• New mobile banking Trojans

    In mid-July 2017, Kaspersky Lab researchers found a new modification of the well-known mobile banking malware family Svpeng – Trojan-Banker.AndroidOS.Svpeng.ae. In this modification, the cybercriminals have added new functionality: it now also works as a keylogger, stealing entered text through the use of accessibility services. Attack data suggests this Trojan is not yet widely deployed.

  • Protecting the power grid from low-budget attacks

    Cyberattacks against power grids and other critical infrastructure systems have long been considered a threat limited to nation-states due to the sophistication and resources necessary to mount them. Last week, at the Black Hat USA 2017 conference in Las Vegas, a team of researchers challenged that notion by disclosing vulnerabilities in a component that combined with publicly available information provide sufficient information to model an advanced, persistent threat to the electrical grid.

  • George Mason’s new Center of Excellence for Criminal Investigations and Network Analysis

    DHS S&T has selected George Mason University in Fairfax, Virginia to lead a consortium of U.S. academic institutions and other partners for a new Center of Excellence (COE) in Criminal Investigations and Network Analysis (CINA). The Center’s research will focus on criminal network analysis, dynamic patterns of criminal activity, forensics, and criminal investigative processes.

  • ISIS and climate change leading security threats: Global survey

    People around the globe identify ISIS and climate change as the leading threats to national security, according to a new Pew Research Center report based on a survey of thirty-eight countries. The survey asked about eight possible threats: ISIS, global climate change, cyberattacks, the condition of the global economy, the large number of refugees leaving Iraq and Syria, and the power and influence of the United States, Russia, and China. While the level and focus of concern varies by region and country, ISIS and climate change clearly emerge as the most frequently cited security risks across the thirty-eight countries polled.

  • Europol’s No More Ransom initiative celebrates its first year

    Ransomware has soared since 2012, with criminals attracted by the promise of profit and ease of implementation. The total number of users who encountered ransomware between April 2016 and March 2017 rose by 11.4 percent compared to the previous twelve months, from 2,315,931 to 2,581,026 users around the world. A year ago, Europol and partners the No More Ransom initiative, which now has 109 partners, including government agencies and private organizations and companies.

  • Refusal to accept reality of Russian hacking hobbles U.S. cyber defense efforts: Experts

    The evidence of a broad, systemic effort by Russian government hackers and disinformation specialists – on instructions from President Vladimir Putin — to undermine the U.S. electoral process and ensure a Trump victory in November 2016 is incontrovertible, and it is mounting. The evidence has not persuaded President Donald Trump, however. He cites Putin’s denial of the Russian cyber effort as a reason why he – Trump — does not trust the unanimous conclusions of the U.S. intelligence community. Cyber experts say that Trump’s refusal to accept the reality of the 2016 Russian government hacking and disinformation campaign is creating a dangerous policy vacuum. This vacuum, the security experts fear, is only encouraging more cyber warfare.

  • Applied cybersecurity research for better protection of critical national infrastructure sectors

    DHS S&T awarded a five-year Other Transaction Agreement (OTA), with a maximum value of $70 million, to Arlington, Virginia-based Cyber Apex Solutions, LLC, to facilitate applied research of prototype cyberdefenses for critical national infrastructure sectors.

  • U.S. weapons main source of trade in illegal arms on the Dark Web

    New report, based on first-ever study, looks at the size and scope of the illegal arms trade on the dark web. European purchases of weapons on the dark web generate estimated revenues five times higher than the U.S. purchases. The dark web’s potential to anonymously arm criminals and terrorists, as well as vulnerable and fixated individuals, is “the most dangerous aspect.”

  • “Stalking software”: Surveillance made simpler

    The controversial Snap Map app enables Snapchat users to track their friends. The app makes it possible for users to monitor their friends’ movements, and determine – in real time – exactly where their posts are coming from (down to the address). Many social media users expressed their indignation, referring to the app as “stalking software.” This is the latest in a series of monitoring tools to be built on social media platforms. A new study assesses the benefits and risks associated with their use.

  • The real costs of cheap surveillance

    Surveillance used to be expensive. Even just a few years ago, tailing a person’s movements around the clock required rotating shifts of personnel devoted full-time to the task. Not any more, though. Governments can track the movements of massive numbers of people by positioning cameras to read license plates, or by setting up facial recognition systems. Private companies’ tracking of our lives has also become easy and cheap too. Advertising network systems let data brokers track nearly every page you visit on the web, and associate it with an individual profile. It is worth thinking about all of this more deeply. U.S. firms – unless they’re managed or regulated in socially beneficial ways – have both the incentive and the opportunity to use information about us in undesirable ways. We need to talk about the government’s enacting rules constraining that activity. After all, leaving those decisions to the people who make money selling our data is unlikely to result in our getting the rules we want.

  • New questions in Russia probe

    “It has become clear that the Russian intention was to attempt to enter into a collaborative or cooperative relationship with the Trump campaign in order to sabotage Hillary Clinton’s campaign to their mutual benefit,” a former CIA official says. “To that end, the Russian government employed hacking activity to collect information and then embarked on an ambitious intelligence operation to leak that information to Trump’s advantage and to Clinton’s detriment. The question that remains, and is most important to answer, is did the Trump campaign willfully accept this assistance from the Russian government and enter into a conspiracy to benefit the campaign?” the former official said. “I would say it’s the most consequential Russian intelligence operation in my lifetime in terms of the attempted scope of their intention to penetrate our domestic politics and influence an American election. I can’t recall a precedent where they were that ambitious and that aggressive in pursuing that kind of goal. It’s hard to imagine that they would have done so with a completely unwilling partner.”

  • Petya variant hobbles European businesses

    In the wake of May’s WannaCry attack, which affected more than 230,000 computers in over 150 countries, a fast-moving malware malware outbreak was reported 27 June at targets in Spain, France, Ukraine, Russia, and other countries. The attack infected large banks, law firms, shipping companies, and even the Chernobyl nuclear facility in the Ukraine. The new malware is thought to be a variant of Petya, a wiper malware designed to destroy systems and data with no hope of recovery.

  • Cybercrime fighting tool moves from government to private sector

    Some Department of Energy facilities experience thousands of attempted cyberattacks every day. But the FLOWER software app, developed and patented by DOE’s Pacific Northwest National Laboratory, has been used by other tools and cyber analysts to detect, deter, and mitigate coordinated attacks.

  • The Russian government’s disinformation campaign failed to influence the French election. Why?

    A few days before the presidential election in France this year, Russian government hackers leaked documents purported to contain unverified information which was damaging to Emmanuel Macron’s campaign. Nonetheless, Macron won the French presidency by a wide margin over Marie Le Pen. The Russian government’s hacking and disinformation campaign had limited effect on French voters. Why? One answer: Most of the Russian government’s disinformation was consumed and distributed by alt-right Americans – and more than half of it was in English, not French.

  • “Social media triangulation” to help emergency responders

    During emergency situations like severe weather or terrorist attacks, local officials and first responders have an urgent need for accessible, reliable and real-time data. Researchers are working to address this need by introducing a new method for identifying local social media users and collecting the information they post during emergencies.