• Russia conducted "unprecedented, coordinated" attacks on U.S. voting systems in 2016: Senate Intelligence Committee

    Hackers affiliated with the Russian government conducted an “unprecedented, coordinated” campaign against the U.S. voting system, including successfully penetrating a few voter-registration databases in 2016, the Senate Intelligence Committee has concluded. The cyberattacks targeted at least eighteen states, and possibly three more. “Russian actors scanned databases for vulnerabilities, attempted intrusions, and in a small number of cases successfully penetrated a voter registration database,” the committee said in an interim report releaed Tuesday.

  • Georgia governor vetoes controversial computer crime bill

    Georgia Governor Nathan Deal, recognizing the concerns of Georgia’s cybersecurity sector, has vetoed a bill which would have threatened independent research and empowered dangerous “hack back” measures. The bill could have given prosecutors the discretion to target independent security researchers who uncover security vulnerabilities, even when they have no criminal motives and intend to disclose the problems ethically.

  • Cryptojacking spreads across the web

    Right now, your computer might be using its memory and processor power – and your electricity – to generate money for someone else, without you ever knowing. It’s called “cryptojacking,” and it is an offshoot of the rising popularity of cryptocurrencies like bitcoin.

  • Keeping Big Data safe

    NIST has announced the Unlinkable Data Challenge, created to help the public safety community conduct research using data gathered with personal digital devices and taken from large databases such as driver’s license and health care records. Much of this data includes personal information that can be used to identify its source. Exposing this data risks those individuals’ privacy, but the inability to share it impedes research in many fields, including thwarting crime, fighting fires and slowing the spread of epidemics.

  • Critical industrial software flaws left U.S. infrastructure vulnerable to hackers

    Tenable Research, a Maryland-based cybersecurity firm, has discovered vulnerabilities in two applications widely used by manufacturers and power plant operators. These vulnerabilitiers may have given hackers a foothold in U.S. critical infrastructureg.

  • Hackers steal bitcoin from air-gapped wallets

    Researchers have found a way to exfiltrate bitcoin wallets even when they that are airgapped—meaning they aren’t connected to the internet or to any other devices. The research is significant because it shows that even when devices are not connected to the internet, attackers may still successfully steal the information.

  • Russian bots did “influence the General Election by promoting Jeremy Corbyn”: Study

    An examination by Swansea University and the Sunday Times found that Russian government bots distributed thousands of fake posts on social media in the run-up to Britain’s election last June, aiming to help Labor Party leader Jeremy Corbyn win the election. He did not win, but still achieved unexpectedly good results for the Labor Party – results which defied predictions — in the process weakening Prime Minister Theresa May. The methodology of the Russian government’s pro-Corbyn social media campaign was similar to the Kremlin’s broad disinformation campaign to help Donald Trump win the 2016 U.S. presidential election.

  • The “European Approach” to fighting disinformation: Lessons for the United States

    The European Commission published a communication on 26 April to the European Council and Parliament outlining the “European Approach” to combatting disinformation. The report provides an important opportunity for reflection across the transatlantic space, as the United States seeks to inoculate its democracy from ongoing hostile foreign interference activities. Takeaways from the “European Approach” to fighting disinformation can help U.S. policymakers develop more targeted policy measures, and identify potential shortcomings in the U.S. response.

  • Cybersecurity teams which do not interact much perform best

    Scientists recently found that the best, high-performing cybersecurity teams have relatively few interactions with their team-members and team captain. While this result may seem counterintuitive, it is actually consistent with major theoretical perspectives on professional team development.

  • Syracuse University team wins 2018 National Cyber Analyst Challenge

    A team of Syracuse University students was awarded first place and $20,000 in the National Cyber Analyst Challenge (NCAC) at Temple University in Philadelphia in April. At NCAC, students are given six hours and a large set of network traffic data to identify the origins of a cyberattack and its potential damage, and then make a seven-minute presentation of their findings and recommendations to a panel of C-suite-level judges from industry.

  • Protecting sensitive data in the Cloud by disguising access patterns

    Computer scientists is working to defend against the next potential cyber risk – cloud storage. The scientists say cloud users can encrypt sensitive data and information, but how they access the data may make it vulnerable.

  • Tool measures individuals’ likelihood to fall for internet scams

    Researchers have developed an online questionnaire which measures a range of personality traits to identify individuals who are more likely to fall victim to internet scams and other forms of cybercrime. The psychometric tool asks participants to answer a range of questions in order to measure how likely they are to respond to persuasive techniques.

  • World’s biggest DDoS-for-hire service taken down

    The administrators of the DDoS marketplace webstresser.org were arrested on 24 April 2018 as a result of Operation Power Off, a complex investigation led by the Dutch Police and the UK’s National Crime Agency with the support of Europol and a dozen law enforcement agencies from around the world. The webstresser.org was considered the world’s biggest marketplace to hire Distributed Denial of Service (DDoS) services, with over 136 000 registered users and 4 million attacks measured by April 2018.

  • Deterring foreign interference in U.S. elections

    A new study analyzes five million political ads on hot-button issues which ran on Facebook in the run-up to the 2016 election. Voters in swing states like Wisconsin and Pennsylvania were disproportionately targeted with ads featuring divisive issues like guns, immigration, and race relations. The divisive ads were purchased by 228 groups – 121 of these groups had no publicly trackable information.

  • Bitcoin more vulnerable to attack than expected

    Calculations by researchers show that Bitcoin is more vulnerable to attack than people had always assumed. If some Bitcoin users were to form a group that controls 20 percent of the currency’s computing power, they could launch an attack and, within a few days, force all other users to accept a new standard for Bitcoin.