-
Mobile security messages 20 percent more effective if warnings vary in appearance
Using brain data, eye-tracking data and field-study data, researchers have confirmed something about our interaction with security warnings on computers and phones: the more we see them, the more we tune them out. But the major study also finds that slight changes to the appearance of warnings help users pay attention to and adhere to warnings 20 percent more of the time.
-
-
Hacker accused of aiding Russian spies in massive breach gets prison
A Kazakh-born computer hacker who U.S. prosecutors say unwittingly worked with a Russian spy agency in a massive Yahoo data breach has been sentenced to five years in prison. Karim Baratov was named in an indictment last year that charged two Russian spies with orchestrating the 2014 Yahoo breach involving 500 million users — one of the largest breaches at any Internet company.
-
-
Russia asks Apple to help it enforce ban on Telegram
Russia’s communications regulator says it has asked U.S. technology giant Apple to help it block the popular messaging service Telegram in Russia. The regulator sent a letter to Apple asking it to block push notifications for Telegram users in Russia, ensuring that Apple phone and tablet users do not receive alerts about new messages and rendering the application less useful.
-
-
Internet of Things: when objects threaten national security
We all know personal devices can be hacked, but a whole country’s security could be at risk too. With the rise of the so-called Internet of Things (IoT), and against the backdrop of cyberwarfare, digital surveillance and digital subversion, the risk to national security is increasing. Earlier this year the head of the UK National Cyber Security Centre publicly stated that a major cyber-attack on the country’s essential services was a question of “when, not if.”
-
-
Cyber and international law in the 21st century
“Cyber space is not – and must never be – a lawless world. It is the U.K.’s view that when states and individuals engage in hostile cyber operations, they are governed by law just like activities in any other domain,” said the U.K. Attorney General Jeremy Wright, QC MP, on 23 May 2018, setting out, for the first time, the U.K.’s position on applying international law to cyberspace. “What this means is that hostile actors cannot take action by cyber means without consequence, both in peacetime and in times of conflict. States that are targeted by hostile cyber operations have the right to respond to those operations in accordance with the options lawfully available to them and that in this as in all things, all states are equal before the law.”
-
-
Failing to keep pace: The cyber threat and its implications for our privacy laws
“The time has come — indeed, if it has not already passed — to think seriously about some fundamental questions with respect to our reliance on cyber technologies: How much connected technology do we really want in our daily lives? Do we want the adoption of new connected technologies to be driven purely by innovation and market forces, or should we impose some regulatory constraints?” asked NSA General Counsel Glenn Gerstell in a Wednesday presentation at Georgetown University. “Although we continue to forge ahead in the development of new connected technologies, it is clear that the legal framework underpinning those technologies has not kept pace. Despite our reliance on the internet and connected technologies, we simply haven’t confronted, as a U.S. society, what it means to have privacy in a digital age.”
-
-
Russia’s active measures architecture: Task and purpose
Russia’s latest iteration of the Soviet-era tactic of “active measures” has mesmerized Western audiences and become the topic de jour for national security analysts. In my last post, I focused on the Kremlin’s campaign to influence the U.S. elections from 2014 to 2016 through the integration of offensive cyber hacking, overt propaganda, and covert social media personas In this post, I focus on the elements of Russia’s national power that execute active measures abroad.
-
-
U.S. disrupted major Russian cyberattack, possibly on Ukraine
The U.S. Justice Department has seized an Internet domain controlled by a hacking group tied to Russian military intelligence that was planning a major cyberattack, possibly in Ukraine. The U.S. move late on 23 May was aimed at breaking up what the department said was a dangerous botnet of a half-million infected computer network routers that could have allowed the hackers to take control of computers and stage destructive attacks, as well as steal valuable information.
-
-
Moral rhetoric in social media posts tied to protests becoming violent
Moral rhetoric on Twitter may signal whether a protest will turn violent. Researchers also found that people are more likely to endorse violence when they moralize the issue that they are protesting — that is, when they see it as an issue of right and wrong. That holds true when they believe that others in their social network moralize the issue, too.
-
-
FBI: The number of unhackable devices lower than that reported to Congress
The FBI has been telling lawmakers that it was facing a serious problem in accessing the encrypted devices seized from criminals and terrorists. For months, the Bureau has claimed that encryption prevented the bureau from legally searching the contents of nearly 7,800 devices in 2017, but on Monday the Washington Post reported that the actual number is far lower due to “programming errors” by the FBI.
-
-
Russia’s corruption, influence “a matter of national security”: U.K. Parliamentary panel
“Dirty” Russian money is undermining Britain’s efforts to stand up to the Kremlin and supports President Vladimir Putin’s campaign “to subvert the international rules-based system,” a British parliamentary report says. “The scale of damage that this ‘dirty money’ can do to U.K. foreign-policy interests dwarfs the benefit of Russian transactions in the City,” Foreign Affairs Committee Chairman Tom Tugendhat said today (21 May) ahead of the release of the report. “Over the years, Moscow has turned from being a corrupt state to an exporter of instability. Russian corruption and influence has become a matter of national security,” he added.
-
-
Read this before you invest in cryptocurrency
We’ve all heard the headline stories about cryptocurrencies – they’re millionaire-makers and dream-destroyers. They’re part of a decentralized market that supports criminal activity, yada yada yada. But how do you separate facts from fiction? Here are six cryptocurrency myths you need to get on top of.
-
-
Students win Alabama hackathon with cryptocurrency prototype app
Two University of Arkansas at Little Rock students are looking to make a name for themselves in the world of hackathons. The two won the hackathon for their project, Tweety Wallet, a multicurrency cryptocoin wallet which can hold any type of cryptocurrency, but which is configured for Bitcoin, Zcash, Ethereum, and Litecoin.
-
-
The top three trends we miss when discussing Russian ads
Last week, the Democrats of the House Intelligence Committee released the trove of over 3,500 Facebook ads purchased by the St. Petersburg-based Internet Research Agency (IRA) from 2015 to 2017. For the most part, the release confirms what we already knew: Accounts based in Russia exploited America’s societal fissures to sow chaos in the United States in order to weaken our democratic structures, force us to turn inward, and thereby increase Russia’s standing in the world. But taken holistically, three trends emerge that are not evident when only highlighting the most divisive content.
-
-
What's trending in fake news?
Researchers have launched upgrades to two tools playing a major role in countering the spread of misinformation online. The improvements to Hoaxy and Botometer aim to address concerns about the spread of misinformation and to build trust in quality journalism. A third tool — which goes by the name Fakey — is an educational game designed to make people smarter news consumers, was also launched with the upgrades.
-
More headlines
The long view
States Rush to Combat AI Threat to Elections
By Zachary Roth
This year’s presidential election will be the first since generative AI became widely available. That’s raising fears that millions of voters could be deceived by a barrage of political deepfakes. Congress has done little to address the issue, but states are moving aggressively to respond — though questions remain about how effective any new measures to combat AI-created disinformation will be.
Ransomware Attacks: Death Threats, Endangered Patients and Millions of Dollars in Damages
By Dino Jahic
A ransomware attack on Change Healthcare, a company that processes 15 billion health care transactions annually and deals with 1 in 3 patient records in the United States, is continuing to cause massive disruptions nearly three weeks later. The incident, which started on February 21, has been called the “most significant cyberattack on the U.S. health care system” by the American Hospital Association. It is just the latest example of an increasing trend.
Chinese Government Hackers Targeted Critics of China, U.S. Businesses and Politicians
An indictment was unsealed Monday charging seven nationals of the People’s Republic of China (PRC) with conspiracy to commit computer intrusions and conspiracy to commit wire fraud for their involvement in a PRC-based hacking group that spent approximately 14 years targeting U.S. and foreign critics, businesses, and political officials in furtherance of the PRC’s economic espionage and foreign intelligence objectives.
Autonomous Vehicle Technology Vulnerable to Road Object Spoofing and Vanishing Attacks
Researchers have demonstrated the potentially hazardous vulnerabilities associated with the technology called LiDAR, or Light Detection and Ranging, many autonomous vehicles use to navigate streets, roads and highways. The researchers have shown how to use lasers to fool LiDAR into “seeing” objects that are not present and missing those that are – deficiencies that can cause unwarranted and unsafe braking or collisions.
Tantalizing Method to Study Cyberdeterrence
By Trina West
Tantalus is unlike most war games because it is experimental instead of experiential — the immersive game differs by overlapping scientific rigor and quantitative assessment methods with the experimental sciences, and experimental war gaming provides insightful data for real-world cyberattacks.