• Cyber-enabled election interference occurs in one-fifth of democracies

    Cyber-enabled election interference has already changed the course of history. Fergus Hanson and Elise Thomas write in The Strategist that whether or not the Russian interference campaign during the US 2016 federal election was enough to swing the result, the discovery and investigation of the campaign and its negative effects on public trust in the democratic process have irrevocably shaped the path of Donald Trump’s presidency.

  • Hacking democracies

    A new report from an Australian think tank offers an in-depth, and sobering, analysis of Russia’s campaign to undermine Western democracies by weaponizing social media, and, to a lesser extent, China’s similar, if lower-key, campaign against neighboring Asian countries. “Democracies need to look at better ways of imposing costs on adversaries,” the report’s authors say.

  • Bolstering cyber resilience

    In December 2015, the first known successful cyberattack on a power grid was carried out in Ukraine, disrupting the electricity supply for hundreds of thousands of customers for several hours. Since then, concerns have grown across the globe about the potential public health, economic and security impacts of widespread power outages in heavily populated regions. Argonne partners with World Economic Forum in important cyber resilience effort.

  • How to break our bad online security habits – with a flashing cyber nudge

    The number of cyberattacks is estimated to have risen by 67 percent over the last five years, with the majority of these data breaches being traced back to human error. The potential risks of such attacks are vast and can have a serious impact on both organizations and individuals. But protecting ourselves against cyber security threats can be extremely complicated.

  • Will the next cyberattack be in the hospital?

    You may not think of hackers targeting hospitals, but this is where our wired world may be most vulnerable, and the results could be deadly. Israeli startup Cynerio aims to stop hackers from targeting medical devices, a potent new danger in our connected world.

  • Hackers working for a “state actor” planted spyware in WhatsApp via missed calls

    Hackers, in all likelihood working for a state, managed to circumvent WhatsApp security by exploiting vulnerability associated with missed calls. The hackers planted an advanced spying software created by Israeli cyber company NSO to infect a few dozen phones. WhatsApp said the attack bore “all the hallmarks of a private company known to work with governments to deliver spyware that reportedly takes over the functions of mobile phone operating systems.”

  • Russia has Americans’ weaknesses all figured out

    What are Americans supposed to think when their leaders contradict one another on the most basic question of national security—who is the enemy? Is Russia the enemy, or was the investigation of Russia’s interference in the 2016 election just a slow-motion attack on the president and his supporters? Are Russian fake-news troll farms stirring up resentment among the American electorate, or are mainstream-media outlets just making things up? Jim Sciutto writes in Defense One that U.S. military commanders, national-security officials, and intelligence analysts have a definitive answer: Russia is an enemy. It is taking aggressive action right now, from cyberspace to outer space, and all around the world, against the United States and its allies. But the public has been slow to catch on, polls suggest, and Trump has given Americans little reason to believe that their president recognizes Russia’s recent actions as a threat.

  • Report reveals scale of Russian interference in European democracy

    Evidence of the Kremlin-backed Internet Research Agency’s long-term interest in European politics and elections has been revealed in two new studies. while Russian involvement in the 2016 U.S. presidential election has been well documented, far less has been known about the Internet Research Agency’s European operations, until now.

  • U.S. official: Executive order not needed to ban Huawei in U.S. 5G networks

    “We have grave concerns about the Chinese vendors because they can be compelled by the National Intelligence Law in China as well as other laws in China to take actions that would not be in the interests of the citizens of other countries around the world. Those networks could be disrupted or their data could be taken and be used for purposes that would not be consistent with fundamental human rights in those countries,” says Robert Strayer, deputy assistant secretary of state for cyber and international communications and information policy.

  • Electricity grid cybersecurity will be expensive – who will pay, and how much?

    Russia, China, North Korea and Iran are capable of hacking into the computers that control the U.S. electricity grid. Protecting the grid from hacking would cost tens of billions of dollars. The electricity customers will likely foot most of the bill.

  • Facebook removes more pages, accounts linked to “inauthentic” Russian operators

    Facebook said it has removed more pages and accounts that are believed to have originated in Russia and were involved in “coordinated inauthentic behavior.”

  • Blockchains are being exploited by bots for profit

    Blockchains have been hailed as fair and open, constructed so a single user can’t falsify or alter records because they’re all part of a transparent network. The reality is not so simple, according to new research.

  • Flaws in metrics for user login systems

    How good is the research on the success or failure of the system that verifies your identity when you log into a computer, smartphone or other device? Chances are it’s not good, and that’s a major security and privacy issue that should be fixed.

  • The Russia investigation will continue

    Special Counsel Robert Mueller’s Russia probe is over, but the FBI is almost certain to continue its counterintelligence investigation into Russian espionage efforts related to the 2016 election. The FBI will continue to search for Americans working on behalf of the Kremlin. John Sipher writes in The Atlantic that the inability to establish that the Trump campaign conspired in a “tacit or express” agreement with the Russian government is not surprising. Most espionage investigations come up empty unless and until they get a lucky break. That does not mean there was no espionage activity in relation to the 2016 election. Every previous Russian political-warfare campaign was built on human spies. Russian “active measures”—propaganda, information warfare, cyberattacks, disinformation, use of forgeries, spreading conspiracies and rumors, funding extremist groups and deception operations—rely on human actors to support and inform their success. Counterintelligence professionals must doubt that Russia could have pulled off its election-interference effort without the support of spies burrowed into U.S. society or institutions.

  • Blinded and confused: Security vulnerabilities in “smart home” IoT devices

    Researchers have identified design flaws in “smart home” Internet-of-Things (IoT) devices that allow third parties to prevent devices from sharing information. The flaws can be used to prevent security systems from signaling that there has been a break-in or uploading video of intruders.