• Putin: “Patriotic,” “private” Russian hackers may have interfered in 2016 U.S. election

    In a surprising shift, President Vladimir Putin for the first time admitted publicly that Russian hackers may have meddled in the 2016 U.S. elections. He said, however, that the hackers were not Russian government employees but rather “patriotically minded” private Russians. The U.S. intelligence community, and Western intelligence services more generally, have collected voluminous, and incontrovertible, evidence, based on both signal and human intelligence, that hackers and disinformation specialists working for the GRU and the FSB – Russia’s military and domestic intelligence services, respectively – have launched a broad disinformation and hacking campaign last year in order to influence the 2016 presidential election. The Russian leader seemed aware of the possibility that more information about the Russian government’ role in the hacking and disinformation campaign may be revealed, and was trying to get ahead of such disclosures by saying that digital technology can be manipulated.

  • Bug-bounty program to strengthen DHS cyber defenses

    Congress is considering a bill would establish a bug bounty pilot program – modeled off of similar programs at the Department of Defense and major tech companies – in order to strengthen cyber defenses at DHS by utilizing “white-hat” or ethical hackers to help identify unique and undiscovered vulnerabilities in the DHS networks and data systems.

  • Bolstering the security of inter-domain routing

    Since the creation of the internet, the Border Gateway Protocol (BGP) has been the default routing protocol to route traffic among organizations (Internet Service Providers [ISPs] and Autonomous Systems [ASes])). While the BGP protocol performs adequately in identifying viable paths that reflect local routing policies and preferences to destinations, the lack of built-in security allows the protocol to be exploited. To improve the security of inter-domain routing traffic exchange, NIST has begun development of a Special Publication (SP 800-189 – in preparation) that provides security recommendations for the use of Inter-domain protocols and routing technologies.

  • Judy malware may be the largest malware campaign found on Google Play: Check Point

    Check Point researchers last week discovered a widespread malware campaign on Google Play, Google’s official app store. Check Point says that the malware, dubbed “Judy,” is an auto-clicking adware which was found on forty-one apps developed by a Korean company. The malicious apps reached an astonishing spread between 4.5 million and 18.5 million downloads.

  • Using Bitcoin to prevent identity theft

    A reaction to the 2008 financial crisis, Bitcoin is a digital-currency scheme designed to wrest control of the monetary system from central banks. With Bitcoin, anyone can mint money, provided he or she can complete a complex computation quickly enough. Through a set of clever protocols, that computational hurdle prevents the system from being coopted by malicious hackers. Researchers from MIT’s Computer Science and Artificial Intelligence Laboratory presented a new system that uses Bitcoin’s security machinery to defend against online identity theft. The system piggybacks on the digital currency’s security protocols to thwart hijacked servers.

  • Florida GOP operative asked for – and received -- Russian hackers’ help in congressional race

    The Wall Street Journal reports today that the Russian government hackers’ effort to upend the 2016 presidential election was not limited to stealing Democratic National Committee (DNC) and Clinton campaign emails and memos and then using Wikileaks to publish them in order to embarrass and weaken Hillary Clinton. Aaron Nevins, a Republican operative in Florida, now admits that he colluded with Russian government hackers in order to help the candidate he supported win a congressional race. When the Journal asked Nevins whether it was right to collaborate with the Russian government to undermine a congressional race in the United States, he responded: “If your interests align,” he said, “never shut any doors in politics.”

  • Network traffic offers early indication of malware infection

    By analyzing network traffic going to suspicious domains, security administrators could detect malware infections weeks or even months before they’re able to capture a sample of the invading malware, a new study suggests. The findings point toward the need for new malware-independent detection strategies that will give network defenders the ability to identify network security breaches in a more timely manner.

  • Combination of features creates new android vulnerability

    A new vulnerability affecting Android mobile devices results not from a traditional bug, but from the malicious combination of two legitimate permissions that power desirable and commonly-used features in popular apps. The combination could result in a new class of attacks, which has been dubbed “Cloak and Dagger.”

  • Russia may have rigged Brexit vote – and U.K.’s 8 June general election could be next: Experts

    A report handed to the British Parliament’s Intelligence and Security Select Committee suggests that Russian secret funds and disinformation campaign may have swayed the EU referendum vote in favor of Brexit. Ahead of the 8 June parliamentary election, GCHQ [Government Communications Headquarters – the U.K. equivalent of the U.S. NSA] has warned leaders of Britain’s political parties of the threat Russian government hacking was posing to British democracy – while Russian interference with Brexit is also on the radar of the Electoral Commission, which is worried about the transparency of money donated to political parties and campaigns.

  • New funding enables work on Internet policy and cybersecurity for key infrastructure

    MIT’s cross-disciplinary Internet Policy Research Initiative (IPRI) announced that it has awarded $1.5 million to a select group of principal investigators for early-stage Internet policy and cybersecurity research projects. “Understanding the nuance of cybersecurity risk in our critical infrastructure will help policymakers assure that the proper incentives are in place to reduce the threat of catastrophic attacks,” says IPRI founding director Daniel Weitzner.

  • Experts expect a surge in ransomware attacks this week – this time without a “kill switch”

    A second version of the disruptive WannaCry ransomware – a version which does not contain the “kill switch” used by a young security analyst to shut down many of last week’s cyberattacks – is set to be released by the same group of hackers. There are fears that Monday could see a surge in the number of computers taken over by the devastating WannaCry ransomware hack. Rob Wainwright, head of the European Union police agency, Europol, warned anyone who thought the problem was going away was mistaken. “At the moment, we are in the face of an escalating threat. The numbers are going up, I am worried about how the numbers will continue to grow when people go to work and turn (on) their machines on Monday morning,” he said.

  • NHS ransomware cyber-attack was preventable

    In a matter of hours, the NHS was effectively placed on lockdown with computer systems being held ransom and further machines powered down to prevent the spread of malware. Critical patient information has been inaccessible and several hospitals urged people to avoid accident and emergency departments, except in cases of real emergencies. But it is not just British infrastructure that has been affected by the ransomware. A total of 99 countries have suffered from this attack so far. Modern anti-virus software and up-to-date operating systems can only do so much. It is therefore vital to invest more in cyber-security training for all staff working with sensitive information. This attack proves that the UK’s cybers-security policy needs further work.

  • Educating, strengthening the cybersecurity workforce

    As Americans become more dependent on modern technology, the demand to protect the nation’s digital infrastructure will continue to grow. CSU, designated as Centers of Academic Excellence in Information Assurance by the NSA and DHS, says that in an effort to produce career-ready cybersecurity professionals and to combat cybercrime nationwide, the California State University is creating educational opportunities for students and faculty members.

  • U.K. hospitals, clinics hit by large-scale ransomware cyberattack

    The NHS has confirmed that hospitals across England have been hit by a large-scale cyberattack. The attack has locked staff out of their computers and forced emergency patients to be diverted to hospitals not hit by the attack. The IT systems of NHS facilities across England have been hit simultaneously – and the screens of computers connected to the networks under attack showed a pop-up message demanding a ransom in exchange for allowing staff access to the PCs.

  • DHS S&T’s Transition to Practice program unveils 2017 cohort

    Eight new cybersecurity technologies developed by researchers at federally funded laboratories and academic research centers are ready for the commercial market. DHS S&T’s Transition to Practice (TTP) program will showcase its 2017 cohort 16 May in Washington. D.C.