-
Lessons from the Cyberattack on India’s Largest Nuclear Power Plant
In early September, a cyberattack occurred at the Kudankulam nuclear power plant in India. The Indian nuclear monitoring agency finally admitted that the nuclear plant was hacked, and on 30 October Indian government officials acknowledged the intrusion. “As the digitalization of nuclear reactor instrumentation and control systems increases, so does the potential for malicious and accidental cyber incidents alike to cause harm,” Alexander Campbell and Vickram Singh write.
-
-
Here’s How Russia Will Attack the 2020 Election. We’re Still Not Ready.
In 2016, the GRU, Russia’s military intelligence branch, launched a massive, and successful disinformation campaign to change the way Americans were talking about the two candidates – Hillary Clinton and Donald Trump. Among the GRU’s most effective disinformation techniques was one known as “narrative laundering,” which aims to inject the Kremlin’s preferred stories – real, fake, or doctored — into mainstream American media. “It is quite possible that these exact techniques will be used again,” Renee DiResta, Michael McFaul, and Alex Stamos write. “And why shouldn’t they? We’ve done almost nothing to counter the threat.”
-
-
Fighting Deepfakes When Detection Fails
Deepfakes intended to spread misinformation are already a threat to online discourse, and there is every reason to believe this problem will become more significant in the future. Automated deepfake detection is likely to become impossible in the relatively near future, as the approaches that generate fake digital content improve considerably.
-
-
Private Vendors Critical to Election Security Inadequately Supervised
Private vendors build and maintain much of the election infrastructure in the United States with minimal oversight by the federal government. A new report presents the risks this poses to the security of our elections and offers a solution.
-
-
Vulnerabilities Affecting Billions of Computer Chips Discovered
Security researchers discovered serious security vulnerabilities in computer chips made by Intel Corp. and STMicroelectronics. The flaws affect billions of laptop, server, tablet, and desktop users around the world. The security flaws could be used to steal or alter data on billions of devices.
-
-
Saudi “Twitter Spies” Broke No Federal Privacy Laws -- Because There Are None
Privacy expert Mike Chapple of the University of Notre Dame says that the Saudi “Twitter Spies,” who were charged last week by the Justice Department for spying on behalf of Saudi Arabia, committed espionage — but broke no federal privacy laws because there are no such laws. Chapple says that Twitter failed to live up to industry-standard cybersecurity practices.
-
-
Can the United States Deter Election Meddling?
The 2020 election is still a year away, but law enforcement officials are already sounding the alarm about foreign interference in the election. Leaders of the U.S. intelligence and law enforcement communities warn that Moscow is preparing to launch a similar effort next year. Joshua Rovner writes that cyber-meddling is a challenge, but that we should not despair.
-
-
The Senate Examines Threats to the Homeland
On Tuesday, Nov. 5, the Senate Homeland Security and Governmental Affairs Committee held a hearing on the evolving threats facing the United States. In their written and opening remarks, the witnesses outlined a dizzyingly broad array of threats—from domestic and international terrorism to transnational organized crime, cyber and economic espionage, election interference, data insecurity, and potential chemical and biological attacks on the homeland. As the hearing wore on, senators’ questions and witness testimony narrowed in scope, focusing primarily on three aspects of America’s security challenges: how to optimize information sharing to combat domestic terrorism; how to counter Chinese cyber and counterintelligence operations; and how to address the growing problems posed by new technologies, namely, ransomware, cryptocurrency and unmanned aerial systems (UASs).
-
-
Disinformation Agents Are Targeting Veterans in Run-Up to 2020 Election
Disinformation campaigns are targeting U.S. veterans through social media, seeking to tap the group’s influential status in their communities and high voting turnout in order to influence elections and fuel discord. Katerina Patin writes that veterans present an ideal target for foreign actors. In addition to their social status and voting rate, veterans are also more likely to run for office and more likely to work in government than any other demographic.
-
-
U.S. Security Leaders Warn About Russian, Iranian Interference in 2020 Polls
Top U.S. intelligence and law enforcement officials have joined together to warn Americans about attempts by Russia, Iran, and other foreign “adversaries” to interfere with next year’s presidential election. “Our adversaries want to undermine our democratic institutions, influence public sentiment, and affect government policies,” the leaders of the Trump’s administration on security matters said in a joint statement released on 5 November. “Russia, China, Iran, and other foreign malicious actors all will seek to interfere in the voting process or influence voter perceptions,” they added.
-
-
Are Journalists Ready for Foreign Interference in 2020?
Last month, the U.S. Senate Select Committee on Intelligence released volume two of its investigation into Russian interference, which details an extensive campaign that aims to sow division and undermine American democracy via social media. One of Russia’s key strategies is to target journalists. As the report describes, “Information warfare, at its core, is a struggle over information and truth. A free and open press — a defining attribute of democratic society — is a principal strategic target for Russian disinformation.” By targeting journalists and news outlets in democratic countries, authoritarians weaken a key pillar of democratic societies.
-
-
Inside the Microsoft Team Tracking the World’s Most Dangerous Hackers
When the Pentagon recently awarded Microsoft a $10 billion contract to transform and host the U.S. military’s cloud computing systems, the mountain of money came with an implicit challenge: Can Microsoft keep the Pentagon’s systems secure against some of the most well-resourced, persistent, and sophisticated hackers on earth?
-
-
Officials Just Had Their Last Chance to Road Test Elections Before 2020
From a security perspective, Tuesday’s odd-year election went off without a hitch: Officials didn’t spot any major disruptions from hacking or disinformation campaigns. But Joseph Marks writes that the fight to protect the 2020 contest is only ramping up. And officials were quick to warn that it will be a far juicier target for foreign actors.
-
-
Using Algorithms to Seek Out Voter Fraud
Concerns over voter fraud have surged in recent years, especially after federal officials reported that Russian hackers attempted to access voter records in the 2016 presidential election. Administrative voting errors have been reported, too; for example, an audit by state officials revealed that 84,000 voter records were inadvertently duplicated by the California Department of Motor Vehicles (DMV) in the 2018 June primary election. Researchers are helping with the situation by developing new algorithms for tracking voter data.
-
-
Foreign Money Flows into U.S. Politics
Untold amounts of foreign donations are flowing into America’s political system, with little accountability or limits. Although election experts say it’s impossible to accurately estimate the extent of foreign financial influence over U.S. elections, many agree it has increased substantially since a landmark Supreme Court ruling nearly a decade ago opened the flood gates.
-
More headlines
The long view
Ransomware Attacks: Death Threats, Endangered Patients and Millions of Dollars in Damages
A ransomware attack on Change Healthcare, a company that processes 15 billion health care transactions annually and deals with 1 in 3 patient records in the United States, is continuing to cause massive disruptions nearly three weeks later. The incident, which started on February 21, has been called the “most significant cyberattack on the U.S. health care system” by the American Hospital Association. It is just the latest example of an increasing trend.
Chinese Government Hackers Targeted Critics of China, U.S. Businesses and Politicians
An indictment was unsealed Monday charging seven nationals of the People’s Republic of China (PRC) with conspiracy to commit computer intrusions and conspiracy to commit wire fraud for their involvement in a PRC-based hacking group that spent approximately 14 years targeting U.S. and foreign critics, businesses, and political officials in furtherance of the PRC’s economic espionage and foreign intelligence objectives.
Autonomous Vehicle Technology Vulnerable to Road Object Spoofing and Vanishing Attacks
Researchers have demonstrated the potentially hazardous vulnerabilities associated with the technology called LiDAR, or Light Detection and Ranging, many autonomous vehicles use to navigate streets, roads and highways. The researchers have shown how to use lasers to fool LiDAR into “seeing” objects that are not present and missing those that are – deficiencies that can cause unwarranted and unsafe braking or collisions.