• Bringing Better IT Security on Board

    Cyberattacks on industry and critical infrastructure are on the rise across the globe. Targets also include ships, which, by transporting billions of tons of goods around the world each year, form part of international supply chains — yet their on-board IT systems often lack secure protection.

  • NIST Updates Guidelines for Protecting Sensitive Information

    NIST has updated its draft guidelines for protecting sensitive unclassified information, in an effort to help federal agencies and government contractors more consistently to implement cybersecurity requirements. Draft Revision 3 aligns the publication’s language with NIST’s 800-53 catalog of cybersecurity safeguards.

  • Making the Power Grid More Reliable and Resilient

    The U.S. power grid comprises nearly 12,000 power plants, 200,000 miles of high-voltage transmission lines, 60,000 substations and 3 million miles of power lines. It may well be the most massive and complex machine ever assembled. Argonne National Labs’ researchers help keep this machine working in the face of daunting challenges.

  • Lessons from ‘Star Trek: Picard’ – a Cybersecurity Expert Explains How a Sci-Fi Series Illuminates Today’s Threats

    Sometimes Hollywood gets it right by depicting reality in ways that both entertain and educate. And that’s important, because whether it’s a large company, government or your personal information, we all share many of the same cybersecurity threats and vulnerabilities. As a former cybersecurity industry practitioner and current cybersecurity researcher, I believe the final season of “Star Trek: Picard” is the latest example of entertainment media providing useful lessons about cybersecurity and the nature of the modern world.

  • Making Electric Vehicle Charging Stations Cybersecure

    As more electric vehicles (EVs) hit the road, charging stations are popping up across the United States. The benefits go beyond curbing carbon emissions from road travel. These systems can also link to the electric grid through smart charging, drawing power when overall demand is low and feeding it back to the grid when needed.

  • Cybersecurity Goes Undercover to Protect Electric-Grid Data

    Researchers, inspired by one of the mysteries of human perception, invented a new way to hide sensitive electric grid information from cyberattack: Within a constantly changing color palette.

  • The Key to Securing Legacy Computing Systems

    For a cyber-attack to be successful, one must conduct a sequence of exploits to move from the initial system access, through privilege escalation and lateral motion steps, until reaching the ultimate target. DARPA is pursuing an approach to cyber resilience that would subdivide software systems into smaller, secure compartments that prevent an initial attempt at penetration from becoming a successful attack.

  • Detecting Manipulations in Microchips

    Attackers have the ability not only to manipulate software, but also to tamper with the hardware. A team from Bochum is devising methods to detect such tampering.

  • Is Your Cybersecurity Strategy Undermined by These Six Common Pitfalls?

    Many security specialists harbor misconceptions about lay users of information technology, and these misconceptions can increase an organization’s risk of cybersecurity breaches. These issues include ineffective communications to lay users and inadequately incorporating user feedback on security system usability.

  • Expanding the AI Toolbox of Cybersecurity Defenders

    Scientists have taken a key step toward harnessing a form of artificial intelligence known as deep reinforcement learning, or DRL, to protect computer networks. DRL shows the promise of an autonomous AI in proactive cyber defense.

  • Security Vulnerabilities Detected in Drones Made by DJI

    Researchers have detected security vulnerabilities, some of them serious, in several drones made by the manufacturer DJI. These enable users, for example, to change a drone’s serial number or override the mechanisms that allow security authorities to track the drones and their pilots. In special attack scenarios, the drones can even be brought down remotely in flight.

  • Digital Twins Could Protect Manufacturers from Cyberattacks

    Detailed virtual copies of physical objects, called digital twins, hold the promise of better products across automotive, health care, aerospace and other industries. According to a new study, cybersecurity may also fit neatly into the digital twin portfolio.

  • Can a Cyber shuffle Stop Hackers from Taking Over a Military Aircraft?

    A cybersecurity technique that shuffles network addresses like a blackjack dealer shuffles playing cards could effectively befuddle hackers to take control of a military jet, commercial airliner or spacecraft. Sandia, Purdue team up to test cyberdefense against an algorithm trained to break it.

  • U.S. Dismantles Ransomware Network Responsible for More Than $100 Million in Extortion

    An international ransomware network that extorted more than $100 million from hundreds of victims around the world has been brought down following a monthslong infiltration by the FBI. The group known as Hive targeted more than 1,500 victims, including hospitals, school districts and financial firms in more than 80 countries.

  • How Chinese Companies Are Challenging National Security Decisions That Could Delay 5G Network Rollout

    In many countries, governments have decided to block Chinese companies from participating in building communication infrastructure in their countries because of national security concerns.  Chinese companies and investors often refuse to take such national security changes lying down. With varying degrees of success, firms have mounted a range of formal and informal challenges in recent years.