• NSF awards nearly $5.7 million to protect U.S. cyberspace

    The National Science Foundation (NSF) recently gave the nation’s cybersecurity professionals a boost with the inclusion of four new universities into its CyberCorps: Scholarship for Service (SFS) program. NSF awarded nearly $5.7 million, with an expected total of almost $16.6 million over the next five years, to universities in Illinois, Maryland, Louisiana, and Texas. The schools will use the money to provide scholarships consisting of full tuition and a stipend up to $34,000 to individuals willing to work after graduation in a cybersecurity position for federal, state, local or tribal governments.

  • Proof of randomness for stronger future digital security

    Nearly all secure online traffic — from shopping to banking to communications — relies on a technique of randomly generating a number that serves as a key to unlock encrypted communication. The problem is that small programming errors can make these systems vulnerable, and those vulnerabilities can often be very difficult to detect. In an effort to block emerging threats to online security, researchers have developed a method to verify the strength of random number generators that form the basis of most encryption systems.

  • Twitter, citizen science, and AI help improve flood data collection

    Urban flooding is difficult to monitor due to complexities in data collection and processing. This prevents detailed risk analysis, flooding control, and the validation of numerical models. Researchers are combining Twitter, citizen science and cutting-edge artificial intelligence (AI) techniques to develop an early-warning system for flood-prone communities.

  • Lawmakers from states targeted by Russian hackers urge action to protect U.S. elections

    Democracy Reform Task Force Chair Rep. John Sarbanes (D-Maryland) the other day, along with members of Congress from 18 of the 21 states targeted by Russian hackers in 2016, called on House Speaker Paul Ryan to take immediate action to protect state voting systems from cyberattacks and to bolster state election infrastructure.

  • The influence and risk of social and political "bots"

    The role and risks of bots, such as automated Twitter accounts, in influencing public opinion and political elections continues to provoke intense international debate and controversy. A new collection of articles focused on “Computational Propaganda and Political Big Data” examines how these bots work, approaches to better detect and control them, and how they may have impacted recent elections around the globe. The collection is published in a special issue of Big Data.

  • Six ways (and counting) that big data systems are harming society

    There is growing consensus that with big data comes great opportunity, but also great risk. But these risks are not getting enough political and public attention. One way to better appreciate the risks that come with our big data future is to consider how people are already being negatively affected by uses of it. We need to learn from these harms. There are a range of individuals and groups developing ideas about how data harms can be prevented. Researchers, civil society organizations, government bodies and activists have all, in different ways, identified the need for greater transparency, accountability, systems of oversight and due process, and the means for citizens to interrogate and intervene in the big data processes that affect them. What is needed is the public pressure and the political will and effort to ensure this happens.

  • Helping secure first responder apps from cyberattacks

    In emergency and disaster situations, mobile devices and apps enable public-safety professionals to receive and share critical information in real-time, which enhances the delivery of life-saving services. As reliance on mobile technology grows, it is important that mobile apps used by public safety are free of malware or vulnerabilities.

  • Spotting Russian bots trying to influence politics

    A team of researchers has isolated the characteristics of bots on Twitter through an examination of bot activity related to Russian political discussions. The team’s findings provide new insights into how Russian accounts influence online exchanges using bots, or automated social media accounts, and trolls, which aim to provoke or disrupt. “There is a great deal of interest in understanding how regimes and political actors use bots in order to influence politics,” explains one researcher. “Russia has been at the forefront of trying to shape the online conversation using tools like bots and trolls, so a first step to understanding what Russian bots are doing is to be able to identify them.”

  • Kaspersky Lab appeals DHS debarment

    Kaspersky Lab yesterday announced that it is seeking an appeal in federal court of U.S. Department of Homeland Security’s (DHS) decision on Binding Operational Directive 17-01 banning the use of the company’s products in federal agencies. The company cites reputational and revenue impact of a Binding Operational Directive based on media reports, rumor, and unsubstantiated allegations.

  • “Cyberbiosecurity” and the protection of the life sciences

    Biology and biotechnology have entered a digital age, but security policies around such activities have not kept pace. New research outlines how the evolving nature of biotechnology should sound alarm bells for new ways to keep life sciences assets safe. This could be from accidental cyber-physical breaches, or more nefarious threats.

  • DHS, election industry members to launch Sector Coordinating Council

    Election industry representatives from across the country met last week with DHS and representatives from the Election Assistance Commission (EAC) to launch the formation of an industry-led Sector Coordinating Council (SCC). Sector Coordinating Councils are bodies that enable critical infrastructure owners and operators to share information and work together with DHS on sector-specific strategies, policies, and activities.

  • “Watershed attack:” Hackers deploy new ICS attack framework, disrupting critical infrastructure

    Hackers working for a nation-state recently invaded the safety system of a critical infrastructure facility in what cyber experts call “a watershed attack” that halted plant operations. Cybersecurity firm FireEye disclosed the incident on Thursday, saying it targeted Triconex industrial safety technology from Schneider Electric SE. Schneider confirmed that the incident had occurred and that it had issued a security alert to users of Triconex, which cyber experts said is widely used in the energy industry, including at nuclear facilities, and oil and gas plants. FireEye and Schneider declined to identify the victim, industry or location of the attack.

  • DNA has gone digital – what could possibly go wrong?

    Biology is becoming increasingly digitized. Researchers like us use computers to analyze DNA, operate lab equipment and store genetic information. But new capabilities also mean new risks – and biologists remain largely unaware of the potential vulnerabilities that come with digitizing biotechnology. In 2010, a nuclear plant in Iran experienced mysterious equipment failures which paralyzed Iran’s nuclear weapons program. Months later, a security firm was called in to troubleshoot an apparently unrelated problem, and found a malicious computer virus called Stuxnet, which was telling uranium-enrichment centrifuges to vibrate. Stuxnet demonstrated that cybersecurity breaches can cause physical damages. What if those damages had biological consequences? Could bioterrorists target government laboratories studying infectious diseases? What about pharmaceutical companies producing lifesaving drugs? As life scientists become more reliant on digital workflows, the chances are likely rising. The emerging field of cyberbiosecurity explores the whole new category of risks that come with the increased use of computers in the life sciences.

  • Russia-related intelligence information left out of Trump's daily briefings for fear it would upset him

    White House and national security officials have said that they purposefully leave intelligence information on Russian ongoing hacking and disinformation activities against the United States out of President Donald Trump’s daily briefings for fear such intelligence information will upset him. If the information cannot be left out, it is usually placed toward the end of the briefing in order to prevent a situation in which the president would refuse to listen to or discuss the rest of the PDB (Presidential Daily Brief).

  • Using smartphones — instead of body parts — for identification to deter cybercrime

    Not comfortable with Face ID and other biometrics? This cybersecurity advancement may be for you. Researchers have discovered how to identify smartphones by examining just one photo taken by the device. The advancement opens the possibility of using smartphones — instead of body parts — as a form of identification to deter cybercrime.