• Detecting Conspiracy Theories on Social Media

    Conspiracy theories circulated online via social media contribute to a shift in public discourse away from facts and analysis and can contribute to direct public harm. Social media platforms face a difficult technical and policy challenge in trying to mitigate harm from online conspiracy theory language. Researchers are working to improvemachine learning to detect and understand online conspiracy theories.

  • Protecting Critical Energy Infrastructure

    Increasingly, both Israel and the U.S. face costly cyberattacks that can cause severe damage to critical energy infrastructure. A new consortium will develop, integrate, and test technologies, and demonstrate high value cyberattack mitigation technologies on the energy infrastructure, using data analytics, artificial intelligence, and machine learning.

  • Huawei’s Ability to Eavesdrop on Dutch Mobile Users Is a Wake-up Call for the Telecoms Industry

    Chinese technology provider Huawei was recently accused of being able to monitor all calls made using Dutch mobile operator KPN. While the full report on the issue has not been made public, journalists reporting on the story have outlined specific concerns that Huawei personnel in the Netherlands and China had access to security-essential parts of KPN’s network – including the call data of millions of Dutch citizens – and that a lack of records meant KPN couldn’t establish how often this happened.

  • Complex Passwords Aren't Always Best

    Research shows increasingly complex website password restrictions often leave users frustrated and lead to poor password security. “Our results confirm that the tougher the constraints of creating the passwords the safer users feel with their information,” said one expert. “However, the results show that a large number of restrictions can frustrate users.”

  • An Uncrackable Combination of Invisible Ink and Artificial Intelligence

    Coded messages in invisible ink sound like something only found in espionage books, but in real life, they can have important security purposes. Yet, they can be cracked if their encryption is predictable. Now, researchers have printed complexly encoded data with normal ink and a carbon nanoparticle-based invisible ink, requiring both UV light and a computer that has been taught the code to reveal the correct messages.

  • New AI tool Tracks Evolution of COVID-19 Conspiracy Theories on Social Media

    A new machine-learning program accurately identifies COVID-19-related conspiracy theories on social media and models how they evolved over time—a tool that could someday help public health officials combat misinformation online.

  • Zero-Knowledge Proofs in Vulnerability Disclosure

    Today, the disclosure process for software vulnerabilities is fraught with challenges. Cybersecurity researchers and software security analysts are faced with an ethics versus efficacy dilemma when it comes to reporting or sharing discovered bugs. Revealing a vulnerability publicly may get the attention of the program’s developers and motivate a timely response, but it could also result in a lawsuit against the researcher. Researchers develop capability to mathematically prove exploitability of vulnerable software without revealing critical information.

  • Superspreaders of Malign and Subversive Information on COVID-19

    The global spread of coronavirus disease 2019 (COVID-19) created a fertile ground for attempts to influence and destabilize different populations and countries. Both Russia and China have employed information manipulation during the COVID-19 pandemic to tarnish the reputation of the United States by emphasizing challenges with its pandemic response and characterizing U.S. systems as inadequate, and both countries falsely accused the United States of developing and intentionally spreading the virus.

  • New Vulnerability Affecting Computers Globally

    A team o computer science researchers has uncovered a line of attack that breaks all Spectre defenses, meaning that billions of computers and other devices across the globe are just as vulnerable today as they were when Spectre was first announced.

  • How a Norwegian Government Report Shows the Limits of CFIUS Data Reviews

    Amid growing attention to data and national security threats from China, a recent Norwegian government report sheds light on the limits of a U.S. government process for tackling them: the Committee on Foreign Investment in the United States (CFIUS). Kamran Kara-Pabani and Justin Sherman write that “CFIUS is still a useful and important mechanism for addressing the national security risks associated with direct foreign access to sensitive U.S. citizen data,” but that “policymakers must recognize that CFIUS must be complemented with other measures outside of the body’s scope.”

  • Keeping Automated Electric Vehicles Safe

    Having your social media account hacked is a pain. Having your credit card account hacked can be devastating. Having your new electric vehicle hacked could be disastrous. As the move toward automated electric cars accelerates, protecting the cybersecurity of these vehicles has become urgent.

  • Breakthrough Technology a Game Changer for Deepfake Detection

    Army researchers developed a deepfake detection method that will allow for the creation of state-of-the-art soldier technology to support mission-essential tasks such as adversarial threat detection and recognition. This work specifically focuses on a lightweight, low training complexity and high-performance face biometrics technique that meets the size, weight and power requirements of devices soldiers will need in combat.

  • The SolarWinds Hack Was All but Inevitable – Why National Cyber Defense Is a “Wicked” Problem and What Can Be Done about It

    Software supply chains are vulnerable to hackers: Many U.S. companies outsource software development because of a talent shortage, and some of that outsourcing goes to companies in Eastern Europe that are vulnerable to Russian operatives. One problem is that U.S. national cyber defense is split between the Department of Defense and the Department of Homeland Security, which leaves gaps in authority. There are no easy solutions to shoring up U.S. national cyber defenses.

  • Cybersecurity Becomes Increasingly Important: USC Students Train to Secure Networks, Data

    With over half a million cybersecurity job openings in the industry and with increased reliance on insecure networks and infrastructures, experts say that now more than ever, students pursuing cybersecurity degrees are essential to keeping data secure. USC’s Intelligence and Cyber Operation Program trains students to identify cybersecurity issues.

  • Cybersecurity Curriculum, Pilot Focused on Veterans and First Responders

    The University of Arkansas at Little Rock is part of a coalition of universities and industry partners that are developing a curriculum to increase cybersecurity talent focused on health care with $6.3 million in funding from the National Security Agency. The curriculum focuses on health care cybersecurity.