• The Russian connectionRussia “weaponized information” to sow discord in West, destroy post-WWII international order: Theresa May

    U.K. prime minister Theresa May, in an extraordinary attack on Russia’s broad cyber-campaign against Western countries, has accused Russia of meddling in the elections of Western democracies and planting fake stories in other countries’ media in a sustained effort to “weaponize information” in order to sow discord and deepen internal conflicts Western democracies. May, speaking at the Lord Mayor’s Banquet on 13 November 2017, said that Russia’s goal was to destabilize, if not destroy, the post-Second World Order rules-based international order.

  • The Russian connectionRussia has been cyber-attacking “U.K. media, telecommunications, and energy sectors”: U.K. cybersecurity chief

    Ciaran Martin, CEO of the U.K. National Cyber Security Center (NCSC): “I can confirm that Russian interference, seen by the National Cyber Security Center, has included attacks on the U.K. media, telecommunications and energy sectors. That is clearly a cause for concern — Russia is seeking to undermine the international system.”

  • Considered opinionAnatomy of a fake news scandal

    By Amanda Robb

    On 1 December 2016, Alex Jones, the Info-Wars host, a conspiracy-theories peddler, and a fervent Trump booster, was reporting that Hillary Clinton was sexually abusing children in satanic rituals in the basement of a Washington, D.C., pizza restaurant. How was this fake story fabricated and disseminated? “We found ordinary people, online activists, bots, foreign agents and domestic political operatives,” Reveal’s researchers say. “Many of them were associates of the Trump campaign. Others had ties with Russia. Working together – though often unwittingly – they flourished in a new ‘post-truth’ information ecosystem, a space where false claims are defended as absolute facts. What’s different about Pizzagate, says Samuel Woolley, a leading expert in computational propaganda, is it was ‘retweeted and picked up by some of the most powerful faces of American politics’.”

  • CyberthreatsNATO launches Cyber Operations Center

    Russia’s successful cyber-interference on behalf of its favored candidates, partiers, and causes in the United States, France, the Netherland, Germany, and the United Kingdom; its effective cyberattacks on infrastructure facilities in Ukraine and the Baltic states; and the growing cyberthreats from China, North Korea, and Iran, have convinced the member states of NATO that these threats must be met in a more systematic and comprehensive fashion.

  • The Russian connectionExtremist content and Russian disinformation online: Working with tech to find solutions

    By Clint Watts

    “It’s been more than a year since my colleagues and I described in writing how the Russian disinformation system attacked our American democracy. We’ve all learned considerably more since then about the Kremlin’s campaigns, witnessed their move to France and Germany and now watch as the world worst regimes duplicate their methods. Yet our country remains stalled in observation, halted by deliberation and with each day more divided by manipulative forces coming from afar. The U.S. government, social media companies, and democracies around the world don’t have any more time to wait. In conclusion, civil wars don’t start with gunshots, they start with words. America’s war with itself has already begun. We all must act now on the social media battlefield to quell information rebellions that can quickly lead to violent confrontations and easily transform us into the Divided States of America.”

  • CybersecurityBiology can show us how to stop hackers

    “Biology is the true science of security. And by that I mean that organisms have had to contend with adversaries and competitors from the very beginning of their evolutionary history. As a result, they’ve evolved an incredible repertoire of defense systems to protect themselves,” says an expert on biology and computation. “Looking at how biological systems have learned to protect themselves can suggest novel approaches to security problems,” ASU’s Professor Stephanie Forrest says. “What I try to do is look at biological mechanisms and principles and translate those mechanisms and architectures into computational algorithms that protect computers.”

  • The Russian connectionRussia’s pro-Trump campaign began early, aiming to help him win GOP primaries: WSJ

    The U.S. intelligence community cited December 2015 as the earliest suspected time that Russian government social media account began their broad campaign in support of Donald Trump. A Wall Street Journal investigation reveals that the Kremlin’s campaign of support for Trump began six months earlier, in June 2015, days after he announced his candidacy. This earlier Russian disinformation campaign was aimed to help Trump defeat his Republican primary rivals. This early campaign, however, already engaged in dissemination of fake stories aiming to tarnish Hillary Clinton and undermine her campaign.

  • CybersecurityThe challenge of authenticating real humans in a digital world

    By Jungwoo Ryoo

    There are three main ways of proving an identity. One involves something you know – like a password or your mother’s maiden name. A second method of authentication is with something you have – such as a key to your home’s front door or a smart card to swipe at work. A third way is by digitally authenticating the individual human being – who you are – with some aspect of your biology. This increasing dependence on digital authentication may actually result in less security. While cameras, sensors and other devices can make authentication easier for people to accomplish, they carry their own weaknesses. It may be more convenient, and even more secure, than a magnetic strip on a plastic card in your wallet. But the potential dangers will require much higher security for private information, particularly biometric data. A real identity still comes down to flesh and blood.

  • Cybersecurity“Combosquatting” attacks, hiding in plain sight, trick computer users

    To guard against unknowingly visiting malicious websites, computer users have been taught to double-check website URLs before they click on a link. But attackers are now taking advantage of that practice to trick users into visiting website domains that contain familiar trademarks — but with additional words that change the destination to an attack site. The attack strategy, known as combosquatting, is a growing threat, with millions of such domains set up for malicious purposes.

  • CryptocurrencyThe real risks quantum attacks will pose for Bitcoin

    Combining expertise in quantum technologies and cryptography, researchers have been projecting future dates that quantum computers could jeopardize the security of current cryptocurrencies, a market now worth over $150 billion, and assessing countermeasures to such attacks.

  • The Russian connectionDOJ considering charging Russian government officials in DNC, Podesta hacks

    The Department of Justice has identified six Russian government officials involved in hacking the DNC and using the information against candidate Hillary Clinton during the 2016 election. Prosecutors have enough evidence to bring charges against those individuals by next year. The information gathered by DOJ supports the U.S. intelligence community’s conclusion that Russian President Vladimir Putin ordered Russian government agencies to launch a coordinated effort to help Trump win the November election. DOJ has identified Russian hackers working for both military and intelligence agencies in Russia.

  • CybersecurityA third of the internet is under DoS attack

    For the first time, researchers have carried out a large-scale analysis of victims of internet denial-of-service (DoS) attacks worldwide. And what they found is, in a phrase from their study, “an eye-opening statistic.” The researchers found that about one-third of the IPv4 address space was subject to some kind of DoS attacks, where a perpetrator maliciously disrupts services of a host connected to the internet. IPv4 is the fourth version of an Internet Protocol (IP) address, a numerical label assigned to each device participating in a computer network.

  • EncryptionReal security requires strong encryption – even if investigators get blocked

    By Susan Landau

    The FBI and the U.S. Department of Justice have been fighting against easy, widespread public access to encryption technologies for 25 years. Since the bureau’s dispute with Apple in 2016 over access to the encrypted iPhone of one of the two people who shot 14 victims in San Bernardino, California, this battle has become more pitched. This dispute is not about whether regular people can or should use encryption: The U.S. government is in favor of using encryption to secure data. Rather, it’s about the FBI’s demand that encryption systems include “exceptional access,” enabling police who get a warrant to circumvent the encryption on a device or on an encrypted call. The demand for exceptional access by law enforcement is a broad threat to fundamental parts of American society, and it poses a serious danger to national security as well as individual privacy. As technology changes, the jobs of police and intelligence workers must also change; in some ways, it will be harder, in others, easier. But the basic need for security supports the call for wide use of strong encryption – and without modifications that make it easy for Russians, or others, to break in.

  • Election securityChallenges to U.S. election integrity

    Various concerns about the security of U.S. elections have arisen over the past two decades, some more significant than others. While many studies have shown that voter fraud, for instance, is vanishingly rare in the U.S., what about the state of electoral administration, lost votes, and cyberattacks? MIT experts offer insights on data, technology, and election security in an era of rising concern.

  • Infrastructure protectionIsraeli software gives New York power plants “Iron Dome” protection against failures

    An Israeli company that developed the software for Israel’s Iron Dome anti-missile system is working with the New York Power Authority to prevent unexpected shutdowns. New York State Robert Moses Niagara Power Plant, Blenheim-Gilboa Pumped-Storage Power Plant, and a 500 MW plant in Queens now have software based on the software that runs Iron Dome.