CyberSecurity Archives

truck assembly line - Credit: Humphery / Shutterstock

Quantum-Safe Trust for Vehicles: The Race Is Already On

Now that it seems quantum-computing capabilities could become commercially available within the next decade or two—likely in the form of cloud-based services—security professionals have turned with an intensified sense of urgency to the challenge of how to respond to the threat of quantum-powered attacks. One domain where this is particularly true is in the automotive industry, where cars now coming off assembly lines are sometimes referred to as “rolling datacenters” in acknowledgment of all the entertainment and communications capabilities they contain.

pattern of blue dots, illustration - Credit: Scott Webb / Unsplash

Articles / CyberSecurity

The Complex Path to Quantum Resistance

This article provides a series of recommendations for [ICT executive] decision-makers, including what they need to know and do today. It will help them in devising an effective quantum transition plan [to quantum-resistance] with a holistic lens that considers the affected assets in people, process, and technology.

Articles / CyberSecurity

Windows 11 Security — Our Hacker-in-Chief Runs Attacks and Shows Solutions

Many of the optional or high-end security controls from Windows 10 are now on by default and required on new machines with Windows 11.

Articles / CyberSecurity

Amazon’s Dark Secret: It Has Failed to Protect Your Data

Voyeurs. Sabotaged accounts. Backdoor schemes. For years, the retail giant has handled your information less carefully than it handles your packages.

Cover Image - Microsoft Digital Defense Report

CyberSecurity / Books, Reports, Films & Images

Microsoft Digital Defense Report (2021)

Knowledge is powerful. This report encompasses learnings from security experts, practitioners, and defenders at Microsoft to empower people everywhere to defend against cyberthreats.

RE:WIRED 2021: Tinker Hacker Sailor Sp0y: The Scourge of Ransomeware

Articles / CyberSecurity

Jen Easterly Wants Hackers to Help US Cyber Defense

The new director of the US Cybersecurity & Infrastructure Security Agency, Jen Easterly, joined WIRED contributing editor Garrett Graff to talk about hacking and misinformation on a global scale and how to combat the ever-evolving nature of cyberattacks.

It's not hackers.Photograph: Nina Riggio/Bloomberg/Getty Images

Articles / CyberSecurity

Why Facebook, Instagram, and WhatsApp All Went Down Today

A Facebook, Instagram, WhatsApp, and Oculus outage knocked every corner of Mark Zuckerberg’s empire offline on Monday. It’s a social media blackout that can most charitably be described as “thorough” and seems likely to prove particularly tough to fix.

CyberSecurity / News & Information

Known Exploited Vulnerabilities Catalog

This is a CISA-managed catalog of known exploited vulnerabilities that carry significant risk to the federal enterprise.

blue shield hovering over desert landscape, illustration - Credit: Andrij Borys Associates, Shutterstock

Articles / CyberSecurity

Cyber Security Research in the Arab Region: A Blooming Ecosystem with Global Ambitions

In this article, we will survey the main initiatives related to cyber security in the Arab region, report on the evolution of the cyber security posture, and point to possible Pan-Arab and international collaboration avenues in cyber security research.

alert stating: Your Files Are Encrypted - Credit: JMiks / Shutterstock

Articles / CyberSecurity

The Worsening State of Ransomware

Suddenly, you have people with limited ability using powerful software to discover, exfiltrate, and encrypt files. They wind up with many of the same capabilities that sophisticated cybercriminals have.

John Arquilla - Credit: Naval Postgraduate School

Articles / CyberSecurity

The SolarWinds Hack

The SolarWinds affair is simply another incident in a long pattern of intrusions.

worker portraits on a shield, illustration - Credit: Peter Crowther Associates, Shutterstock

Articles / CyberSecurity

Implementing Insider Defenses

Classical approaches to cyber-security—isolation, monitoring, and the like—are a good starting point for defending against attacks, regardless of perpetrator. But implementations of those approaches in hardware and/or software can invariably be circumvented by insiders, individuals who abuse privileges and access their trusted status affords.

CyberSecurity / News & Information

CISA Releases Guidance: IPv6 Considerations for TIC 3.0

These documents cover enhancing the Trusted Internet Connections (TIC) program to fully support the implementation of IPv6 in federal IT systems. This information is also applicable to the private business sector and those interested in improving Internet security.

gold box with circuit board exterior, illustration - Credit: Arleksey / Shutterstock

Articles / CyberSecurity

Better Security Through Obfuscation

Last year, three mathematicians published a viable method for hiding the inner workings of software. The paper was a culmination of close to two decades of work by multiple teams around the world to show that concept could work. The quest now is to find a way to make indistinguishability obfuscation (iO) efficient enough to become a practical reality.

lock in electronic pattern, illustration - Credit: Diyajyoti / Shutterstock

Articles / CyberSecurity

Fixing the Internet

Aftab Siddiqui, senior manager of Internet technology at the Internet Society, says the initial BGP protocol was conceived by experts at research institutions, defense organizations, and equipment vendors. “When they designed [BGP], it was based on the premise that everybody trusts each other,” Siddiqui says. “Fast-forward 30 years, I’m pretty sure we cannot claim that anymore.”

CyberSecurity / Books, Reports, Films & Images

Oh Behave! The Annual Cybersecurity Attitudes and Behaviors Report 2021

In honor of Cybersecurity Awareness Month 2021, the National Cyber Security Alliance and CybSafe have launched the world’s first Cybersecurity Attitudes & Behaviors Report. The research report is the first of its kind. It examines cybersecurity attitudes and behaviors of the general public, shedding light on one of the most important aspects of cyber risk – the human factor.

A laptop displays a message after being infected by a ransomware as part of a worldwide cyberattack on in Geldrop. ROB ENGELAAR/ANP/AFP via Getty Images

CyberSecurity / News & Information

How America Can Reliably Resist Ransomware

So, what can government and business leaders do to combat these attacks? And who’s responsible for improving our cybersecurity?

"Hackers (pt. 2)" by Ifrah Yousuf is licensed under CC BY 4.0 (https://cybervisuals.org/visual/hackers-pt-2/).

Articles / CyberSecurity

SolarWinds and the Holiday Bear Campaign: A Case Study for the Classroom

Author’s Note: Have you been looking for a detailed-but-accessible case study of the Russian cyberespionage campaign that targeted SolarWinds (among others)? The following piece is adapted from my newly-released eCasebook “Cybersecurity Law, Policy, and Institutions” (v.3.1).