-
In a World of Cyber Threats, the Push for Cyber Peace is Growing
Digital conflict and military action are increasingly intertwined, and civilian targets – private businesses and everyday internet users alike – are vulnerable in the digital crossfire. But there are forces at work trying to promote peace online. It will be a tough challenge.
-
-
Rating Security of Internet-Connected Devices
If you’re in the market for an internet-connected garage door opener, doorbell, thermostat, security camera, yard irrigation system, slow cooker—or even a box of connected light bulbs—a new website can help you understand the security issues these shiny new devices might bring into your home.
-
-
Making “Internet of Things” More Secure
Devices connected to the internet of things, now becoming standard components in new buildings, can increase energy performance while reducing costs. But such highly connected sensors can also bring potential security vulnerabilities. Several University of Washington schools and offices will team up to research how organizational practices can affect the interagency collaboration needed to keep the “internet of things” — and institutional systems — safe and secure.
-
-
Insurance Companies Are Fueling Ransomware Attacks
Ransomware is proliferating across America, disabling computer systems of corporations, city governments, schools and police departments. the FBI and security researchers say paying ransoms contributes to the profitability and spread of cybercrime and in some cases may ultimately be funding terrorist regimes. But for insurers, it makes financial sense, industry insiders said. It holds down claim costs by avoiding expenses such as covering lost revenue from snarled services and ongoing fees for consultants aiding in data recovery. And, by rewarding hackers, it encourages more ransomware attacks, which in turn frighten more businesses and government agencies into buying policies.
-
-
Disinformation Is Catalyzing the Spread of Authoritarianism Worldwide
There’s a segment of the American left that believes we’re in no position to be outraged over Russia’s multifaceted campaign to swing the 2016 election to Trump because the U.S. has meddled in its share of elections in other countries. Setting aside the fact that this is a prime example of the tu quoque fallacy, it ignores the specific context of that intervention. Joshua Holland writes in Raw Story that this is not about the U.S. alone. “As I wrote for The Nation in 2017, long before Trump descended on that gaudy golden escalator to announce his candidacy…, Russia had honed its tactics in Estonia, followed soon after by attempts, with varying degrees of success, to disrupt the domestic politics of Georgia, Kyrgyzstan, Kazakhstan, Finland, Bosnia and Macedonia.” It also isn’t about Russia. “As the New York Times reported earlier this year, researchers have ‘discovered numerous copycats, particularly on the far right. Those groups often echo Kremlin talking points, making it difficult to discern the lines between Russian propaganda, far-right disinformation and genuine political debate,’” Holland writes.
-
-
Calling Off Iowa’s “Digital Caucuses” Is a Wise Display of Caution
Caution and restraint are not known as the hallmarks of the digital revolution. Especially when there’s the admirable possibility of increasing participation by going digital, the temptation to do so is strong—and rarely resisted. But a decision reportedly taken by the Democratic National Committee, however, presents a significant display of caution that deserves both attention and praise. “Showing restraint usually isn’t exciting or flashy,” Joshua Geltzer writes. “But it can be admirable. And, here, organizations like the DNC that take these steps deserve our collective applause for erring on the side of caution, especially in a world replete with cybersecurity and election interference threats.”
-
-
Ransomware Attacks on Cities Are Rising – Authorities Must Stop Paying Out
A ransomware campaign that targeted twenty-three U.S. cities across Texas has raised serious concerns about the vulnerability of local governments and public services to cyber-attacks. These events come not long after similar attacks on governmental and business organizations in Indiana, Florida and elsewhere. They reflect a general shift in ransomware tactics from “spray and pray” attacks on large numbers of individual consumers, to “big game hunting”, which targets organizations, usually through people in positions of power.
-
-
Integrating EMM & APP Vetting Solutions for Maximum Security
A new study released by the DHS S&T describes a continuous approach to mobile app vetting that integrates the capabilities of enterprise mobility management (EMM) solutions with app vetting tools to improve the security of mobile devices.
-
-
A College Reading List for the Post-Truth Era
“We live in a time beset with belittlement of science, hostility toward expertise and attacks on traditional democratic institutions,” Michael T. Nietzel, president emeritus of Missouri State University, writes. “It’s a post-truth period where conspiracy theories and crackpot ideas flourish. If the facts conflict with someone’s sense of identity or political ideology, then the facts are disposable. They can be replaced with notions that feel better or reverberate on social media.” What is the best way to achieve the goal of making young students less susceptible to dangerous s stupidities and toxic conspiracy theories? Nietzel has a suggestion — although he admits it is increasingly rare as an academic expectation: serious reading. He offers seven recent books which champion reason over emotion, distinguish facts from fallacies, and enumerate the dangers of ignoring the truth.
-
-
Instagram's New Fact-Checking Tool May Have Limited Impact on Disinformation
Researchers worry that a new feature giving Instagram users the power to flag false news on the platform won’t do much to head off efforts to use disinformation to sow political discord in 2020. The role of Instagram in spreading political disinformation took center stage in a pair of Senate reports in December, which highlighted how Russian state operatives used fake accounts on the platforms, masquerading as members of activist groups like Black Lives Matter during and well after the 2016 election.
-
-
How to Measure Cybersecurity
Many experts agree that there are no universally recognized, generally accepted metrics by which to measure and describe cybersecurity improvements, and that, as a result, decision-makers are left to make choices about cybersecurity implementation based on qualitative measures rather than quantitative ones. Robert Taylo argues that the “search for quantitative metrics and dismissal of qualitative metrics ignores the dynamic nature of the challenge of ensuring cybersecurity, as well as the critical role of processes and procedures. Cybersecurity is a matter not just of the equipment and tools in place but also of how the equipment and tools are used by people, and how the organization ensures that the equipment and tools and methods of use are kept up to date. Qualitative measures that are discernible and reproducible are and will continue to be essential in helping to guide sound investment and operational decisions.”
-
-
NotPetya Ushered in a New Era of Malware
NotPetya ushered in a new era of implant-enabled warfare where public opinion is as much the target as traditional IT systems. This wasn’t “hack and leak” or “inauthentic amplification” on social media. This is information operations by using malware to create a narrative, and shows what the future of conflict looks like: one where malware not only disrupts our business operations but also targets our minds and influences media coverage. NotPetya created significant downtime and a whopping $10 billion in damages, but its most subversive impact was how it deceived the public.
-
-
Facebook, Google, Twitter and the “Digital Disinformation Mess”
The preliminary results of Facebook’s long-awaited “bias” audit are out. The key takeaway? Everyone is still unhappy. The report is little more than a formalized catalog of six categories of grievances aired in Republican-led congressional hearings over the past two years. It doesn’t include any real quantitative assessment of bias. There are no statistics assessing the millions of moderation decisions that Facebook and Instagram make each day. The results are all the more remarkable because the audit was an exhaustive affair, the fruit of about a year of research led by former Republican Sen. Jon Kyl, encompassing interviews with scores of conservative lawmakers and organizations. “Despite the time and energy invested, the conspicuous absence of evidence within the audit suggests what many media researchers already knew: Allegations of political bias are political theater,” Renee DiResta wites.
-
-
How a “Political Astroturfing” App Coordinates Pro-Israel Influence Operations
The Israeli-Palestinian conflict has long been a global battle, fought by hundreds of proxies in dozens of national capitals by way of political, economic, and cultural pressure. As the internet has evolved, so have the tools used to wage this information struggle. The latest innovation — a pro-Israel smartphone app that seeds and amplifies pro-Israel messages across social media — saw its first major test in May 2019. It offered a glimpse of the novel methods by which future influence campaigns will be conducted and information wars won.
-
-
Fake News Makes People “Remember” False Memories – Study
A new study found that people can form false memories after reading fake news stories, especially if those stories support their biases and own political beliefs. Participants in the study did not reconsider their memory even after being told that some of the stories they read could be fabricated with several even recounting details not included in the stories. “Memory is a reconstructive process and we are vulnerable to suggestion distorting our recollections, without our conscious awareness,” the lead researcher told BBC.
-
More headlines
The long view
States Rush to Combat AI Threat to Elections
This year’s presidential election will be the first since generative AI became widely available. That’s raising fears that millions of voters could be deceived by a barrage of political deepfakes. Congress has done little to address the issue, but states are moving aggressively to respond — though questions remain about how effective any new measures to combat AI-created disinformation will be.
Ransomware Attacks: Death Threats, Endangered Patients and Millions of Dollars in Damages
A ransomware attack on Change Healthcare, a company that processes 15 billion health care transactions annually and deals with 1 in 3 patient records in the United States, is continuing to cause massive disruptions nearly three weeks later. The incident, which started on February 21, has been called the “most significant cyberattack on the U.S. health care system” by the American Hospital Association. It is just the latest example of an increasing trend.
Chinese Government Hackers Targeted Critics of China, U.S. Businesses and Politicians
An indictment was unsealed Monday charging seven nationals of the People’s Republic of China (PRC) with conspiracy to commit computer intrusions and conspiracy to commit wire fraud for their involvement in a PRC-based hacking group that spent approximately 14 years targeting U.S. and foreign critics, businesses, and political officials in furtherance of the PRC’s economic espionage and foreign intelligence objectives.
Autonomous Vehicle Technology Vulnerable to Road Object Spoofing and Vanishing Attacks
Researchers have demonstrated the potentially hazardous vulnerabilities associated with the technology called LiDAR, or Light Detection and Ranging, many autonomous vehicles use to navigate streets, roads and highways. The researchers have shown how to use lasers to fool LiDAR into “seeing” objects that are not present and missing those that are – deficiencies that can cause unwarranted and unsafe braking or collisions.
Tantalizing Method to Study Cyberdeterrence
Tantalus is unlike most war games because it is experimental instead of experiential — the immersive game differs by overlapping scientific rigor and quantitative assessment methods with the experimental sciences, and experimental war gaming provides insightful data for real-world cyberattacks.