In the news: 5 tech news stories worth another look

Debbie Thomson

What’s worse: Making decisions without access to information or acting on intelligence that’s available but may be manipulated?

It’s the latter that several directors of major U.S. intelligence and law enforcement agencies find most concerning.

“Rather than a ‘Cyber Armageddon’ scenario that debilitates the entire U.S. infrastructure, we envision something different,” James Clapper of National Intelligence said during a cybersecurity hearing hosted by the House Committee on Intelligence. “We foresee an ongoing series of low-to-moderate level cyberattacks from a variety of sources over time, which will impose cumulative costs on U.S. economic competitiveness and national security.”

Clapper talked about “integrity of information” being a top priority. He sees the cyber-warfare tactic of digitally manipulating data rather than deleting it as particularly troubling.

As SC Magazine reported: “Government officials could struggle to make decisions if the information they rely on is tainted or seemingly can't be trusted.”

What else made this round-up? Read on:

Barrage of attempts
The U.S. Department of Energy has been busy defending its critical infrastructure from cyber-attacks. But now there are numbers to show just how busy it’s been.

According to USA Today which requested and received federal records under the Freedom of Information Act — DoE computer systems were compromised 159 times between 2010 and 2014.

“Incident reports submitted by federal officials and contractors since late 2010 to the Energy Department’s Joint Cybersecurity Coordination Center shows a near-consistent barrage of attempts to breach the security of critical information systems that contain sensitive data about the nation's power grid, nuclear weapons stockpile and energy labs.”

Attacks succeeded 14% of the time. Federal records, USA Today reported, show that 1,131 attempts were made during the four-year window.

Thumbs up or down?
Facebook is finally working on a “Dislike” button — or something to that effect.

The social network’s CEO, Mark Zuckerberg, admitted as much during a Q&A session at the company’s headquarters.

The feature, which will enter the testing phase soon, isn’t intended for the purposes of “down-voting” certain content — Zuckerberg’s longtime concern that prevented the addition of the button. Instead, it will be used for acknowledging content that warrants reaction that doesn’t necessarily deserve a thumbs up.

“So ‘Dislike,’ or whatever it winds up being called, could provide a counterbalance to that phenomenon, making it easier for users to signal interest in a post or story that would be awkward to ‘Like,’” Time reported.

The need for (more) speed
Google has a new goal: Increase its influence with publishers.

According to the New York Times, the search engine giant is working with Twitter and multiple major media outlets (including the Times itself) to build “a new kind of web link and article storage system that would load online news articles and digital magazine pieces in a few milliseconds.”

It can take up to 10 seconds for websites to load, the article says. Speed is significant.

“The effort is also an attempt to protect the web from the onslaught of mobile applications and steer publishers away from the closed, proprietary systems that are being built by companies like Facebook, Apple and Snapchat,” the Times reported.

The project is expected to be announced with “initial test partners” this fall.

Flirting with failure
The Massachusetts Institute of Technology (MIT) is probably the last university you’d expect to rank last in IT security.

But that’s the case.

According to Ars Technica, a recent survey by SecurityScorecard analyzed 485 colleges and universities around the world with at least 1,000 public-facing IP addresses. MIT ranked at the bottom, barely earning a passing grade.

“With nearly 80,000 IP addresses discovered in the SecurityScorecard platform, the Cambridge college is showing a plethora of security risks, vulnerabilities, and weaknesses. To receive an overall ‘D’ grade, an organization needs to rank poorly in many of the 10 categories captured in SecurityScorecard.”

The school scored low in:

  • IP reputation
  • Network security
  • Hacker chatter
  • Password exposure
  • Patching cadence
  • Susceptibility to social engineering

MIT has some work to do.