Categories
GeekWire

Microsoft cybersecurity chief sizes up ‘growing threat’

Microsoft’s point man on cybersecurity, Charlie Bell, acknowledges that the threat posed by “bad actors” online — including nation states and crime syndicates with their own HR departments — is rapidly rising.

“The threat is growing,” said Bell, who is Microsoft’s executive vice president for security, compliance, identity and management. “It’s amazing how organized the threat has become, and how big it’s become.”

But bit by bit, strategy by strategy, the response to the threat is becoming more organized as well, Bell said today at the GeekWire Summit. Although network security will always be a challenge, he has faith that the tide can be turned.

“We talk a lot about defensive depth,” Bell said. “It’s going to be continually layering the protection on and making the yield that somebody gets … smaller and smaller and smaller, so that you’ve got to break a lot more things before you get any value. And at some point, it becomes far more effort to break enough things to get enough value than it’s worth. And that’s when we know that we’ll fully turn the tide.”

Categories
GeekWire

IPO brings in $287.5M to spend on space ventures

A blank-check company that has former Blue Origin President Rob Meyerson as its CEO has completed a $287.5 million initial public offering, furthering its plans to link up with ventures focusing on space, cybersecurity and energy innovation.

C5 Acquisition Corp. closed the IPO with the sale of 28.75 million units at $10 per unit, which was 3.75 million units above the original allotment for sale. Those units are now listed as CXAC.U on the New York Stock Exchange, and common stock is expected to be listed as CXAC.

Blank-check companies — formally known as special-purpose acquisition companies, or SPACs — use their capital to pursue mergers or other types of business combinations with ventures in targeted industry segments.

The strategy typically accelerates the process of going public, and it’s been used with a growing number of space ventures, including Virgin Galactic, Virgin Orbit, Rocket Lab, BlackSky and Astra. Seattle-area telecom pioneer Craig McCaw played a key role in the SPAC deal involving Astra, which set that company’s value at $2.1 billion.

In a news release, C5 Acquisition Corp. said it would look for deals related to national security concerns.

Categories
GeekWire

Microsoft aims to boost cybersecurity in space

Microsoft is joining the Space Information Sharing and Analysis Center as a founding member, with a mission to strengthen cybersecurity for critical space assets.

“As the first hyperscale cloud service provider to join this member organization, we will share our unique global threat insights to protect critical infrastructure and strengthen cybersecurity expertise in the space community,” Tom Keane, corporate vice president for Azure Global, said today in a blog posting.

Space ISAC was launched in 2019 as a channel for companies and research institutions to work with each other and with government agencies to safeguard space assets. The group’s founding members include space industry heavyweights such as Lockheed Martin, Northrop Grumman, SES and The Aerospace Corp. Boeing is a general member.

Categories
GeekWire

Space: The final frontier for data security

What will commercial space stations be good for? The application that typically comes up would be their use as space hotels, or maybe zero-gravity research labs and factories.

But space industry veteran Rob Meyerson has a different idea in mind — and in his role as operating partner at C5 Capital USA, he’s able to put some money behind it.

“Looking for new markets is something we’re highly motivated to do,” Meyerson told GeekWire. “Data storage and compute is one market. Cybersecurity is another.”

The possibilities for providing data and security services on the final frontier played a big role in C5 Capital’s decision to lead a $130 million funding round for Texas-based Axiom Space, which is due to send citizen astronauts to the International Space Station next year and could start laying the groundwork for its own space station in 2024.

“We have a lot of data that’s created in space, but how valuable would it be to actually do compute and storage in space?” Meyerson asked. “We’ve been talking with Axiom about that and helping them to form partnerships. How do we use the C5 portfolio in cybersecurity and threat protection to assist Axiom with their supply chain and their partners, to bring the most advanced technologies to that critically important area?”

Categories
GeekWire

Virus-tracking plans raise privacy concerns

U.S. Rep. Suzan DelBene
Rep. Suzan DelBene, D-Wash.,, says privacy concerns have to be considered along with public health concerns. (DelBene.House.gov Photo)

Rep. Suzan DelBene, D-Wash., and two other members of Congress are sounding an alarm over the prospect of using location data to track the coronavirus outbreak.

In a letter to President Donald Trump and Vice President Mike Pence, who heads up the White House’s coronavirus task force, the three lawmakers take note of reports that Facebook, Google and other tech companies have been talking with administration officials about using data captured by smartphones and apps for public health purposes.

Although such applications may help public health officials limit the spread of COVID-19, they could also limit personal privacy, according to the letter, which was signed by DelBene as well as Sen. Ron Wyden, D-Ore.; and Rep. Anna Eshoo, D-Calif.

Get the full story on GeekWire.

Categories
GeekWire

How IoT could bring hackers into your kitchen

Internet of Things and the cloud
Pixabay Illustration

WASHINGTON, D.C. — Tens of billions of devices, ranging from coffee makers to cars to spacecraft, could someday be connected to global networks thanks to what’s known as the Internet of Things, or IoT, and cybersecurity experts say that could open up a whole new universe for hackers and eavesdroppers.

Consider the humble coffee maker, for example: University of North Carolina techno-sociologist Zeynep Tufekci suggested that if Chinese authorities wanted to, say, root out Muslim activists in the country’s far western Xinjiang region, they could watch for the telltale sign of coffee or tea being brewed before morning prayers.

“Your coffee maker has an IP [address], and it might be at risk of identifying these people, because if I wanted one piece of data from the region, that would be my thing. … It’s a very synchronized hour, that’s the whole point of it,” Tufekci said here last weekend during the annual meeting of the American Association for the Advancement of Science.

“Holy crap, we were just talking about coffee making, right? And now we’re talking about taking people to send to internment camps,” she said. “These lines are not as far apart from one another as one would think.”

Get the full story on GeekWire.

Categories
GeekWire

NASA reviews security after data breach

Pleiades supercomputer network
NASA’s computer servers include the Pleiades supercomputer network. (NASA Photo)

NASA says it is reviewing its network security processes and procedures after a computer break-in exposed Social Security numbers and other personal information about the space agency’s current and past employees.

The breach was discovered in October, and its full extent and impact has yet to be determined. NASA says it will provide identity protection services to all those who have potentially been affected.

NASA Watch, an independent website founded by former NASA employee Keith Cowing, first brought the incident to light in a posting on Dec. 18 that quoted an internal NASA memo. The memo suggests that agency employees who were hired, transferred or left NASA between July 2006 and October 2018 may be affected.

Get the full story on GeekWire.

Categories
GeekWire

New crypto needed for quantum computing age

Quantum computing report
A new report from the National Academies says it’ll be at least a decade before quantum computing becomes powerful enough to crack today’s public-key cryptography, but it could also take that long to develop a new data-encoding system to protect against hacking. (National Academies Illustration)

new report from computer scientists estimates that it’s likely to be at least a decade before quantum computing tools become powerful enough to compromise the current system of public-key cryptography that serves as the foundation for data security and financial transactions.

But it could also take a decade or more to replace current crypto tools with new protocols that would be resistant to quantum hacking, according to the report, published today by the National Academies of Science, Engineering and Medicine.

Therefore, the report’s authors say, it’s urgent to begin the transition toward such “post-quantum” protocols — which can range from increasing the size of encryption keys to developing new lattice-based systems such as NewHope and Frodo.

The study was sponsored by the federal Office of the Director of National Intelligence, and meshes with policy strategies laid out in September during a White House quantum information science summit. Like the White House strategy document, the National Academies study points out that the rise of quantum computing will have deep implications for national security.

Get the full story on GeekWire.

Categories
GeekWire

Battleground shifts in fight over fake news

National Guard at work
Staff Sgt. Wiggin Bernadotte, a cyber warfare operator in the Washington Air National Guard’s 262nd Cyberspace Operations Squadron, works with Capt. Benjamin Kolar, a cyberspace operations officer in the 262nd, on an electrical substation simulator. The exercise is part of the Air National Guard’s effort to help secure and protect voting systems on Election Day. (JBLM / DVIDS / DOD Photo / Paul Rider)

Facebook and Twitter have been cracking down on political disinformation during the current election cycle, but there are signs that the fight against fake news has spread to new battlefields, ranging from LinkedIn to text messages.

In Washington state, the Air National Guard has called out its cyberspace operations unit to protect the voting system. And the battle won’t end when the votes are tallied.

“Be aware of the ‘voter fraud’ debate that will inevitably follow the election — no matter the results,” University of Washington information scientist Jevin West, one of the instructors for a “Calling B.S.” class that went viral, told GeekWire in an Election Day email.

Get the full story on GeekWire.

Categories
GeekWire

Not even Congress can keep up with IoT security

IoT security panel
Moderator Mark Harris of The Economist leads a discussion about IoT security with Finite State CEO Matt Wyckhouse, U.S. Rep. Suzan DelBene and University of Washington computer scientist Franziska Roesner at the GeekWire Summit. (GeekWire Photo / Kevin Lisota)

For years, computer industry leaders have been talking about creating a seal of approval that would assure consumers that their connected devices would be safeto use on the Internet of Things, just as past generations had Underwriters Laboratories or the Good Housekeeping seal to lean on. Why is that so hard to do?

U.S. Rep. Suzan DelBene, D-Wash., says it’s because the IoT market is moving so quickly that what seems secure today may not be so tomorrow.

“There was a time when we had something more static, you could say that it’s got this particular validator on the box, and you knew that it would potentially be good for years to come,” DelBene, who co-founded the Congressional Caucus on the Internet of Things in 2015, said today at the GeekWire Summit. “How do we make sure that if something’s there, it’s really going to mean something months or years down the line, given how much things are changing?”

She and other experts on agreed that security assurances will become increasingly necessary as the number of IoT devices, ranging from webcams to smart speakers to kitchen appliances, mushrooms from an estimated 11 billion today to more than 20 billion in 2020.

Get the full story on GeekWire.