-
Flaw in iVote System Used in Australian Election
Flaws in the iVote internet and telephone voting system used in the 2019 New South Wales election could have made it vulnerable to undetectable voter fraud, a new report has revealed. A new report has shown how the iVote system suffers from an error in its verification process that could allow the verification of votes to be “tricked”, meaning some valid votes could be converted into invalid ones, and not counted.
-
-
Who's Responsible When Your Car Gets Hacked?
In the future, when cars can drive themselves, grand theft auto might involve a few keystrokes and a well-placed patch of bad computer code. At that point, who will be liable for the damages caused by a hacker with remote control of a 3,000-pound vehicle?
-
-
Secure Data Transmission with Ultrasound
Due to the Internet of Things (IoT), an increasing number of devices have learned to communicate with each other. Ultrasound communication is an entirely new method for data exchange between IoT devices and mobile phones. Researchers have now developed a first open communication protocol including an open-source development kit for ultrasound communication which makes near-field communication safer.
-
-
Online Disinformation and Emerging Tech: Are Democracies at Risk?
Online disinformation campaigns supported by fundamental changes in military and geopolitical strategies of major players such as Russia and China harden tribal factions and undermine the security of infrastructure systems in targets such as the United States, as state and non-state actors mount increasingly sophisticated cyberattacks on democratic institutions, Brad Allenby writes. Whether the United States and other democracies are up to this challenge remains to be seen, he says.
-
-
White Supremacists Embrace "Accelerationism"
Accelerationism is a term white supremacists have assigned to their desire to hasten the collapse of society as we know it. The term is widely used by those on the fringes of the movement, who employ it openly and enthusiastically on mainstream platforms, as well as in the shadows of private, encrypted chat rooms.
-
-
UAH to Offer H4Di Cybersecurity Course
The University of Alabama in Huntsville (UAH) says it will be the first in the state to offer the Hacking for Defense (H4Di) cybersecurity class beginning in spring semester 2020. H4Di teaches students to work with the defense and intelligence communities to rapidly address the nation’s emerging threats and security challenges.
-
-
Russian Hackers Attacked Me and Other Military Spouses. Why Can’t We Sue?
In a systematic campaign aiming to sow panic and confusion, Russian government hackers, masquerading as ISIS fighters, have been hacking computers and smartphones of spouses of U.S. military personnel, stealing and distributing their personal and financial information, and spreading lies about the on the dark web. “Almost as astonishing as the discovery that Russia was behind the attacks was finding out that U.S. citizens have no legal recourse against foreign governments that target them online,” writes Lorri Volkman, whose husband serves in the military, and was attacked by Russian hackers four years ago.
-
-
New Report on Russia’s Online Operations: Pseudo-Think Tanks, Personas
The Kremlin used many different techniques in its effective campaigns of interference in the politics of Western democracies, including the 2016 U.S. presidential election. One such technique is “narrative laundering” – the technique of moving a certain narrative from its state-run origins to the wider media ecosystem through the use of aligned publications, “useful idiots,” and, perhaps, witting participants. “Given that many of these tactics are analogs of those used in Cold-War influence operations, it seems certain that they will continue to be refined and updated for the internet era, and are likely to be used to greater effect,” a new report says.
-
-
Why Cyber Operations Do Not Always Favor the Offense
Among policymakers and analysts, the assumption that cyberspace favors the offense is widespread. Those who share this assumption have been urging the U.S. government to prioritize offensive cyber operations. Rebecca Slayton writes that the belief in offense dominance is understandable – but mistaken: A focus on offense “increases international tensions and states’ readiness to launch a counter-offensive after a cyberattack, and it often heightens cyber vulnerabilities,” she writes.
-
-
Lessons from the Cyberattack on India’s Largest Nuclear Power Plant
In early September, a cyberattack occurred at the Kudankulam nuclear power plant in India. The Indian nuclear monitoring agency finally admitted that the nuclear plant was hacked, and on 30 October Indian government officials acknowledged the intrusion. “As the digitalization of nuclear reactor instrumentation and control systems increases, so does the potential for malicious and accidental cyber incidents alike to cause harm,” Alexander Campbell and Vickram Singh write.
-
-
Here’s How Russia Will Attack the 2020 Election. We’re Still Not Ready.
In 2016, the GRU, Russia’s military intelligence branch, launched a massive, and successful disinformation campaign to change the way Americans were talking about the two candidates – Hillary Clinton and Donald Trump. Among the GRU’s most effective disinformation techniques was one known as “narrative laundering,” which aims to inject the Kremlin’s preferred stories – real, fake, or doctored — into mainstream American media. “It is quite possible that these exact techniques will be used again,” Renee DiResta, Michael McFaul, and Alex Stamos write. “And why shouldn’t they? We’ve done almost nothing to counter the threat.”
-
-
Fighting Deepfakes When Detection Fails
Deepfakes intended to spread misinformation are already a threat to online discourse, and there is every reason to believe this problem will become more significant in the future. Automated deepfake detection is likely to become impossible in the relatively near future, as the approaches that generate fake digital content improve considerably.
-
-
Germany: Far-Right Lawmaker Punished over Anti-Semitism
German lawmakers on Wednesday, in a move which is unprecedented in modern German history, removed a far-right politician from his position as the chairman of the powerful Legal Affairs Committee of the Bundestag. The move came after the politician, Stephan Brandner, has repeatedly made anti-Semitic comments. All the parties in the Bundestag, except his own AfD party, voted to strip him of the committee’s chairmanship.
-
-
Private Vendors Critical to Election Security Inadequately Supervised
Private vendors build and maintain much of the election infrastructure in the United States with minimal oversight by the federal government. A new report presents the risks this poses to the security of our elections and offers a solution.
-
-
National Labs Host DOE CyberForce Competition
Five teams of college students will square off at the U.S. Department of Energy’s (DOE) Lawrence Berkeley National Laboratory (Berkeley Lab) on 16 November as part of DOE’s fifth CyberForce Competition. The event, held simultaneously at ten of the DOE’s National Laboratories across the United States, will challenge 105 college teams to defend a simulated energy infrastructure from cyberattacks. The CyberForce Competition is designed to inspire and develop the next generation of energy sector cybersecurity professionals by giving them a chance to hone their skills during interactive and realistic scenarios.
-
More headlines
The long view
States Rush to Combat AI Threat to Elections
This year’s presidential election will be the first since generative AI became widely available. That’s raising fears that millions of voters could be deceived by a barrage of political deepfakes. Congress has done little to address the issue, but states are moving aggressively to respond — though questions remain about how effective any new measures to combat AI-created disinformation will be.
Ransomware Attacks: Death Threats, Endangered Patients and Millions of Dollars in Damages
A ransomware attack on Change Healthcare, a company that processes 15 billion health care transactions annually and deals with 1 in 3 patient records in the United States, is continuing to cause massive disruptions nearly three weeks later. The incident, which started on February 21, has been called the “most significant cyberattack on the U.S. health care system” by the American Hospital Association. It is just the latest example of an increasing trend.
Chinese Government Hackers Targeted Critics of China, U.S. Businesses and Politicians
An indictment was unsealed Monday charging seven nationals of the People’s Republic of China (PRC) with conspiracy to commit computer intrusions and conspiracy to commit wire fraud for their involvement in a PRC-based hacking group that spent approximately 14 years targeting U.S. and foreign critics, businesses, and political officials in furtherance of the PRC’s economic espionage and foreign intelligence objectives.
Autonomous Vehicle Technology Vulnerable to Road Object Spoofing and Vanishing Attacks
Researchers have demonstrated the potentially hazardous vulnerabilities associated with the technology called LiDAR, or Light Detection and Ranging, many autonomous vehicles use to navigate streets, roads and highways. The researchers have shown how to use lasers to fool LiDAR into “seeing” objects that are not present and missing those that are – deficiencies that can cause unwarranted and unsafe braking or collisions.
Tantalizing Method to Study Cyberdeterrence
Tantalus is unlike most war games because it is experimental instead of experiential — the immersive game differs by overlapping scientific rigor and quantitative assessment methods with the experimental sciences, and experimental war gaming provides insightful data for real-world cyberattacks.