• Russia used Facebook events to organize anti-immigrant rallies on U.S. soil

    Shaping the minds of Americans by leaking hacked emails and pushing fake news was just one component of the Russian campaign to subvert American democracy and institutions. Russian government agents went a step further by trying to create behavior change. Hiding behind false identities, these Russian government operatives used Facebook’s event-management tool remotely to organize and promote political protests in the United States.

  • Western energy sector target of sophisticated attack by Russian-linked group Dragonfly

    The energy sector in Europe and North America is being targeted by a new wave of cyberattacks that could provide attackers with the means to severely disrupt affected operations. The group behind these attacks is known as Dragonfly. The group has been in operation since at least 2011 but has re-emerged over the past two years from a quiet period following exposure by Symantec and a number of other researchers in 2014. This “Dragonfly 2.0” campaign, which appears to have begun in late 2015, shares tactics and tools used in earlier campaigns by the group.

  • Equifax breach will haunt Americans for decades

    Cyberexperts say that the Equifax giant cybersecurity breach which compromised the personal information of as many as 143 million Americans — almost half the country – will have long-term consequences for many Americans. Looking ahead, for decades almost 50 percent of the U.S. population will have trouble applying for home loans, credit cards, cell phones, or simply passing background checks.

  • S&T awards $8.6 million for enhancing security of mobile apps for the government

    DHS S&T has awarded funding to five R&D projects that will enhance the secure use of mobile applications for the federal government. These Mobile Application Security (MAS) R&D projects focus on continuous validation and threat protection for mobile apps and integrating security throughout the mobile app lifecycle.

  • Russia’s fake Americans

    It is commonly believed that Russia’s interference in the 2016 presidential campaign consisted mainly of the hacking and leaking of Democratic emails and unfavorable stories circulated abroad about Hillary Clinton. A startling new report by the New York Times, and new research by the cybersecurity firm FireEye, now reveal that the Kremlin’s stealth intrusion into the election was far broader and more complex, involving a cyber-army of bloggers posing as Americans and spreading propaganda and disinformation to an American electorate on Facebook, Twitter, and other platforms. The Russian social media scheming is further evidence of what amounted to unprecedented foreign invasion of American democracy. If President Trump and Congress are not outraged by this, American voters should ask why.

  • Russia’s broad cyber campaign to undermine Western democracies

    Russia was successful in its disinformation and hacking campaign to help Donald Trump win the November 2016 U.S. presidential election, but the Alliance for Securing Democracy notes that the Russian subversion of the U.S. electoral process was only one of many such attempts, and that it offers an example for the challenges global democracy faces. Russia has interfered in the affairs of at least twenty-seven European and North American countries since 2004, using cyberattacks and disinformation campaigns to subvert and undermine the political systems of these countries.

  • Gregory Falco: Protecting urban infrastructure against cyberterrorism

    While working for the global management consulting company Accenture, Gregory Falco discovered just how vulnerable the technologies underlying smart cities and the “internet of things” — everyday devices that are connected to the internet or a network — are to cyberterrorism attacks. His focus is on cybersecurity for urban critical infrastructure, and the internet of things, or IoT, is at the center of his work. A washing machine, for example, that is connected to an app on its owner’s smartphone is considered part of the IoT. There are billions of IoT devices that don’t have traditional security software because they’re built with small amounts of memory and low-power processors. This makes these devices susceptible to cyberattacks and may provide a gate for hackers to breach other devices on the same network.

  • What is the online equivalent of a burning cross?

    White supremacy is woven into the tapestry of American culture, online and off. Addressing white supremacy is going to take much more than toppling a handful of Robert E. Lee statues or shutting down a few white nationalist websites, as technology companies have started to do. We must wrestle with what freedom of speech really means, and what types of speech go too far, and what kinds of limitations on speech we can endorse. In 2003, the Supreme Court ruled, in Virginia v. Black, that “cross burning done with the intent to intimidate has a long and pernicious history as a signal of impending violence.” In other words, there’s no First Amendment protection because a burning cross is meant to intimidate, not start a dialogue. But what constitutes a burning cross in the digital era?

  • A first: High-dimensional quantum encryption demonstrated

    For the first time, researchers have sent a quantum-secured message containing more than one bit of information per photon through the air above a city. The demonstration showed that it could one day be practical to use high-capacity, free-space quantum communication to create a highly secure link between ground-based networks and satellites, a requirement for creating a global quantum encryption network.

  • Managing extreme speech on social media

    Extreme speech on social media—foul language, threats and overtly sexist and racist language—has been in the spotlight. While such language is not new, recent increases of extreme and offensive posts on social media have led to politicians, celebrities and pundits calling for social media platforms to do more in curbing such speech, opening new debates about free speech in the digital age. A new study shows that while people tend to dislike extreme speech on social media, there is less support for outright censorship. Instead, people believe sites need to do a better job promoting healthy discourse online.

  • U.S. government’s cybersecurity readiness lagging compared to almost every other industry

    SecurityScorecard the other day released its annual U.S. State and Federal Government Cybersecurity Report. The study paints a grim picture of the overall cyber health of the U.S. government entities. In the midst of investigations into a potential 2016 election hacking, regular major malware events, and an overall increase in the number of sophisticated cyberattacks, the report highlights that the government sector is lagging compared to almost every other industry. The state of U.S. government cyber health places mission-critical services and infrastructure at risk.

  • Google’s assault on privacy: a reminder

    On its best day, with every ounce of technology the U.S. government could muster, it could not know a fraction as much about any of us as Google does now” (Shelly Palmer, technology analyst).

  • Islamic State’s Twitter network is decimated, but other extremists face much less disruption

    The use of social media by a diversity of violent extremists and terrorists and their supporters has been a matter of concern for law enforcement and politicians for some time. While it appears that Twitter is now severely disrupting pro-IS accounts on its platform, our research found that other jihadists were not subject to the same levels of take down. The migration of the pro-IS social media community from Twitter to the messaging service Telegram particularly bears watching. Telegram currently has a lower profile than Twitter with a smaller user base and higher barriers to entry, with users required to provide a mobile phone number to create an account. While this means that fewer people are being exposed to IS’s online content via Telegram, and are thereby in a position to be radicalized by it, it may mean that Telegram’s pro-IS community is more committed and therefore poses a greater security risk than its Twitter variant.

  • U.S. needs stronger response to Russian interference in presidential election: Expert

    One of the greatest threats to the United States, Alexander Hamilton said in Federalist Paper #68, was “the desire in foreign powers to gain an improper ascendant in our councils” — “by raising a creature of their own to the chief magistracy of the Union.” John Cohen, former principal deputy undersecretary for intelligence and analysis at DHS, says that Russia’s meddling in the 2016 presidential election shows how prescient Hamilton was. “During my entire career in homeland security, counter-intelligence and law enforcement, I have not seen a greater existential threat to America’s sovereignty and national security,” he says. “That so many political partisans appear so willing to overlook this threat is alarming – and reflects the national division that may have been one of the goals of the Russian campaign.”

  • How online hate infiltrates social media and politics

    In late February, an anti-Semitic website known as the Daily Stormer — which receives more than 2.8 million monthly visitors — announced, “Jews Destroy Another One of Their Own Graveyards to Blame Trump.” The story was inspired by the recent desecration of a Jewish cemetery in Philadelphia. To whom, and how many, this example of conspiracy mongering may travel is, in part, the story of “fake news,” the phenomenon in which biased propaganda is disseminated as if it were objective journalism in an attempt to corrupt public opinion. Looking at the most-visited websites of what were once diminished movements – white supremacists, xenophobic militants, and Holocaust deniers, to name a few – reveals a much-revitalized online culture. When he was asked about the Philadelphia vandalism, President Trump told the Pennsylvania attorney general the incident was “reprehensible.” But he then went on to speculate that it might have been committed “to make others look bad.” That feeds the very doubt that extremist groups thrive on. And the cycle continues.