• Cyber Threats from the U.S. and Russia Are Now Focusing on Civilian Infrastructure

    Cyber confrontation between the United States and Russia is increasingly turning to critical civilian infrastructure, particularly power grids, judging from recent press reports. The typically furtive conflict went public last month, when the New York Times reported U.S. Cyber Command’s shift to a more offensive and aggressive approach in targeting Russia’s electric power grid. Although both sides have been targeting each other’s infrastructure since at least 2012, according to the Times article, the aggression and scope of these operations now seems unprecedented.

  • Johannesburg Power Company Crippled by Ransomware Attack

    City Power, the company supplying Johannesburg, South Africa’s economic hub, with electricity, has been attacked by a ransomware virus. The virus has “encrypted all our databases” representatives of the company said. Some of the company’s services have been crippled; the company said it may not be able to respond to a blackout; and more and more residents complain of loss of power. Johannesburg is not the first municipality to have its network infected by ransomware.

  • U.S. Intelligence Director Dan Coats Creates Senior Election Security Position

    Director of National Intelligence Daniel Coats announced he established the position of Intelligence Community (IC) Election Threats Executive (ETE). The ETE will serve as the DNI’s principal adviser on threats to elections and matters related to election security. Additionally, the ETE will coordinate and integrate all election security activities, initiatives, and programs across the IC and synchronize intelligence efforts in support of the broader U.S. government.

  • U.S. Efforts to Counter Russian Disinformation and Malign Influence

    “President Vladimir Putin’s Russia seeks to weaken Western governments and transatlantic institutions, discredit democratic and liberal values, and create a post-truth world,” says Alina Polyakova. “Russian disinformation campaigns aim to amplify existing social divisions and further polarize democratic societies. As such, they don’t stop when the ballot box closes. Elections may provide an ideal high-impact opportunity for a disinformation actor, but the barrage of disinformation against Western democracies, including the United States, continues between election cycles. Disinformation, as a tool of Russia’s political warfare, is not new. But what is new is that, today, what used to take years, takes minutes. The advance of digital technology and communication allows for the high-speed spread of disinformation, rapid amplification of misleading content, and massive manipulation via unsecured points of influence. This digital ecosystem creates opportunities for manipulation that have exceeded the ability of democratic nations to respond, and sometimes even to grasp the extent of the challenge.”

  • How the U.S. Can Fight Russian Disinformation for Real

    “Where we ought to be setting the rules of engagement, the tone, and the moral compass in responding to Russia’s information war, the United States has been a tardy, timid, or tertiary player, with much of our public servants’ good work on this issue stymied by domestic politicization. Disinformation is not a political issue; it is a democratic one. Beyond that challenge, the United States has not invested sufficient resources to be competitive in the fight against disinformation. Russian information warfare continues to target the United States and our allies, as well as the rules-based international order. However, countering it has not been a budgetary priority” — Nina Jankowicz.

  • Cyber Threats Go Beyond Hackers and Scams but to Democracy Itself

    Much of the discussion surrounding threats of the information age are focused on digitally enabled foreign influence and interference. However, analysis of adversaries’ information campaigns as seen in the 2016 presidential elections and Brexit referendum doesn’t capture the full extent of the problem that is the manipulation society already created. Tech giants haven’t just inadvertently created a new path for information warfare. Rather they have created the architecture for the persistent manipulation of whole societies – an architecture freely used by both adversaries and the tech corporations themselves. Just as market capitalism led to a market society, surveillance capitalism has led to the manipulation society.

  • A Russian Military Contractor Has a Shady New Android Malware Kit

    A contractor for the Russian military that was sanctioned for interfering in the 2016 U.S. election has developed Android malware that is being used in “highly-targeted” attacks that exfiltrate data using third-party applications. The so-called “Monokle” malware is extremely invasive.It is capable of installing the attacker’s own software certificate in a certificate store and then using it for “man-in-the-middle” attacks, intercepting data before it reaches its intended recipient.

  • FBI Director: China No. 1 Counter-Intelligence Threat to the U.S.

    The FBI has more than 1,000 investigations of U.S. intellectual property theft in all 50 states with nearly all leading back to China, FBI Director Christopher Wray said, calling China the No. 1 counter-intelligence threat to the United States. Wray described the threat as “more deep, more diverse, more vexing, more challenging, more comprehensive and more concerning than any counter-intelligence threat that I can think of.”

  • Bolstering Democracy in the Digital Age

    The Knight Foundation announced a commitment of nearly $50 million in research to better understand how technology is transforming our democracy and the way we receive and engage with information. “Amidst a growing debate over technology’s role in our democracy, these investments will help ensure society is equipped to make evidence-based decisions on how to govern and manage the now-digital public square, Knight said.

  • Anonymizing Personal Data “Not Enough to Protect Privacy”: Study

    Current methods for anonymizing data leave individuals at risk of being re-identified, according to new research. Researchers demonstrated that allowing data to be used — to train AI algorithms, for example — while preserving people’s privacy, requires much more than simply adding noise, sampling datasets, and other de-identification techniques.

  • Making it Easier to Program and Protect the Web

    Behind the scenes of every web service, from a secure web browser to an entertaining app, is a programmer’s code, carefully written to ensure everything runs quickly, smoothly, and securely. MIT Professor Adam Chlipala builds tools to help programmers more quickly generate optimized, secure code.

  • Why the Ghost Keys ‘Solution’ to Encryption is No Solution

    The use of applications such as Signal, WhatsApp, iMessage, and Facebook Messenger for communications secured by end-to-end encryption has exploded over the past few years. Today, regular users of these and similar services number in the billions around the world. The U.S. Justice Department and the FBI have claimed repeatedly that the extensive use of such services hampers their ability to conduct investigations, because they cannot access encrypted communications. Officials in other countries have put forward a proposal they say would provide the needed access. But due to the fundamentals of public key encryption, this regime would end up raising most of the same concerns as other encryption back-door proposals floated in recent years.

  • Trump’s New Favorite Channel Employs Kremlin-Paid Journalist

    If the stories broadcast by the Trump-endorsed One America News Network sometimes look like outtakes from a Kremlin trolling operation, there may be a reason. One of the on-air reporters at the 24-hour network is a Russian national on the payroll of the Kremlin’s official propaganda outlet, Sputnik.

  • FaceApp Makes Today’s Privacy Laws Look Antiquated

    Cameras are everywhere, and data brokers are vacuuming up information on individuals. But regulations have not kept pace. You should stop using FaceApp, because there are few controls on how your data, including your face data, will be used. But the problems that FaceApp poses aren’t unique. Walking around anywhere can get your face included in facial-recognition databases. How that information can be mined, manipulated, bought, or sold is minimally regulated—in the United States and elsewhere.

  • Managing and Mitigating Foreign Election Interference

    President Donald Trump has repeatedly shown that he does not take the issue of Russian interference in elections seriously, most recently at the G-20 summit in Japan when he issued a “wink-wink” warning to Russian President Vladimir Putin when pressed on the issue by reporters. This is no laughing matter. While much of the media coverage has focused on Russian interference in U.S. elections, this is not just an American problem. As our new report on online foreign influence efforts (FIEs) demonstrates, this is a global problem. Since 2013, Russia has conducted at least 38 distinct influence campaigns targeting 19 different countries—and Russia isn’t alone: 53 distinct online FIEs were launched by Russia and other countries between 2013 and the end of 2018, and several remain ongoing today. Russia is by far the most active state conducting FIEs. About 72 percent of the campaigns were conducted solely by Russia, which had 29 distinct operations ongoing in 2017.