nextgov

Nuclear Regulatory Commission computers within the past three years were successfully hacked by foreigners twice and also by an unidentifiable individual, according to an internal investigation.

Phishing e-mails baited personnel by asking them to verify their user accounts by clicking a link and logging in.

Two bills to strengthen cybersecurity in the systems that underlie the nation’s energy, water and food supplies passed the House, along with a measure to improve the federal government's cyber workforce.

A bill (H.R. 3696) introduced by Rep Michael McCaul (R-TX) seeks to strengthen the Department of Homeland Security's ability to protect 16 critical sectors -- including defense, health, energy and food -- by establishing partnerships with the private sector and enhancing programs already in place.

Other legislation passed by the House included a bill (H.R. 2952) introduced by Rep Patrick Meehan (R-PA) to improve critical-infrastructure security technology and a bill (H.R. 3107) from Rep Yvette Clarke (D-NY) to bolster DHS’ cyber workforce.

Despite moves by the Obama Administration toward digital transparency and open data, the US government now ranks seventh worldwide in e-government, down two spots since 2012, according to a United Nations report on the matter.

Just released, the E-Government for the Future We Want report contrasted the 185 United Nations members by the E-Government Development Index. The EGDI is made up by three components of e-government: online service index, human capital index, and information and communications technology. South Korea ranked first, with Australia, Singapore, France and the Netherlands rounding out the top five.

In a section noting mobile use, the report lauded the Obama Administration for its open data prioritization and its use of apps in delivering services to citizens in its digital government plan.

Regionally, Europe led the rankings with 16 of the 25 nations in the "Very High EGDI" category and a regional EGDI average of 0.69. The US and Canada were the only two nations from the Americas in that category. The Americas region's average EGDI came in at 0.51.

The Defense Information Systems Agency announced it would like a discount on its future purchases of mobile applications, as it kicked off the process to evaluate next-generation smartphones and tablet computers.

DISA’s Mobility Project Office asked vendors to provide it with information needed to evolve its mobile application strategy. On June 27, 2013, the agency awarded a $16 million contract to Digital Management to securely manage mobile devices and set up a mobile app store.

DISA said it needs industry help because of the way apps are developed and deployed in the commercially driven environment. The Mobility Project Office put price first in its request for information to industry, asking, “What are industry best practice for purchasing enterprise applications at reduced rates to support Android, Apple, Blackberry, and Windows Mobile Operating Systems?”

Attracting, retaining and developing key IT talent remains the top challenge among federal chief information officers and chief information security officers, according to a new survey.

The survey of 59 federal CIOs, CISOs, information resource management officials and congressional oversight committee staff by TechAmerica and Grant Thornton, found that 52 percent of respondents indicated that IT workforce issues -- training, recruitment and retention -- remains their biggest challenge. In fact, one respondent said they were “five years behind in terms of talent.”

The way to handle a cyber threat is not by harnessing the enormous amounts of data the United States collects on similar hacks, according to an unlikely source -- a former US intelligence cyber chief.

It’s too much information and inefficient to analyze.

"I hate the wisdom of crowds. That is BS. Does not exist," said Roger Hockenberry, former chief technology officer for the National Clandestine Service. "It creates this immense opportunity when you have tons of data to look at and research, but at the same time, we have tons of data that we need to look at and research."

The quality of data and automation has not matured to the point where feeding information to machines can stop an assault, he said. Still, some current Homeland Security Department officials stressed the need to at least automate data feeds about breaches -- something organizations that are hit by hackers are often reticent about.

"What it really comes down to is your CERT," or computer emergency response team, said Hockenberry, who also served as a CIA chief for cyber solutions. "All the companies that I see have a very nascent ability to automate response to any kind of attack. It’s still a manual process."

The Secret Service is purchasing software to watch users of social networks in real time, according to contract documents.

In a work order, the agency details information the tool will collect -- ranging from emotions of Internet users to old Twitter messages. Its capabilities will include “sentiment analysis,” "influencer identification," "access to historical Twitter data," “ability to detect sarcasm," and "heat maps" or graphics showing user trends by color intensity, agency officials said.

The automated technology will "synthesize large sets of social media data" and "identify statistical pattern analysis" among other objectives, officials said. The tool also will have the "functionality to send notifications to users,” they said. Employees within the Secret Service's Office of Government and Public Affairs will be using the new system, agency officials said.

Every day, people, machines and the world’s growing multitude of sensors create more than 2.5 exabytes of data -- that’s a 2.5 followed by 18 zeros -- a bonanza of bits and bytes that is in many ways a double-edged sword.

On one hand, private sector companies and the government are able to collect more data than ever for analysis -- ideally, that’s a great thing. Never in human history has humanity had access to the kinds of data it does now. Yet big data sets are also attractive to hackers and malicious actors who see more data as more money or intelligence to steal.

The two disciplines -- cybersecurity and big data -- are beginning to meld so that it’s difficult to talk about one without the other. Agencies across government are learning to better detect and analyze cyber threats, and one of the ways they are doing so involves big data.

For example, agencies might sift through huge piles of data as they monitor traffic in and out of a network in real time to detect potentially adversarial anomalies. It takes a lot of technological horsepower to analyze that information, but the insight it provides could be the difference between a massive leak or media frenzy and business as usual.

Concerns about data compromises are partly to blame for drawing out an effort to merge roughly 2,000 dot-gov websites, according to federal officials and internal emails. But officials say they are still committed to making government services and information easier to navigate, as the website consolidation initiative approaches its three-year anniversary.

Combining National Oceanic and Atmospheric Administration website content with content from the Coast Guard illustrates the trickiness. The Coast Guard, a Homeland Security Department agency with a dot-mil suffix, is more of a bull’s eye for hackers than NOAA, officials say. USCG employees shy away from sharing data with other agencies, one information technology employee complained on the government's Web content managers listserv in 2012. Nextgov retrieved the message, with the employee’s name redacted, through an open records request.

The Coast Guard staff "are security maniacs because hackers like to target them," wrote a NOAA web manager in the Office of Space Commercialization, which is part of the Department of Commerce.

Securing America’s future in science, technology, engineering and math fields requires more than expanding opportunities for women. Promoting interest and opportunities for minorities also should be a national imperative, particularly as more than half of children born in the United States today are of minority descent.

That was the topic of a symposium at the National Academy of Sciences that sought to find solutions for providing minorities and women with proven pathways for obtaining good jobs and a higher standard of living through STEM education. The event, hosted by the Leadership Conference on Civil and Human Rights, highlighted that now, 60 years after the landmark Supreme Court decision in Brown v. Board of Education, education in the United States remains separate and unequal for many minorities, children with disabilities and those living in high-poverty areas.

STEM is one area that has great potential to reverse that trend and help the United States maintain a competitive edge, experts noted.