• Antivirus but not anti-spy

    The late senator William Proxmire of Wisconsin (he died in 1989) made a name for himself for his Golden Fleece Awards — awards given each year to the most wasteful U.S. government programs. Senator James Lankford (R-Oklahoma), continuing in Proxmire’s tradition, has just released the third volume of his annual of his Federal Fumbles: 100 Ways the Government Dropped the Ball. One of the U.S. federal government’s major fumbles has been the way it has dealt with Russian cybersecurity firm Kaspersky Lab. The U.S. intelligence community has long suspected that Kaspersky Lab was using its popular antivirus software – used not only by individuals and corporations, but also by U.S. government agencies – to collect sensitive information from the computer systems on which the software was installed, and deliver that information to the GRU and the FSB, the KGB’s successor agency.

  • “We know” Russia hacked election, and such cyberattacks can happen again: Sen. Angus King

    Though President Trump says he is not convinced that Russia interfered in the 2016 presidential election, U.S. Sen. Angus King of Maine said that he and his colleagues on the Senate Select Committee on Intelligence, which is probing the matter, have “no doubt whatsoever” of Moscow’s involvement. “We know they did it, we know it was sophisticated, we know it was serious, and we know they’re coming back!” said King during a discussion at the Harvard Kennedy School.

  • The time to hack-proof the 2018 election is expiring — and Congress is way behind

    Lawmakers are scrambling to push something — anything — through Congress which would help secure the U.S. voting systems ahead of the 2018 elections. It might, however, already be too late for some critical targets. By this point during the 2016 election cycle, Russian government hackers had already breached the Democratic National Committee’s networks for at least three months.

  • Shining more light every day on Russia’s political interference

    “Despite this clear threat to American democracy, and the unanimous assessment of the intelligence community that Russia interfered in the election in an operation ordered by Vladimir Putin, real discussion of how to halt these activities and prevent them in the future is only beginning now. This is partly driven by a continued partisan divide on the issue — which is being fueled by the Kremlin’s ongoing influence efforts and Putin’s own denials to President Donald Trump. Trump’s repeated statements casting doubt on his own intelligence community’s assessment and the unwillingness of many Republican leaders to defend the truth continue to fan these partisan flames.  Allowing Russian interference to become a partisan issue plays right into Russia’s hands and achieves Putin’s goals,” Laura Rosenberger and Jamie Fly write. “This is not about relitigating who won the election. Trump is the president. This is about defending American democracy from attacks by foreign enemies.”

  • Uber admitted to covering up massive data breach

    Uber chief executive posted a message on the company’s blog, admitting that an October 2016 cyberattack allowed the hackers to collect personal information like names, driver license numbers, email addresses, phone numbers and more on 57 million Uber users and drivers around the world, including 600,000 Uber drivers in the U.S. The company paid the ransom the hackers demanded; asked them to sign a nondisclosure agreement and keep quiet about the breach; and then dressed up the breach as a “bug bounty,” the practice of paying hackers to test the strength of software security.

  • Russia sees U.S.-led international order as a threat to its security, interests: Report

    Russia seeks to undermine elements of the current international order because its leaders and analysts see the current international order as dominated by the United States and a threat to their country’s security and interests, according to a new RAND report. U.S. officials have repeatedly described the development of a U.S.-led “rules-based international order,” composed of international economic institutions, bilateral and regional security organizations and liberal political norms, as a core U.S. national interest.

  • Russian government’s fission know-how hard at work in Europe

    The objective of Russia’s broad, systematic disinformation and cyberattacks campaign against Western democracies is ambitious. Moscow has made fragmenting Europe into one of its primary strategic objectives. Dividing European populations from within and turning them against one another via targeted influence operations is a central component of this overarching strategic objective.

     

  • Russia has been cyber-attacking “U.K. media, telecommunications, and energy sectors”: U.K. cybersecurity chief

    Ciaran Martin, CEO of the U.K. National Cyber Security Center (NCSC): “I can confirm that Russian interference, seen by the National Cyber Security Center, has included attacks on the U.K. media, telecommunications and energy sectors. That is clearly a cause for concern — Russia is seeking to undermine the international system.”

  • Russia “weaponized information” to sow discord in West, destroy post-WWII international order: Theresa May

    U.K. prime minister Theresa May, in an extraordinary attack on Russia’s broad cyber-campaign against Western countries, has accused Russia of meddling in the elections of Western democracies and planting fake stories in other countries’ media in a sustained effort to “weaponize information” in order to sow discord and deepen internal conflicts Western democracies. May, speaking at the Lord Mayor’s Banquet on 13 November 2017, said that Russia’s goal was to destabilize, if not destroy, the post-Second World Order rules-based international order.

  • Russia has been cyber-attacking “U.K. media, telecommunications, and energy sectors”: U.K. cybersecurity chief

    Ciaran Martin, CEO of the U.K. National Cyber Security Center (NCSC): “I can confirm that Russian interference, seen by the National Cyber Security Center, has included attacks on the U.K. media, telecommunications and energy sectors. That is clearly a cause for concern — Russia is seeking to undermine the international system.”

  • Extremist content and Russian disinformation online: Working with tech to find solutions

    “It’s been more than a year since my colleagues and I described in writing how the Russian disinformation system attacked our American democracy. We’ve all learned considerably more since then about the Kremlin’s campaigns, witnessed their move to France and Germany and now watch as the world worst regimes duplicate their methods. Yet our country remains stalled in observation, halted by deliberation and with each day more divided by manipulative forces coming from afar. The U.S. government, social media companies, and democracies around the world don’t have any more time to wait. In conclusion, civil wars don’t start with gunshots, they start with words. America’s war with itself has already begun. We all must act now on the social media battlefield to quell information rebellions that can quickly lead to violent confrontations and easily transform us into the Divided States of America.”

  • Biology can show us how to stop hackers

    “Biology is the true science of security. And by that I mean that organisms have had to contend with adversaries and competitors from the very beginning of their evolutionary history. As a result, they’ve evolved an incredible repertoire of defense systems to protect themselves,” says an expert on biology and computation. “Looking at how biological systems have learned to protect themselves can suggest novel approaches to security problems,” ASU’s Professor Stephanie Forrest says. “What I try to do is look at biological mechanisms and principles and translate those mechanisms and architectures into computational algorithms that protect computers.”

  • Russia’s pro-Trump campaign began early, aiming to help him win GOP primaries: WSJ

    The U.S. intelligence community cited December 2015 as the earliest suspected time that Russian government social media account began their broad campaign in support of Donald Trump. A Wall Street Journal investigation reveals that the Kremlin’s campaign of support for Trump began six months earlier, in June 2015, days after he announced his candidacy. This earlier Russian disinformation campaign was aimed to help Trump defeat his Republican primary rivals. This early campaign, however, already engaged in dissemination of fake stories aiming to tarnish Hillary Clinton and undermine her campaign.

  • “Combosquatting” attacks, hiding in plain sight, trick computer users

    To guard against unknowingly visiting malicious websites, computer users have been taught to double-check website URLs before they click on a link. But attackers are now taking advantage of that practice to trick users into visiting website domains that contain familiar trademarks — but with additional words that change the destination to an attack site. The attack strategy, known as combosquatting, is a growing threat, with millions of such domains set up for malicious purposes.

  • DOJ considering charging Russian government officials in DNC, Podesta hacks

    The Department of Justice has identified six Russian government officials involved in hacking the DNC and using the information against candidate Hillary Clinton during the 2016 election. Prosecutors have enough evidence to bring charges against those individuals by next year. The information gathered by DOJ supports the U.S. intelligence community’s conclusion that Russian President Vladimir Putin ordered Russian government agencies to launch a coordinated effort to help Trump win the November election. DOJ has identified Russian hackers working for both military and intelligence agencies in Russia.