• Superspreaders of Malign and Subversive Information on COVID-19

    The global spread of coronavirus disease 2019 (COVID-19) created a fertile ground for attempts to influence and destabilize different populations and countries. Both Russia and China have employed information manipulation during the COVID-19 pandemic to tarnish the reputation of the United States by emphasizing challenges with its pandemic response and characterizing U.S. systems as inadequate, and both countries falsely accused the United States of developing and intentionally spreading the virus.

  • New Vulnerability Affecting Computers Globally

    A team o computer science researchers has uncovered a line of attack that breaks all Spectre defenses, meaning that billions of computers and other devices across the globe are just as vulnerable today as they were when Spectre was first announced.

  • How a Norwegian Government Report Shows the Limits of CFIUS Data Reviews

    Amid growing attention to data and national security threats from China, a recent Norwegian government report sheds light on the limits of a U.S. government process for tackling them: the Committee on Foreign Investment in the United States (CFIUS). Kamran Kara-Pabani and Justin Sherman write that “CFIUS is still a useful and important mechanism for addressing the national security risks associated with direct foreign access to sensitive U.S. citizen data,” but that “policymakers must recognize that CFIUS must be complemented with other measures outside of the body’s scope.”

  • Keeping Automated Electric Vehicles Safe

    Having your social media account hacked is a pain. Having your credit card account hacked can be devastating. Having your new electric vehicle hacked could be disastrous. As the move toward automated electric cars accelerates, protecting the cybersecurity of these vehicles has become urgent.

  • Breakthrough Technology a Game Changer for Deepfake Detection

    Army researchers developed a deepfake detection method that will allow for the creation of state-of-the-art soldier technology to support mission-essential tasks such as adversarial threat detection and recognition. This work specifically focuses on a lightweight, low training complexity and high-performance face biometrics technique that meets the size, weight and power requirements of devices soldiers will need in combat.

  • The SolarWinds Hack Was All but Inevitable – Why National Cyber Defense Is a “Wicked” Problem and What Can Be Done about It

    Software supply chains are vulnerable to hackers: Many U.S. companies outsource software development because of a talent shortage, and some of that outsourcing goes to companies in Eastern Europe that are vulnerable to Russian operatives. One problem is that U.S. national cyber defense is split between the Department of Defense and the Department of Homeland Security, which leaves gaps in authority. There are no easy solutions to shoring up U.S. national cyber defenses.

  • Cybersecurity Becomes Increasingly Important: USC Students Train to Secure Networks, Data

    With over half a million cybersecurity job openings in the industry and with increased reliance on insecure networks and infrastructures, experts say that now more than ever, students pursuing cybersecurity degrees are essential to keeping data secure. USC’s Intelligence and Cyber Operation Program trains students to identify cybersecurity issues.

  • Cybersecurity Curriculum, Pilot Focused on Veterans and First Responders

    The University of Arkansas at Little Rock is part of a coalition of universities and industry partners that are developing a curriculum to increase cybersecurity talent focused on health care with $6.3 million in funding from the National Security Agency. The curriculum focuses on health care cybersecurity.

  • When Should U.S. Cyber Command Take Down Criminal Botnets?

    Trickbot is back. U.S. Cyber Command targeted this malware in autumn 2020 in an unprecedented use of military offensive cyber operations to disrupt a purely criminal operation. Jason Healey writes that “Such military operations are a good idea only in cases that meet a five-part test of imminence, severity, overseas focus, nation-state adversary, and military as a last-ish resort.”

  • How the Military Might Expand Its Cyber Skills

    As software has become an ever more integral part of life, national security experts have come to recognize that the U.S. military will need to improve its software fluency if it wants to remain dominant on the battlefields of the future.

  • U.S. Response to SolarWinds Cyber Penetrations: A Good Defense Is the Best Offense

    We are in a new “Long War,” an ambient cyber conflict that will play out over decades against multiple adversaries. This is a conflict where the best offense may be a good defense. Limiting the potential harm adversaries can impose on us, while retaining the ability to inflict asymmetric damage, offers the best hope of bolstering U.S. national security and creating a world of cyber deterrence and restraint. Hopefully, SolarWinds marks the inflection point of a pivot to a more effective defense-based national cyber strategy.

  • Punitive Response to SolarWinds Would Be Misplaced, But Cyber Deterrence Still Matters

    Some analysts argue that the United States should respond to the SolarWinds breach by focusing on improving defenses, rather than on conducting a retaliatory response such as some government officials have been advocating. Apunitive response to SolarWinds may be unwise because the available evidence indicates that the objective of the operation was national security espionage. However, this does not mean that the pursuit of deterrence strategies to address other types of malicious behavior in cyberspace, beyond espionage, is a fool’s errand. Deterrence is not a one-size-fits-all concept in cyberspace—or in any other domain.

  • Help Wanted: The Cybersecurity Workforce of the Future Starts with Students Today

    Today’s critical infrastructure systems from farm fields planted with digital sensors that track soil moisture and nutrient levels to electric power grids equipped to instantly respond to digital signals about shifts in supply and demand are increasingly vulnerable to attacks that could cripple civil society, according to cybersecurity experts. Today, there are nearly 2 million U.S. job openings in the field of cybersecurity, studies indicate.

  • In the Wake of SolarWinds: Making and Breaking a Rules-Based Global Cyber Order

    We should recognize that the need to make careful distinctions between different categories of cyber operations, and shun the use of emotive and misleading language about “attacks,” should also be extended to the field of political influence via the internet. Using cyberspace to spread propaganda, influence political outcomes and reveal or invent damaging information is an extension of tactics that have been used in different ways for millennia—including by the U.S. Actually trying to rig U.S. elections by tampering with the count online would be completely different and vastly more serious.

  • Georgia State’s Designated National Center of Academic Excellence in Cyber Defense Research, Education

    The National Security Agency (NSA) and the Department of Homeland Security (DHS) have designated Georgia State University as a National Center of Academic Excellence in Cyber Defense Research and a National Center of Academic Excellence in Cyber Defense Education through 2025.