• Securing the Smart Home

    So…you’ve built your smart home, it’s got smart heating and lighting, all the latest smart communications and entertainment systems, and of course, smart power generation to make it smart and green. But, how do you keep it secure and stop forced digital or physical entry? Well, you need smart security too, of course.

  • Privacy Risks of Home Security Cameras

    Researchers have used data from a major home Internet Protocol (IP) security camera provider to evaluate potential privacy risks for users. The researchers found that the traffic generated by the cameras could be monitored by attackers and used to predict when a house is occupied or not.

  • U.K. Will Not Be Able to Prevent “Misuse of Data” by China if Huawei Deal Goes Ahead: U.S. Ambassador

    Robert Wood Johnson, the U.S. ambassador to the U.K., warned that if the U.K. allowed Huawei access to the U.K. 5G communication infrastructure, there would be no way for the U.K. to prevent Chinese intelligence agencies from misusing the data collected by Huawei in the course of the company’s operations. Experts say that even more worryingly, if Huawei is allowed access to the nascent U.K. 5G infrastructure, the company, with a flip of a switch, could take down the entire U.K. communication system when ordered to do so by the Chinese government.

  • Cascading Security Through the Internet of Things Supply Chain

    The “internet of things” (IoT) has been insecure since the first connected refrigerator woke up and asked for more milk. But while having your fridge hacked seems at best amusing and at worst inconvenient, the nightmare scenario is a matter of national security. Imagine hundreds of thousands of smart refrigerators, all with the same default password, hacked to direct a flood of web traffic against key internet servers, paralyzing them. “Swap smart fridges for security cameras and DVD players, and you have the Dyn cyberattack of 2016,” Trey Herr, Nathaniel Kim, Bruce Schneier write.

  • Preventing Cyberbiosecurity Threats and Protecting Vulnerable Countries

    AI can automate the manipulation of medical datasets, expanding a cyberattack’s impact through health and biotech industries. Cyber- and biosecurity threats can erode trust in technology. Eroded trust in technology is dangerous at any time but especially during a global pandemic such as COVID-19.

  • Protecting Children's Online Privacy

    A University of Texas at Dallas study of 100 mobile apps for kids found that 72 violated a federal law aimed at protecting children’s online privacy. Researchers developed a tool that can determine whether an Android game or other mobile app complies with the federal Children’s Online Privacy Protection Act (COPPA).

  • Lawmaker Questions Intelligence Community Cybersecurity

    Following damning CIA report on stolen hacking tools — “the largest data loss in CIA history” — Sen. Ron Wyden (D-Oregon) asked Director of National Intelligence John Ratcliffe to explain what steps have been taken to improve the cybersecurity of some of the nation’s most sensitive secrets, held by federal intelligence agencies.

  • China-Backed Hackers Target Biden Campaign in Early Sign of 2020 Election Interference

    Google announced earlier this month that Chinese-backed hackers were observed targeting former Vice President Joe Biden’s campaign staff. Google said that hackers did not appear to compromise the campaign’s security, but the surveillance was a reminder of Russia’s interference in the 2016 election. 

  • Risks of—and Solutions for -- Remote Voting

    Delaware, West Virginia, and New Jersey have either deployed OmniBallot or plan to do so for fully online voting, also referred to as “electronic ballot return.” Other states including Colorado, Florida, Oregon, Ohio and Washington, the New York Times reports, use it to deliver blank ballots to registered voters who can mark them and return them by fax, email or mail. Election security researchers have found troubling vulnerabilities in OmniBallot.

  • Under Pressure, Britain Pushes Back on Huawei Dependence

    The Trump administration’s campaign to keep Chinese tech giant Huawei out of its allies’ 5G networks appears to be gaining ground in Britain. Earlier this year, the British government proposed to allow Chinese tech giant Huawei restricted access to the U.K. 5G infrastructure, but relentless U.S. pressure; mounting opposition from Conservative Party backbenchers; and China’s conduct during the coronavirus epidemic have pushed the government to change course. Now, British officials are trying to forge an alliance of 10 democracies to develop their own 5G technology and reduce dependence on the Chinese firm.

  • Cybercriminals Are Now Targeting Critical Electricity Infrastructure

    Amid the constant stream of news on the coronavirus pandemic, one event passed relatively unnoticed. On the afternoon of May 14, a company named Elexon was hacked. You probably haven’t heard of it, but Elexon plays a key role in the UK’s electricity market, and though the attack did not affect the electricity supply itself, as an academic who researches cybersecurity in the electricity system, I am worried. This near miss reveals just how vulnerable our critical infrastructure is to such attacks – especially during a pandemic.

  • Thwarting DDoS Technique that Threatened Large-Scale Cyberattack

    Researchers have developed a technique that could allow a relatively small number of computers to carry out DDoS (distributed denial of service) attacks on a massive scale, overwhelming targets with false requests for information until they were thrown offline. The attack exploits vulnerabilities in the Domain Name System or DNS. The researchers alerted a broad collection of companies responsible for the internet’s infrastructure to their findings.

  • IoT: Which Devices Are Spying on You?

    When hungry consumers want to know how many calories are in a bag of chips, they can check the nutrition label on the bag. When those same consumers want to check the security and privacy practices of a new IoT device, they aren’t able to find even the most basic facts. Not yet, at least.

  • Users Rarely Change Passwords after a Breach – or They Choose a Weaker Password

    Have you been pwned? In other words, have any of your username / password combinations been stolen during any of the many data breaches in recent years? Chances are, they probably have, and it’s also likely you didn’t take the proper precaution of changing your password to a more secure one. That’s not necessarily your fault.

  • Protecting the 2020 Presidential Election

    In 2019 the federal government appropriated for states $425 million, following the $380 million provided to states at the beginning of 2018, with both outlays aiming to help states prevent a repeat of Russia’s interference in the 2016 presidential election. Then the coronavirus pandemic came ashore, leading states to use previously appropriated election security funds for coronavirus-related election expenses. This is a problem: the U.S. election infrastructure is not yet fully secure, while America’s adversaries continue to augment their technical election-interference capabilities.