• World Cup 2018: British intelligence briefs players, staff on Russian cyberthreats

    The U.K. Football Association (FA) said it was taking cybersecurity seriously this summer – the Soccer World Cup tournament will be held in Russia from 15 June to 15 July — and will be taking advice from the National Cyber Security Center (NCSC) at the GCHQ (the British equivalent of the U.S. NSA). The England team will be briefed by GCHQ staff before flying out to the World Cup to help them stay safe from Russian hackers.

  • Hacker accused of aiding Russian spies in massive breach gets prison

    A Kazakh-born computer hacker who U.S. prosecutors say unwittingly worked with a Russian spy agency in a massive Yahoo data breach has been sentenced to five years in prison. Karim Baratov was named in an indictment last year that charged two Russian spies with orchestrating the 2014 Yahoo breach involving 500 million users — one of the largest breaches at any Internet company.

  • Internet of Things: when objects threaten national security

    We all know personal devices can be hacked, but a whole country’s security could be at risk too. With the rise of the so-called Internet of Things (IoT), and against the backdrop of cyberwarfare, digital surveillance and digital subversion, the risk to national security is increasing. Earlier this year the head of the UK National Cyber Security Centre publicly stated that a major cyber-attack on the country’s essential services was a question of “when, not if.”

  • Failing to keep pace: The cyber threat and its implications for our privacy laws

    “The time has come — indeed, if it has not already passed — to think seriously about some fundamental questions with respect to our reliance on cyber technologies: How much connected technology do we really want in our daily lives? Do we want the adoption of new connected technologies to be driven purely by innovation and market forces, or should we impose some regulatory constraints?” asked NSA General Counsel Glenn Gerstell in a Wednesday presentation at Georgetown University. “Although we continue to forge ahead in the development of new connected technologies, it is clear that the legal framework underpinning those technologies has not kept pace. Despite our reliance on the internet and connected technologies, we simply haven’t confronted, as a U.S. society, what it means to have privacy in a digital age.”

  • Russia’s active measures architecture: Task and purpose

    Russia’s latest iteration of the Soviet-era tactic of “active measures” has mesmerized Western audiences and become the topic de jour for national security analysts. In my last post, I focused on the Kremlin’s campaign to influence the U.S. elections from 2014 to 2016 through the integration of offensive cyber hacking, overt propaganda, and covert social media personas In this post, I focus on the elements of Russia’s national power that execute active measures abroad.

  • U.S. disrupted major Russian cyberattack, possibly on Ukraine

    The U.S. Justice Department has seized an Internet domain controlled by a hacking group tied to Russian military intelligence that was planning a major cyberattack, possibly in Ukraine. The U.S. move late on 23 May was aimed at breaking up what the department said was a dangerous botnet of a half-million infected computer network routers that could have allowed the hackers to take control of computers and stage destructive attacks, as well as steal valuable information.

  • Russia’s corruption, influence “a matter of national security”: U.K. Parliamentary panel

    “Dirty” Russian money is undermining Britain’s efforts to stand up to the Kremlin and supports President Vladimir Putin’s campaign “to subvert the international rules-based system,” a British parliamentary report says. “The scale of damage that this ‘dirty money’ can do to U.K. foreign-policy interests dwarfs the benefit of Russian transactions in the City,” Foreign Affairs Committee Chairman Tom Tugendhat said today (21 May) ahead of the release of the report. “Over the years, Moscow has turned from being a corrupt state to an exporter of instability. Russian corruption and influence has become a matter of national security,” he added.

  • Read this before you invest in cryptocurrency

    We’ve all heard the headline stories about cryptocurrencies – they’re millionaire-makers and dream-destroyers. They’re part of a decentralized market that supports criminal activity, yada yada yada. But how do you separate facts from fiction? Here are six cryptocurrency myths you need to get on top of.

  • Students win Alabama hackathon with cryptocurrency prototype app

    Two University of Arkansas at Little Rock students are looking to make a name for themselves in the world of hackathons. The two won the hackathon for their project, Tweety Wallet, a multicurrency cryptocoin wallet which can hold any type of cryptocurrency, but which is configured for Bitcoin, Zcash, Ethereum, and Litecoin.

  • Putin’s doctrine blends “bare-face lying,” “social media disinformation,” and “criminal thuggery”: MI5 Director

    In a speech on Wednesday, MI5 Director General Andrew Parker discussed the security challenges the West is facing, chief among them the threat from Russia. Parker said the threat from Russia is a “hybrid threat,” as Russia is a practitioner of a doctrine “blending media manipulation, social media disinformation and distortion with new and old forms of espionage, high levels of cyberattacks, military force, and criminal thuggery.” Parker added: “Our democracies, our societies and our bonds of partnership are strong. But we must not be complacent about the longer-term potential impact of this [Russian] activity on the international rules-based order that supports our security and prosperity.”

  • Bolstering government vehicle telematics cybersecurity

    Vehicle telematics refers to embedded systems on a vehicle that tracks the vehicle and combines wireless and internet communications to send, receive and store vehicle information. As the use of vehicle telematics technologies rapidly grow, so do the cybersecurity security vulnerabilities and the need to safeguard the vehicle telematics data from cyberattack.

  • White House eliminates Cyber Coordinator position

    Rob Joyce, the White House Cyber Coordinator, left his position Friday to return to the National Security Agency (NSA), and the White House, instead of replacing him, has decided to eliminate the position. Gary Kasparov, Russian chess champion and critic of President Vladimir Putin, said that doing away with that job as the United States is still trying to cope with the impact of Russia’s 2016 election interference, and as it faces ongoing and mounting cyberthreats and attacks, is “[l]ike eliminating the Navy after Pearl Harbor.”

  • Kaspersky to move data center from Russia to Switzerland

    Kaspersky Lab, the Moscow-based anti-virus maker will open a Swiss data center after allegations that Russian hackers exploited the company’s software to spy on customers. The said the new location would help it “rebuild trust.”

  • The Facebook ad dump shows the true sophistication of Russia’s influence operation

    The massive trove of Facebook ads House Intelligence Committee Democrats released last Tuesday offers a breathtaking view of the true sophistication of the Russian government’s digital operations during the 2016 presidential election. Many stories have already been written about the U.S. intelligence community’s investigation of the hacking operation Russian intelligence services carried out to influence the election in favor of then-candidate Donald Trump. Derek Hawkins writes that the more than 3,000 “incredibly specific and inflammatory” Russian ads released last week allow us for the first time to “have a swath of empirical and visual evidence of Russia’s disinformation campaign.”

  • Vulnerabilities found in PGP-encrypted emails, users urged to take immediate action

    A group of European security researchers have released a warning about a set of vulnerabilities affecting users of PGP and S/MIME. These vulnerabilities pose an immediate risk to those using these tools for email communication, including the potential exposure of the contents of past messages.