• Cryptocurrency Laundering Is a National Security Risk

    As U.S. adversaries get more acquainted with blockchain technology, their hostile cyber operations are likely to rely increasingly on cryptocurrency activity. And rogue states are likely to become more innovative in using cryptocurrencies as they try to dampen the impact of U.S. economic sanctions.

  • Combating the Coronavirus Infodemic: Is Social Media Doing Enough?

    The global coronavirus pandemic has also spawned an epidemic of online disinformation, ranging from false home remedies to state-sponsored influence campaigns. To stem the growing “infodemic,” social media platforms have moved quickly to quash disinformation on their platforms. Their response represents the strongest attempts to police disinformation to date, though actual results have been mixed.

  • Journalism Is an “Attack Surface” for Those Spreading Misinformation

    For all the benefits in the expansion of the media landscape, we’re still struggling with the spread of misinformation—and the damage is especially worrisome when it comes to information about science and health. “Believing things that aren’t true when it comes to health can be not just bad for us, but dangerous,” said one expert.

  • Faster Way to Replace Bad Data with Accurate Information

    Research have demonstrated a new model of how competing pieces of information spread in online social networks and the Internet of Things (IoT). The findings could be used to disseminate accurate information more quickly, displacing false information about anything from computer security to public health.

  • Preventing Quantum Cyberattacks

    From defense and health information to social networking and banking transactions, communications increasingly rely on cryptographic security amid growing fears of cyberattacks. However, can such sensitive data be unhackable?

  • Why Does Russia Use Disinformation?

    There is much discussion about Russian disinformation in today’s popular discourse, but the conversation about why Russia uses disinformation usually does not get beyond general notions of Moscow wanting to “divide us” or “muddy the waters.” Kasey Stricklin writes that this is dangerous and incorrect thinking, because, in fact, “Russia has a number of strategic goals that it hopes to advance through its use of disinformation, including restoring Russia to great power status, preserving its sphere of influence, protecting the Putin regime and enhancing its military effectiveness.

  • Deal with Ransomware the Way Police Deal with Hostage Situations

    When faced with a ransomware attack, a person or company or government agency finds its digital data encrypted by an unknown person, and then gets a demand for a ransom. The two major ways people have so far responded – pay the ransom of hire a specialist to recover the data — are missing another option that we have identified in our cybersecurity policy studies. Police have a long history of successful crisis and hostage negotiation – experience that offers lessons that could be useful for people and organizations facing ransomware attacks.

  • Cyber Attacks against Hospitals and the COVID-19 Pandemic: How Strong are International Law Protections?

    In a situation where most, if not all of us are potential patients, few government-provided services are more important than the efficient delivery of health care. The strain on hospitals around the world is rapidly growing, to which states have responded by mobilizing military medical units, nationalizing private medical facilities, and building emergency hospitals. All of this underlines the urgent need to understand what protections the law offers against attacks – including cyberattacks – on medical facilities.

  • In Politics and Pandemics, Russian Trolls Use Fear, Anger to Drive Clicks

    Facebook users flipping through their feeds in the fall of 2016 faced a minefield of Russian-produced targeted advertisements pitting blacks against police, southern whites against immigrants, and gun owners against Obama supporters. The cheaply made ads were full of threatening, vulgar language, but according to a sweeping new analysis, they were remarkably effective, eliciting clickthrough rates as much as nine times higher than what is typical in digital advertising. The Kremlin-sponsored troll farms are still at it, already engaged in disinformation campaigns around COVID-19.

  • Strengthening Cybersecurity in Sports Stadiums

    Someone pulled a fire alarm during the February 2018 school shooting in Parkland, Florida, which killed 17 students and teachers. The alarm caused more students to move into the hallways and into harm’s way. “Hackers no longer use cyberattacks to cause cyber damage,” says an expert. Instead, “they are using these attacks to cause physical damage or put people in locations to maximize physical damage.” Sports venues, with tens of thousands of spectators, are especially vulnerable. To combat the cyber threat in sports, scientists built an assessment tool for team and stadium owners to fix vulnerabilities.

  • Protecting U.S. Energy Grid and Nuclear Weapons Systems

    To deter attempts to disable U.S. electrical utilities and to defend U.S. nuclear weapon systems from evolving technological threats, Sandia researchers have begun two multiyear initiatives to strengthen U.S. responses.

  • How Secure Are 4- and 6-Digit Mobile Phone PINs

    Apple and Android implement a number of measures to protect their users’ devices. An international team of IT security experts has investigated how useful they are. They found that six-digit PINs actually provide little more security than four-digit ones. They also showed that the blacklist used by Apple to prevent particularly frequent PINs could be optimized and that it would make even greater sense to implement one on Android devices.

  • Time for Regulators to Take Cyber Insurance Seriously

    In April 1997, Steven Haase and some of his colleagues in the insurance industry hosted a “Breach on the Beach” party at the International Risk Insurance Management Society’s annual convention in Honolulu to launch the first ever cyber-insurance policy. Josephine Wolff writes that it would be years, still, before cyber insurance would generate sufficiently significant sales numbers to attract the interest of most major insurers and their customers. More than two decades later, cyber insurance has expanded into a multibillion-dollar global business, with 528 U.S. insurance firms reporting that they offered cyber-specific policies in 2018.

  • Experts: Russia Using Virus Crisis to Sow Discord in West

    Experts say that Kremlin’s disinformation specialists are behind a disinformation campaign in the Western media on coronavirus, intended to fuel panic and discord among allies, deepen the crisis, exacerbate its consequences, and hamper the ability of Western democracies to respond to it effectively. The European Union has accused Moscow of pushing fake news online in English, Spanish, Italian, German and French, using “contradictory, confusing and malicious reports” to make it harder for the bloc leaders to communicate its response to the COVID-19 pandemic.

  • Truth Decay in the Coronavirus Moment: Q&A with Jennifer Kavanagh

    The COVID-19 crisis “is the type of environment in which false and misleading information thrives and spreads quickly. People are vulnerable. People are afraid. People don’t know what to believe. Trust in basically every organization or position that we would turn to is pretty low. There’s higher trust in the medical community than in, say, media or government, but it’s still not all that high. The combination of low trust and high volume of information coming from people who are not experts—but purport to be experts—creates the perfect storm for the average person,” says Jennifer Kavanagh, author of Truth Decay.