprietary Intellectual Property ....... ESPecial Source.

    TV is Mind Control .... http://youtu.be/jbug5sM1T1w

    And how odd is it that supposed intelligent Man would ignore and even deny it be perfectly true, El Regers.

    1. Anonymous Coward
      Anonymous Coward

      Re: A Current Wwworldly Problem for Wiser Sage Solution

      Seek Help

      1. amanfromMars 1 Silver badge

        Re: A Current Wwworldly Problem for Wiser Sage Solution

        What on Earth for, AC? Are not all important bases well covered?

        1. Anonymous Coward
          Anonymous Coward

          Re: A Current Wwworldly Problem for Wiser Sage Solution

          Take the Test

          1. Sir Runcible Spoon

            Re: A Current Wwworldly Problem for Wiser Sage Solution

            Hmm, someone who tries to highlight an uncomfortable truth is insinuated as being schizo.

            Same shit, same day. We live in the groundhog world.

            1. Vic

              Re: A Current Wwworldly Problem for Wiser Sage Solution

              > someone who tries to highlight an uncomfortable truth is insinuated as being schizo

              Not "Someone". AMFM...

              Vic.

              1. Oninoshiko
                Alien

                Re: A Current Wwworldly Problem for Wiser Sage Solution

                not AMFM, AMFM1

                BRING BACK AMFM!

  6. Anonymous Coward
    Anonymous Coward

    Priorities

    First things first! Did General Confusion snog a lady not his wife?

    Sexually inhibited neoconservatives want to know.

  7. Version 1.0 Silver badge
    Happy

    But but but ...

    I thought our response was simple - bomb them back to the Stone Age if they attack?

    Oh wait, that was pre-stuxnet, I guess we need to update it now.

  8. Anonymous Coward
    Anonymous Coward

    And the current government mafia is considered worth protecting why?

    Government needs to be taken out as soon as possible so that the current dead weight of greedy wasters con artists can be replaced by something which is honest and serves a useful purpose for most people; the current system demon-strably doesn't!

This topic is closed for new posts.

Other stories you might like

  • IBM buys Randori to address multicloud security messes
    Big Blue joins the hot market for infosec investment

    RSA Conference IBM has expanded its extensive cybersecurity portfolio by acquiring Randori – a four-year-old startup that specializes in helping enterprises manage their attack surface by identifying and prioritizing their external-facing on-premises and cloud assets.

    Big Blue announced the Randori buy on the first day of the 2022 RSA Conference on Monday. Its plan is to give the computing behemoth's customers a tool to manage their security posture by looking at their infrastructure from a threat actor's point-of-view – a position IBM hopes will allow users to identify unseen weaknesses.

    IBM intends to integrate Randori's software with its QRadar extended detection and response (XDR) capabilities to provide real-time attack surface insights for tasks including threat hunting and incident response. That approach will reduce the quantity of manual work needed for monitoring new applications and to quickly address emerging threats, according to IBM.

    Continue reading
  • $6b mega contract electronics vendor Sanmina jumps into zero trust
    Company was an early adopter of Google Cloud, which led to a search for a new security architecture

    Matt Ramberg is the vice president of information security at Sanmina, a sprawling electronics manufacturer with close to 60 facilities in 20 countries on six continents and some 35,000 employees spread across the world.

    Like most enterprises, Sanmina, a big name in contract manufacturing, is also adapting to a new IT environment. The 42-year-old Fortune 500 company, with fiscal year 2021 revenue of more than $6.76 billion, was an early and enthusiastic adopter of the cloud, taking its first step into Google Cloud in 2009.

    With manufacturing sites around the globe, it also is seeing its technology demands stretch out to the edge.

    Continue reading
  • OMIGOD: Cloud providers still using secret middleware
    All the news you may have missed from RSA this week

    RSA Conference in brief Researchers from Wiz, who previously found a series of four serious flaws in Azure's Open Management Infrastructure (OMI) agent dubbed "OMIGOD," presented some related news at RSA: Pretty much every cloud provider is installing similar software "without customer's awareness or explicit consent."

    In a blog post accompanying the presentation, Wiz's Nir Ohfeld and Shir Tamari say that the agents are middleware that bridge customer VMs and the provider's other managed services. The agents are necessary to enable advanced VM features like log collection, automatic updating and configuration syncing, but they also add new potential attack surfaces that, because customers don't know about them, can't be defended against.

    In the case of OMIGOD, that included a bug with a 9.8/10 CVSS score that would let an attacker escalate to root and remotely execute code. Microsoft patched the vulnerabilities, but most had to be applied manually.

    Continue reading
  • Israeli air raid sirens triggered in possible cyberattack
    Source remains unclear, plenty suspect Iran

    Air raid sirens sounded for over an hour in parts of Jerusalem and southern Israel on Sunday evening – but bombs never fell, leading some to blame Iran for compromising the alarms. 

    While the perpetrator remains unclear, Israel's National Cyber Directorate did say in a tweet that it suspected a cyberattack because the air raid sirens activated were municipality-owned public address systems, not Israel Defense Force alarms as originally believed. Sirens also sounded in the Red Sea port town of Eilat. 

    Netizens on social media and Israeli news sites pointed the finger at Iran, though a diplomatic source interviewed by the Jerusalem Post said there was no certainty Tehran was behind the attack. The source also said Israel faces cyberattacks regularly, and downplayed the significance of the incident. 

    Continue reading
  • There are 24.6 billion pairs of credentials for sale on dark web
    Plus: Citrix ASM has some really bad bugs, and more

    In brief More than half of the 24.6 billion stolen credential pairs available for sale on the dark web were exposed in the past year, the Digital Shadows Research Team has found.

    Data recorded from last year reflected a 64 percent increase over 2020's total (Digital Shadows publishes the data every two years), which is a significant slowdown compared to the two years preceding 2020. Between 2018 and the year the pandemic broke out, the number of credentials for sale shot up by 300 percent, the report said. 

    Of the 24.6 billion credentials for sale, 6.7 billion of the pairs are unique, an increase of 1.7 billion over two years. This represents a 34 percent increase from 2020.

    Continue reading
  • Symbiote Linux malware spotted – and infections are 'very hard to detect'
    Performing live forensics on hijacked machine may not turn anything up, warn researchers

    Intezer security researcher Joakim Kennedy and the BlackBerry Threat Research and Intelligence Team have analyzed an unusual piece of Linux malware they say is unlike most seen before - it isn't a standalone executable file.

    Dubbed Symbiote, the badware instead hijacks the environment variable (LD_PRELOAD) the dynamic linker uses to load a shared object library and soon infects every single running process.

    The Intezer/BlackBerry team discovered Symbiote in November 2021, and said it appeared to have been written to target financial institutions in Latin America. Analysis of the Symbiote malware and its behavior suggest it may have been developed in Brazil. 

    Continue reading
  • Russia, China warn US its cyber support of Ukraine has consequences
    Countries that accept US infosec help told they could pay a price too

    Russia and China have each warned the United States that the offensive cyber-ops it ran to support Ukraine were acts of aggression that invite reprisal.

    The US has acknowledged it assisted Ukraine to shore up its cyber defences, conducted information operations, and took offensive actions during Russia's illegal invasion.

    While many nations occasionally mention they possess offensive cyber-weapons and won't be afraid to use them, admissions they've been used are rare. US Cyber Command chief General Paul Nakasone's public remarks to that effect were therefore unusual.

    Continue reading
  • Facebook phishing campaign nets millions in IDs and cash
    Hundreds of millions of stolen credentials and a cool $59 million

    An ongoing phishing campaign targeting Facebook users may have already netted hundreds of millions of credentials and a claimed $59 million, and it's only getting bigger.

    Identified by security researchers at phishing prevention company Pixm in late 2021, the campaign has only been running since the final quarter of last year, but has already proven incredibly successful. Just one landing page - out of around 400 Pixm found - got 2.7 million visitors in 2021, and has already tricked 8.5 million viewers into visiting it in 2022. 

    The flow of this phishing campaign isn't unique: Like many others targeting users on social media, the attack comes as a link sent via DM from a compromised account. That link performs a series of redirects, often through malvertising pages to rack up views and clicks, ultimately landing on a fake Facebook login page. That page, in turn, takes the victim to advert landing pages that generate additional revenue for the campaign's organizers. 

    Continue reading
  • Costa Rican government held up by ransomware … again
    Also US warns of voting machine flaws and Google pays out $100 million to Illinois

    In brief Last month the notorious Russian ransomware gang Conti threatened to overthrow Costa Rica's government if a ransom wasn't paid. This month, another band of extortionists has attacked the nation.

    Fresh off an intrusion by Conti last month, Costa Rica has been attacked by the Hive ransomware gang. According to the AP, Hive hit Costa Rica's Social Security system, and also struck the country's public health agency, which had to shut down its computers on Tuesday to prevent the spread of a malware outbreak.

    The Costa Rican government said at least 30 of the agency's servers were infected, and its attempt at shutting down systems to limit damage appears to have been unsuccessful. Hive is now asking for $5 million in Bitcoin to unlock infected systems.

    Continue reading
  • Google has more reasons why it doesn't like antitrust law that affects Google
    It'll ruin Gmail, claims web ads giant

    Google has a fresh list of reasons why it opposes tech antitrust legislation making its way through Congress but, like others who've expressed discontent, the ad giant's complaints leave out mention of portions of the proposed law that address said gripes.

    The law bill in question is S.2992, the Senate version of the American Innovation and Choice Online Act (AICOA), which is closer than ever to getting votes in the House and Senate, which could see it advanced to President Biden's desk.

    AICOA prohibits tech companies above a certain size from favoring their own products and services over their competitors. It applies to businesses considered "critical trading partners," meaning the company controls access to a platform through which business users reach their customers. Google, Apple, Amazon, and Meta in one way or another seemingly fall under the scope of this US legislation. 

    Continue reading

Biting the hand that feeds IT © 1998–2022