• Microprocessor designers realize security must be a primary concern

    By Mark Hempstead

    Fifty years after the founding of Intel, engineers have begun to second-guess many of the chip-making industry’s design techniques. Recently, security researchers have found that some innovations have let secrets flow freely out of computer hardware the same way software vulnerabilities have led to cyberattacks and data breaches. This realization has led to calls from microchip industry leaders, including icons John Hennessy and David Patterson, for a complete rethinking of computer architecture to put security first. Identifying and securing these newly identified hardware vulnerabilities and side-channels will be challenging, but the work is important – and a reminder that designers and architects must always think about other ways attackers might try to compromise computer systems.

  • Donald Trump’s fight with his own intelligence services will only get worse

    By Dan Lomas

    Those wanting a robust response by the United States to Russian foreign policy in Europe and the Middle East were worried about the Trump. But the worst was yet to come: in an extraordinary 46-minute joint news conference after the two men met, Trump refused to support the intelligence community’s assessment that Russia had intervened in the 2016 U.S. presidential election. While it’s foolhardy to predict the future at the best of times, never mind under the Trump administration, it’s certain that America’s spies and President Trump face a stormy future.

  • Helping state, local election officials enhance cybersecurity

    The University of West Florida Center for Cybersecurity recently partnered with the Florida Department of State and election officials across Florida to provide training for supervisors of elections and key personnel to enhance cybersecurity resiliency ahead of the 2018 elections. In January 2017, DHS designated voting systems as critical infrastructure. In May 2018, DHS, the FBI, and the Office of the Director of National Intelligence spoke to Congress about the importance of preparing state and local election officials for the coming Russian government cyberattacks on U.S. election systems, attacks which experts expect to be more sophisticated – and disruptive — than those the Kremlin launched in 2016.

  • Buried internet infrastructure at risk as sea levels rise

    Thousands of miles of buried fiber optic cable in densely populated coastal regions of the United States may soon be inundated by rising seas, according to a new study. The study, presented at a meeting of internet network researchers, portrays critical communications infrastructure that could be submerged by rising seas in as soon as fifteen years. “Most of the damage that’s going to be done in the next 100 years will be done sooner than later,” says Ban authority on the “physical internet.” “That surprised us. The expectation was that we’d have 50 years to plan for it. We don’t have 50 years.”

  • U.S. intel chief on Russia’s unrelenting cyberattacks: “The warning lights are blinking red”

    Director of National Intelligence Dan Coats said Friday that the U.S. digital infrastructure “is literally under attack” by Russia. “These actions are persistent, they’re pervasive, and they are meant to undermine America’s democracy on a daily basis, regardless of whether it is election time or not.” Coats emphasized that Russia’s hostile cyber activities go beyond targeting elections and sowing division, to attempts to target vulnerabilities in critical U.S. infrastructure, trying to infiltrate energy, water, nuclear, and manufacturing sectors. He compared today’s warning indicators related to Russian cyberattacks to the warning indicators in the run-up to 9/11. “It was in the months prior to September 2001, when according to then-CIA director George Tenet, the system was blinking red,” he said. “And here we are nearly two decades later, and I’m here to say the warning lights are blinking red again.”

  • U.S. Homeland Security chief: Russia sowing divisions among Americans

    Homeland Security Secretary Kirstjen Nielsen said U.S. intelligence officials are seeing “persistent Russian efforts” to use social media and other resources to create divisions among the American people. She said the Russians are using social media, “sympathetic spokespeople, and other fronts to sow discord and divisiveness amongst the American people.” “Though votes were not changed” during the 2016 election, she said, “any attempt to interfere in our elections — successful or unsuccessful — is a direct attack on our democracy.”

  • Improving disaster response through Twitter data

    Twitter data could give disaster relief teams real-time information to provide aid and save lives, thanks to a new algorithm developed by an international team of researchers. “The best source to get timely information during a disaster is social media, particularly microblogs like Twitter,” said one researcher. “Newspapers have yet to print and blogs have yet to publish, so Twitter allows for a near real-time view of an event from those impacted by it.”

  • 12 Russian intelligence operatives criminally charged for hacking, leaking DNC emails in 2016

    The U.S. Justice Department today (Friday) has criminally charged twelve Russian intelligence officers for the hacking and leaking emails of senior Democratic Party officials during the 2016 presidential campaign. The hacking and leaking of the emails were part of a broad and effective Kremlin effort to help Donald Trump win the November 2016 election. The 11-count indictment spells out in granular detail a carefully planned and executed attack on the information security of Democrats, planting hundreds of malware files on Democrats’ computer systems, stealing information, and then laundering the pilfered material through fake personas and others to try to influence voters’ opinions. The twelve Russian intelligence operatives indicted on Friday join thirteen other Russian individuals and three Russian companies who, in February, were criminally charged by Mueller’s team for interfering in the presidential campaign, using social media, and coordinating with low-level Trump campaign activists.

  • Fitness app Polar revealed military personnel’s sensitive location data

    The Flow fitness app produced by the Finnish sports activity tracking firm Polar has been found to reveal users’ sensitive location data, according to an investigation by several news organizations. The investigation found that it is possible to use Polar’s Flow app to track down the home addresses of military and intelligence personnel.

  • Your smartphone may be spying on you

    Some popular apps on your phone may be secretly taking screenshots of your activity and sending them to third parties, according to a new study. The researchers said this is particularly disturbing because these screenshots—and videos of your activity on the screen—could include usernames, passwords, credit card numbers, and other important personal information.

  • White supremacist propaganda on U.S. college campuses on the rise

    White supremacist groups continued to escalate their propaganda campaign targeting U.S. college campuses, with incidents increasing by 77 percent during the 2017-2018 academic year, according to new data released today by the Anti-Defamation League (ADL). “The alt-right segment of the white supremacist movement remains a driving force behind this activity,” says the ADL’s Center on Extremism.

  • “A clear preference for President-elect Trump”: Senate Intel Committee on Russia’s 2016 influence campaign

    On Tuesday, the GOP-led Senate Intelligence Committee, after sixteen months of investigation, has released the second unclassified installment of its report on the Russian election activities in 2016. The report was unanimously approved by all members of the committee. The three main takeaways: First, the January 2017 ICA [the Intelligence Community Assessment of Russia active-measures campaign to compromise the 2016 presidential election] “is a sound intelligence product”; second, “Russian efforts to influence the 2016 U.S. presidential election represent the most recent expression of Moscow’s longstanding desire to undermine the U.S.-led liberal democratic order, but these activities demonstrated a significant escalation in directness, level of activity, and scope of effort compared to previous operation”; third, “We assess Russian President Vladimir Putin ordered an influence campaign in 2016 aimed at the U.S. presidential election. Russia’s goals were to undermine public faith in the U.S. democratic process, denigrate Secretary Clinton, and harm her electability and potential presidency. We further assess Putin and the Russian Government developed a clear preference for President-elect Trump.”

  • The West is ill-prepared for the wave of “deep fakes” that artificial intelligence could unleash

    By Chris Meserole and Alina Polyakova

    Russian disinformation has become a growing problem for Western countries. European nations are finally taking action, which is an important first step, but Chris Meserole and Alina Polyakova write “to get ahead of the problem, policymakers in Europe and the United States should focus on the coming wave of disruptive technologies. Fueled by advances in artificial intelligence and decentralized computing, the next generation of disinformation promises to be even more sophisticated and difficult to detect.” Bigger data, better algorithms, and custom hardware promise to democratize the creation of fake print, audio, and video stories. “Deep fakes and the democratization of disinformation will prove challenging for governments and civil society to counter effectively,” Meserole and Alina Polyakova warn.

  • New phishing protection for mobile devices

    DHS S&T said that new and enhanced mobile phishing and content protection capabilities are being transitioned to the government and private-sector. Phishing protection, an important and first-of-its kind feature for mobile devices, was introduced to block mobile phishing attacks designed to steal user credentials or deliver malware. Beyond simply detecting phishing attempts in SMS messages, the system also detects and prevents attacks that hide inside mobile apps, social media messages, and in personal and corporate email.

  • Better detection, analysis of malicious attacks

    DHS S&T has selected Cyber 20/20, Inc. of Newark, Delaware to develop security capabilities for financial services as part of S&T’s Silicon Valley Innovation Program (SVIP). Cyber 20/20’s project—Trained Using Runtime Analysis from Cuckoo Outputs (TURACO)—expands the capabilities of Cuckoo, an open-source sandbox, to better detect and analyze malicious attacks.