• Ten legislative proposals to defend America against foreign influence operations

    More than a year after Russia’s broad hacking and disinformation campaign of interference in the 2016 presidential election, and with midterm elections looming on the horizon, Congress and the Trump administration have not taken any clear action to increase U.S. defenses against the foreign interference threat. There are important steps we can, and must, take to defend our institutions against adversaries who seek to undermine them. Many of Russia’s tactics have exploited vulnerabilities in our societies and technologies, and loopholes in our laws. Some of the steps necessary to defend ourselves will involve long-term work, others will require clear action by the Executive Branch to ensure Americans are united against the threat we face, and steps to both deter and raise the costs on such actions.

  • Accelerating detection of zero-day vulnerabilities

    Today, commercial off-the-shelf (COTS), government off-the-shelf (GOTS), and free and open-source (FOSS) software support nearly all aspects of DoD, military, and commercial operations. Securing this diverse technology base requires highly skilled hackers who reason about the functionality of software and identify novel vulnerabilities. To address the challenges facing our abilities to scale and accelerate vulnerability detection, DARPA last week announced the Computers and Humans Exploring Software Security (CHESS) program.

  • New strategies for countering Russian social media influence in Eastern Europe

    Russia is waging a social media campaign in the Baltics, Ukraine, and nearby states to sow dissent against neighboring governments, as well as NATO and the European Union. “Nowhere is this threat more tangible than in Ukraine, which has been an active propaganda battleground since the 2014 Ukrainian revolution,” said the lead author of a new RAND report. “Other countries in the region look at Russia’s actions and annexation of Crimea and recognize the need to pay careful attention to Russia’s propaganda campaign.”

  • It’s not just Facebook: Countering Russia’s social media offensive

    Russian influence operations exploit the vulnerabilities of social media platforms to disseminate false narratives and amplify divisive content in order to undermine democracies, divide societies, and weaken Western alliances. In conducting these operations, the Kremlin employs a variety of tools across the social media space, including fake accounts/personas, political advertisements, bot networks, and traditional propaganda outlets. Additionally, Russian influence operations utilize a range of social media platforms, each with a different role, to distract public discussion, foment social unrest, and muddle the truth.

  • Algorithm identifies fake users on many social networks

    Researchers have developed a new generic method to detect fake accounts on most types of social networks, including Facebook and Twitter. The new method is based on the assumption that fake accounts tend to establish improbable links to other users in the networks.

  • Hackers can steal data via power lines

    Researchers have shown once again that air-gapped PCs are not safe from a determined and patient attacker. The researchers have already devised several techniques to extract data from isolated or air-gapped computers that store highly sensitive data.

  • Broad action required to combat disinformation on social media: Experts

    The business model of American social media allows foreign adversaries to exploit our open society by spreading disinformation and amplifying disagreements, turning citizens against one another, speakers said at a Princeton University forum. Gen. Michael V. Hayden, former director of the Central Intelligence Agency and National Security Agency, said that taken as a whole, the cyberattacks during the 2016 presidential election have a lot in common with 9/11 — an attack from an unexpected direction, exploiting a previously unknown weakness. The nation rallied in response to the 2001 attacks in large part because President George W. Bush set the tone, he said. “We gotta go extraordinary,” Hayden said about the cyberattacks. “We as a nation don’t go extraordinary unless the president says ‘do it’,” and so far, that hasn’t happened, Hayden said.

  • Developing secure mobile apps

    Mobile devices such as smartphones and tablets and the applications (apps) we load onto them have become indispensable to our daily lives—both personal and professional. However, mobile apps are susceptible to malware, ransomware, spyware, coding flaws and other attacks that could compromise personal data stored on the device. Apps also can be used to gain access to sensitive enterprise resources.

     

  • Women in cybersecurity are making a difference

    Women in the cybersecurity industry may not make an impact in terms of numbers, but their work speaks for itself. Shimrit Tzur-David, Ph.D., is the co-founder and chief technology officer of Secret Double Octopus, a cybersecurity company which uses secret sharing, which is used to protect nuclear codes, to enable companies to do away with passwords all together. She was recently interviewed by Information Age.

  • Webhose takes aim at the Dark Web

    Fans of the popular TV show “Mr. Robot,” which dives deep into the world of shady hackers and the Dark Web that lurks beyond its better-known counterpart, take note: An Israeli startup is serving notice that the hidden is now visible and even your bitcoins won’t shield you from the long arm of the law.

  • Activists cry foul as Russian court orders Telegram app blocked

    A Moscow court has issued an order to block access to Telegram, ruling in favor of the state and against the defiant self-exiled Russian entrepreneur who created the popular messaging app. The 13 April ruling was expected, but is certain to deepen concerns that the government is seeking to close avenues for dissent as President Vladimir Putin heads into a new six-year term. Amnesty International warned that blocking Telegram would be “the latest in a series of attacks on online freedom of expression” in Russia.

  • Fake news and subversion: Waging war without firing a single shot

    Propaganda by way of “fake news” is one way a nation can wage war without firing a single shot. Another is through tactics of subversion and coercion, in which a country intentionally keeps neighboring countries weak in order to advance its own foreign policy interests. “Think of this as a replacement for direct force and warfare of another kind. Countries can advance their own interests without using direct force or taking over territory,” says a researcher.

  • Russian court to hear request to block Telegram

    A Russian court says it will begin considering this week a request by state media regulator Roskomnadzor to block the messaging app Telegram. Roskomnadzor has asked the court to block Telegram following the company’s refusal to give the Federal Security Service (FSB) access to users’ messaging data.

  • DHS S&T to demonstrate cyber technologies at RSA

    DHS S&T will exhibit and demonstrate thirteen mature cybersecurity technology solutions that are ready for pilot deployment and commercialization at the RSA 2018 cybersecurity conference, 16-19 April, in San Francisco.

  • Now that Russia has apparently hacked America’s grid, shoring up security is more important than ever

    Hackers taking down the U.S. electricity grid may sound like a plot ripped from a Bruce Willis action movie, but the Department of Homeland Security and the FBI recently disclosed that Russia has infiltrated “critical infrastructure” like American power plants, water facilities and gas pipelines. There is no time to waste in shoring up the grid’s security. Yet getting that done is not easy, as I’ve learned through my research regarding efforts in to stave off outages in hurricane-prone Florida.