• Sensitive Personal and Financial Data of What’s Likely an Entire Country Leaked Online

    A chilling data leak on an unsecured server in Miami divulged sensitive personal and financial information of what appears to be the entire population of Ecuador. The discovery came from the internet security firm VpnMentor, which discovered the database containing more than 20 million individuals’ data—including as many as 7 million minors—on an exposed Florida-based server belonging to the Ecuadorian data and analytics company Novaestrat.

  • Fearing “Spy Trains,” Congress May Ban a Chinese Maker of Subway Cars

    A Chinese state-owned company called CRRC Corporation, the world’s largest train maker, completed the $100 million facility this year in the hopes of winning contracts to build subway cars and other passenger trains for American cities like Chicago and Washington. But growing fears about China’s economic ambitions and its potential to track and spy on Americans are about to quash those plans. Lawmakers — along with CRRC’s competitors — say they are concerned that subway cars made by a Chinese company might make it easier for Beijing to spy on Americans and could pose a sabotage threat to American infrastructure. Critics of the deal speculate that the Chinese firm could incorporate technology into the cars that would allow CRRC — and the Chinese government — to track the faces, movement, conversations or phone calls of passengers through the train’s cameras or Wi-Fi.

  • How Artificial Intelligence Is Changing Cyber Security Landscape and Preventing Cyber Attacks

    With the genuinely significant potentials of Artificial Intelligence, the probability of attackers weaponizing it and using it to boost and expand their attacks is a huge threat. One of the biggest concerns is that hackers can use AI to automate cyberattacks on a massive scale. Now, our adversaries are relying on human resources to craft and coordinate their attacks. Cybercrime and cybersecurity landscape are going to change –not for the better – if and when they learn to use AI and machine learning to do the dirty work. So, the three main implications of Artificial Intelligence to the threat landscape are the augmentation of today’s threats and attacks, the development of new threats, and the variation of the nature of existing threats.

  • North Korean Hacking Groups Hit with Treasury Sanctions

    The Department of the Treasury hit three North Korean groups with new sanctions Sept. 13 for conducting cyberattacks against critical infrastructure, including the infamous WannaCry ransomware attacks. Treasury’s Office of Foreign Asset Control announced that Lazarus Group, an advanced persistent threat believed to be working at the behest of the North Korean government and two of its subgroups, dubbed Bluenoroff and Andariel, was responsible for unleashing WannaCry, which wrought havoc across hospital and health care organizations in as well as other sectors in the United Kingdom and other industrial sectors in 2017, as well as the 2014 Sony hack.

  • West Needs to Be Ready for Terrorist “Dirty” Cyber Bomb

    The West must take necessary precautions to prevent terrorists from launching a “dirty” cyber bomb, Lt.-Gen. (ret.) Vincent Stewart, who stepped down a few months ago from his post as deputy head of the US Cyber Command. Stewart that while the West took cyberattacks from nation-states seriously, it is vastly underestimating the danger of a massive ISIS or al-Qaeda cyberattack which could cripple a country’s entire infrastructure. While drawing attention to cyber terrorism, Stewart acknowledged that a nation state like Russia was still the most dangerous cyber adversary with “Russia viewing itself as a global power” and Russian President Vladimir “Putin believing he is almost the czar.”

  • New Clues Show How Russia’s Grid Hackers Aimed for Physical Destruction

    For nearly three years, the December 2016 cyberattack on the Ukrainian power grid has presented a menacing puzzle. Two days before Christmas that year, Russian hackers planted a unique specimen of malware in the network of Ukraine’s national grid operator, Ukrenergo. Just before midnight, they used it to open every circuit breaker in a transmission station north of Kyiv. The result was one of the most dramatic attacks in Russia’s , an unprecedented, automated blackout across a broad swath of Ukraine’s capital. In an insidious twist in the Ukrenergo case, Russia’s hackers apparently intended to trigger that destruction not at the time of the blackout itself but when grid operators turned the power back on, using the utility’s own recovery efforts against them.

  • How to Act against Domestic Terrorists — and Their Foreign Supporters

    The United States faces a surging domestic terrorism threat in the homeland. In the aftermath of the El Paso and Dayton shootings in the first weekend of August, more than 40 people were   arrested for threats to commit mass attacks by the end of that month. GW Program on Extremism suggests two ways to achieve a more effective and coordinated multisector response to the domestic terrorism threat. First, specific criminal statutes for domestic terrorism offenses need to be enacted that penalize the commission of specific violent crimes. Acknowledging concerns that new criminal statutes related to property damage may stifle legitimate protest, new criminal statutes could be limited to violence against persons and providing material support to terrorists. Second, the list of proscribed foreign terrorist organizations (FTOs) should include far-right actors outside of the United States.

  • Israel Planted Eavesdropping Devices to Spy on Trump, WH officials: U.S. Intelligence Officials

    The U.S. intelligence community has concluded that Israel was behind the placement of cellphone surveillance equipment near the White House and at other locations in Washington, D.C. Politico reports that a former senior U.S. official with first-hand knowledge of the issue said that the U.S. intelligence community believes the devices were installed to spy on President Donald Trump and top administration officials.

  • Watch out: Your Devices May Be Listening to You

    We have become accustomed to carrying our mobile phones and tablet devices everywhere we go. The mobile phone has essentially become an integral part of our everyday lives, helping us to communicate, make payments and socialize. Unfortunately, the smart devices of today are equipped with many different types of sensors that may be listening in on our conversations.

  • How Disinformation Could Sway the 2020 Election

    In 2016, Russian operatives used Facebook, Twitter and YouTube to sow division among American voters and boost Donald Trump’s presidential campaign. What the Russians used to accomplish this is called “disinformation,” which is false or misleading content intended to deceive or promote discord. Now, with the first presidential primary vote only five months away, the public should be aware of the sources and types of online disinformation likely to surface during the 2020 election.

  • Foreign Interference Threat Bigger than Terrorism, Warns Spymaster

    Foreign interference and hostile state espionage are a bigger threat to Australia’s security than terrorism, one of the country’s top spy chiefs has warned. Duncan Lewis, the outgoing head of Australian Security Intelligence Organization (ASIO), identified three challenges security confronting Australians: terrorism, cyber warfare; and foreign interference and espionage. But the latter was on a “growth trajectory” and is a greater threat than terrorism, he told a Lowy Institute forum in Sydney.

  • Lega Nord’s Bedfellows: Russians Offering Illicit Funding to Italian Far-Right Party Identified

    In the last four years, the Kremlin has engaged in a broad, systematic campaign – consisting of hacking, a vast social media disinformation effort, and illicit funding – to weaken the West by helping far-right, populist, pro-Russian politicians and movements reach power. One of their successes was in Italy, where the far-right, anti-EU, anti-immigrant Northern League and the eclectic, anti-establishment 5 Star Movement won enough seats in the Fall 2017 election to form a coalition government (which collapsed last week, after more than a 1.5 years in power). Prosecutors in Milan have launched an investigation of The League after recordings emerged of meetings between League leaders and Kremlin emissaries, in which a scheme to secure funding for The League in the upcoming European parliament elections was discussed. The funding – in the millions of Euro – was to be funneled via artificially underpriced Russian oil export transactions.

  • The BBC Joins Up with Google, Facebook, and Twitter to Try to Tackle Misinformation Online

    The BBC is teaming up with some of the biggest names in tech to coordinate a defense against the online disinformation campaigns endemic to some of their platforms, the outlet announced Saturday. Google, Twitter, and Facebook said that they, and the BBC, would come up with a targeted approach which, in part, uses an early warning system during critical periods when the spread of misinformation “threatens human life or disrupts democracy during election,” per the BBC.

  • NOAA’s Chief Scientist Will Investigate Why Agency Backed Trump over Its Experts on Dorian, Email Shows

    NOAA acting chief scientist said he was investigating whether the agency’s response to President Trump’s incorrect claims about the risk Hurricane Dorian posed to Alabama constituted a violation of NOAA policies and ethics. Forecasters in the Birmingham, Alabama office of the National Weather Service (NWS) immediately corrected Trump’s initial (1 September) false claims, but five days later (6 September), two NOAA administrators issued an unsigned press release which appeared to lend support to Trump’s claims. “The NWS Forecaster(s) corrected any public misunderstanding in an expert and timely way, as they should,” the chief scientist, Craig McLean, wrote to NOAA employees. “There followed, last Friday, an unsigned press release from ‘NOAA’ that inappropriately and incorrectly contradicted the NWS forecaster. My understanding is that this intervention to contradict the forecaster was not based on science but on external factors including reputation and appearance, or simply put, political.” Scientists and experts in emergency response harshly criticized NOAA officials for bowing to political pressures and conceding to Trump’s false claims during a weather emergency, when accuracy, messaging, and trust in public safety agencies are vital to keep the public safe.

  • Warning Issued After Malware Is Found to Have Hijacked Bitcoin Blockchain

    Bitcoin’s blockchain has been hijacked by a new strain of the Glupteba malware that uses the network to resist attacks, cyber security researchers have warned. The malware uses the bitcoin blockchain to update, meaning it can continue running even if a device’s antivirus software blocks its connection to servers run by the hackers, security intelligence blog Trend Micro reported this week.