This week saw the passing of one of the pioneers of cyberspace, Raymond Tomlinson, who was the first man to ever send an email. While Tomlinson didn’t invent email, he did transmit the first message between computer terminals in 1971 because it seemed like a ‘neat idea’, though one he was ‘never supposed to be working on’. Today approximately 2.5 million emails are sent per second, while the number of worldwide email accounts will reach 2.8 billion in 2018.
The RSA Conference concluded in San Francisco last week. Experts talked about encryption versus privacy, describing encryption backdoors as a ‘genie-out-of-the-bottle’ development. Former Secretary of Homeland Security Michael Chertoff, stressed that ‘it would be a mistake to sacrifice the security value of end-to-end encryption’, while the Center for Democracy & Technology discussed their brief in support of the position taken by Apple. Robert Knake from Council on Foreign Relations summed up his views on the RSA conference, noting a ‘clear-eyed optimism’ in the private–public cyber security partnership. However, problems remain for cyber security professionals including a lack of qualified candidates, and a legacy of systems that are indefensible but too crucial to companies’ operations to take offline.
Also at RSA was US Secretary of Defense Ash Carter, who said that the Pentagon ‘understands they are not getting good grades across the enterprise’, lagging behind the commercial sector in best practices for data protection. Carter called for action from the tech community, asking them to become more involved with the Department in the fight for data security. In response, the US Department of Defense is now asking to be hacked—officially. The ‘Hack the Pentagon’ Cyber security Initiative, part of the Cyber National Action Plan, will see carefully vetted hackers invited to test DoD networks for vulnerabilities under the first cyber bug bounty program in the history of the US federal government. The pilot, set to launch in April, is the first in a series designed to unearth vulnerabilities in the Department’s applications, websites and networks.
The US DoD has also released a Cyber Security Discipline Implementation Plan designed to strengthen cyber security practices, increase authentication and reduce the attack surface of DoD networks. For more, catch up with the latest Net Politics podcast.
An investigation by the US Industrial Control Systems Cyber Emergency Response Team into the attack against Ukraine’s power grid last December confirms the incident was a well-coordinated attack with a long lead-time. The report found distinct delineations between different phases of the operation, suggesting different state and non-state actors collaborated to shut down the power station. Security expert Robert Lee, who assisted the investigation, speculated that if Russia is responsible for the attack, it may be intended as a message that Ukraine shouldn’t nationalise power companies, some of which are owned by Russian oligarchs with close ties to President Vladimir Putin.
And finally on the home front, Australian cyber security firm Secure Logic has purchased Computer Room Solutions for just under $40 million. Computer Room Solutions, a company responsible for physical security services such as the equipment that houses serves in data centres, will continue operate as independent division of Secure Logic, a firm that focuses on information security in operations across Australia, Singapore, Malaysia, China and Indonesia. The companies have collaborated on joint projects in the past and have joined forces to increase each firm’s position to attract more lucrative contracts. The merger is a ‘perfect combination of two organisations together. We can provide a unique offering in the market’ says Santosh Devaraj, Secure Logic founder and managing partner.