• Thwarting cyberattacks by giving attackers “false hope”

    With almost every online purchase, a person’s personal information — name, date of birth and credit card number — is stored electronically often in the “cloud,” which is a network of internet servers. Now, as more people buy from online businesses, researchers hope to employ a new strategy in the ongoing struggle to protect digital information in the cloud from targeted cyberattacks. The strategy establishes a new artificial intelligence system to combat digital intrusions.

  • New computing architectures to deliver verifiable data assurances

    Whether a piece of information is private, proprietary, or sensitive to national security, systems owners and users have little guarantees about where their information resides or of its movements between systems. As is the case with consumers, the national defense and security communities similarly have only few options when it comes to ensuring that sensitive information is appropriately isolated, particularly when it’s loaded to an internet-connected system. A new program seeks to create new software and hardware architectures that provide physically provable assurances around data security and privacy.

  • Kansas anti-Muslim bomb plotters sentenced to long prison terms

    Three members of a far-right militia, who were convicted of plotting to massacre Muslims in southwest Kansas immediately after the November 2016 election, were sentenced Friday to decades in prison. The terrorist plot was foiled after another militia member informed the police. Defense attorneys, in their sentencing memo, vigorously presented what came to be known as The Trump Defense: They argued that Trump’s anti-Muslim rhetoric during the 2016 election made attacks against Muslims appear legitimate. The defense attorneys also argued that the plot architect had been “immersed” in Russian disinformation and far-right propaganda, leading him to believe that if Donald Trump won the election, then-President Barack Obama would declare martial law and not recognize the validity of the election — forcing armed militias to step in to ensure that Trump became president.

  • Understudied terrorists put under a microscope

    Bombs exploding, hostages taken and masked gunmen firing machine guns are all types of terrorist attacks we’ve seen. According to a new study, it’s the attacks we don’t see – cyberattacks – that happen more often and can cause greater destruction. “Little work has been done around the use of the internet as an attack space,” said Thomas Holt, Michigan State University professor of criminal justice and lead author. “The bottom line is that these attacks are happening and they’re overlooked. If we don’t get a handle understanding them now, we won’t fully understand the scope of the threats today and how to prevent larger mobilization efforts in the future.”

  • Finding the secret doors into software

    The word “hacker” often conjures up the stereotype of a nefarious genius typing away on a computer in a darkened room, stealing personal information — or worse. And thirty years ago, hacking was viewed as criminal activity. But the culture has changed. Now companies like Google, Facebook, and United Airlines offer rewards to people who discover and report vulnerabilities in their software.

  • To protect us from the risks of advanced artificial intelligence, we need to act now

    Artificial intelligence can play chess, drive a car and diagnose medical issues. Examples include Google DeepMind’s AlphaGo, Tesla’s self-driving vehicles, and IBM’s Watson. This type of artificial intelligence is referred to as Artificial Narrow Intelligence (ANI) – non-human systems that can perform a specific task. With the next generation of AI the stakes will almost certainly be much higher. Artificial General Intelligence (AGI) will have advanced computational powers and human level intelligence. AGI systems will be able to learn, solve problems, adapt and self-improve. They will even do tasks beyond those they were designed for. The introduction of AGI could quickly bring about Artificial Super Intelligence (ASI). When ASI-based systems arrive, there is a great and natural concern that we won’t be able to control them.

  • 2016 Twitter fake news engagement: Highly concentrated and conservative-leaning

    By studying how more than 16,000 American registered voters interacted with fake news sources on Twitter during the 2016 U.S. presidential election, researchers report that engagement with fake news was extremely concentrated. Only a small fraction of Twitter users accounted for the vast majority of fake news exposures and shares, they say, many among them older, conservative and politically engaged.

  • Interview with "Virtual Terror" author Daniel Wagner

    “One of the characteristics of Virtual Terrorism is that it allows countries like North Korea (and Iran) to punch well above their weight in the cyber arena, and conduct their own form of ‘diplomacy’ on the cyber battlefield. These countries have already attacked the U.S. and other countries – all countries with the capability to do so, do so,” says Daniel Wagner. “The best way to fight it is to help ensure that as many people as possible understand what it is, what some of the challenges are in fighting it, and what can we do about it.”

  • Cloaking location on mobile devices to protect privacy

    We agree to give up some degree of privacy anytime we search Google to find a nearby restaurant or use other location-based apps on our mobile devices. The occasional search may be fine, but researchers says repeatedly pinpointing our location reveals information about our identity, which may be sold or shared with others. The researchers say there is a way to limit what companies can glean from location information.

  • On Facebook and Twitter, even if you don’t have an account, your privacy is at risk

    Individual choice has long been considered a bedrock principle of online privacy. If you don’t want to be on Facebook, you can leave or not sign up in the first place. Then your behavior will be your own private business, right? A new study shows that privacy on social media is like second-hand smoke. It’s controlled by the people around you.

  • Questioning the effectiveness of offensive cyber operations

    Great-power competition in the twenty-first century increasingly involves the use of cyber operations between rival states. But do cyber operations achieve their stated objectives? What are the escalation risks? Under what conditions could increasingly frequent and sophisticated cyber operations result in inadvertent escalation and the use of military force? The answers to these questions should inform U.S. cybersecurity policy and strategy.

  • Data breaches are inevitable – here’s how to protect yourself anyway

    It’s tempting to give up on data security altogether, with all the billions of pieces of personal data – Social Security numbers, credit cards, home addresses, phone numbers, passwords and much more – breached and stolen in recent years. But that’s not realistic – nor is the idea of going offline entirely. In any case, huge data-collection corporations vacuum up data about almost every American without their knowledge. As cybersecurity researchers, we offer good news to brighten this bleak picture. There are some simple ways to protect your personal data that can still be effective, though they involve changing how you think about your own information security.

  • Facebook deletes hundreds of Russian troll pages

    Facebook announced it had shut down more than 360 pages and accounts, with some tied to the Internet Research Agency (IRA). from the United States to Germany, Facebook has come under immense pressure to combat fake news, disinformation campaigns, and hate speech on its platforms.

  • Huawei industrial espionage in Poland leads to calls for boycott

    The Chinese telecom giant’s industrial espionage activities in Poland have prompted calls for the company to be banned. The United States is leading the push for a boycott, but many EU governments remain undecided. Huawei offers a capable 5G technology, which represents a quantum leap in wireless communication speed, and which will be key to developing the Internet of Things (IoT), including self-driving cars. Critics charge that much of that technology was stolen from Western companies by Chinese intelligence agencies, for which Huwawei serves as a front.

  • The quiet threat inside ‘internet of things’ devices

    As Americans increasingly buy and install smart devices in their homes, all those cheap interconnected devices create new security problems for individuals and society as a whole. The problem is compounded by businesses radically expanding the number of sensors and remote monitors it uses to manage overhead lights in corporate offices and detailed manufacturing processes in factories. Governments, too, are getting into the act – cities, especially, want to use new technologies to improve energy efficiency, reduce traffic congestion and improve water quality. The number of these “internet of things” devices is climbing into the tens of billions. They’re creating an interconnected world with the potential to make people’s lives more enjoyable, productive, secure and efficient. But those very same devices, many of which have no real security protections, are also becoming part of what are called “botnets,” vast networks of tiny computers vulnerable to hijacking by hackers.