• “Cyberbiosecurity” and the protection of the life sciences

    Biology and biotechnology have entered a digital age, but security policies around such activities have not kept pace. New research outlines how the evolving nature of biotechnology should sound alarm bells for new ways to keep life sciences assets safe. This could be from accidental cyber-physical breaches, or more nefarious threats.

  • DHS, election industry members to launch Sector Coordinating Council

    Election industry representatives from across the country met last week with DHS and representatives from the Election Assistance Commission (EAC) to launch the formation of an industry-led Sector Coordinating Council (SCC). Sector Coordinating Councils are bodies that enable critical infrastructure owners and operators to share information and work together with DHS on sector-specific strategies, policies, and activities.

  • “Watershed attack:” Hackers deploy new ICS attack framework, disrupting critical infrastructure

    Hackers working for a nation-state recently invaded the safety system of a critical infrastructure facility in what cyber experts call “a watershed attack” that halted plant operations. Cybersecurity firm FireEye disclosed the incident on Thursday, saying it targeted Triconex industrial safety technology from Schneider Electric SE. Schneider confirmed that the incident had occurred and that it had issued a security alert to users of Triconex, which cyber experts said is widely used in the energy industry, including at nuclear facilities, and oil and gas plants. FireEye and Schneider declined to identify the victim, industry or location of the attack.

  • DNA has gone digital – what could possibly go wrong?

    Biology is becoming increasingly digitized. Researchers like us use computers to analyze DNA, operate lab equipment and store genetic information. But new capabilities also mean new risks – and biologists remain largely unaware of the potential vulnerabilities that come with digitizing biotechnology. In 2010, a nuclear plant in Iran experienced mysterious equipment failures which paralyzed Iran’s nuclear weapons program. Months later, a security firm was called in to troubleshoot an apparently unrelated problem, and found a malicious computer virus called Stuxnet, which was telling uranium-enrichment centrifuges to vibrate. Stuxnet demonstrated that cybersecurity breaches can cause physical damages. What if those damages had biological consequences? Could bioterrorists target government laboratories studying infectious diseases? What about pharmaceutical companies producing lifesaving drugs? As life scientists become more reliant on digital workflows, the chances are likely rising. The emerging field of cyberbiosecurity explores the whole new category of risks that come with the increased use of computers in the life sciences.

  • Russia-related intelligence information left out of Trump's daily briefings for fear it would upset him

    White House and national security officials have said that they purposefully leave intelligence information on Russian ongoing hacking and disinformation activities against the United States out of President Donald Trump’s daily briefings for fear such intelligence information will upset him. If the information cannot be left out, it is usually placed toward the end of the briefing in order to prevent a situation in which the president would refuse to listen to or discuss the rest of the PDB (Presidential Daily Brief).

  • Using smartphones — instead of body parts — for identification to deter cybercrime

    Not comfortable with Face ID and other biometrics? This cybersecurity advancement may be for you. Researchers have discovered how to identify smartphones by examining just one photo taken by the device. The advancement opens the possibility of using smartphones — instead of body parts — as a form of identification to deter cybercrime.

  • What is Vladimir Putin really up to? Carnegie scholars aim to find out

    The Trump administration’s national security team – of not the president himself – is increasingly concerned that Russia is expanding its influence around the world at a time when the United States and leading Western powers in Europe are focused on their own domestic problems. The Carnegie Endowment for International Peace is about to launch a two-year project, called “The Return of Global Russia: A Reassessment of the Kremlin’s International Agenda,” aiming to examine and analyze Russia’s activist foreign and military policies. According to Carnegie researchers, Moscow is trying to systematically undermine democracies such as the United States and alliances like the European Union and the North Atlantic Treaty Organization.

  • Sen. Marco Rubio: “Vladimir Putin chose to interfere in U.S. elections”

    “[W]hat is abundantly clear is that Vladimir Putin chose to interfere in the U.S. elections — in my opinion, not so much to favor one candidate over another, but to sow instability”; “[H]is ultimate goal was to ensure that whoever was elected the next U.S. president, they did so with their credibility damaged. I also think that he wanted to exploit the already existing divisions in American society for the purpose of forcing us to go through what we’re going through right now — investigations, divisive debates, talk about impeachment, and the like.”

  • Bolstering cybersecurity in harsh environments

    According to the U.S. Federal Bureau of Investigation, the financial loss from cybercrime in the U.S. was over $1.3 billion in 2016. As this number is only expected to rise in the upcoming years, the military, businesses and individuals are seeking new ways to guard their information. Physical unclonable function (PUF) devices hold promise.

  • House passes important cybersecurity legislation

    Yesterday (Monday) the House unanimously passed H.R. 3359, the Cybersecurity and Infrastructure Security Agency Act of 2017. This important legislation will streamline the current structure of the National Protection and Programs Directorate (NPPD) and re-designate it as the Cybersecurity and Infrastructure Agency (CISA) to more effectively execute cybersecurity and critical infrastructure related authorities.

  • Cyber trends in 2017: The rise of the global cyberattack

    A new report, Cyber maturity in the Asia–Pacific region 2017, distils the major trends from a year’s worth of cyber events and looks at how countries in the region are measuring up to the challenges and opportunities posed by the internet and ever-more-connected IT infrastructure. Although cyber maturity and cybersecurity generally improved over the past year, the threat landscape worsened. Cybercriminals are investing in more advanced and innovative scams, and nation-states are prepared to launch massively destructive attacks causing huge collateral damage.

  • Simple tool tells whether websites suffered a data breach

    Computer scientists have built and successfully tested a tool designed to detect when websites are hacked by monitoring the activity of email accounts associated with them. The researchers were surprised to find that almost 1 percent of the websites they tested had suffered a data breach during their 18-month study period, regardless of how big the companies’ reach and audience are. “No one is above this—companies or nation states— it’s going to happen; it’s just a question of when,” said the senior researcher.

  • The “Russia Story”; Russia’s meddling was U.S. “intelligence failure”; cyber forensics, and more

    · What is the “Russia Story”?

    · Defending the West from Russian disinformation: The role of institutions

    · What Putin really wants

    · Russian bots manipulate online conversation about Olympics, sexual harassment

    · WikiLeaks faces four U.S. probes into its 2016 election role and CIA leaks

    · Rep. Eric Swalwell breaks down how Russia infected the U.S. election

    · As Russia subverts missile treaty, U.S. looking at new weapons

    · Exposing Russian interference – the value of real-time forensics

    · Ex-spy chief: Russia’s election hacking was an “intelligence failure”

    · Company that used Russian coders for Pentagon project strikes deal

  • Cybersecurity expert: Iranian hacking is a “coordinated, probably military, endeavor”

    On the heels of a report this week documenting Iran’s increasingly aggressive hacking attacks around the globe, a cybersecurity expert assessed that the advanced nature of the attacks suggests a “coordinated, probably military, endeavor.” A report released this week, by FireEye, a cybersecurity firm, noticed increased and increasingly advanced cyber-espionage efforts by groups that have been tied to Iran, and to the nation’s Islamic Revolutionary Guard Corps (IRGC).

  • Lawmakers request additional documents from DHS re: Kaspersky investigation

    U.S. House Science, Space, and Technology Committee chairman Lamar Smith (R-Texas) sent a letter Tuesday to the Department of Homeland Security (DHS) requesting documents and information related to the DHS directive to all government agencies to identify and remove Kaspersky Lab software from their computer systems.