• Hurricane loss model estimates damage caused by Hurricane Irma at $19 billion

    A team of researchers estimates that Hurricane Irma caused $19.4 billion in wind-related losses to Florida residents alone. The data does not cover flood losses. Of that total, $6.3 billion will be paid by insurance companies. As a result, roughly two-thirds of the losses will be borne by homeowners.

  • Equifax breach is a reminder of society’s larger cybersecurity problems

    By Richard Forno

    The Equifax data breach was yet another cybersecurity incident involving the theft of significant personal data from a large company. Moreover, it is another reminder that the modern world depends on critical systems, networks and data repositories that are not as secure as they should be. And it signals that these data breaches will continue until society as a whole (industry, government and individual users) is able to objectively assess and improve cybersecurity procedures. We all must take a realistic look at the state of cybersecurity, admit the mistakes that have happened and change our thinking for the better. Only then can anyone – much less everyone – take on the task of devoting time, money and personnel to making the necessary changes for meaningful security improvements. It will take a long time, and will require inconvenience and hard work. But it’s the only way forward.

  • Economic costs of Harvey, Irma $200-$300 billion; insured cost to reach $70 billion

    The insured cost of Hurricanes Harvey and Irma is likely to reach $70 billion, while the economic cost — which includes uninsured losses – is in the range of $200 billion to $300 billion, leading insurers say. Lloyd’s of London said the claims would make 2017 one of the worst years for natural disasters with the hurricane season not yet over.

  • Can taking down websites really stop terrorists and hate groups?

    By Thomas Holt, Joshua D. Freilich, and Steven Chermak

    Racists and terrorists, and many other extremists, have used the internet for decades and adapted as technology evolved, shifting from text-only discussion forums to elaborate and interactive websites, custom-built secure messaging systems and even entire social media platforms. Recent efforts to deny these groups online platforms will not kick hate groups, nor hate speech, off the web. In fact, some scholars theorize that attempts to shut down hate speech online may cause a backlash, worsening the problem and making hate groups more attractive to marginalized and stigmatized people, groups, and movements. The tech industry, law enforcement, and policymakers must develop a more measured and coordinated approach to the removal of extremist and terrorist content online. The only way to really eliminate this kind of online content is to decrease the number of people who support it.

  • How “dreamers” and green card lottery winners strengthen the U.S. economy

    By Ethan Lewis

    Those who wish to restrict immigration often cite what they naïvely call “supply-and-demand economics” to essentially argue that the economy is a fixed pie that gets divided among a country’s residents. Fewer immigrants means “more pie” for the U.S.-born, as the story goes. I am an economist, and this is not what my colleagues and I say. The commonplace argument that increases in the volume of immigration, by themselves, lower wages and take jobs from Americans – an argument which Attorney General Jeff Sessions used to defend ending DACA – has neither empirical nor theoretical support in economics. It is just a myth. Instead, both theory and empirical research show that immigration, including low-skill and low-English immigration, grows the pie and strengthens the American workforce.

  • DHS instructs government agencies to stop using Kaspersky Lab’s software

    DHS on Wednesday, referring to reports about the links between the Russian cybersecurity company and Russian intelligence agencies, ordered all U.S. government agencies to stop using Kaspersky Lab software products. DHS gave the agencies thirty days to identify any Kaspersky products they were using, and ninety days to remove all such products. A former FBI official, referring to Eugene Kaspersky, the company founder, said: “He wouldn’t help us at all… From the early 2000s, it was felt Kaspersky was an FSB [the successor agency of the KGB] guy and everything he’d developed was just a huge front.”

  • Rethinking where/whether to rebuild after Hurricanes Irma, Harvey

    Though our natural instinct is to put everything back exactly where it was before a disaster, Mark Abkowitz, professor of civil and environmental engineering and director of the Vanderbilt Center for Environmental Management Studies said people need to seriously rethink where and how to rebuild. “We’re talking hurricanes now, but it could be inland flooding, tornadoes, drought, wildfires, earthquakes. The question really comes up: If we had things the way they were and they suffered the level of catastrophic impact that they did, what’s the reasoning behind putting it back exactly the way it was before?” asks Abkowitz.

  • Is the new iPhone designed for cybersafety?

    By Arun Vishwanath

    As eager customers meet the new iPhone, they’ll explore the latest installment in Apple’s decade-long drive to make sleeker and sexier phones. But to me as a scholar of cybersecurity, these revolutionary innovations have not come without compromises. Many of Apple’s decisions about the iPhone were driven by design – including wanting to be different or to make things simpler – rather than for practical reasons. Apple has steadily strengthened the encryption of the data on its phones, but other developments have made people less safe and secure. Today, unsafe decisions are far easier to make on your phone than on your computer. And more people now use their phones for doing more things than ever before. Making phones slimmer, shinier and sexier is great. But making sure every user can make cybersafe decisions is yet to be “Designed by Apple.” Here’s hoping the next iPhone does that.

  • Designing a post-Harvey Houston for the future

    Being honest about the extent and urgency of the Houston-Galveston region’s flooding problem will not harm the community but will form the basis for recovery, according to a paper by an engineering and environmental expert. “Denying fundamental truths and moving forward with business as usual will be the economic death knell for the Houston region,” Rice University’s Jim Blackburn wrote in a paper highlighting fifteen policies and actions that are meant to initiate a conversation about designing a Houston for the future. “And make no mistake about it — how we respond to this horrible reality will determine the economic future of our region.”

  • What lessons will Houston-area officials learn from Harvey? History gives us a clue

    By Neena Satija

    As Houston begins to recover from Harvey, a growing chorus of voices is calling for big policy changes to reduce flood damage from future disasters. Local officials haven’t said much about what they might pursue, but history offers some clues.

  • Western energy sector target of sophisticated attack by Russian-linked group Dragonfly

    The energy sector in Europe and North America is being targeted by a new wave of cyberattacks that could provide attackers with the means to severely disrupt affected operations. The group behind these attacks is known as Dragonfly. The group has been in operation since at least 2011 but has re-emerged over the past two years from a quiet period following exposure by Symantec and a number of other researchers in 2014. This “Dragonfly 2.0” campaign, which appears to have begun in late 2015, shares tactics and tools used in earlier campaigns by the group.

  • Equifax breach will haunt Americans for decades

    Cyberexperts say that the Equifax giant cybersecurity breach which compromised the personal information of as many as 143 million Americans — almost half the country – will have long-term consequences for many Americans. Looking ahead, for decades almost 50 percent of the U.S. population will have trouble applying for home loans, credit cards, cell phones, or simply passing background checks.

  • S&T awards $8.6 million for enhancing security of mobile apps for the government

    DHS S&T has awarded funding to five R&D projects that will enhance the secure use of mobile applications for the federal government. These Mobile Application Security (MAS) R&D projects focus on continuous validation and threat protection for mobile apps and integrating security throughout the mobile app lifecycle.

  • Why didn’t sanctions stop North Korea’s missile program?

    By Daniel Salisbury

    North Korea’s long-range missile program has made significant technological advances in the past few months. For most of the past twenty years, the international community has struggled to stop this kind of progress by imposing a series of severe sanctions on the country. Have sanctions failed? This question is complicated, but what is undeniable is that sanctions have had unforeseen consequences by making North Korea’s procurement efforts more sophisticated as Chinese middlemen monetize the risk. Americans tend to view North Korea as an inward-looking, economically isolated state cut off from the international community. However, the country’s illicit networks – including those supplying its missile program – are global and responsive. Ultimately, they will be difficult to counter.

  • Gregory Falco: Protecting urban infrastructure against cyberterrorism

    By Dara Farhadi

    While working for the global management consulting company Accenture, Gregory Falco discovered just how vulnerable the technologies underlying smart cities and the “internet of things” — everyday devices that are connected to the internet or a network — are to cyberterrorism attacks. His focus is on cybersecurity for urban critical infrastructure, and the internet of things, or IoT, is at the center of his work. A washing machine, for example, that is connected to an app on its owner’s smartphone is considered part of the IoT. There are billions of IoT devices that don’t have traditional security software because they’re built with small amounts of memory and low-power processors. This makes these devices susceptible to cyberattacks and may provide a gate for hackers to breach other devices on the same network.