10 Mar 11. The Army’s new Cyber Command is up and running, but it is still a work in progress. Although it achieved full operational status in October 2010, the new command is still in a growth phase, acquiring new personnel and honing its mission to defend the service’s computer networks. The command is also refining and coordinating its operational role with other Army and Defense Department organizations. Army Cyber has facilities and personnel at Fort Belvoir, Va., and Fort Meade, Md. However, the service has not yet determined the final home for the command’s headquarters, said Col. Brian Moore, Army Cyber’s chief of staff. When the command was first established, its charter called for a staff of about 500 military and civilian personnel. But when the process of creating Army Cyber was under way, Moore noted that additional missions and functions were added to its list of responsibilities. In turn, the new requirements have increased the number of personnel. The command’s headquarters facility will have a staff of more than 1,000 people when it is complete, but Moore added that subordinate organizations such as the Army Network Enterprise Technology Command (NETCOM), Army Cyber Brigade and First Information Operations Command will bring the total number of personnel to 21,000. To meet its staffing needs, Army Cyber is attracting a mix of active-duty specialists from around the Army and a variety of civilian experts. To attract civilians, Moore said the command is hosting job fairs in the Washington, D.C., area. The USAJobs website is the official online source for job vacancies. Other resources include the Army Civilian Personnel Online website that provides a public-access site focused on civilian jobs throughout the world in dozens of occupational specialty areas. Moore said Army Cyber’s public website will soon be operational, and it will be a resource for people interested in working for the command. (Source: GCN)
17 Mar 11. Top security firm RSA Security revealed on Thursday that it’s been the victim of an “extremely sophisticated” hack. The company said in a note posted on its website that the intruders succeeded in stealing information related to the company’s SecurID two-factor authentication products. SecurID adds an extra layer of protection to a login process by requiring users to enter a secret code number displayed on a keyfob, or in software, in addition to their password. The number is cryptographically generated and changes every 30 seconds.
“While at this time we are confident that the information extracted does not enable a successful direct attack on any of our RSA SecurID customers,” RSA wrote on its blog, “this information could potentially be used to reduce the effectiveness of a current two-factor authentication implementation as part of a broader attack. We are very actively communicating this situation to RSA customers and providing immediate steps for them to take to strengthen their SecurID implementations.”
As of 2009, RSA counted 40 million customers carrying SecurID hardware tokens, and another 250 million using software. Its customers include government agencies. RSA CEO Art Coviello wrote in the blog post that the company was “confident that no other … products were impacted by this attack. It is important to note that we do not believe that either customer or employee personally identifiable information was compromised as a result of this incident.” (Source: Len Zuga)
16 Mar 11. Sir Tim Berners-Lee, creator of the world wide web, has been asked by ministers to work with broadband companies on guidelines to protect the “open internet”. Internet service providers will be urged to agree provisions to strengthen consumer rights after this week pledging greater transparency on which sites and services they block and slow down. Ed Vaizey, communications minister, said he wanted ISPs’ commitments to go further, after a meeting in central London on Wednesday of telecoms groups, media comp