• S&T awards $11.6 million to defend against network, internet disruptions

    Five research organizations were awarded separate contracts totaling $11,511,565 to develop new methods to identify and attribute Network/Internet-scale Disruptive Events (NIDEs), the DHS S&T announced last week.

  • Cyber insurance market to double by 2020: Munich Re

    Cyber risks are one of the biggest threats to the digital and networked economy. The most important thing for companies is to ensure they have the best possible technical prevention. Munich Re says it is developing insurance products and services that offer policyholders the greatest possible protection.

  • Securing Americans’ votes

    To protect the integrity and security of U.S. elections, all local, state, and federal elections should be conducted using human-readable paper ballots by the 2020 presidential election, says a new report from the National Academies of Sciences. In addition, every effort should be made to use paper ballots in the 2018 federal election. Ballots that have been marked by voters should not be returned over the Internet or any network connected to it, because no current technology can guarantee their secrecy, security, and verifiability, the report says.

  • Why and how people forget passwords

    Do you frequently forget passwords to a baffling array of accounts and websites? Much depends on a password’s importance and how often you use it, according researchers. Their study could spur improved password technology and use.

  • Fax machines and coffee pots – the surprising ways you could be hacked

    Hopefully you protect your computers from cyberattacks. You might have anti-virus software on your phone, tablet, laptop or desktop. You might avoid using them to visit suspicious websites and carefully protect your various login details. But it’s no longer just what we typically think of as computers that are connected to the internet and so at risk of cyberattacks. And if multiple devices are connected to the same network in your home or office, then if a hacker breaks into one machine they could gain access to all of them.

  • The FBI launches a Combating Foreign Influence webpage

    The FBI on Thursday has launched a webpage dedicated to combating foreign influence. The webpage aims to educate the public about the threats faced from disinformation campaigns, cyberattacks, and the overall impact of foreign influence on society. The FBI is the lead federal agency responsible for investigating foreign influence operations.

  • Russia is co-opting angry young men

    It seems almost too strange to be true: fight clubs, neo-Nazi soccer hooligans, motorcycle gangs, and other violent fringe elements are serving as conduits for the Kremlin’s influence operations in Western countries. “It sounds more like an episode of The Americans with a dash of Mad Max and Fight Club mixed in,” Michael Carpenter writes, “[y]et this is exactly what is happening across Europe and North America as Russia’s intelligence services co-opt fringe radicals and angry young men to try to undermine Western democracies from within. And not just in the virtual world, but in real life.”

  • Unsecured, obsolete medical record systems and medical devices risk patient lives

    A team of physicians and computer scientists has shown that it is easy to modify medical test results remotely by attacking the connection between hospital laboratory devices and medical record systems. These types of attacks might be more likely used against high-profile targets, such as heads of state and celebrities, than against the general public. But they could also be used by a nation-state to cripple the United States’ medical infrastructure.

  • Control system simulator helps operators to fight hackers

    A simulator that comes complete with a virtual explosion could help the operators of chemical processing plants – and other industrial facilities – learn to detect attacks by hackers bent on causing mayhem. The simulator will also help students and researchers understand better the security issues of industrial control systems.

  • Fortnite is setting a dangerous security trend

    Cybercriminals have just been given yet another route to get malicious software (malware) onto your personal mobile devices. The hugely popular video game Fortnite has become one of the first major apps to bypass official app stores and encourage users to download its software directly.

  • Less information leaves U.S. vulnerable as midterms approach

    In May 2018, explaining why the intelligence community objected to revealing the name of an FBI informant who talked with several Trump campaign officials in order to explore the extent of their ties with Russian intelligence operatives, FBI director Christopher Wray said: “The day that we can’t protect human sources is the day the American people start becoming less safe.” High-level U.S. officials say that the United States knows less in 2018 than it did in 2016 about Russia’s planned and executed attacks on U.S. democracy and infrastructure – and one reason is that Russian informants have gone silent. Current and former officials said the expulsion of American intelligence officers from Moscow has hurt collection efforts — but they also raised the possibility that the outing of an FBI informant under scrutiny by the House intelligence committee — an examination encouraged by President Trump — has had a chilling effect on intelligence collection.

  • Detecting “deepfake” videos in the blink of an eye

    A new form of misinformation is poised to spread through online communities as the 2018 midterm election campaigns heat up. Called “deepfakes” after the pseudonymous online account that popularized the technique – which may have chosen its name because the process uses a technical method called “deep learning” – these fake videos look very realistic. Because these techniques are so new, people are having trouble telling the difference between real videos and the deepfake videos. My work with colleagues has found a way to reliably tell real videos from deepfake videos. It’s not a permanent solution, because technology will improve. But it’s a start, and offers hope that computers will be able to help people tell truth from fiction.

  • Fund meant to protect elections may be too little, too late

    The Election Assistance Commission, the government agency charged with distributing federal funds to support elections, released a report Tuesday detailing how each state plans to spend a total of $380 million in grants allocated to improve and secure their election systems. But even as intelligence officials warn of foreign interference in the midterm election, much of the money is not expected to be spent before Election Day. The EAC expects states to spend their allotted money within two to three years and gives them until 2023 to finish spending it.

  • How the U.S. has failed to protect the 2018 election--and four ways to protect 2020

    If the weak response of the Obama White House indicated to America’s adversaries that the U.S. government would not respond forcefully, then the subsequent actions of House Republicans and President Trump have signaled that our adversaries can expect powerful elected officials to help a hostile foreign power cover up attacks against their domestic opposition. The bizarre behavior of the chairman of the House Permanent Select Committee on Intelligence, Rep. Devin Nunes, has destroyed that body’s ability to come to any credible consensus, and the relative comity of the Senate Select Committee on Intelligence has not yet produced the detailed analysis and recommendations our country needs. Republican efforts to downplay Russia’s role constitute a dangerous gamble: It is highly unlikely that future election meddling will continue to have such an unbalanced and positive impact for the GOP.

  • Microsoft reveals Russian hacking attempts ahead of U.S. elections

    Microsoft says it has uncovered new Russian hacking attempts to target U.S. political groups ahead of the U.S. midterm elections in November. The company said a hacking group linked to Russia’s government had created fake Internet domains in order to mimic the websites of two conservative Washington-based think tanks that have been critical of the Kremlin — the Hudson Institute and the International Republican Institute. It said the Russian hackers also created three fake domains designed to look as if they belonged to the U.S. Senate.