• The Petya ransomware attack shows how many people still don’t install software updates

    A new global ransomware attack, called “Petya” or “NotPetya,” exploits the same vulnerability as the “WannaCry” attack back in May. As Petya spreads across Europe, it’s becoming clear how few people and companies – including major corporations – actually update their software, even in the wake of major cyberattacks. Attackers got into computers through that weakness and encrypted users’ data, demanding a ransom from anyone who wanted the data made usable again. But they didn’t win the race to exploit the flaw as much as people and computer companies collectively lost it. Our human tendencies and corporate policies worked against us. Research, including my own, tells us why, and offers some suggestions for how to fix it before the inevitable next attack.

  • New firewall protects cellphones from hardware security threats

    Some 400 million people change their phone’s components, such as touchscreens, chargers, and battery or sensor assemblies, which are all susceptible to significant security breaches and attacks. These components, referred to as “field replaceable units (FRUs),” communicate with the phone CPU over simple interfaces with no authentication mechanisms or error detection capabilities. A malicious vendor could add a compromised FRU to a phone, leaving it vulnerable to password and financial theft, fraud, malicious photo or video distribution, and unauthorized app downloads. Cybersecurity researchers at Ben-Gurion University of the Negev (BGU) developed an innovative firewall program that adds a missing layer of security in Android cellphones and monitors for malicious code.

  • Intel teams up with Israeli cybersecurity incubator to foil hacking attacks

    Intel, the world’s largest chip-maker, is joining forces with the Israeli cybersecurity incubator Team8 to locate innovative technology that will fend off increasingly sophisticated cyberattacks. In joining forces with Team8 and their syndicate members, which include big names like Microsoft and Cisco, Intel is further advancing its desire to be a major player in the cybersecurity market. Israel is home to around 450 cybersecurity startups and receives around 20 percent of global investment in the field.

  • Australia: Five-Eyes nations should require backdoors in electronic devices

    Australia attorney-general George Brandis said he was planning to introduce a proposal to Australia’s four intelligence-sharing partners in the Five Eyes group — the United States, United Kingdom, New Zealand, and Canada – to require technology companies to create some kind of a backdoor to their devices. Australian leaders have emerged as strong proponents of allowing law-enforcement and intelligence agencies to gain access to the information and communication records on devices used by terrorists and criminals.

  • Protecting auto computer systems from hacks

    When you and your family are zooming along the freeway, the last thing you’re worried about is the security of your car’s computer systems. That’s one reason researchers work hard on protecting vehicles from cyberattacks. Computer engineering research team is focused on the security of wireless interfaces utilized by vehicles, the number of which will only grow as autonomous cars and trucks roll closer to reality. These interfaces in our vehicles, not unlike the computers in our homes and in our hands, can be susceptible to attacks, also known as hacks. The major difference is that attacks on a vehicle’s computer systems, which are connected to critical controls, can have potentially fatal consequences.

  • Russian government hackers broke into voting systems in 39 states

    The attack by the Russian government hackers on the U.S. electoral system during the 2016 campaign involved thirty-nine states. This figure shows that the Russian attack was broader and deeper than previously thought. The cyberattacks targeted software used by states election commissions in the months and weeks before the election – and by poll workers on election day. The type of targets the Russian government hackers chose also indicates that in addition to the immediate goal of helping elect Donald Trump president, the hackers were trying to gain knowledge which would allow them to interfere in, and influence, the 2018 mid-term elections of 2020 presidential election even more effectively than they did the 2016 presidential election.

  • Stuxnet, the sequel: Dangerous malware aims to disrupt industrial control systems

    A cybersecurity firm has identified a new, dangerous malware, dubbed Industroyer, capable of performing an attack on power supply infrastructure. The malware was likely involved in the December 2016 cyberattack on Ukraine’s power grid that deprived part of its capital, Kiev, of power for over an hour. is capable of directly controlling electricity substation switches and circuit breakers. It uses industrial communication protocols used worldwide in power supply infrastructure, transportation control systems, and other critical infrastructure. The potential impact may range from simply turning off power distribution, triggering a cascade of failures, to more serious damage to equipment.

  • Preventing voice hacking

    While convenient, Siri, WeChat, and other voice-based smartphone apps can expose you to a growing security threat: voice hacking. With just a few minutes of audio samples, attackers can replay your voice convincingly enough to trick people as well as top digital security systems. The consequences, from impersonating you with your friends to dipping into your bank account, are terrifying. An app, soon to be available, will help thwart growing cybersecurity threat

  • Preventing autonomous vehicles from being hacked

    Although autonomous vehicles are essentially large computers on wheels, securing them is not the same as securing a communication network that connects desktop computers and smartphones to large geographical areas due to the roles that the sensors and actuators play in the physical layer of the network. Researchers have developed an intelligent transportation system prototype designed to avoid collisions and prevent hacking of autonomous vehicles.

  • Network routers can covertly leak data

    Researchers have demonstrated for the first time that it is possible to covertly siphon sensitive files, passwords or other critical data from any common router. “Unlike network traffic that is heavily monitored and controlled by firewalls, this covert channel is currently not monitored,” one researcher says. “As a result, it enables attackers to leak data while evading firewalls, air-gaps (computers not hooked up to the internet) and other data-leakage prevention methods.”

  • "That is a big deal": Russia's effort to subvert American democracy

    Russia’s broad, systematic attacks on the U.S. political process, attacks which are only going to intensify in years to come, are of far greater, and lasting, importance relative to all other issues raised in James Comey’s Thursday testimony before the Senate Intelligence Committee. “We’re talking about a foreign government that, using technical intrusion, lots of other methods, tried to shape the way we think, we vote, we act. That is a big deal,” Comey said.

  • Protecting against online privacy attacks

    When Congress voted in March to reverse rules intended to protect internet users’ privacy, many people began looking for ways to keep their online activity private. One of the most popular and effective is Tor, a software system millions of people use to protect their anonymity online. But even Tor has weaknesses, and in a new paper, researchers recommend steps to combat certain types of Tor’s vulnerabilities.

  • Russian government hackers planted false news story which caused Gulf crisis: U.S. intelligence

    U.S. intelligence officials say Russian government hackers planted a false news story into the text prepared for release by the official Qatari news agency. The release of the Russian-manufactured story by the official Qatari news agency prompted Saudi Arabia and several of its regional allies to suspend diplomatic relations with Qatar and impose economic sanctions on it. U.S. officials say the Russian goal appears to be to cause rifts among the U.S. and its allies.

  • Russian government hackers hacked U.S. voting system manufacturer last August: NSA report

    The hacking by Russian government hackers of the DNC computers and the email accounts of senior Democrats during the campaign has been amply documented, but vote-tallying was believed to have been unaffected, despite the concerted effort exerted by the Russian hackers. A highly classified NSA report, published by the Intercept on Monday, offers evidence that Russian government agents hacked a U.S. voting systems manufacturer last August, three months before the November 2016 presidential election. Security experts say that the suggestion that Russian government hackers may have gained access – even if limited access — to electronic voting systems is likely to increase worries about Russian interference in the 2018 mid-term and 2020 presidential election, as well as worries about growing Russian meddling in the election processes in other countries.

  • Bolstering the credibility of attributing cyberattacks

    Even as major cyber incidents receive high-profile press coverage, many segments of the general public are coming to dispute and question the credibility of the attribution findings — the declared identities of the perpetrators. Researchers review the state of cyber attribution and consider how to bolster the credibility of the process by making it more standardized and transparent. In particular, the report recommends the creation of an independent, global organization to investigate and publicly attribute major cyber-attacks.