-
Basic password guidance can dramatically improve account security
Technology users should be offered more detailed support and guidance when creating account passwords in order to make them more secure and harder to crack, a new study suggests. found those who receive basic guidance including password meters were up to 40 percent more likely to make their choices secure. However, those given feedback such as how likely it was that hackers could guess their passwords – and therefore access private information held in their accounts – were up to 10 times more likely to change their original choice to something more secure.
-
-
Putin’s fear of democracy; Fancy Bear targets diplomats; Facebook weak filters, and more
· What scares Vladimir Putin the most? It’s still democracy.
· Trump has done nothing to stop Russia from meddling in the 2018 midterms
· Report: Russia probed at least 7 states’ voter systems before the 2016 election
· Follow the Russian natural gas
· State Department targeting Russia with anti-propaganda program
· Mueller asking if Trump knew about hacked Democratic emails before release
· Fancy Bear targeting North American, European diplomats
· Facebook’s ad confirmation process won’t stop the Russians
· Facebook’s ad confirmation process won’t stop the Russians
-
-
Trump has not ordered disruption of Russia election meddling: NSA chief Adm. Rogers
President Donald Trump has not ordered, authorized, or given the U.S. intelligence agencies additional powers to retaliate against Russian meddling and disinformation campaigns, and prevent Russia’s plans to meddle in the 2018 midterm election. Adm. Mike Rogers, director of the NSA and head of the U.S. Cyber Command, said that U.S. weak response to Russian meddling in the 2016 election, and to Russia’s on-going hacking and disinformation campaign, has persuaded Vladimir Putin that there was “little price to pay” for continuing interference in the U.S. political system. “Clearly, what we’ve done hasn’t been enough,” Rogers told members of the Senate Armed Services Committee. “They have not paid a price that is sufficient to change their behavior.”
-
-
Exploring solutions for the problem of "fake news"
A new report, titled “Dead Reckoning: Navigating Content Moderation after ‘Fake News’,” analyzes nascent solutions recently proposed by platform corporations, governments, news media industry coalitions, and civil society organizations to the problem of identifying, handling, and mitigating fake news. The report then explores potential approaches to containing fake news including trust and verification, disrupting economic incentives, de-prioritizing content and banning accounts, as well as limited regulatory approaches.
-
-
New challenge for first responders: Fake News
First responders must find ways to address a new challenge: Not only do they have to deal with floods, storms, fires, earthquakes, active shooter events, and other natural and manmade crises – now they also have to find ways to deal with fake news. Social media may disseminate valuable and helpful information during disasters and extreme events – but it may also be used to spread fake news: disinformation and misinformation about the scope, nature, and sources, and location of a disaster or extreme incident. Such misinformation may not only confuse victims and potential victims, but also confuse and mislead first responders who rush to their rescue.
-
-
Hacker-resistant power plant software in a successful Hawaii tryout
Johns Hopkins computer security experts recently traveled to Hawaii to see how well their hacker-resistant software would operate within a working but currently offline Honolulu power plant. The successful resilience testing, funded by the U.S. Department of Defense, was triggered in part by growing concerns about the vulnerability of electric power grids after two high-profile cyber-attacks by Russian government hackers turned out the lights in parts of Ukraine during the past two years. Neither outage in Kiev was long or extensive enough to cause serious harm or panic. Yet the attacks served as a wake-up call, putting a spotlight on power grid security in the United States and elsewhere.
-
-
Global AI experts warn of malicious use of AI in the coming decade
Twenty-six experts on the security implications of emerging technologies have jointly authored an important new report, sounding the alarm about the potential malicious use of artificial intelligence (AI) by rogue states, criminals, and terrorists. Forecasting rapid growth in cyber-crime and the misuse of drones during the next decade – as well as an unprecedented rise in the use of “bots” to manipulate everything from elections to the news agenda and social media. the report calls for governments and corporations worldwide to address the clear and present danger inherent in the myriad applications of AI.
-
-
Deep Fakes: A looming crisis for national security, democracy and privacy?
Events in the last few years, such as Russia’s broad disinformation campaign to undermine Western democracies, including the American democratic system, have offered a compelling demonstration of truth decay: how false claims — even preposterous ones — can be disseminated with unprecedented effectiveness today thanks to a combination of social media ubiquitous presence and virality, cognitive biases, filter bubbles, and group polarization. Robert Chesney and Danielle Citron write in Lawfare that the resulting harms are significant for individuals, businesses, and democracy – but that the problem may soon take a significant turn for the worse thanks to deep fakes. They urge us to get used to hearing that phrase. “It refers to digital manipulation of sound, images, or video to impersonate someone or make it appear that a person did something—and to do so in a manner that is increasingly realistic, to the point that the unaided observer cannot detect the fake. Think of it as a destructive variation of the Turing test: imitation designed to mislead and deceive rather than to emulate and iterate.”
-
-
Financier of Russian troll farm supporting Trump funds anti-U.S. paramilitaries in Syria
Yevgeniy Prigozhin is a close ally of Vladimir Putin and the financial backer of the St. Petersburg-based troll farm known as the Internet Research Agency (IRA). The IRA has been at the center of the Kremlin’s disinformation campaign which was launched in 2014 to sow discord and deepen polarization and conflict in the United States (and other Western democracies) – and which, in 2016, changed focus to help Donald Trump win the Republican nomination and then the White House. According to U.S. intelligence, a Prigozhin-financed paramilitary group of Russian mercenaries attacked U.S. troops and their allies in Syria earlier this month. Prigozhin was in close touch with Putin and senior aides to Assad in the days and weeks before and after the assault.
-
-
Pentagon says U.S. was told no Russians involved in Syria attack
The Pentagon says U.S. military commanders were told by their Russian counterparts that there were no Russians in a paramilitary force whose attack on a base in eastern Syria earlier this month led to a massive counterstrike by U.S. forces. Up to a 100 Russians were killed in the attack, which was conducted by the Wagner Group, a paramilitary firm based in southern Russia and financed by Yevgeniy Prigozhin, a close Putin ally who owns the St. Petersburg troll farm Internet Research Agency. Senior U.S. intelligence officials told ABC News that Prigozhin’s connection to the Wagner Group is important, as his private military work offers more evidence that he is pursuing Vladimir Putin’s global ambitions while providing the Russian leader some deniability that the actions are officially sanctioned.
-
-
Corporations can benefit from altruism during a crisis
Altruism – and social media – can help corporations cultivate trust with consumers on mobile devices during and after natural disasters, such as hurricanes. “Companies that engage in corporate social responsibility efforts during and after a disaster can build strong relationships with consumers,” says one researcher. “This is particularly true if companies are communicating their efforts through social media aimed at mobile device users – but only if their efforts appear altruistic.”
-
-
National security officials' letter supporting bipartisan Secure Elections Act
A bipartisan groups of former national security officials and lawmakers sent a letter to all U.S. senators in support of the Secure Elections Act (S. 2261). The legislation, introduced by Senators James Lankford (R-OK), Amy Klobuchar (D-MN), Lindsey Graham (R-SC), Kamala Harris (D-CA), Susan Collins (R-ME), and Martin Heinrich (D-NM), would empower states to address rising cybersecurity risks to American elections without undermining their control over the administration of those elections.
-
-
Dem. leaders want $300 million for FBI, DHS to protect U.S. election from Russia
The Democratic leaders in the Senate and House on Wednesday sent a letter to Senate Majority Leader Mitch McConnell (R-Kentucky) and Speaker of the House Paul Ryan (R-Wisconsin), demanding that $300 million be given to the FBI and DHS so they can thwart more meddling by foreign powers. The letter urges state and local governments to bolster their defense against cyberattacks, including the replacement of outdated voter registration and voting systems, after the FBI and DHDS confirmed that Russian government operatives, in 2016, tried to attack these components of the U.S. election system in twenty-one states.
-
-
Election security a high priority — until it comes to paying for new voting machines
Local election administrators across the country face new problems and threats. But their budgets for new voting equipment remain inadequate. Analysis of voting machines found that over two-thirds of counties in America used machines for the 2016 election that are over a decade old. In most jurisdictions, the same equipment will be used in the 2018 election. In a recent nationwide survey by the Brennan Center for Justice, election officials in 33 states reported needing to replace their voting equipment by 2020. Officials complain the machines are difficult to maintain and susceptible to crashes and failure, problems that lead to long lines and other impediments in voting and, they fear, a sense among voters that the system itself is untrustworthy.
-
-
APT37 (Reaper): Overlooked North Korean cyber espionage unit
An increasingly sophisticated North Korean cyber-espionage unit is using its skills to widen spying operations to aerospace and defense industries, a new study has revealed. Cybersecurity firm FireEye has identified a North Korean group, which it names APT37 (Reaper) and which it says is using malware to infiltrate computer networks. FireEye’s report suggests the group has been active since 2012, but has now graduated to the level of an advanced persistent threat.
-
More headlines
The long view
States Rush to Combat AI Threat to Elections
This year’s presidential election will be the first since generative AI became widely available. That’s raising fears that millions of voters could be deceived by a barrage of political deepfakes. Congress has done little to address the issue, but states are moving aggressively to respond — though questions remain about how effective any new measures to combat AI-created disinformation will be.
Ransomware Attacks: Death Threats, Endangered Patients and Millions of Dollars in Damages
A ransomware attack on Change Healthcare, a company that processes 15 billion health care transactions annually and deals with 1 in 3 patient records in the United States, is continuing to cause massive disruptions nearly three weeks later. The incident, which started on February 21, has been called the “most significant cyberattack on the U.S. health care system” by the American Hospital Association. It is just the latest example of an increasing trend.
Chinese Government Hackers Targeted Critics of China, U.S. Businesses and Politicians
An indictment was unsealed Monday charging seven nationals of the People’s Republic of China (PRC) with conspiracy to commit computer intrusions and conspiracy to commit wire fraud for their involvement in a PRC-based hacking group that spent approximately 14 years targeting U.S. and foreign critics, businesses, and political officials in furtherance of the PRC’s economic espionage and foreign intelligence objectives.
Autonomous Vehicle Technology Vulnerable to Road Object Spoofing and Vanishing Attacks
Researchers have demonstrated the potentially hazardous vulnerabilities associated with the technology called LiDAR, or Light Detection and Ranging, many autonomous vehicles use to navigate streets, roads and highways. The researchers have shown how to use lasers to fool LiDAR into “seeing” objects that are not present and missing those that are – deficiencies that can cause unwarranted and unsafe braking or collisions.
Tantalizing Method to Study Cyberdeterrence
Tantalus is unlike most war games because it is experimental instead of experiential — the immersive game differs by overlapping scientific rigor and quantitative assessment methods with the experimental sciences, and experimental war gaming provides insightful data for real-world cyberattacks.