• Russian hackers likely behind cyberattacks on U.S. nuclear operators: Experts

    Russian government hackers are suspected to be behind a series of cyberattacks on U.S. nuclear operators. The attacks were similar to recent Russian attacks on Ukraine’s power infrastructure. Experts say that rhe attacks in Ukraine and the United States show that Russian hackers appear to be testing increasingly advanced tools to disrupt power supplies. “If you think about a typical war, some of the acts that have been taken against critical infrastructure in Ukraine and even in the U.S., those would be considered crossing red lines,” says one security expert.

  • Improving cybersecurity risk management

    DHS S&T awarded $220,209 to the University of Tulsa to study data production and usage by cybersecurity researchers, information that will help quantify the value of data-sharing and improve sharing incentives to address the interdependency of cyber-risk environments. The award’s primary focus is research into investment, impact, value and incentives related to cybersecurity risk management.

  • Wealth breeds cybercrime, but it does not automatically generate cybersecurity: Report

    ITU, the United Nations specialized agency for information and communication technology, has published the Global Cybersecurity Index 2017 (GCI-2017), which measures the commitment of ITU’s 193 member states to cybersecurity and is the second in this index series. The report found that Singapore, ranked No. 1, has a near-perfect approach to cybersecurity. The rest of the top 10 were Malaysia, Oman, Estonia, Mauritius, Australia, Georgia, France, and Canada. Equatorial Guinea brings up the rear, with cyber wellness score of zero.

  • Hackers could use brainwaves to steal passwords

    Researchers suggest that brainwave-sensing headsets, also known as EEG or electroencephalograph headsets, need better security after a study reveals hackers could guess a user’s passwords by monitoring their brainwaves. EEG headsets are advertised as allowing users to use only their brains to control robotic toys and video games specifically developed to be played with an EEG headset. There are only a handful on the market, and they range in price from $150 to $800.

  • Shin Bet chief: Israel successfully combating cyber-terror, “lone wolf” attacks

    The head of Israel’s internal security service has revealed that Israel is successfully fighting back against cyberterrorism and prevented thousands of potential so-called “lone wolf” attacks with the aid of technology. The Shin Bet head revealed that Israel used technological and intelligence methods to identify and prevent over 2,000 potential “lone wolf” attacks since the beginning of 2016.

  • The Petya ransomware attack shows how many people still don’t install software updates

    A new global ransomware attack, called “Petya” or “NotPetya,” exploits the same vulnerability as the “WannaCry” attack back in May. As Petya spreads across Europe, it’s becoming clear how few people and companies – including major corporations – actually update their software, even in the wake of major cyberattacks. Attackers got into computers through that weakness and encrypted users’ data, demanding a ransom from anyone who wanted the data made usable again. But they didn’t win the race to exploit the flaw as much as people and computer companies collectively lost it. Our human tendencies and corporate policies worked against us. Research, including my own, tells us why, and offers some suggestions for how to fix it before the inevitable next attack.

  • New firewall protects cellphones from hardware security threats

    Some 400 million people change their phone’s components, such as touchscreens, chargers, and battery or sensor assemblies, which are all susceptible to significant security breaches and attacks. These components, referred to as “field replaceable units (FRUs),” communicate with the phone CPU over simple interfaces with no authentication mechanisms or error detection capabilities. A malicious vendor could add a compromised FRU to a phone, leaving it vulnerable to password and financial theft, fraud, malicious photo or video distribution, and unauthorized app downloads. Cybersecurity researchers at Ben-Gurion University of the Negev (BGU) developed an innovative firewall program that adds a missing layer of security in Android cellphones and monitors for malicious code.

  • Intel teams up with Israeli cybersecurity incubator to foil hacking attacks

    Intel, the world’s largest chip-maker, is joining forces with the Israeli cybersecurity incubator Team8 to locate innovative technology that will fend off increasingly sophisticated cyberattacks. In joining forces with Team8 and their syndicate members, which include big names like Microsoft and Cisco, Intel is further advancing its desire to be a major player in the cybersecurity market. Israel is home to around 450 cybersecurity startups and receives around 20 percent of global investment in the field.

  • Australia: Five-Eyes nations should require backdoors in electronic devices

    Australia attorney-general George Brandis said he was planning to introduce a proposal to Australia’s four intelligence-sharing partners in the Five Eyes group — the United States, United Kingdom, New Zealand, and Canada – to require technology companies to create some kind of a backdoor to their devices. Australian leaders have emerged as strong proponents of allowing law-enforcement and intelligence agencies to gain access to the information and communication records on devices used by terrorists and criminals.

  • Protecting auto computer systems from hacks

    When you and your family are zooming along the freeway, the last thing you’re worried about is the security of your car’s computer systems. That’s one reason researchers work hard on protecting vehicles from cyberattacks. Computer engineering research team is focused on the security of wireless interfaces utilized by vehicles, the number of which will only grow as autonomous cars and trucks roll closer to reality. These interfaces in our vehicles, not unlike the computers in our homes and in our hands, can be susceptible to attacks, also known as hacks. The major difference is that attacks on a vehicle’s computer systems, which are connected to critical controls, can have potentially fatal consequences.

  • Russian government hackers broke into voting systems in 39 states

    The attack by the Russian government hackers on the U.S. electoral system during the 2016 campaign involved thirty-nine states. This figure shows that the Russian attack was broader and deeper than previously thought. The cyberattacks targeted software used by states election commissions in the months and weeks before the election – and by poll workers on election day. The type of targets the Russian government hackers chose also indicates that in addition to the immediate goal of helping elect Donald Trump president, the hackers were trying to gain knowledge which would allow them to interfere in, and influence, the 2018 mid-term elections of 2020 presidential election even more effectively than they did the 2016 presidential election.

  • Stuxnet, the sequel: Dangerous malware aims to disrupt industrial control systems

    A cybersecurity firm has identified a new, dangerous malware, dubbed Industroyer, capable of performing an attack on power supply infrastructure. The malware was likely involved in the December 2016 cyberattack on Ukraine’s power grid that deprived part of its capital, Kiev, of power for over an hour. is capable of directly controlling electricity substation switches and circuit breakers. It uses industrial communication protocols used worldwide in power supply infrastructure, transportation control systems, and other critical infrastructure. The potential impact may range from simply turning off power distribution, triggering a cascade of failures, to more serious damage to equipment.

  • Preventing voice hacking

    While convenient, Siri, WeChat, and other voice-based smartphone apps can expose you to a growing security threat: voice hacking. With just a few minutes of audio samples, attackers can replay your voice convincingly enough to trick people as well as top digital security systems. The consequences, from impersonating you with your friends to dipping into your bank account, are terrifying. An app, soon to be available, will help thwart growing cybersecurity threat

  • Preventing autonomous vehicles from being hacked

    Although autonomous vehicles are essentially large computers on wheels, securing them is not the same as securing a communication network that connects desktop computers and smartphones to large geographical areas due to the roles that the sensors and actuators play in the physical layer of the network. Researchers have developed an intelligent transportation system prototype designed to avoid collisions and prevent hacking of autonomous vehicles.

  • Network routers can covertly leak data

    Researchers have demonstrated for the first time that it is possible to covertly siphon sensitive files, passwords or other critical data from any common router. “Unlike network traffic that is heavily monitored and controlled by firewalls, this covert channel is currently not monitored,” one researcher says. “As a result, it enables attackers to leak data while evading firewalls, air-gaps (computers not hooked up to the internet) and other data-leakage prevention methods.”