2022 was the year of crippling ransomware attacks on small countries
The country of Vanuatu is the latest victim in a string of crippling ransomware attacks on small countries this year. Experts say various motives underlie these incidents but disagree on whether this trend reflects a shift in threat actors away from well-resourced Western nations.
China is scanning U.S. political targets. Who should care?
A recent FBI warning to Republican and Democratic party leaders about suspicious scanning by Chinese hackers left some researchers scratching their heads.
Feds eye virtual reality as the next privacy and security battleground
At the Federal Trade Commission’s annual PrivacyCon this week, a top regulator and outside experts zeroed in on digital risks posed by the nascent virtual reality industry.
U.S. braces for China to eclipse Russian cyberthreat
“Russia is the hurricane, and China is climate change,” a top U.S. cybersecurity official said Tuesday, underscoring White House warnings about the long-term cyberespionage threat posed by Beijing.
India’s new cyber rules stoke privacy, security fears
Tech companies — including several global VPN providers — and privacy advocates are bristling at new cyber requirements they say could jeopardize the security of Indian citizens.
‘Once-in-a-generation’ Log4j vulnerability could linger for a decade — cyber safety board
In its first-ever report for the Department of Homeland Security, a group of top government and industry cyber experts said the Log4j vulnerability triggered “one of the most intensive cybersecurity community responses in history” last December — and it’s far from over.
Why Finland won’t flinch from Russian cyberthreats
Finland offers a model of how a Western democracy can harden its vital industries against cyberattacks while resisting hybrid conflict and information operations, but can other countries follow suit?
How far can ‘good-faith’ hacking go? Experts question new DOJ guidance
The U.S. Justice Department last week softened its stance on prosecuting hackers under a decades-old law. Will the updates thaw DOJ’s relations with hacking communities famed for testing limits?
Steep costs, troubling questions roil DOD cybersecurity program rollout
About 80,000 companies that sell to the U.S. military will need to pass a cybersecurity audit before they can bid for business under rules the Defense Department plans to impose next year. But many small defense contractors aren’t prepared for the brave new world of the Cybersecurity Maturity Model Certification (CMMC) program.
U.S. warns of Russian hacking threat as dangerous malware snaps into focus
The newly discovered Pipedream malware is aimed at American energy companies’ critical networks with alarming precision. Though it was caught before it could be used, the hacking tool’s emergence against the backdrop of war in Ukraine has drawn stark warnings from the U.S. and its allies.