• What Trump Really Wanted from Ukraine Was Not about Enemies

    What President Donald Trump wanted most from Ukrainian President Volodymyr Zelensky had les to do with Joe Biden and everything to do with exonerating Russia from 2016 election meddling and pinning the blame on the Democrats and Ukraine, the historian Allan Lichtman writes in The Hill. “This conspiracy theory would serve the dual purpose of clearing Russian President Vladimir Putin from responsibility for intervening in the 2016 election and proving that Trump won the White House without Russia.”

  • The “fictional narrative” that Ukraine meddled in the 2016 U.S. election “advance[s] Russian interests”: Fiona Hill

    Fiona Hill, who until July this year was the National Security Council’s top Russia adviser, on Thursday told the House Intelligence Committee that it is a “fictional narrative” that Ukraine, and not Russia, meddled in the 2016 U.S. election that Trump won. “The unfortunate truth is that Russia was the foreign power that systematically attacked our democratic institutions in 2016,” Hill said. “It is beyond dispute, even if some of the underlying details must remain classified.” Hill pleaded with the Intelligence panel, “In the course of this investigation, I would ask that you please not promote politically driven falsehoods that so clearly advance Russian interests.”

  • Flaw in iVote System Used in Australian Election

    Flaws in the iVote internet and telephone voting system used in the 2019 New South Wales election could have made it vulnerable to undetectable voter fraud, a new report has revealed. A new report has shown how the iVote system suffers from an error in its verification process that could allow the verification of votes to be “tricked”, meaning some valid votes could be converted into invalid ones, and not counted.

  • Who's Responsible When Your Car Gets Hacked?

    In the future, when cars can drive themselves, grand theft auto might involve a few keystrokes and a well-placed patch of bad computer code. At that point, who will be liable for the damages caused by a hacker with remote control of a 3,000-pound vehicle?

  • Online Disinformation and Emerging Tech: Are Democracies at Risk?

    Online disinformation campaigns supported by fundamental changes in military and geopolitical strategies of major players such as Russia and China harden tribal factions and undermine the security of infrastructure systems in targets such as the United States, as state and non-state actors mount increasingly sophisticated cyberattacks on democratic institutions, Brad Allenby writes. Whether the United States and other democracies are up to this challenge remains to be seen, he says.

  • Russian Hackers Attacked Me and Other Military Spouses. Why Can’t We Sue?

    In a systematic campaign aiming to sow panic and confusion, Russian government hackers, masquerading as ISIS fighters, have been hacking computers and smartphones of spouses of U.S. military personnel, stealing and distributing their personal and financial information, and spreading lies about the on the dark web. “Almost as astonishing as the discovery that Russia was behind the attacks was finding out that U.S. citizens have no legal recourse against foreign governments that target them online,” writes Lorri Volkman, whose husband serves in the military, and was attacked by Russian hackers four years ago.

  • New Report on Russia’s Online Operations: Pseudo-Think Tanks, Personas

    The Kremlin used many different techniques in its effective campaigns of interference in the politics of Western democracies, including the 2016 U.S. presidential election. One such technique is “narrative laundering” – the technique of moving a certain narrative from its state-run origins to the wider media ecosystem through the use of aligned publications, “useful idiots,” and, perhaps, witting participants. “Given that many of these tactics are analogs of those used in Cold-War influence operations, it seems certain that they will continue to be refined and updated for the internet era, and are likely to be used to greater effect,” a new report says.

  • Lessons from the Cyberattack on India’s Largest Nuclear Power Plant

    In early September, a cyberattack occurred at the Kudankulam nuclear power plant in India. The Indian nuclear monitoring agency finally admitted that the nuclear plant was hacked, and on 30 October Indian government officials acknowledged the intrusion. “As the digitalization of nuclear reactor instrumentation and control systems increases, so does the potential for malicious and accidental cyber incidents alike to cause harm,” Alexander Campbell and Vickram Singh write.

  • Here’s How Russia Will Attack the 2020 Election. We’re Still Not Ready.

    In 2016, the GRU, Russia’s military intelligence branch, launched a massive, and successful disinformation campaign to change the way Americans were talking about the two candidates – Hillary Clinton and Donald Trump. Among the GRU’s most effective disinformation techniques was one known as “narrative laundering,” which aims to inject the Kremlin’s preferred stories – real, fake, or doctored — into mainstream American media. “It is quite possible that these exact techniques will be used again,” Renee DiResta, Michael McFaul, and Alex Stamos write. “And why shouldn’t they? We’ve done almost nothing to counter the threat.”

  • Fighting Deepfakes When Detection Fails

    Deepfakes intended to spread misinformation are already a threat to online discourse, and there is every reason to believe this problem will become more significant in the future. Automated deepfake detection is likely to become impossible in the relatively near future, as the approaches that generate fake digital content improve considerably.

  • Private Vendors Critical to Election Security Inadequately Supervised

    Private vendors build and maintain much of the election infrastructure in the United States with minimal oversight by the federal government. A new report presents the risks this poses to the security of our elections and offers a solution.

  • Vulnerabilities Affecting Billions of Computer Chips Discovered

    Security researchers discovered serious security vulnerabilities in computer chips made by Intel Corp. and STMicroelectronics. The flaws affect billions of laptop, server, tablet, and desktop users around the world. The security flaws could be used to steal or alter data on billions of devices.

  • Saudi “Twitter Spies” Broke No Federal Privacy Laws -- Because There Are None

    Privacy expert Mike Chapple of the University of Notre Dame says that the Saudi “Twitter Spies,” who were charged last week by the Justice Department for spying on behalf of Saudi Arabia, committed espionage — but broke no federal privacy laws because there are no such laws. Chapple says that Twitter failed to live up to industry-standard cybersecurity practices.

  • Can the United States Deter Election Meddling?

    The 2020 election is still a year away, but law enforcement officials are already sounding the alarm about foreign interference in the election. Leaders of the U.S. intelligence and law enforcement communities warn that Moscow is preparing to launch a similar effort next year. Joshua Rovner writes that cyber-meddling is a challenge, but that we should not despair.

  • The Senate Examines Threats to the Homeland

    On Tuesday, Nov. 5, the Senate Homeland Security and Governmental Affairs Committee held a hearing on the evolving threats facing the United States. In their written and opening remarks, the witnesses outlined a dizzyingly broad array of threats—from domestic and international terrorism to transnational organized crime, cyber and economic espionage, election interference, data insecurity, and potential chemical and biological attacks on the homeland. As the hearing wore on, senators’ questions and witness testimony narrowed in scope, focusing primarily on three aspects of America’s security challenges: how to optimize information sharing to combat domestic terrorism; how to counter Chinese cyber and counterintelligence operations; and how to address the growing problems posed by new technologies, namely, ransomware, cryptocurrency and unmanned aerial systems (UASs).