Tag: Cybersecurity

Categories
GeekWire

Online-only voting? Don’t do it, experts say

Electronic voting
Experts say electronic voting systems need to generate a voter-verifiable paper audit trail. (U.S. State Dept. Photo)

Chastened by Russian interference and hacking attempts in the 2016 election, academic experts on voting technology say electronic voting machines that don’t leave a paper trail should be phased out as soon as possible.

“Every effort should be made to use human-readable paper ballots in the 2018 federal election,” the experts write in a report issued today by the National Academies of Science, Engineering and Medicine. “All local, state and federal elections should be conducted using human-readable paper ballots by the 2020 presidential election.”

That’s already the case for Washington, Oregon and Colorado, where mail-only voting has become the norm. (The report notes that “vote-by-mail” is something of a misnomer, since most ballots are still returned by hand. “Ballot delivery by mail” comes closer to the mark.)

Washington’s election officials have implemented the report’s top recommendation for mail-voting systems: giving voters an easy way to check whether their ballot has been sent, and where their returned ballot is in the system. The “MyVote” websitelinks to online ballot trackers as well as voter registration information.

Get the full story on GeekWire.

Categories
GeekWire

Beyond bitcoin: Blockchain is on the rise

Lawrence Lerner on bitcoin
Lawrence Lerner, chief growth officer for RChain Holdings, talks about blockchain and bitcoin at an event organized by MIT Enterprise Forum of the Northwest. (GeekWire Photo / Alan Boyle)

Even bitcoin’s boosters acknowledge that cryptocurrencies aren’t a sure thing.

Just in the past month, China and South Korea signaled that they might be cracking down harder on trading in digital currencies, which caused bitcoin prices to tumble from a peak of nearly $20,000 per coin to around $12,000.

“For any of you that own cryptos, this was a rough week,” said John Utley, an IBM sales executive who focuses on blockchain and software-as-a-service verticals.

But the uptick is much steadier for blockchain — the digital technology that underlies cryptocurrencies as well as other recordkeeping applications.

Get the full story on GeekWire.

Categories
GeekWire

How evildoers could hack into DNA data

DNA data output
This output from a sequencing machine includes the University of Washington team’s exploit, which is being sequenced with a number of unrelated strands. Each dot represents one strand of DNA in a given sample. (UW Photo / Dennis Wise)

Computer scientists are turning DNA into a new frontier for data storage and information processing, but a team from the University of Washington says it could become a frontier for cybercrime as well.

To prove their point, the researchers turned a snippet of malicious computer code into a string of synthetic DNA, and then used it to take control of a computer that was programmed to search for patterns in the raw files that emerge from DNA sequencing.

They also found known security gaps in many of the open-source software programs that are used to analyze DNA sequencing data.

Get the full story on GeekWire.

Categories
GeekWire

Trump’s cybersecurity plan points to the cloud

White House Matrix
The White House cybersecurity plan is taking shape. (White House / Pho.to / GeekWire Graphic)

President Donald Trump today signed a long-awaited executive order aimed at beefing up cybersecurity at federal government agencies – with a shift of computer capabilities to the cloud as a key part of the strategy.

“We’ve got to move to the cloud and try to protect ourselves instead of fracturing our security posture,” Homeland Security Adviser Tom Bossert told reporters during a White House briefing.

The executive order gives the lead role in managing the cloud shift to the director of the White House’s newly established American Technology Council, which is due to meet for the first time next month.

Although the council’s full roster of members has not yet been announced, the director is said to be Chris Liddell, who formerly served as chief financial officer at Microsoft and General Motors.

Get the full story on GeekWire.

Categories
GeekWire

5 tips about cybersecurity (and ‘Mr. Robot’)

Laptop
A scene from “Mr. Robot” shows a hacker at work. (USA Network)

BOSTON – It’s always risky for geeks to give advice to geeks, but when security experts who have worked with organizations ranging from Facebook to DARPA to the FBI are the ones giving advice, it’s worth listening.

Two such experts are Nick DePetrillo, principal security researcher for Trail of Bits; and Andre McGregor, a former FBI agent who is now director of security for Tanium. McGregor has the added cache of being an technical consultant for “Mr. Robot,” the USA Network series that delves deeply into the hacker world.

DePetrillo and McGregor discussed the ins and outs of cybersecurity and the concerns raised by the rise of connected devices (a.k.a. the Internet of Things) today in Boston during the annual meeting of the American Association for the Advancement of Science.

Check out five takeaways from their talk on GeekWire.

Categories
GeekWire

Obama says ‘new cyber age’ needs new tools

Obama press conference
President Barack Obama takes questions at the White House. (White House via YouTube)

In the wake of a presidential campaign marred by hacking and social-media skulduggery, President Barack Obama says America’s digital architecture will have to be fine-tuned to preserve democracy.

The issue arose today during Obama’s final White House press conference – just two days before President-elect Donald Trump is due to take the reins of power.

Obama’s comments on cybersecurity came up with regard to his decision to commute the 35-year sentence of Chelsea Manning, an Army soldier who was convicted in 2013 on charges of leaking classified information via WikiLeaks.

Get the full story on GeekWire.

Categories
GeekWire

Trump says he’ll beef up ‘hacking defense’

Donald Trump
President-elect Donald Trump speaks at a news conference. (Pool Video via ABC News)

President-elect Donald Trump says he’ll turn to the tech industry leaders he met with last month to help his administration come up with better measures to guard against hackers in Russia and elsewhere.

During today’s first formal news conference since his surprise win since the presidential election, Trump referred to the summit that he had at Trump Tower in Manhattan with such luminaries as Amazon CEO Jeff Bezos and Microsoft CEO Satya Nadella.

He said that meeting attracted “some of the greatest computer minds” in the world.

“We’re going to get those minds together, and we’re going to form a defense” against future computer intrusions, Trump said.

Later on, Trump gave a timetable: “Within 90 days, we will be coming up with a major report on hacking defense,” he said. “How do we stop this new phenomenon, this fairly new phenomenon, because the United States is hacked by everybody. That includes Russia, and China, and everybody.”

Get the full story on GeekWire.

Categories
GeekWire

Next attorney general could harsh pot’s buzz

Jeff Sessions
Sen. Jeff Sessions, R-Ala., testifies during his Senate confirmation hearing (C-Span via Video)

Alabama GOP Sen. Jeff Sessions faced a wide range of questions during today’s Senate hearing on his confirmation as attorney general, including a few that point to potential pressure points in Washington state and other parts of Cascadia.

We’ll focus on three of them here: marijuana, immigration issues and cybersecurity issues.

Get the full story on GeekWire.

Categories
GeekWire

You could win $25,000 in IoT security contest

Internet of Things
The IoT Home Inspector Challenge is aimed at heading off new types of home-based network vulnerabilities. (FTC Graphic)

The Internet of Things can be a rough neighborhood, as October’s massive botnet attack illustrated – and so, in an attempt to head off future hacks, the Federal Trade Commission has organized a contest for IoT security tools.

It’s offering prizes worth up to $25,000 for the top entries.

The FTC’s IoT Home Inspector Challenge is open to developers who come up with tools to address security vulnerabilities caused by out-of-date software in devices that range from webcams to, um, kitchen ranges.

Get the full story on GeekWire.

Categories
GeekWire

Cyber sleuths lay out details of Russian hacking

A diagram that accompanies a report from the Department of Homeland Security and the FBI lays out the methods attributed to groups known as APT29 and APT28, a.k.a. Cozy Bear and Fancy Bear. (DHS / NCCIC / FBI Graphic)
A diagram that accompanies a report from the Department of Homeland Security and the FBI lays out the methods attributed to APT29 and APT28, a.k.a. Cozy Bear and Fancy Bear. (DHS / NCCIC / FBI Graphic)

Two groups of Russian hackers used a blend of spearphishing, booby-trapped websites and remote-access malware to worm their way into the Democratic National Committee’s computers and hurt the party’s prospects in last month’s presidential election, experts from the FBI and the Department of Homeland Security say in a 13-page report.

The report, released today, also says yet another cyber attack that’s linked to actors “likely associated” with Russian intelligence agencies was launched just days after the election.

“This activity by Russian intelligence services is part of a decade-long campaign of cyber-enabled operations directed at the U.S. government and its citizens,” the agencies said in a news release.

The report comes as a follow-up to claims of Russian involvement made in October, and as evidence in support of today’s decision by the Obama administration to slap sanctions on Russia.

Get the full story on GeekWire.