-
Russian bots did “influence the General Election by promoting Jeremy Corbyn”: Study
An examination by Swansea University and the Sunday Times found that Russian government bots distributed thousands of fake posts on social media in the run-up to Britain’s election last June, aiming to help Labor Party leader Jeremy Corbyn win the election. He did not win, but still achieved unexpectedly good results for the Labor Party – results which defied predictions — in the process weakening Prime Minister Theresa May. The methodology of the Russian government’s pro-Corbyn social media campaign was similar to the Kremlin’s broad disinformation campaign to help Donald Trump win the 2016 U.S. presidential election.
-
-
The “European Approach” to fighting disinformation: Lessons for the United States
The European Commission published a communication on 26 April to the European Council and Parliament outlining the “European Approach” to combatting disinformation. The report provides an important opportunity for reflection across the transatlantic space, as the United States seeks to inoculate its democracy from ongoing hostile foreign interference activities. Takeaways from the “European Approach” to fighting disinformation can help U.S. policymakers develop more targeted policy measures, and identify potential shortcomings in the U.S. response.
-
-
Cybersecurity teams which do not interact much perform best
Scientists recently found that the best, high-performing cybersecurity teams have relatively few interactions with their team-members and team captain. While this result may seem counterintuitive, it is actually consistent with major theoretical perspectives on professional team development.
-
-
Syracuse University team wins 2018 National Cyber Analyst Challenge
A team of Syracuse University students was awarded first place and $20,000 in the National Cyber Analyst Challenge (NCAC) at Temple University in Philadelphia in April. At NCAC, students are given six hours and a large set of network traffic data to identify the origins of a cyberattack and its potential damage, and then make a seven-minute presentation of their findings and recommendations to a panel of C-suite-level judges from industry.
-
-
Protecting sensitive data in the Cloud by disguising access patterns
Computer scientists is working to defend against the next potential cyber risk – cloud storage. The scientists say cloud users can encrypt sensitive data and information, but how they access the data may make it vulnerable.
-
-
Tool measures individuals’ likelihood to fall for internet scams
Researchers have developed an online questionnaire which measures a range of personality traits to identify individuals who are more likely to fall victim to internet scams and other forms of cybercrime. The psychometric tool asks participants to answer a range of questions in order to measure how likely they are to respond to persuasive techniques.
-
-
World’s biggest DDoS-for-hire service taken down
The administrators of the DDoS marketplace webstresser.org were arrested on 24 April 2018 as a result of Operation Power Off, a complex investigation led by the Dutch Police and the UK’s National Crime Agency with the support of Europol and a dozen law enforcement agencies from around the world. The webstresser.org was considered the world’s biggest marketplace to hire Distributed Denial of Service (DDoS) services, with over 136 000 registered users and 4 million attacks measured by April 2018.
-
-
Deterring foreign interference in U.S. elections
A new study analyzes five million political ads on hot-button issues which ran on Facebook in the run-up to the 2016 election. Voters in swing states like Wisconsin and Pennsylvania were disproportionately targeted with ads featuring divisive issues like guns, immigration, and race relations. The divisive ads were purchased by 228 groups – 121 of these groups had no publicly trackable information.
-
-
Bitcoin more vulnerable to attack than expected
Calculations by researchers show that Bitcoin is more vulnerable to attack than people had always assumed. If some Bitcoin users were to form a group that controls 20 percent of the currency’s computing power, they could launch an attack and, within a few days, force all other users to accept a new standard for Bitcoin.
-
-
Ten legislative proposals to defend America against foreign influence operations
More than a year after Russia’s broad hacking and disinformation campaign of interference in the 2016 presidential election, and with midterm elections looming on the horizon, Congress and the Trump administration have not taken any clear action to increase U.S. defenses against the foreign interference threat. There are important steps we can, and must, take to defend our institutions against adversaries who seek to undermine them. Many of Russia’s tactics have exploited vulnerabilities in our societies and technologies, and loopholes in our laws. Some of the steps necessary to defend ourselves will involve long-term work, others will require clear action by the Executive Branch to ensure Americans are united against the threat we face, and steps to both deter and raise the costs on such actions.
-
-
Accelerating detection of zero-day vulnerabilities
Today, commercial off-the-shelf (COTS), government off-the-shelf (GOTS), and free and open-source (FOSS) software support nearly all aspects of DoD, military, and commercial operations. Securing this diverse technology base requires highly skilled hackers who reason about the functionality of software and identify novel vulnerabilities. To address the challenges facing our abilities to scale and accelerate vulnerability detection, DARPA last week announced the Computers and Humans Exploring Software Security (CHESS) program.
-
-
New strategies for countering Russian social media influence in Eastern Europe
Russia is waging a social media campaign in the Baltics, Ukraine, and nearby states to sow dissent against neighboring governments, as well as NATO and the European Union. “Nowhere is this threat more tangible than in Ukraine, which has been an active propaganda battleground since the 2014 Ukrainian revolution,” said the lead author of a new RAND report. “Other countries in the region look at Russia’s actions and annexation of Crimea and recognize the need to pay careful attention to Russia’s propaganda campaign.”
-
-
It’s not just Facebook: Countering Russia’s social media offensive
Russian influence operations exploit the vulnerabilities of social media platforms to disseminate false narratives and amplify divisive content in order to undermine democracies, divide societies, and weaken Western alliances. In conducting these operations, the Kremlin employs a variety of tools across the social media space, including fake accounts/personas, political advertisements, bot networks, and traditional propaganda outlets. Additionally, Russian influence operations utilize a range of social media platforms, each with a different role, to distract public discussion, foment social unrest, and muddle the truth.
-
-
Hackers can steal data via power lines
Researchers have shown once again that air-gapped PCs are not safe from a determined and patient attacker. The researchers have already devised several techniques to extract data from isolated or air-gapped computers that store highly sensitive data.
-
-
Broad action required to combat disinformation on social media: Experts
The business model of American social media allows foreign adversaries to exploit our open society by spreading disinformation and amplifying disagreements, turning citizens against one another, speakers said at a Princeton University forum. Gen. Michael V. Hayden, former director of the Central Intelligence Agency and National Security Agency, said that taken as a whole, the cyberattacks during the 2016 presidential election have a lot in common with 9/11 — an attack from an unexpected direction, exploiting a previously unknown weakness. The nation rallied in response to the 2001 attacks in large part because President George W. Bush set the tone, he said. “We gotta go extraordinary,” Hayden said about the cyberattacks. “We as a nation don’t go extraordinary unless the president says ‘do it’,” and so far, that hasn’t happened, Hayden said.
-
More headlines
The long view
Ransomware Attacks: Death Threats, Endangered Patients and Millions of Dollars in Damages
A ransomware attack on Change Healthcare, a company that processes 15 billion health care transactions annually and deals with 1 in 3 patient records in the United States, is continuing to cause massive disruptions nearly three weeks later. The incident, which started on February 21, has been called the “most significant cyberattack on the U.S. health care system” by the American Hospital Association. It is just the latest example of an increasing trend.
Chinese Government Hackers Targeted Critics of China, U.S. Businesses and Politicians
An indictment was unsealed Monday charging seven nationals of the People’s Republic of China (PRC) with conspiracy to commit computer intrusions and conspiracy to commit wire fraud for their involvement in a PRC-based hacking group that spent approximately 14 years targeting U.S. and foreign critics, businesses, and political officials in furtherance of the PRC’s economic espionage and foreign intelligence objectives.
Autonomous Vehicle Technology Vulnerable to Road Object Spoofing and Vanishing Attacks
Researchers have demonstrated the potentially hazardous vulnerabilities associated with the technology called LiDAR, or Light Detection and Ranging, many autonomous vehicles use to navigate streets, roads and highways. The researchers have shown how to use lasers to fool LiDAR into “seeing” objects that are not present and missing those that are – deficiencies that can cause unwarranted and unsafe braking or collisions.