• Europol’s No More Ransom initiative celebrates its first year

    Ransomware has soared since 2012, with criminals attracted by the promise of profit and ease of implementation. The total number of users who encountered ransomware between April 2016 and March 2017 rose by 11.4 percent compared to the previous twelve months, from 2,315,931 to 2,581,026 users around the world. A year ago, Europol and partners the No More Ransom initiative, which now has 109 partners, including government agencies and private organizations and companies.

  • Refusal to accept reality of Russian hacking hobbles U.S. cyber defense efforts: Experts

    The evidence of a broad, systemic effort by Russian government hackers and disinformation specialists – on instructions from President Vladimir Putin — to undermine the U.S. electoral process and ensure a Trump victory in November 2016 is incontrovertible, and it is mounting. The evidence has not persuaded President Donald Trump, however. He cites Putin’s denial of the Russian cyber effort as a reason why he – Trump — does not trust the unanimous conclusions of the U.S. intelligence community. Cyber experts say that Trump’s refusal to accept the reality of the 2016 Russian government hacking and disinformation campaign is creating a dangerous policy vacuum. This vacuum, the security experts fear, is only encouraging more cyber warfare.

  • Applied cybersecurity research for better protection of critical national infrastructure sectors

    DHS S&T awarded a five-year Other Transaction Agreement (OTA), with a maximum value of $70 million, to Arlington, Virginia-based Cyber Apex Solutions, LLC, to facilitate applied research of prototype cyberdefenses for critical national infrastructure sectors.

  • New questions in Russia probe

    “It has become clear that the Russian intention was to attempt to enter into a collaborative or cooperative relationship with the Trump campaign in order to sabotage Hillary Clinton’s campaign to their mutual benefit,” a former CIA official says. “To that end, the Russian government employed hacking activity to collect information and then embarked on an ambitious intelligence operation to leak that information to Trump’s advantage and to Clinton’s detriment. The question that remains, and is most important to answer, is did the Trump campaign willfully accept this assistance from the Russian government and enter into a conspiracy to benefit the campaign?” the former official said. “I would say it’s the most consequential Russian intelligence operation in my lifetime in terms of the attempted scope of their intention to penetrate our domestic politics and influence an American election. I can’t recall a precedent where they were that ambitious and that aggressive in pursuing that kind of goal. It’s hard to imagine that they would have done so with a completely unwilling partner.”

  • Petya variant hobbles European businesses

    In the wake of May’s WannaCry attack, which affected more than 230,000 computers in over 150 countries, a fast-moving malware malware outbreak was reported 27 June at targets in Spain, France, Ukraine, Russia, and other countries. The attack infected large banks, law firms, shipping companies, and even the Chernobyl nuclear facility in the Ukraine. The new malware is thought to be a variant of Petya, a wiper malware designed to destroy systems and data with no hope of recovery.

  • The Russian government’s disinformation campaign failed to influence the French election. Why?

    A few days before the presidential election in France this year, Russian government hackers leaked documents purported to contain unverified information which was damaging to Emmanuel Macron’s campaign. Nonetheless, Macron won the French presidency by a wide margin over Marie Le Pen. The Russian government’s hacking and disinformation campaign had limited effect on French voters. Why? One answer: Most of the Russian government’s disinformation was consumed and distributed by alt-right Americans – and more than half of it was in English, not French.

  • Why has healthcare become such a target for cyber-attackers?

    More than 16m patient records were stolen from healthcare organizations in the United States and related parties in 2016. That year, healthcare was the fifth most targeted industry when it came to cyber-attacks. And earlier this year, Britain’s National Health Service was crippled by a ransomware attack that locked up the computers holding many of its records and booking systems. As connected technology becomes even more embedded in healthcare, this cyber-threat is only likely to grow. But if we want to protect our health from cyber-attacks, we shouldn’t fear technology. Instead, we need to understand it better and realize that the threat becomes much worse when people make simple mistakes.

  • U.K. energy firms hacked by Russian government hackers: U.K. spy agency

    A leaked U.K. government memo says that in the wake of the 8 June general election, the U.K. energy industry is “likely to have been compromised” by Russian government hackers. The report, produced by the National Cyber Security Centre (NCSC) – the British equivalent of the U.S. NSA — warns that the British intelligence service had spotted connections “from multiple U.K. IP addresses to infrastructure associated with advanced state-sponsored hostile threat actors.”

  • Cyberattack could cost $120 billion: Lloyd’s

    Insurance giant Lloyd’s of London has warned that the cost of a serious cyberattack to the global economy could reach $120 billion or more – which was the cost of damage inflicted by Hurricanes Katrina or Sandy. insurance firm says the threat posed by global cyberattacks has spiraled, and that it poses a huge risk over the next decade to business and governments everywhere. Trevor Maynard, Lloyd’s head of innovation and co-author of the report, said that where people are involved, risk changes quite rapidly — from cyberattacks to terrorism and political risk – but that from year to year, such risks vary relatively little. “But climate change in the end will be far larger as a risk,” he said, and it remains the biggest challenge in the long run.

  • App ensures safe surfing on public Wi-Fi hotspots

    You always need to assume someone’s looking over your shoulder when you’re using public Wi-Fi: a hacker, or the government, or a plain old snoop. New app — SaferVPN — automatically turns on as soon as your device connects to unsecured networks, an begins to direct data through an encrypted “tunnel.”

  • U.K. must prepare to fight cyberwars against Russian “mayhem”: Former U.K. chief spy

    Britain must be ready to conduct cyberwars against the “mayhem” coming from Russia, the former head of GCHQ – the U.K. equivalent of the U.S. NSA — has warned ministers. The U.K. government will have to “push back against Russian state activity,” in the same tough way as the leaders of Germany and France have promised, Robert Hannigan said. Hannigan, when asked whether Russia posed a threat to Britain’s democratic process, he replied: “Yes, there is a disproportionate amount of mayhem in cyberspace coming from Russia, from state activity.” Experts and officials say these Russian operations are part of a broader drive by the Putin regime to destabilize the West.

  • Russian hackers likely behind cyberattacks on U.S. nuclear operators: Experts

    Russian government hackers are suspected to be behind a series of cyberattacks on U.S. nuclear operators. The attacks were similar to recent Russian attacks on Ukraine’s power infrastructure. Experts say that rhe attacks in Ukraine and the United States show that Russian hackers appear to be testing increasingly advanced tools to disrupt power supplies. “If you think about a typical war, some of the acts that have been taken against critical infrastructure in Ukraine and even in the U.S., those would be considered crossing red lines,” says one security expert.

  • Improving cybersecurity risk management

    DHS S&T awarded $220,209 to the University of Tulsa to study data production and usage by cybersecurity researchers, information that will help quantify the value of data-sharing and improve sharing incentives to address the interdependency of cyber-risk environments. The award’s primary focus is research into investment, impact, value and incentives related to cybersecurity risk management.

  • Wealth breeds cybercrime, but it does not automatically generate cybersecurity: Report

    ITU, the United Nations specialized agency for information and communication technology, has published the Global Cybersecurity Index 2017 (GCI-2017), which measures the commitment of ITU’s 193 member states to cybersecurity and is the second in this index series. The report found that Singapore, ranked No. 1, has a near-perfect approach to cybersecurity. The rest of the top 10 were Malaysia, Oman, Estonia, Mauritius, Australia, Georgia, France, and Canada. Equatorial Guinea brings up the rear, with cyber wellness score of zero.

  • Hackers could use brainwaves to steal passwords

    Researchers suggest that brainwave-sensing headsets, also known as EEG or electroencephalograph headsets, need better security after a study reveals hackers could guess a user’s passwords by monitoring their brainwaves. EEG headsets are advertised as allowing users to use only their brains to control robotic toys and video games specifically developed to be played with an EEG headset. There are only a handful on the market, and they range in price from $150 to $800.