• Understudied terrorists put under a microscope

    Bombs exploding, hostages taken and masked gunmen firing machine guns are all types of terrorist attacks we’ve seen. According to a new study, it’s the attacks we don’t see – cyberattacks – that happen more often and can cause greater destruction. “Little work has been done around the use of the internet as an attack space,” said Thomas Holt, Michigan State University professor of criminal justice and lead author. “The bottom line is that these attacks are happening and they’re overlooked. If we don’t get a handle understanding them now, we won’t fully understand the scope of the threats today and how to prevent larger mobilization efforts in the future.”

  • Finding the secret doors into software

    The word “hacker” often conjures up the stereotype of a nefarious genius typing away on a computer in a darkened room, stealing personal information — or worse. And thirty years ago, hacking was viewed as criminal activity. But the culture has changed. Now companies like Google, Facebook, and United Airlines offer rewards to people who discover and report vulnerabilities in their software.

  • To protect us from the risks of advanced artificial intelligence, we need to act now

    Artificial intelligence can play chess, drive a car and diagnose medical issues. Examples include Google DeepMind’s AlphaGo, Tesla’s self-driving vehicles, and IBM’s Watson. This type of artificial intelligence is referred to as Artificial Narrow Intelligence (ANI) – non-human systems that can perform a specific task. With the next generation of AI the stakes will almost certainly be much higher. Artificial General Intelligence (AGI) will have advanced computational powers and human level intelligence. AGI systems will be able to learn, solve problems, adapt and self-improve. They will even do tasks beyond those they were designed for. The introduction of AGI could quickly bring about Artificial Super Intelligence (ASI). When ASI-based systems arrive, there is a great and natural concern that we won’t be able to control them.

  • 2016 Twitter fake news engagement: Highly concentrated and conservative-leaning

    By studying how more than 16,000 American registered voters interacted with fake news sources on Twitter during the 2016 U.S. presidential election, researchers report that engagement with fake news was extremely concentrated. Only a small fraction of Twitter users accounted for the vast majority of fake news exposures and shares, they say, many among them older, conservative and politically engaged.

  • Interview with "Virtual Terror" author Daniel Wagner

    “One of the characteristics of Virtual Terrorism is that it allows countries like North Korea (and Iran) to punch well above their weight in the cyber arena, and conduct their own form of ‘diplomacy’ on the cyber battlefield. These countries have already attacked the U.S. and other countries – all countries with the capability to do so, do so,” says Daniel Wagner. “The best way to fight it is to help ensure that as many people as possible understand what it is, what some of the challenges are in fighting it, and what can we do about it.”

  • Cloaking location on mobile devices to protect privacy

    We agree to give up some degree of privacy anytime we search Google to find a nearby restaurant or use other location-based apps on our mobile devices. The occasional search may be fine, but researchers says repeatedly pinpointing our location reveals information about our identity, which may be sold or shared with others. The researchers say there is a way to limit what companies can glean from location information.

  • On Facebook and Twitter, even if you don’t have an account, your privacy is at risk

    Individual choice has long been considered a bedrock principle of online privacy. If you don’t want to be on Facebook, you can leave or not sign up in the first place. Then your behavior will be your own private business, right? A new study shows that privacy on social media is like second-hand smoke. It’s controlled by the people around you.

  • Questioning the effectiveness of offensive cyber operations

    Great-power competition in the twenty-first century increasingly involves the use of cyber operations between rival states. But do cyber operations achieve their stated objectives? What are the escalation risks? Under what conditions could increasingly frequent and sophisticated cyber operations result in inadvertent escalation and the use of military force? The answers to these questions should inform U.S. cybersecurity policy and strategy.

  • Data breaches are inevitable – here’s how to protect yourself anyway

    It’s tempting to give up on data security altogether, with all the billions of pieces of personal data – Social Security numbers, credit cards, home addresses, phone numbers, passwords and much more – breached and stolen in recent years. But that’s not realistic – nor is the idea of going offline entirely. In any case, huge data-collection corporations vacuum up data about almost every American without their knowledge. As cybersecurity researchers, we offer good news to brighten this bleak picture. There are some simple ways to protect your personal data that can still be effective, though they involve changing how you think about your own information security.

  • Facebook deletes hundreds of Russian troll pages

    Facebook announced it had shut down more than 360 pages and accounts, with some tied to the Internet Research Agency (IRA). from the United States to Germany, Facebook has come under immense pressure to combat fake news, disinformation campaigns, and hate speech on its platforms.

  • Huawei industrial espionage in Poland leads to calls for boycott

    The Chinese telecom giant’s industrial espionage activities in Poland have prompted calls for the company to be banned. The United States is leading the push for a boycott, but many EU governments remain undecided. Huawei offers a capable 5G technology, which represents a quantum leap in wireless communication speed, and which will be key to developing the Internet of Things (IoT), including self-driving cars. Critics charge that much of that technology was stolen from Western companies by Chinese intelligence agencies, for which Huwawei serves as a front.

  • The quiet threat inside ‘internet of things’ devices

    As Americans increasingly buy and install smart devices in their homes, all those cheap interconnected devices create new security problems for individuals and society as a whole. The problem is compounded by businesses radically expanding the number of sensors and remote monitors it uses to manage overhead lights in corporate offices and detailed manufacturing processes in factories. Governments, too, are getting into the act – cities, especially, want to use new technologies to improve energy efficiency, reduce traffic congestion and improve water quality. The number of these “internet of things” devices is climbing into the tens of billions. They’re creating an interconnected world with the potential to make people’s lives more enjoyable, productive, secure and efficient. But those very same devices, many of which have no real security protections, are also becoming part of what are called “botnets,” vast networks of tiny computers vulnerable to hijacking by hackers.

  • Achieving better security with randomly generating biological encryption keys

    Data breaches, hacked systems and hostage malware are frequently topics of evening news casts — including stories of department store, hospital, government and bank data leaking into unsavory hands — but now a team of engineers has an encryption key approach that is unclonable and not reverse-engineerable, protecting information even as computers become faster and nimbler.

  • Manafort wanted polling data sent to Ukrainians

    When, during the 2016 campaign, Paul Manafort sent Trump campaign’s internal polling data to Konstantin Kilimnik – a cut-out for the GRU, Russia’s military intelligence branch — he intended that data to be handed off to two Kremlin-allied Ukrainian oligarchs, Serhiy Lyovochkin and Rinat Akhmetov. Manafort told his accountant in August 2016 he was expecting $2.4 million from Ukraine in November 2016. His spokesman insists that money was payment for an old debt and not the data.

  • How Russia hacked U.S. power grid

    In an aptly titled investigative report — “America’s Electric Grid Has a Vulnerable Back Door—and Russia Walked Through It” — the Wall Street Journal has used “documents, computer records and interviews” to reconstruct exactly how Russian hackers accessed the U.S. electric grid in the spring of 2016, an attack that continued through 2017 and possibly 2018.