-
A New Way to Look at Data Privacy
Researchers create a privacy technique that protects sensitive data while maintaining a machine-learning model’s performance. The researchers created a new privacy metric, which they call Probably Approximately Correct (PAC) Privacy, and built a framework based on this metric that can automatically determine the minimal amount of noise that needs to be added.
-
-
Satellite Security Lags Decades Behind the State of the Art
Thousands of satellites are currently orbiting the Earth, and there will be many more in the future. Researchers analyzed three current low-earth orbit satellites and found that, from a technical point of view, hardly any modern security concepts were implemented. Various security mechanisms that are standard in modern mobile phones and laptops were not to be found.
-
-
Chinese Intelligence-Linked Hackers Targeted U.S. Government Agencies in Microsoft Hack
Hackers linked to China’s intelligence agencies, are behind a monthlong campaign that breached some unclassified U.S. email systems, allowing them to access to a small number of accounts at the U.S. State Department and a handful of other organizations.
-
-
Stressed for a Bit? Then Don’t Click It, Cybersecurity Experts Advise
Workers feeling a specific form of stress are more likely than others to become the victims of a phishing attack. Phishing psychology study explores what makes workers vulnerable.
-
-
Recent Chinese Cyber Intrusions Signal a Strategic Shift
On 25 May, Australia and its partners in the Five Eyes intelligence-sharing network—Canada, New Zealand, the UK and the US—made a coordinated disclosure on a state-sponsored cyber hacking group dubbed ‘Volt Typhoon’. The group has been detected intruding on critical infrastructure since 2021, but the nature of recent intelligence on its behavior hints at worrying developments in the Chinese cyber establishment.
-
-
Researchers Devise a Way to Evaluate Cybersecurity Methods
A savvy hacker can obtain secret information, such as a password, by observing a computer program’s behavior, like how much time that program spends accessing the computer’s memory. Security approaches that completely block these “side-channel attacks” are so computationally expensive, so engineers often apply what are known as obfuscation schemes. MIT researchers have developed a system which analyzes the likelihood that an attacker could thwart a certain security scheme to steal secret information.
-
-
U.S. Agencies Buy Vast Quantities of Personal Information on the Open Market – a Legal Scholar Explains Why and What It Means for Privacy in the Age of AI
The issues pf the protection of personal information in the digital age is increasingly urgent. Today’s commercially available information, coupled with the now-ubiquitous decision-making artificial intelligence and generative AI like ChatGPT, significantly increases the threat to privacy and civil liberties by giving the government access to sensitive personal information beyond even what it could collect through court-authorized surveillance.
-
-
As Cybercrime Evolves, Organizational Resilience Demands a Mindset Shift
Facing the threat of state-sponsored cyberattack groups, the financial motivations of organized cybercrime gangs and the reckless ambitions of loosely knit hacktivist collectives, organizations are fighting a cybersecurity battle on multiple fronts.
-
-
From Wadham to GCHQ and Back: Robert Hannigan on Cybercrime, Spying and the AI Tsunami Coming Our Way
Is the much-vaunted cyber-Armageddon likely or even possible? One experts says that “‘State cyber threats do get overplayed. They can’t do everything and countries over-estimate their cyber capabilities – just as they over estimate their military capability.” The expert insists, however, that “The challenges are ‘moving very fast’, as potential attackers learn fast.”
-
-
To Pay or Not to Pay? Ransomware Attacks Are the New Kidnapping
Over the past several years, ransomware attacks have become a persistent national security threat. The inability to respond effectively to this challenge has normalized what should be intolerable: organized cybercriminals harbored by hostile states regularly disrupting and extorting businesses and essential services, causing misery in the process.
-
-
U.S. Critical Infrastructure May Not Be Resilient Enough to Fend Off, Survive Chinese Cyberattacks: CISA Director
Americans “need to be prepared” for Chinese cyberattacks, U.S. cyber official said, because the United States may not be resilient enough to fend off and survive Chinese attacks on its critical infrastructure should the present great power competition between Washington and Beijing evolve into an actual conflict.
-
-
Google, Cornell to Partner in Online Security Initiative
Most current security-related research is focused on technical challenges, but many of the most significant security failures involve humans and can often be attributed to poor design that fails to take the human factor into account. A partnership between Google and four higher-education institutions will use an interdisciplinary approach to build better foundations for secure systems and ensure that they are deployed in ways that address rather than exacerbate societal problems.
-
-
Operator of “Bulletproof Hosting” Service Which Distributed Destructive Malware Sentenced to Three Years in Prison
A Romanian national who operated a “bulletproof hosting” service was sentenced to three years in prison and ordered to forfeit $3,510,000. The bulletproof hosting was used to facilitate the distribution of the Gozi Virus, the Zeus Trojan, the SpyEye Trojan, and the BlackEnergy malware, all of which were designed to steal confidential financial information.
-
-
Making Hospitals Cybersecure
As medical centers increasingly come under attack from hackers, Europe is bolstering protection. The answer lies not only in better software. Cybersecurity is more often than not about people and changing their behavior.
-
-
The Executive Order on Commercial Spyware: Implications and Prospects
The growing national security threat from misuse of commercial spyware is increasingly being recognized. The US has been taking the lead in addressing the growing menace of unregulated spyware companies and the proliferation of intrusive tools. The Biden administration’s latest Executive Order will ensure that commercial spyware firms will be subjected to unprecedented scrutiny.
-
More headlines
The long view
Ransomware Attacks: Death Threats, Endangered Patients and Millions of Dollars in Damages
A ransomware attack on Change Healthcare, a company that processes 15 billion health care transactions annually and deals with 1 in 3 patient records in the United States, is continuing to cause massive disruptions nearly three weeks later. The incident, which started on February 21, has been called the “most significant cyberattack on the U.S. health care system” by the American Hospital Association. It is just the latest example of an increasing trend.
Chinese Government Hackers Targeted Critics of China, U.S. Businesses and Politicians
An indictment was unsealed Monday charging seven nationals of the People’s Republic of China (PRC) with conspiracy to commit computer intrusions and conspiracy to commit wire fraud for their involvement in a PRC-based hacking group that spent approximately 14 years targeting U.S. and foreign critics, businesses, and political officials in furtherance of the PRC’s economic espionage and foreign intelligence objectives.
Autonomous Vehicle Technology Vulnerable to Road Object Spoofing and Vanishing Attacks
Researchers have demonstrated the potentially hazardous vulnerabilities associated with the technology called LiDAR, or Light Detection and Ranging, many autonomous vehicles use to navigate streets, roads and highways. The researchers have shown how to use lasers to fool LiDAR into “seeing” objects that are not present and missing those that are – deficiencies that can cause unwarranted and unsafe braking or collisions.