• U.S. Critical Infrastructure May Not Be Resilient Enough to Fend Off, Survive Chinese Cyberattacks: CISA Director

    By Jeff Seldin

    Americans “need to be prepared” for Chinese cyberattacks, U.S. cyber official said, because the United States may not be resilient enough to fend off and survive Chinese attacks on its critical infrastructure should the present great power competition between Washington and Beijing evolve into an actual conflict.

  • Google, Cornell to Partner in Online Security Initiative

    By Thomas Fleischman

    Most current security-related research is focused on technical challenges, but many of the most significant security failures involve humans and can often be attributed to poor design that fails to take the human factor into account. A partnership between Google and four higher-education institutions will use an interdisciplinary approach to build better foundations for secure systems and ensure that they are deployed in ways that address rather than exacerbate societal problems.

  • Operator of “Bulletproof Hosting” Service Which Distributed Destructive Malware Sentenced to Three Years in Prison

    A Romanian national who operated a “bulletproof hosting” service was sentenced to three years in prison and ordered to forfeit $3,510,000. The bulletproof hosting was used to facilitate the distribution of the Gozi Virus, the Zeus Trojan, the SpyEye Trojan, and the BlackEnergy malware, all of which were designed to steal confidential financial information.

  • Making Hospitals Cybersecure

    By Tom Cassauwers

    As medical centers increasingly come under attack from hackers, Europe is bolstering protection. The answer lies not only in better software. Cybersecurity is more often than not about people and changing their behavior.

  • The Executive Order on Commercial Spyware: Implications and Prospects

    By Rohit Kumar Sharma

    The growing national security threat from misuse of commercial spyware is increasingly being recognized. The US has been taking the lead in addressing the growing menace of unregulated spyware companies and the proliferation of intrusive tools. The Biden administration’s latest Executive Order will ensure that commercial spyware firms will be subjected to unprecedented scrutiny.

  • 3rd Annual Critical Infrastructure Security Summit Announced

    Critical Infrastructure consists of the sixteen sectors whose assets, systems, and networks, whether physical or virtual, are considered so vital to the United States that their incapacitation or destruction would have a debilitating effect on national and economic security, and on public health and safety. Defense Strategies Institute will hold its 3rd annual Critical Infrastructure Security Summit which will discuss ways to create more resilient systems to protect this infrastructure.

  • Extremist NFTs Across Blockchains

    While tech companies, politics, and civil society continue to discuss how to regulate social networks, a new age of the internet is dawning: the Web3. Julia Handle and Louis Jarvers write that with the technological advancements of Web3, it is critical to examine their application to extremism.

  • Quantum Technology for Mobile Phone Encryption Nears

    In a few years, protection of communication with quantum encryption may become a permanent fixture in mobile phones and thus protect communication from hacking. The technology has already been demonstrated in large data transfers in the financial sector.

  • How Can Congress Regulate AI? Erect Guardrails, Ensure Accountability and Address Monopolistic Power

    By Anjana Susarla

    A new federal agency to regulate AI sounds helpful but could become unduly influenced by the tech industry — instead, Congress can legislate accountability.Instead of licensing companies to release advanced AI technologies, the government could license auditors and push for companies to set up institutional review boards. The government hasn’t had great success in curbing technology monopolies, but disclosure requirements and data privacy laws could help check corporate power.

  • Can Quantum Computing Protect AI from Cyberattacks?

    AI algorithms are everywhere. They underpin nearly all autonomous and robotic systems deployed in security applications. This includes facial recognition, biometrics, drones and autonomous vehicles used in combat surveillance and military targeting applications. Can we prevent malicious attacks and improve the cybersecurity of algorithms powered by artificial intelligence (AI)? Quantum machine learning may hold the key.

  • AI Model Aims to Plug Key Gap in Cybersecurity Readiness

    By Tom Rickey

    There are more than 213,800 available known “keys”—unofficial entry points into computer systems, better known as vulnerabilities or bugs—and they’re already in the hands of criminals. There are likely many more that are not known. How can all the threats and attacks be tracked, prioritized and prevented? Scientists link resources to improve prioritization, spot attacks more quickly.

  • State-Sponsored Chinese Hackers Targeting U.S., Western Critical Infrastructure: Microsoft

    Microsoft says that Chinese government-sponsored hacking group Volt Typhoon has been attacking critical infrastructure targets in the US, Australia, Canada, New Zealand, and UK, and possibly many more countries. The affected targets span various sectors, including communications, manufacturing, utilities, transportation, construction, maritime, government, information technology, and education. The attacks began in mid-2021 and appear to be aimed at undermining the US in the event of a regional conflict.

  • Bolstering Cybersecurity in Navigation Systems

    Interference such as jamming and spoofing that targets critical infrastructure has the potential to cause widespread delays and cascading failures across multiple modes of transportation including ships, trains, trucks, and cars—and the problem is only getting worse. New project aims to enhance resilience of transportation infrastructure against cyber threats, developing advanced countermeasures for GPS spoofing and jamming.

  • New Program Will Harness AI to Bolster Cybersecurity

    Researchers will work across disciplines to develop new approaches to artificial intelligence that is informed by and works with security experts. The AI tools developed by the new program will perform security tasks quickly and accurately while anticipating potential moves made by adversaries. The AI will counteract the possible attacks in a way that protects computer network security and ensures people’s safety.

  • Bringing Better IT Security on Board

    Cyberattacks on industry and critical infrastructure are on the rise across the globe. Targets also include ships, which, by transporting billions of tons of goods around the world each year, form part of international supply chains — yet their on-board IT systems often lack secure protection.