• U.S. Cyber Command cut Russian troll factory’s access to the internet

    The U.S. Cyber Command blocked the internet access of the St. Petersburg’s-based Internet Research Agency (IRA), a Russian disinformation and propaganda outfit which was contracted by the Kremlin to orchestrate the social media disinformation campaign to help Donald Trump win the 2016 presidential election. The IRA’s access to the internet was blocked on midterms Election Day, and for a few days following the election.

  • Most laptops vulnerable to attacks via peripheral devices

    Many modern laptops and an increasing number of desktop computers are much more vulnerable to hacking through common plug-in devices than previously thought, according to new research. The research shows that attackers can compromise an unattended machine in a matter of seconds through devices such as chargers and docking stations.

  • Top password managers have fundamental flaws

    Top password managers have fundamental flaws that expose user credentials in computer memory while locked, according to new research. Sixty Million users and 93,000 businesses worldwide rely on 1Password, Dashlane, KeePass, and LastPass to protect data.

  • Expanding cybersecurity education to fill job market shortfall

    Experts say that the U.S. cyber workforce shortfall is growing. By the 2022, the shortage of cybersecurity professionals is predicted to be 1.8 million. Colleges and universities expand their cybersecurity education offerings.

  • Next-generation grid security tech

    Researchers will demonstrate the effectiveness of metro-scale quantum key distribution (QKD) as a means of secure communication for the nation’s electricity suppliers. This initial milestone is part of the team’s three-year project focused on next-generation grid security.

  • How far should organizations be able to go to defend against cyberattacks?

    Organizations can and should be encouraged to take passive defense measures, like gathering intelligence on potential attackers and reporting intrusions. But in my view they should be discouraged – if not prevented – from acting aggressively, because of the risk of destabilizing corporate and international relations. If the quest for cyber peace degenerates into a tit-for-tat battle of digital vigilantism, global insecurity will be greater, not less.

  • Artificial Intelligence to make life harder for hackers

    As the volume of digital information in corporate networks continues to grow, so grows the number of cyberattacks, and their cost. One cybersecurity vendor, Juniper Networks, estimates that the cost of data breaches worldwide will reach $2.1 trillion in 2019, roughly four times the cost of breaches in 2015. Now, computer scientists have developed a tool that could make it harder for hackers to find their way into networks where they don’t belong.

  • Is your VPN secure?

    About a quarter of internet users use a virtual private network, a software setup that creates a secure, encrypted data connection between their own computer and another one elsewhere on the internet. Many people use them to protect their privacy when using Wi-Fi hotspots, or to connect securely to workplace networks while traveling. Other users are concerned about surveillance from governments and internet providers. However, most people – including VPN customers – don’t have the skills to double-check that they’re getting what they paid for. A group of researchers I was part of do have those skills, and our examination of the services provided by 200 VPN companies found that many of them mislead customers about key aspects of their user protections.

  • Improving security for Internet of Things with “big-thinking” research

    Every day, more and more people interact with the Internet of Things (IoT) in daily life. The IoT includes the devices and appliances in our homes — such as smart TVs, virtual assistants like Amazon’s Alexa or learning thermostats like Nest — that connect to the internet. The IoT also includes wearables such as the Apple Watch or Bluetooth chips that keep track of car keys. Our cars themselves, if equipped with sensors and computers, are also part of the IoT. In an age where data theft and cyberattacks are increasingly routine, the IoT has security vulnerabilities that must be addressed as the popularity of IoT devices grows.

  • Review of the “Digitization of WMD” symposium

    The digitization of biological and medical science is providing exciting and promising new pathways for improving health and daily life for mankind and our environment. The possibilities for new treatments, better fitness, and less prevalence of genetic diseases are numerous. However, these technologies and the information associated with emerging techniques carry certain risks and vulnerabilities. It is through understanding these risks and continuing to develop mitigation strategies for them, especially during the technology conceptualization and development phases, that we can continue to build promising new tools to improve life with confidence while addressing how they should be properly used.

  • U.S. intel chiefs warn Washington risks losing friends, influence

    U.S. intelligence chiefs are sounding alarms about an ever more perilous future for the United States, one in which the country is in danger of seeing its influence wane, its allies waiver, and key adversaries team up to erode norms that once kept the country safe and the world more stable. “It is increasingly a challenge to prioritize which threats are of greatest importance,” Dan Coats, Director of National Intelligence, said, sharing testimony that often and repeatedly contradicted past assertions by President Donald Trump. “During my tenure as DNI now two years and I have told our workforce over and over that our mission was to seek the truth and speak the truth,” Coats pointedly stated. Driving many of the concerns, according to intelligence officials, is a growing alliance between Russia and China competing against the U.S. not just for military and technological superiority, but for global influence.

  • Russia’s hostile measures threaten Europe: Report

    A new RAND report examines current Russian hostile measures in Europe and forecasts how Russia might threaten Europe using these measures over the next few years. “Whatever the U.S. response, preparation for involvement in a wide range of conflicts can help reduce the risk of mismanagement, miscalculation, and escalation,” the report’s authos say.

  • Thwarting cyberattacks by giving attackers “false hope”

    With almost every online purchase, a person’s personal information — name, date of birth and credit card number — is stored electronically often in the “cloud,” which is a network of internet servers. Now, as more people buy from online businesses, researchers hope to employ a new strategy in the ongoing struggle to protect digital information in the cloud from targeted cyberattacks. The strategy establishes a new artificial intelligence system to combat digital intrusions.

  • Understudied terrorists put under a microscope

    Bombs exploding, hostages taken and masked gunmen firing machine guns are all types of terrorist attacks we’ve seen. According to a new study, it’s the attacks we don’t see – cyberattacks – that happen more often and can cause greater destruction. “Little work has been done around the use of the internet as an attack space,” said Thomas Holt, Michigan State University professor of criminal justice and lead author. “The bottom line is that these attacks are happening and they’re overlooked. If we don’t get a handle understanding them now, we won’t fully understand the scope of the threats today and how to prevent larger mobilization efforts in the future.”

  • Finding the secret doors into software

    The word “hacker” often conjures up the stereotype of a nefarious genius typing away on a computer in a darkened room, stealing personal information — or worse. And thirty years ago, hacking was viewed as criminal activity. But the culture has changed. Now companies like Google, Facebook, and United Airlines offer rewards to people who discover and report vulnerabilities in their software.