• WhatsApp's loophole reveals role of private companies in cyber-surveillance

    Last month, WhatsApp’s latest security flaw was discovered, a flaw which allow governments to spy on dissidents, activists, and journalists. An Israeli cyber company is reportedly behind the loophole — and not for the first time.

  • Undeterred cyber adversaries require a more aggressive American response

    America is under attack. In this case, rather than bombs and bullets, undeterred adversaries are using the cyber domain. Every day, they launch thousands of cyberattacks against American individuals, companies, and government agencies—persistently and incrementally chipping away at our security. Bradley Bowman and Annie Fixler write in RealClear Defense that this relentless barrage may seem like an inevitable reality of 21st century life. However, given the stakes for American national security, simply shrugging and accepting the cyber status quo would be a dangerous mistake. The U.S. has established deterrence in other warfighting domains. Washington can—and must—do the same in the cyber domain.

  • A modest proposal for preventing election interference in 2020

    The years since the 2016 election have been a national trauma that the U.S. shouldn’t be eager to revisit. Yet almost no policy changes have been made as a result of what the country has learned from the Mueller investigation and related events. In this post, I’d like to start assembling a menu of possible reforms that address the lessons learned from what Lawfare sometimes calls L’Affaire Russe. Stewart Baker writes in Lawfare that this is a fraught exercise because the narratives about L’Affaire Russe have diverged so far between Trump supporters and Trump detractors that almost any proposal for change will implicitly contradict the narrative of one camp or the other. “So, to save time, here are my most salient biases in the matter: I’m generally comfortable with most of President Trump’s policy instincts; I’ve spent a lifetime working with intelligence and law enforcement professionals who do battle every day with very real enemies of the United States, Russia among them; and I believe in them and in making government work, which makes me uncomfortable with President Trump’s character and lack of policy-making fine-motor skills,” Baker writes. “With that mixed perspective, I am hopeful there may be room for at least some agreement on things we ought to do differently in future.”

  • Information operations in the digital age

    From the Cambridge Analytica scandal to the spread on social media of anti-Rohingya content in Myanmar and the interference with elections the world over, the past decade has seen democracies around the world become the target of a new kind of information operations.

  • ARCHANGEL: Securing national archives with AI and blockchain

    Researchers are using its state-of-the-art blockchain and artificial intelligence technologies to secure the digital government records of national archives across the globe – including the U.K., Australia, and the United States of America.

  • Outsmarting deep fakes: AI-driven imaging system protects authenticity

    To thwart sophisticated methods of altering photos and video, researchers have demonstrated an experimental technique to authenticate images throughout the entire pipeline, from acquisition to delivery, using artificial intelligence (AI).

  • Russia’s would-be Windows replacement gets a security upgrade

    For the first time, Russia has granted its highest security rating to a domestically developed operating system, deeming Astra Linux suitable for communications of “special importance” across the military and the rest of the government. The designation clears the way for Russian intelligence and military workers who had been using Microsoft products on office computers to use Astra Linux instead. Patrick Tucker writes in Defense One that Although Russian officials used Windows for secure communications, they heavily modified the software and subjected Windows-equipped PCs to lengthy and rigorous security checks before putting the computers in use. The testing and analysis was to satisfy concerns that vulnerabilities in Microsoft operating systems could be patched to prevent hacking from countries like the United States. Such evaluations could take three years, according to the newspaper.

  • Unknowingly loading malicious content from “trusted” sites

    New research from CSIRO’s Data61, the data and digital specialist arm of Australia’s national science agency, questions the “trustability” of websites and in a world first quantifies the extent to which the trust model of today’s World Wide Web is fundamentally broken.

  • Doctored video of Nancy Pelosi shows social media giants ill-prepared for 2020

    Hours after House Speaker Nancy Pelosi addressed a conference Wednesday, a distorted video of the California Democrat’s conversation began spreading across the internet. The manipulated clip, slowed to make Pelosi sound as if she were slurring her words, racked up millions of views on Facebook the following day. It was posted to YouTube, and on Thursday night was given a boost on Twitter when Rudy Giuliani, President Trump’s personal lawyer and former mayor of New York, shared a link with his 318,000 followers. Sam Dean and Suhauna Hussain write in the Los Angeles Times that by Friday, the three social media giants were forced to respond to this viral instance of political fakery. How they dealt with the issue, three years after being blindsided by a wave of fake news and disinformation in the 2016 election cycle, may serve as a harbinger of what’s to come in 2020.

  • The many faces of foreign interference in European elections

    Citizens of the European Union’s 28 member states go to the polls this week to choose their representatives to the European Parliament. Following Russian interference in several high-profile elections over the past three years, European governments are on high alert for signs of such meddling on social media or in electoral IT systems. Recent events in Austria and Italy show that foreign authoritarian actors are finding other under-examined, but equally insidious ways to infiltrate campaigns and harm democracy in Europe.

  • The Kremlin’s “tools of malign political influence” undermine democracy

    Russia’s “sweeping and systematic malign influence operations” support anti-democratic and anti-Western forces in Europe and the United States, using a variety of tools, from corruption to influence operations, said Heather A. Conley, CSIS senior vice president for Europe, Eurasia, and the Arctic, and director of the Europe Program, in a testimony before the House Foreign Affairs Subcommittee on Europe, Eurasia, Energy, and the Environment, during hearings on “Undermining Democracy: Kremlin Tools of Malign Political Influence.” “The Kremlin undermines and weakens democracies, rendering them unable to respond promptly to Russian military actions or making them beholden to the Kremlin to such a point that a democratic country will support Russia’s interests over its own,” she testified. She highlighted two specific areas in which she is “particularly concerned U.S. citizens and organizations, wittingly or unwittingly, will come under increasing threat of Russian malign influence”: (1) faith-based and ultra conservative
    organizations; and (2) opaque financial support for key U.S. influencers.

  • Cyber-enabled election interference occurs in one-fifth of democracies

    Cyber-enabled election interference has already changed the course of history. Fergus Hanson and Elise Thomas write in The Strategist that whether or not the Russian interference campaign during the US 2016 federal election was enough to swing the result, the discovery and investigation of the campaign and its negative effects on public trust in the democratic process have irrevocably shaped the path of Donald Trump’s presidency.

  • Hacking democracies

    A new report from an Australian think tank offers an in-depth, and sobering, analysis of Russia’s campaign to undermine Western democracies by weaponizing social media, and, to a lesser extent, China’s similar, if lower-key, campaign against neighboring Asian countries. “Democracies need to look at better ways of imposing costs on adversaries,” the report’s authors say.

  • Bolstering cyber resilience

    In December 2015, the first known successful cyberattack on a power grid was carried out in Ukraine, disrupting the electricity supply for hundreds of thousands of customers for several hours. Since then, concerns have grown across the globe about the potential public health, economic and security impacts of widespread power outages in heavily populated regions. Argonne partners with World Economic Forum in important cyber resilience effort.

  • How to break our bad online security habits – with a flashing cyber nudge

    The number of cyberattacks is estimated to have risen by 67 percent over the last five years, with the majority of these data breaches being traced back to human error. The potential risks of such attacks are vast and can have a serious impact on both organizations and individuals. But protecting ourselves against cyber security threats can be extremely complicated.