• Defending democracy from cyberwarfare

    Foreign meddling in democratic elections, the proliferation of fake news and threats to national security through the “weaponization of social media” will be tackled by a new research Center being launched last week at Australia’s Flinders University.

  • Russian Twitter propaganda predicted 2016 U.S. election polls

    There is one irrefutable, unequivocal conclusion which both the U.S. intelligence community and the thorough investigation by Robert Mueller share: Russia unleashed an extensive campaign of fake news and disinformation on social media with the aim of distorting U.S. public opinion, sowing discord, and swinging the election in favor of the Republican candidate Donald Trump. But was the Kremlin successful in its effort to put Trump in the White House? Statistical analysis of the Kremlin’s social media trolls on Twitter in the run-up to the 2016 election social suggests that the answer is “yes.”

  • Personalized medicine software vulnerability uncovered

    A weakness in one common open source software for genomic analysis left DNA-based medical diagnostics vulnerable to cyberattacks. Researchers at Sandia National Laboratories identified the weakness and notified the software developers, who issued a patch to fix the problem.

  • Second Florida city pays ransom to hackers

    A second small city in Florida has agreed to pay hundreds of thousands of dollars in ransom to cybercriminals who disabled its computer system. Days after ransomware crippled the city of about 12,000 residents, officials of Lake City agreed this week to meet the hackers’ ransom demand: 42 Bitcoin or about $460,000.

  • U.S. House passes election security bill after Russian hacking

    The U.S. House of Representatives, mostly along partisan lines, has passed legislation designed to enhance election security following outrage over Russian cyberinterference in the 2016 presidential election.The Democratic-sponsored bill would mandate paper ballot voting and postelection audit as well as replace outdated and vulnerable voting equipment. The House bill faces strong opposition in the Republican-controlled Senate.

  • Deepfake detection algorithms will never be enough

    You may have seen news stories last week about researchers developing tools that can detect deepfakes with greater than 90 percent accuracy. It’s comforting to think that with research like this, the harm caused by AI-generated fakes will be limited. Simply run your content through a deepfake detector and bang, the misinformation is gone!  James Vincent writers in The Verge that software that can spot AI-manipulated videos, however, will only ever provide a partial fix to this problem, say experts. As with computer viruses or biological weapons, the threat from deepfakes is now a permanent feature on the landscape. And although it’s arguable whether or not deepfakes are a huge danger from a political perspective, they’re certainly damaging the lives of women here and now through the spread of fake nudes and pornography.

  • Monitoring Russia’s and China’s disinformation campaigns in Latin America and the Caribbean

    Propaganda has taken on a different form. Social media and multiple sources of information have obviated the traditional heavy-handed tactics of misinformation. Today, governments and state media exploit multiple platforms to shade the truth or report untruths that exploit pre-existing divisions and prejudices to advance their political and geo-strategic agendas. Global Americans monitors four state news sources that have quickly gained influence in the region—Russia Today and Sputnik from Russia, and Xinhua and People’s Daily from China— to understand how they portray events for readers in Latin America and the Caribbean. Global Americans says it will feature articles that clearly intend to advance a partial view, agenda, or an out-and-out mistruth, labeling them either False or Misleading, explaining why the Global Americans team has determined them so, including a reference, if relevant, that disproves the article’s content.

  • The history of cellular network security doesn’t bode well for 5G

    There’s been quite a bit of media hype about the improvements 5G is set to supposedly bring to users, many of which are no more than telecom talking points. One aspect of the conversation that’s especially important to get right is whether or not 5G will bring much-needed security fixes to cell networks. Unfortunately, we will still need to be concerned about these issues—and more—in 5G.

  • Russian trolls are coming for 2020, smarter than ever, Clemson researchers warn

    Many Americans think they know what a Russian troll looks like. After the 2016 election, voters are more aware of bad actors on social media who might be trying to influence their opinion and their vote on behalf of a foreign government. Bristow Marchant writes in The State that Clemson University professors Darren Linvill and Patrick Warren warn, however, that picture may not be accurate. “People I know — smart, educated people — send me something all the time and say ‘Is this a Russian? Is this foreign disinformation?’” said Linvill, a communications professor at the Upstate university. “And it’s just someone saying something they disagree with. It’s just someone being racist. That’s not what disinformation looks like.”

  • Top takes: Suspected Russian intelligence operation

    A Russian-based information operation used fake accounts, forged documents, and dozens of online platforms to spread stories that attacked Western interests and unity. Its size and complexity indicated that it was conducted by a persistent, sophisticated, and well-resourced actor, possibly an intelligence operation. Operators worked across platforms to spread lies and impersonate political figures, and the operation shows online platforms’ ongoing vulnerability to disinformation campaigns.

  • National emergency alerts potentially vulnerable to spoofing

    On 3 October 2018, cell phones across the United States received a text message labeled “Presidential Alert.” It was the first trial run for a new national alert system, developed by several U.S. government agencies as a way to warn as many people across the United States as possible if a disaster was imminent. Now, a new study raises a red flag around these alerts—namely, that such emergency alerts authorized by the President of the United States can, theoretically, be spoofed.

  • The Budapest Convention offers an opportunity for modernizing crimes in cyberspace

    Governments worldwide are in the process of updating the Budapest Convention, also known as the Convention on Cybercrime, which serves as the only major international treaty focused on cybercrime. This negotiation of an additional protocol to the convention provides lawmakers an opportunity the information security community has long been waiting for: modernizing how crimes are defined in cyberspace. Specifically, the Computer Fraud and Abuse Act (CFAA), codified at 18 U.S.C.§ 1030, dictates what constitutes illegal acts in cyberspace in the United States. Andrew Burt and Dan Geer write in Lawfare that without changing the CFAA—and other cybercrime laws like it—we’re collectively headed for trouble.

  • “Vaccinating” algorithms against attacks on machine learning

    Algorithms “learn” from the data they are trained on to create a machine learning model that can perform a given task effectively without needing specific instructions, such as making predictions or accurately classifying images and emails. Researchers have developed a world-first set of techniques to effectively “vaccinate” algorithms against adversarial attacks, a significant advancement in machine learning research.

  • A Florida city paid a $600,000 bitcoin ransom to hackers who took over its computers — and it's a massive alarm bell for the rest of the US

    A Florida city agreed to pay $600,000 worth of bitcoin to hackers who took its computer systems offline with a cyberattack. Riviera Beach’s city council voted to pay the money after an attack in May affected the city’s online services, including email and 911 dispatches. The attack is part of a pattern that has targeted cities around the US. The disruption has cost millions of dollars. Sinéad Baker write in Business Insider that the U.S. Department of Homeland Security warned in 2018 that local-level governments around the U.S. were being hit with malware that is “among the most costly and destructive.”

  • NIST updates to help defend sensitive information from cyberattack

    An update to one of the National Institute of Standards and Technology’s (NIST) information security documents offers strategies to help protect sensitive information that is stored in computers supporting critical government programs and high value assets. The new companion publication offers enhanced security for information stored in critical programs and assets.