• Gen. H. R. McMaster: "The Kremlin’s confidence is growing

    In a speech at the Atlantic Council on Tuesday, 3 April, the outgoing national security adviser Gen. H. R. McMaster said that “Russia has used old and new forms of aggression to undermine our open societies and the foundations of international peace and stability.” He said that Western countries have been “targeted by Russia’s so-called hybrid warfare, a pernicious form of aggression that combines political, economic, informational, and cyber assaults against sovereign nations.  Russia employs sophisticated strategies deliberately designed to achieve objectives while falling below the target state’s threshold for a military response.  Tactics include infiltrating social media, spreading propaganda, weaponizing information, and using other forms of subversion and espionage.” McMsster added: “The Kremlin’s confidence is growing.”

  • Russia's influence is much more than propaganda and fake news

    By Vincent Charles Keating and Katarzyna Kaczmarska

    This liberal bias of Western political culture has led the majority of Russia-commentators to miss something which is in plain sight: that Russia’s conservative values are increasingly attractive among populist groups in the West, and that this attraction is doing what soft power is supposed to do: generating support for Russia’s foreign policy. The ideological attraction of the values put forward by the Russian regime cross several categories, including moral conservatism, illiberal governance, and strong leadership. This means that Russian propaganda is not simply being delivered to a uniform audience that needs to be convinced or confused: it is being delivered to a differentiated audience, some of whom – on the populist, far-right side of the spectrum — will buy into the messages put out by the Russian regime because it conforms with their ideological values. Countering Russian influence in the West is thus not simply a matter of fact-checking to counter the propaganda efforts: with populist, far-right movements the problem is fundamentally ideological.

  • 4G LTE networks vulnerability allows adversaries to send fake emergency alerts

    Researchers have identified several new vulnerabilities in 4G LTE networks, potentially allowing hackers to forge the location of a mobile device and fabricate messages. The vulnerabilities would allow adversaries to send fake emergency paging messages to a large number of devices, drain a victim device’s battery by forcing it to perform expensive cryptographic operations, disconnect a device from the core network, and more.

  • Diminutive robot defends factories against cyberthreats

    It’s small enough to fit inside a shoebox, yet this robot on four wheels — called HoneyBot — has a big mission: keeping factories and other large facilities safe from hackers. The diminutive device is designed to lure in digital troublemakers who have set their sights on industrial facilities. HoneyBot will then trick the bad actors into giving up valuable information to cybersecurity professionals.

  • Russian ships scouting key communication cables

    Russia has not only attacked the infrastructure of American democracy, but has also engaged in what the U.S. government describes as a pervasive, wide-ranging cyber-assault on U.S. energy grid and other key components of the U.S. critical infrastructure. These attacks included leaving “sleeper” malware in key infrastructure nodes, which would allow Russia – remotely, and at the time of its choosing — to turn off power stations, open dam gates, shutdown water treatment facilities, and more. Western intelligence services have spotted Russian ships lurking around critical underwater communications cables, causing concern the Kremlin is doing reconnaissance in preparation for possible future retaliatory action.

  • Georgia passes anti-cyber whistleblower bill

    Despite the vigorous objections of the cybersecurity community, the Georgia legislature has passed a bill which would open independent researchers who identify vulnerabilities in computer systems to prosecution and up to a year in jail. Critics of the bill say that Georgia has positioned itself as a hub for cybersecurity research, but the bill would make cybersecurity firms think twice about relocating to Georgia.

  • Czechs extradite alleged Russian hacker Nikulin to U.S.

    The Czech Justice Ministry has announced that an alleged Russian hacker wanted by both Washington and Moscow has been extradited to the United States. Yevgeny Nikulin is accused of hacking big Internet companies including LinkedIn and Dropbox in 2012 and 2013. The FBI links him to the hacking of the Democratic Party’s servers during the 2016 U.S. presidential election campaign.

  • U.K.'s best cyber defenders compete for chance to take on the U.S. cyber best

    Inter-ACE, now in its third year, was established to help resolve the vast and growing cyber security skills gap, with an estimated shortfall of 1.8 million workers worldwide by 2022. More than 130 students representing eighteen of the U.K.’s top cybersecurity universities battled it out at the Inter-ACE 2018 cybersecurity challenge, hosted by the University of Cambridge. The competition, supported by GCHQ’s National Cyber Security Center, and designed to attract the next generation of cybersecurity talent.

  • Busting Russia’s fake news the European Union way

    By Thomas Holt

    The U.S. has been rocked over the last two years by claims that the Russian government directly attempted to meddle in the 2016 presidential election. Such efforts may be relatively new in the U.S. But they are part of a much larger global push by the Kremlin to affect politics across the European Union and exploit citizens through the internet. I study computer hacking, malware and the role of the internet in fraud and deception by various actors. And I believe that the Europeans have something to teach the United States about how to protect citizens subject to Russian internet propaganda.

  • Modeling cyber insurance could protect the power grid

    The failure of even parts of the U.S. power grid could cause rolling blackouts that paralyze health care, traffic and business systems. With the advent of “smart” infrastructures that send data to the internet, cybersecurity is becoming a prime concern of public officials. Researchers are aiming to help utility companies prepare for that risk by making it easier for insurance companies to cover it.

  • Privacy of Americans not protected in omnibus spending bill

    The CLOUD Act, inserted at the very end of the 2,232-page omnibus spending bill, will make substantial amendments to the Electronic Communications Privacy Act (ECPA). It grants U.S. law enforcement entities new powers to compel U.S. companies to disclose communications and data on U.S. and foreign users that is stored overseas. It also empowers foreign governments to demand the stored and real-time data and communications of users outside the U.S.

  • Cybersecurity Lab welcomes first female hacker-in-residence

    NYU Tandon’s Offensive Security, Incident Response and Internet Security Laboratory, aka the OSIRIS Lab, recently welcomed a new hacker-in-residence: Sophia d’Antoine, a Senior Security Researcher at Trail of Bits. As a hacker-in-residence at the student-run cybersecurity research lab, d’Antoine will be imparting her own expertise to the student members hoping to learn practical approaches to combating hackers who exploit real systems.

  • Leaky apps exacerbate Facebook’s privacy risks

    A bug in Facebook’s advertising platform made it possible for potential hackers to uncover users’ phone numbers, according to new research. The Facebook advertising system is incredibly effective at targeting specific audiences, which is what has made the company so lucrative, says a researcher. But because anyone can become an advertiser, and there is very little transparency in what ads are being placed, the platform “could be used for nefarious purposes,” he added.

  • Higher education joint cyber security operations center launches

    Indiana University, Northwestern University, Purdue University, Rutgers University and the University of Nebraska-Lincoln have announced the launch and activation of OmniSOC, a specialized, sector-based cyber security operations center, or SOC, that provides trusted, rapid, actionable cyber intelligence to its members. OmniSOC protects five universities, hundreds of thousands of devices and tens of thousands of students and faculty from cyber threats.

  • U.S. not ready to fend off Russian meddling in the 2018 midterms: GOP, Dem. lawmakers

    Dan Coats, the director of national intelligence (DNI), told lawmakers two weeks ago that “the Unsaid States is under attack” by Russia. On Wednesday, the Senate Intelligence Committee held hearings about how the United States was addressing one of the components the three-pronged Russian attack: Russia’s ambitious effort to undermine and discredit American democracy by attacking the U.S. election infrastructure. Homeland Security Secretary Kirstjen Nielsen and former DHS secretary Jeh Johnson were confronted by pointed questions from both Republicans and Democrats, questions which revealed a bipartisan consensus that the United States is not prepared to fend off Russian meddling in the 2018 midterms.