A Brief Overview of Russian Threat Group ColdRiver and Efforts to Counter the Group by Officials

A Brief Overview of Russian Threat Group ColdRiver and Efforts to Counter the Group by Officials

Russian malware actor ColdRiver poses a significant threat to Western government officials, humanitarian organizations, and NGOs critical of the Russian government by undermining humanitarian and strategic organizations. Due to its support from the Russian government, ColdRiver has proved to be a heightened threat towards NATO countries and its allies given their strong dissent of Russia’s current regime. Since 2017, ColdRiver has conducted cyberattacks, with its operators linked to Russia’s Federal Security Service (FSB)—ColdRiver has used advanced persistent threats (APTs) to steal sensitive information and disrupt operations opposing Russia.[3] The purpose of ColdRiver is to prevent NATO countries from pushing negative Russian narratives, to collect intelligence on foreign forces, and to target institutions enforcing sanctions against Russia. This blog will define ColdRiver, its methods, impacts on humanitarian and strategic organizations, and the international response to its ongoing threat will be examined.

Reflections on the Student Conference on United States Affairs @ West Point (USMA)

Reflections on the Student Conference on United States Affairs @ West Point (USMA)

In early October, I had the privilege of attending The Class of 1971 Student Conference on U.S. Affairs (SCUSA) at the United States Military Academy. This year marked the 75th anniversary of the conference since its inception in 1949. From the beginning, SCUSA has provided a unique opportunity for collaboration between more than 200 students and scholars from around the globe to develop policy recommendations for the United States related to the year’s given theme. For 2024, the theme was “Securing the Blessings of Liberty: U.S. Foreign Policy in a Multipolar World.” Within this theme, there were 15 roundtables with topics. I was assigned to Table 12, “Latin America Under Pressures of Multipolarity.” Upon receiving our topics ahead of time, we were given readings to prepare for our roundtable discussions and assigned a cadet point of contact (CPOC) who was responsible for showing us around West Point and providing insight into the day-to-day as a cadet.  

Reflections on Cybersecurity and Geopolitics from Singapore

Reflections on Cybersecurity and Geopolitics from Singapore

Last month I took part in the "Cyber Conflict: Lessons from the Indo-Pacific" workshop hosted at the Lee Kuan Yew (LKY) School of Public Policy at the National University of Singapore alongside Dr. Aaron Brantly. This workshop brought together scholars, policymakers and cyber security experts to address important cyber challenges in the Indo-Pacific region. Dr. Brantly and I presented a paper on “The Impact of Censorship and Surveillance in India, Pakistan, and Bangladesh: A Comparative Analysis.” Following the two-day workshop and discussions of regional cyber challenges I also had the chance to listen in on a roundtable discussion during Singapore International Cyber Week, where participants shifted the conversation to emerging threats in our increasingly AI-driven world. What impacted me most about these events was how they highlighted the interactions going on between cyber security challenges and emerging technical threats, and how they provided a meaningful understanding of the evolving strategies that these policymakers and scholars are currently grappling with.

The American Information Sphere After the Election

The American Information Sphere After the Election

The U.S. election is over, and Americans voted for Donald Trump to take the reins of the country for the next four years. President Trump’s election implications for policy areas ranging from immigration to the environment and nearly everything in between. Yet one area that will impact everyone nationally will be the relationship between security in online and offline spaces. The United States appears to be rapidly moving towards a model in which there are aligned and opposition media and social media outlets. Moreover, President-elect Trump has expressed a consistent desire to undermine the freedom of the press, to greatly expand libel laws, and to weaponize the tools of the state against those who might speak against him.

The European Union’s Approach to Data and Surveillance

The European Union’s Approach to Data and Surveillance

Amidst the ever-evolving landscape of cyberspace, policies seeking to regulate and maintain digital rights at the state and supranational levels remain largely the same. The European Union’s approach to data and surveillance presents two different regulatory approaches to cyber capabilities. The General Data Protection Regulation (GDPR) regulates its consumers through data protection standards.[1] The EU preserves digital rights by providing safeguards from companies looking to exploit personal data.[2] Another cybersecurity is mercenary spyware, contributing to illegitimate surveillance of journalists, politicians, law enforcement officials, diplomats, lawyers, businesspeople, civil society actors, and other actors.”[3] Spyware is categorized as a dual-use good under the European Union Dual-Use Regulations (EUDUR). When compared, these regulations and what they seek to regulate hold intrinsic differences, but both hold implications for the future of digital rights. GDPR regulates the consumer rather than the market to ensure corporate compliance whereas EUDUR regulates surveillance technology as a product leaving its marketplace and applications self-regulated by member states. The need to pivot alongside technological development reveals a more nuanced conversation surrounding how legislation lags in its protection of digital and human rights. This work will compare the approaches that the EU policy takes towards cybersecurity to glean a greater understanding of the elasticity needed to keep pace with technological advancements.

The Legal Right to Privacy: Origins and International Regulation

The Legal Right to Privacy: Origins and International Regulation

The concept of privacy is supported by no formal definition despite its popular usage in legal frameworks and the international codification of the “right to privacy”. A multi-faceted approach to the condition of privacy has been detailed by previous work in the lab. The objective of the following writing is to offer insight into the revelation of privacy in a legal context and its international application. This text recounts the development of “the right to privacy” beginning with the U.S. Constitution and the subsequent work of Warren and Brandeis, before the adaptation of privacy as a right in international regulation like the Universal Declaration of Human Rights (UDHR) and the emergence of data protections and privacy regulation in the digital era such as the General Data Protection Regulation (GDPR).

Conceptualizing Privacy

Conceptualizing Privacy

The idea of privacy is a convoluted subject evolving alongside technological breakthroughs that have repeatedly reinvented what constitutes an individual’s concept of privacy. This review seeks to characterize primary elements relating to the condition of privacy. Deliberations around the principles of privacy such as autonomy, self-determination, power, and reasonability will be covered. This work aims to define privacy in today’s ecosystem while considering historic approaches that have shaped the environment of personal privacy and data protections. The genealogy of privacy studies holds significance in how privacy has adapted to include the digital space that connects the public and the private space and the challenges resulting from this intersection.

Reflecting on the European Cyber Conflict Research Initiative Forum at Oxford University

Reflecting on the European Cyber Conflict Research Initiative Forum at Oxford University

            The European Cyber Conflict Research Initiative (ECCRI) is a collective of professionals, scholars, journalists, and government officials within the cybersecurity space that seeks to “promote interdisciplinary research on cyber conflict and statecraft.”[1] Their 2024 Cyber Forum at the Blavatnik School of Government of Oxford University was the first of its kind. The Forum allowed the ECCRI community to meet and discuss the evolving threat landscape. Themes of sovereignty, responsibility, pessimism and optimism dominated conversations on policy, China, efficacy of attacks, and prepositioning.

Exploring Neuralink’s Telepathy: The Future of Brain Implants

Exploring Neuralink’s Telepathy: The Future of Brain Implants

Founded in 2016, Neuralink is an American neurotech company focused on both treating human disease through technology and synthesizing human and artificial intelligence. Presently, Neuralink is undergoing human trials for their device, Telepathy, an implant intended to enable individuals with paralysis the ability to control electronic devices with their mind. Although it remains under development and testing, Telepathy represents the first successful implantation of an invasive brain-computer interface with the ability for high-bandwidth, high-resolution neural recording and stimulation in animals. Questions remain regarding the ethical practices performed within Neuralink’s laboratories and the intended future of Telepathy. As testing continues, scientists and the general public alike remain poised to see how this technology will shape humanity’s future interactions.

Safeguarding Digital Rights in the EU: The Evolving Landscape of Data Protection and Content Moderation

Safeguarding Digital Rights in the EU: The Evolving Landscape of Data Protection and Content Moderation

The European Union has made significant strides in protecting digital rights by introducing of comprehensive laws, most notably the General Data Protection Regulation (GDPR) and the proposed Digital Services Act (DSA). The GDPR, which came into effect in 2018, is a far-reaching data protection law that applies to any organization processing the personal data of EU residents, regardless of the organization's location.[1] The GDPR sets out fundamental  principles and rights, such as lawfulness, fairness, transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity, confidentiality, and accountability.

Understanding Poland’s Spyware Probe

Understanding Poland’s Spyware Probe

Poland’s inquiry into the use of mercenary spyware is a groundbreaking initiative towards achieving accountability against the misuse of digital surveillance tools. The probe beginning in early 2024 was founded on allegations by civil society against the former ruling Law and Justice (PiS) Party for the targeting of up to six hundred individuals with Pegasus spyware.This work will analyze the handling of spyware by Poland’s former government with a focus on those illegitimately targeted from military officials to political opposition figures. There will be a focus on how practices such as targeting members of political opposition threaten the safeguarding of fair elections and working democracies and the implications of Poland’s unique positioning within the European Union (EU).

Methods of the Heart: The Vulnerabilities of Rechargeable Pacemakers

Methods of the Heart: The Vulnerabilities of Rechargeable Pacemakers

According to Yale University there are over 3 million people in the United States who use pacemakers to prevent or treat too slow, too fast, or irregular heartbeat. Pacemakers are small, implanted battery-powered devices that help regulate the rhythm of the heartbeat. They include electrodes that deliver electrical impulses to one’s heart to make it beat regularly. Depending on the pacemaker, its battery can last between 5 to 15 years. Battery life is essential for keeping the electrical impulses consistent. Without the battery, the pacemaker will not work and, depending on the person’s condition, may be life-threatening. What if the concern for battery life was no longer an issue? What if there was a way to avoid surgery to charge pacemaker battery? This blogpost delves into the newly discovered science behind a body rechargeable pacemaker and explores vulnerabilities brough about innovative and increasingly interconnected pacemaker technologies.

Case Study: Black Basta Ransomware Operator Group

Case Study: Black Basta Ransomware Operator Group

The Black Basta Ransomware Operator group is an infamous organization in the world of cybercrime, known for its ransomware attacks on organizations throughout the world. The group's efforts showed a significant rise in the complexity and effects of ransomware attacks and how devastating they can be. The Russian-based group reportedly tallied over $107 million from late 2022 through 2023, extorting an estimated 90 companies, including industrial giant ABB.

Ransomware Threats on Health Care Services

Ransomware Threats on Health Care Services

“Ransomware is a type of malware used by cyber criminals who encrypt files and then extort money in return for unlocking these files”[1]. The ransoms demanded are most often in the form of bitcoin or other forms of cryptocurrency which allow for the sender and demanding party to remain anonymous. In the past, ransomware targeted individuals regularly, but in more recent year’s criminals have the ability to encrypt much larger files and have moved forward to larger companies. In this study the focus will be on one group in particular that has emerged in more recent years in targeting major companies and healthcare services. The group chosen to focus on is Hunters International. They are a ransomware-as-a-service (RaaS) group that have attacked large corporations within the last 5 years. Hunters International emerged in October of 2023 following the FBIs takedown of the Hive Ransomware group. For some background, Hive was one of the most active ransomware groups at the time the FBI hacked into their infrastructure to take them down. The Hive group had a distinct malware code that was not seized and is believed to have been transferred to Hunters International. Hunters International has made clear they are not a rebrand of Hive, while having the same motives and utilizing roughly 60% of the same coding and infrastructure. When looking for information on Hunters International on the Tor Browser, the website and corelating information was found on Ransomwatch where the group was shown as active, with leaks being as recent as April 24th, 2024. Hunters International has taken hundreds of company's information along with personal information of their customers, in this case the following three were focused on: Mid-South Health System, Covenant Health Care, and Bradford Health Care. These were chosen based off of the size of the attack, the time of the attack, and the type of health care service provided. This allowed for a smaller scope to focus on, while providing an array of data regarding what is released within an attack and the size of such attacks.

 Exploring Ransomware attack trends during the COVID-19 Pandemic in the United States

 Exploring Ransomware attack trends during the COVID-19 Pandemic in the United States

Covid-19 has had lasting effects on the world with its impact on societal, infrastructure, and political landscapes. One of the more notable consequences has been the increase in ransomware attacks. These attacks are usually targeted toward certain companies, industries, or sectors. Ransomware is a form of malware that is evolving continuously as time goes on.[1] The goal of ransomware attacks is to encrypt files with hostile software on a device making it so those files and device cannot function properly.[2] Victims of ransomware attacks are then forced to pay ransom to reclaim their data and decrypt their files.[3] Ransomware attacks have been around globally since 1989 when the first ransomware attack occurred.[4] Email attachments, pop-ups, and messages are some examples of the most popular forms of ransomware.[5]Since 1989 ransomware has evolved and become more on the rise in recent years with attackers becoming more sophisticated and educated on what will work to hack into systems. For example, according to an article by Clare Stouffer it is more likely for a cyberattack to bring down F-35 jets than missiles.[6] This knowledge furthers the idea that ransomware should be studied and understood by a wide range of people. It is impertinent for people to gain more knowledge in ransomware to protect themselves and understand when their data may be at risk. In 2020 there was a worldwide pandemic of coronavirus (COVID-19) which spread rapidly and provided criminals with the opportunity to exploit cybersecurity vulnerabilities and create multiple cyber-attacks targeting health care services.[7] Since COVID-19 the FBI reported a 300% increase of ransomware related cyberattacks.[8] This blog post aims to uncover knowledge connecting ransomware attacks and COVID-19 within the United States analyzing data from the years of 2019-2023 respectively.

Cuba Group Profile

Cuba Group Profile

Cybercrime is a constantly growing and evolving threat in today’s technological-driven society, compromising governments, businesses, and many people worldwide. Among many strategies cybercriminals utilize for their personal agenda, ransomware attacks have become one of the most prevalent and common types of cyberattack in recent years. Ransomware is a specific type of malware that prevents infected users from accessing their system or personal information until the user delivers a ransom payment to the person or group behind the attack.[1] The malware encrypts the victim's system or data once it has gained access to the device and locks access to the user's personal records and documents until a ransom payment is made. There are several different methods used in ransomware attacks for the threat actor to gain access and utilize the malware needed to encrypt.

Smart Insulin Pen: Opportunities, Challenges and Vulnerabilities

Smart Insulin Pen: Opportunities, Challenges and Vulnerabilities

Diabetes management has steadily advanced along with the development of new technology. An important step in improving insulin delivery was the introduction of smart insulin pens that enhanced dosing accuracy and convenience of use. Smart Insulin Pens (SIPs) revolutionized diabetes care by introducing real time wireless connectivity, digital dose tracking, and integration with personalized dosing support. With automatic dose capture, reviewing insulin dose data became more effective, especially when paired with blood glucose data. This technology enabled patients, healthcare providers, and diabetes care teams to make data driven decisions and recommendations in real time. Improved diabetes management decisions became possible within a continuous and asynchronous framework with the use of SIPs. Manufacturers of insulin pens aim their efforts at further automation with more advanced software and integrated machine learning within SIPs. The role of technological advancements in diabetes care cannot be dismissed or undermined due to numerous benefits and opportunities modernized diabetes care carries. However, there are important challenges and vulnerabilities associated with technological advancements that this blogpost aims to discuss.

Vulnerability Analysis of AI Camera-Based Facial Recognition Systems

Vulnerability Analysis of AI Camera-Based Facial Recognition Systems

This research paper delves into the evaluation of two facial recognition software, one open-source and one paid version, Vladmandic and Visage SDK accordingly. Prior to the testing of a non-invasive Institutional Review Board (IRB) protocol involving 10 lab-team members in a lab environment, an initial hypothesis was formed suggesting that facial recognition software carries innate biases towards different demographics, ages, sexes, and physical traits. While external research supported these claims, the results of the protocol tests suggested otherwise. The tests probed the accuracy of detecting emotions displayed by the lab participants. Both software exhibited limited accuracy in detecting emotions, with Vladmandic achieving only 36% accuracy and Visage SDK reaching 50%. Shockingly, the results of the protocol testing reflected a contradictory conclusion to previous research, with demographic factors such as race, sex, and hair characteristics not significantly impacting the accuracy of the software. However, discrepancies in the experiment methodology and research protocol were noted, such as participant expression variability and subjective demographic data collection. This lab experiment emphasized the importance of refining research protocols and considering every potential external factor, such as lighting conditions, for the robust evaluation of facial recognition software. Additionally, the discrepancies between these findings and existing literature prompts a critical reflection of past external research, these series of tests, and the complexities of bias assessment in technological systems.