• Building a Better “Canary Trap”

    A new artificial intelligence system generates fake documents to fool adversaries. The system automatically creates false documents to protect intellectual property such as drug design and military technology.

  • Matt Hancock and the Problem with China’s Surveillance Tech

    Matt Hancock, Britain’s Health Secretary, resigned last week – and informed his wife that he was divorcing her – after CCTV footage emerged of him snogging his assistant outside his office. Ian Williams writes that the Hancock affair raises serious questions involving surveillance and national security: The cameras involved were made by the Chinese company Hikvision, one of the 1.3 million Hikvision cameras installed across the U.K. Hikvision has close links to the Chinese Communist Party and China’s intelligence services. Even if the Chinese intelligence services were not involved in leaking the compromising Hancock video to the press, the episode is one more indication, if one were needed, of the security risks involved in allowing an unregulated access by Chinese technology companies access unfettered and unregulated access to Western markets.

  • Supply Chains Have a Cyber Problem

    If it wasn’t clear before the cyberattacks on, JBS S.A. and Colonial Pipeline, it’s now painfully clear that the intersection of cyberattacks and supply chains creates a wicked new form of risk—and the stakes are as much about national security as they are economics.

  • Making Our Computers More Secure

    Corporations and governments rely on computers and the internet to run everything, but security hacks just this past month —  including the Colonial Pipeline security breach and the JBS Foods ransomware attacks  — demonstrated, yet again, how vulnerable these systems are. Researchers presented new systems to make computers safer.

  • Path Forward for FAA’s Cybersecurity Workforce

    A new report offers path forward for creating and maintaining a cybersecurity workforce at FAA that can meet the challenges of a highly competitive cybersecurity labor market and a wave of future retirements.

  • How Will We Protect American Infrastructure from Cyberattacks

    As the Colonial Pipeline hack and subsequent shutdown reminded us so recently, our infrastructure’s digital connectedness — while bringing benefits like convenience, better monitoring and remote problem-solving — leaves it vulnerable to cyberattacks.

  • Defending against Smudge Attacks

    Many modern devices that hold our personal and business information are touchscreen and hackers and thieves are always resourceful. The smudges left by your fingertips remain on the screen, marking out the likely numbers from the virtual keypad on your phone that you used to tap in your PIN. Soon after, the phone is lost or stolen and that malicious third party carries out a “smudge attack” – they look at the screen and can have a good guess at the digits in your PIN.

  • Cyber Regulation Could Be Coming Following Spate of Hacks, Ransomware Attacks

    The United States may soon look to regulate private companies, mandating higher standards for cybersecurity following a series of damaging hacks and ransomware attacks against key firms and critical infrastructure. Cybersecurity experts say that malign actors are currently operating with impunity and that too many private sector organizations have, so far, failed to take the necessary precautions. “Enlightened self-interest, that’s apparently not working,” Chris Inglis, tapped to be the country’s first national cyber director, told members of the Senate Homeland Security and Governmental Affairs Committee. “Market forces, that’s apparently not working.”

  • U.S. Attorney General Warns Ransomware “Getting Worse and Worse”

    U.S. Attorney General Merrick Garland warned Wednesday that ransom-motivated cyberattacks are “getting worse and worse,” echoing other top Biden administration officials who have sounded the alarm about the problem in recent weeks.  “We have to do everything we possibly can here,” Garland told lawmakers. “This is a very, very serious threat.” 

  • Fastly’s Global Internet Meltdown Could Be a Sign of Things to Come

    For an hour on the morning of June, dozens of the world’s most-visited websites went offline. Together, these websites handle hundreds of millions of users. This case illustrates the fragility of an internet that’s being routed through fewer and fewer channels. When one of those major channels fails, in what is called a “single point of failure”, the results are dramatic, disruptive and incredibly costly. It’s urgent we address this significant vulnerability if we’re to avoid another global internet meltdown – but this time caused by criminals, not code.

  • Study Shows AI-Generated Fake Reports Fool Experts

    AIs can generate fake reports that are convincing enough to trick cybersecurity experts. If widely used, these AIs could hinder efforts to defend against cyberattacks. These systems could set off an AI arms race between misinformation generators and detectors.

  • Researchers Discover Novel Class of Vehicle Cyberattacks

    Vehicles are becoming more and more connected to the Internet, and malicious hackers are licking their lips. A team led by Carnegie Mellon University CyLab researchers have discovered a new class of cybersecurity vulnerabilities in modern day vehicles. If exploited, an attacker could sneak past a vehicle’s intrusion detection system (IDS) and shut down various components, including the engine, by executing some crafty computer code from a remote location. No hardware manipulations nor physical access to the vehicle are necessary.

  • White House Urges US Companies to Protect Against Ransomware

    The White House on Thursday urged American businesses to take new precautions to combat disruptive ransomware attacks that have increasingly hobbled companies throughout Western economies. Anne Neuberger, a White House cybersecurity official, said in a statement that the “most important takeaway” from the recent attacks, including those affecting a key gasoline pipeline and a meat production company in the U.S., is that “companies that view ransomware as a threat to their core business operations rather than a simple risk of data theft will react and recover more effectively.”

  • Shadow Figment Technology Foils Cyberattacks

    Scientists have created a cybersecurity technology called Shadow Figment that is designed to lure hackers into an artificial world, then stop them from doing damage by feeding them illusory tidbits of success.

  • The Weaponized Web: The National Security Implications of Data

    Open societies have encouraged and promoted rapid technological advancement and market innovation —but both have outpaced democratic governance. Authoritarian powers have noticed the underlying opportunity to exploit the open standards of the democratically regulated digital information environment and undermine democratic values and institutions while shoring up their own regimes. This poses a novel challenge for democracies, which must adapt to compete in this conflict over the data, architecture, and governance framework of the information space without compromising their democratic principles.