• Senate Intel Committee moves to bolster election security

    The Senate Select Committee on Intelligence yesterday unanimously approved the Intelligence Authorization Act (IAA) for Fiscal Years 2018 and 2019. Among the main goals of the bill is strengthening the ability of the United States to detect, block, and limit the ability of the Russian government to compromise the integrity of U.S. elections. The bill also aims to shore up the security clearance process, which many experts regard as dysfunctional. “In the wake of foreign efforts to interfere with the 2016 U.S. elections, which this Committee continues to investigate, I am pleased to see this bill contains comprehensive measures to enhance our election security. It is vital that we ensure our voting process remains fair and free from undue influence,” said Senator Richard Burr (R-NC), the chairman of the committee.

  • Russian billionaire's firm moves to dismiss U.S. election meddling case

    The Kremlin’s 2016 broad disinformation campaign in the U.S. was carried out by Russian company Concord Management and its Internet Research Agency (IRA) “troll factory” in St. Petersburg. Concord was among the three Russian organizations, along with thirteen Russian individuals, indicted by Special Counsel Robert Mueller’s office in February in an alleged criminal conspiracy to tamper with the U.S. election and boost Trump’s prospects. On 25 June, Concord — using arguments made recently by President Trump himself — has asked a U.S. judge to dismiss the case brought against it by Mueller.

  • “The Russians play hard”: Inside Russia’s attempt to hack 2018 -- and 2020

    So what exactly is Russia planning for the upcoming election? The correct question, a half dozen security experts and former and current government officials say, is what are they not planning? And there will be new tactics, too. Nick Bilton writes in Vanity Fair that more than one expert told him that Russia will try to go after actual voting booths in smaller, more contentious districts across the country. The world we live in so intertwined with technology that you could imagine Russian hackers disrupting how we even get to the polls on Election Day. Ride-sharing services could be hacked. We’ve already seen instances of hackers faking transit problems on mapping apps, like Waze, to send people in the wrong direction, or away from a certain street. Perhaps most terrifying of all, one former official told Bilton, are the possibilities arising from Russia’s alleged 2015 cyber-attack on Kiev’s power grid, which plunged the city into darkness.

  • Weak response to Russian meddling emboldened Moscow, official says

    Russia was emboldened by the lack of a decisive response by President Barack Obama’s administration during the 2016 presidential election and will seek to interfere in future elections, a former top U.S. official said. Victoria Nuland, whose portfolio at the State Department made her a leading Russia official under Obama, made the comments 20 June during a hearing at the Senate Intelligence Committee, which is conducting a sweeping investigation of Russian actions in the United States.

  • 24-hour view of cyberattacks in Florida

    The Internet of things (IoT) – smartphones, vehicles, smart buildings, home appliances and other devices that use electronics, software and sensors – have transformed the way people around the world live and work. But not without risks. Data breaches and cyberattacks affect millions of businesses and households each year, hindering the integrity of critical systems, leaking private information and paralyzing Internet infrastructures.

  • Potential threat to speech privacy via smartphone motion sensors

    Could smartphone motion sensors be used by cybercriminals to record speech? It is a question that many academic and industry researchers are working to answer in order to ward off this kind of malicious use before it happens. Recent studies suggest security flaws and sensitivities to low-frequency audio signals, such as human speech, in accelerometers and gyroscopes could allow cybercriminals to collect confidential information such as credit card numbers and Social Security numbers as users speak into or near a mobile device.

  • Connected cars vulnerable to cyberthreats

    Connected cars could be as vulnerable to cyberattack as the smartphone in your hand or the personal computer on your desktop, according to a new study from the U.K.“Connected cars are no different from other nodes on the internet of things and face many of the same generic cybersecurity threats,” the team reports.

  • Why some claim credit for cyberattacks – and some don’t

    The decision to claim credit for a cyberattack on a government or institution depends on both the goals of the attack and the characteristics of the attacker, according to a new study, which is one of the first to look into the voluntary claiming of cybersecurity operations. The researchers note that whether or not the originator of the cyberattack wished to claim credit for it, advances in cybersecurity improve the ability of government and law enforcement agencies to track hackers.

  • Kaspersky to halt cooperation with Europe to fight cybercrime

    Russia’s Kaspersky Lab says it will no longer cooperate on several European cybercrime-fighting initiatives after the European Parliament moved to ban its antivirus software. The United States and a number of European countries have accused Kaspersky of having ties to the Kremlin and Russian intelligence services. The U.S. Department of Homeland Security last year ordered the country’s agencies using Kaspersky products to remove and replace them with other approved software within 90 days.

  • Why 50,000 ships are so vulnerable to cyberattacks

    The 50,000 ships sailing the sea at any one time have joined an ever-expanding list of objects that can be hacked. Cybersecurity experts recently displayed how easy it was to break into a ship’s navigational equipment. This comes only a few years after researchers showed that they could fool the GPS of a superyacht into altering course. Once upon a time objects such as cars, toasters and tugboats only did what they were originally designed to do. Today the problem is that they all also talk to the internet. The maritime industry is undoubtedly behind other transportation sectors, such as aerospace, in cybersecurity terms. There also seems to be a lack of urgency to get the house in order. So the maritime industry seems particularly ill-equipped to deal with future challenges, such as the cybersecurity of fully autonomous vessels.

  • Novel transmitter protects wireless data from hackers

    Today, more than eight billion devices are connected around the world, forming an “internet of things” that includes medical devices, wearables, vehicles, and smart household and city technologies. By 2020, experts estimate that number will rise to more than twenty billion devices, all uploading and sharing data online. But those devices are vulnerable to hacker attacks that locate, intercept, and overwrite the data, jamming signals and generally wreaking havoc. A novel device uses ultrafast “frequency hopping” and data encryption to protect signals from being intercepted and jammed.

  • Atlantic Council launches a website to track Russian disinformation

    The Atlantic Council yesterday launched a new webpage – DisinfoPortal.org – an interactive online guide to track the Kremlin’s disinformation campaigns abroad. The portal brings together 23 top organizations and more than 80 experts fighting Russian disinformation in the United States and Europe. “It’s time to stop ‘admiring the problem’ of Russian disinformation and start fighting back, using the tools of democratic societies to counter the autocrat’s playbook,” said Ambassador Daniel Fried of the Atlantic Council.

  • Synack launches a pro bono Secure the Election initiative

    Redwood City, California-based cybersecurity firm Synack has launched the Secure the Election initiative, a pro bono campaign to help states secure voting systems before 2018 Midterm elections. Other cybersecurity companies have been in touch with states about offering free, or reduced price, services to help secure elections.

  • Increased IT security at hospitals does not equal fewer cyberattacks, breaches

    The Verizon Data Breach report indicates the health care sector is the top target for cyberattacks. And, as hospitals do more to guard against attacks, it’s not necessarily translating into fewer data breaches, according to new research. Researchers found that the increased use of information technology security systems by hospitals did not equal fewer breaches, contrary to predictions.

  • Corporate data collection and U.S. national security: Expanding the conversation in an era of nation state cyber aggression

    What has the Russia investigation revealed about risks inherent in mass private data collection? Carrie Cordero writes that one thing we learned from the Russia investigation is that we may be framing the conversation about corporate data collection too narrowly. “Based on what we have learned publicly so far about the Russian election interference, it is worth pausing to reflect on the national security implications of corporate data collection and aggregation as it relates to the collection of individual, private citizens’ data,” she says. “Although the Senate Select Committee on Intelligence (SSCI) and special counsel investigations are not yet complete, we know enough already about Russia’s interference in the 2016 election to understand that data collected from private companies and organizations can be accessed, exposed and potentially misused in a way that is harmful to the country’s institutional stability. At the very least, its misuse sows distrust and confusion. At worst, it shreds the institutional and societal fabric that holds the country together.”