Doug Bedell — August 28, 2015, 11:04 am

DOE’s Evolving Concerns, Like Cars Being Hacked

3D Red Sport Car on White Background
It’s a little surprising to learn that the U.S. energy secretary evidently is more worried about “cars being hacked than the electric grid being attacked,” as Forbes reports on the In Homeland Security blog.

Part of the explanation for this “mobile” priority no doubt is that the Department of Energy has been working with the utilities longer than it has with digital dashboard information managers.

“So we should worry about our cars being hacked?,” DOE Secretary Ernest Moniz was asked. “It’s an issue,” he replied, “Information technology is so critical, and yet obviously it creates exposures that we have to stay ahead of. We always emphasize that this is not an area where a stationary defense helps. It’s got to be a dynamic, continually evolving one.”

Good approach!

Doug Bedell — August 26, 2015, 1:38 pm

‘Lone Wolves’ Likely to Remain Alone

“Lone wolves,” says Dr. William Hanson of American Public University on In Homeland Security, “will remain alone” until and unless there are jihadists of whatever persuasion behind them in this country. Fortunately, he adds, that isn’t an especially likely prospect.

Yet, in security terms, lone wolf attackers remain a prospect to be guarded against. Perimeter security measures combined with constant alertness are still the order of our times.

Doug Bedell — August 24, 2015, 12:47 pm

NORAD Tests Capitol’s Air Detection Readiness

Security by land, sea – and air. That’s what NORAD and other federal authorities seemed to be demonstrating Sunday morning when they held a training exercise over Washington, D.C., “to test abilities to detect drones and gyrocopters in restricted air spaces following several troubling incidents.”

One such incident occurred in May when “a Florida postal worker protesting government corruption flew a gyrocopter from Gettysburg, Pa., into restricted airspace and landed on the grounds of the Capitol.”

Doug Bedell — August 21, 2015, 11:15 am

New Reading List on Cyber Security Risks

While summer’s waning, here’s what we’ll call a fall reading list on cyber security – TaoSecurity’s offering of the “Top Ten Books Policymakers Should Read on Cyber Security”. The titles include “Future Crimes: Everything Is Connected, Everyone Is Vulnerable and What We Can Do About It,” by Marc Goodman and “Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World,” by Bruce Schneier.

This isn’t the cheeriest reading list you’ll ever be referred to, but, unfortunately, it’s an increasingly pertinent one for these digital times.

Doug Bedell — August 19, 2015, 4:08 pm

DHS Building Network of U.S. Cybersecurity Providers

According to a Department of Homeland Security (DHS) announcement, Lockheed Martin joins AT&T, CenturyLink and Verizon as cybersecurity providers through the department’s Enhanced Cybersecurity Services (ECS) program. These four firms “have met the stringent standards for ECS accreditation”, DHS says.

We’re not quite sure what that means, but it looks as though DHS is seeking to build a coterie of U.S. firms that are up to the world’s growing cybersecurity challenges. DHS calls the four firms Enhanced Cybersecurity Services providers who receive the department’s cyber threat indicators, “which they in turn use to help protect and secure the networks of their customers.”

Doug Bedell — August 17, 2015, 9:25 am

Why Gas Pumps Want to Know Your Zip Code

secure usb rsa token authentication two factor
Thanks to Gary Glover on the Security Metrics blog, here’s why gas stations ask for your ZIP code before turning on a pump. It’s an example of “two factor authentication” and provides an extra layer of security against hacking. Okay, just so it isn’t being done for marketing purposes.

Doug Bedell — August 5, 2015, 10:11 am

Social Media for Business – Within Understood Rules

Social media represent a ‘perimeter’ without fencing – that is, hackers can gather information that enterprises need to avoid. SecurityDreamer, for example, warns that “Twitter and LinkedIn are fertile sources of information for hackers preparing social engineering attacks. By gathering benign information about a company and ‘name dropping’ in a DM (direct message) conversation, attackers may build a level of trust with insiders and thereby gain secrets.”

While “Twitter and Linked in are great tools for business,” for security reasons strict protocols need to be maintained on their use in offices. Examples are given in the Security Dreamer post.

Doug Bedell — August 3, 2015, 11:29 am

‘Friendly’ Hackers Cutting a Car’s Power on a Freeway

Today’s new digital-display cars appear awesome and sometimes frightening. The frightening part applies when driving security is compromised, as in this episode, chronicled on Wired, in which two “friendly” hackers cut the power to a Jeep Cherokee traveling at 70 miles per hour on a St. Louis freeway. This kind of ‘experimenting” ought to be banned, but that’s the problem – how can it be readily detected and stopped in time?

Doug Bedell — July 28, 2015, 9:59 am

Warning: The Need to Heed Risks at Cargo Centers

Patriot Partially Open Edited (2)
Silva Consultants Blog has an extended discussion of the wisdom of paying heed to the “security of trailers and shipping containers at warehouses and distribution centers”.

A vehicle barrier like PRO Barriers’s Patriot, or our other available models, can be the ideal complement to an on-site security program at shipping and receiving centers.

Doug Bedell — July 24, 2015, 11:03 am

Working Together in Orange County

A post from the Security Magazine blog reports on how security agencies in Orange County, CA, are partnering to help each other keep in trim. It’s gratifying to find testimonials like this one to what organizations can achieve by working together in less than crisis situations.