US Calls for Cyber Reform After Massive Hack

The White House urged Congress to come out of the "dark ages" and pass new cyber security rules, using a massive security breach to press its case for reform. President Barack Obama's allies seized on news of that data on four million government employees had been compromised to press for legislation stalled in the Republican-dominated Congress.

"The fact is, we need the United States Congress to come out of the dark ages and come into the 21st century to make sure we have the kinds of defenses that are necessary to protect a modern computer system," said White House spokesman Josh Earnest.

Senate Intelligence Committee vice chairman Dianne Feinstein, a Democrat, joined the White House drive.
"Congress must take action," to speed notifications on breaches and increase cooperation between the government and private companies.
"It's impossible to overstate this threat," she said.
"Trillions of dollars, the private data of every single American, even the security of critical infrastructure like our power grid, nuclear plants and drinking water are all at risk."
The US government last week admitted hackers accessed the personal data of current and former federal employees, in a huge cyber-attack suspected to have originated in China.

The breach of the Office of Personnel Management included records on 750,000 Department of Defense civilian personnel. The New York Times reported that the inspector general of the department had warned in November that the office's database was vulnerable to cyber-attack.

The newspaper reported that by the time the warning was published, hackers had plundered tens of thousands of files containing security clearances, laying the groundwork for the massive attack revealed on Thursday.
"The mystery here is not how they got cleaned out by the Chinese. The mystery is what took the Chinese so long," one senior former US government official was quoted by the Times as saying.

The United States has repeatedly accused China of waging cyber warfare in recent years, claims Beijing routinely denies.
In 2013, US Internet security firm Mandiant said hundreds of investigations showed that groups hacking into US newspapers, government agencies, and companies "are based primarily in China and that the Chinese government is aware of them."
One group, it said, was believed to be a branch of the People's Liberation Army called Unit 61398, and digital signatures from its cyber-attacks were traced back to a building in Shanghai.

Last year, five members of the unit were indicted by US federal prosecutors on charges of stealing information from companies, including nuclear plant manufacturer Westinghouse, SolarWorld and US Steel.
Beijing angrily hit back on Friday at claims the latest attack had originated in China, describing the allegation as "irresponsible."

"Cyber-attacks are generally anonymous and conducted across borders and their origins are hard to trace," foreign ministry spokesman Hong Lei said at a regular briefing.

"Not to carry out a deep investigation and keep using words such as 'possible' is irresponsible and unscientific," he added.

Business Insider:  

 

« Russia's Greatest Weapon May Be Its Hackers
Bigger than Heartbleed - 'Venom' Threatens Datacenters »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Tukan IT

Tukan IT

Tukan IT provides a data classification and protection solution.

PartnerRe

PartnerRe

PartnerRe provides multi-line reinsurance to insurance companies on a worldwide basis. Services include Cyber Risk.

Virsec Systems

Virsec Systems

Virsec detects and remediates previously “indefensible” advanced memory-based attacks on critical applications and server endpoints.

Cyberlitica

Cyberlitica

Cyberlitica (formerly iPhish) provides a Workforce Threat Intelligence application that significantly augments companies’ cyber threat prevention efforts.

Science Applications International Corporation (SAIC)

Science Applications International Corporation (SAIC)

SAIC is a premier technology integrator in the technical, engineering, intelligence, and enterprise information technology markets. Services and solutions include Cybersecurity.

GOVCERT.lu

GOVCERT.lu

GOVCERT.lu is responsible for the treatment of all computer related incidents jeopardising the information systems of the government and defined critical infrastructure operators in Luxembourg.

DeviceAssure

DeviceAssure

DeviceAssure enables organizations to reliably identify counterfeit and non-standard devices with a real-time check on a device's authenticity.

Seavus Accelerator

Seavus Accelerator

Seavus Accelerator's goal is to create an enabling and stimulating environment for start-ups growth and provide continuous high quality acceleration and investment support.

ClearHub

ClearHub

The aim of ClearHub is simple: to give businesses like yours access to the best talent, all screened and technically tested by Clearvision’s expert team.

SilverEdge Government Solutions

SilverEdge Government Solutions

SilverEdge is a next generation provider of innovative and proprietary cybersecurity, software, and intelligence solutions for the Defense and Intelligence Communities.

Cognisys Group

Cognisys Group

Cognisys provides cyber security penetration testing and compliance services from its offices in Leeds and Manchester.

CXI Solutions

CXI Solutions

CXI Solutions: Your trusted partner in cybersecurity. We offer a full range of cybersecurity solutions to protect your business from digital attacks and virtual threats.

Zeta Sky

Zeta Sky

Zeta Sky offers a full range of IT and cyber-security services for your business.

FearsOff

FearsOff

FearsOff is a global information security company serving clients worldwide. White hat operators with a black hat mindset to emulate real world attacks and everchanging threat vectors.

OpenZiti

OpenZiti

OpenZiti is the world’s most used and widely integrated open source secure networking platform. OpenZiti provides both zero trust security and overlay networking as pure open source software.

Redinent Innovations

Redinent Innovations

Redinent is a cutting-edge IoT Security platform that offers precise security posture analysis and delivers actionable intelligence, empowering businesses to operate with unrivaled resilience.