• FBI yet to ask for access to DNC servers

    It has been nearly a year after Russian government hackers began a systemic hacking campaign against the Democratic National Committee (DNC) in an effort to undermine Hillary Clinton’s presidential bid. It has been nearly six month since the same Russian government hackers hacked the Clinton campaign and stole e-mails and internal memos from campaign officials. It is now six months since the FBI said it was examining the DNC hacking, yet, the bureau is yet to examine the DNC servers. A DNC spokesperson said the bureau has not yet asked for access to the servers.

  • Attackers can make it impossible to dial 911

    It’s not often that any one of us needs to dial 911, but we know how important it is for it to work when one needs it. It is critical that 911 services always be available – both for the practicality of responding to emergencies, and to give people peace of mind. But a new type of attack has emerged that can knock out 911 access. These attacks can create extremely serious repercussions for public safety.

  • Hack-proofing RFID-equipped persona devices

    Radio-frequency identification (RFID) tags have become almost ubiquitous – look carefully, and you will notice them in passports, credit cards, library books, office access passes, and even pet cats. The technology, which allows fast, automated identification of physical objects, is also a staple for many industries. But what would happen if RFID technology were compromised?

  • U.S. imposes sanctions on Russia for interfering in 2016 U.S. election

    The United States on Thursday has unveiled a series of retaliatory measures against Russia for its interference in the U.S. 2016 presidential campaign. The goal of the Russian hacking campaign was to help Donald Trump win the election and, more generally, compromise and corrupt the American political process. The retaliatory measures include the expulsion of thirty-five Russian diplomats and the closure of two Russian compounds based the United States. In a statement, President Barack Obama said Americans should “be alarmed by Russia’s actions” and pledged further action.

  • U.S. gov. agencies sued for slow response to Russian election hacking FOIA inquiries

    Jason Leopold, an investigative reporter who frequently writes for Vice, and Ryan Shapiro, a Ph.D. candidate at MIT and research affiliate at Harvard, who has gained a name for himself as a FOIA activist, have sued several federal agencies for agencies’ foot-dragging in responding to requests for documents related to the Russian hacking of the 2016 election.

  • Tackling cybersecurity incidents with recovery plan, playbook

    “Defense! Defense!” may be the rallying cry from cybersecurity teams working to thwart cybersecurity attacks, but perhaps they should be shouting “Recover! Recover!” instead. Attackers are increasingly racking up points against their targets, so NIST has published the Guide for Cybersecurity Event Recovery (link is external) to help organizations develop a game plan to contain the opponent and get back on the field quickly.

  • $527K to develop a Web authentication middleware tool

    Recent studies have documented many problem areas within the current certificate-based authentication system such as errors and issues with server certificates, invalid chains and subjects, self-signed certificates, and popular websites not properly using them. DHS S&T has awarded $527,112 to Brigham Young University (BYU) in Provo, Utah, to develop a Web authentication middleware tool that would significantly upgrade the current Internet website authentication process and improve online security.

  • Russian government hackers used same malware in hacking of DNC, Ukrainian military

    The Russian government hackers who hacked the computer systems of the Democratic National Committee (DNC) and the Clinton campaign in order to help Donald Trump win the 2016 presidential election, have also been hacking Ukrainian artillery units in eastern Ukraine. The hacking is aimed to help the Russian military target these units in order to help pro-Russian rebels who have been fighting the Ukrainian military in eastern Ukraine. Cyber experts have discovered that in both cases, the Russian government hackers used a piece of malware known as X-Agent.

  • Russian hacking of 2016 U.S. elections threatens to “destroy democracy”: Sen. McCain

    Senator John McCain (R-Arizona) said that Russia’s involvement in hacking U.S. political institutions and processes during the 2016 presidential election campaigns threatens to “destroy democracy” in its current form. The senator for Arizona warned there may soon be an “unraveling of the world order” and criticized the “absolute failure of the American leadership” to improve relations with Moscow. “There’s no doubt they were interfering and no doubt it was a cyber-attack. The question now is how much and what damage and what should the United States of America do? And so far, we’ve been totally paralyzed,” he said. “The truth is, they are hacking every single day.”

  • Health wearable devices pose new consumer and privacy risks

    Watches, fitness bands, and so-called “smart” clothing, linked to apps and mobile devices, are part of a growing “connected-health” system in the U.S., promising to provide people with more efficient ways to manage their own health. These personal health wearable devices, which are used to monitor heart rates, sleep patterns, calories, and even stress levels, raise new privacy and security risks, according to a new report.

  • FBI agrees with CIA: Russia’s cyberattacks campaign aimed to help Trump win election

    The U.S. intelligence and law enforcement communities are now united in their conclusion that Russian government hackers have actively intervened in the 2016 U.S. presidential elections to help Donald Trump win the presidency. FBI director James B. Comey and Director of National Intelligence James R. Clapper Jr. have strongly supported the CIA assessment, which reached the same conclusions. Trump has consistently praised Vladimir Putin and his policies – and has consistently rejected the U.S. intelligence community’s conclusions about Russian government hacking.

  • To Russia with love: Trump’s precarious path on hacking and intelligence

    The key point in the debate over Russian hacking of the U.S. 2016 presidential election is that the CIA, the Director of National Intelligence, and the Secretary of Homeland Security have drawn identical conclusions about Russian motives for hacking and propaganda during the 2016 race – to support a Trump victory. The CIA has been blunt in its most recent statement of foreign criminal hacking calculations: “It is the assessment of the intelligence community that Russia’s goal here was to favor one candidate over the other, to help Trump get elected.” In response to the CIA and interconnected findings from several other sources, Trump has openly rejected this intelligence feedback. Despite the fluidity of what intelligence can and cannot do, the high confidence of the CIA should not be automatically ignored or discredited. The fact that Trump has continued to belittle the agency and its widely echoed findings indicates a president-elect who either does not pay attention to the intelligence product, or does not understand how intelligence operates.

  • “Nightmare scenario”: Nuclear power plants vulnerable to hacking by terrorists

    Security experts fear Fukushima-like disaster as terrorists use new technology to attempt attacks. The frequency and scope of cyberattacks on nuclear plants have increased dramatically, and experts say that a successful hack is now all but inevitable. They say that nuclear plant operators should focus more on preparing to contain and limit the damage when it does occur.

  • DHS S&T transitions eighth cybersecurity technology to commercialization

    DHS S&T has announced the eighth cybersecurity technology transitioning to commercialization as a part of its Cyber Security Division’s (CSD) Transition to Practice (TTP) program. ZeroPoint has spun off as a startup company called ZeroPoint Dynamics.

  • Cybersecurity’s next phase: Cyber-deterrence

    From 2005 to 2015, federal agencies reported a 1,300 percent jump in cybersecurity incidents. Clearly, we need better ways of addressing this broad category of threats. Some of us in the cybersecurity field are asking whether cyber deterrence might help. Cyberspace will never be immune to attack – no more than our streets will be immune to crime. But with stronger cybersecurity, increased use of active cyber defenses, and international cyber norms, we can hope to at least keep a lid on the problem.