• First Hacker-Resistant Cloud Software System

    As the first system to guarantee the security of virtual machines in the cloud, SeKVM could transform how cloud services are designed, developed, deployed, and trusted.

  • Antisemitism on TikTok

    Over the last few years, TikTok—the social media app that allows users to create and share short videos—has gained immense popularity. While much of the content on TikTok is lighthearted and fun, extremists have exploited the platform to share hateful content and recruit new adherents.

  • Cyber Attacks Can Shut Down Critical Infrastructure. It’s Time to Make Cyber Security Compulsory

    By Richard Oloruntoba and Nik Thompson

    The 7 May attack on the Colonial Pipeline highlights how vulnerable critical infrastructure such as fuel pipelines are in an era of growing cyber security threats. In Australia, we believe the time has come to make it compulsory for critical infrastructure companies to implement serious cyber security measures.

  • Evil Eye Gazes Beyond China’s Borders: Troubling Trends in Chinese Cyber Campaigns

    By Eli Clemens

    On March 24, 2021, Facebook announced they had taken actions against an advanced persistent threat (APT) group located in China, previously monikered as Evil Eye. Evil Eye’s campaign was clearly motivated by a political goal that China frequently uses a blend of information operations (IO) and cyber means to accomplish: the disruption of dissidents, especially those who raise awareness of China’s human rights violations against its ethnic minorities.

  • The Case for a “Disinformation CERN”

    By Anastasia Kapetas

    Democracies around the world are struggling with various forms of disinformation afflictions. But the current suite of policy prescriptions will fail because governments simply don’t know enough about the emerging digital information environment.

  • On Christchurch Call Anniversary, a Step Closer to Eradicating Terrorism Online?

    Is it possible to eradicate terrorism and violent extremism from the internet? To prevent videos and livestreams of terrorist attacks from going viral, and maybe even prevent them from being shared or uploaded in the first place? Courtney C. Radsch writes that the governments and tech companies involved in the Christchurch Call are dealing with a difficult issue: “The big question is whether the twin imperatives of eradicating TVEC while protecting the internet’s openness and freedom of expression are compatible,” Radsch writes.

  • It’s Time to Surge Resources into Prosecuting Ransomware Gangs

    In the popular imagination, hacking is committed by lone wolves with exceptional computer skills. But in reality, the vast majority of hackers do not have the technical sophistication to create the malicious tools that are essential to their trade. Kellen Dwyer writes that hacking has exploded in recent years because criminals have specialized and subspecialized so that each one can concentrate on facilitating just a single phase of a successful data breach. This is known as cybercrime-as-a-service and it is a massive business. This intricate cybercrime ecosystem offers the key to fighting it: “While organization and specialization are strengths of cybercriminals, they are also weaknesses. That means there are organizations that can be infiltrated and exploited.”

  • Does Correcting Online Falsehoods Make Matters Worse?

    By Peter Dizikes

    So, you thought the problem of false information on social media could not be any worse? Well, there is evidence it can. A new study shows Twitter users post even more misinformation after other users correct them.

  • Shape-Shifting Computer Chip Thwarts an Army of Hackers

    By Todd Austin and Lauren Biernacki

    A processor is the piece of computer hardware that runs software programs. Since a processor underlies all software systems, a secure processor has the potential to protect any software running on it from attack. We have developed and tested a secure new computer processor that thwarts hackers by randomly changing its underlying structure, thus making it virtually impossible to hack.

  • Cybersecurity as Counterterrorism: Seeking a Better Debate

    Earlier this month, a senior Justice Department official referred to ransomware as a potential “cyber weapon of mass destruction.” When hackers subsequently disabled the Colonial Pipeline, causing fuel shortages and disruptions along the East Coast, it seemed to validate this warning. Simon Handler, Emma Schroeder, and Trey Herr, however, write that it would be a mistake for the policy establishment to double down on an outdated view of cyber conflict rooted in Cold War analogies. To improve U.S. cybersecurity, policymakers should draw instead on more relevant strategic lessons from the study of terrorism and counterterrorism.

  • Colonial Pipeline is a Harbinger of Things to Come in Business

    Six days after the Colonial Pipeline was attacked by cyberhackers and left millions hanging at the gas pump, they have gained control of their operations once again. But not before the refinery paid their attackers $5 million in untraceable cryptocurrency, according to several news outlets. While the worst is over for now, experts say that it’s a harbinger of things to come and more preparation and alternative modes of supply chain are needed to ward off future attacks.

  • Panic at the Pump and the Real Threat to Energy Security

    On Friday, May 7, the Colonial Pipeline was taken offline by a cyber attack. A major piece of the national energy infrastructure, the 5,500-mile-long line carries 45% of all the fuel — including gasoline, aviation fuel, and home heating oil — consumed on the East Coast. Gregory Brew writes that “almost immediately, commentators compared the situation to the Arab oil embargo of 1973 to 1974. “Such thinking reflects years of scholarship and public discourse focusing on energy security: the ability of consumers and governments to maintain access to energy flows, at reasonable prices, and handle potential disruptions,” he writes. Such analogies, while tempting, focus attention on mythical dangers at the expense of real ones.

  • Tips and Tactics for Dealing with Ransomware

    Used in cyberattacks that can paralyze organizations, ransomware is malicious software that encrypts a computer system’s data and demands payment to restore access. To help organizations protect against ransomware attacks and recover from them if they happen, NIST has published an infographic offering a series of simple tips and tactics.

  • Enhancing Defenders’ Predictive Power in Cyberspace

    How can organizations proactively protect themselves against cyber threats? What are the current frameworks in use to protect organizations against cyber threats? Researchers have developed a new model which focuses on cyber threats from state-sponsored actors but without the assumption of access to classified information or assets.

  • Just 12 People Are Behind Most Vaccine Hoaxes on Social Media

    Researchers have found that just twelve individuals are responsible for the bulk of the misleading claims and outright lies about COVID-19 vaccines that proliferate on Facebook, Instagram and Twitter. Many of the messages about the COVID-19 vaccines being widely spread online echo the lies peddlers of health misinformation have been spreading in the past about other vaccines, for example, the vaccines against measles, mumps, and rubella.