• Lessons from the Cyberattack on India’s Largest Nuclear Power Plant

    In early September, a cyberattack occurred at the Kudankulam nuclear power plant in India. The Indian nuclear monitoring agency finally admitted that the nuclear plant was hacked, and on 30 October Indian government officials acknowledged the intrusion. “As the digitalization of nuclear reactor instrumentation and control systems increases, so does the potential for malicious and accidental cyber incidents alike to cause harm,” Alexander Campbell and Vickram Singh write.

  • Here’s How Russia Will Attack the 2020 Election. We’re Still Not Ready.

    In 2016, the GRU, Russia’s military intelligence branch, launched a massive, and successful disinformation campaign to change the way Americans were talking about the two candidates – Hillary Clinton and Donald Trump. Among the GRU’s most effective disinformation techniques was one known as “narrative laundering,” which aims to inject the Kremlin’s preferred stories – real, fake, or doctored — into mainstream American media. “It is quite possible that these exact techniques will be used again,” Renee DiResta, Michael McFaul, and Alex Stamos write. “And why shouldn’t they? We’ve done almost nothing to counter the threat.”

  • Fighting Deepfakes When Detection Fails

    Deepfakes intended to spread misinformation are already a threat to online discourse, and there is every reason to believe this problem will become more significant in the future. Automated deepfake detection is likely to become impossible in the relatively near future, as the approaches that generate fake digital content improve considerably.

  • Private Vendors Critical to Election Security Inadequately Supervised

    Private vendors build and maintain much of the election infrastructure in the United States with minimal oversight by the federal government. A new report presents the risks this poses to the security of our elections and offers a solution.

  • Vulnerabilities Affecting Billions of Computer Chips Discovered

    Security researchers discovered serious security vulnerabilities in computer chips made by Intel Corp. and STMicroelectronics. The flaws affect billions of laptop, server, tablet, and desktop users around the world. The security flaws could be used to steal or alter data on billions of devices.

  • Saudi “Twitter Spies” Broke No Federal Privacy Laws -- Because There Are None

    Privacy expert Mike Chapple of the University of Notre Dame says that the Saudi “Twitter Spies,” who were charged last week by the Justice Department for spying on behalf of Saudi Arabia, committed espionage — but broke no federal privacy laws because there are no such laws. Chapple says that Twitter failed to live up to industry-standard cybersecurity practices.

  • Can the United States Deter Election Meddling?

    The 2020 election is still a year away, but law enforcement officials are already sounding the alarm about foreign interference in the election. Leaders of the U.S. intelligence and law enforcement communities warn that Moscow is preparing to launch a similar effort next year. Joshua Rovner writes that cyber-meddling is a challenge, but that we should not despair.

  • The Senate Examines Threats to the Homeland

    On Tuesday, Nov. 5, the Senate Homeland Security and Governmental Affairs Committee held a hearing on the evolving threats facing the United States. In their written and opening remarks, the witnesses outlined a dizzyingly broad array of threats—from domestic and international terrorism to transnational organized crime, cyber and economic espionage, election interference, data insecurity, and potential chemical and biological attacks on the homeland. As the hearing wore on, senators’ questions and witness testimony narrowed in scope, focusing primarily on three aspects of America’s security challenges: how to optimize information sharing to combat domestic terrorism; how to counter Chinese cyber and counterintelligence operations; and how to address the growing problems posed by new technologies, namely, ransomware, cryptocurrency and unmanned aerial systems (UASs).

  • Disinformation Agents Are Targeting Veterans in Run-Up to 2020 Election

    Disinformation campaigns are targeting U.S. veterans through social media, seeking to tap the group’s influential status in their communities and high voting turnout in order to influence elections and fuel discord. Katerina Patin writes that veterans present an ideal target for foreign actors. In addition to their social status and voting rate, veterans are also more likely to run for office and more likely to work in government than any other demographic.

  • U.S. Security Leaders Warn About Russian, Iranian Interference in 2020 Polls

    Top U.S. intelligence and law enforcement officials have joined together to warn Americans about attempts by Russia, Iran, and other foreign “adversaries” to interfere with next year’s presidential election. “Our adversaries want to undermine our democratic institutions, influence public sentiment, and affect government policies,” the leaders of the Trump’s administration on security matters said in a joint statement released on 5 November. “Russia, China, Iran, and other foreign malicious actors all will seek to interfere in the voting process or influence voter perceptions,” they added.

  • Are Journalists Ready for Foreign Interference in 2020?

    Last month, the U.S. Senate Select Committee on Intelligence released volume two of its investigation into Russian interference, which details an extensive campaign that aims to sow division and undermine American democracy via social media. One of Russia’s key strategies is to target journalists. As the report describes, “Information warfare, at its core, is a struggle over information and truth. A free and open press — a defining attribute of democratic society — is a principal strategic target for Russian disinformation.” By targeting journalists and news outlets in democratic countries, authoritarians weaken a key pillar of democratic societies.

  • Inside the Microsoft Team Tracking the World’s Most Dangerous Hackers

    When the Pentagon recently awarded Microsoft a $10 billion contract to transform and host the U.S. military’s cloud computing systems, the mountain of money came with an implicit challenge: Can Microsoft keep the Pentagon’s systems secure against some of the most well-resourced, persistent, and sophisticated hackers on earth?

  • Officials Just Had Their Last Chance to Road Test Elections Before 2020

    From a security perspective, Tuesday’s odd-year election went off without a hitch: Officials didn’t spot any major disruptions from hacking or disinformation campaigns. But Joseph Marks writes that the fight to protect the 2020 contest is only ramping up. And officials were quick to warn that it will be a far juicier target for foreign actors.

  • Using Algorithms to Seek Out Voter Fraud

    Concerns over voter fraud have surged in recent years, especially after federal officials reported that Russian hackers attempted to access voter records in the 2016 presidential election. Administrative voting errors have been reported, too; for example, an audit by state officials revealed that 84,000 voter records were inadvertently duplicated by the California Department of Motor Vehicles (DMV) in the 2018 June primary election. Researchers are helping with the situation by developing new algorithms for tracking voter data.

  • Foreign Money Flows into U.S. Politics

    Untold amounts of foreign donations are flowing into America’s political system, with little accountability or limits. Although election experts say it’s impossible to accurately estimate the extent of foreign financial influence over U.S. elections, many agree it has increased substantially since a landmark Supreme Court ruling nearly a decade ago opened the flood gates.