• With hacking of U.S. utilities, Russia could move from cyberespionage toward cyberwar

    Even before the revelation on 23 July that Russian government hackers had penetrated the computer systems of U.S. electric utilities and could have caused blackouts, government agencies and electricity industry leaders were working to protect U.S. customers and society as a whole. These developments highlight an important distinction of conflict in cyberspace: between probing and attacking. The distinction between exploiting weaknesses to gather information – also known as “intelligence preparation of the battlefield” – and using those vulnerabilities to actually do damage is impossibly thin and depends on the intent of the people doing it. Intentions are notoriously difficult to figure out. In global cyberspace they may change depending on world events and international relations. The dangers – to the people of the United States and other countries both allied and opposed – underscore the importance of international agreement on what constitutes an act of war in cyberspace and the need for clear rules of engagement.

  • Between you, me, and Google: Problems with Gmail's “Confidential Mode”

    With Gmail’s new design rolled out to more and more users, many have had a chance to try out its new “Confidential Mode.” While many of its features sound promising, what “Confidential Mode” provides isn’t confidentiality. At best, the new mode might create expectations that it fails to meet around security and privacy in Gmail.

  • Senate committees to hold hearings on Russia, recommend additional punitive measures

    Two Senate committees – the Foreign Relations Committee and the Banking Committee – announced they will hold a series of hearings on Russia. Last week, Senate Majority Leader Mitch McConnell (R-Kentucky) tasked Senators Bob Corker (R-Tennessee), chairman of the Senate Foreign Relations Committee, and Mike Crapo (R-Idaho), chairman of the Senate Banking Committee, with holding hearings on the Countering America’s Adversaries Through Sanctions Act (CAATSA), and asked them to recommend to the Senate additional measures that could respond to or deter what he called “Russian malign behavior.”

  • Russians hacked into America’s electric grid. Here’s why securing it is hard.

    Hackers taking down the U.S. electricity grid may sound like a plot ripped from a Bruce Willis action movie, but the Department of Homeland Security has recently disclosed new details about the extent to which Russia has infiltrated “critical infrastructure” like American power plants, water facilities and gas pipelines. This hacking is similar to the 2015 and 2016 attacks on Ukraine’s grid. While DHS has raised the number of the Russian utility-hacking incidents it detected from dozens to hundreds, it still maintains that this infiltration has not risen beyond scouting mode. Clearly, there’s no time to waste in shoring up the grid’s security. Yet getting that done is not easy.

  • Report: Russian hackers came close to causing U.S. blackouts last year

    DHS has warned utilities that Russian government hackers accessed the U.S. electric grid control systems in 2016 and 2017, and could have, at the time of their choosing, caused blackouts across the United States. “They got to the point where they could have thrown switches” and disrupted power flows, said Jonathan Homer, chief of industrial-control-system analysis for DHS. DHS is gathering evidence on the Russian government’s attempt to automate these attacks on the U.S. grid.

  • DOJ releases Cyber-Digital Task Force report

    The Department of Justice last Thursday released a report produced by the Attorney General’s Cyber-Digital Task Force. The report provides a comprehensive assessment of the cyber-enabled threats confronting the United States and details the ways in which the DOJ combats those threats. The first section of the report focuses on what DOJ describes as “the most pressing cyber-enabled threats confronting the United States: the threat posed by malign foreign influence operations.”

  • World-first program to stop hacking by quantum supercomputers

    IT experts have devised the world’s leading post-quantum secure privacy-preserving algorithm so powerful it can thwart attacks from supercomputers of the future. The Lattice-Based One Time Linkable Ring Signature (L2RS) enhanced security, and privacy-preserving features enable large transactions and transfer of data without risk of being hacked by quantum computers and privacy revoked by unauthorized users.

  • DOJ’s new initiative: Alerting public to foreign-influence activities targeting U.S. democracy

    The Department of Justice on Thursday announced that DOJ will begin to alert the public about foreign operations targeting U.S. democracy. The new DOJ initiative is aims to counter hacking and disinformation campaigns such as the one Russia undertook in 2016. The government will inform American companies, private organizations, and individuals that they are being covertly attacked by foreign actors attempting to affect elections or the political process. “Exposing schemes to the public is an important way to neutralize them,” said Deputy Attorney General Rod J. Rosenstein. “The American people have a right to know if foreign governments are targeting them with propaganda,” he said.

  • New cosponsors for the bipartisan DETER Act

    More lawmakers have joined Senators Marco Rubio (R-Florida) and Chris Van Hollen (D-Maryland) in sponsoring the DETER Act. DETER uses the threat of powerful sanctions to dissuade hostile foreign powers from meddling in U.S. elections by ensuring that they know well in advance that the costs will outweigh the benefits. “We must make sure Putin understands that we will not overlook his hostilities, and he will face punishing consequences if he tries to interfere in our elections again,” Rubio said. “Vladimir Putin would like nothing more than to continue sowing discord and meddling in Western democracies without consequence. Passing this legislation would help improve Americans’ faith in their system of government and send an unmistakable signal to the Kremlin that it’s not worth trying it again,” said Charles Grassley (R-Iowa).

  • Russia interfered in 2016 election, continuing “malign influence operations to this day”: FBI Director Wray

    FBI director Chris Wray on Wednesday pushed back against President Donald Trump’s recent comments that cast doubt on Russian interference in the 2016 presidential election. On Monday, two hours after the Trump-Putin summit, Director of National Security Dan Coats issued a terse statement reaffirming his agreement with the U.S intelligence community’s conclusions. “My view has not changed, which is that Russia attempted to interfere with the last election and that it continues to engage in malign influence operations to this day,” Wray told NBC Nightly News anchor Lester Holt at the Aspen Security Forum.

  • Russian intelligence, masquerading as the “Cyber Caliphate,” cyber-harassed U.S. military families

    Senator Cory Gardner (R-Colorado) and Senator Ron Wyden (D-Oregon) sent a letter last week to Attorney General Jeff Sessions urging the Department of Justice to investigate cyber harassment of U.S. military families by Russian intelligence services. Russian intelligence officers, masquerading as the “Cyber Caliphate,” had launched an intimidation campaign against several U.S. military spouses in 2015.

  • New method detects malicious emails

    Researchers at the Ben-Gurion University of the Negev (BGU) Malware Lab have developed a new method for detecting malicious e-mails that is more effective than the top 60 antivirus engines on the market. The method is built on machine learning principles and operates without internet access, making it a useful solution for both individuals and businesses.

  • EU law enforcement, Google take on terrorist online propaganda

    Europol, the European law enforcement agency, conducted a 2-day gathering of European law intelligence and enforcement services, attended by representatives from Google, to improve the tracking and removal of online terrorist propaganda being disseminated on various Google platforms.

  • Russia, post-World Cup, plans to intensify aggression against West: U.S., U.K. intel sources

    Sources familiar with intelligence collected by the United Kingdom, the United States, and other allies say that Russian intelligence agencies are about to ramp up operations targeting Western countries. The growing concern about Russia’s plans preceded the meeting earlier this week between President Donald Trump and Russian President Vladimir Putin. Intelligence officials in the United States and the United Kingdom told CNN that the Russians ordered a relative lull in activity during the month-long soccer tournament, which was hosted by Russia.

  • Congress must adopt stronger safeguards for wireless cybersecurity: Expert

    Thanks to the advent of cell phones, tablets and smart cars, Americans are increasingly reliant on wireless services and products. Yet despite digital technology advancements, security and privacy safeguards for consumers have not kept pace. One expert told lawmakers that Congress should take immediate action to address threats caused by cell-site simulators by “ensuring that, when Congress spends about a billion taxpayer dollars on wireless services and devices each year, it procures services and devices that implement cybersecurity best practices.”