Cyberattack

Today, 34 global technology and security companies announced that they have signed a Cybersecurity Tech Accord, which publicly commits them “to protect and empower civilians online and to improve the security, stability and resilience of cyberspace.”  The signatories include Cisco, Dell, Facebook, HP, Intuit, and Microsoft.

The text of the Accord references recent events that have put online security at risk, and sets forth four principles:
Continue Reading Tech & Security Companies Sign Cybersecurity Tech Accord

Yesterday the U.S. House of Representatives passed the National Cybersecurity Protection Advancement Act (NCPAA), a bill that would provide liability protections for companies sharing cyber threat information with the Department of Homeland Security’s National Cybersecurity and Communications Integration Center (NCCIC).  A related bill, the Protecting Cyber Networks Act (PCNA), was passed by the House on Wednesday and would provide similar liability protections when companies share information with civilian agencies.  As we reported last week, the two bills are expected to be combined before heading to the Senate.
Continue Reading House Passes Cybersecurity Information Sharing Bills

By Caleb Skeath

This past Wednesday, the House Armed Services Committee’s Subcommittee on Emerging Threats and Capabilities held a hearing on military cybersecurity issues.  The hearing focused on the most pressing cyber threats to the nation’s security, as well as the need to grow the military’s cybersecurity workforce while maintaining high levels of skill and training.

Navy Adm. Michael Rogers, Commander of U.S. Cyber Command, described four different types of cyber threats that the U.S. faces:

  1. Autocratic governments, such as North Korea, that “view today’s open Internet as a lethal threat to their regimes;”
  2. Theft of intellectual property by states, individuals, and criminal organizations;
  3. Disruptive activities, such as denial-of-service attacks, malware, and network traffic manipulation; and
  4. States developing the capabilities and system access for hostile activities in cyberspace, either as a deterrence measure or in preparation for future attacks.

Continue Reading Military Cybersecurity Hearing Discusses Cyber Threats, Information Sharing

This week, the Medical Identity Fraud Alliance (“MIFA”) released its 2014 Fifth Annual Study on Medical Identity Theft, finding that in the last year, medical identity theft incidents increased by 21.7% from 2013.  The study is annually conducted to determine the pervasiveness of medical identity theft in the United States, how it affects the lives of victims, and what steps should be taken by consumers, healthcare providers, and governments to reduce the incidence of this crime.  Medical identity theft is defined by the report as occuring “when someone uses an individual’s name and personal identity to fraudulently receive medical services, prescription drugs and/or goods, including attempts to commit fraudulent billing.”  In this study, medical identity theft also is deemed to occur when an individual shares his or her health insurance credentials with others.
Continue Reading Study Shows Increase in Medical Identity Theft

Just two days after disclosing publicly that it was “the target of a very sophisticated external cyber attack” in which the personal information of over 80 million customers was compromised, officials of Anthem Inc., the nation’s second largest health insurance company, are to brief staffers of the House Energy and Committee on the security breach. 

On Tuesday, the U.S. cybersecurity firm Mandiant released a 60-page report detailing the activities of a hacking collective it claims has direct ties to China’s military. The firm has linked the collective to cyberattacks on more than 140 organizations across 20 industries worldwide since 2006.

Mandiant claims the activity—carried out by a group called the

Yesterday, the Senate voted to move forward with a floor debate of the Cybersecurity Act of 2012 (“CSA2012”) (S. 3414), and the White House formally endorsed CSA2012, saying it will strengthen efforts to secure American networks against cyberattacks.  As a result of yesterday’s procedural vote, the Senate is likely to consider the current version