• Gregory Falco: Protecting urban infrastructure against cyberterrorism

    By Dara Farhadi

    While working for the global management consulting company Accenture, Gregory Falco discovered just how vulnerable the technologies underlying smart cities and the “internet of things” — everyday devices that are connected to the internet or a network — are to cyberterrorism attacks. His focus is on cybersecurity for urban critical infrastructure, and the internet of things, or IoT, is at the center of his work. A washing machine, for example, that is connected to an app on its owner’s smartphone is considered part of the IoT. There are billions of IoT devices that don’t have traditional security software because they’re built with small amounts of memory and low-power processors. This makes these devices susceptible to cyberattacks and may provide a gate for hackers to breach other devices on the same network.

  • U.S. needs stronger response to Russian interference in presidential election: Expert

    One of the greatest threats to the United States, Alexander Hamilton said in Federalist Paper #68, was “the desire in foreign powers to gain an improper ascendant in our councils” — “by raising a creature of their own to the chief magistracy of the Union.” John Cohen, former principal deputy undersecretary for intelligence and analysis at DHS, says that Russia’s meddling in the 2016 presidential election shows how prescient Hamilton was. “During my entire career in homeland security, counter-intelligence and law enforcement, I have not seen a greater existential threat to America’s sovereignty and national security,” he says. “That so many political partisans appear so willing to overlook this threat is alarming – and reflects the national division that may have been one of the goals of the Russian campaign.”

  • New methods defeat cyberattacks on 3D printers

    With cyberattacks on 3D printers likely to threaten health and safety, researchers have developed novel methods to combat them, according to a groundbreaking study. Among several unique techniques, the researchers are using cancer imaging techniques to detect intrusions and hacking of 3D printer controllers.

  • USB connections less secure than has been thought

    USB connections, the most common interface used globally to connect external devices to computers, are vulnerable to information “leakage,” making them even less secure than has been thought. Researchers tested more than 50 different computers and external USB hubs and found that over 90 percent of them leaked information to an external USB device.

  • Cybercriminals are not as “anonymous” as we think

    Understanding a cybercriminal’s backstory - where they live, what they do and who they know, is key to cracking cybercrime. Online crime is of course online, but there is also a surprisingly strong offline and local dimension. Cybercriminals are often seen as faceless, international, computer masterminds, who are almost impossible to identify or understand as a result. But contextualizing their threat and motivations is key to stopping them.

  • DNA sequencing tools vulnerable to cybersecurity risks

    Rapid improvement in DNA sequencing has sparked a proliferation of medical and genetic tests that promise to reveal everything from one’s ancestry to fitness levels to microorganisms that live in your gut. A new study finds evidence of poor computer security practices used throughout the field. Researchers have also demonstrated for the first time that it is possible — though still challenging — to compromise a computer system with a malicious computer code stored in synthetic DNA. When that DNA is analyzed, the code can become executable malware that attacks the computer system running the software.

  • Hacking cybersecurity in order to anticipate attacks

    Imagine two groups at war. One defends every attack as it comes. The other anticipates threats before they happen. Which is more likely to win? In cybersecurity, understanding the potential for attacks is critical. This is especially true for mobile and wireless devices, since they are constantly connected and continuously streaming and collecting data.

  • Police turn to hackathons as crime fighting goes digital

    Police and law enforcement staff are turning to hackathons – collaborative events for developing technology – to come up with new ways of searching for clues within the terabytes of data that many people produce every year.

  • MalwareTech’s arrest sheds light on the complex culture of the hacking world

    By Roderick S. Graham

    The arrest of a British cybersecurity researcher on charges of disseminating malware and conspiring to commit computer fraud and abuse provides a window into the complexities of hacking culture. In May, Marcus Hutchins gained international fame – and near-universal praise – for figuring out how to slow, and ultimately effectively stop, the worldwide spread of the WannaCry malware attack. In August, Hutchins was arrested on federal charges of writing and distributing a different malware attack first spotted back in 2014. The judicial system will sort out whether Hutchins, who has denied wrongdoing and pleaded not guilty, will face as much as 40 years in prison. But to me as a sociologist studying the culture and social patterns of cybercrime, Hutchins’ experience is emblematic of the values, beliefs and practices of many hackers.

  • Spotting data theft – quickly!

    Computer experts have always struggled to find solutions for protecting businesses and authorities from network breaches. This is because there are too many vague indicators of potential attacks. With PA-SIEM, IT managers have a solution that effectively protects their systems while exposing data thieves and criminal hackers more quickly than conventional software.

  • New app detects cyberattacks quickly

    If you are awaiting exciting news from your friend, what is the better way to read your email? Has it comes in, or after a batch collects? Well, if you read it as it comes in, you will surely get the news faster. Researchers have developed a software app that can do the same for computer networks. Monitoring the activity within a network in real-time can allow cybersecurity analysts to detect cyberattacks quickly, before thieves steal data or crash your system.

  • REnigma malware reverse-engineering tool commercialized

    The analysis of malware used in a cyberattack is a highly manual, time-consuming, low-throughput and costly process, requiring days to weeks to determine the answers needed to understand and recover from an attack. DHS S&T has just announced a groundbreaking malware analysis tool, which is part of S&T’s Transition to Practice (TTP) program, has transitioned as a new startup technology company.

  • New mobile banking Trojans

    In mid-July 2017, Kaspersky Lab researchers found a new modification of the well-known mobile banking malware family Svpeng – Trojan-Banker.AndroidOS.Svpeng.ae. In this modification, the cybercriminals have added new functionality: it now also works as a keylogger, stealing entered text through the use of accessibility services. Attack data suggests this Trojan is not yet widely deployed.

  • Protecting the power grid from low-budget attacks

    Cyberattacks against power grids and other critical infrastructure systems have long been considered a threat limited to nation-states due to the sophistication and resources necessary to mount them. Last week, at the Black Hat USA 2017 conference in Las Vegas, a team of researchers challenged that notion by disclosing vulnerabilities in a component that combined with publicly available information provide sufficient information to model an advanced, persistent threat to the electrical grid.

  • ISIS and climate change leading security threats: Global survey

    People around the globe identify ISIS and climate change as the leading threats to national security, according to a new Pew Research Center report based on a survey of thirty-eight countries. The survey asked about eight possible threats: ISIS, global climate change, cyberattacks, the condition of the global economy, the large number of refugees leaving Iraq and Syria, and the power and influence of the United States, Russia, and China. While the level and focus of concern varies by region and country, ISIS and climate change clearly emerge as the most frequently cited security risks across the thirty-eight countries polled.