• How Will We Protect American Infrastructure from Cyberattacks

    As the Colonial Pipeline hack and subsequent shutdown reminded us so recently, our infrastructure’s digital connectedness — while bringing benefits like convenience, better monitoring and remote problem-solving — leaves it vulnerable to cyberattacks.

  • How America Turned the Tables on Huawei

    The United States started warning allies and partners in 2019 that having the Chinese telecom firm Huawei build their 5G telecom infrastructure risked exposing their citizens’ and their official data to Chinese state surveillance. The Trump administration argued that countries should keep Huawei out, both for their own sake and for the sake of collective security among democratic allies.

  • Digital Forensics Student on Pace to Be on 1st U.S. Cyber Team

    UCF graduate student Cameron Whitehead is on track to become a member of the first U.S Cyber Team to represent the nation in the inaugural International Cyber Security Challenge later this year in Athens, Greece. Whitehead, who is studying for his master’s degree in digital forensics, recently placed second out of 688 competitors in the U.S. Cyber Open, the first qualifying step to join the team.

  • Developing Research Model to Fight Deepfakes

    Detecting “deepfakes,” or when an existing image or video of a person is manipulated and replaced with someone else’s likeness, presents a massive cybersecurity challenge: What could happen when deepfakes are created with malicious intent? Artificial intelligence experts are working on a new reverse-engineering research method to detect and attribute deepfakes.

  • Defending against Smudge Attacks

    Many modern devices that hold our personal and business information are touchscreen and hackers and thieves are always resourceful. The smudges left by your fingertips remain on the screen, marking out the likely numbers from the virtual keypad on your phone that you used to tap in your PIN. Soon after, the phone is lost or stolen and that malicious third party carries out a “smudge attack” – they look at the screen and can have a good guess at the digits in your PIN.

  • Cyber Regulation Could Be Coming Following Spate of Hacks, Ransomware Attacks

    The United States may soon look to regulate private companies, mandating higher standards for cybersecurity following a series of damaging hacks and ransomware attacks against key firms and critical infrastructure. Cybersecurity experts say that malign actors are currently operating with impunity and that too many private sector organizations have, so far, failed to take the necessary precautions. “Enlightened self-interest, that’s apparently not working,” Chris Inglis, tapped to be the country’s first national cyber director, told members of the Senate Homeland Security and Governmental Affairs Committee. “Market forces, that’s apparently not working.”

  • U.S. Attorney General Warns Ransomware “Getting Worse and Worse”

    U.S. Attorney General Merrick Garland warned Wednesday that ransom-motivated cyberattacks are “getting worse and worse,” echoing other top Biden administration officials who have sounded the alarm about the problem in recent weeks.  “We have to do everything we possibly can here,” Garland told lawmakers. “This is a very, very serious threat.” 

  • Fastly’s Global Internet Meltdown Could Be a Sign of Things to Come

    For an hour on the morning of June, dozens of the world’s most-visited websites went offline. Together, these websites handle hundreds of millions of users. This case illustrates the fragility of an internet that’s being routed through fewer and fewer channels. When one of those major channels fails, in what is called a “single point of failure”, the results are dramatic, disruptive and incredibly costly. It’s urgent we address this significant vulnerability if we’re to avoid another global internet meltdown – but this time caused by criminals, not code.

  • China's Internet Trolls Go Global

    Chinese trolls are beginning to pose serious threats to economic security, political stability, and personal safety worldwide. The CCP-backed trolls have become more than a nuisance, and the magnitude and frequency of their attacks will likely continue to increase. Formulating an effective response will require understanding their size, tactics, and mission as the CCP widens the scope of its public opinion war to include foreign audiences.

  • Study Shows AI-Generated Fake Reports Fool Experts

    AIs can generate fake reports that are convincing enough to trick cybersecurity experts. If widely used, these AIs could hinder efforts to defend against cyberattacks. These systems could set off an AI arms race between misinformation generators and detectors.

  • Researchers Discover Novel Class of Vehicle Cyberattacks

    Vehicles are becoming more and more connected to the Internet, and malicious hackers are licking their lips. A team led by Carnegie Mellon University CyLab researchers have discovered a new class of cybersecurity vulnerabilities in modern day vehicles. If exploited, an attacker could sneak past a vehicle’s intrusion detection system (IDS) and shut down various components, including the engine, by executing some crafty computer code from a remote location. No hardware manipulations nor physical access to the vehicle are necessary.

  • Ghosts in the Machine: Malicious Bots Spread COVID Untruths

    Malicious bots, or automated software that simulates human activity on social media platforms, are the primary drivers of COVID-19 misinformation, spreading myths and seeding public health distrust exponentially faster than human users could, suggests a new study.

  • Broad Swath of the Web Knocked Offline by Outage

    A broad swath of the World Wide Web has been knocked offline by an outage at edge cloud CDN specialist Fastly. The company runs an “edge cloud,” which is designed to speed up loading times for websites, protect them from denial-of-service attacks, and help them deal with bursts of traffic. The technology requires Fastly to sit between most of its clients and their users. That means that if the service suffers a catastrophic failure, it can prevent those companies from operating on the net at all.

  • Fastly Global Internet Outage: Why Did So Many Sites Go Down — and What Is a CDN, Anyway?

    If you were having difficulty accessing your favorite website on Tuesday time, you’re not alone. A jaw-dropping number of major websites around the globe suddenly became unavailable with no immediately obvious explanation — before reappearing an hour later. To understand why it happened, you need to know what a CDN (content delivery network) is and how crucial they are to the smooth running of the internet.

  • Like a Spellchecker for Developers: Automated Detection of Security Vulnerabilities in Cloud Applications

    Cloud computing is a growing market. But cyberattacks on cloud software systems are on the rise, too, as these applications often contain security vulnerabilities that hackers are able to exploit. CodeShield software – which is produced by the company of the same name – uncovers these vulnerabilities and fixes them using automated methods.