• “Vaccinating” algorithms against attacks on machine learning

    Algorithms “learn” from the data they are trained on to create a machine learning model that can perform a given task effectively without needing specific instructions, such as making predictions or accurately classifying images and emails. Researchers have developed a world-first set of techniques to effectively “vaccinate” algorithms against adversarial attacks, a significant advancement in machine learning research.

  • A Florida city paid a $600,000 bitcoin ransom to hackers who took over its computers — and it's a massive alarm bell for the rest of the US

    A Florida city agreed to pay $600,000 worth of bitcoin to hackers who took its computer systems offline with a cyberattack. Riviera Beach’s city council voted to pay the money after an attack in May affected the city’s online services, including email and 911 dispatches. The attack is part of a pattern that has targeted cities around the US. The disruption has cost millions of dollars. Sinéad Baker write in Business Insider that the U.S. Department of Homeland Security warned in 2018 that local-level governments around the U.S. were being hit with malware that is “among the most costly and destructive.”

  • NIST updates to help defend sensitive information from cyberattack

    An update to one of the National Institute of Standards and Technology’s (NIST) information security documents offers strategies to help protect sensitive information that is stored in computers supporting critical government programs and high value assets. The new companion publication offers enhanced security for information stored in critical programs and assets.

  • How cryptocurrency discussions – and disinformation – spread

    Computer scientists have mapped the ebb and flow of Reddit’s discussions about cryptocurrency — not only to see how online chatter can predict market behavior, but also to gain insights into how disinformation goes viral.

  • Cyber protection technology moves from the lab to the marketplace

    MIT Lincoln Laboratory’s technique to protect commodity software from cyberattacks has transitioned to industry and will soon be available as part of a security suite.

  • U.S. Cyber Command, Russia and critical infrastructure: What norms and laws apply?

    According to the New York Times, the United States is “stepping up digital incursions into Russia’s electric power grid.” The operations involve the “deployment of American computer code inside Russia’s grid and other targets,” supposedly to warn Russia against conducting further hostile cyber operations against U.S. critical infrastructure, and to build the capability to mount its own robust cyber operations against Russia in the event of a conflict.Michael Schmitt writes in Just Security that damaging critical infrastructure is clearly be out of bounds as responsible peacetime state behavior and would likely violate international law. But do these types of intrusions – seemingly intended to prepare for future operations or deter them, or both, without causing any actual harm – also run counter to applicable non-binding norms or violate international law during peacetime?

  • How not to prevent a cyberwar with Russia

    In the short span of years that the threat of cyberwar has loomed, no one has quite figured out how to prevent one. As state-sponsored hackers find new ways to inflict disruption and paralysis on one another, that arms race has proven far easier to accelerate than to slow down. But security wonks tend to agree, at least, that there’s one way not to prevent a cyberwar: launching a pre-emptive or disproportionate cyberattack on an opponent’s civilian infrastructure. Andy Greenberg writes in Wired that as the Trump administration increasingly beats its cyberwar drum, some former national security officials and analysts warn that even threatening that sort of attack could do far more to escalate a coming cyberwar than to deter it.

  • The challenges of Deepfakes to national security

    Last Thursday, 13 June 2019, Clint Watts testified before the House Intelligence Committee of the growing dangers of Deepfakes – that is, false audio and video content. Deepfakes grow in sophistication each day and their dissemination via social media platforms is far and wide. Watts said: “I’d estimate Russia, as an enduring purveyor of disinformation, is and will continue to pursue the acquisition of synthetic media capabilities and employ the outputs against its adversaries around the world. I suspect they’ll be joined and outpaced potentially by China.” He added: “These two countries along with other authoritarian adversaries and their proxies will likely use Deepfakes as part of disinformation campaigns seeking to 1) discredit domestic dissidents and foreign detractors, 2) incite fear and promote conflict inside Western-style democracies, and 3) distort the reality of American audiences and the audiences of America’s allies.”

  • Deepfake myths: Common misconceptions about synthetic media

    There is finally some momentum to “do something” about deepfakes, but crucial misconceptions about deepfakes and their effect on our society may complicate efforts to develop a strategic approach to mitigating their negative impacts.

  • European elections suggest US shouldn’t be complacent in 202

    In many ways, the European Parliament elections in late May were calmer than expected. Cyber aggression and disinformation operations seem to not have been as dramatic as in 2016, when Russian hackers and disinformation campaigns targeted elections in the U.S., France and elsewhere around the world. However, there is no reason to be content. The dangers remain real. For one thing, the target societies might have internalized the cleavages and chaos from information operations or self-sabotaged with divisive political rhetoric. As a reaction, Russia may have scaled back its efforts, seeing an opportunity to benefit from lying low.

  • Hackback is back: Assessing the Active Cyber Defense Certainty Act

    The “hackback” debate has been with us for many years. It boils down to this: Private sector victims of hacking in some instances might wish to engage in self-defense outside their own networks (that is, doing some hacking of their own in order to terminate an attack, identify the attacker, destroy stolen data, etc.) but for the prospect that they then would face criminal (and possibly civil) liability under 18 USC 1030 (the Computer Fraud and Abuse Act, or CFAA).  Robert Chesney writes in Lawfare that a tricky question of policy therefore arises: Should the CFAA be pruned to facilitate hackback under certain conditions?  On one hand, this might produce significant benefits in terms of reducing harm to victims and deterring some intrusions. On the other hand, risks involving mistaken attribution, unintended collateral harms and dangerous escalation abound. It’s small wonder the hackback topic has spawned so much interesting debate (see here and here for examples).

  • EU probe finds “continued, sustained” online disinformation by “Russian sources”

    The European Union says that it has gathered evidence of “continued and sustained” disinformation activity by Russia aimed at influencing the results of May’s elections for the European Parliament. The European Commission report said “Russian sources” tried to suppress voter turnout and influence voters’ preferences.

  • Quantum – a double-edged sword for cryptography

    Quantum computers pose a big threat to the security of modern communications, deciphering cryptographic codes that would take regular computers forever to crack. But drawing on the properties of quantum behavior could also provide a route to truly secure cryptography.

  • Entering the third decade of cyber threats: Toward greater clarity in cyberspace

    Over the course of just a few decades, the world has entered into a digital age in which powerful evolving cyber capabilities provide access to everyone connected online from any place on the planet. Those capabilities could be harnessed for the benefit of humanity; they might also be abused, leading to enormous harms and posing serious risks to the safety and stability of the entire world. Dan Efrony writes in Lawfare that a strategy of international cooperation is crucial to mitigate the threats of abuse of cyberspace, primarily by clarifying the “red lines” in the field of cybersecurity and determining how to verify and enforce states’ compliance with their legal obligations in the field.

  • Alphabet-owned jigsaw bought a Russian troll campaign as an experiment

    For more than two years, the notion of social media disinformation campaigns has conjured up images of Russia’s Internet Research Agency, an entire company housed on multiple floors of a corporate building in St. Petersburg, concocting propaganda at the Kremlin’s bidding. But a targeted troll campaign today can come much cheaper—as little as $250, says Andrew Gully, a research manager at Alphabet subsidiary Jigsaw. He knows because that’s the price Jigsaw paid for one last year. Andy Greenberg writes in Wired that as part of research into state-sponsored disinformation that it undertook in the spring of 2018, Jigsaw set out to test just how easily and cheaply social media disinformation campaigns, or “influence operations,” could be bought in the shadier corners of the Russian-speaking web. In March 2018, after negotiating with several underground disinformation vendors, Jigsaw analysts went so far as to hire one to carry out an actual disinformation operation, assigning the paid troll service to attack a political activism website Jigsaw had itself created as a target.