• A Human-Machine Collaboration to Defend Against Cyberattacks

    Being a cybersecurity analyst at a large company today is a bit like looking for a needle in a haystack — if that haystack were hurtling toward you at fiber optic speed. PatternEx merges human and machine expertise to spot and respond to hacks.

  • Reports: Trump Ousted Acting Intel Chief After He Warned of Russian 2020 Election Meddling

    President Donald Trump fired Director of National Security Joseph Maguire, the U.S. top intelligence official, after Maguire, in a classified briefing, told lawmakers that the U.S. intelligence community is seeing an intensification of Russia’s covert efforts to help Trump’s reelection campaign. The Kremlin’s campaign, already under way, would combine elements from the Kremlin’s successful 2016 effort to help Trump – hacking of Trump’s rivals and saturating social media with fake postings – with a new emphasis on corrupting voter rolls, hacking voting machines, and disrupting vote tallies. Trump has always rejected the U.S. intelligence community’s unanimous conclusion, based on incontrovertible facts, that Russia heavily interfered on his behalf in the 2016 election, preferring instead to accept Vladimir Putin’s denials that such interference took place.

  • Enhancing Privacy in Today's Internet of Things

    People navigating the digital landscape of today’s internet are bombarded with notices about how their data is being collected. But in the physical world — where internet of things (IoT) technologies increasingly track our activities — few, if any, notices are provided. A team of researchers has created an app and an entire infrastructure to change that.

  • Mixed-Signal Hardware Security Thwarts Powerful Electromagnetic Attacks

    Security of embedded devices is essential in today’s internet-connected world. Security is typically guaranteed mathematically using a small secret key to encrypt the private messages. When these computationally secure encryption algorithms are implemented on a physical hardware, they leak critical side-channel information in the form of power consumption or electromagnetic radiation. Now, researchers have developed technology to kill the problem at the source itself – tackling physical-layer vulnerabilities with physical-layer solutions.

  • 5G Choices: A Pivotal Moment in World Affairs

    It is disappointing that the Brits are doing the wrong thing on 5G, having not exhausted other possibilities. Instead they have doubled down on a flawed and outdated cybersecurity model to convince themselves that they can manage the risk that Chinese intelligence services could use Huawei’s access to U.K. telco networks to insert bad code. But if your telcos have a 5G operation and maintenance contract with a company beholden to the intelligence agencies of a foreign state, and that state does not share your interests, you need to consider the risk that you are paying a fox to babysit your chickens.

  • Why the 2020 Election Will Be a Mess: It’s Just Too Easy for Putin

    FBI Director Christopher Wray testified to the House Judiciary Committee last week that Russia’s disinformation campaign to interfere in the 2020 election is underway. Alex Finley, John Sipher, and Asha Rangappa write that this isn’t surprising, given that Russian active measures are about the long game: “Ex-KGB officer and Russian President Vladimir Putin’s goal was never simply to place a Manchurian candidate in the Oval Office, but rather to permanently destabilize the West, damage U.S. credibility, and undermine those very things that make democratic countries special.” They add: “We can be confident that “the 2020 election cycle will provide the Kremlin opportunities to pursue further subversion, disinformation, and deception.”

  • How I Hacked the Government (It Was Easier than You May Think)

    Max Weiss, Harvard Class of 2020, never intended to hack the government. His discovery of how easy it is to do — outlined in a new paper he authored — came of the best of intentions. He used bots to show an agency its website vulnerability.

  • Building the Cybersecurity Workforce of the Future

    This year marked the third Cybercore Summer Camp for area high school students and teachers, and the first year that cybersecurity was included in the STEM Summer Camp for younger students at the College of Eastern Idaho (CEI). It was also Idaho’s first year as a statewide participant in the national Girls Go CyberStart competition. And 2019 saw two area high school students spend the summer as cybersecurity interns at the laboratory. INL offers a recap of all the ways “INL is building the cybersecurity workforce of the future.”

  • Researchers Identify Security Vulnerabilities in Voting App

    In recent years, there has been a growing interest in using internet and mobile technology to increase access to the voting process. At the same time, computer security experts caution that paper ballots are the only secure means of voting. Mobile voting application could allow hackers to alter individual votes and may pose privacy issues for users.

  • Hackers Could Shut Down Satellites – or Turn Them into Weapons

    The race to put satellites in space is on, with Amazon, U.K.-based OneWeb and other companies chomping at the bit to place thousands of satellites in orbit in the coming months. These new satellites have the potential to revolutionize many aspects of everyday life – from bringing internet access to remote corners of the globe to monitoring the environment and improving global navigation systems. Amid all the fanfare, a critical danger has flown under the radar: the lack of cybersecurity standards and regulations for commercial satellites, in the U.S. and internationally.

  • U.S. Charges Huawei with Conspiracy to Steal Trade Secrets, Racketeering

    Chinese telecommunication giant Huawei and a number of its subsidiaries were charged with conspiracy to steal trade secrets and racketeering in a federal indictment made public Thursday. The charges also accuse the company of flouting U.S. sanctions by operating subsidiaries in North Korea and Iran. The indictment represents the latest U.S. effort to clamp down on a Chinese telecom company that American officials say has plundered the intellectual property of its rivals in a bid for market dominance.

  • Senior Huawei Official Acknowledges Ability to Clandestinely Access Mobile Networks

    A senior Huawei official has conceded that the company can clandestinely access users’ mobile networks. “Huawei itself has provided evidence that it builds backdoors into its products,” Herb Lin writes. “In particular, the [Wall Street] Journal [on 12 February 2012] quoted a senior Huawei official as saying that network access without operator permission ‘is extremely implausible and would be discovered immediately.’ This statement is extremely significant in understanding what Huawei equipment can and cannot do.” Lin adds: “Huawei has not said that network access without operator permission is technically impossible—only that it is implausible and would be discovered immediately. These are very different claims.”

  • Hackers: A Psychological Profile

    Whether cracking digital security for good or ill, hackers tend to be people who are manipulative, deceitful, exploitative, cynical and insensitive, according to research. The study analyzed the psychological profiles of college students in computer science and management to see which personality traits led to three different kinds of computer hacking: white hat, gray hat and black hat.

  • Election Security after Iowa

    The Iowa caucus debacle offers an illustration of election security failure in action, and the failure was followed by public anger and the spreading of conspiracy theories. Simon Handler writes that “If the Iowa caucus delay is any indication of how the public may react to an electoral snafu, a great deal more mayhem could arise from a far more serious threat.” In 2015 Russian cyberattacks shutdown power stations in Ukraine, causing blackouts in parts of the country. “Disrupting power distribution at the right moment in the right portions of the U.S. grid, targeting a few select states or counties, could cause just enough disruption to bring on a level of chaos that would dwarf what happened in Iowa,” Handler writes.

  • U.S.: Chinese Government Hackers Behind Equifax Breach

    Chinse government hackers stole the personal information of nearly 150 million Americans in 2017, when they successfully hacked Equifax. China has been using its vast network of intelligence agencies to conduct a sustained campaign aiming to collect data on the citizens of the United States and other countries, and systematically steal scientific research and innovation, in order to weaken Western economies and accelerate China’s march toward global scientific and economic hegemony.