• Malicious AI Arrives on the Dark Web

    Nefarious non-state actors are already harnessing AI to scale up their malicious activities. Just as legitimate users have moved on from exploring ChatGPT to building similar tools, the same has happened in the shadowy world of cybercrime.

  • AI Cyber Challenge Aims to Secure Nation’s Most Critical Software

    In an increasingly interconnected world, software undergirds everything from financial systems to public utilities. As software enables modern life and drives productivity, it also creates an expanding attack surface for malicious actors. This surface includes critical infrastructure, which is especially vulnerable to cyberattacks given the lack of tools capable of securing systems at scale. New competition challenges the nation’s top AI and cybersecurity talent to automatically find and fix software vulnerabilities, defend critical infrastructure from cyberattacks.

  • Cyber-Attacks Against the U.K. Electoral Commission Reveal an Ongoing Threat to Democracy

    The revelations this month that data on 40 million UK voters had been exposed to hackers came as no surprise to many cybersecurity experts, who have long pointed out the vulnerability of democracies to malicious online interference. The attack reflects the serious and ongoing threat to democracies posed by cyber-interference from foreign nations and criminal organizations.

  • Freezing Out the Risk of Thermal Attacks

    Thermal attacks use heat-sensitive cameras to read the traces of fingerprints left on surfaces like smartphone screens, computer keyboards and PIN pads. Hackers can use the relative intensity of heat traces across recently touched surfaces to reconstruct users’ passwords. A team of computer security experts have developed a set of recommendations to help defend against ‘thermal attacks’ which can steal personal information.

  • The New Technology Which Is Making Cars Easier for Criminals to Steal, or Crash

    There is much talk in the automotive industry about the “internet of vehicles” (IoV). This describes a network of cars and other vehicles that could exchange data over the internet in an effort to make transportation more autonomous, safe and efficient. There are many benefits to IoV, but some of these systems might also make our vehicles prone to theft and malicious attack, as criminals identify and then exploit vulnerabilities in this new technology. In fact, this is already happening.

  • Safeguarding U.S. Laws and Legal Information Against Cyberattacks and Malicious Actors

    NYU Tandon School of Engineering researchers will develop new technologies to secure the “digital legal supply chain” — the processes by which official laws and legal information are recorded, stored, updated and distributed electronically.

  • Randomized Data Can Improve Our Security

    Huge streams of data pass through our computers and smartphones every day. In simple terms, technical devices contain two essential units to process this data: A processor, which is a kind of control center, and a RAM, comparable to memory. Modern processors use a cache to act as a bridge between the two, since memory is much slower at providing data than the processor is at processing it. This cache often contains private data that could be an attractive target for attackers.

  • “Hacking” People, Not Systems: False Claims Attacks on Infrastructure

    False claims and disinformation, especially in a social media-driven society, have become major problems with potentially severe consequences. Disinformation can be weaponized to disrupt underlying cyber-physical systems, human lives and economic productivity. Recent examples include tweets that trigger spikes in gasoline prices and false social media posts reporting impending water pumping station shutdowns. In these scenarios, chaos is caused because people, not systems or devices, are “hacked.”

  • Denying Denial-of-Service: Strengthening Defenses Against Common Cyberattack

    A Denial-of-Service attack is a cyberattack that makes a computer or other device unavailable to its intended users. This is usually accomplished by overwhelming the targeted machine with requests until normal traffic can no longer be processed. Scientists have developed a better way to recognize a common internet attack, improving detection by 90 percent compared to current methods.

  • Cyber Insurance Not Fueling the Ransomware Epidemic

    Contrary to perceived wisdom, there is no compelling evidence that victims of ransomware with cyber insurance are much more likely to pay ransoms than those without.

  • New Cipher System Protects Computers Against Spy Programs

    Researchers have achieved a breakthrough in computer security with the development of a new and highly efficient cipher for cache randomization. The innovative cipher addresses the threat of cache side-channel attacks, offering enhanced security and exceptional performance.

  • De-Risking Authoritarian AI

    You may not be interested in artificial intelligence, but it is interested in you. AI-enabled systems make many invisible decisions affecting our health, safety and wealth. They shape what we see, think, feel and choose, they calculate our access to financial benefits as well as our transgressions. In a technology-enabled world, opportunities for remote, large-scale foreign interference, espionage and sabotage —via internet and software updates—exist at a ‘scale and reach that is unprecedented’.

  • Sandia Helps Develop Digital Tool to Track Cloud Hackers

    Sandia programmers are helping the federal Cybersecurity and Infrastructure Security Agency (CISA) through an innovative program that enlists Microsoft cloud users everywhere to track down hackers and cyberterrorists.

  • Can You Trust AI? Here’s Why You Shouldn’t

    Across the internet, devices and services that seem to work for you already secretly work against you. Smart TVs spy on you. Phone apps collect and sell your data. Many apps and websites manipulate you through dark patterns, design elements that deliberately mislead, coerce or deceive website visitors. This is surveillance capitalism, and AI is shaping up to be part of it.

  • Bolstering Cyber Safety on Roads and Highways

    A new research center is helping prevent potential cyberattacks that could threaten to impede the safe and efficient movement of people and goods in the United States and throughout the world.