• Israel Planted Eavesdropping Devices to Spy on Trump, WH officials: U.S. Intelligence Officials

    The U.S. intelligence community has concluded that Israel was behind the placement of cellphone surveillance equipment near the White House and at other locations in Washington, D.C. Politico reports that a former senior U.S. official with first-hand knowledge of the issue said that the U.S. intelligence community believes the devices were installed to spy on President Donald Trump and top administration officials.

  • Watch out: Your Devices May Be Listening to You

    We have become accustomed to carrying our mobile phones and tablet devices everywhere we go. The mobile phone has essentially become an integral part of our everyday lives, helping us to communicate, make payments and socialize. Unfortunately, the smart devices of today are equipped with many different types of sensors that may be listening in on our conversations.

  • Warning Issued After Malware Is Found to Have Hijacked Bitcoin Blockchain

    Bitcoin’s blockchain has been hijacked by a new strain of the Glupteba malware that uses the network to resist attacks, cyber security researchers have warned. The malware uses the bitcoin blockchain to update, meaning it can continue running even if a device’s antivirus software blocks its connection to servers run by the hackers, security intelligence blog Trend Micro reported this week.

  • Why the 2020 Campaigns Are Still Soft Targets for Hackers

    Three and a half years have passed since John Podesta, the chairman of Hillary Clinton’s presidential campaign, fell for a phishing email—granting Russian hackers, and thereby the world, access to his Gmail account and coming to embody the devastating ways foreign governments can meddle in democratic politics. In light of that trauma, the current crop of presidential campaigns has made progress in fortifying their digital operations. But according to those who have worked with the campaigns on these efforts, they nevertheless remain vulnerable to attack and lack cybersecurity best practices.

  • Making “Internet of Things” More Secure

    Devices connected to the internet of things, now becoming standard components in new buildings, can increase energy performance while reducing costs. But such highly connected sensors can also bring potential security vulnerabilities. Several University of Washington schools and offices will team up to research how organizational practices can affect the interagency collaboration needed to keep the “internet of things” — and institutional systems — safe and secure.

  • Insurance Companies Are Fueling Ransomware Attacks

    Ransomware is proliferating across America, disabling computer systems of corporations, city governments, schools and police departments. the FBI and security researchers say paying ransoms contributes to the profitability and spread of cybercrime and in some cases may ultimately be funding terrorist regimes. But for insurers, it makes financial sense, industry insiders said. It holds down claim costs by avoiding expenses such as covering lost revenue from snarled services and ongoing fees for consultants aiding in data recovery. And, by rewarding hackers, it encourages more ransomware attacks, which in turn frighten more businesses and government agencies into buying policies.

  • Calling Off Iowa’s “Digital Caucuses” Is a Wise Display of Caution

    Caution and restraint are not known as the hallmarks of the digital revolution. Especially when there’s the admirable possibility of increasing participation by going digital, the temptation to do so is strong—and rarely resisted. But a decision reportedly taken by the Democratic National Committee, however, presents a significant display of caution that deserves both attention and praise. “Showing restraint usually isn’t exciting or flashy,” Joshua Geltzer writes. “But it can be admirable. And, here, organizations like the DNC that take these steps deserve our collective applause for erring on the side of caution, especially in a world replete with cybersecurity and election interference threats.”

  • Ransomware Attacks on Cities Are Rising – Authorities Must Stop Paying Out

    A ransomware campaign that targeted twenty-three U.S. cities across Texas has raised serious concerns about the vulnerability of local governments and public services to cyber-attacks. These events come not long after similar attacks on governmental and business organizations in Indiana, Florida and elsewhere. They reflect a general shift in ransomware tactics from “spray and pray” attacks on large numbers of individual consumers, to “big game hunting”, which targets organizations, usually through people in positions of power.

  • Integrating EMM & APP Vetting Solutions for Maximum Security

    A new study released by the DHS S&T describes a continuous approach to mobile app vetting that integrates the capabilities of enterprise mobility management (EMM) solutions with app vetting tools to improve the security of mobile devices.

  • How to Measure Cybersecurity

    Many experts agree that there are no universally recognized, generally accepted metrics by which to measure and describe cybersecurity improvements, and that, as a result, decision-makers are left to make choices about cybersecurity implementation based on qualitative measures rather than quantitative ones. Robert Taylo argues that the “search for quantitative metrics and dismissal of qualitative metrics ignores the dynamic nature of the challenge of ensuring cybersecurity, as well as the critical role of processes and procedures. Cybersecurity is a matter not just of the equipment and tools in place but also of how the equipment and tools are used by people, and how the organization ensures that the equipment and tools and methods of use are kept up to date. Qualitative measures that are discernible and reproducible are and will continue to be essential in helping to guide sound investment and operational decisions.”

  • NotPetya Ushered in a New Era of Malware

    NotPetya ushered in a new era of implant-enabled warfare where public opinion is as much the target as traditional IT systems. This wasn’t “hack and leak” or “inauthentic amplification” on social media. This is information operations by using malware to create a narrative, and shows what the future of conflict looks like: one where malware not only disrupts our business operations but also targets our minds and influences media coverage. NotPetya created significant downtime and a whopping $10 billion in damages, but its most subversive impact was how it deceived the public.

  • Concerns Growing that China's Influence Operations Getting Bolder

    The U.S. intelligence community has warned that the battle for information dominance has been joined. Until now, much of the focus on been on Russia for its use of social media to meddle in a number of Western elections, including the 2016 U.S. presidential elections and, more recently, the 2018 congressional elections. But top U.S. intelligence officials have repeatedly warned Russia is not alone, and that other U.S adversaries would be using lessons from Moscow’s successes for their own purposes.

  • Russia’s and China’s Political Warfare Campaigns: How the West Can Prevail

    The United States and its allies are facing an unprecedented challenge: Russia and China, two authoritarian states possessing substantial human, economic, technological, and other resources; armed with conventional and nuclear forces which, in many respects, rival those held by the Western allies; and working actively to undermine the core interests of the West. Their operations are designed to subvert the cohesion of the Western allies and their partners; erode their economic, political, and social resilience; and undermine the West’s strategic positions in key regions. The Russian and Chinese regimes have made substantial progress towards these goals during the last two decades without conducting conventional military operations. Rather, Moscow and Beijing have employed sophisticated political warfare strategies and a wide range of mostly non-military instruments.

  • Ransomware Attacks Are Testing Resolve of Cities Across America

    Ransomware is hardly new, but it is in fashion. Two years ago such attacks were still relatively rare. But now they are far more targeted, and as companies and towns have shown an increased willingness to pay ransoms, criminals have turned to new and more powerful forms of encryption and more ingenious ways of injecting the code into computer networks. Only this summer did the United States begin to see multiple simultaneous attacks, often directed at government websites that are ill-defended.

  • Corporate Defenses Against Information Warfare

    When asked about Russian election interference during his congressional testimony last month, Robert Mueller said: “They’re doing it as we sit here.” To defend the nation against information warfare, the U.S. government has adopted a policy—by default, not by design—of relying on the private sector to police itself, with limited behind-the-scenes government assistance. Facebook’s website says: “Our detection technology helps us block millions of attempts to create fake accounts every day and detect millions more often within minutes after creation.” These numbers sound impressive, but they do not tell the whole story. To assess the effectiveness of company defenses, we must distinguish among three types of fake accounts: bots, fictitious user accounts, and impostor accounts. Russian agents have created and operated all three types of accounts.