-
As Cybercrime Evolves, Organizational Resilience Demands a Mindset Shift
Facing the threat of state-sponsored cyberattack groups, the financial motivations of organized cybercrime gangs and the reckless ambitions of loosely knit hacktivist collectives, organizations are fighting a cybersecurity battle on multiple fronts.
-
-
From Wadham to GCHQ and Back: Robert Hannigan on Cybercrime, Spying and the AI Tsunami Coming Our Way
Is the much-vaunted cyber-Armageddon likely or even possible? One experts says that “‘State cyber threats do get overplayed. They can’t do everything and countries over-estimate their cyber capabilities – just as they over estimate their military capability.” The expert insists, however, that “The challenges are ‘moving very fast’, as potential attackers learn fast.”
-
-
To Pay or Not to Pay? Ransomware Attacks Are the New Kidnapping
Over the past several years, ransomware attacks have become a persistent national security threat. The inability to respond effectively to this challenge has normalized what should be intolerable: organized cybercriminals harbored by hostile states regularly disrupting and extorting businesses and essential services, causing misery in the process.
-
-
The ‘Truther Playbook’: Tactics That Explain Vaccine Conspiracy Theorist RFK Jr’s Presidential Momentum
Polls show that Robert Kennedy’s Jr., promoting anti-vaccine conspiracy theories, has been drawing surprising early support in his campaign for the Democratic presidential nomination. Kennedy is using the “truther playbook” - – promising identity and belonging, revealing “true” knowledge, providing meaning and purpose, and promising leadership and guidance – which prove to be appealing in our current post-truth era, in which opinions often triumph over facts, and in which charlatans can achieve authority by framing their opponents as corrupt and evil and claiming to expose this corruption. These rhetorical techniques can be used to promote populist politics just as much as anti-vaccine content.
-
-
U.S. Critical Infrastructure May Not Be Resilient Enough to Fend Off, Survive Chinese Cyberattacks: CISA Director
Americans “need to be prepared” for Chinese cyberattacks, U.S. cyber official said, because the United States may not be resilient enough to fend off and survive Chinese attacks on its critical infrastructure should the present great power competition between Washington and Beijing evolve into an actual conflict.
-
-
Google, Cornell to Partner in Online Security Initiative
Most current security-related research is focused on technical challenges, but many of the most significant security failures involve humans and can often be attributed to poor design that fails to take the human factor into account. A partnership between Google and four higher-education institutions will use an interdisciplinary approach to build better foundations for secure systems and ensure that they are deployed in ways that address rather than exacerbate societal problems.
-
-
Operator of “Bulletproof Hosting” Service Which Distributed Destructive Malware Sentenced to Three Years in Prison
A Romanian national who operated a “bulletproof hosting” service was sentenced to three years in prison and ordered to forfeit $3,510,000. The bulletproof hosting was used to facilitate the distribution of the Gozi Virus, the Zeus Trojan, the SpyEye Trojan, and the BlackEnergy malware, all of which were designed to steal confidential financial information.
-
-
Making Hospitals Cybersecure
As medical centers increasingly come under attack from hackers, Europe is bolstering protection. The answer lies not only in better software. Cybersecurity is more often than not about people and changing their behavior.
-
-
The Executive Order on Commercial Spyware: Implications and Prospects
The growing national security threat from misuse of commercial spyware is increasingly being recognized. The US has been taking the lead in addressing the growing menace of unregulated spyware companies and the proliferation of intrusive tools. The Biden administration’s latest Executive Order will ensure that commercial spyware firms will be subjected to unprecedented scrutiny.
-
-
3rd Annual Critical Infrastructure Security Summit Announced
Critical Infrastructure consists of the sixteen sectors whose assets, systems, and networks, whether physical or virtual, are considered so vital to the United States that their incapacitation or destruction would have a debilitating effect on national and economic security, and on public health and safety. Defense Strategies Institute will hold its 3rd annual Critical Infrastructure Security Summit which will discuss ways to create more resilient systems to protect this infrastructure.
-
-
Extremist NFTs Across Blockchains
While tech companies, politics, and civil society continue to discuss how to regulate social networks, a new age of the internet is dawning: the Web3. Julia Handle and Louis Jarvers write that with the technological advancements of Web3, it is critical to examine their application to extremism.
-
-
Quantum Technology for Mobile Phone Encryption Nears
In a few years, protection of communication with quantum encryption may become a permanent fixture in mobile phones and thus protect communication from hacking. The technology has already been demonstrated in large data transfers in the financial sector.
-
-
How Can Congress Regulate AI? Erect Guardrails, Ensure Accountability and Address Monopolistic Power
A new federal agency to regulate AI sounds helpful but could become unduly influenced by the tech industry — instead, Congress can legislate accountability.Instead of licensing companies to release advanced AI technologies, the government could license auditors and push for companies to set up institutional review boards. The government hasn’t had great success in curbing technology monopolies, but disclosure requirements and data privacy laws could help check corporate power.
-
-
Can Quantum Computing Protect AI from Cyberattacks?
AI algorithms are everywhere. They underpin nearly all autonomous and robotic systems deployed in security applications. This includes facial recognition, biometrics, drones and autonomous vehicles used in combat surveillance and military targeting applications. Can we prevent malicious attacks and improve the cybersecurity of algorithms powered by artificial intelligence (AI)? Quantum machine learning may hold the key.
-
-
AI Model Aims to Plug Key Gap in Cybersecurity Readiness
There are more than 213,800 available known “keys”—unofficial entry points into computer systems, better known as vulnerabilities or bugs—and they’re already in the hands of criminals. There are likely many more that are not known. How can all the threats and attacks be tracked, prioritized and prevented? Scientists link resources to improve prioritization, spot attacks more quickly.
-
More headlines
The long view
States Rush to Combat AI Threat to Elections
This year’s presidential election will be the first since generative AI became widely available. That’s raising fears that millions of voters could be deceived by a barrage of political deepfakes. Congress has done little to address the issue, but states are moving aggressively to respond — though questions remain about how effective any new measures to combat AI-created disinformation will be.
Ransomware Attacks: Death Threats, Endangered Patients and Millions of Dollars in Damages
A ransomware attack on Change Healthcare, a company that processes 15 billion health care transactions annually and deals with 1 in 3 patient records in the United States, is continuing to cause massive disruptions nearly three weeks later. The incident, which started on February 21, has been called the “most significant cyberattack on the U.S. health care system” by the American Hospital Association. It is just the latest example of an increasing trend.
Chinese Government Hackers Targeted Critics of China, U.S. Businesses and Politicians
An indictment was unsealed Monday charging seven nationals of the People’s Republic of China (PRC) with conspiracy to commit computer intrusions and conspiracy to commit wire fraud for their involvement in a PRC-based hacking group that spent approximately 14 years targeting U.S. and foreign critics, businesses, and political officials in furtherance of the PRC’s economic espionage and foreign intelligence objectives.
Autonomous Vehicle Technology Vulnerable to Road Object Spoofing and Vanishing Attacks
Researchers have demonstrated the potentially hazardous vulnerabilities associated with the technology called LiDAR, or Light Detection and Ranging, many autonomous vehicles use to navigate streets, roads and highways. The researchers have shown how to use lasers to fool LiDAR into “seeing” objects that are not present and missing those that are – deficiencies that can cause unwarranted and unsafe braking or collisions.
Tantalizing Method to Study Cyberdeterrence
Tantalus is unlike most war games because it is experimental instead of experiential — the immersive game differs by overlapping scientific rigor and quantitative assessment methods with the experimental sciences, and experimental war gaming provides insightful data for real-world cyberattacks.