News Feature | October 7, 2014

Government IT News For VARs — October 7, 2014

Christine Kern

By Christine Kern, contributing writer

Government IT News For VARs — October 7, 2014

In news this week, state and federal governments are getting lots of practice in information sharing with the rash of new cyber-bugs, while experts say the Bash Bug could be bigger than Heartbleed and warn that Shellshock’s aftershock will linger. The Defense Advanced Research Projects Agency (DARPA) is developing a new wearable tech suit, and the U.S. Food and Drug Administration (FDA) is strengthening cybersecurity requirements for medical devices.

Government Information Sharing Challenged By Emergence Of Heartbleed, Shellshock

In this article from Fed Tech Magazine, White House Cybersecurity Coordinate Michael Daniel reveals joint federal and state government responses to recent security challenges posed by cyberattacks. He explained that the collaboration was first tested by Heartbleed, “and now with Bash and Shellshock, we’re getting an opportunity to practice even more.”

Bash Bug Could Be Bigger Than Heartbleed

According to cnet.com, the new threat from the Bash bug could have wider consequences than the Heartbleed virus earlier this year. This new security vulnerability has the potential to compromise entire IT systems, including major servers and cameras. Security expert Robert Graham cautioned that it is bigger than Heartbleed because the Bash bug “interacts with other software in unexpected ways” and because an “enormous percentage” of software interacts with the shell.

Government Agencies Should Prepare For Shellshock’s Aftershock

This article from Fed Tech Magazine presents five things government agencies should know about the recent Shellshock bug, warning that the crisis is far from over. Rated a 10 out of 10 on the U.S. National Vulnerability Database’s scale, Shellshock could create a complete system compromise, according to Cisco. And although patches can help address the problem, they aren’t complete fixes. Some government systems have actually been taken offline temporarily in Canada in order to address the vulnerabilities caused by the bug.

The Implications Of DARPA’s Wearable Tech Suit

Fed Tech Magazine reported that “DARPA’s Warrior Web program is extending an ongoing partnership with Harvard University faculty to demonstrate a proof of concept for a ‘radically new approach to wearable robot design and fabrication,’ the institute announced last month.” According to experts, the suit has the potential to help reduce soldier injuries due to fatigue, and possibly could be used to assist those with limited mobility. “The Warrior Web program’s ultimate goal is a lightweight, conformal under-suit that is functionally transparent to the user — similar to a diver’s wetsuit,” according to the Defense Department’s Armed with Science blog.

Government IT Talking Points

This article from the eCommerceTimes reported that medical devices post greater risks of being vulnerable to cyberattacks, since they are connected to networks. In recognition of this growing threat, the FDA has created a new set of guidelines for medical device manufacturers that are designed to better protect patient data. The new recommendations are found in a document titled “Content of Premarket Submissions for Management of Cybersecurity in Medical Devices.” The new guidelines require manufacturers to submit documentation to the FDA identifying risks and controls in place to mitigate those risks.

For more news and insights, visit BSMinfo’s Government IT Resource Center.