-
Denying Denial-of-Service: Strengthening Defenses Against Common Cyberattack
A Denial-of-Service attack is a cyberattack that makes a computer or other device unavailable to its intended users. This is usually accomplished by overwhelming the targeted machine with requests until normal traffic can no longer be processed. Scientists have developed a better way to recognize a common internet attack, improving detection by 90 percent compared to current methods.
-
-
Fighting Fake “Facts” with Two Little Words: Grounding a Large Language Model's Answers in Reality
Asking ChatGPT for answers comes with a risk—it may offer you entirely made-up “facts” that sound legitimate. Despite having been trained on vast amounts of factual data, large language models, or LLMs, are prone to generating false information called hallucinations. Inspired by a phrase commonly used in journalism, the researchers conducted a study on the impact of incorporating the words “according to” in LLM queries.
-
-
Fact-Checking Found to Influence Recommender Algorithms
Researchers have shown that urging individuals to actively participate in the news they consume can reduce the spread of these kinds of falsehoods. “We don’t have to think of ourselves as captive to tech platforms and algorithms,” said a researcher.
-
-
Cyber Insurance Not Fueling the Ransomware Epidemic
Contrary to perceived wisdom, there is no compelling evidence that victims of ransomware with cyber insurance are much more likely to pay ransoms than those without.
-
-
Fighting Fake News: Using Machine Learning, Blockchain to Counter Misinformation
False information can lead to harmful consequences. How can content creators focus their efforts on areas where the misinformation is likely to do the most public harm? Research offers possible solutions through a proposed machine learning framework, as well as expanded use of blockchain technology.
-
-
New Cipher System Protects Computers Against Spy Programs
Researchers have achieved a breakthrough in computer security with the development of a new and highly efficient cipher for cache randomization. The innovative cipher addresses the threat of cache side-channel attacks, offering enhanced security and exceptional performance.
-
-
NSF Renews Cybersecurity Workforce Development Projects
The U.S. National Science Foundation CyberCorps Scholarship for Service program is renewing funding for seven academic institutions, providing more than $24 million over the next four years. For over 20 years, the CyberCorps SFS program has played an important critical role in developing the U.S. cybersecurity workforce.
-
-
New National Cyber Workforce and Education Strategy
Hundreds of thousands of cyber jobs in government and the private sector are vacant, and the administration says that filling them is a national security imperative. Today, the administration unveiled its ambitious National Cyber Workforce and Education Strategy (NCWES) which aims at addressing both short-term needs and long-terms requirements.
-
-
De-Risking Authoritarian AI
You may not be interested in artificial intelligence, but it is interested in you. AI-enabled systems make many invisible decisions affecting our health, safety and wealth. They shape what we see, think, feel and choose, they calculate our access to financial benefits as well as our transgressions. In a technology-enabled world, opportunities for remote, large-scale foreign interference, espionage and sabotage —via internet and software updates—exist at a ‘scale and reach that is unprecedented’.
-
-
The U.K. Government Is Very Close to Eroding Encryption Worldwide
The Online Safety Bill, now at the final stage before passage in the House of Lords, gives the British government the ability to force backdoors into messaging services, which will destroy end-to-end encryption. If it passes, the Online Safety Bill will be a huge step backwards for global privacy, and democracy itself.
-
-
If Cyber Is Uninsurable, the United States Has a Major Strategy Problem
The opinions of leaders in the insurance industry are opinions not to be taken lightly, as experienced leaders and among the most respected minds in the global market. And they’re concerned. Or downright terrified. The debate within the insurance industry over cyber risks reveals an important potential weakness, but the reality is far more nuanced.
-
-
Sandia Helps Develop Digital Tool to Track Cloud Hackers
Sandia programmers are helping the federal Cybersecurity and Infrastructure Security Agency (CISA) through an innovative program that enlists Microsoft cloud users everywhere to track down hackers and cyberterrorists.
-
-
Hateful Usernames in Online Multiplayer Games
The online games industry continues to fall short in protecting players from hate and extremist content in games. Usernames are a basic part of any online experience. A new report focuses on hateful usernames, which should be the easiest content for companies to moderate.
-
-
China’s Cyber Interference and Transnational Crime Groups in Southeast Asia
The Chinese Communist Party has a long history of engagement with criminal organizations and proxies to achieve its strategic objectives. This activity involves the Chinese government’s spreading of influence and disinformation campaigns using fake personas and inauthentic accounts on social media that are linked to transnational criminal organizations.
-
-
Can You Trust AI? Here’s Why You Shouldn’t
Across the internet, devices and services that seem to work for you already secretly work against you. Smart TVs spy on you. Phone apps collect and sell your data. Many apps and websites manipulate you through dark patterns, design elements that deliberately mislead, coerce or deceive website visitors. This is surveillance capitalism, and AI is shaping up to be part of it.
-
More headlines
The long view
States Rush to Combat AI Threat to Elections
This year’s presidential election will be the first since generative AI became widely available. That’s raising fears that millions of voters could be deceived by a barrage of political deepfakes. Congress has done little to address the issue, but states are moving aggressively to respond — though questions remain about how effective any new measures to combat AI-created disinformation will be.
Ransomware Attacks: Death Threats, Endangered Patients and Millions of Dollars in Damages
A ransomware attack on Change Healthcare, a company that processes 15 billion health care transactions annually and deals with 1 in 3 patient records in the United States, is continuing to cause massive disruptions nearly three weeks later. The incident, which started on February 21, has been called the “most significant cyberattack on the U.S. health care system” by the American Hospital Association. It is just the latest example of an increasing trend.
Chinese Government Hackers Targeted Critics of China, U.S. Businesses and Politicians
An indictment was unsealed Monday charging seven nationals of the People’s Republic of China (PRC) with conspiracy to commit computer intrusions and conspiracy to commit wire fraud for their involvement in a PRC-based hacking group that spent approximately 14 years targeting U.S. and foreign critics, businesses, and political officials in furtherance of the PRC’s economic espionage and foreign intelligence objectives.
Autonomous Vehicle Technology Vulnerable to Road Object Spoofing and Vanishing Attacks
Researchers have demonstrated the potentially hazardous vulnerabilities associated with the technology called LiDAR, or Light Detection and Ranging, many autonomous vehicles use to navigate streets, roads and highways. The researchers have shown how to use lasers to fool LiDAR into “seeing” objects that are not present and missing those that are – deficiencies that can cause unwarranted and unsafe braking or collisions.
Tantalizing Method to Study Cyberdeterrence
Tantalus is unlike most war games because it is experimental instead of experiential — the immersive game differs by overlapping scientific rigor and quantitative assessment methods with the experimental sciences, and experimental war gaming provides insightful data for real-world cyberattacks.