The RC4 encryption algorithm, widely used on the Internet because of its simple design and speed, is less secure than previously believed.
Data in the cloud may have pie-in-sky security. The firm Evernote announced that its usernames and email addresses (but not passwords) had been revealed to hackers. The passwords are encrypted, but we hope that RC4 was not the algorithm.
National security letters, a warrantless communication surveillance method used by the FBI, has been ruled unconstitional by a Federal Appeals Court in California.
The Pentagon announced plans for a three-pronged "CyberCommand" to utilize 5 times as many people as are currently involved in such activities.
Apparently successful "spear-phishing" attacks against major US newspapers originate in China, according to unnamed experts.
According to a classified report called the "National Intelligence Estimate", the US is the target of cyberespionage mounted by several countries. "Cyber-espionage, which was once viewed as a concern mainly by U.S. intelligence and the military, is increasingly seen as a direct threat to the nation's economic interests."
Is one building in China the source of concerted attacks against US cyberassets?
A 60-page report by a US company, Mandiant, is the first non-governmental assessment of the source of attacks on US computers to lay the blam on the Chinese military.
The US executive branch has been considering rules governing actions of its new "Cyber Command". "The implications of pre-emption in cyberwar were specifically analyzed at length in writing the new rules. One major issue involved in the administration’s review, according to one official involved, was defining "what constitutes reasonable and proportionate force" in halting or retaliating against a cyberattack."
A stopgap measure aimed at bolstering US resistance to cyberattacks, the President signed an executive order for sharing threat information between the government and private companies.
Security tools reveal cyberintruders' trickery
The buzz at the annual RSA Conference was about how large organizations are putting more effort into discovering how they were hacked, and they are also starting to share that information.
Tom Donilon, President Obama's national security advisor, said that the White House wants China to crackdown on hackers and enter into a dialogue about standards.
The US government expresses some confusion over the perpetrators of large-scale hacking attacks. Although the countries of origin appear to be China and Iran, the administration is unsure whether individuals, the military, or both, are behind the majority of the attacks.
The White House was the location for a meeting on March 13 for the purpose of enlisting support for pending legislation giving the executive branch powers and funds to combat cyberespionage and to thwart or counter cyberwarfare. The legislation was proposed but not passedin 2011. Last month, an executive order was signed, setting the stage for information sharing with privated companies, and this meeting may have resulted as a consequence of that order.
Gen. Keith Alexander, head of the US Cybercommand, talked to Congress about the defensive part of his 3-part command structure.
China joined the media blitz about cyberespionage by calling for new dialogue on rules and cooperation while denying official involvement in misdeeds.
The Australian central bank, said that although news reports about it being hacked were partially true, the bank believes that it was successful in isolating the attacks and avoiding any information disclosure.
An admitted Twitter addict, Thomson Reuters' deputy social media editor Matthew Keys may also be a malicious hacker. He has been charged with hacking the Los Angeles Time website and altering headlines.