• EU issues call to action to combat Russian “propaganda”

    The European Commission and lawmakers have accused Russia of orchestrating a “disinformation campaign” aimed at destabilizing the bloc and called for increased measures to combat the threat. “There seems frankly little doubt that the pro-Kremlin disinformation campaign is an orchestrated strategy, delivering the same disinformation stories in as many languages as possible, through as many channels as possible, as often as possible,” EU Security Commissioner Julian King told the European Parliament in Strasbourg on 17 January.

  • New malware espionage campaign compromises mobile devices around the world

    Cybersecurity experts have uncovered a new malware espionage campaign infecting thousands of people in more than twenty countries. Hundreds of gigabytes of data have been stolen, primarily through mobile devices compromised by fake secure messaging clients. The Trojanized apps, including Signal and WhatsApp, function like the legitimate apps and send and receive messages normally. However, the fake apps also allow the attackers to take photos, retrieve location information, capture audio, and more. The threat, called Dark Caracal, may be a nation-state actor and appears to employ shared infrastructure which has been linked to other nation-state actors.

  • Interconnected technological risks: Responding to disruptions of cyber-physical systems

    When infectious diseases strike, the World Health Organization acts swiftly, coordinating with the U.S. Centers for Disease Control and Prevention and its foreign counterparts to contain the threat. But there is no equivalent international organization similarly dedicated to identifying and mitigating a cyberattack. The World Economic Forum (WEF), however, is bringing together infrastructure and technology developers, insurers and government officials from across the globe to develop strategies for responding to interconnected technological risks, including those that can cascade when hackers disrupt cyber-physical systems.

  • Tracking and reacting to Russian attacks on democracy

    Last week, a U.S. government report outlined attacks made by Russian President Vladimir Putin on democratic institutions over nearly two decades. The report details the many ways in which the Russian government has combined Soviet-era approaches with today’s technological tools. Princeton’s Jacob Shapiro says: “While not a revelation to people who have been following the issue, the depth and intensity of Russian efforts against America’s allies in Europe are striking and well-documented in the report. While some may argue that turnabout is fair play insofar as the United States and its European allies have been aggressively pushing their vision of governance inside Russia and its allies for decades, those efforts have taken place in the context of institutions that abide by widely accepted legal norms. What is striking about the Russian effort is the extent to which it employed actors and approaches that clearly and routinely transgress Russian, international, and domestic laws in the places they operate. To me, the extralegal nature of Russian influence efforts was just striking.”

  • Threat identification tool addresses cybersecurity in self-driving cars

    Instead of taking you home from work, your self-driving car delivers you to a desolate road, where it pulls off on the shoulder and stops. You call your vehicle to pick you up from a store and instead you get a text message: Send $100 worth of Bitcoin to this account and it’ll be right over. You buckle your seatbelt and set your destination to a doctor’s appointment, but your car won’t leave your driveway because it senses it’s been hacked. These three hypothetical scenarios illustrate the breadth of the cybersecurity challenges that must be overcome before autonomous and connected vehicles can be widely adopted. While every new generation of auto tech brings new security risks, the vulnerabilities that come along with advanced mobility are both unprecedented and under-studied, the paper states.

  • Time for election reform

    Congressional investigations have uncovered extensive interference - attempted fraud - by Russia and other foreign agents, including attempts to hack electronic voting machines, attempts to hack voter rolls to add or delete voters, targeted internet advertising, and targeted fake news and trolling. Here are five obvious reforms to strengthen the “critical infrastructure” of our democracy.

  • How to respond to Russia's attacks on democracy

    Much of the public discourse concerning Russian interference has highlighted Russia’s use of disinformation to meddle in the U.S. elections, but the Kremlin’s activities extend beyond just interfering in elections. These activities encompass a comprehensive, asymmetric toolkit that exacerbates existing social divisions in Western societies, aiming to undermine democratic governments and institutions. Moscow, as a declining power, has opted for low-cost methods such as information warfare, hacking, political support for extremist groups, economic coercion, and illicit finance in an effort to undermine its perceived enemies in the West and create the perception that democracy is an inherently corrupt system.

  • Russia’s troll factory expands office to 12,000 square meters

    Russian government disinformation and hacking specialists had good eighteen months: they were successful in their campaigns to bolster far-right, nationalist, anti-European political parties and leaders in France (Marine Le Pen), Germany (AfD), and the Netherlands (Geert Wilders); they were successful in raising the profile of populist causes which would weaken European institutions (Brexit, Catalonian independence, Scottish separatism, and Italy’s referendum); and they succeeded in helping Donald Trump, a polarizing, divisive leader who is more responsive to Russian interests and outlook, become president of the United States. Russia’s infamous troll factory in St. Petersburg, which played a major role in the Russian government’s disinformation campaigns on social media, is expanding its office to 12,000 square meters, three times bigger than its previous work space.

     

  • Intel AMT security issue: Attackers may bypass login credentials in corporate laptops

    Helsinki, Finland-based F-Secure reported a security issue affecting most corporate laptops that allows an attacker with physical access to backdoor a device in less than thirty seconds. The issue allows the attacker to bypass the need to enter credentials, including BIOS and Bitlocker passwords and TPM pins, and to gain remote access for later exploitation. It exists within Intel’s Active Management Technology (AMT) and potentially affects millions of laptops globally.

  • Developing a secure, un-hackable net for quantum devices

    To date, communicating via quantum networks has only been possible between two devices of known provenance that have been built securely. With the EU and the United Kingdom committing €1 billion and £270 million, respectively, into funding quantum technology research, a race is on to develop the first truly secure, large-scale network between cities that works for any quantum device.

  • Russian hackers who hacked DNC are now targeting U.S. Senate: Experts

    Russian hackers from the group known as “Fancy Bear” are targeting the U.S. Senate with a new espionage campaign, according to cybersecurity firm TrendMicro. Fancy Bear was one of the Russian government’s hacking groups employed by the Kremlin in 2016 to help Donald Trump win the presidency, and TrendMicro analysts say the group has spent the past few months laying the groundwork for an espionage campaign against the U.S. Senate. Analysts say that the group’s efforts to gather the emails of America’s political elite suggest that the Kremlin plans to continue to interfere in the American political process.

  • Report details two decades of Putin’s attacks on democracy, U.S. vulnerability to Kremlin's interference

    A Senate Foreign Relations Committee Democratic staff report released Wednesday details Russian president Vladimir Putin’s nearly two decades-long assault on democratic institutions, universal values, and the rule of law across Europe and in his own country. The report finds that President Trump’s refusal to publicly acknowledge the threat posed by the Russian government has hampered efforts to mobilize the U.S. government, strengthen U.S. institutions, and work with U.S. European allies to counter Putin’s interference in democracies abroad. In the absence of unequivocal presidential leadership, the United States remains vulnerable to Russian interference. The report includes more than thirty recommendations for the United States and its allies.

  • Bitcoin risks: What you should know about the digital currency

    If you own Bitcoin or want to invest in the mercurial digital currency, which soared to more than $19,000 before plunging in value, watch out, says an expert. Security and privacy issues, not to mention the possibility of a Bitcoin market crash, should give you pause for concern, according to Rutgers’s Janne Lindqvist. Bitcoin, a digital currency introduced in 2009, features a peer-to-peer network with a public online ledger for tracking transactions. Bitcoin prices have soared in recent months, and people can buy and sell Bitcoins with some anonymity.

  • Russia’s Europe meddling; 2018 election security plan; Russia hacks Winter Olympics, and more

    · Intelligence Committee prepares election security plan to thwart Russian hacking

    · Everything we know so far about Russian election meddling in Europe

    · Congress’ grilling of tech companies in 2017 foreshadows the debates of 2018

    · Why is WikiLeaks trying to kneecap Michael Wolff’s book?

    · The digger who commissioned the Trump-Russia dossier

    · Czechs fear Russian fake news in presidential election

    · We are being defeated in a digital war – but there is still time to fight back

    · Sneaky malware disguises itself as an Adobe Flash Player installer

    · Fancy Bear: Alleged Russian hackers leak ‘emails and documents’ from Olympic body

    · Republicans work to frustrate Mueller’s Russia investigation as probes close in on Trump White House

  • Apple, Android and PC chip problem – why your smartphone and laptop are so at risk

    Less than a week into 2018 and we may have already seen the year’s biggest technology story. Researchers have identified a security flaw in the computer processors made by three of the world’s biggest chip designers, Intel, AMD and ARM, and a second flaw in Intel chips. This means that almost every smartphone, tablet, laptop and business computer in the world could be vulnerable to having sensitive data including passwords stolen. The cloud servers that store websites and other internet data are also at risk. This is one of the biggest cyber security vulnerabilities we’ve ever seen in terms of the potential impact to personal, business and infrastructure computer systems. What’s more, because the flaw is located in such a fundamental part of the computer, there’s no way to know whether or not a machine has been targeted and what data might have been accessed.