• DNA sequencing tools vulnerable to cybersecurity risks

    Rapid improvement in DNA sequencing has sparked a proliferation of medical and genetic tests that promise to reveal everything from one’s ancestry to fitness levels to microorganisms that live in your gut. A new study finds evidence of poor computer security practices used throughout the field. Researchers have also demonstrated for the first time that it is possible — though still challenging — to compromise a computer system with a malicious computer code stored in synthetic DNA. When that DNA is analyzed, the code can become executable malware that attacks the computer system running the software.

  • Hacking cybersecurity in order to anticipate attacks

    Imagine two groups at war. One defends every attack as it comes. The other anticipates threats before they happen. Which is more likely to win? In cybersecurity, understanding the potential for attacks is critical. This is especially true for mobile and wireless devices, since they are constantly connected and continuously streaming and collecting data.

  • Police turn to hackathons as crime fighting goes digital

    Police and law enforcement staff are turning to hackathons – collaborative events for developing technology – to come up with new ways of searching for clues within the terabytes of data that many people produce every year.

  • MalwareTech’s arrest sheds light on the complex culture of the hacking world

    The arrest of a British cybersecurity researcher on charges of disseminating malware and conspiring to commit computer fraud and abuse provides a window into the complexities of hacking culture. In May, Marcus Hutchins gained international fame – and near-universal praise – for figuring out how to slow, and ultimately effectively stop, the worldwide spread of the WannaCry malware attack. In August, Hutchins was arrested on federal charges of writing and distributing a different malware attack first spotted back in 2014. The judicial system will sort out whether Hutchins, who has denied wrongdoing and pleaded not guilty, will face as much as 40 years in prison. But to me as a sociologist studying the culture and social patterns of cybercrime, Hutchins’ experience is emblematic of the values, beliefs and practices of many hackers.

  • Encrypted app allows extremists to plot attacks without detection

    A new report details how extremists and terrorists like ISIS, al-Qaeda, and Hamas are increasingly relying on encrypted applications like Telegram to recruit new members, fundraise, incite to violence, and even coordinate terrorist activity without detection from law enforcement. Telegram’s public-facing “channels” and private messaging “chats” make it a useful weapon for extremist groups.

  • Spotting data theft – quickly!

    Computer experts have always struggled to find solutions for protecting businesses and authorities from network breaches. This is because there are too many vague indicators of potential attacks. With PA-SIEM, IT managers have a solution that effectively protects their systems while exposing data thieves and criminal hackers more quickly than conventional software.

  • New app detects cyberattacks quickly

    If you are awaiting exciting news from your friend, what is the better way to read your email? Has it comes in, or after a batch collects? Well, if you read it as it comes in, you will surely get the news faster. Researchers have developed a software app that can do the same for computer networks. Monitoring the activity within a network in real-time can allow cybersecurity analysts to detect cyberattacks quickly, before thieves steal data or crash your system.

  • REnigma malware reverse-engineering tool commercialized

    The analysis of malware used in a cyberattack is a highly manual, time-consuming, low-throughput and costly process, requiring days to weeks to determine the answers needed to understand and recover from an attack. DHS S&T has just announced a groundbreaking malware analysis tool, which is part of S&T’s Transition to Practice (TTP) program, has transitioned as a new startup technology company.

  • New mobile banking Trojans

    In mid-July 2017, Kaspersky Lab researchers found a new modification of the well-known mobile banking malware family Svpeng – Trojan-Banker.AndroidOS.Svpeng.ae. In this modification, the cybercriminals have added new functionality: it now also works as a keylogger, stealing entered text through the use of accessibility services. Attack data suggests this Trojan is not yet widely deployed.

  • Protecting the power grid from low-budget attacks

    Cyberattacks against power grids and other critical infrastructure systems have long been considered a threat limited to nation-states due to the sophistication and resources necessary to mount them. Last week, at the Black Hat USA 2017 conference in Las Vegas, a team of researchers challenged that notion by disclosing vulnerabilities in a component that combined with publicly available information provide sufficient information to model an advanced, persistent threat to the electrical grid.

  • George Mason’s new Center of Excellence for Criminal Investigations and Network Analysis

    DHS S&T has selected George Mason University in Fairfax, Virginia to lead a consortium of U.S. academic institutions and other partners for a new Center of Excellence (COE) in Criminal Investigations and Network Analysis (CINA). The Center’s research will focus on criminal network analysis, dynamic patterns of criminal activity, forensics, and criminal investigative processes.

  • ISIS and climate change leading security threats: Global survey

    People around the globe identify ISIS and climate change as the leading threats to national security, according to a new Pew Research Center report based on a survey of thirty-eight countries. The survey asked about eight possible threats: ISIS, global climate change, cyberattacks, the condition of the global economy, the large number of refugees leaving Iraq and Syria, and the power and influence of the United States, Russia, and China. While the level and focus of concern varies by region and country, ISIS and climate change clearly emerge as the most frequently cited security risks across the thirty-eight countries polled.

  • Europol’s No More Ransom initiative celebrates its first year

    Ransomware has soared since 2012, with criminals attracted by the promise of profit and ease of implementation. The total number of users who encountered ransomware between April 2016 and March 2017 rose by 11.4 percent compared to the previous twelve months, from 2,315,931 to 2,581,026 users around the world. A year ago, Europol and partners the No More Ransom initiative, which now has 109 partners, including government agencies and private organizations and companies.

  • Refusal to accept reality of Russian hacking hobbles U.S. cyber defense efforts: Experts

    The evidence of a broad, systemic effort by Russian government hackers and disinformation specialists – on instructions from President Vladimir Putin — to undermine the U.S. electoral process and ensure a Trump victory in November 2016 is incontrovertible, and it is mounting. The evidence has not persuaded President Donald Trump, however. He cites Putin’s denial of the Russian cyber effort as a reason why he – Trump — does not trust the unanimous conclusions of the U.S. intelligence community. Cyber experts say that Trump’s refusal to accept the reality of the 2016 Russian government hacking and disinformation campaign is creating a dangerous policy vacuum. This vacuum, the security experts fear, is only encouraging more cyber warfare.

  • Applied cybersecurity research for better protection of critical national infrastructure sectors

    DHS S&T awarded a five-year Other Transaction Agreement (OTA), with a maximum value of $70 million, to Arlington, Virginia-based Cyber Apex Solutions, LLC, to facilitate applied research of prototype cyberdefenses for critical national infrastructure sectors.