• Ransomware Can Interfere with Elections and Fuel Disinformation – Basic Cybersecurity Precautions Are Key to Minimizing the Damage

    Government computer systems in Hall County, Georgia, including a voter signature database, were hit by a ransomware attack earlier this fall in the first known ransomware attack on election infrastructure during the 2020 presidential election. Thankfully, county officials reported that the voting process for its citizens was not disrupted. Attacks like these underscore the challenges that cybersecurity experts face daily – and which loom over the upcoming election. As a cybersecurity professional and researcher, I can attest that there is no silver bullet for defeating cyber threats like ransomware. Rather, defending against them comes down to the actions of thousands of IT staff and millions of computer users in organizations large and small across the country by embracing and applying the basic good computing practices and IT procedures that have been promoted for years.

  • Will Russia influence the American vote?

    U.S. voters should prepare for strange and unexpected forms of information warfare that manipulate, distort or destroy election-related information between now and Election Day – and perhaps beyond that, depending on whether there are questions about who may have won the presidency. Since 2016, Americans have learned that foreign interests attempt to affect the outcomes of presidential elections, including with social media postings and television ads. As a scholar of Russian cyber operations, I know other nations, and Russia in particular, will go to extreme measures to influence people and destabilize democracy in the U.S. and elsewhere.

  • Detecting “Deepfake” Videos by Checking for the Pulse

    With video editing software becoming increasingly sophisticated, it’s sometimes difficult to believe our own eyes. Did that actor really appear in that movie? Did that politician really say that offensive thing? Some so-called “deepfakes” are harmless fun, but others are made with a more sinister purpose. But how do we know when a video has been manipulated?

  • Improving Security, Usability of Zoom's End-to-End Encryption Protocol

    During the global coronavirus pandemic, many people have been working, teaching and learning from home and utilizing Zoom as a way to have face-to-face communication. Although this is a main resource for virtual human interaction, there are still concerns for back-end security issues and meeting hackings.

  • From Cold War to Gray War: Internet Conflict Intensifying

    A former top security adviser to Boris Johnson has revealed that Britain has launched recently a series of covert cyber-based attacks on Russian leaders and their interests to “impose a price greater than one they might have expected” for their cyber-offensive against the West. Other allied powers, including the U.S., are doing so, too, say Western intelligence officials in what is becoming a “like-for-like” cyber-conflict with the Kremlin in the so-called the “gray space,” the gap between normal state relations and armed conflict.

  • U.S. Puts Sanctions on Russian Research Institution Tied to Malware That Targets Industrial Systems

    The United States has placed sanctions on a Russian government research institute connected to the development of computer malware capable of targeting industrial safety systems and causing catastrophic damage.

  • Huge, Sophisticated Black Market for Trade in Online “Fingerprints”

    Security on the internet is a never-ending cat-and-mouse game. Security specialists constantly come up with new ways of protecting our treasured data, only for cyber criminals to devise new and crafty ways of undermining these defenses. A thriving black market for user profiles is used by criminals to circumvent authentication methods that secure our online secrets.

  • Predicting the Likelihood of Cyberattacks Between Nations

    Where in the world might the next cyberattack between nations take place? A new online database developed by a team computer scientists and international studies students predicts that there is an “extremely high likelihood” of a Russian cyberattack on Ukraine. The second most likely? The United States against Iran.

  • U.S. Says Russian Hackers Targeted State, Local Governments Ahead of Election

    Russian state-sponsored hackers have targeted dozens of U.S. state and local government networks in recent weeks and stolen data from at least two servers, the U.S. government says. In an advisory released on October 22, the Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) described a range of activity from Russian-backed hackers since at least September.

  • Think Tanks in the Era of Truth Decay

    We are living through a moment of crisis that will define who we are as a nation; yet we can’t even agree on what’s real and what’s rumor. Our political discourse too often amounts to opinions about opinions, shouted across a cable-television split screen. Asked to describe their feelings toward the federal government, a majority of Americans say either “frustrated” or “angry.” All of this points to a civic disease that I’ve been calling “Truth Decay,” and that has enfeebled our response to everything from climate change to domestic terrorism to a global pandemic.

  • Finally: A Usable, Secure Password Policy Backed by Science

    After nearly a decade of studies, the passwords research group in Carnegie Mellon’s CyLab Security and Privacy Institute has developed a policy for creating passwords that maintains balance between security and usability—one backed by hard science.

  • Intelligence Agencies Accuse Iran, Russia of Trying to Use Voter Registration Data to Sow Chaos Ahead of US Election

    U.S. intelligence agencies are accusing Iran and Russia of trying to use voter registration data in “desperate attempts” to sow chaos and confusion ahead of the November 3 U.S. presidential election. In a hastily called news conference late Wednesday, Director of National Intelligence John Ratcliffe said that “We have confirmed that some voter registration information has been obtained by Iran, and separately, by Russia,” he said, adding both countries “have taken specific actions to influence public opinion relating to our elections.” 

  • Russian Propaganda Hits Its Mark

    Given the size and scope of the Russian propaganda campaign that targeted the U.S. electorate in 2016, it is critical to understand both the impact of that campaign and the mechanisms that can reduce the impact of future campaigns, says a new RAND report.

  • Seeing Is No Longer Believing: Manipulation of Online Images

    Image editing software is so ubiquitous and easy to use, and deadline-driven journalists lack the tools to tell the difference, especially when the images come through from social media.

  • Adversaries May Launch Efforts to Undermine Americans’ “Confidence in the Integrity of the Electoral Process”: CISA

    “We remain confident that no foreign cyber actor can change your vote, and we still believe that it would be incredibly difficult for them to change the outcome of an election at the national level. But that doesn’t mean various actors won’t try to introduce chaos in our elections and make sensational claims that overstate their capabilities. In fact, the days and weeks just before and after Election Day is the perfect time for our adversaries to launch efforts intended to undermine your confidence in the integrity of the electoral process”: Christopher Krebs, director of CISA.