• Cyber-Attacks Against the U.K. Electoral Commission Reveal an Ongoing Threat to Democracy

    The revelations this month that data on 40 million UK voters had been exposed to hackers came as no surprise to many cybersecurity experts, who have long pointed out the vulnerability of democracies to malicious online interference. The attack reflects the serious and ongoing threat to democracies posed by cyber-interference from foreign nations and criminal organizations.

  • Government Regulation Can Effectively Curb Social-Media Dangers

    Social media posts such as those that promote terrorism and hate; spread medical misinformation; encourage dangerous challenges that put teen lives at risk; or those that glamorize suicide, pose a significant threat to society. New EU rules require social media platforms to take down flagged posts within 24 hours – and modelling shows that’s fast enough to have a dramatic effect on the spread of harmful content.

  • Using Quantum Computing to Protect AI from Attack

    Despite their incredible successes and increasingly widespread deployment, machine learning-based frameworks such as AI remain highly susceptible to adversarial attacks – that is, malicious tampering with their data causing them to fail in surprising ways. AI can thus be fooled into making mistakes, sometimes risking lives — but quantum computing could provide a strong defense.

  • Virtual City Prepares Students for Future of Cybersecurity

    CyberApolis is a virtual city used to train the next generation of cyber professionals to address national security concerns. The “city” includes a bank, hospital, large retailer, water company, power companies, an underground hacker community, an organized crime family and a growing number of smaller retailers.

  • New Message Encryption Scheme Inspired by the Sudoku Puzzle

    Researchers discuss a novel advance in data security in which the Japanese puzzle known as Sudoku promises a cryptographic system for text information that works even in situations where computational power is limited.

  • Freezing Out the Risk of Thermal Attacks

    Thermal attacks use heat-sensitive cameras to read the traces of fingerprints left on surfaces like smartphone screens, computer keyboards and PIN pads. Hackers can use the relative intensity of heat traces across recently touched surfaces to reconstruct users’ passwords. A team of computer security experts have developed a set of recommendations to help defend against ‘thermal attacks’ which can steal personal information.

  • The New Technology Which Is Making Cars Easier for Criminals to Steal, or Crash

    There is much talk in the automotive industry about the “internet of vehicles” (IoV). This describes a network of cars and other vehicles that could exchange data over the internet in an effort to make transportation more autonomous, safe and efficient. There are many benefits to IoV, but some of these systems might also make our vehicles prone to theft and malicious attack, as criminals identify and then exploit vulnerabilities in this new technology. In fact, this is already happening.

  • Safeguarding U.S. Laws and Legal Information Against Cyberattacks and Malicious Actors

    NYU Tandon School of Engineering researchers will develop new technologies to secure the “digital legal supply chain” — the processes by which official laws and legal information are recorded, stored, updated and distributed electronically.

  • Randomized Data Can Improve Our Security

    Huge streams of data pass through our computers and smartphones every day. In simple terms, technical devices contain two essential units to process this data: A processor, which is a kind of control center, and a RAM, comparable to memory. Modern processors use a cache to act as a bridge between the two, since memory is much slower at providing data than the processor is at processing it. This cache often contains private data that could be an attractive target for attackers.

  • Conspiracy Theories: How Social Media Can Help Them Spread and Even Spark Violence

    Conspiracy theory beliefs and (more generally) misinformation may be groundless, but they can have a range of harmful real-world consequences, including spreading lies, undermining trust in media and government institutions and inciting violent or even extremist behaviors.

  • Major Update to NIST’s Widely Used Cybersecurity Framework

    The world’s leading cybersecurity guidance is getting its first complete makeover since its release nearly a decade ago. NIST has revised the framework to help benefit all sectors, not just critical infrastructure.

  • DHS: Additional $374.9 Million in Funding to Boost State, Local Cybersecurity

    State and local governments face increasingly sophisticated cyber threats to their critical infrastructure and public safety. On Monday, DHS announced the availability of $374.9 million in grant funding for the Fiscal Year (FY) 2023 State and Local Cybersecurity Grant Program (SLCGP).

  • Reached: Milestone in Power Grid Optimization on World’s First Exascale Supercomputer

    Ensuring the nation’s electrical power grid can function with limited disruptions in the event of a natural disaster, catastrophic weather or a manmade attack is a key national security challenge. Compounding the challenge of grid management is the increasing amount of renewable energy sources such as solar and wind that are continually added to the grid, and the fact that solar panels and other means of distributed power generation are hidden to grid operators.

  • “Hacking” People, Not Systems: False Claims Attacks on Infrastructure

    False claims and disinformation, especially in a social media-driven society, have become major problems with potentially severe consequences. Disinformation can be weaponized to disrupt underlying cyber-physical systems, human lives and economic productivity. Recent examples include tweets that trigger spikes in gasoline prices and false social media posts reporting impending water pumping station shutdowns. In these scenarios, chaos is caused because people, not systems or devices, are “hacked.”

  • Denying Denial-of-Service: Strengthening Defenses Against Common Cyberattack

    A Denial-of-Service attack is a cyberattack that makes a computer or other device unavailable to its intended users. This is usually accomplished by overwhelming the targeted machine with requests until normal traffic can no longer be processed. Scientists have developed a better way to recognize a common internet attack, improving detection by 90 percent compared to current methods.