By Ann Longmore-Etheridge
DHS is warning of a specific cyber threat to networking devices, and DHS Secretary Janet Napolitano discusses a broader threat of a cyber 9-11.The TSA is trying to expedite screening for more air travelers. A new new software tool can spot disgruntled employees. And more.
►ZDNet reports that the U.S. Department of Homeland Security is warning of "a serious threat to networking devices , such as scanners, printers, computers, and routers. It comes only a few hours after a white paper was released by security researchers at Rapid7, which claimed that approximately 40 to 50 million devices worldwide are vulnerable to infiltration by hackers as a result of a flaw in a networking protocol."
The problem is with Universal Plug and Play (UPnP), which lets devices that connect to networks communicate and discover each other's presence. DHS is "concerned that the vulnerability could impact millions of machines, and warns users to update their software or disable UPnP altogether," the article notes.
►Homeland Security Secretary Janet Napolitano used a speech at Washington, D.C., think tank the Woodrow Wilson Center,to address the possibility of a "cyber 9-11 ." Sectors of the privately owned U.S. infrastructure, she said, are highly vulnerable, she said, and she urged Congress to pass cyber security legislation that would help to mitigate any future cyber attack.
►In the same Wilson Center speech, reports HSToday.us, Napolitano also stated that "the goal of TSA to make half of the U.S. population eligible for expedited screening within two years' time." Toward that goal, the TSA "held an industry day to explore the possibility of using commercial data to prescreen air passengers and thus speed their physical screening at U.S. airports. The TSA has been putting trusted travelers through expedited screening through its PreCheck program but the agency is now seeking ways to expand the population of travelers eligible for faster and lighter screening."
►"A new International Business Machines Corp. security tool uses Big Data to help CIOs detect internal and external security threats in new ways—and can even scan email and social media to flag apparently 'disgruntled' employees who might be inclined to reveal company secrets," says the Wall Street Journal. It does so by analyzing e-mails, financial transactions, and website traffic to detect patterns of security threats and fraud.
►Elsewhere in the news, Niger, which is next to Mali, agrees to let U.S. have surveillance drones f ly from there, reports CNN. the Bayoubuzz reports on the U.S. Coast Guard's Super Bowl security plan, which it has begun to implement, and a GAO report finds that the Pentagon still isn't doing enough to address the military's sexual abuse problem , especially with regard to protecting the victim's right to confidentiality in seeking medical treatment, reports Danger Room.