-
Hacked satellite could launch microwave-like attacks
The satellite communications which ships, planes, and the military use to connect to the internet are vulnerable to hackers which, in the worst-case scenario, could carry out “cyber-physical attacks,” turning satellite antennas into weapons which operate, in effect, like microwave ovens. An expert speaking at the Black Hat conference in Las Vegas, said that a number of popular satellite communication systems are vulnerable to such attacks, which could also leak information and hack connected devices.
-
-
Closing security hole in popular encryption software
Cybersecurity researchers have helped close a security vulnerability that could have allowed hackers to steal encryption keys from a popular security package by briefly listening in on unintended “side channel” signals from smartphones.
-
-
EU develops legislation to tackle online terrorism-promoting content
The EU is planning to take legal measures to control online content which supports and promotes terrorism. The EU Security Commissioner, Julian King, said voluntary agreements, which are currently in place, had not provided European citizens enough protection against exposure to terrorist-promoting content.
-
-
We researched Russian trolls and figured out exactly how they neutralize certain news
Russian “troll factories” have been making headlines for some time. First, as the Kremlin’s digital guardians in the Russian blogosphere. Then, as subversive cyber-squads meddling with U.S. elections. A few statistical analyses of large samples of trolling posts also show that institutionalized political trolling and the use of bots have become a consolidated practice that significantly affect the online public sphere. What has been shrouded in mystery so far, however, is how institutionalized, industrialized political trolling works on a daily basis. We have also lacked a proper understanding of how it affects the state’s relations with society generally, and security processes in particular.
-
-
Curbing fake news
Falsified information, in the form of provoking and doctored content, can travel over these platforms unmonitored. Well-crafted content is potent enough for opinion engineering. The problem is more worrisome for mature economies, which are likely to consume more convincing fake news content than real correct information by 2022, as per a Gartner research. As the interest in fake news and other illicit content grows, their implications for society and the individual in turn are grim. In the quest of finding an immediate solution to this, social media giants are experimenting with Artificial Intelligence (AI), which for decades has been used to curb spam emails.
-
-
Urban water services vulnerable to attacks using a botnet of smart commercial irrigation systems
Cybersecurity researchers warn of a potential distributed attack against urban water services which uses a botnet of smart irrigation systems. The researchers analyzed and found vulnerabilities in a number of commercial smart irrigation systems, which enable attackers to remotely turn watering systems on and off at will. Botnet attacks can also empty an urban water tower in an hour, and empty flood water reservoir overnight.
-
-
Serious vulnerabilities discovered in WhatsApp, allowing fake attribution, message manipulation
WhatsApp, the Facebook-owned messaging application, has more than 1.5 billion users with more than one billion groups and 65 billion messages sent every day. With so much chatter, the potential for online scams, unfounded rumors, and fake news is huge. Cybersecurity firm Check Point Research says that it does not help if threat actors have an additional weapon in their arsenal to use the platform for their malicious intentions.
-
-
Maryland lawmakers question Russian investment in election technology
Two lawmakers, Senator Ben Cardin (D-Maryland) and Chris Van Hollen (D-Maryland) have sent a letter to Treasury Secretary Steve Mnuchin asking that he instruct the Committee on Foreign Investment in the U.S.(CFIUS), which he chairs, to review a Russian oligarch’s financial stake in ByteGrid, a web hosting company which hosts much of Maryland’s election systems. “ByteGrid hosts Maryland’s voter registration system, candidacy and election management system, online ballot delivery system, and unofficial election night results website. Access to these systems could provide a foreign person with ties to a foreign government with information that could be used for intelligence or other purposes adverse to U.S. interests,” the two senators write.
-
-
As Russians hack the U.S. grid, a look at what’s needed to protect it
The U.S. electricity grid is hard to defend because of its enormous size and heavy dependency on digital communication and computerized control software. The number of potential targets is growing as “internet of things” devices, such as smart meters, solar arrays and household batteries, connect to smart grid systems. In late 2015 and again in 2016, Russian hackers shut down parts of Ukraine’s power grid. In March 2018, federal officials warned that Russians had penetrated the computers of multiple U.S. electric utilities and were able to gain access to critical control systems. Four months later, the Wall Street Journal reported that the hackers’ access had included privileges that were sufficient to cause power outages. It’s important for electric utilities, grid operators and vendors to remain vigilant and deploy multiple layers of defense.
-
-
A Mueller-like criminal investigation into Russia’s meddling in U.K. politics needed: MP
British lawmaker calls for launching a criminal investigation in the U.K., modelled after the investigation of Special Counsel Robert Mueller in the United States, to explore the reach and extent of Russia’s efforts to interfere in British democracy. Damian Collins, a Conservative MP, said that only a police investigation, with the power to seize documents and subpoena witnesses, could ascertain the scope of any Kremlin-orchestrated campaign to influence the 2016 referendum over Britain’s membership in the EU. Such an investigation, he said, would also ensure that future elections were protected from attack by foreign powers.
-
-
Making phrase-based passwords more user friendly for better online security
Although passphrases, or phrase-based passwords, have been found to be more secure than traditional passwords, human factors issues such as typographical errors and memorability have slowed their wider adoption. Researchers have developed and tested two new passphrase systems that seek to address these shortcomings and improve the usability and security of existing passphrase authentication systems.
-
-
Toward a more secure electrical grid
Not long ago, getting a virus was about the worst thing computer users could expect in terms of system vulnerability. But in our current age of hyper-connectedness and the emerging Internet of Things, that’s no longer the case. With connectivity, a new principle has emerged, one of universal concern to those who work in the area of systems control. That law says, essentially, that the more complex and connected a system is, the more susceptible it is to disruptive cyber-attacks.
-
-
U.S. national security leaders on Russia’s attacks: "Our democracy itself is in the crosshairs”
In joint press briefing in the White House on Thursday, the leaders of U.S. intelligence and national security offered a detailed and disturbing picture of Russia’s on-going meddling in U.S. politics, and the efforts by Russian government hackers and disinformation specialists to shape the outcome of the 2018 congressional midterms elections. Director of National Intelligence Dan Coats said Russia is engaging in “pervasive messaging campaign to try to weaken and divide the United States.” DHS Secretary Kirstjen Nielsen said: “Our democracy itself is in the crosshairs.” President Donald Trump, speaking at a campaign rally in Pennsylvania a few hours after the briefing at the White House, dismissed the judgement of the U.S. intelligence and national security leaders. “In Helsinki, I had a great meeting with Putin. We discussed everything,” Trump said to cheers from the crowd. “We got along really well… Now, we are being hindered by the Russian hoax. It’s a hoax, okay?”
-
-
Russia’s influence campaign can “wreak havoc in our society and in our elections”
On Wednesday, 1 August, the U.S. Senate Intelligence Committee convened an open hearing on foreign influence operations and their use of social media platforms. “Twenty-one months after the 2016 election – and only three months before the 2018 elections – Russian-backed operatives continue to infiltrate and manipulate social media to hijack the national conversation and set Americans against each other. They were doing it in 2016. They are still doing it today,” Senator Mark Warner (D-Virginia), vice-chairman of the committee said. “These active measures have two things in common: They are effective. And they are cheap. For just pennies on the dollar, they can wreak havoc in our society and in our elections. I’m concerned that even after 18 months of study, we are still only scratching the surface when it comes to Russia’s information warfare.”
-
-
Bipartisan bill introduces “crushing” measures against “Kremlin aggression”
An influential bipartisan group of U.S. senators has introduced a package of measures designed to “defend American security from Kremlin aggression,” including new financial sanctions and a “strong statement of support” for NATO. The bill introduced on 2 August represents at least the fourth piece of legislation circulating in Congress to punish Russia for its alleged interference in U.S. elections, its aggression in Ukraine and Syria, and other “malign” activities. “The current sanctions regime has failed to deter Russia from meddling in the upcoming 2018 midterm elections,” Senator Lindsey Graham (R-South Carolina) said in a statement introducing the bill. “Our goal is to change the status quo and impose crushing sanctions and other measures against [President Vladimir] Putin’s Russia until he ceases and desists meddling in the U.S. electoral process, halts cyberattacks on U.S. infrastructure, removes Russia from Ukraine, and ceases efforts to create chaos in Syria,” Graham said.
-
More headlines
The long view
States Rush to Combat AI Threat to Elections
This year’s presidential election will be the first since generative AI became widely available. That’s raising fears that millions of voters could be deceived by a barrage of political deepfakes. Congress has done little to address the issue, but states are moving aggressively to respond — though questions remain about how effective any new measures to combat AI-created disinformation will be.
Ransomware Attacks: Death Threats, Endangered Patients and Millions of Dollars in Damages
A ransomware attack on Change Healthcare, a company that processes 15 billion health care transactions annually and deals with 1 in 3 patient records in the United States, is continuing to cause massive disruptions nearly three weeks later. The incident, which started on February 21, has been called the “most significant cyberattack on the U.S. health care system” by the American Hospital Association. It is just the latest example of an increasing trend.
Chinese Government Hackers Targeted Critics of China, U.S. Businesses and Politicians
An indictment was unsealed Monday charging seven nationals of the People’s Republic of China (PRC) with conspiracy to commit computer intrusions and conspiracy to commit wire fraud for their involvement in a PRC-based hacking group that spent approximately 14 years targeting U.S. and foreign critics, businesses, and political officials in furtherance of the PRC’s economic espionage and foreign intelligence objectives.
Autonomous Vehicle Technology Vulnerable to Road Object Spoofing and Vanishing Attacks
Researchers have demonstrated the potentially hazardous vulnerabilities associated with the technology called LiDAR, or Light Detection and Ranging, many autonomous vehicles use to navigate streets, roads and highways. The researchers have shown how to use lasers to fool LiDAR into “seeing” objects that are not present and missing those that are – deficiencies that can cause unwarranted and unsafe braking or collisions.
Tantalizing Method to Study Cyberdeterrence
Tantalus is unlike most war games because it is experimental instead of experiential — the immersive game differs by overlapping scientific rigor and quantitative assessment methods with the experimental sciences, and experimental war gaming provides insightful data for real-world cyberattacks.