• Hack-resistant hardware

    Military and civilian technological systems, from fighter aircraft to networked household appliances, are becoming ever more dependent upon software systems inherently vulnerable to electronic intruders. DARPA has advanced a number of technologies to make software more secure. But what if hardware could be recruited to do a bigger share of that work? That’s the question DARPA’s new System Security Integrated Through Hardware and Firmware (SSITH) program aims to answer.

  • Hackers activate Dallas’s emergency sirens system

    Near midnight on Friday night the residents of Dallas, Texas were startled when, simultaneously, 156 emergency sirens sounded the unmistakable warning alarm. Dallas officials soon discovered the reason: The city’s alarms system had been hacked. Dallas’s mayor Mike Rawlings said: “This is yet another serious example of the need for us to upgrade and better safeguard our city’s technology infrastructure.”

  • Urgent action needed to bolster cybersecurity for critical infrastructure

    There has never been a more crucial time to examine cybersecurity for critical infrastructure, most of which is privately owned. According to MIT experts, over the last twenty-five years, presidents from both parties have paid lip service to the topic while doing little about it, leading to a series of short-term fixes they liken to a losing game of “Whac-a-Mole.” This scattershot approach, they say, endangers national security. A new report warns of hacking risk to electric grid, oil pipelines, and other critical infrastructure. “The nation will require a coordinated, multi-year effort to address deep strategic weaknesses in the architecture of critical systems, in how those systems are operated, and in the devices that connect to them,” the authors write. “But we must begin now. Our goal is action, both immediate and long-term.”

  • Driver privacy can be compromised in Usage-Based Insurance (UBI) systems

    Researchers have demonstrated that it is possible to compromise a driver’s private information stored in the cloud for Usage-Based Insurance (UBI) programs, based on only part of the data collected. UBI programs determine a consumer or fleet insurance premium rate based on several driving parameters that are collected, including total driving time, cornering and average speed. As part of the burgeoning Internet of Things (IoT) connected-device functionality in vehicles, driver data is gradually being stored in the cloud, rather than onboard a vehicle’s computer.

  • Online campaigning poses a risk to democracy: Experts

    A working group set up by the London School of Economics said that there is a need for an in-depth, independent, research driven, evidence-based review of the role of social media in political campaigning. “There is a real danger that public trust in the democratic process will be lost. There is real potential for foreign influence. We have now the ability to manipulate public opinion on a level we have never seen before. And the current framework is weak and helpless,” said the lead author of an LSE policy brief.

  • Repeat performance: Russia’s French connection

    After interfering in the 2016 U.S. presidential elections, the FSB and GRU, Russia’s two intelligence agencies, have turned their attention to Europe: The two rounds of France’s presidential election will be held in late April and early-May, and Germany’s parliamentary election will be held in September. In France, Russia’s preferred candidate is Marine Le Pen, the leader of the populist, far-right, National Front. But polls show that while Le Pen may just win the first round of the election (to be held 23 April), she will be easily defeated in the second round (7 May) by either the centrist Emmanuel Macron or the conservative Francois Fillon. Putin did not want Hillary Clinton in the White House, and he does not want Emmanuel Macron in the Élysée Palace. Yes, Le Pen is Putin’s preferred candidate, but since she cannot win, then Francois Fillon will do.

  • Android apps can conspire to mine information from your smartphone

    Mobile phones have increasingly become the repository for the details that drive our everyday lives. But researchers have recently discovered that the same apps we regularly use on our phones to organize lunch dates, make convenient online purchases, and communicate the most intimate details of our existence have secretly been colluding to mine our information.

  • Google’s AI tool for video searching can be easily deceived

    Researchers have shown that Google’s new tool that uses machine learning to automatically analyze and label video content can be deceived by inserting a photograph periodically and at a very low rate into videos. After they inserted an image of a car into a video about animals, for instance, the system returned results suggesting the video was about an Audi.

  • U.K. airports, nuclear power stations on terror alert following “credible” threat

    Airports and nuclear power stations in the United Kingdom have been instructed to bolster their defenses against terrorist attacks in the face of intensified threats to electronic security systems. Security services have issued a series of alerts over the weekend, warning that terrorists may have developed ways of bypassing safety checks. U.S. and British security services are concerned that terrorists will use the techniques they developed to bypass screening devices at European and U.S. airports, against other critical infrastructure facilities such as nuclear power stations.

  • Hackers can hijack scanners to perpetrate cyberattacks

    A typical office scanner can be infiltrated and a company’s network compromised using different light sources, according to researchers. The researchers conducted several demonstrations to transmit a message into computers connected to a flatbed scanner. Using direct laser light sources up to a half-mile (900 meters) away, as well as on a drone outside their office building, the researchers successfully sent a message to trigger malware through the scanner.

  • Repealing FCC’s privacy rules: A serious blow to privacy, cybersecurity

    In the end, the cybersecurity implications of repealing the FCC’s privacy rules come from simple logic. If the privacy rules are repealed, Internet providers will resume and accelerate these dangerous practices with the aim of monetizing their customers’ browsing history and app usage. But in order to do that, Internet providers will need to record and store even more sensitive data on their customers, which will become a target for hackers. Internet providers will also be incentivized to break their customers’ security, so they can see all the valuable encrypted data their customers send. And when Internet providers break their customers’ security, you can be sure malicious hackers will be right on their heels. The net result is simple: repealing the FCC’s privacy rules won’t just be a disaster for Americans’ privacy. It will be a disaster for America’s cybersecurity, too.

  • Russia's interference in U.S. presidential election “an act of war”: Dick Cheney

    Former Vice President Dick Cheney said Russia’s interference in the 2016 U.S. presidential election could be considered “an act of war.” Cheney said there was “no question” that Vladimir Putin had attempted to influence the election outcome. “There’s no question there was a very serious effort made by Putin and his government, his organization, to interfere in major ways with our basic fundamental democratic processes,” Cheney said during a speech at a business conference in New Delhi, India.

  • Connected dolls, tell-tale teddy bears: Managing the Internet of Toys

    Large numbers of connected toys have been put on the market over the past few years, and the turnover is expected to reach €10 billion by 2020 – up from just €2.6 billion in 2015. Connected toys come in many different forms, from smart watches to teddy bears that interact with their users. They are connected to the internet and together with other connected appliances they form the Internet of Things, which is bringing technology into our daily lives more than ever. However, the toys’ ability to record, store and share information about their young users raises concerns about children’s safety, privacy and social development. Action is thus needed to monitor and control the emerging Internet of Toys.

  • Protecting web users’ privacy

    Most website visits these days entail a database query — to look up airline flights, for example, or to find the fastest driving route between two addresses. But online database queries can reveal a surprising amount of information about the people making them. And some travel sites have been known to jack up the prices on flights whose routes are drawing an unusually high volume of queries. MIT researchers next week will present a new encryption system that disguises users’ database queries so that they reveal no private information.

  • New brain-inspired cybersecurity system detects “bad apples” 100 times faster

    Cybersecurity is critical — for national security, corporations and private individuals. Sophisticated cybersecurity systems excel at finding “bad apples” in computer networks, but they lack the computing power to identify the threats directly. These limits make it easy for new species of “bad apples” to evade modern cybersecurity systems. And security analysts must sort the real dangers from false alarms. The Neuromorphic Cyber Microscope, designed by Lewis Rhodes Labs in partnership with Sandia National Laboratories, directly addresses this limitation. Due to its brain-inspired design, it can look for the complex patterns that indicate specific “bad apples,” all while using less electricity than a standard 60-watt light bulb.