THaW’s Eric Johnson Meets With Sherry Ryan

In June, THaW’s Eric Johnson once again met with a prominent Information Security Officer to discuss the state of security in health care. Juniper Networks’ CISO Sherry Ryan met with Eric to discuss the global implications of cloud-based computing, and attacks from hostile nation states. Click above to watch the discussion in full.

THaW’s Eric Johnson Meets With Talvis Love

As part of THaW’s efforts to discuss the state of security in the health care industry, Eric Johnson continues to meet with prominent Information Security Officers to discuss the current challenges in the industry. This time, Eric met with Cardinal Health’s Talvis Love to discuss a variety of topics, including the intricacies of a the migration to the cloud for data storage and retrieval. Click above to watch the discussion in full.

Best Paper Award at NDSS to Team featuring THaW Researchers

IMG_0366

A team featuring THaW PI Carl Gunter and led by his student Guliz Seray Tuncay recently won “Best Paper” at NDSS. Resolving the Predicament of Android Custom Permissions was so well received at the conference it took home highest honors. To check out the full text, and what the team discovered about conflicting trust levels in regard to Android permissions, click through on the link below.

PDF: Resolving the Predicament of Android Custom Permissions

Kevin Fu Researches Mystery Embassy Ailment

THaW researcher Kevin Fu, along with colleagues Chen Yan and Wenyuan Xu, recently released a technical report on a mysterious ailment at the United States embassy in Cuba. After exploring a wide variety of options, the trio concluded that the ailment may in fact have inadvertently been caused by interfering ultrasonic waves in the environment. Click through below to see some press coverage their discoveries have received, in addition to the full technical report.

The Conversation – Can Sound Be Used As A Weapon?

IEEE Spectrum – Finally, A Likely Explanation for the “Sonic Weapon” Used At The US Embassy In Cuba

PDF: On Cuba, Diplomats, Ultrasound, and Intermodulation Distortion

THaW Releases Technical Report On STEM Outreach Program

DSC01398

As part of THaW’s efforts towards community outreach and education, we have developed a curriculum based on the FitBit technology platform. This curriculum has been successfully deployed in two pilot groups let by THaW associates over the past two years.

Now, THaW researcher Joseph Carrigan, along with PI’s David Kotz and Avi Rubin, has formalized the curriculum into a technical report to allow others to use our implementation. Said Carrigan, “We developed an outreach activity that is engaging, informative, and repeatable. We are interested to see how it will be used at other locations.” To peruse the technical report and access the curriculum guidelines, please click below.

STEM Outreach Activity with Fitbit Wearable Devices

Eric Johnson Explores Hospital Care Quality

THaW member Eric Johnson (along with co-author Sung Choi) recently published at the 14th Workshop on The Economics of Information Security. In the paper, the two explore the ramifications of hospital data breaches, and if these breaches have an effect on quality of care. To learn more, click through to the paper below.

PDF: Do Hospital Data Breaches Reduce Patient Care Quality?

Kevin Fu Named As IEEE Fellow

Wei LuTHaW leader Kevin Fu was recently named a fellow by the Institute of Electrical and Electronics Engineers (IEEE) for his contributions to embedded and medical device security. The honor comes as part of the 2018 class, and  is “a distinction reserved for select IEEE members whose extraordinary accomplishments in any of the IEEE fields of interest are deemed fitting of this prestigious grade elevation”. To read more about Kevin’s award and accomplishments, click through below.

Kevin Fu Elected IEEE Fellow for Contributions to Embedded and Medical Device Security

Kevin Fu Discusses Medical Device Security

In a recent Viewpoint article in JAMA, THaW member Kevin Fu explored a recent pacemaker vulnerability, and its ramifications for medical device security in general. In the post, he discusses both the full extent of the vulnerabilities, as well as the practical considerations to be taken as a result. To read the full text of the article, click the link below.

Cybersecurity Concerns and Medical Devices – Lessons From a Pacemaker Advisory

Eric Johnson Comments On The Roles Of Security Executives

THaW member Eric Johnson recently published an article at the website Third Certainty about how Security Executives can best achieve their goals. In the article, he delves into approaches executives can take, and how they can achieve optimal leadership. To read more, click through below.

Eric Johnson – Security executives must lead through influence rather than control