• Spyware: Why the Booming Surveillance Tech Industry Is Vulnerable to Corruption and Abuse

    The latest revelations about NSO Group’s Pegasus spyware are the latest indication that the spyware industry is out of control, with licensed customers free to spy on political and civilian targets as well as suspected criminals. We may be heading to a world in which no phone is safe from such attacks.

  • Growing Unease in Israel over Pegasus Case

    Israel is worried that the Pegasus spyware revelations may turn a PR black eye into a diplomatic crisis. Israel never exhibited any qualms about dealing with and selling arms to pretty unsavory regimes, but such deals were typically kept secret. The fact that the Israeli Ministry of Defense authorized the NSO Group to sell the Pegasus spyware to regimes which then used it to spy on opposition figures, civil society activists, and journalists – and, in the case of Saudi Arabia, to track Jamal Khashoggi and kill him — has raised questions about what did the government know and when did it know it.

  • Macron’s Secure Mobile Phone Compromised by Pegasus Spyware

    The secure smartphone of French president Emmanuel Macron was compromised by the Pegasus surveillance malware. It was surreptitiously installed by Moroccan intelligence operatives, who introduced the virus into the phones of former Prime Minister Edouard Philippe and fourteen other current and former French cabinet ministers.

  • Citizenship and Bank Access for Immigrants Would Add “Enormous Amount of Money” to U.S. Economy

    Immigrants living in the U.S. illegally have been an “unrecognized driver of the economy for decades,” writes an immigration researcher. By limiting immigrants’ economic options, the U.S. is missing out on additional growth in its own economy — especially with an aging American population, he argues.

  • Journalists, Activists among 50,000 Targets of Israeli Spyware: Reports

    Israeli cyber firm NSO Group claims that its Pegasus surveillance malware is sold to governments so they can better track terrorists and criminals, but many of the 45 governments deploying the surveillance software use it to track journalists, opposition politicians, and civil society activists. Some of these governments are authoritarian (for example, Azerbaijan, Bahrain, Kazakhstan, UAE, Saudi Arabia). Other are democracies (for example, India, Mexico, South Africa). The only EU member country to deploy the surveillance malware is Hungary, which places it in violation of the EU’s strict privacy and surveillance regulations.

  • China Spy Agency Using Contract Hackers to Extort, Destabilize Western Companies

    The United States and its allies in Europe and Asia have charged that China’s Ministry of State Security is employing criminal contract hackers to conduct cyber operations globally, from which the hackers personally profit. The activities include ransomware operations against private companies which are forced to pay millions in ransom demands to regain access to their data.

  • Chinese Company’s Global Genetic Data Collection Poses Economic, Security Threats: Experts

    A Chinese gene company is collecting genetic data through prenatal tests from women in more than 50 countries— including Germany, Spain and Denmark, as well as in Britain, Canada, Australia, Thailand, India and Pakistan. Collecting the biggest and most diverse set of human genomes could propel China to dominate global pharmaceuticals, and also potentially lead to genetically enhanced soldiers, or engineered pathogens to target the U.S. population or food supply, biosecurity experts told Reuters.

  • Will China Retaliate Against U.S. Chip Sanctions?

    In response to a series of Chinese trade infractions (intellectual property theft, forced technology transfers, cyber espionage, and WTO violations), the U.S. government implemented a sanctions regime which has inflicted increasing pain on China’s semiconductor industry. The Biden administration has doubled down on the Trump’s sanction strategy against China’s high-tech sector. Terry Daly and Jordan Schneider write that China has so far abstained from taking major retaliatory measures against the United States, but this is not likely to last. “The prudent course in a period of uncertainty is risk mitigation. This applies to countries and companies alike,” Daly and Schneider write.

  • Did the Cybersecurity Workforce Gap Distract Us from the Leak?

    There are 500,000 unfilled cybersecurity positions in the United States, and the number is growing. The government and private companies have been investing a lot of money and effort in training and recruiting young cybertalent through college programs, school partnerships, and by adjusting pay and benefit packages, but many have missed a significant leak in cyber workforce funnel: the rapid burnout and churn. In fact, the cyber workforce gap is in experienced roles, not junior levels. To fill the cyber workforce gap, we need to find ways to retain experienced cybersecurity talent.

  • Understanding the U.K. Cybersecurity Labor Market

    The U.K. government is carrying out research to help understand and measure the U.K. cybersecurity labor market. This will help inform future policy and strategy.

  • Infrastructure for a Changing Climate

    As the U.S. debates whether and how to invest in its infrastructure, a lot is at stake, said Mariette diChristina, dean of the College of Communication at Boston University. “Infrastructure is built to last for decades — sometimes even a hundred years or more — so what we decide to do today will have a large effect on how things go tomorrow, including how we adapt to or mitigate climate change in the future.”

  • Making Infrastructure Pay Off

    James M. Poterba, an MIT economist, advocates for cost-benefit analyses of projects, finds that repairing infrastructure often pays off more than new projects, and suggests that infrastructure user fees be considered as a source of financing for projects. He argues that the value in repairs, upgrades, and user fees to help fund projects has been overlooked.

  • EU Agrees on Global Infrastructure Plan to Rival China’s Belt and Road Initiative

    On Monday the EU announced an ambitious global infrastructure plan which aims to counter China’s Belt and Road Initiative. Western governments fear that China’s project encourages countries to take on large Chinese loans which can turn into “debt traps,” allowing China to leverage these debts for political purposes. Monday’s initiative continues a recent phase of greater assertiveness by the EU towards China.

  • Closing the Skills Gap in the Cyber Workforce

    There are currently more than three million unfilled cybersecurity jobs globally, and, as high-profile incidents like the Solar Winds attack demonstrate, it is vital to address that shortage. But it is difficult for organizations to find and recruit the cyber talent they need.

  • Bipartisan Legislation Addresses Dams’ Safety, Hydropower

    There are more than 90,000 dams in the U.S., including 6,000 “high-hazard” dams with poor, unsatisfactory, or unknown safety ratings, posing threats to life and property. Hydropower is responsible for 6 percent of electricity production in the U.S.— and more than 90 percent of the U.S. current electricity storage capacity — but the dams which generate this power are aging and need upgrades.