• Macro Cyber Resilience

    The prefixes of ‘macro’ and ‘micro’ have been applied to concepts like economics, or even to activities like photography. They are easy ideas to understand in large versus small scales. However, this term is not usually used to define cyber perspectives, an increasingly important area for security applications.

  • U.S. Expels Russian Diplomats, Imposes New Sanctions on Russia in Retaliation for Hacking, “harmful activities”

    The U.S. has imposed a new round of sanctions against Russia targeting what it calls the “harmful” foreign activities of Moscow. U.S. intelligence officials have pointed the finger at Russia for a massive hack known as SolarWinds that hit large swaths of the U.S. public and private sectors last year. Widely used software is believed to have been infected with malicious code, enabling hackers to access at least nine U.S. agencies, dozens of corporations.

  • Messaging Authoritarianism: China’s Four Messaging Pillars and How ‘Wolf Warrior’ Tactics Undermine Them

    A messaging strategy is only as good as the goal it serves; as Xi Jinping has made clear, China is seeking to make the world safer for its brand of authoritarianism by reshaping the world order. An analysis of messaging from China’s diplomats, state-backed media, and leaders of the Chinese Communist Party (CCP) demonstrates that Beijing repeatedly uses narratives, angles, and comparisons that serve to change perceptions about China’s autocracy and the United States’ democracy—to China’s advantage.

  • After the Islamic State: Social Media and Armed Groups

    The Islamic State is often credited with pioneering the use of social media in conflict, having created a global brand that drew between 20,000 and 40,000 volunteers from at least 85 countries. Social media served as a key recruiting tool, source of fundraising, and platform for disseminating graphic propaganda to a global audience. Laura Courchesne and Brian McQuinn write that the Islamic State perfected tactics and strategies already widely used by hundreds of other armed groups.

  • Harnessing Chaos to Protect Devices from Hackers

    Researchers have found a way to use chaos to help develop digital fingerprints for electronic devices that may be unique enough to foil even the most sophisticated hackers. Just how unique are these fingerprints? The researchers believe it would take longer than the lifetime of the universe to test for every possible combination available.

  • Global Security Trends

    The National Intelligence Council (NIC) on Thursday released the seventh edition of its quadrennial Global Trends report. Global Trends 2040: A More Contested World is an unclassified assessment of the forces and dynamics that the NIC anticipates are likely to shape the national security environment over the next twenty years. Global competition for influence will intensify. “During the next two decades, the intensity of competition for global influence is likely to reach its highest level since the Cold War,” the report notes.

  • Cybersecurity Guide Tailored to the Hospitality Industry

    A new practical cybersecurity guide from the National Institute of Standards and Technology (NIST) can help hotel owners reduce the risks to a highly vulnerable and attractive target for hackers: the hotel property management system (PMS), which stores guests’ personal information and credit card data. 

  • The U.S. Government Needs to Overhaul Cybersecurity. Here’s How.

    After the 2015 hack of the U.S. Office of Personnel Management, the SolarWinds breach, and—just weeks after SolarWinds—the latest Microsoft breach, it is by now clear that the U.S. federal government is woefully unprepared in matters of cybersecurity. Jonathan Reiber and Matt Glenn write that “it is time for a different model for cybersecurity. U.S. military bases have layers of walls, guards, badge readers, and authentication measures to control access. The United States needs the same mindset for its cybersecurity.”

  • Cybersecurity Tech for Emergency Communications Centers

    DHS S&T is expanding pilot testing of a technology to improve the cybersecurity defenses of the nation’s emergency communications infrastructure. Odenton, Md.-based SecuLore Solutions in the research and development (R&D) of a cybersecurity defense solution based on predictive analytics and cyber data that helps detect and mitigate cybersecurity attacks against legacy emergency communications systems and new Next Generation 911 (NG911) and Internet Protocol-based technologies.

  • The EU Online Terrorism Regulation: A Bad Deal

    On 12 September 2018, the European Commission presented a proposal for a regulation on preventing the dissemination of terrorist content online—dubbed the Terrorism Regulation, or TERREG for short—that contained some alarming ideas.

  • Capitol Riot Exposed QAnon’s Violent Potential

    Many followers of the QAnon conspiracy theory see themselves as digital warriors battling an imaginary cabal of Satan-worshipping pedophiles who rule the world from the convenience of their keyboards. But the January 6 U.S. Capitol riot by supporters of former President Donald Trump exposed the potential for violence in a movement that reared its head on the fringes of the internet in 2018 and now boasts millions of adherents around the world.

  • What Would Happen If States Started Looking at Cyber Operations as a “Threat” to Use Force?

    How are threats of force conveyed in cyberspace? Duncan B. Hollis and Tsvetelina van Benthem write that when, in the spring of 2020, hackers compromised the SolarWinds Orion software by “trojanizing” the so-called Sunburst backdoor, they raised a question: “If the presence of backdoors in a victim’s network allows for future exploits capable of causing functionality losses generating destruction (or even deaths), could their presence be seen as threatening such results? More broadly, when does a cyber operation that does not itself constitute a use of force threaten force?”

  • An AI-Based Counter-Disinformation Framework

    There are different roles that AI can play in counter-disinformation efforts, but the current shortfalls of AI-based counter-disinformation tools must be addressed first. Such an effort faces technical, governance, and regulatory barriers, but there are ways these obstacles could be effectively addressed to allow AI-based solutions to play a bigger role in countering disinformation.

  • New Initiative Aims to Ensure 5G Networks Are Reliable, Secure

    The transition to 5G will affect every device connected to the internet. Later this year, a team of Stanford researchers will demonstrate how a tight formation of computer-controlled drones can be managed with precision even when the 5G network controlling it is under continual cyberattack. The demo’s ultimate success or failure will depend on the ability of an experimental network control technology to detect the hacks and defeat them within a second to safeguard the navigation systems.

  • Russian-Backed Hackers Target German Lawmakers

    Suspected Russian state-backed hackers with a history of running disinformation campaigns against NATO have targeted dozens of German lawmakers, German media reported on 26 March. The hackers used spear-phishing e-mails to target the private e-mail accounts of members of the German parliament and regional state assemblies, in the latest suspected Russian-backed effort against lawmakers in the country.