• Vulnerabilities of Password Managers

    Security experts recommend using a complex, random and unique password for every online account, but remembering them all would be a challenging task. That’s where password managers come in handy. Some commercial password managers, however, may be vulnerable to cyber-attack by fake apps, new research suggests.

  • “Speed and Agility,” “Layered Cyber Deterrence” to Bolster American Cyber Defenses

    The Cyberspace Solarium Commission (CSC) the other day released its report on how to best protect the nation’s critical infrastructure from a cyberattack of significant consequence. In the report, the CSC lays out a comprehensive strategy to restore deterrence in cyberspace and provides extensive policy and legislative actions to enable this strategy. The report lays out more than 75 recommendations to improve the cybersecurity of U.S. critical infrastructure and recommends a strategy of “layered cyber deterrence” that seeks to shape behavior in cyberspace, deny benefits to adversaries who would seek to exploit cyberspace to their advantage, and impose costs against those who would nonetheless choose to target America in and through cyberspace.

  • Next Generation 911 Services Vulnerable to Cyberattacks

    Despite a previous warning by Ben-Gurion University of the Negev (BGU) researchers, who exposed vulnerabilities in 911 systems due to distributed denial of service attacks (DDoS), the next generation of 911 systems that now accommodate text, images and video still have the same or more severe issues.

  • Why the 2020 Election Will Be A Mess, Part II: Beyond Russian Disinformation

    In 2016, an effective Russian disinformation campaign helped Donald Trump win the presidential election. What would the next iteration of Russia’s effort look like? Alex Finley, Asha Rangappa, and John Sipher write that an influence campaign “is only one piece of Russia’s larger use of political warfare. Russia’s full active-measures toolkit—one that goes back to the Soviet Union’s KGB—includes subversion, espionage, sabotage, propaganda, deception, provocation, spreading of rumors and conspiracy, weaponization of social media, and even assassination and promotion of violence.” The three authors write that a look at Russia’s actions in Europe and past practice “suggests the United States should prepare for the worst.”

  • “Internet of Things” Could Be an Unseen Threat to Elections

    The app failure that led to a chaotic 2020 Iowa caucus was a reminder of how vulnerable the democratic process is to technological problems – even without any malicious outside intervention. Far more sophisticated foreign hacking continues to try to disrupt democracy, as a rare joint federal agency warning advised prior to Super Tuesday. Russia’s attempt to interfere in the 2016 election has already revealed how this could happen: social media disinformation, email hacking and probing of voter registration systems. The threats to the 2020 election may be even more insidious.

  • Judge Rebukes Barr’s Handling of Mueller Report

    U.S. District Judge Reggie Walton Thursday sharply criticized the way Attorney General William Barr handled the Special Counsel Robert Mueller’s Russia report, saying Barr had made “misleading public statements” to spin the investigation’s findings in favor of President Donald Trump. AP reports that the scolding from the judge was unusually blunt, with the judge saying that “he struggled to reconcile Barr’s public characterizations of the report — which included his statement that Mueller found ‘no collusion’ between the Trump campaign and Russia — with what the document actually said.”

  • No Foreign Meddling in Super Tuesday Primaries: U.S. Officials

    U.S. voters who headed to the polls to cast ballots in Super Tuesday primaries encountered scattered problems, some causing long lines or delays, but nothing that could be attributed to foreign interference, U.S. officials said. As a precaution, U.S. security and intelligence officials warned voters Monday to expect foreign actors to try to sway their views as they prepared to vote in key presidential primaries. The U.S. intelligence community, and the exhaustive Mueller investigation, found incontrovertible evidence that Russia engaged in a broad and successful campaign to help Donald Trump win the 2016 election. Earlier Tuesday, acting DHS Secretary Chad Wolf told lawmakers that the threat, whether it manifested during Tuesday’s primary elections or during the general election in November, is growing. “We see an ongoing influence campaign by Russia,” he said, adding “We would not be surprised if other adversaries are not also looking at what they’re doing.”

  • Understanding Russian Subversion

    Since 2014, Russia has undertaken a wide range of subversive activities intended to influence the domestic politics of the United States, its partners, and its allies. A new RAND study synthesizes previous work, discussing what Russian subversion is and the capabilities Russia uses to undertake it today.

  • Bipartisan Bill Would Reimburse Telcoms for Replacing Huawei’s, ZTE’s Equipment

    New bipartisan legislation aims to protect American communications networks from threats presented by foreign suppliers like Huawei and ZTE. The “rip and replace” part of the legislation would offer relief to reimburse smaller telecommunications providers – largely in rural areas – by reimbursing them for the costs of removing and replacing untrusted foreign equipment.

  • “Surfing Attack” Hacks Siri, Google with Ultrasonic Waves

    Ultrasonic waves don’t make a sound, but they can still activate Siri on your cellphone and have it make calls, take images or read the contents of a text to a stranger. All without the phone owner’s knowledge.

  • For Better Cybersecurity, New Tool Fools Hackers into Sharing Keys

    Instead of blocking hackers, a new cybersecurity defense approach actually welcomes them. The method, called DEEP-Dig (DEcEPtion DIGging), ushers intruders into a decoy site so the computer can learn from hackers’ tactics. The information is then used to train the computer to recognize and stop future attacks.

  • Protecting Sensitive Metadata So It Cannot Be Used for Surveillance

    MIT researchers have designed a scalable system that secures the metadata of millions of users in communications networks, to help protect the information against possible state-level surveillance. The system ensures hackers eavesdropping on large networks cannot find out who is communicating and when they’re doing so.

  • Hackers Are Everywhere. Here’s How Scholars Can Find Them.

    The world of cyber operations is full of hard national security choices. Ben Buchanan asks: “How do long-held ideas of counterintelligence, deterrence and deception apply in this new arena of competition? How does escalation work with hacking? Who carried out this intrusion, and what was the intention behind it? Most of all, what does any of this mean for geopolitics in the modern age, and how can scholars communicate that to policymakers?”

  • Growing Tory Opposition to Boris Johnson’s Huawei Decision

    David Davis, a leading Conservative MP and a former Brexit Secretary, has warned that allowing Chinese technology giant Huawei to build some of the infrastructure for the U.K. 5G communication network could be seen as “the worst decision made by a British prime minister.” The government Huawei move represented the “worst intelligence decision since MI6’s recruitment of Kim Philby,” Davis said, adding that if the government allowed Huawei access to the U.K. 5G infrastructure, then “We are handing the keys to large parts of the country over to China.” Davis was blunt: “This is the ground on which future wars will be fought.”

  • Senior U.S. Democrats Demand Russia Sanctions Over 2020 Election Interference

    U.S. Senate Democratic leaders have urged the administration to impose sanctions on Russia after U.S. intelligence officials briefed members of Congress that Russia was again trying to interfere in a national election. “We urge you to immediately draw upon the reported conclusions of the Intelligence Community to identify and target for sanctions all those determined to be responsible for ongoing elections interference, including President Putin, the government of the Russian Federation, any Russian actors determined to be directly responsible, and those acting on their behalf or providing material or financial support for their efforts,” the senators write in their letter.