• A Florida city paid a $600,000 bitcoin ransom to hackers who took over its computers — and it's a massive alarm bell for the rest of the US

    A Florida city agreed to pay $600,000 worth of bitcoin to hackers who took its computer systems offline with a cyberattack. Riviera Beach’s city council voted to pay the money after an attack in May affected the city’s online services, including email and 911 dispatches. The attack is part of a pattern that has targeted cities around the US. The disruption has cost millions of dollars. Sinéad Baker write in Business Insider that the U.S. Department of Homeland Security warned in 2018 that local-level governments around the U.S. were being hit with malware that is “among the most costly and destructive.”

  • NIST updates to help defend sensitive information from cyberattack

    An update to one of the National Institute of Standards and Technology’s (NIST) information security documents offers strategies to help protect sensitive information that is stored in computers supporting critical government programs and high value assets. The new companion publication offers enhanced security for information stored in critical programs and assets.

  • Cyber protection technology moves from the lab to the marketplace

    MIT Lincoln Laboratory’s technique to protect commodity software from cyberattacks has transitioned to industry and will soon be available as part of a security suite.

  • European elections suggest US shouldn’t be complacent in 202

    In many ways, the European Parliament elections in late May were calmer than expected. Cyber aggression and disinformation operations seem to not have been as dramatic as in 2016, when Russian hackers and disinformation campaigns targeted elections in the U.S., France and elsewhere around the world. However, there is no reason to be content. The dangers remain real. For one thing, the target societies might have internalized the cleavages and chaos from information operations or self-sabotaged with divisive political rhetoric. As a reaction, Russia may have scaled back its efforts, seeing an opportunity to benefit from lying low.

  • Hackback is back: Assessing the Active Cyber Defense Certainty Act

    The “hackback” debate has been with us for many years. It boils down to this: Private sector victims of hacking in some instances might wish to engage in self-defense outside their own networks (that is, doing some hacking of their own in order to terminate an attack, identify the attacker, destroy stolen data, etc.) but for the prospect that they then would face criminal (and possibly civil) liability under 18 USC 1030 (the Computer Fraud and Abuse Act, or CFAA).  Robert Chesney writes in Lawfare that a tricky question of policy therefore arises: Should the CFAA be pruned to facilitate hackback under certain conditions?  On one hand, this might produce significant benefits in terms of reducing harm to victims and deterring some intrusions. On the other hand, risks involving mistaken attribution, unintended collateral harms and dangerous escalation abound. It’s small wonder the hackback topic has spawned so much interesting debate (see here and here for examples).

  • EU probe finds “continued, sustained” online disinformation by “Russian sources”

    The European Union says that it has gathered evidence of “continued and sustained” disinformation activity by Russia aimed at influencing the results of May’s elections for the European Parliament. The European Commission report said “Russian sources” tried to suppress voter turnout and influence voters’ preferences.

  • Alphabet-owned jigsaw bought a Russian troll campaign as an experiment

    For more than two years, the notion of social media disinformation campaigns has conjured up images of Russia’s Internet Research Agency, an entire company housed on multiple floors of a corporate building in St. Petersburg, concocting propaganda at the Kremlin’s bidding. But a targeted troll campaign today can come much cheaper—as little as $250, says Andrew Gully, a research manager at Alphabet subsidiary Jigsaw. He knows because that’s the price Jigsaw paid for one last year. Andy Greenberg writes in Wired that as part of research into state-sponsored disinformation that it undertook in the spring of 2018, Jigsaw set out to test just how easily and cheaply social media disinformation campaigns, or “influence operations,” could be bought in the shadier corners of the Russian-speaking web. In March 2018, after negotiating with several underground disinformation vendors, Jigsaw analysts went so far as to hire one to carry out an actual disinformation operation, assigning the paid troll service to attack a political activism website Jigsaw had itself created as a target.

  • A top voting-machine firm is finally taking security seriously

    Over the past 18 months, election-security advocates have been pushing for new legislation shoring up the nation’s election infrastructure. Election-security reform proposals enjoy significant support among Democrats—who control the House of Representatives—and have picked up some Republican cosponsors, too. Timothy B. Lee writes in Wired that such measures, however, have faced hostility from the White House and from the Republican leadership of the Senate. Legislation called the Secure Elections Act, cosponsored by senators James Lankford (R-Oklahoma) and Amy Klobuchar (D-Minnesota) last year, aimed to shore up the nation’s election security by providing states with new money to phase out paperless systems. But the Lankford-Klobuchar bill stalled in the face of opposition from the Trump administration and Senate Republicans. At this point, any election reform legislation looks unlikely to pass before the 2020 election.

  • Ahead of the 2020 election: National response to confront foreign interference

    Stanford University scholars outline a detailed strategy for how to protect the integrity of American elections – including recommendations such as requiring a paper trail of every vote cast and publishing information about a campaign’s connections with foreign nationals.

  • Eliminating infamous security threats

    Meltdown and Spectre are speculative side-channel attacks exploit a fundamental functionality in microprocessors to expose security vulnerabilities. No efficient protection against such attacks has been found. Until now.

  • Nuclear energy regulators need to bring on more cyber experts, watchdog says

    The Nuclear Regulatory Commission is facing a mass exodus of cybersecurity experts in the years ahead, which could limit its ability to ensure the nation’s nuclear power plants are safe from digital attacks, an internal watchdog found. Jack Corrigan writes in Defense One that Nearly one-third of NRC’s cybersecurity inspectors will be eligible for retirement by the end of fiscal 2020, and agency officials worry they aren’t training enough people to take their place, according to the NRC Inspector General. With nuclear power stations becoming increasingly popular targets for online adversaries, the shortage of cyber expertise could leave the agency struggling to do its job, auditors said.

  • Russia's 2016 Twitter campaign far broader, deeper, and incredibly successful: Symantec

    The archives of the Internet Research Agency, the St. Petersburg-based troll farm, show a broad, coordinated, and effective campaign which was, in the words of one report, “incredibly successful at pushing out and amplifying its messages.” The Internet Research Agency conducted a campaign on Twitter before the 2016 elections that was larger, more coordinated and more effective than previously known.

  • Secure multiparty computation protecting privacy at the ballot box

    Shortly after the start of the new year, Americans around the nation will start returning to polling stations to vote in presidential primaries. How confident they feel in the voting process could depend on this thing called secure multiparty computation.

  • New computer attack mimics user's keystroke characteristics, evading detection

    Researchers have developed a new attack called “Malboard,” which evades several detection products that are intended to continuously verify the user’s identity based on personalized keystroke characteristics. 

  • Hackers seek ransoms from Baltimore and communities across the U.S.

    The people of Baltimore are beginning their fifth week under an electronic siege that has prevented residents from obtaining building permits and business licenses – and even buying or selling homes. These types of attacks are becoming more frequent and gaining more media attention. Every user of technology must consider not only threats and vulnerabilities, but also operational processes, potential points of failure and how they use technology on a daily basis.