Searching for "cybersecurity"
“Trying to debunk misinformation after it has spread is like shutting the barn door after the horse has bolted. By pre-bunking, we aim to stop the spread of fake news in the first place,” said Dr Sander van der Linden, Director of the Cambridge Social Decision-Making lab and senior author of the new study.Game combats political misinformation by letting players undermine democracy: A short online game in which players are recruited as a “Chief Disinformation Officer” and use tactics like trolling to sabotage elections in a peaceful town has shown to reduce susceptibility to political misinformation from r/science
https://www.cam.ac.uk/research/news/game-combats-political-misinformation-by-letting-players-undermine-democracy
Game combats political misinformation by letting players undermine democracy
The free-to-play Harmony Square is released to the public today, along with a study on its effectiveness published in the Harvard Misinformation Review
It has been created by University of Cambridge psychologists with support from the US Department of State’s Global Engagement Center and Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA).
+++++++++++++++
more on disinformation in this IMS blog
https://blog.stcloudstate.edu/ims?s=disinformation
Vatican enlists bots to protect library from onslaught of hackers from r/technology
Vatican enlists bots to protect library from onslaught of hackers
https://www.theguardian.com/world/2020/nov/08/vatican-enlists-bots-to-protect-library-from-onslaught-of-hackers
The library has partnered with Darktrace, a company founded by Cambridge University mathematicians, which claims to be the first to develop an AI system for cybersecurity.
+++++++++++++++
more on bots in this IMS blog
https://blog.stcloudstate.edu/ims?s=bots
Twitter Continues to Face Scrutiny Amidst Political Backlash Due to High-Profile Hack
By IGI Global on Oct 22, 2020
the New York Department of Financial Services (DFS) has
released an investigation report on Twitter. This report outlines the high profile attack that overtook popular celebrity accounts (including former U.S. president Barack Obama, celebrity and businesswoman Kim Kardashian West, Amazon mogul Jeff Bezos, and other notable celebrities) and led to the theft of US$ 118,000 in bitcoin.
DFS has called on the U.S. government to regulate social media platforms, such as Twitter and Facebook, on cybersecurity, along with antitrust and content moderation.
Vietnam’s battalions of ‘cyber-armies’ silencing online dissent from r/TechNewsToday
Vietnam‘s cyber-army, also known as Force 47, was deployed to counter the content on social media platforms deemed critical of the way the authorities handled the situation.
Vietnam’s Force 47 is run by the Ministry of Public Security (MPS) to hack anti-government websites and spread pro-government messages online, and is believed to be at least 10,000-strong.
Digital rights campaigners accuse Vietnam of attempting to replicate China’s “Great Firewall” by regulating and censoring the internet with the cybersecurity law.
Neither Google, which owns YouTube, nor Facebook has complied with the legislation, which requires the American tech giants to open local data storage facilities inside Vietnam by January 1.
Vietnam has a population of 96 million. With more than 60 million Facebook users, it is the platform’s one of the fastest-growing markets.
https://www.axios.com/the-coming-deepfakes-threat-to-businesses-308432e8-f1d8-465e-b628-07498a7c1e2a.html
++++++++
more on cybersecurity in this IMS blog
https://blog.stcloudstate.edu/ims?s=cybersecurity
https://blog.stcloudstate.edu/ims?s=audio+video+fake+news
CIA Offers Proof Huawei Has Been Funded By China’s Military And Intelligence
Zak Doffman Cybersecurity
https://www.forbes.com/sites/zakdoffman/2019/04/20/cia-offers-proof-huawei-has-been-funded-by-chinas-military-and-intelligence/#4043c72b7208
the Times reported that such evidence exists, it has just not been openly published.
Joy Tan, Huawei’s chief global communicator, told methat “the assumption that the Chinese government can potentially interfere in Huawei’s business operation is completely not true. Huawei is a private company. The Chinese government does not have any ownership or any interference in our business operations.”
The CIA has now directly refuted this.
Tan insisted that “China does not have any law to force any company or business to install a back door. Premier Li Keqiang said that openly several weeks ago, the Chinese government would never do that, make any company spy.”
According to the Times source, “only the most senior U.K. officials are believed to have seen the intelligence, which the CIA awarded a strong but not cast-iron classification of certainty.” But the newspaper also reports a separate U.S. course as saying that there is a view within the U.S. intelligence community that “the Chinese ministry of state security — its principal security and espionage organization — had approved government funding for Huawei.”
Russia ‘successfully tests’ its unplugged internet
24 December 2019
https://www.bbc.com/news/technology-50902496
“Increasingly, authoritarian countries which want to control what citizens see are looking at what Iran and China have already done.
“It means people will not have access to dialogue about what is going on in their own country, they will be kept within their own bubble.”
a “sovereign Runet”?
In Iran, the National Information Network allows access to web services while policing all content on the network and limiting external information. It is run by the state-owned Telecommunication Company of Iran.
One of the benefits of effectively turning all internet access into a government-controlled walled garden, is that virtual private networks (VPNs), often used to circumvent blocks, would not work.
Another example of this is the so-called Great Firewall of China. It blocks access to many foreign internet services, which in turn has helped several domestic tech giants establish themselves.
Russia already tech champions of its own, such as Yandex and Mail.Ru, but other local firms might also benefit.
The country plans to create its own Wikipedia and politicians have passed a bill that bans the sale of smartphones that do not have Russian software pre-installed.
++++++++++++++++++++++++
Russia Is Considering An Experiment To Disconnect From The Internet
February 11, 20194:50 PM ET SASHA INGBER
https://www.npr.org/2019/02/11/693538900/russia-is-considering-an-experiment-to-disconnect-from-the-internet
Russia is considering a plan to temporarily disconnect from the Internet as a way to gauge how the country’s cyberdefenses would fare in the face of foreign aggression, according to Russian media.
It was introduced after the White House published its 2018 National Security Strategy, which attributed cyberattacks on the United States to Russia, China, Iran and North Korea.
Russia’s Communications Ministry also simulated a switching-off exercise of global Internet services in 2014, according to Russian outlet RT.
Russia’s State Duma will meet Tuesday to consider the bill, according to RIA Novosti.
Roskomnadzor has also exerted pressure on Google to remove certain sites on Russian searches.
Director of National Intelligence Dan Coats told Congress last month that Russia, as well as other foreign actors, will increasingly use cyber operations to “threaten both minds and machines in an expanding number of ways—to steal information, to influence our citizens, or to disrupt critical infrastructure.”
My note: In the past, the US actions prompted other countries to consider the same:
Germanty – https://blog.stcloudstate.edu/ims/2014/07/01/privacy-and-surveillance-obama-advisor-john-podesta-every-country-has-a-history-of-going-over-the-line/
++++++++++++
more on cybersecurity in this IMS blog
https://blog.stcloudstate.edu/ims?s=cybersecurity
more on surveillance in this IMS blog
https://blog.stcloudstate.edu/ims?s=surveillance
Six Ways to Protect Student Data and Prevent Cyberattacks
https://www.edsurge.com/news/2018-12-10-six-ways-to-protect-student-data-and-prevent-cyberattacks
School administrators and IT staff can be super-vigilant, but the hackers are getting better and better at sneaking through security.
the most common cybersecurity threats, and how can school staff avoid them?
Eavesdropping / Man-in-the-Middle (MiTM) Attacks
What they are: It’s likely that you sometimes use a school laptop or mobile device to gain internet access via Wi-Fi networks in public places like coffee shops or airports. If so, be aware that there may be hackers eavesdropping to try and gain entry to any two-party exchange you make so they can filter and steal data.
How to avoid them: Always use a school-verified SIM card, dongle or VPN(virtual private network) to access the internet in public places.
Social Engineering Attacks
According to Verizon’s 2018 Breach Investigations report, 92 percent of malware is delivered via email, often referred to as social engineering attacks. The aim is to interact with the user and influence and manipulate their actions to gain access to systems and install harmful software. Malware uses various guises. Here are some of the most common:
1. Phishing emails
2. Baiting attacks
3. Quid pro quo requests
4. Pretexting attacks
5. Contact with a ‘compromised’ website
After massive cyber attack, Germany’s security apparatus struggles to answer questions
Nicholas Waller JANUARY 9, 2019
Investigators traced the man through digital tracks he left on the internet, as well as by speaking to witnesses, including another unnamed 19-year-old man that the hacker had communicated with via an encrypted messaging service. The hacker, who used the pseudonyms “G0t” and “Orbit”, was arrested on January 6 after investigators searched his home.
“Bad passwords were one of the reasons he had it so easy,” Seehofer said. “I was shocked at how simple most passwords were: ‘ILoveYou’, ‘1,2,3’. A whole array of really simple things.”
The latest incident comes just over a month after German security officials detected a major cyber attack against the email accounts of German lawmakers, as well as the military, and several German embassies by a Russian hacker group with ties to Moscow’s military intelligence wing, the GRU.
That attack occurred less than a year after the BfV, Germany’s intelligence service, said the Russian government was behind a cyberattack on German computer networks that was discovered in December 2017 and was also linked to the same hacker group that carried out the November 2018 breach.
+++++++++
more on cybersecrurity in this IMS blog
https://blog.stcloudstate.edu/ims?s=cybersecurity
Blockchain Disciples Have a New Goal: Running Our Next Election
Amid vote-hacking fears, election officials are jumping on the crypto bandwagon — but cybersecurity experts are sounding an alarm
At democracy’s heart lies a set of paradoxes: a delicate interplay of identity and anonymity, secrecy and transparency. To be sure you are eligible to vote and that you do so only once, the authorities need to know who you are. But when it comes time for you to mark a ballot, the government must guarantee your privacy and anonymity. After the fact, it also needs to provide some means for a third party to audit the election, while also preventing you from obtaining definitive proof of your choice, which could lead to vote selling or coercion.
Building a system that accomplishes all this at once — and does so securely — is challenging enough in the physical world. It’s even harder online, as the recent revelation that Russian intelligence operatives
compromised voting systems in multiple states makes clear.
In the decade since the elusive Satoshi Nakamoto published an infamous
white paper outlining the idea behind bitcoin, a “peer-to-peer electronic cash system” based on a mathematical “consensus mechanism,” more than 1,500 new
cryptocurrencies have come into being.
definition: Nathan Heller in the New Yorker, in which he compares the blockchain to a scarf knit with a single ball of yarn. “It’s impossible to remove part of the fabric, or to substitute a swatch, without leaving some trace,” Heller wrote. Typically, blockchains are created by a set of stakeholders working to achieve consensus at every step, so it might be even more apt to picture a knitting collective creating that single scarf together, moving forward only when a majority agrees that a given knot is acceptable.
Unlike bitcoin, a public blockchain powered by thousands of miners around the world, most voting systems, including Votem’s, employ what’s known as a “permissioned ledger,” in which a handful of approved groups (political parties, election observers, government entities) would be allowed to validate the transactions.
there’s the issue of targeted denial-of-service (DoS) attacks, in which a hacker directs so much traffic at a server that it’s overwhelmed and ceases to function.
Although a distributed ledger itself would likely withstand such an attack, the rest of the system — from voters’ personal devices to the many servers a vote would pass through on its way to the blockchain — would remain vulnerable.
there’s the so-called penetration attack, like the University of Michigan incursion, in which an adversary gains control of a server and deliberately alters the outcome of an election.
While it’s true that information recorded on a blockchain cannot be changed, a determined hacker might well find another way to disrupt the process. Bitcoin itself has never been hacked, for instance, but numerous bitcoin “wallets” have been, resulting in
billions of dollars in losses. In early June 2018, a South Korean cryptocurrency exchange was
penetrated, causing the value of bitcoin to tumble and resulting in a loss of $42 billion in market value. So although recording the vote tally on a blockchain introduces a new obstacle to penetration attacks, it still leaves holes elsewhere in the system — like putting a new lock on your front door but leaving your basement windows open.
A blockchain is only as valuable as the data stored on it. And whereas traditional paper ballots preserve an indelible record of the actual intent of each voter, digital votes “don’t produce an original hard-copy record of any kind,”
In the end, democracy always depends on a certain leap of faith, and faith can never be reduced to a mathematical formula. The Economist Intelligence Unit
regularly ranks the world’s most democratic counties. In 2017, the United States came in 21st place, after Uruguay and Malta. Meanwhile, it’s now widely believed that John F. Kennedy owed his 1960 win to election tampering in Chicago. The Supreme Court decision granting the presidency to George W. Bush rather than calling a do-over — despite Al Gore’s popular-vote win — still seems iffy. Significant doubts remain about the 2016 presidential race.
While little doubt remains that Russia favored Trump in the 2016 election, the Kremlin’s primary target appears to have been our trust in the system itself. So if the blockchain’s trendy allure can bolster trust in American democracy, maybe that’s a net positive for our national security. If someone manages to hack the system, hopefully they’ll do so quietly. Apologies to George Orwell, but sometimes ignorance really is strength.
+++++++++++
more on blockchain in this IMS blog
https://blog.stcloudstate.edu/ims?s=blockchain