• A Security Technique Fools Would-Be Cyber Attackers

    Multiple programs running on the same computer may not be able to directly access each other’s hidden information, but because they share the same memory hardware, their secrets could be stolen by a malicious program through a “memory timing side-channel attack.” Researchers demonstrate a method that safeguards a computer program’s secret information while enabling faster computation.

  • How AI Is Shaping the Cybersecurity Arms Race

    The average business receives 10,000 alerts every day from the various software tools it uses to monitor for intruders, malware and other threats. Dealing with this avalanche of alerts is achallenge which underscores the need for better ways to stem the tide of cyber-breaches.

  • What to Expect with Cyber Surprise

    The cyber domain has three critical characteristics which differentiate it from the kinetic domain: it is connected across the globe; it is pervasive in the economic life-blood of the world; and it is asymmetric in its ability to enable power projection. What, then, can we expect from a strategic surprise which we expect Russia to launch as part of its campaign in Ukraine? “We are about to see what war in the cyber era really looks like and, truthfully, nobody can tell you what will happen next,” Paul Rosenzweig writes.

  • There Is No Cyber “Shock and Awe”: Plausible Threats in the Ukraine Conflict

    People are talking about cyberwar again. Claims are made that any Russian military action in Ukraine will be preceded, accompanied by, and followed by devastating cyberattacks aimed at Ukraine and countries assisting Ukraine. Lennart Maschmeyer and Nadita Kostyuk write that “Cyber operations are not strategically irrelevant, nor are surprise cyber strikes of strategic relevance impossible. Rather, in assessing their threat we should distinguish what is possible in theory from what is feasible, and thus probable, in practice.”

  • New Cybersecurity Advisory: Protecting Cleared Defense Contractor Networks Against Russian Hackers

    Over the last two years, CISA, FBI and NSA continue observing regular targeting of both large and small Cleared Defense Contractors and subcontractors. Agencies strongly encourage organizations to apply recommended mitigation steps to reduce risk of compromise.

  • Possible Russian Cyberattacks Could Reverberate Globally: U.S., Allies

    The United States and its Western allies are bracing for the possibility that a Russian invasion of Ukraine would have a ripple effect in cyberspace, even if Western entities are not initially the intended target.

  • New Cybersecurity Advisory: Protecting Cleared Defense Contractor Networks Against Russian Hackers

    Over the last two years, CISA, FBI and NSA continue observing regular targeting of both large and small Cleared Defense Contractors and subcontractors. Agencies strongly encourage organizations to apply recommended mitigation steps to reduce risk of compromise.

  • China Suspected of Targeting U.S. Organizations with Cyberattacks

    Media giant News Corp is investigating a cyberattack that has accessed the email and documents of some of its employees and journalists. “Mandiant assesses that those behind this activity have a China nexus, and we believe they are likely involved in espionage activities to collect intelligence to benefit China’s interests,” Dave Wong, Mandiant vice president and incident responder, said.

  • CISA Supports Inaugural U.S. Cyber Games

    CISA last week announces its founding sponsorship of the first-ever US Cyber Team, which will compete, as part of the US Cyber Games, in the International Cybersecurity Challenge (ICC) June 14-17, 2022 in Athens, Greece. “Cyber competitions are a fundamental element of developing the next generation of cybersecurity talent. Games help motivate the future workforce, and keep the current workforce sharp, maintaining a thriving community of cybersecurity professionals,” noted CISA Director Jen Easterly.

  • Blocking Microgrid Cyberattacks to Keep Power Flowing

    Detection methods that identify the weaknesses in smart power grids will prevent cyberattacks from disrupting supply to critical infrastructure.

  • Broad, and Likely Unauthorized, Use of Pegasus Spyware by Israel's Police Shocks Israel

    Since 2015, Israel’s police has employed the intrusive Pegasus spyware to spy on businesspeople, journalists and editors, senior managers of government ministries and agencies, leaders of protest movements, and more – and it appears that in many, if not most, of these cases, the spying was done without judicial approval or after judges were misled by the police about the nature of the monitoring technology. The Pegasus software has been used by authoritarian governments around the world to spy on political opponents, human rights activist, journalists – and in at least one case, to spy on U.S. diplomats. The U.S. has blacklisted the Israeli company NSO, Pegasus maker, and American companies are not allowed to sell their technology to NSO or do business with it

  • DHS Launches Cyber Safety Review Board

    On Thursday, 3 February 2022, the U.S. Department of Homeland Security (DHS) announced the establishment of the Cyber Safety Review Board (CSRB). DHS says that the CSRB is an unprecedented public-private initiative that will bring together government and industry leaders to elevate our nation’s cybersecurity.

  • Cyberattacks on Belgian Energy Companies

    Oil facilities at Belgian ports have been hit with a cyberattack. The news comes a day after Germany launched an investigation into a similar incident.

  • Strengthening Cybersecurity Scholarship and Education

    The National Science Foundation (NSF) has awarded $3.9 million to Georgia State University as part of its CyberCorps Scholarship for Service (SFS) program. The grant will fund a project that aims to address the growing need for a highly skilled national cybersecurity workforce.

  • Russia Could Unleash Disruptive Cyberattacks Against the U.S. – but Efforts to Sow Confusion and Division Are More Likely

    As tensions mount between Russia and the West over Ukraine, the threat of Russian cyberattacks against the U.S. increases. Cybersecurity experts are concerned that in the wake of recent cyberattacks by hackers affiliated with Russia, the Russian government has the capability to carry out disruptive and destructive attacks against targets in the U.S. the Russian government is likely to think twice before unleashing highly disruptive attacks against the U.S., because the U.S. government could interpret such attacks, particularly those targeting critical infrastructure, as acts of war.