• Trump Told Russian Officials in 2017 He Wasn’t Concerned About Moscow’s Interference in U.S. Election

    President Trump told two senior Russian officials in a 10 May 2017 Oval Office meeting that he was unconcerned about Moscow’s interference in the 2016 U.S. presidential election because the United States did the same in other countries, an assertion that prompted alarmed White House officials to limit access to the remarks to an unusually small number of people, according to three former officials with knowledge of the matter. “White House officials were particularly distressed by Trump’s election remarks because it appeared the president was forgiving Russia for an attack that had been designed to help elect him, the three former officials said. Trump also seemed to invite Russia to interfere in other countries’ elections, they said,” the Washington Post reports, quoting a former Trump administration official to say: “’What was difficult to understand was how they got a free pass on a lot of things — election security and so forth,’ this former official said. ‘He was just very accommodating to them.’”

  • A New National Security Framework for Foreign Interference

    A series of recent signals from Trump administration officials, including the President, are normalizing an idea that is detrimental to our national security – that soliciting foreign interference in a U.S. election won’t be prosecuted. Jessica Brandt and Joshua Rudolph write in Just Security that with foreign rivals from Beijing to Moscow and elsewhere watching closely, it will become open season on our democracy unless we quickly shift our legal framework for such behavior from a campaign-finance perspective to a national security approach. It is now stunningly evident that when it comes to protecting our democracy from foreign interference, our current legal framework is not up to the task,” Brandt and Rudolph write. “That is in part because what we are dealing with are national security threats, not a technical campaign finance violations.”

  • Privacy Flaw Found in E-Passports

    Researchers have discovered a flaw in the security standard of biometric e-passports that has been used worldwide since 2004. This standard, ICAO 9303, allows e-passport readers at airports to scan the chip inside a passport and identify the holder.

  • How Kids Get into Hacking

    Is your kid obsessed with video games and hanging out with questionable friends? These are common traits for involvement in cybercrime, among other delinquencies. New research characteristics and gender-specific behaviors in kids that could lead them to become juvenile hackers.

  • Stopping an “Internet of Things” Attack from Bringing Down the Power Grid

    Last year, Princeton researchers identified a disturbing security flaw in which hackers could someday exploit internet-connected appliances to wreak havoc on the electrical grid. Now, the same research team has released algorithms to make the grid more resilient to such attacks. The algorithms could stop an internet of things attack from bringing down the power grid.

  • What Data Hackers Can Get about You from Hospitals

    When hospitals are hacked, the public hears about the number of victims – but not what information the cybercriminals stole. New research uncovers the specific data leaked through hospital breaches, sounding alarm bells for nearly 170 million people.

  • Science Fiction Has Become Dystopian Fact

    So which dystopia are we living in? Most educated people have read George Orwell’s Nineteen Eighty-Four and Aldous Huxley’s Brave New World. So influential have these books been that we are inclined to view all disconcerting new phenomena as either “Orwellian” or “Huxleyan”. If you suspect we shall lose our freedom to a brutally repressive state, grinding its boot into our faces, you think of George. If you think we shall lose it to a hedonistic consumer culture, complete with test-tube designer babies, you quote Aldous. “My own belief is that the ruling oligarchy will find less arduous and wasteful ways of governing and of satisfying its lust for power,” Huxley wrote in a letter to Orwell in 1949. Niall Ferguson agrees: “As I reflect on the world in 2019, I am struck by the wisdom of [Huxley’s] words. In Xi Jinping’s China, we see Totalitarianism 2.0. The boot on the face remains a possibility, of course, but it is needed less and less as the system of social credit expands, aggregating and analyzing all the digital data that Chinese citizens generate.”

  • How Social Media Should Prepare for Disinformation Campaigns in the 2020 Election

    A new report assesses some of the forms and sources of disinformation likely to play a role on social media during the 2020 presidential election campaign in the U.S. The report explores these risks and analyzes what the major social media companies—Facebook, Twitter, and YouTube (owned by Google)—have done to harden their defenses against disinformation. The report also offers nine recommendations of additional steps social media companies should take to prepare for 2020.

  • Innovation and Cybersecurity: A Balancing Act

    Companies are working to balance their desire for new innovations with their need for strong cyberdefenses – and it is a delicate balance, a new report says. A survey of 500 U.S. businesses reveals that company executives, business staff and technology professionals have distinctly different views on where their organization stands when it comes to cyber-readiness.

  • Cybersecurity of Connected Autonomous Vehicles

    In the near future connected and autonomous vehicles (CAVs) are expected to become widely used across the world. Researchers have been working to improve the security, privacy and safety of CAVs by testing four innovations in the IoT-enabled Transport and Mobility Demonstrator. They were able to connect CAVs to other CAVs and roadside infrastructure more securely and privately.CAVs can now connect to each other, roadside infrastructure, and roadside infrastructure to each other more securely.

  • Tests Find 125 Vulnerabilities in 13 Network Attached Storage Devices

    In a new, follow-up cybersecurity study of network attached storage (NAS) systems and routers since 2013, consulting and research firm Independent Security Evaluators (ISE) found 125 vulnerabilities in 13 IoT devices, reaffirming an industrywide problem of a lack of basic security diligence.

  • Sensitive Personal and Financial Data of What’s Likely an Entire Country Leaked Online

    A chilling data leak on an unsecured server in Miami divulged sensitive personal and financial information of what appears to be the entire population of Ecuador. The discovery came from the internet security firm VpnMentor, which discovered the database containing more than 20 million individuals’ data—including as many as 7 million minors—on an exposed Florida-based server belonging to the Ecuadorian data and analytics company Novaestrat.

  • Fearing “Spy Trains,” Congress May Ban a Chinese Maker of Subway Cars

    A Chinese state-owned company called CRRC Corporation, the world’s largest train maker, completed the $100 million facility this year in the hopes of winning contracts to build subway cars and other passenger trains for American cities like Chicago and Washington. But growing fears about China’s economic ambitions and its potential to track and spy on Americans are about to quash those plans. Lawmakers — along with CRRC’s competitors — say they are concerned that subway cars made by a Chinese company might make it easier for Beijing to spy on Americans and could pose a sabotage threat to American infrastructure. Critics of the deal speculate that the Chinese firm could incorporate technology into the cars that would allow CRRC — and the Chinese government — to track the faces, movement, conversations or phone calls of passengers through the train’s cameras or Wi-Fi.

  • How Artificial Intelligence Is Changing Cyber Security Landscape and Preventing Cyber Attacks

    With the genuinely significant potentials of Artificial Intelligence, the probability of attackers weaponizing it and using it to boost and expand their attacks is a huge threat. One of the biggest concerns is that hackers can use AI to automate cyberattacks on a massive scale. Now, our adversaries are relying on human resources to craft and coordinate their attacks. Cybercrime and cybersecurity landscape are going to change –not for the better – if and when they learn to use AI and machine learning to do the dirty work. So, the three main implications of Artificial Intelligence to the threat landscape are the augmentation of today’s threats and attacks, the development of new threats, and the variation of the nature of existing threats.

  • North Korean Hacking Groups Hit with Treasury Sanctions

    The Department of the Treasury hit three North Korean groups with new sanctions Sept. 13 for conducting cyberattacks against critical infrastructure, including the infamous WannaCry ransomware attacks. Treasury’s Office of Foreign Asset Control announced that Lazarus Group, an advanced persistent threat believed to be working at the behest of the North Korean government and two of its subgroups, dubbed Bluenoroff and Andariel, was responsible for unleashing WannaCry, which wrought havoc across hospital and health care organizations in as well as other sectors in the United Kingdom and other industrial sectors in 2017, as well as the 2014 Sony hack.