Home  /  Empower and Protect  /  Cybersecurity News in Review

Cybersecurity News in Review

By Robert DuPree •  October 12, 2018
cyber security news

This week’s cybersecurity news in review includes articles on articles on reported Chinese hacking of the U.S. supply chain and its alleged impact on major American tech firms, an update on federal agency adoption of an anti-phishing tool required by DHS, GAO criticism of DoD’s failure to emphasize weapon system cybersecurity, and positive Army feedback on the Trump administration’s move to grant DoD greater authority in conducting offense cyber ops. There is also coverage on a U.S. pledge to help defend NATO in cyberspace, an Energy Dept. announcement of R&D funding for power grid cyber protection, the Federal CIO’s upcoming priorities, congressional progress on legislation to rename and boost a key DHS cyber office, and an interview with the deputy CIO at the Pentagon regarding supply chain protection and identity management.

Chinese chip hacking may have hit U.S. telecom company

On the heels of its earlier report that China has directed malicious chips to be placed in Supermicro server motherboards, Bloomberg now says that a major U.S. telecommunications company found manipulated hardware from Supermicro in its network. Read more…

Amazon, Apple reject reports of Chinese bugging

ComputerWeekly.com reports that both Amazon and Apple have denied a report by Bloomberg claiming their hardware in their servers had been bugged during the manufacturing process by Chinese government agents. Read more…

U.S. technology supply chain may have been compromised by China

A report by Bloomberg Businessweek says that Chinese spies planted malware in Supermicro microchips during the manufacturing process, enabling them to then hack nearly 30 U.S. firms, including tech giants Amazon and Apple. Read more…

Federal email domains making progress on anti-phishing requirement

Nextgov says the latest update on agency use of the Domain-based Message Authentication, Reporting and Conformance (DMARC) tool finds that approximately one-half of all government email domains were on track to use DMARC by the Oct. 16 deadline set twelve months ago by the Department of Homeland Security. Another 25 percent of federal email domains have set up the tool to protect against phishing, but are not set to the highest protection level.  Read more…

GAO faults Pentagon on lack of focus on weapon system cybersecurity

A new GAO report finds that, despite years of warning, DoD has been slow to emphasize weapons system cybersecurity, which Bloomberg says is of increasing importance as more weaponry is reliant upon connections to the internet.  Read more…

Army official lauds greater discretion to conduct offense cyber ops

Nextgov reports a key Army cyber official says that his team supports the Trump administration’s recent moves to allow greater authority for DoD and the Intelligence Community to conduct offensive cyber operations without going through the White House for approval. Read more…

U.S. will use cyber capabilities to defend NATO in cyberspace

The Associated Press reports that the United States is prepared to commit that it will conduct both offensive and defense cyber operations in support of NATO allies if they are attacked in cyberspace. Read more…

Energy Dept. to fund R&D to combat cyber attacks on power grid infrastructure

Fifth Domain says the Department of Energy will be spending upwards of $28 million on private sector R&D efforts to protect power companies from cyber attacks, including defending wind turbines from hackers. Read more…

Federal CIO Suzette Kent outlines priorities

FedScoop reports on an interview with Federal CIO Suzette Kent on her efforts to develop a more “digital-forward” U.S. government. Kent discussed the administration draft “Cloud Smart” proposal, as well as upcoming FISMA and “critical ID Management” security guidelines. Read more…

DHS cyber office to be renamed, elevated under pending legislation

The Senate has joined the House in approving legislation to rename and elevate to agency status DHS’ National Protection and Programs Directorate. However, differences in the Senate and House versions of the bill must still be reconciled before the NPPD becomes the Cybersecurity and Infrastructure Security Agency, which FCW says the legislation envisions will more clearly be the lead federal agency for IT security and civilian cyber issues. Read more…

DoD official discusses ID management, supply chain cybersecurity

In this C4ISRNet interview, the Pentagon’ s acting deputy CIO for cybersecurity reviews current initiatives regarding identity management, supply chain cybersecurity and other matters. Read more…

Robert DuPree

Robert DuPree

Robert DuPree is the manager of government affairs at Telos Corporation. Follow him on Twitter: @RFDuPree See full bio...

The Empower and Protect Blog brings you cybersecurity and information technology insights from top industry experts at Telos.

Leave a Reply

Your email address will not be published.

fourteen − ten =