24 Jul 12. An increasing reliance on imports, combined with the fraying of the nation’s power grid, highways and rail lines, leaves the United States more vulnerable to the damage of natural disasters and terrorist attacks, according to a report to be released Wednesday by former homeland security secretary Tom Ridge. The report, which Ridge shared with homeland security officials Tuesday morning, warns that the offshoring of U.S. factories means that rebounding from a catastrophe will be more difficult because so many critical supplies would have to come from overseas. (Source: Washington Post/glstrade.com)
23 Jul 12. AREVA Inc. and Northrop Grumman Corporation have joined forces to provide cybersecurity protection support for the nuclear industry. The alliance is in response to the Nuclear Regulatory Commission’s call for commercial nuclear facilities to develop and implement cybersecurity plans. Northrop Grumman’s industry-leading cybersecurity capabilities, in concert with AREVA’s extensive regulatory experience and decades of serving the nuclear power industry, will help plant operators meet their regulatory obligations established by the commission. Northrop Grumman has a long history of building defenses against cyber threats with significant understanding of how to minimize risk.
“Protecting the U.S. nuclear power infrastructure from exploitation and attacks of networks, systems, information and physical assets is an industry concern,” said Tom Franch, senior vice president of reactors and services, AREVA Inc. “The value created through this agreement will go a long way in helping our utility customers ensure regulatory compliance with ever-increasing safety requirements and help utilities reinforce public confidence by leveraging advanced instrumentation and control technology.”
“We look forward to working with AREVA and combining its nuclear industry capabilities with our significant experience protecting mission-critical operations from cybersecurity threats,” said James M. Myers, vice president
24 Jul 12. CyberCrims Build ‘Super-Cracker’ Machine at Cost of Standard PC. A ‘super-cracker’ machine with the capability to crack more than 9 billion passwords a second can be bought for around £400 – the cost of a low-spec desktop PC. Investigations by hosting firm UKFast revealed that the low cost ‘super-cracker’ – built to incorporate two openly-available high power graphics cards – can make light work of cracking passwords, deciphering a six-character code in less than a second. Cyber criminals are using these high-powered machines to decode stolen databases of encrypted usernames and passwords, enabling them to access all manner of online portals including shopping and email accounts. The machine, developed at a low cost by UKFast’s security team, has the ability to crack a six character code of letters, numbers and symbols in less than a minute and a half, shattering the belief that complex passwords are sufficient to protect personal data online. Tests performed last year by the security experts highlighted the capabilities of a £30 graphics card which can process 158m possible passwords per second and be bought from high-street computer retailers. Users are urged to protect themselves by changing their passwords often and using a combination of upper and lower case letters, numbers and symbols.
19 Jul 12. The Department of Homeland Security Science and Technology Directorate (S&T) today announced the validation and availability of an open-source cybersecurity tool for securing information shared across the Internet. Government agencies required to use cryptographic software validated to Federal Information Processing Standards (FIPS), will now have access to Open Secure Socket Layer (OpenSSL v2.0), a free, publicly available security software that meets federal security guidelines. “OpenSSL is a widely-used component in many software security applications,” said Luke Berndt, DHS Program Manager for the