• Stanford Cyber Initiative addresses cybersecurity, governance, and the future of work

    Daily headlines emphasize the down side of technology: cyberattacks, election hacking and the threat of fake news. In response, government organizations are scrambling to understand how policy should shape technology’s role in governance, security and jobs. The Stanford Cyber Initiative is bringing together scholars from all over campus to confront the challenges technology presents.

  • Tracing the sources of today’s Russian cyberthreat

    Cyberspace is an active battleground, with cybercriminals, government agents and even military personnel probing weaknesses in corporate, national and even personal online defenses. Some of the most talented and dangerous cybercrooks and cyberwarriors come from Russia, which is a longtime meddler in other countries’ affairs. Over decades, Russian operators have stolen terabytes of data, taken control of millions of computers and raked in billions of dollars. They’ve shut down electricity in Ukraine and meddled in elections in the U.S. and elsewhere. They’ve engaged in disinformation and disclosed pilfered information such as the emails stolen from Hillary Clinton’s campaign chairman, John Podesta, following successful spearphishing attacks. Who are these operators, why are they so skilled and what are they up to?

  • Clear tactics, if only few easy solutions, for hospitals tackling ransomware

    Hospitals facing the prospect of ransomware attacks like the one that afflicted British hospitals in May can take many concrete steps to better protect themselves, but some of the most important measures — such as a national policy not to pay ransoms — may be tougher to formulate.

  • Hurricane loss model estimates damage caused by Hurricane Irma at $19 billion

    A team of researchers estimates that Hurricane Irma caused $19.4 billion in wind-related losses to Florida residents alone. The data does not cover flood losses. Of that total, $6.3 billion will be paid by insurance companies. As a result, roughly two-thirds of the losses will be borne by homeowners.

  • Equifax breach is a reminder of society’s larger cybersecurity problems

    The Equifax data breach was yet another cybersecurity incident involving the theft of significant personal data from a large company. Moreover, it is another reminder that the modern world depends on critical systems, networks and data repositories that are not as secure as they should be. And it signals that these data breaches will continue until society as a whole (industry, government and individual users) is able to objectively assess and improve cybersecurity procedures. We all must take a realistic look at the state of cybersecurity, admit the mistakes that have happened and change our thinking for the better. Only then can anyone – much less everyone – take on the task of devoting time, money and personnel to making the necessary changes for meaningful security improvements. It will take a long time, and will require inconvenience and hard work. But it’s the only way forward.

  • Economic costs of Harvey, Irma $200-$300 billion; insured cost to reach $70 billion

    The insured cost of Hurricanes Harvey and Irma is likely to reach $70 billion, while the economic cost — which includes uninsured losses – is in the range of $200 billion to $300 billion, leading insurers say. Lloyd’s of London said the claims would make 2017 one of the worst years for natural disasters with the hurricane season not yet over.

  • Can taking down websites really stop terrorists and hate groups?

    Racists and terrorists, and many other extremists, have used the internet for decades and adapted as technology evolved, shifting from text-only discussion forums to elaborate and interactive websites, custom-built secure messaging systems and even entire social media platforms. Recent efforts to deny these groups online platforms will not kick hate groups, nor hate speech, off the web. In fact, some scholars theorize that attempts to shut down hate speech online may cause a backlash, worsening the problem and making hate groups more attractive to marginalized and stigmatized people, groups, and movements. The tech industry, law enforcement, and policymakers must develop a more measured and coordinated approach to the removal of extremist and terrorist content online. The only way to really eliminate this kind of online content is to decrease the number of people who support it.

  • How “dreamers” and green card lottery winners strengthen the U.S. economy

    Those who wish to restrict immigration often cite what they naïvely call “supply-and-demand economics” to essentially argue that the economy is a fixed pie that gets divided among a country’s residents. Fewer immigrants means “more pie” for the U.S.-born, as the story goes. I am an economist, and this is not what my colleagues and I say. The commonplace argument that increases in the volume of immigration, by themselves, lower wages and take jobs from Americans – an argument which Attorney General Jeff Sessions used to defend ending DACA – has neither empirical nor theoretical support in economics. It is just a myth. Instead, both theory and empirical research show that immigration, including low-skill and low-English immigration, grows the pie and strengthens the American workforce.

  • DHS instructs government agencies to stop using Kaspersky Lab’s software

    DHS on Wednesday, referring to reports about the links between the Russian cybersecurity company and Russian intelligence agencies, ordered all U.S. government agencies to stop using Kaspersky Lab software products. DHS gave the agencies thirty days to identify any Kaspersky products they were using, and ninety days to remove all such products. A former FBI official, referring to Eugene Kaspersky, the company founder, said: “He wouldn’t help us at all… From the early 2000s, it was felt Kaspersky was an FSB [the successor agency of the KGB] guy and everything he’d developed was just a huge front.”

  • Rethinking where/whether to rebuild after Hurricanes Irma, Harvey

    Though our natural instinct is to put everything back exactly where it was before a disaster, Mark Abkowitz, professor of civil and environmental engineering and director of the Vanderbilt Center for Environmental Management Studies said people need to seriously rethink where and how to rebuild. “We’re talking hurricanes now, but it could be inland flooding, tornadoes, drought, wildfires, earthquakes. The question really comes up: If we had things the way they were and they suffered the level of catastrophic impact that they did, what’s the reasoning behind putting it back exactly the way it was before?” asks Abkowitz.

  • Is the new iPhone designed for cybersafety?

    As eager customers meet the new iPhone, they’ll explore the latest installment in Apple’s decade-long drive to make sleeker and sexier phones. But to me as a scholar of cybersecurity, these revolutionary innovations have not come without compromises. Many of Apple’s decisions about the iPhone were driven by design – including wanting to be different or to make things simpler – rather than for practical reasons. Apple has steadily strengthened the encryption of the data on its phones, but other developments have made people less safe and secure. Today, unsafe decisions are far easier to make on your phone than on your computer. And more people now use their phones for doing more things than ever before. Making phones slimmer, shinier and sexier is great. But making sure every user can make cybersafe decisions is yet to be “Designed by Apple.” Here’s hoping the next iPhone does that.

  • Designing a post-Harvey Houston for the future

    Being honest about the extent and urgency of the Houston-Galveston region’s flooding problem will not harm the community but will form the basis for recovery, according to a paper by an engineering and environmental expert. “Denying fundamental truths and moving forward with business as usual will be the economic death knell for the Houston region,” Rice University’s Jim Blackburn wrote in a paper highlighting fifteen policies and actions that are meant to initiate a conversation about designing a Houston for the future. “And make no mistake about it — how we respond to this horrible reality will determine the economic future of our region.”

  • What lessons will Houston-area officials learn from Harvey? History gives us a clue

    As Houston begins to recover from Harvey, a growing chorus of voices is calling for big policy changes to reduce flood damage from future disasters. Local officials haven’t said much about what they might pursue, but history offers some clues.

  • Western energy sector target of sophisticated attack by Russian-linked group Dragonfly

    The energy sector in Europe and North America is being targeted by a new wave of cyberattacks that could provide attackers with the means to severely disrupt affected operations. The group behind these attacks is known as Dragonfly. The group has been in operation since at least 2011 but has re-emerged over the past two years from a quiet period following exposure by Symantec and a number of other researchers in 2014. This “Dragonfly 2.0” campaign, which appears to have begun in late 2015, shares tactics and tools used in earlier campaigns by the group.

  • Equifax breach will haunt Americans for decades

    Cyberexperts say that the Equifax giant cybersecurity breach which compromised the personal information of as many as 143 million Americans — almost half the country – will have long-term consequences for many Americans. Looking ahead, for decades almost 50 percent of the U.S. population will have trouble applying for home loans, credit cards, cell phones, or simply passing background checks.