William Jackson

Bill Jackson (, a senior writer for GCN, covers security issues.

Blame for critical infrastructure weaknesses starts with Congress

A lack of clear lines of authority is crippling the nation's ability to protect its critical infrastructure, and congressional dysfunction offers little hope for improvement.

'Stop fooling yourself' and assume you are compromised, Black Hat crowd told

Black Hat attendees are told they should assume they already have been compromised by malicious code, which makes cooperation between industry and the hacker community more important now than ever.

One more reason why passwords are no darn good

Even the best policies can produce easily guessed passwords, a study finds.

DOD's challenge: Balancing bits and bombs

The Pentagon's plan for operating in cyberspace should help quiet concerns of those worried that the strategy goes too far -- or not far enough.

CyberEye: FBI shares lessons of Zeus botnet ring takedown

The criminals behind the Zeus botnet busted by the FBI last year were not computer geniuses, agents say, and the complexities that make policing the Internet a challenge can be overcome with cooperation.

The false cries and fog of 'cyber war'

The Center for Strategic and International Studies' James Lewis says that, judged by precise criteria, "there have been no cyber wars and perhaps two or three cyberattacks since the Internet first appeared."

The weaponization of patents

Rather than fostering innovation, patents in the technology industry are being used as weapons, both offensive and defensive.

DOD considers adding security to acquisition regs

Proposed additions to the Defense Federal Acquisition Regulations System would require contractors to provide minimum security for unclassified but controlled DOD information in their systems.

Why spear phishing? Cyber crooks are all about the ROI.

Targeted attacks against high-value targets are more costly but produce a better return on investment, so cyber criminals are adopting more boutique business models, according to recent research.

LulzSec: Not Robin Hood, more like Bonnie and Clyde

The ego-driven hackers haven't demonstrated any significant ability or espoused a particular cause, but they have highlighted the sorry state of security in much of the information infrastructure.

Cyber war: How close are we to the real thing?

Current attacks against government and contractor systems, both serious and trivial, might not yet amount to cyber warfare, but they raise the possibility of dangerous escalation.

Growth of top-level domains spells more risk of cyber threats

The latest report from VeriSign shows 4.5 million new domain names added this year, which are likely to draw the attention of hackers.

Protect IP Act would create a lot of criminals

Sen. Patrick Leahy's copyright and trademark protection bill would impose draconian remedies and treat the entire Internet infrastructure as accomplices to online pirates and counterfeiters.

Will phishing kill e-mail as we know it?

The recent spate of successful targeted phishing attacks demonstrates that e-mail cannot be trusted and any attachment or link, from any source on any subject, must be treated as suspect.

White House's cyber plan is weak on enforcement

The president's proposed cybersecurity legislation does not include strong enforcement for securing privately owned critical infrastructure.