GCN Award winners, online privacy, Syrian malware and more

Six federal teams win 2014 GCN Awards

Ten public-sector IT projects have earned a 2014 GCN Award, including six at the federal level.

Each year, GCN -- an FCW sister publication -- honors projects where "technical ingenuity, resourcefulness in the use of IT and tactics in managing projects have had an extraordinary effect on the ability of agencies to carry out their mission."

This year's federal teams hail from:

• Navy Space and Naval Warfare Systems Command (SPAWAR)
• Federal Emergency Management Agency's Risk Analysis Division
• Internal Revenue Service
• U.S. Air Force's Air Mobility Command
• National Institute of Standards and Technology's Computer Security & Intelligent Systems divisions
• Naval Sea Systems Command

Unisys Federal Systems' Venkatapathi "PV" Puvvada, one of the GCN Award judges, said this year's winners stood out for the way they "focused their attention on achieving mission outcomes for stakeholders and not just on the milestones to get there." Details on these projects, along with a full list of winners and honorable mentions, can be found on GCN.com.

Wyden proposes policy shift to protect online privacy

Sen. Ron Wyden (D-Ore.), a longtime critic of government surveillance, wants the federal government to reframe its relationship to third-party data.

Wyden wants to scrap the "third party doctrine" – the idea that information shared by individuals with a third party, whether a bank or cloud computing provider or phone company, is not subject to certain constitutional protections.

"When I send an email to my wife, or store a document in the cloud so I can review it later, my service provider and I have an agreement that my information will stay private," Wyden said in an Aug. 15 speech at the TechNW conference in Portland, Ore. "Neither of us have invited the government to have a peek. Basically, I think sharing this information with Google is like putting property in a safety deposit box, but the government thinks I'm posting it on a billboard out on I-5."

Wyden wants to roll back the legal regime that has governed government access to business records on Americans, and which led ultimately to the bulk collection and retention of phone and Internet records revealed in classified documents leaked by former intelligence contractor Edward Snowden. The globalization and centralization of communications on the Internet has fundamentally changed the way information moves, he warned, making the kind of surveillance state contemplated in dystopian novels like "1984" a viable possibility.

"Advances in technology have made it possible for governments around the world to vacuum up and rifle through the personal information of huge numbers of law-abiding citizens," Wyden said.

Wyden proposed reforming the Foreign Intelligence Surveillance Court to include an advocate for the public, allowing private companies to disclose more data on requests from government agencies, and legislation that would require authorities to obtain search warrants before reading the contents of communications. He's also seeking reforms to the Electronic Communications Privacy Act to put information on user hard drives and information in the cloud on the same legal footing where user privacy is concerned.

NSA's Rogers urges closer ties with Silicon Valley

National Security Agency Director Adm. Michael Rogers wants to foster closer ties between NSA employees and private-sector technologists to keep his agency abreast of technological advancements that it might otherwise miss.

At an Aug. 13 dinner hosted by the Intelligence and National Security Alliance in Alexandria, Va., Rogers worried that the NSA had too many career employees who had not done stints elsewhere. "I want long-term NSA employees to get experience working in the industry and in the corporate sector. I want them to understand what shapes the corporate sector, what drives technical investments."

Rogers, who also heads U.S. Cyber Command, said he has recently made an effort to mingle more with venture capitalists, whom he sees as weather vanes for technological change. "They invest because they think it offers monetary return. I'm interested because I want to understand the technology that's going to be out there two, five years from now."

Google chips in on high-speed trans-Pacific cable

Google will invest with six Chinese companies in a $300 million, 60 terabyte-per-second cable that will traverse the Pacific Ocean from the west coast of the United States to Japan.

The consortium of six global companies said they signed commercial agreements to build and operate a new trans-Pacific cable system, to be called FASTER. NEC Corp. was tapped as the system supplier.

The FASTER cable network will connect the United States to two landing locations in Japan, with connections to Los Angeles, San Francisco, Portland and Seattle in the U.S. and multiple connections in Asia. The cable will carry broadband, mobile, applications, content and enterprise data exchange with what the group said is the latest in fiber optic technology.

The consortium includes China Mobile International, China Telecom Global, Global Transit, Google, KDDI and SingTel.

Syrian conflict breeds rise in malware

The three-year-old war in Syria has created a ripe environment for malware, Kaspersky Lab said in recently published research.

Hackers tied to the Syrian civil war are deploying malware disguised as antivirus programs, social messaging applications and downloads available in social networks, among other disguises, the Moscow-based IT security vendor said. At least one of the malware's victims is based in the United States.

"A combination of factors -- social engineering, rapid app development and remote administration tools for taking over the victim's entire system -- creates a worrying scenario for unsuspecting users," Ghareeb Saad, a senior security researcher at Kaspersky Lab, said in a statement. "We expect attacks by Syrian malware to continue and evolve both in quality and quantity."

Cyberspace has been one theater of the Syrian conflict in which the U.S. government has engaged, with the State Department supplying laptops and other communications gear to members of the Syrian opposition.

Hospital group suffers cyberattack on 4.5 million patients' records

Community Health Systems, a group that includes 206 hospitals across 29 states, was struck by a cyberattack that stole 4.5 million patients' personal data, Reuters reports. The attack allegedly originated in China and reportedly occurred in April and June.

Among the stolen data were patient names, addresses, birth dates and Social Security numbers, the kinds of information covered by the Health Insurance Portability and Accountability Act, the report said.

U.S. CERT, the federal government's main computer security watchdog, acknowledged the breach and encouraged potential victims to report to the FBI's Internet Crime Complaint Center.