it's high time for companies to start adding cybersecurity professionals to their teams, reports CNN. "The only hitch: There's a massive, longstanding labor shortage in the cybersecurity industry." "It's a talent war," said Bryan Orme, principal at GuidePoint Security. "There's a shortage of supply and increased demand."

Experts have been tracking the cybersecurity labor shortage for at least a decade — and now, a new surge in companies looking to hire following recent attacks could exacerbate the problem. The stakes are only growing, as technology evolves and bad actors become more advanced. In the United States, there are around 879,000 cybersecurity professionals in the workforce and an unfilled need for another 359,000 workers, according to a 2020 survey by (ISC)2, an international nonprofit that offers cybersecurity training and certification programs. Globally, the gap is even larger at nearly 3.12 million unfilled positions, the group says... The U.S. Bureau of Labor Statistics projects "information security analyst" will be the 10th fastest growing occupation over the next decade, with an employment growth rate of 31% compared to the 4% average growth rate for all occupations.

If demand for cybersecurity professionals in the private sector increases dramatically, some experts say talented workers could leave the government for more lucrative corporate jobs — a risk that is especially acute for smaller, local government agencies that manage critical infrastructure in their communities but have limited budgets. "Think of the criticality of what your local government does: water purification, waste treatment, traffic management, communications for law enforcement, public safety, emergency management," said Mike Hamilton, chief information security officer at Critical Insight. "But Amazon is out there waving around bags of cash to protect their retail operation." Hamilton — who was the former chief information security officer for Seattle, Washington, from 2006 to 2013 — added that local governments "cannot attract and retain these people when the competition for them is so high, which is why we've got to make lots of them."
The article notes educational training/up-skilling programs working to address the shortage, including GuidePoint, which helps train veterans leaving the military for cybersecurity careers. CNN also notes U.S. President Joe Biden's $2 trillion American Jobs Plan included $20 billion for state, local and tribal governments to update and improve cybersecurity controls for their energy systems.

"Still, experts say more needs to be done, suggesting a broad rethinking of education systems from elementary school through higher education to include more cybersecurity training."

An anonymous reader quotes a report from Bellingcat: For US soldiers tasked with the custody of nuclear weapons in Europe, the stakes are high. Security protocols are lengthy, detailed and need to be known by heart. To simplify this process, some service members have been using publicly visible flashcard learning apps -- inadvertently revealing a multitude of sensitive security protocols about US nuclear weapons and the bases at which they are stored. While the presence of US nuclear weapons in Europe has long been detailed by various leaked documents, photos and statements by retired officials, their specific locations are officially still a secret with governments neither confirming nor denying their presence. As many campaigners and parliamentarians in some European nations see it, this ambiguity has often hampered open and democratic debate about the rights and wrongs of hosting nuclear weapons.

However, the flashcards studied by soldiers tasked with guarding these devices reveal not just the bases, but even identify the exact shelters with "hot" vaults that likely contain nuclear weapons. They also detail intricate security details and protocols such as the positions of cameras, the frequency of patrols around the vaults, secret duress words that signal when a guard is being threatened and the unique identifiers that a restricted area badge needs to have. Like their analogue namesakes, flashcard learning apps are popular digital learning tools that show questions on one side and answers on the other. By simply searching online for terms publicly known to be associated with nuclear weapons, Bellingcat was able to discover cards used by military personnel serving at all six European military bases reported to store nuclear devices. Experts approached by Bellingcat said that these findings represented serious breaches of security protocols and raised renewed questions about US nuclear weapons deployment in Europe. The report notes that some of the flashcards "had been publicly visible online as far back as 2013," while others "detailed processes that were being learned by users until at least April 2021."

Crucially, all flashcards mentioned in the article "have been taken down from the learning platforms on which they appeared after Bellingcat reached out to NATO and the US Military for comment prior to publication," the report states.

The Canadian astronaut, who commanded the International Space Station and recorded the famous microgravity rendition of David Bowie's Space Oddity, on Sunday spit some fire at true believers who see a link between UFOs or UAPs (for "unidentified aerial phenomena" in the newish military parlance) and some sort of alien intelligence. From a report: "Obviously, I've seen countless things in the sky that I don't understand," Chris Hadfield, a former pilot for the Royal Canadian Air Force, said during a CBC Radio call-in show.

"But to see something in the sky that you don't understand and then to immediately conclude that it's intelligent life from another solar system is the height of foolishness and lack of logic." [...] Hadfield added that he does think it's likely there's life somewhere else in the universe. "But definitively up to this point, we have found no evidence of life anywhere except Earth," he said, "and we're looking."

alaskana98 writes: In a newly leaked video, ship based U.S. Navy personnel appear to be tracking an orb-shaped UFO as it tracks closely above the water, eventually appearing to dip beneath water's surface. Last month, a still from this video was teased along with another video showing a triangular UFO transit the sky along with photos of three strange objects at high altitudes captured within minutes of each other by Navy pilots in 2019. These photos and videos all come on the eve of a highly anticipated unclassified report due to be released sometime in June for the intelligence and armed services committees in Congress. Referring to this report, former Director of National Intelligence John Ratcliffe states: "There are instances where we don't have good explanations for some of the things that we've seen."

Not everyone is convinced that these objects are being piloted by grey aliens. In an exhaustive report by the site "The War Zone," a plausible theory is laid out that purports that these objects are nothing more than cleverly disguised blimps or drones launched by U.S. adversaries, using nothing more than the social stigma of taking UFOS/UAPS seriously as a means to dissuade any serious attempts by the U.S. military to treat these as conventional domestic threats.

The New York Times reports on misinformation that's further inflaming the Israeli-Palestinian conflict: In a 28-second video, which was posted to Twitter this week by a spokesman for Prime Minister Benjamin Netanyahu of Israel, Palestinian militants in the Gaza Strip appeared to launch rocket attacks at Israelis from densely populated civilian areas.

At least that is what Mr. Netanyahu's spokesman, Ofir Gendelman, said the video portrayed. But his tweet with the footage, which was shared hundreds of times as the conflict between Palestinians and Israelis escalated, was not from Gaza. It was not even from this week. Instead, the video that he shared, which can be found on many YouTube channels and other video-hosting sites, was from 2018. And according to captions on older versions of the video, it showed militants firing rockets not from Gaza but from Syria or Libya.

The video was just one piece of misinformation that has circulated on Twitter, TikTok, Facebook, WhatsApp and other social media this week about the rising violence between Israelis and Palestinians, as Israeli military ground forces attacked Gaza early on Friday. The false information has included videos, photos and clips of text purported to be from government officials in the region, with posts baselessly claiming early this week that Israeli soldiers had invaded Gaza, or that Palestinian mobs were about to rampage through sleepy Israeli suburbs. The lies have been amplified as they have been shared thousands of times on Twitter and Facebook, spreading to WhatsApp and Telegram groups that have thousands of members, according to an analysis by The New York Times.

The effect of the misinformation is potentially deadly, disinformation experts said, inflaming tensions between Israelis and Palestinians when suspicions and distrust have already run high.

An anonymous reader quotes a report from Motherboard: The Pentagon is carrying out warrantless surveillance of Americans, according to a new letter written by Senator Ron Wyden and obtained by Motherboard. Senator Wyden's office asked the Department of Defense (DoD), which includes various military and intelligence agencies such as the National Security Agency (NSA) and the Defense Intelligence Agency (DIA), for detailed information about its data purchasing practices after Motherboard revealed special forces were buying location data. The responses also touched on military or intelligence use of internet browsing and other types of data, and prompted Wyden to demand more answers specifically about warrantless spying on American citizens.

Some of the answers the DoD provided were given in a form that means Wyden's office cannot legally publish specifics on the surveillance; one answer in particular was classified. In the letter Wyden is pushing the DoD to release the information to the public. A Wyden aide told Motherboard that the Senator is unable to make the information public at this time, but believes it would meaningfully inform the debate around how the DoD is interpreting the law and its purchases of data. "I write to urge you to release to the public information about the Department of Defense's (DoD) warrantless surveillance of Americans," the letter, addressed to Secretary of Defense Lloyd J. Austin III, reads. Wyden and his staff with appropriate security clearances are able to review classified responses, a Wyden aide told Motherboard. Wyden's office declined to provide Motherboard with specifics about the classified answer. But a Wyden aide said that the question related to the DoD buying internet metadata.

"Are any DoD components buying and using without a court order internet metadata, including 'netflow' and Domain Name System (DNS) records," the question read, and asked whether those records were about "domestic internet communications (where the sender and recipient are both U.S. IP addresses)" and "internet communications where one side of the communication is a U.S. IP address and the other side is located abroad." Netflow data creates a picture of traffic flow and volume across a network. DNS records relate to when a user looks up a particular domain, and a system then converts that text into the specific IP address for a computer to understand; essentially a form of internet browsing history. Wyden's new letter to Austin urging the DoD to release that answer and others says "Information should only be classified if its unauthorized disclosure would cause damage to national security. The information provided by DoD in response to my questions does not meet that bar."

Xiaomi and the U.S. government have text to set aside a Trump administration blacklisting that could have restricted American investment in the Chinese smartphone maker. From a report: The Chinese smartphone giant had sued the government earlier this year, after the U.S. Defense Department under former President Donald Trump issued an order designating the firm as a Communist Chinese Military Company, which would have led to a de-listing from U.S. exchanges and deletion from global benchmark indexes. The U.S. Defense Department has now agreed that a final order vacating the designation "would be appropriate," according to a filing to the U.S. courts Tuesday. Xiaomi declined to comment. Pentagon representatives weren't immediately available for comment after normal hours. Chinese Foreign Ministry spokeswoman Hua Chunying said at a regular press briefing in Beijing she wasn't aware of any deal the firm may have reached with the U.S. "The Parties have agreed upon a path forward that would resolve this litigation without the need for contested briefing," according to the filing, which didn't state whether the agreement included any conditions for removal. The parties involved are negotiating over specific terms and will file a separate joint proposal before May 20.

Pentagon officials are considering pulling the plug on the star-crossed JEDI cloud-computing project, which has been mired in litigation from Amazon and faces continuing criticism from lawmakers. From a report: The Joint Enterprise Defense Infrastructure contract was awarded to Microsoft in 2019 over Amazon, which has contested the award in court ever since. A federal judge last month refused the Pentagon's motion to dismiss much of Amazon's case. A few days later, Deputy Defense Secretary Kathleen Hicks said the department would review the project. "We're going to have to assess where we are with regard to the ongoing litigation around JEDI and determine what the best path forward is for the department," Ms. Hicks said at an April 30 security conference organized by the nonprofit Aspen Institute. Her comments followed a Pentagon report to Congress, released before the latest court ruling, that said another Amazon win in court could significantly draw out the timeline for the program's implementation. "The prospect of such a lengthy litigation process might bring the future of the JEDI Cloud procurement into question," the Jan. 28 report said. Ms. Hicks and other Pentagon officials say there is a pressing need to implement a cloud program that serves most of its branches and departments. The JEDI contract, valued at up to $10 billion over 10 years, aims to allow the Pentagon to consolidate its current patchwork of data systems, give defense personnel better access to real-time information and put the Defense Department on a stronger footing to develop artificial-intelligence capabilities that are seen as vital in the future.

NBC News reports more than 440 Americans have now been charged with storming the U.S. Capitol building on January 6th, with charges now filed against people from 44 of America's 50 states. They describe it as "one of the largest criminal investigations in American history." The largest number come from Texas, Pennsylvania, and Florida, in that order. Men outnumber women among those arrested by 7 to 1, with an average age of 39, according to figures compiled by the Program on Extremism at George Washington University in Washington, D.C. A total of 44 are military veterans.
Hundreds of arrests happened because rioters later bragged online: In nearly 90 percent of the cases, charges have been based at least in part on a person's own social media accounts.

A New York man, Robert Chapman, bragged on the dating app Bumble that he'd been in the Capitol during the riot. The person he was seeking to date responded, "We are not a match," and notified the FBI.
In fact, the investigative agency has now received "hundreds of thousands" of tips from the public, and has even posted photos of people who participated in the riots online asking for the public's help to identify them.

But NBC also reports that technology is being used to identify participants:

• "Investigators have also used facial recognition software, comparing images from surveillance cameras and an outpouring of social media and news agency videos against photo databases of the FBI and at least one other federal agency, Customs and Border Protection, according to court documents."

• Investigators "have also subpoenaed records from companies providing cellphone service, allowing agents to tell whether a specific person's phone was inside the Capitol during the siege."

"Colonial Pipeline, which accounts for 45% of the East Coast's fuel, said it has shut down its operations due to a cyberattack," reports ZDNet. "The attack highlights how ransomware and other cyberattacks are increasingly a threat to real-world infrastructure.

"The company delivers refined petroleum products such as gasoline, diesel, jet fuel, home heating oil, and fuel for the U.S. Military."

UPDATE: Saturday the company confirmed that the attack involved ransomware.

The Associated Press reports: Colonial Pipeline said the attack took place Friday and also affected some of its information technology systems. The Alpharetta, Georgia-based company said it hired an outside cybersecurity firm to investigate the nature and scope of the attack and has also contacted law enforcement and federal agencies. "Colonial Pipeline is taking steps to understand and resolve this issue," the company said in a late Friday statement. "At this time, our primary focus is the safe and efficient restoration of our service and our efforts to return to normal operation. This process is already underway, and we are working diligently to address this matter and to minimize disruption to our customers and those who rely on Colonial Pipeline."

Oil analyst Andy Lipow said the impact of the attack on fuel supplies and prices depends on how long the pipeline is down. An outage of one or two days would be minimal, he said, but an outage of five or six days could causes shortages and price hikes, particularly in an area stretching from central Alabama to the Washington, D.C., area. Lipow said a key concern about a lengthy delay would be the supply of jet fuel needed to keep major airports operating, like those in Atlanta and Charlotte, North Carolina.

The precise nature of the attack was unclear, including who launched it and what the motives were...

Mike Chapple, teaching professor of IT, analytics and operations at the University of Notre Dame's Mendoza College of Business and a former computer scientist with the National Security Agency, said systems that control pipelines should not be connected to the internet and vulnerable to cyber intrusions. "The attacks were extremely sophisticated and they were able to defeat some pretty sophisticated security controls, or the right degree of security controls weren't in place," Chapple said...
The article also points out the U.S. government says it's "undertaking a new effort to help electric utilities, water districts and other critical industries protect against potentially damaging cyberattacks....to ensure that control systems serving 50,000 or more Americans have the core technology to detect and block malicious cyber activity. The White House has announced a 100-day initiative aimed at protecting the country's electricity system from cyberattacks by encouraging owners and operators of power plants and electric utilities to improve their capabilities for identifying cyber threats to their networks. It includes concrete milestones for them to put technologies into use so they can spot and respond to intrusions in real time. The Justice Department has also announced a new task force dedicated to countering ransomware attacks...

schwit1 shares a report from UPI: The State Department announced it has reached a $13 million settlement with U.S. defense contractor Honeywell International over allegations it exported technical data concerning fighter jets and other military vehicles to foreign countries, including China. The settlement resolves 34 charges the State Department leveled against the company for disclosing dozens of engineering prints showing dimensions, geometries and layouts for manufacturing parts for aircraft, gas turbine engines and military electronics.

Honeywell voluntarily informed the department in two disclosures that it had violated arms export control laws by sending the technical drawings to foreign countries, the State Department said in a statement. Honeywell had identified 71-controlled drawings that it had exported to Canada, Ireland, China and Taiwan between July 2011 and October 2015. "The U.S. government reviewed copies of the 71 drawings and determined that exports to and retransfers in the PRC of drawings for certain parts and components for the engine platforms for the F-35 Joint Strike Fighter, B-1B Lancer Long-Range Strategic Bomber and the F-22 Fighter Aircraft harmed U.S. national security," the document said. In a statement emailed to UPI, Honeywell explained it "inadvertently shared" the technology that was assessed as impacting national security during "normal business discussions" but remarked that the schematics were commercially available worldwide. "No detailed manufacturing or engineering expertise was shared," it said.

The company has agreed to pay the fine and have an external compliance officer oversee the consent agreement for at least 18 months as well as conduct an external audit of its compliance program.

An anonymous reader quotes a report from Ars Technica: The US Department of Defense puzzled Internet experts by apparently transferring control of tens of millions of dormant IP addresses to an obscure Florida company just before President Donald Trump left the White House, but the Pentagon has finally offered a partial explanation for why it happened. The Defense Department says it still owns the addresses but that it is using a third-party company in a "pilot" project to conduct security research. "Minutes before Trump left office, millions of the Pentagon's dormant IP addresses sprang to life" was the title of a Washington Post article on Saturday. Literally three minutes before Joe Biden became president, a company called Global Resource Systems LLC "discreetly announced to the world's computer networks a startling development: It now was managing a huge unused swath of the Internet that, for several decades, had been owned by the US military," the Post said.

The number of Pentagon-owned IP addresses announced by the company rose to 56 million by late January and 175 million by April, making it the world's largest announcer of IP addresses in the IPv4 global routing table. The Post said it got an answer from the Defense Department on Friday in the form of a statement from the director of "an elite Pentagon unit known as the Defense Digital Service." The Post wrote: "'Brett Goldstein, the DDS's director, said in a statement that his unit had authorized a 'pilot effort' publicizing the IP space owned by the Pentagon. 'This pilot will assess, evaluate, and prevent unauthorized use of DoD IP address space,' Goldstein said. 'Additionally, this pilot may identify potential vulnerabilities.' Goldstein described the project as one of the Defense Department's 'many efforts focused on continually improving our cyber posture and defense in response to advanced persistent threats. We are partnering throughout DoD to ensure potential vulnerabilities are mitigated.'"

"Ville de Bitche is a town situated in northwestern France with a rich military history, pastoral landscape, and an unfortunate sounding name," reports Slate. (Adding that the "e" is silent....)

"Recently tiny Bitche made international headlines after Facebook mistook the city's name for a swear word and deleted the town's Facebook page." The city's communication manager, Valêrie Degouy, contacted Facebook on March 19 to explain the situation and ask the company to reverse its decision — for the second time. (The page was previously deleted in 2016.) As she awaited Facebook's response — which apologized and reinstated the page Tuesday — Degouy set up a new page for her town, under the name of Marie 57230, her city's postal code. Although Facebook's mistake seems innocuous enough, for the towns located around Bitche, local Facebook pages serve as the main form of communication. Shutting the page down effectively creates a local news blackout. When Rohrbach-les Bitche — a nearby town in the region — heard about the deletion, it quickly rid "ls-Bitche" from its Facebook page name to avoid a similar fate...

The residents of Bitche are far from alone in their reliance on Facebook for local news. In the United States alone, more than 2,000 local newspapers have closed over the past two decades, according to an estimate from Joshua Scacco, associate professor of political communication at the University of South Florida. In these news deserts, Facebook has risen as an alternative information source, allowing anyone with an account to share updates and post events...

But Facebook is not only filling the local news void — it is tied to local papers' disappearance. "Social and digital media are a contributing factor in thinking about the declines of the presence of local newsrooms, as well as what that coverage looks like for the local newsrooms that remain," Scacco says. Facebook is moving advertising dollars away from local newspapers, and even driving the content local newspapers create. Local news coverage often panders to Facebook's algorithms when creating content and headlines, notes Ashley Muddiman, a communications professor at the University of Kansas.

"Just before the end of the Trump administration, an obscure Florida company began announcing routes to IP addresses owned by the Pentagon," writes long-time Slashdot reader whoever57. The Washington Post calls it "a huge unused swath of the Internet that, for several decades, had been owned by the U.S. military." What happened next was stranger still. The company, Global Resource Systems LLC, kept adding to its zone of control. Soon it had claimed 56 million IP addresses owned by the Pentagon. Three months later, the total was nearly 175 million. That's almost 6 percent of a coveted traditional section of Internet real estate — called IPv4 — where such large chunks are worth billions of dollars on the open market... "They are now announcing more address space than anything ever in the history of the Internet," said Doug Madory, director of Internet analysis for Kentik, a network monitoring company, who was among those trying to figure out what was happening...

The change is the handiwork of an elite Pentagon unit known as the Defense Digital Service, which reports directly to the secretary of defense. The DDS bills itself as a "SWAT team of nerds" tasked with solving emergency problems for the department and conducting experimental work to make big technological leaps for the military... Brett Goldstein, the DDS's director, said in a statement that his unit had authorized a "pilot effort" publicizing the IP space owned by the Pentagon. "This pilot will assess, evaluate and prevent unauthorized use of DoD IP address space," Goldstein said. "Additionally, this pilot may identify potential vulnerabilities...."

The specifics of what the effort is trying to achieve remain unclear... What is clear, however, is the Global Resource Systems announcements directed a fire hose of Internet traffic toward the Defense Department addresses...

Russell Goemaere, a spokesman for the Defense Department, confirmed in a statement to The Washington Post that the Pentagon still owns all the IP address space and hadn't sold any of it to a private party.

Hmmmmmm shares a report from Politico: The Pentagon has briefed top lawmakers on intelligence surrounding suspected directed-energy attacks against U.S. troops, and officials identified Russia as a likely culprit, according to two people with direct knowledge of the matter. The briefings included information about injuries sustained by U.S. troops in Syria, the people said. The investigation includes one incident in Syria in the fall of 2020 in which several troops developed flu-like symptoms, two people familiar with the Pentagon probe said. After this article was published, Gen. Frank McKenzie, head of U.S. Central Command, told lawmakers during a Senate Armed Services Committee hearing that he has seen "no evidence" of such attacks against U.S. troops in the Middle East.

The investigation is part of a broader effort to look into directed-energy attacks on U.S. officials across multiple agencies in recent years. Since late 2016, close to 50 officials have reported symptoms of a mysterious illness that became known as "Havana syndrome" among U.S. diplomats posted in Cuba. Symptoms included acute ringing and pressure in the ears, as well as loss of hearing and balance, fatigue and residual headaches. Some victims have suffered long-term brain damage. A report commissioned by the State Department and released in December pointed to "directed, pulsed radiofrequency energy" as the most probable cause for the "Havana syndrome" incidents.

In a follow-up to a story previously reported, Slashdot reader Turkinolith shares a report from Teslarati: In the latest trials and tribulations of a SpaceX Starlink competitor that went bankrupt after spending $3 billion to launch just 74 small internet satellites, it appears that OneWeb knowingly misled both media and US regulators over a claimed 'near-miss' with a Starlink satellite. Back on April 9th, OneWeb went public with claims that SpaceX had mishandled its response to a routine satellite collision avoidance warning from the US military, which monitors the location of satellites and space debris. According to OneWeb government affairs chief Chris McLaughlin, SpaceX disabled an automated system designed to detect and automatically command Starlink satellite collision avoidance maneuvers to let OneWeb move its satellite instead. McLaughlin also stated that "Coordination is the issue -- it is not sufficient to say 'I've got an automated system.'" He also recently criticized the maneuverability of Starlink satellites, claiming that "Starlink's engineers said they couldn't do anything to avoid a collision and switched off the collision avoidance system so OneWeb could maneuver around the Starlink satellite without interference." As it turns out, OneWeb's "near-miss" appears to have been a farce and the company scrambled to promise to retract those statements in an April 20th meeting with the FCC and SpaceX.

In an apparent attempt to capitalize on vague fears of "space debris" and satellite collisions, OneWeb -- or perhaps just McLaughlin -- took it upon itself to consciously misconstrue a routine, professional process of collision-avoidance coordination between OneWeb and SpaceX. McLaughlin ran a gauntlet of media outlets to drag SpaceX through the mud and criticize both the company's technology and response, ultimately claiming that SpaceX's Starlink satellite was incapable of maneuvering out of the way. Instead, according to a precise, evidenced timeline of events presented by SpaceX to the FCC, the coordination was routine, uneventful, and entirely successful. OneWeb itself explicitly asked SpaceX to disable its autonomous collision avoidance software and allow the company to maneuver its own satellite out of the way after SpaceX made it clear that the Starlink spacecraft could also manage the task. The event was neither "urgent" or a "close call," as OneWeb and media outlets later claimed. SpaceX says it has been coordinating similar avoidance maneuvers with OneWeb since March 2020.

Most damningly, SpaceX says that immediately after OneWeb disseminated misleading quotes about the event to the media, "OneWeb met with [FCC] staff and Commissioners [to demand that] unilateral conditions [be] placed on SpaceX's operations." Those conditions could have actually made coordination harder, "demonstrating more of a concern with limiting [OneWeb's] competitors than with a genuine concern for space safety." Crucially, despite lobbying to restrict its competitors, "OneWeb [has] argued forcefully that [it] should be exempt from Commission rules for orbital debris mitigation due to their status as non-U.S. operators." In simple terms, OneWeb is trying to exploit the FCC to suppress its competition while letting it roam free of the exact same regulations.

The White House unveiled on Tuesday a 100-day plan intended to protect the U.S. power grid from cyber-attacks, mainly by creating a stronger relationship between U.S. national security agencies and the mostly private utilities that run the electrical system. From a report: The plan is among the first big steps toward fulfilling the Biden administration's promise to urgently improve the country's cyber defenses. The nation's power system is both highly vulnerable to hacking and a target for nation-state adversaries looking to counter the U.S. advantage in conventional military and economic power. "The United States faces a well-documented and increasing cyber threat from malicious actors seeking to disrupt the electricity Americans rely on to power our homes and businesses," Secretary of Energy Jennifer Granholm said. Although the plan is billed as a 100-day sprint -- which includes a series of consultations between utilities and the government -- it will likely take years to fully implement, experts say. It will ask utilities to pay for and install technology to better detect hacks of the specialized computers that run the country's power systems, known as industrial control systems. The Edison Electric Institute, the trade group that represents all U.S. investor-owned electric companies, praised the White House plan and the Biden administration's focus on cybersecurity. "Given the sophisticated and constantly changing threats posed by adversaries, America's electric companies remain focused on securing the industrial control systems that operate the North American energy grid," said EEI president Tom Kuhn.

alaskana98 writes: The Defense Department has confirmed that leaked photos and video of "unidentified aerial phenomena" taken in 2019 are indeed legitimate images of unexplained objects. Photos and videos of triangle-shaped objects blinking and moving through the clouds were taken by Navy personnel, Pentagon spokeswoman Sue Gough said in a statement to CNN. She also confirmed that photos of three unidentified flying objects -- one "sphere" shaped, another "acorn" shaped and one characterized as a "metallic blimp" -- were also taken by Navy personnel. "As we have said before, to maintain operations security and to avoid disclosing information that may be useful to potential adversaries, DOD does not discuss publicly the details of either the observations or the examinations of reported incursions into our training ranges or designated airspace, including those incursions initially designated as UAP," Gough said.

She also said that the Unidentified Aerial Phenomena Task Force, created in August to investigate UFO sightings observed by the military, has "included these incidents in their ongoing examinations." The Navy photos and videos were published by Mystery Wire and on Extraordinary Beliefs' website last week but had been circulating online since last year. There have been "a number of reports of unauthorized and/or unidentified aircraft entering various military-controlled ranges and designated air space in recent years" the Navy said in 2019. Last year, the Pentagon released three videos showing "unidentified aerial phenomena" -- clips that the US Navy had previously confirmed were real.

An anonymous reader quotes a report from Variety: China's internet regulator has launched a hotline for citizens to report online comments that defame the ruling Communist Party and its approved description of history ahead of the Party's upcoming 100th anniversary. The new hotline will enable internet users to stop the spread of "mistaken opinions" and create a "good public opinion atmosphere" to pave the way for the July 1 occasion, the Cyberspace Administration of China (CAC) said in a notice. People can also send in tip-offs via the CAC's website and app.

"For a while now, some people with ulterior motiveshave spread historically nihilistic false statements online, maliciously distorting, slandering and denying Party, national and military history in an attempt to confuse people's thinking," the notice said. "We hope that most internet users will play an active role in supervising societyand enthusiastically report harmful information." "Historically nihilistic" information, in official rhetoric, is content that incites doubt about the Party's account of the past.

It will accept four types of content complaints: distortions of history, attacks on the Party's "leadership, guiding ideology, principles or policies," the defamation of heroes and martyrs, and "denials of the excellence of traditional Chinese culture, revolutionary culture and advanced socialist culture." The CAC notice did not explain what punishments would be in store for violators. China already frequently detains and jails people for online speech deemed politically inappropriate.

The Swedish government dropped today its investigation into the 2017 hack of its sports authority, citing legal constraints that would have prevented prosecutors from charging the Russian hackers responsible for the intrusion, which officials claimed were mere pawns operating on behalf of a "foreign power." From a report: This marks the first time that such a legal clause is cited by prosecutors investigating cyber-espionage hacking groups. Today's statement from the Swedish Prosecution Authority also marks the first time that Swedish officials formally blamed the Russian government for the 2017 hack of the Swedish Sports Confederation (SSC). Citing a recently-concluded investigation from the Swedish Security Service, which also involved foreign intelligence services, Swedish prosecutors said that one of Russia's military hacker groups breached its sports body between December 2017 and May 2018 and stole medical records for Swedish athletes.