Emails of top NRCC officials stolen in major 2018 hack

weekly cypherThe Weekly Cypher is specially curated to keep you up-to-date on the latest in cybersecurity, biometrics, and related news and innovations. Here are a few of the headlines you might have missed this week.

Emails of top NRCC officials stolen in major 2018 hack | POLITICO

The House GOP campaign arm suffered a major hack during the 2018 midterm campaigns, exposing thousands of sensitive emails to an outside intruder, according to three senior party officials. The email accounts of four senior aides at the National Republican Congressional Committee were surveilled for several months, the party officials said. The intrusion was detected in April by an NRCC vendor, who alerted the committee and its cybersecurity contractor. An internal investigation was initiated, and the FBI was alerted to the attack, said the officials, who requested anonymity to discuss the incident. However, senior House Republicans — including Speaker Paul Ryan of Wisconsin, Majority Leader Kevin McCarthy of California and Majority Whip Steve Scalise of Louisiana — were not informed of the hack until Politico contacted the NRCC on Monday with questions about the episode. Rank-and-file House Republicans were not told, either.

TSA Unveils Cybersecurity Roadmap | Nextgov

The Transportation Security Administration this week released a cybersecurity roadmap that will help prioritize cybersecurity measures within the agency and potentially across airports and other systems in the transportation sector. The roadmap—the agency’s first—aligns with the Homeland Security Department’s cybersecurity strategy, and puts the agency on a path to ensure critical cyber and physical dangers to the transportation infrastructure are addressed. “TSA is responsible for securing the nation’s transportation systems from all threats – both physical and cyber,” TSA Administrator David Pekoske said in a statement. “Because the consequences of both physical and cyberattacks can be equally damaging, we must be prepared to respond to cyber threats with the same level of success as we do when faced with physical threats.” The roadmap identifies four priorities—risk identification, vulnerability reduction, consequence mitigation, enable cybersecurity outcomes—and six goals to undertake over the next five years to help the agency meet them.

Revealed: Marriott’s 500 Million Hack Came After A String Of Security Breaches | Forbes

On Friday, hospitality giant Marriott revealed a massive hack led to the theft of personal data of a whopping 500 million customers of its Starwood hotels. To some onlookers the breach, one of the biggest on record, was astonishing. To those who’ve been tracking Marriott and Starwood digital security, it wasn’t a huge surprise. Prior to the four-year-old breach being discovered, Marriott suffered at least one previously unreported hack, including an infection that hit the company’s own cyber-incident response team, Forbes has learned. And there’s evidence Russian cybercriminals have breached Starwood Web servers. Marriott’s security is now facing probes from multiple government bodies, including the New York Attorney General’s office. European regulators like the U.K. information commissioner, who have the ability to fine companies significant sums with the power of the General Data Protection Regulation (GDPR), are also looking into the incident.

How can biometrics benefit the healthcare industry? | ITProPortal

Biometrics security is becoming increasingly commonplace in 2018, and is expected to continue in the future. The potential for biometrics for high-value buildings and establishments is astronomical, and is a primary reason for the solid growth of the biometrics market – expected to reach more than $50 billion by 2025. While biometrics security is entering the mainstream, there are many other uses for the secure and reliable technology. Recently, biometric technology has been tipped as the future for healthcare – both for patient security and better time management. Just some examples where biometrics can improve the sector include enhanced security for patients and employees, as well as reducing the risk of clerical errors and system vulnerabilities.

Facial recognition algorithms are getting a lot better, NIST study finds | FedScoop

Facial recognition software has made huge gains in accuracy in the past five years, a new study from the National Institute of Standards and Technology asserts. In fact, the technology has undergone an “industrial revolution” that’s made certain algorithms about 20 times better at searching databases and finding matches. These numbers come from the most recent edition of NIST’s Ongoing Facial Recognition Vendor Test, which was released last week. The report is a follow up to research done in 2010 and 2014. NIST tested 127 algorithms developed by 45 different vendors — a number the agency claims is “the bulk of the industry” — using a primary database of 26.6 million reasonably well-controlled portrait photos of 12.3 million individuals. Given good quality photos, the most accurate algorithm was able to identify matches with only a 0.2 percent error rate. For context, this same test saw at least a 4 percent failure rate in 2014 and a 5 percent failure rate in 2010.