-
Military Cyber Operations: The New NDAA Tailors the 48-Hour Notification Requirement
Congress will soon enact the National Defense Authorization Act for Fiscal Year 2020 (NDAA fiscal 2020), which includes a provision that will fine-tune the range of military cyberoperations subject to the 48-hour notification requirement associated with “sensitive military cyber operations.”
-
-
Closing a Critical Gap in Cybersecurity
Last year, following the rising threats in cyberspace, Congress established the U.S. first civilian cybersecurity agency—the Cybersecurity and Infrastructure Security Agency (CISA). Christopher Krebs, who serves as the first director of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), writes that “Unfortunately, too often we come across cybersecurity vulnerabilities sitting on the public internet and are unable to act because we cannot identify the owner of the vulnerable system.”
-
-
GOP Senators: Chinese Drones Pose National Security Threat
A group of GOP senators called on the administration to restrict the use of Chinese drones by U.S. government agencies. “American taxpayer dollars should not fund state-controlled or state-owned firms that seek to undermine American national security and economic competitiveness,” they write.
-
-
The United States Should Not Act as If It's the Only Country Facing Foreign Interference
“Right now, Russia’s security services and their proxies have geared up to repeat their interference in the 2020 election. We are running out of time to stop them.” This stark warning from former National Security Council official Fiona Hill serves as a sharp reminder of the threat to democracy posed by foreign interference and disinformation. Russia’s ongoing interference in U.S. affairs is just a small piece on a big chessboard. A key foreign policy goal of the Kremlin is to discredit, undermine, and embarrass what it sees as a liberal international order intent on keeping Russia down and out. Russia’s systematic attack on U.S. democracy in 2016 was unprecedented, but its playbook is not unique.
-
-
Containing Online Hate Speech as If It Were a Computer Virus
Artificial intelligence is being developed which will allow advisory “quarantining” of hate speech in a manner akin to malware filters – offering users a way to control exposure to “hateful content” without resorting to censorship.
-
-
Resilience Guidebook for State of Idaho
In times of growing cyber threats and severe weather, resilience – the ability to continue providing emergency services while damaged infrastructure is restored – has emerged as a growing concern among leaders at state and local levels.
-
-
How New Voting Machines Could Hack Our Democracy
The United States has a disturbing habit of investing in unvetted new touchscreen voting machines that later prove disastrous. Jennifer Cohn writes that as we barrel toward what is set to be the most important election in a generation, Congress appears poised to fund another generation of risky touchscreen voting machines called universal use Ballot Marking Devices (or BMDs), which function as electronic pens, marking your selections on paper on your behalf. Most leading election security experts instead recommend hand-marked paper ballots as a primary voting system, with an exception for voters with disabilities.
-
-
Seizure-Triggering Attack Is Stark Example of How Social Media Can Be Weaponized
Followers of the Epilepsy Foundation’s Twitter handle were targeted last month with posts containing strobe light GIFs and videos which could have caused seizures for people with epilepsy, the foundation announced Monday. “While this kind of activity may not bear the hallmarks of a cyberattack, which can trick users into clicking malicious links or knock a website offline by flooding it with junk traffic, this attack shows that platforms can have even their normal functions weaponized in order to cause physical harm,” Shannon Vavra writes.
-
-
Is Your Car Vulnerable to Cyberattacks?
The emergence of smart cars has opened the door to limitless possibilities for technology and innovation – but also to threats beyond the car itself. New research is the first to apply criminal justice theory to smart vehicles, revealing cracks in the current system leading to potential cyber risks.
-
-
Can 'Cyber Moonshot' save America?
It took Pearl Harbor to convince a majority of Americans that the United States that it should enter World War II. It took the Soviets launching its Sputnik satellite into orbit to convince Americans of the need to be in space. It took the bombings of 9/11 to anger and energize the nation into a war on terror. “But can the United States avoid a cyber Pearl Harbor?” Troy Turner asks. “The nation must not wait to find out, and it shouldn’t take such a life-changing event to get the country to understand the need for fast action on cybersecurity,” he writes.
-
-
Voting-Machine Parts Made by Foreign Suppliers Stir Security Concerns
Voting machines which are widely used across the United States contain parts made by companies with ties to China and Russia, researchers found, raising anxious questions about the security of voting machines which use overseas suppliers. Several government agencies are now looking into the issue. Alexa Corse writes that a report issued Monday by Interos Inc., an Arlington, Virginia-based supply-chain monitoring company, says that voting-machine vendors could be at risk of using insecure components from overseas suppliers which generally are difficult to vet and monitor.
-
-
Click Here to Kill
The idea of an online assassination market was advanced long before it was possible to build one, and long before there was anything resembling the dark web. Susan Choi writes that a threshold had been crossed: advances in encryption and cryptocurrency make this dark vision a reality: Journalists at BBC News Russia confirmed that on 12 March 2019, the first known case of a murder being ordered on the dark web and successfully carried out by hired assassins. The FBI and DHS are worried.
-
-
Authoritarian Regimes Employ New Twitter Tactics to Quash Dissent
When protesters use social media to attract attention and unify, people in power may respond with tweeting tactics designed to distract and confuse, according to a new study. Authoritarian regimes appear to be growing more savvy in their use of social media to help suppress mass movements.
-
-
Facebook's Ad Delivery System Deepens the U.S. Political Divide
Facebook is wielding significant power over political discourse in the United States, thanks to an ad delivery system that reinforces political polarization among users, according to new research. The study shows for the first time that Facebook delivers political ads to its users based on the content of those ads and the information the media company has on its users—and not necessarily based on the audience intended by the advertiser.
-
-
Samoa Has Become a Case Study for “Anti-Vax” Success
In Samoa, Facebook is the main source of information. Michael Gerson writes that it is thus not surprising that anti-vaccination propaganda, much of it generated in the United States, has arrived through social media and discourages Samoan parents from vaccinating their children. “This type of import has helped turn Samoa into a case study of ‘anti-vax’ success — and increased the demand for tiny coffins decorated with flowers and butterflies,” he writes, adding: “Samoa is a reminder of a pre-vaccine past and the dystopian vision of a post-vaccine future.”
-
More headlines
The long view
States Rush to Combat AI Threat to Elections
This year’s presidential election will be the first since generative AI became widely available. That’s raising fears that millions of voters could be deceived by a barrage of political deepfakes. Congress has done little to address the issue, but states are moving aggressively to respond — though questions remain about how effective any new measures to combat AI-created disinformation will be.
Ransomware Attacks: Death Threats, Endangered Patients and Millions of Dollars in Damages
A ransomware attack on Change Healthcare, a company that processes 15 billion health care transactions annually and deals with 1 in 3 patient records in the United States, is continuing to cause massive disruptions nearly three weeks later. The incident, which started on February 21, has been called the “most significant cyberattack on the U.S. health care system” by the American Hospital Association. It is just the latest example of an increasing trend.
Chinese Government Hackers Targeted Critics of China, U.S. Businesses and Politicians
An indictment was unsealed Monday charging seven nationals of the People’s Republic of China (PRC) with conspiracy to commit computer intrusions and conspiracy to commit wire fraud for their involvement in a PRC-based hacking group that spent approximately 14 years targeting U.S. and foreign critics, businesses, and political officials in furtherance of the PRC’s economic espionage and foreign intelligence objectives.
Autonomous Vehicle Technology Vulnerable to Road Object Spoofing and Vanishing Attacks
Researchers have demonstrated the potentially hazardous vulnerabilities associated with the technology called LiDAR, or Light Detection and Ranging, many autonomous vehicles use to navigate streets, roads and highways. The researchers have shown how to use lasers to fool LiDAR into “seeing” objects that are not present and missing those that are – deficiencies that can cause unwarranted and unsafe braking or collisions.
Tantalizing Method to Study Cyberdeterrence
Tantalus is unlike most war games because it is experimental instead of experiential — the immersive game differs by overlapping scientific rigor and quantitative assessment methods with the experimental sciences, and experimental war gaming provides insightful data for real-world cyberattacks.