DARPA Seeks Self-Healing Networks

Plus: Congress weighs new domestic spying law while foreign governments upbraid U.S. spy agencies for snooping on their leaders

2 min read
DARPA Seeks Self-Healing Networks

This Week in Cybercrime

DARPA, the U.S. military’s R&D arm, announced this week that it will pay US $2 million to the winner of its Cyber Grand Challenge, a contest aimed at developing an automated network defense system that actively searches for and identifies vulnerabilities and patches them on the fly. “Today, our time to patch a newly discovered security flaw is measured in days,” Mike Walker, DARPA program manager, told Kaspersky Threatpost. “Through automatic recognition and remediation of software flaws, the term for a new cyberattack may change from zero-day to zero-second,” says Walker.

U.S. Government Snooping

Germany says the United States may have spied on Chancellor Angela Merkel’s mobile phone.

Mexico condemns alleged NSA hacking of its president’s e-mail.

Lawyers at the Electronic Frontier Foundation say that a secret bill being discussed in both houses of the U.S. Congress would ensure the continued collection of Americans’ records and shore up the legal basis for domestic spying.

Critical Infrastructure in the Crosshairs

Bugs in equipment used to run the U.S. Emergency Alert System, which sends out notifications in the case of a natural disaster or other serious situation, could still let an attacker send fake alerts—three months after a researcher reported the vulnerabilities.

A hacker armed with an antenna can wreak havoc on unpatched industrial automation software vital to operations in the oil and gas industries and in water and electric utilities from as far as 50 kilometers away.

In Other Cybercrime News…

Obamacare exchange contractors had past security lapses.

The credit bureau Experian appears to have sold an unknown amount of highly sensitive personal information to the operator of an online identity theft service.

A U.S. federal court in Idaho recently ordered a software developer's computer seized and its contents copied without prior notice because the developer described himself as a "hacker" on his website 

The International Atomic Energy Agency announced yesterday that it found malicious software on a number of its machines.

Microsoft and Symantec are pushing for a uniform way to vet companies and individuals around the world in order to stem the alarming growth in malware signed with fraudulently obtained keys and code-signing certificates.

Apple released more than 100 security updates to fix holes in eight different products including iTunes media player, the Safari browser, and the most recent iteration of its mobile operating system, iOS 7.

Cisco rolled out three patches for multiple products yesterday, addressing vulnerabilities that could’ve led to denial of service (DoS) attacks or data theft.

Six Romanians and one Albanian have been indicted on allegations that they operated a multimillion-dollar cyber fraud scheme selling nonexistent cars, boats, and other high-value items through eBay and other sites.

Image: iStockPhoto

The Conversation (0)

Why Functional Programming Should Be the Future of Software Development

It’s hard to learn, but your code will produce fewer nasty surprises

11 min read
A plate of spaghetti made from code
Shira Inbar

You’d expectthe longest and most costly phase in the lifecycle of a software product to be the initial development of the system, when all those great features are first imagined and then created. In fact, the hardest part comes later, during the maintenance phase. That’s when programmers pay the price for the shortcuts they took during development.

So why did they take shortcuts? Maybe they didn’t realize that they were cutting any corners. Only when their code was deployed and exercised by a lot of users did its hidden flaws come to light. And maybe the developers were rushed. Time-to-market pressures would almost guarantee that their software will contain more bugs than it would otherwise.

Keep Reading ↓Show less