|
|
|
|
|
Cyber Daily: Lawmakers Drop Effort to Allow Spy Agencies to Recruit Former Marijuana Users
|
|
|
|
|
|
Good day. A long-running campaign to permit U.S. spy agencies to hire former marijuana users has hit another roadblock, raising concerns that the intelligence community is being limited in its ability to recruit the best talent available, particularly in cybersecurity.
Lawmakers dropped a measure from the annual intelligence authorization act that would have prohibited agencies from disqualifying candidates from security clearances solely on prior marijuana use, after the objections of at least two senators, my colleague Dustin Volz reports.
More than 20 states and Washington, D.C., have legalized recreational marijuana, and most permit some form of medical use. The provision’s supporters argued that banning former marijuana users puts the public sector at a disadvantage against private-sector companies when recruiting cybersecurity specialists, where hiring rules are often less rigid.
A number of congressionally-mandated commissions on technology and workforce issues have also stressed the need for reform in security clearances, arguing they are often too restrictive and take too long to be processed.
Also today:
-
Indian hospital resumes services after fortnight’s outage from hack.
-
U.S. defense bill includes significant cyber components.
-
European court rules residents can ask Google to delete false information.
|
|
|
CONTENT FROM OUR SPONSOR: Netscout
|
|
Rethinking DDoS Defenses
Adaptive DDoS attacks are on the rise. Hybrid, comprehensive, dynamic protection is critical for combating these attacks. NETSCOUT’s Omnis AED provides a hybrid approach and can overpower DDoS attack traffic.
Read More
|
|
|
|
|
|
|
|
|
Investigators at the site of a deadly crowd crush during Halloween festivities in Seoul, South Korea. Hackers have attempted to exploit the incident to infect computers.
PHOTO: SEONGJOON CHO/BLOOMBERG NEWS
|
|
|
|
Google Links Phishing Campaign to North Korean Hackers
Google’s Threat Analysis Group found that North Korea-linked hackers have attempted to exploit a crowd-crush incident that killed more than 150 people in the South Korean capital to trick users into downloading malware that uses a recently disclosed zero-day vulnerability. Multiple submissions of a document posing as an incident report detailing the accident in Itaewon, a district of Seoul, were linked to APT37 by the Alphabet Inc.-owned unit, which has previously targeted North Korean defectors, political activists and lawmakers. (CyberScoop)
Indian Hospital Reopens Patient Registration After Cyberattack
New Delhi’s All India Institute of Medical Sciences began registering patients online Wednesday, two weeks after a cyberattack forced a halt to many of its operations. The strike on Nov. 23 corrupted servers hosting patient records and laboratory data, and followed a series of failed attempts to hack India's top medical research organization, the Indian Council of Medical Research. The identity of the attackers is currently unknown. (Associated Press)
|
|
|
|
|
This year's defense bill includes a number of cyber-related provisions, including over $44 million for U.S. Cyber Command to conduct "hunt forward" missions. PHOTO: SAUL LOEB/AFP/GETTY IMAGES
|
|
|
|
Defense Bill Provides Support for Offensive Cyber Operations
The U.S. National Defense Authorization Act includes significant support for aggressive cybersecurity actions this year. The compromise text of the annual defense-policy bill, which the House passed Thursday, includes $44.1 million in funding for “hunt forward” missions, in which specialists from U.S. Cyber Command are deployed to allied nations to proactively seek out malware. It also gives Cyber Command new powers to conduct offensive operations, with presidential approval. A provision that would have levied additional cyber requirements on some systemically important institutions appears to have been dropped. (The Record)
|
|
|
|
|
98,350
|
The number of people that the International Information System Security Certification Consortium said have signed up in the past three months for its free Certified in Cybersecurity course. The nonprofit is offering up to 1 million free courses.
|
|
|
|
|
|
|
European Union residents will be able to demand that Google remove search results about them that contain false information, provided they can prove it.
PHOTO: GEERT VANDEN WIJNGAERT/ASSOCIATED PRESS
|
|
|
|
Court Backs Right to Have False Information Deleted from Google
The European Union’s top court ruled Thursday that the bloc’s residents have the right to demand Google delete information from search results if they can prove it is false. Europeans can already demand that Google delete private information under so-called right to be forgotten provisions in the EU’s strict General Data Protection Regulation, but can now request the same for misleading information as long as evidence is presented to the search giant that they could reasonably be expected to gather. (Politico)
|
|
|
|
PHOTO: BARRY BATCHELOR/ZUMA PRESS
|
|
|
|
|
|
|
PHOTO: MANUEL BALCE CENETA/ASSOCIATED PRESS
|
|
|
|
|
|
PHOTO: THOMAS TRUTSCHEL/PHOTOTHEK/GETTY IMAGES
|
|
|
|
|
|
|
|
|
|