• NSF Backs Processor Design, Chip Security Research

    Rice University computer scientists have won two grants from the National Science Foundation to explore new information processing technologies and applications that combine seamlessly co-designed hardware and software to allow for more effective and efficient data stream analysis using pattern matching.

  • U.S., Latin America to Boost Cybersecurity

    Countries up and down the Western Hemisphere are looking to eliminate weaknesses in their cyber infrastructure that could give potential adversaries, including China and Russia, the ability to do extensive damage by exploiting a single vulnerability.

  • The Cyber Threat to Nuclear Non-Proliferation

    Most cyber scholars looking at the nexus of cyber campaigns/operations and the nuclear weapons enterprise—command and control, communications, and delivery systems—focus on the consequences of targeting the enterprise through cyber operations during militarized crises or armed conflicts between nuclear powers. Michael P. Fischerkeller writes that there is, however, a third geopolitical condition—competition short of crisis and armed conflict—where the consequences, although of a different ilk, are no less severe.

  • Harmonization of Cyber Incident Reporting for Critical Infrastructure Entities

    DHS outlined a series of actionable recommendations on how the federal government can streamline and harmonize the reporting of cyber incidents to better protect the nation’s critical infrastructure.

  • Walking the Artificial Intelligence and National Security Tightrope

    Artificial intelligence (AI) presents nations’ security as many challenges as it does opportunities. While it could create mass-produced malware, lethal autonomous weapons systems, or engineered pathogens, AI solutions could also prove the counter to these threats. Regulating AI to maximize national security capabilities and minimize the risks presented to them will require focus, caution and intent.

  • A Review of NIST’s Draft Cybersecurity Framework 2.0

    Cybersecurity professionals, and anyone interested in cybersecurity, have noted that the gold standard of cybersecurity is getting a needed polish. “But all that glitters is not gold,” Melanie Teplinsky writes. NIST’s voluntary cybersecurity framework leaves organizations vulnerable to the nation’s most capable cyber adversaries. NIST’s proposed overhaul won’t change that.

  • The Scourge of Commercial Spyware—and How to Stop It

    Years of public revelations have spotlighted a shadowy set of spyware companies selling and servicing deeply intrusive surveillance technologies that are used against journalists, activists, lawyers, politicians, diplomats, and others. Democratic nations (thus far) lag behind the United States in executing spyware-related policy commitments.

  • International Ransomware Gangs Are Evolving Their Techniques. The Next Generation of Hackers Will Target Weaknesses in Cryptocurrencies

    In reality, not a week goes by without attacks affecting governments, schools, hospitals, businesses and charities, all over the world. These attacks have significant financial and societal costs. Ransomware is now widely acknowledged as a major threat and challenge to modern society, and there is every expectation that criminals will continue to adapt their strategies and cause widespread damage for many years to come.

  • Malicious AI Arrives on the Dark Web

    Nefarious non-state actors are already harnessing AI to scale up their malicious activities. Just as legitimate users have moved on from exploring ChatGPT to building similar tools, the same has happened in the shadowy world of cybercrime.

  • AI Cyber Challenge Aims to Secure Nation’s Most Critical Software

    In an increasingly interconnected world, software undergirds everything from financial systems to public utilities. As software enables modern life and drives productivity, it also creates an expanding attack surface for malicious actors. This surface includes critical infrastructure, which is especially vulnerable to cyberattacks given the lack of tools capable of securing systems at scale. New competition challenges the nation’s top AI and cybersecurity talent to automatically find and fix software vulnerabilities, defend critical infrastructure from cyberattacks.

  • Cyber-Attacks Against the U.K. Electoral Commission Reveal an Ongoing Threat to Democracy

    The revelations this month that data on 40 million UK voters had been exposed to hackers came as no surprise to many cybersecurity experts, who have long pointed out the vulnerability of democracies to malicious online interference. The attack reflects the serious and ongoing threat to democracies posed by cyber-interference from foreign nations and criminal organizations.

  • Freezing Out the Risk of Thermal Attacks

    Thermal attacks use heat-sensitive cameras to read the traces of fingerprints left on surfaces like smartphone screens, computer keyboards and PIN pads. Hackers can use the relative intensity of heat traces across recently touched surfaces to reconstruct users’ passwords. A team of computer security experts have developed a set of recommendations to help defend against ‘thermal attacks’ which can steal personal information.

  • The New Technology Which Is Making Cars Easier for Criminals to Steal, or Crash

    There is much talk in the automotive industry about the “internet of vehicles” (IoV). This describes a network of cars and other vehicles that could exchange data over the internet in an effort to make transportation more autonomous, safe and efficient. There are many benefits to IoV, but some of these systems might also make our vehicles prone to theft and malicious attack, as criminals identify and then exploit vulnerabilities in this new technology. In fact, this is already happening.

  • Safeguarding U.S. Laws and Legal Information Against Cyberattacks and Malicious Actors

    NYU Tandon School of Engineering researchers will develop new technologies to secure the “digital legal supply chain” — the processes by which official laws and legal information are recorded, stored, updated and distributed electronically.

  • Randomized Data Can Improve Our Security

    Huge streams of data pass through our computers and smartphones every day. In simple terms, technical devices contain two essential units to process this data: A processor, which is a kind of control center, and a RAM, comparable to memory. Modern processors use a cache to act as a bridge between the two, since memory is much slower at providing data than the processor is at processing it. This cache often contains private data that could be an attractive target for attackers.