• It’s Time to Surge Resources into Prosecuting Ransomware Gangs

    In the popular imagination, hacking is committed by lone wolves with exceptional computer skills. But in reality, the vast majority of hackers do not have the technical sophistication to create the malicious tools that are essential to their trade. Kellen Dwyer writes that hacking has exploded in recent years because criminals have specialized and subspecialized so that each one can concentrate on facilitating just a single phase of a successful data breach. This is known as cybercrime-as-a-service and it is a massive business. This intricate cybercrime ecosystem offers the key to fighting it: “While organization and specialization are strengths of cybercriminals, they are also weaknesses. That means there are organizations that can be infiltrated and exploited.”

  • Shape-Shifting Computer Chip Thwarts an Army of Hackers

    A processor is the piece of computer hardware that runs software programs. Since a processor underlies all software systems, a secure processor has the potential to protect any software running on it from attack. We have developed and tested a secure new computer processor that thwarts hackers by randomly changing its underlying structure, thus making it virtually impossible to hack.

  • Cybersecurity as Counterterrorism: Seeking a Better Debate

    Earlier this month, a senior Justice Department official referred to ransomware as a potential “cyber weapon of mass destruction.” When hackers subsequently disabled the Colonial Pipeline, causing fuel shortages and disruptions along the East Coast, it seemed to validate this warning. Simon Handler, Emma Schroeder, and Trey Herr, however, write that it would be a mistake for the policy establishment to double down on an outdated view of cyber conflict rooted in Cold War analogies. To improve U.S. cybersecurity, policymakers should draw instead on more relevant strategic lessons from the study of terrorism and counterterrorism.

  • Colonial Pipeline is a Harbinger of Things to Come in Business

    Six days after the Colonial Pipeline was attacked by cyberhackers and left millions hanging at the gas pump, they have gained control of their operations once again. But not before the refinery paid their attackers $5 million in untraceable cryptocurrency, according to several news outlets. While the worst is over for now, experts say that it’s a harbinger of things to come and more preparation and alternative modes of supply chain are needed to ward off future attacks.

  • Panic at the Pump and the Real Threat to Energy Security

    On Friday, May 7, the Colonial Pipeline was taken offline by a cyber attack. A major piece of the national energy infrastructure, the 5,500-mile-long line carries 45% of all the fuel — including gasoline, aviation fuel, and home heating oil — consumed on the East Coast. Gregory Brew writes that “almost immediately, commentators compared the situation to the Arab oil embargo of 1973 to 1974. “Such thinking reflects years of scholarship and public discourse focusing on energy security: the ability of consumers and governments to maintain access to energy flows, at reasonable prices, and handle potential disruptions,” he writes. Such analogies, while tempting, focus attention on mythical dangers at the expense of real ones.

  • Tips and Tactics for Dealing with Ransomware

    Used in cyberattacks that can paralyze organizations, ransomware is malicious software that encrypts a computer system’s data and demands payment to restore access. To help organizations protect against ransomware attacks and recover from them if they happen, NIST has published an infographic offering a series of simple tips and tactics.

  • Enhancing Defenders’ Predictive Power in Cyberspace

    How can organizations proactively protect themselves against cyber threats? What are the current frameworks in use to protect organizations against cyber threats? Researchers have developed a new model which focuses on cyber threats from state-sponsored actors but without the assumption of access to classified information or assets.

  • Cyberspace Is Neither Just an Intelligence Contest, nor a Domain of Military Conflict; SolarWinds Shows Us Why It’s Both

    Operations in cyberspace—at least those perpetrated by nation-state actors and their proxies—reflect the geopolitical calculations of the actors who carry them out. Erica D. Borghard writes that cyberspace is sometimes an intelligence contest, and other times a domain of conflict, depending on the strategic approaches and priorities of particular actors at a given moment in time. The SolarWinds campaign shows that “Future conversation needs to move beyond the military versus intelligence contest binary construct to more meaningfully explore how states may seek to use cyberspace for multiple objectives, either in sequence or in parallel,” she writes.

  • The TSA Should Regulate Pipeline Cybersecurity

    Fuel deliveries to the east coast of the United States have been brought to a standstill by cybercriminals that have gained access to Colonial Pipelines’ networks and forced the company to shut down its distribution system. After two decades of trying to make a voluntary partnership with industry work, this incident demonstrates that neither thoughts, prayers, nor information sharing is sufficient. It is time for the federal government to exercise its existing authority to regulate the cybersecurity of pipelines.

  • Protecting Critical Energy Infrastructure

    Increasingly, both Israel and the U.S. face costly cyberattacks that can cause severe damage to critical energy infrastructure. A new consortium will develop, integrate, and test technologies, and demonstrate high value cyberattack mitigation technologies on the energy infrastructure, using data analytics, artificial intelligence, and machine learning.

  • Huawei’s Ability to Eavesdrop on Dutch Mobile Users Is a Wake-up Call for the Telecoms Industry

    Chinese technology provider Huawei was recently accused of being able to monitor all calls made using Dutch mobile operator KPN. While the full report on the issue has not been made public, journalists reporting on the story have outlined specific concerns that Huawei personnel in the Netherlands and China had access to security-essential parts of KPN’s network – including the call data of millions of Dutch citizens – and that a lack of records meant KPN couldn’t establish how often this happened.

  • Zero-Knowledge Proofs in Vulnerability Disclosure

    Today, the disclosure process for software vulnerabilities is fraught with challenges. Cybersecurity researchers and software security analysts are faced with an ethics versus efficacy dilemma when it comes to reporting or sharing discovered bugs. Revealing a vulnerability publicly may get the attention of the program’s developers and motivate a timely response, but it could also result in a lawsuit against the researcher. Researchers develop capability to mathematically prove exploitability of vulnerable software without revealing critical information.

  • New Vulnerability Affecting Computers Globally

    A team o computer science researchers has uncovered a line of attack that breaks all Spectre defenses, meaning that billions of computers and other devices across the globe are just as vulnerable today as they were when Spectre was first announced.

  • How a Norwegian Government Report Shows the Limits of CFIUS Data Reviews

    Amid growing attention to data and national security threats from China, a recent Norwegian government report sheds light on the limits of a U.S. government process for tackling them: the Committee on Foreign Investment in the United States (CFIUS). Kamran Kara-Pabani and Justin Sherman write that “CFIUS is still a useful and important mechanism for addressing the national security risks associated with direct foreign access to sensitive U.S. citizen data,” but that “policymakers must recognize that CFIUS must be complemented with other measures outside of the body’s scope.”

  • Keeping Automated Electric Vehicles Safe

    Having your social media account hacked is a pain. Having your credit card account hacked can be devastating. Having your new electric vehicle hacked could be disastrous. As the move toward automated electric cars accelerates, protecting the cybersecurity of these vehicles has become urgent.