• Increasing power grid cybersecurity

    Cybersecurity experts are leading a new program to develop new data analysis methods better to protect the nation’s power grid. The goal of this project is to develop technologies and methodologies to protect the grid from advanced cyber and threats by developing the means to distinguish between power grid failures caused by cyber attacks and failures caused by other means, including natural disasters, “normal” equipment failures, and even physical attacks.

  • Ending extortion: Researchers develop a way to stop ransomware

    Ransomware — what hackers use to encrypt your computer files and demand money in exchange for freeing those contents — is an exploding global problem with few solutions. The FBI issued a warning in May saying the number of attacks has doubled in the past year and is expected to grow even more rapidly this year. It said it received more than 2,400 complaints last year and estimated losses from such attacks at $24 million last year for individuals and businesses. Researchers have developed a way to stop ransomware dead in its tracks.

  • view counter
  • Your smart watch and fitness tracker may give away your PIN

    Wearable devices — Fitbits, Jawbones, Nike+, Apple Watches, and the like — are white-hot. The tech segment is already producing an estimated $14 billion in sales worldwide, and expected to more than double within four years, climbing to north of $30 billion. But a new research report reveals those cool wearables just may leak information as you use them.

  • ISIS uses Whatsapp, Telegram to sell girls and women as sex slaves

    ISIS has been using instant messenger apps Whatsapp and Telegram to advertise Yazidi women and girls as young as 12 for sale as sex slaves. These apps are also being used to share photos databases of women held by ISIS as sex slaves. ISIS uses the apps to distribute these of photographs to ISIS militants manning the group’s checkpoints so that these women can be identified if they try to escape ISIS-controlled territory. Telegram and Facebook-owned Whatsapp both use end-to-end encryption, preventing the two companies from accessing users’ communications.

  • DHS S&T funds efforts to make Internet of Things safer

    DHS S&T the other day awarded $119,000 to Ionic Security, Inc. based in Atlanta, Georgia, to advance detection and monitoring for Internet of Things (IoT) systems security. The Ionic Security team proposes to apply a novel distributed data protection model to solve the authentication, detection, and confidentiality challenges that impact distributed IoT devices.

  • House committee releases encryption report, laying foundation for a national dialogue

    Terrorist attacks in Paris and San Bernardino have sparked a public debate on the use of encryption in the United States because the attackers used encrypted communications to evade detection, a phenomenon known as “going dark.” Earlier this week, the Majority Staff of the House Homeland Security Committee released a new report, titled Going Dark, Going Forward: A Primer on the Encryption Debate. The summarizes the committee’s findings, based on more than 100 meetings and briefings committee staff and members have held with key stakeholders over the past year.

  • Effective defense against Internet attacks

    The brute force and sheer scale of current Internet attacks put a heavy strain on classic methods of intrusion detection. Moreover, these methods are not prepared for the rapidly growing number of connected devices. Researchers have developed a “flow based” approach, which looks at the data flow from a higher level and detects suspicious patterns.

  • China’s cyber statecraft is a far greater concern than cyber espionage

    China has become notorious for its sponsorship of cyber industrial espionage, but such activity distracts attention from the country’s comprehensive cyber strategy, according to a new book, China’s Cyber Power. This strategy is designed to maintain domestic political cohesion, empower the Chinese military, and reshape global cyber governance.

  • Making passwords more secure – especially for mobile devices

    Passwords are a necessary evil, indispensable for the purpose of ensuring data confidentiality. Unfortunately, the most secure passwords are also the ones that are most difficult to memorize. “Nobody likes passwords. In order to make their lives easier, many people use the same password for different accounts, or they choose passwords that are so easy to guess that they don’t provide sufficient protection,” said one researchers.

  • DHS S&T awards Charles River Analytics $500,000 for predictive malware defense research

    Malicious cyber activity is growing at an unprecedented rate. A leading internet security firm reported there were more than 317 million new malicious code signatures in 2014. Additionally, attacks are increasing in sophistication as authors create malware that circumvents standard signature-based antivirus defense systems. DHS S&T has awarded $500,000 to Cambridge, Massachusetts-based Charles River Analytics to develop malware defense technology that will alert and empower information technology (IT) administrators to fend off an impending cyberattack.

  • State Department holds competition for social media apps challenging terrorism

    Can the obsession millennials have with smart technology be capitalized on as a weapon against terrorist propaganda? The U.S. Department of State thinks so, and has selected three teams of student finalists — chosen from fifty-six universities around the world — to its headquarters in Washington, D.C., next week for the “Peer-to-Peer: Challenging Extremism challenge.”

  • Google Chrome vulnerability lets attackers steal movies, protected content

    A security vulnerability in Google technology that is supposed to protect videos streamed via Google Chrome has been discovered by researchers from the Ben-Gurion University of the Negev Cyber Security Research Center (CSRC) in collaboration with a security researcher from Telekom Innovation Laboratories in Berlin, Germany. The vulnerability in the encryption technology, Widevine EME/CDM, opens an easy way for attackers to hijack protected content delivered via different popular streaming services, making the unprotected content available for illegal distribution.

  • Intelligence agencies spy on our data by manipulating computer chips

    Researchers work to develop mechanisms that will render the Internet of Things more secure. They focus on a specific security gap: the manipulation of computer chips, that is, hardware components. These components can be found not only in PCs and laptops, but also in all other devices with integrated electronics; those include credit cards, cars, and smartphones, as well as large industrial facilities and medical equipment.

  • Cyber Guard 2016 aims to manage complexity in invisible domain

    Between one million and ten million U.S. homes and businesses are without power. An oil spill from a near-shore refinery is gushing into the waters off Texas and Louisiana. The port of Los Angeles is shut down due to a network outage. Visitors to exercise Cyber Guard 2016 here viewed mock newscasts detailing these scenarios as examples of the likely effects of a massive cyberattack.

  • Tracking, analyzing how ISIS recruits through social media

    A team of researchers has developed a model to identify behavioral patterns among serious online groups of ISIS supporters that could provide cyber police and other anti-terror watchdogs a roadmap to their activity and indicators when conditions are ripe for the onset of real-world attacks. The researchers apply the laws of physics to study how terrorist support groups grow online, and how law enforcement can track activities.