Free NIST Software Tool Boosts Detection of Software Bugs

President Obama has declared March 4-10, 2012 as National Consumer Protection Week, building on a coordinated effort that encourages consumers nationwide to take full advantage of their consumer rights and make better-informed decisions. The Commerce Department is using this occasion to showcase the efforts of our Internet Policy Task Force, which is leveraging the expertise of several Commerce bureaus that are aimed at ensuring continued innovation in the Internet economy and preserving consumer trust in Internet commerce and online interactions.  In particular, the Task Force continues to move forward in our work to promote new efforts that will lead to improved Internet privacy protection and better security for consumers online.In September, the National Institute of Standards and Technology (NIST) and The National Telecommunications and Information Administration (NTIA) in cooperation with the Department of Homeland Security, released Request for Information (RFI) to focus on the growing concern around a specific Internet security risk related to "botnets."While security risks on the Internet continue to exist in many areas, one increasingly exploited threat is the global rise of botnets. A botnet infection can lead to the monitoring of a consumer's personal information and communication, and exploitation of that consumer's computing power and Internet access. Researchers suggest an average of about 4 million new botnet infections occur every month.

According to a recent industry study, cyber crimes cost the global economy $388 billion annually in both direct financial losses and the value of lost time dealing with the effects of cyber crime. The study found that about 431 million adults are victims of cyber crime each year. Another recent study found that annual cyber crime costs for larger U.S. companies averaged about $5.9 million each with a 44 percent increase in the number of successful cyber attacks compared to the previous year. To help organizations better protect themselves from such threats, the Commerce Department’s National Institute of Standards and Technology (NIST) today announced a new partnership to establish the National Cybersecurity Center of Excellence.  The Center will operate as a public-private collaboration for accelerating the widespread adoption of integrated cybersecurity tools and technologies. The State of Maryland and Montgomery County, Md., are co-sponsoring the Center with NIST, which will work to strengthen U.S. economic growth by supporting automated and trustworthy e-government and e-commerce. U.S. Senator for Maryland Barbara Mikulski, Maryland Lt. Governor Anthony Brown and Montgomery County Executive Isiah Leggett were at NIST in Gaithersburg, Md., today to announce the partnership with Under Secretary of Commerce for Standards and Technology and NIST Director Patrick Gallagher.

Guest blog post by Donna Dodson, Chief, Computer Security Division and Acting Director, National Cybersecurity Center of Excellence, National Institute of Standards and TechnologyThis week, Commerce's National Institute of Standards and Technology (NIST) hosted a workshop to kick off the National Cybersecurity Center of Excellence (NCCoE), a new public-private collaboration that will bring together experts from industry, government and academia to design, implement, test and demonstrate integrated cybersecurity solutions and promote their widespread adoption.IT is central to financial, communications, healthcare and physical infrastructures and even entertainment systems. It is also under constant attack by cybercriminals looking to steal business data, personal information and devices, or disrupt private and government business with malicious code, denial of service and Web-based attacks.We were excited to bring together representatives from various industry sectors (health, utility, financial, and more), along with those from government agencies, academia and other organizations to learn how the center will operate and how the public can participate. In the photo here, NIST’s Curt Barker, Karen Waltermire, and Henry Wixon are seen explaining how interested parties can get involved.The NCCoE will provide a state-of-the-art computing facility where researchers from NIST can work collaboratively with both the users and vendors of products and services on holistic cybersecurity approaches. NIST is hosting the center in collaboration with the state of Maryland and Montgomery County, Md.By providing a test bed where new ideas and technologies can be tried out before being deployed, the center provides the opportunity to thoroughly document and share each solution, supporting specific industry sector business challenges. This will encourage the rapid adoption of comprehensive cybersecurity templates and approaches that support automated and trustworthy e-government and e-commerce.

The U.S. Department of Homeland Security urged computer users to disable Oracle Corp’s Java software, amplifying security experts’ prior warnings to hundreds of millions of consumers and businesses that use it to surf the Web. Hackers have figured out how to exploit Java to install malicious software enabling them to commit crimes ranging from identity theft to making an infected computer part of an ad-hoc network of computers that can be used to attack websites.

Scientists, industry leaders and public officials came together this week for a dialogue on innovation at The Atlantic's “From Inspiration to Innovation Summit,” held at Ronald Reagan Washington National Airport in Arlington, Va. Under Secretary of Commerce for Standards and Technology and National Institute of Standards and Technology (NIST) Director Patrick Gallagher was among the invited speakers on the panel, “Advanced Manufacturing: Made in America. . . Again?” Responding to a question about NIST’s role in supporting manufacturing, Gallagher pointed out that the agency’s mission goes back more than 110 years. Then, and now, that mission has been to ensure that U.S. industries have the infrastructure of measurements, standards, and technology they need to be competitive in global markets, particularly manufacturing-based industries. That mission is even more important today, when so much manufacturing is tied to advanced technology, and our research and development—our ability to innovate—is deeply embedded in our manufacturing capability.

In 1940, the United States was officially not involved in the burgeoning conflicts in Europe and Asia. Yet secretly the country was hurriedly preparing for war. A decade of drought and economic depression and 20 years of peace had left the military with a fleet of outdated ships, divisions of ancient armored vehicles, scores of rusty rifles, and little in the way of new weapons and other technological development. Mobilizing for war in the face of these deficits required materials and production on a monumental scale. The National Institute of Standards and Technology (then called the National Bureau of Standards) was enlisted to ensure that those materials and the manufacturing processes used to shape them were of the highest quality and performed as expected.   By December 1941, 90 percent of NIST’s staff was engaged in war research. Among the first orders of business was to test enormous quantities of quartz, which was necessary for tuning the frequency of radios and radar. NIST tested 6 million pounds of quartz by the end of the war and found more than a 25 percent of it unsuitable for use.  With the country cut off from supplies of natural rubber, NIST supplied data and created tests and standards needed for the full-scale manufacture of high quality synthetics. NIST built wind tunnels for bomb and projectile research and manufactured and calibrated thousands upon thousands of gage blocks—small metal rectangular blocks used in every aspect of precision metal work and the manufacture of interchangeable parts.