“Ransomware is a type of malware used by cyber criminals who encrypt files and then extort money in return for unlocking these files”[1]. The ransoms demanded are most often in the form of bitcoin or other forms of cryptocurrency which allow for the sender and demanding party to remain anonymous. In the past, ransomware targeted individuals regularly, but in more recent year’s criminals have the ability to encrypt much larger files and have moved forward to larger companies. In this study the focus will be on one group in particular that has emerged in more recent years in targeting major companies and healthcare services. The group chosen to focus on is Hunters International. They are a ransomware-as-a-service (RaaS) group that have attacked large corporations within the last 5 years. Hunters International emerged in October of 2023 following the FBIs takedown of the Hive Ransomware group. For some background, Hive was one of the most active ransomware groups at the time the FBI hacked into their infrastructure to take them down. The Hive group had a distinct malware code that was not seized and is believed to have been transferred to Hunters International. Hunters International has made clear they are not a rebrand of Hive, while having the same motives and utilizing roughly 60% of the same coding and infrastructure. When looking for information on Hunters International on the Tor Browser, the website and corelating information was found on Ransomwatch where the group was shown as active, with leaks being as recent as April 24th, 2024. Hunters International has taken hundreds of company's information along with personal information of their customers, in this case the following three were focused on: Mid-South Health System, Covenant Health Care, and Bradford Health Care. These were chosen based off of the size of the attack, the time of the attack, and the type of health care service provided. This allowed for a smaller scope to focus on, while providing an array of data regarding what is released within an attack and the size of such attacks.

Covid-19 has had lasting effects on the world with its impact on societal, infrastructure, and political landscapes. One of the more notable consequences has been the increase in ransomware attacks. These attacks are usually targeted toward certain companies, industries, or sectors. Ransomware is a form of malware that is evolving continuously as time goes on.[1] The goal of ransomware attacks is to encrypt files with hostile software on a device making it so those files and device cannot function properly.[2] Victims of ransomware attacks are then forced to pay ransom to reclaim their data and decrypt their files.[3] Ransomware attacks have been around globally since 1989 when the first ransomware attack occurred.[4] Email attachments, pop-ups, and messages are some examples of the most popular forms of ransomware.[5]Since 1989 ransomware has evolved and become more on the rise in recent years with attackers becoming more sophisticated and educated on what will work to hack into systems. For example, according to an article by Clare Stouffer it is more likely for a cyberattack to bring down F-35 jets than missiles.[6] This knowledge furthers the idea that ransomware should be studied and understood by a wide range of people. It is impertinent for people to gain more knowledge in ransomware to protect themselves and understand when their data may be at risk. In 2020 there was a worldwide pandemic of coronavirus (COVID-19) which spread rapidly and provided criminals with the opportunity to exploit cybersecurity vulnerabilities and create multiple cyber-attacks targeting health care services.[7] Since COVID-19 the FBI reported a 300% increase of ransomware related cyberattacks.[8] This blog post aims to uncover knowledge connecting ransomware attacks and COVID-19 within the United States analyzing data from the years of 2019-2023 respectively.

Cybercrime is a constantly growing and evolving threat in today’s technological-driven society, compromising governments, businesses, and many people worldwide. Among many strategies cybercriminals utilize for their personal agenda, ransomware attacks have become one of the most prevalent and common types of cyberattack in recent years. Ransomware is a specific type of malware that prevents infected users from accessing their system or personal information until the user delivers a ransom payment to the person or group behind the attack.[1] The malware encrypts the victim's system or data once it has gained access to the device and locks access to the user's personal records and documents until a ransom payment is made. There are several different methods used in ransomware attacks for the threat actor to gain access and utilize the malware needed to encrypt.

Diabetes management has steadily advanced along with the development of new technology. An important step in improving insulin delivery was the introduction of smart insulin pens that enhanced dosing accuracy and convenience of use. Smart Insulin Pens (SIPs) revolutionized diabetes care by introducing real time wireless connectivity, digital dose tracking, and integration with personalized dosing support. With automatic dose capture, reviewing insulin dose data became more effective, especially when paired with blood glucose data. This technology enabled patients, healthcare providers, and diabetes care teams to make data driven decisions and recommendations in real time. Improved diabetes management decisions became possible within a continuous and asynchronous framework with the use of SIPs. Manufacturers of insulin pens aim their efforts at further automation with more advanced software and integrated machine learning within SIPs. The role of technological advancements in diabetes care cannot be dismissed or undermined due to numerous benefits and opportunities modernized diabetes care carries. However, there are important challenges and vulnerabilities associated with technological advancements that this blogpost aims to discuss.

This research paper delves into the evaluation of two facial recognition software, one open-source and one paid version, Vladmandic and Visage SDK accordingly. Prior to the testing of a non-invasive Institutional Review Board (IRB) protocol involving 10 lab-team members in a lab environment, an initial hypothesis was formed suggesting that facial recognition software carries innate biases towards different demographics, ages, sexes, and physical traits. While external research supported these claims, the results of the protocol tests suggested otherwise. The tests probed the accuracy of detecting emotions displayed by the lab participants. Both software exhibited limited accuracy in detecting emotions, with Vladmandic achieving only 36% accuracy and Visage SDK reaching 50%. Shockingly, the results of the protocol testing reflected a contradictory conclusion to previous research, with demographic factors such as race, sex, and hair characteristics not significantly impacting the accuracy of the software. However, discrepancies in the experiment methodology and research protocol were noted, such as participant expression variability and subjective demographic data collection. This lab experiment emphasized the importance of refining research protocols and considering every potential external factor, such as lighting conditions, for the robust evaluation of facial recognition software. Additionally, the discrepancies between these findings and existing literature prompts a critical reflection of past external research, these series of tests, and the complexities of bias assessment in technological systems.

AI-based sentiment analysis has recently proven useful through the mining of large amounts of text. These texts can be drawn from various sources, but most valuably can be used to reach conclusions about public opinion, especially regarding current events. As a result, sentiment analysis provides a method for researchers to determine public opinion under authoritarian regimes through the medium of social media. Using social media allows researchers to find a closer approximation of genuine sentiment, as opposed to analysis of state propaganda or other strictly controlled media. This could be especially valuable in regards to Russia’s ongoing war in Ukraine, given the limited reliability of traditional opinion polling in a closed society. However, most sentiment analysis databases are drawn from English language texts, with relatively few based on Russian. This paper examines the existing scholarship on Russian-language sentiment analysis and its effectiveness when conducted based on social media texts, including the complications arising from the differing lexical structures of the language.

Digital autocracies leverage invasive technologies to carry out common authoritarian practices that aim to quell dissent, suppress democratic movements, and control their citizens through restricting their internet freedom. Azerbaijan exemplifies this through the documented surveillance of its dissidents. The social landscape of Azerbaijan disproportionately targets women through shame tactics that have transitioned to the online sphere. This transition marks the introduction of Azerbaijan’s newest campaign of censorship cementing spyware as a fundamental tool in maintaining Azerbaijan’s historical positioning as an authoritarian state. This work will aim to analyze how technology has taken on an increasingly determinant role in achieving a state’s control within the context of an autocratic regime; this point is supported by case studies of the repression of women in Azerbaijan.

Neurotechnology, the integration of technology with the nervous system, is an advancing field with potential medical applications by offering individuals with neuromuscular disorders or physical injuries an alternative means of communication beyond traditional verbal speech. One such advancement is the development of an electroencephalography-based brain-computer interface (EEG-based BCI) system, which functions to record and decode electrical signals from the brain into intelligible speech. While advancements in neurotechnology prove promising for assisting patients, this technology calls into question the ethical implications of cognitive translation that have yet to be explored in depth. As such, relevant publications investigating the efficacy and applicability of EEG-based BCI systems for brain-to-speech communication will be examined to determine the attitude of the scientific field regarding alternative communication technology and to assess the impact of this technology on cognitive privacy.

Ransomware poses an escalating and persistent threat to businesses, facilitating large scale theft and encryption of sensitive files and documents. This research delves into the impact of ransomware on companies, with a specific focus on instances where internal data is publicly exposed by hackers. By analyzing the aftermath of the Lorenz ransomware group attacks, we assess the extent of file theft, the overall breach size, and the companies affected by the cyber-attacks, including their size, their industry, and their location. Our findings reveal vast quantities of vital records compromised, including emails, financial data, blueprints, and social security numbers. This showcases ransomware's potential for severe financial and reputational damage to businesses, impacting not only their operations but also their customer base. The study highlights the importance of cyber resilience through technologies, training, and transparency. It underscores ransomware's complex repercussions, necessitating coordinated technological, policy, and human readiness efforts to develop security and mitigate potential societal harms.

Internet censorship has long been a controversial issue which involves the selective restriction of information. This could simply be as mundane as upholding copyright laws, but censorship also extends into political repression and human rights violations. Restrictive and authoritarian regimes have been shown to be far more likely to suppress political content to subdue criticism. Russia has a particularly egregious reputation for censorship and restriction of speech online. Since 2012, the Kremlin has consistently acted to create legislation aimed at regulating online content and attempting to garner the support of the Russian people in doing so. This is significant especially because it has been found that Internet Literacy is negatively correlated with the perception of a necessity of government surveillance (people who are less familiar with the Internet tend to perceive a higher necessity of surveillance). The Russian government, then, draws attention to the dangers of the Internet and social media, including risks of hate speech, crime, violent protests and fake news. The government frames laws as protecting citizens and their rights from these threats. Furthermore, these threats are proclaimed to be both internal and external and are subsequently used to justify political repression through online censorship and strict controls that are characteristic of authoritarianism.

For as long as the TOR network has existed one of its primary uses has been the circumvention of Internet firewalls run by oppressive regimes. Iran is no exception to this trend, and in as early as 2011 Iran was the 2nd highest country by TOR users.1 There was even a point where TOR developers and the Iranian government ended up in a technological arms race as the government aimed to block the network while Tor developers simultaneously created new ways to circumvent said blocks, with developers even releasing same-day updates to counteract new restrictions.9 Iran has repeatedly been ranked among the worst countries in the world for press freedom, and it continues to offer little to no opportunity for Iranian citizens to access uncensored media on the Bright Web.11 In recent years, Iran has vastly improved its censorship technology, and Tor developers have been forced to react quickly to continue to provide access to Tor in Iran.

The Tor network provides unparalleled anonymity to its users. Using anonymity features on top of TCP, The Onion Router has proved useful for moderately low-latency tasks such as web browsing (Borinsov and Goldberg 2008). Tor networks operate through a network of thousands of decentralized, independently run nodes across the world. To connect to the network, a computer needs to be running the Tor browser. This browser will randomly connect to its first node, or relay. Each relay in the network only knows the location of the relay or computer immediately preceding and succeeding it. This process completely obfuscates the original computer’s location and makes it appear as if the computer’s IP address is the same as the Tor exit nodes. The connection will travel through three nodes before connecting to a web server- either outside the Tor network, such as a .com or .org top-level domain (TLD), or inside the Tor network- the .onion TLD. These .onion TLDs are known as Onion or hidden services and provide advanced anonymity features like hidden location and IP addresses, end-to-end encryption, automatically generated domain names, and website authentication between the user and the onion service. It can enable sites to be built that publish work without being worried about censorship (Jardine 2018).

Last week I arrived in Kyiv after 48 hours to planes and trains to a rain and snow mix falling on the Kyiv central train station. Men eagerly ran up to the arriving train carriages with flowers in hand to greet wives and girlfriends who had made the journey back to Ukraine. The train was entirely populated by women, children, and older men. The joy of reunion was conditioned by the reality of war. I have been coming to Kyiv for 20 years, first as a Peace Corps Volunteer, then as a research scientist for the United States Army Cyber Institute, and now as an academic from Virginia Tech invited to speak on the laws of war in cyberspace at the Kyiv International Cyber Resilience Forum at the request of Ukraine’s National Security and Defense Council (NSDC). The change in the city is palpable. It is a city both serving as the hub of the national idea of Ukraine, but also one that is clearly in and acutely impacted by the ongoing war.

In the ever-evolving landscape of healthcare, the significance of cybersecurity cannot be overstated, as it plays a pivotal role in both preserving the integrity of services and safeguarding sensitive patient data. With the continuous digitization of healthcare, including the widespread adoption of electronic health records and the integration of new medical devices, the need for robust protection against emerging cyber threats becomes increasingly urgent. This urgency is further emphasized by the integration of artificial intelligence (AI) as a crucial tool in healthcare diagnostics, clinical practice, clinical data management, and further automation and enhanced need for cybersecurity. This blog post aims to explore the multifaceted application of AI in healthcare. The overarching objective is to explore how AI technologies contribute to the enhancement of contemporary healthcare practices, how they impact cybersecurity, and how they provide insights into the promising and concerning future of AI in healthcare.

It was a privilege to have been asked to represent Virginia Tech at the 74th Annual Class of 1971 Student Conference on U.S. Affairs - SCUSA 74. This conference has been occurring since 1949 and this year, the class of 1971 graciously donated funds for this event. Since 1949, delegates both nationally and internationally have been invited to this conference to strengthen civilian-military relationships, develop leadership skills, and engage in meaningful discussions. Conference themes have ranged from Confronting Inequality: Wealth, Rights, and Power to The National Security Policy of the United States: The Sputnik Decade. This year's theme was “Innovation and the Future of American Foreign Policy.”

Microsoft Windows is a powerful and long-standing operating system with deep-rooted features that work throughout the system. Windows’ .NET, PowerShell, and Windows Management Instrumentation (WMI) frameworks provide cohesiveness and control, enabling the creation of new features and integration across the system. However, as these systems advance in capabilities and features, malicious actors have more opportunities to break into them. Fileless malware is an increasingly common attack method that cyber groups use to break into and persist in systems without a trace. In contrast to traditional malware, which installs itself on the hard drive as a file, fileless malware abuses the .NET and WMI frameworks to inject code and scripts directly into a system's memory without creating any files or interacting with the hard drive. This offers attackers several advantages: evading detection from signature-based antimalware programs, persistence within the system, and increased difficulty to remove the malicious code.[

AI sentiment analysis offers a potential solution to the problem of determining the attitudes of the Russian public towards the war in Ukraine. Traditional polling conducted within an authoritarian state suffers from the limitation of its inability to accurately assess public opinion in the context of being unable to honestly report public opinion which may be hostile to the state. Polls conducted in Russia are no exception to state censorship and respondents are reluctant to state their genuine opinions under questioning, potentially resulting in an inflated image of widespread public support for the war. AI sentiment analysis can provide more accurate insights on the state of public opinion through direct analysis of social media posts but suffers from its own biases dependent on sample size, program accuracy, and translation flaws. This post examines the potentials and drawbacks of AI sentiment analysis compared to traditional polling methods in determining Russian public opinion on the war in Ukraine.

The Indian government's use of Pegasus spyware demonstrates the need for stronger regulations to protect citizens' constitutional right to privacy from unlawful government surveillance. The distribution of spyware technology to governments and subsequent infiltration of personal data in the name of national security has resulted in mass human rights abuse. As the right to privacy is a fundamental right expressed in the Indian constitution, recent revelations on the unlawful use of Pegasus spyware by the Indian government procured by the Pegasus Project initiative question the regulations in place to protect human rights against spyware technology. Enactment of the Digital Personal Data Protection Bill serves as the initial step towards protecting the constitutional rights of Indian citizens; however, further regulation is needed to ensure government accountability of surveillance use. As such, implications of the recently enacted legislation on surveillance and the consideration of additional regulations needed to prevent future human rights violations will be explored. To prevent such egregious rights violations in the future, India needs stricter laws limiting government surveillance powers and closing loopholes that enable spyware abuse.

The proliferation of spyware has led to revelations of human rights abuses by democratic governments and authoritarian states alike. The latest reporting on the global surveillance-for-hire industry details the utilization of military-equivalent cyber weapons, the likes of NSO Group’s Pegasus and Cytrox’s Predator, in international conflict, specifically the Nagorno-Karabakh conflict in Armenia and Azerbaijan. The deployment of powerful spyware that is maintained and sold by a third-party company calls into question the rules of cross-border surveillance. What does the presence of Predator and Pegasus spyware in the Nagorno-Karabakh region indicate about the forthcoming uses of cyber espionage in times of war? Finally, a description of the current legal system and human rights safeguards in place and its shortcomings in the global spyware industry will be examined.