Cybersecurity | Homeland Security Newswire

  • Considered opinion: Election questionsWhy political scientists aren’t writing about Russian hackers

    By Robert G. Boatright

    Political scientists who study election mechanics — — campaign finance, what polling data have to do with voting, how different population groups vote, how effective political advertisements are — are yet to come to grips with the role Russian government agents played in the 2016 election. Clark University political scientists Robert Boatright writes that “We don’t have the ability to track exactly what went on over Twitter or Facebook in the election, which accounts were real and which were fake. And … we may not regain the sort of transparency that enabled us to study elections with the precision we once did. We don’t really have any precedent for studying what a foreign government might do to influence an American campaign in this way because it hasn’t been done before in the United States. Maybe we’ll get there in a few years, but for now, all we know is that our research is more likely than usual to be incomplete.”

  • Election security11-year old took 10 minutes to hack a replica of Florida's election reporting website

    DEFCON, the world’s largest hacking convention, took place in Las Vegas over the weekend. Emmett Brewer, one of about 40 children between the ages of 8 and 16 who were taking part in the event, took less than 10 minutes to hack into a replica of Florida’s election reporting website. An 11-year old girl also managed to break into the site, tripling the number of votes for one of the candidates. Several 8-year old kids managed to tamper with vote tallies and change candidates’ names.

  • The Russian connectionRussian spy software in U.S. home and office routers

    The Russian government hackers known as APT 28 or Fancy Bear – the operatives who were behind information attacks against the Democratic National Committee and the Hillary Clinton Campaign, among others – have infiltrated hundreds of thousands of home and office routers worldwide. The presence of Russian malware on the routers could enable the Kremlin to steal individuals’ data or enlist their devices in a massive attack intended to disrupt global economic activity or target institutions.

  • CybersecuritySecurity gaps identified in internet protocol IPsec

    Researchers have demonstrated that the Internet protocol “IPsec” is vulnerable to attacks. The Internet Key Exchange protocol “IKEv1,” which is part of the protocol family, has vulnerabilities that enable potential attackers to interfere with the communication process and intercept specific information.

  • CybersecurityIntel processor vulnerability could expose millions of PCs at risk

    A newly discovered processor vulnerability could potentially put secure information at risk in any Intel-based PC manufactured since 2008. It could affect users who rely on a digital lockbox feature known as Intel Software Guard Extensions, or SGX, as well as those who utilize common cloud-based services, a new report says.

  • Election securityNew bill to help protect security of U.S. elections

    On Friday, four members of the House Permanent Select Committee on Intelligence (HPSCI) introduced the Secure Elections Act, which would provide local communities and state governments with the resources needed to strengthen election systems against cyberattacks. “Hostile foreign actors have attempted and will continue to attempt to undermine the fundamentals of our democracy by attacking our electoral process,” said Representative Trey Gowdy (R-South Carolina), one of the bill’s sponsors. “It is our responsibility to take every precaution necessary to safeguard our elections and ensure no vote count is ever interfered with.

  • Truth decayFake news is not just bad news: It is bad for the bottom line, too

    Note to Mark Zuckerberg: Beware of misinformation. Research makes a case that misinformation is a business risk for social media platforms, and proposes informational methods to alleviate the phenomenon of “fake news.” The research also suggests that Facebook users who help expose falsehoods should be compensated.

  • Space weaponsHacked satellite could launch microwave-like attacks

    The satellite communications which ships, planes, and the military use to connect to the internet are vulnerable to hackers which, in the worst-case scenario, could carry out “cyber-physical attacks,” turning satellite antennas into weapons which operate, in effect, like microwave ovens. An expert speaking at the Black Hat conference in Las Vegas, said that a number of popular satellite communication systems are vulnerable to such attacks, which could also leak information and hack connected devices.

  • EncryptionClosing security hole in popular encryption software

    Cybersecurity researchers have helped close a security vulnerability that could have allowed hackers to steal encryption keys from a popular security package by briefly listening in on unintended “side channel” signals from smartphones.

  • Terrorism & social mediaEU develops legislation to tackle online terrorism-promoting content

    The EU is planning to take legal measures to control online content which supports and promotes terrorism. The EU Security Commissioner, Julian King, said voluntary agreements, which are currently in place, had not provided European citizens enough protection against exposure to terrorist-promoting content.

  • Influence operationsWe researched Russian trolls and figured out exactly how they neutralize certain news

    By Xymena Kurowska and Anatoly Reshetnikov

    Russian “troll factories” have been making headlines for some time. First, as the Kremlin’s digital guardians in the Russian blogosphere. Then, as subversive cyber-squads meddling with U.S. elections. A few statistical analyses of large samples of trolling posts also show that institutionalized political trolling and the use of bots have become a consolidated practice that significantly affect the online public sphere. What has been shrouded in mystery so far, however, is how institutionalized, industrialized political trolling works on a daily basis. We have also lacked a proper understanding of how it affects the state’s relations with society generally, and security processes in particular.

  • Influence operationsCurbing fake news

    By Munish Sharma

    Falsified information, in the form of provoking and doctored content, can travel over these platforms unmonitored. Well-crafted content is potent enough for opinion engineering. The problem is more worrisome for mature economies, which are likely to consume more convincing fake news content than real correct information by 2022, as per a Gartner research. As the interest in fake news and other illicit content grows, their implications for society and the individual in turn are grim. In the quest of finding an immediate solution to this, social media giants are experimenting with Artificial Intelligence (AI), which for decades has been used to curb spam emails.

  • Critical infrastructureUrban water services vulnerable to attacks using a botnet of smart commercial irrigation systems

    Cybersecurity researchers warn of a potential distributed attack against urban water services which uses a botnet of smart irrigation systems. The researchers analyzed and found vulnerabilities in a number of commercial smart irrigation systems, which enable attackers to remotely turn watering systems on and off at will. Botnet attacks can also empty an urban water tower in an hour, and empty flood water reservoir overnight.

  • CybersecuritySerious vulnerabilities discovered in WhatsApp, allowing fake attribution, message manipulation

    WhatsApp, the Facebook-owned messaging application, has more than 1.5 billion users with more than one billion groups and 65 billion messages sent every day. With so much chatter, the potential for online scams, unfounded rumors, and fake news is huge. Cybersecurity firm Check Point Research says that it does not help if threat actors have an additional weapon in their arsenal to use the platform for their malicious intentions.

  • The Russia connectionMaryland lawmakers question Russian investment in election technology

    Two lawmakers, Senator Ben Cardin (D-Maryland) and Chris Van Hollen (D-Maryland) have sent a letter to Treasury Secretary Steve Mnuchin asking that he instruct the Committee on Foreign Investment in the U.S.(CFIUS), which he chairs, to review a Russian oligarch’s financial stake in ByteGrid, a web hosting company which hosts much of Maryland’s election systems. “ByteGrid hosts Maryland’s voter registration system, candidacy and election management system, online ballot delivery system, and unofficial election night results website. Access to these systems could provide a foreign person with ties to a foreign government with information that could be used for intelligence or other purposes adverse to U.S. interests,” the two senators write.