4/30/2015 - Microsoft Patents 'Emotion Detecting Eyeglasses'
April 30, 2015 – TechFrag
Microsoft Patents “Emotion Detecting Eyeglasses”
By Mazhar Naqvi
Artificial Intelligence is coming everywhere. There was a time when big companies were working day and night to automate procedures. It was the age of rise of automation. Now it’s intelligence. Companies are working to make our systems as well as our devices intelligent, and the new device to be made intelligent by Microsoft is eyeglass.
Microsoft has been awarded a patent for internet-connected, see-through eyeglasses by US. How are these eyeglasses intelligent? They can detect and interpret the emotions of people who are in their field of vision.
The patent titled “a wearable emotion detection feedback system” was filed by Microsoft in October 2012. The patent describes a wearable which has sensors including depth cameras and a microphone mounted on the nose bridge. These sensors sense audio and visual information from a subject. This information is sent to the Microsoft servers which detect the emotions of the subject and the result is sent back to the wearer in the device.
The filing, however, does not mention its uses. One use of such a device could be on borders to check immigrants. It would be used for interrogation and while the question answer session, the interrogator may use the device to read the emotions of the subject. If the subject is getting nervous and looks suspicious, a thorough review of his or her contents would be required. (read full article…)
4/29/2015 - Ryanair loses $5 million in hacking scam
April 29, 2015 – The Irish Times
Ryanair falls victim to €4.6m hacking scam via Chinese bank
by Ciaran Hancock
Ryanair has been hit by a criminal scam in which about $5 million (€4.6 million) was taken from one of its bank accounts.
The Irish Times has learned that the funds were removed from a Ryanair account last week by electronic transfer via a Chinese bank.
The fraud came to light on Friday and the Criminal Assets Bureau in Dublin was asked to assist in its recovery via counterpart agencies in Asia.
“Ryanair confirms that it has investigated a fraudulent electronic transfer via a Chinese bank last week,” the airline said in a statement on Tuesday night.
“The airline has been working with its banks and the relevant authorities and understands that the funds – less than $5 million – have now been frozen.
“The airline expects these funds to be repaid shortly, and has taken steps to ensure that this type of transfer cannot recur. (read full article…)
4/29/2015 - Bostrom: Super AI will have no off switch
April 29, 2015 – International Business Times (UK Edition)
AI expert Nick Bostrom: Machine super intelligence will have no off switch
by Anthony Cuthbertson
The first artificial intelligence that surpasses human capabilities will be impossible to switch off, according to renowned AI theorist Nick Bostrom.
Speaking at a TED (technology, entertainment and design) conference, the Oxford University philosopher hypothesised about the threat posed by the intelligence explosion expected to take place within the next 30 to 40 years, warning there will reach a point of no return.
“You might say that if a computer starts sticking electrodes into people’s faces, we’d just shut it off,” Bostrom said. “This is not necessarily so easy to do if we’ve grown dependent on the system, like, where is the off switch to the internet?
“Why haven’t the chimpanzees flicked the off switch to humanity? Or the neanderthals? They certainly had reasons.
“The reason is that we are an intelligent adversary. We can anticipate threats and plan around them. But so could a super intelligent agent and it would be much better at that than we are.
“The point is, we should not be confident that we have this under control.”
Bostrom suggests that one solution would be to contain any advanced AI within a virtual reality simulation from which it cannot escape. This may be futile, according to Bostrom, as exploits and bugs in the software could be created by the AI to overcome this. (read full article…)
4/28/2015 - Coping With The New Cyber Dangers
April 28, 2015 – Breaking Defense
Thin Clients & Persistent Threats: Coping With The New Cyber Dangers
by Sydney J. Freedberg Jr.
Four days after Defense Secretary Ash Carter launched the Pentagon’s new cyber strategy, experts and officials offered a grim picture of the global threat. The threat is metastasizing in ways that will require new kinds of defenses — even while many US companies and government agencies lag on basic cybersecurity measures.
“The Chinese in particular are cleaning us out” by exploiting well-known vulnerabilities it would be easy to patch, said Stephanie O’Sullivan, principal deputy to Director of National Intelligence James Clapper. Meanwhile, Russia remains the most sophisticated threat, she told a Georgetown University cyber conference, while Iran and North Korea are less capable but more “unpredictable and aggressive.”
But sophisticated, destructive cyber threats no longer come only from nation-states, a panel of experts warned just hours later. “The nation-states of the world…no longer have a monopoly on developing this APT [advanced persistent threat] phenomenon,” said Tom Kellermann, the chief cybersecurity officer at Trend Micro. “You’re seeing the true commoditization” of hacking tools, he said.
Terrorist groups like Hamas or the Islamic State might not have good enough hackers in-house, said Israeli cyber expert Rami Efrati, but “unfortunately they are able to go to the dark net, to the deep web, to get it as a service and to buy the most sophisticated zero-day attacks.” Indeed, there’s much speculation that North Korea hired Chinese hackers to conduct its attack on Sony.
“Cyber criminals are selling tools in a growing black market with little regard for what the customers might do with them,” O’Sullivan said. But the proliferation of easy-to-use exploits is mainly at the low end. “If there’s any good news,” she said, “it’s this: A great deal of what China, North Korea, Iran, and the vast majority of cyber-criminals and self-proclaimed hacktivists do isn’t very sophisticated. They largely target vulnerabilities that are easy to guard against or simple to fix. The bad news is most of us don’t do a good job guarding against these vulnerabilities.” (read full article…)
4/28/2015 - Tiny robots carry enormous weight
April 28, 2015 – BBC News
Tiny robots carry up to 2,000 times their own weight
Tiny robots that can pull objects up to 2,000 times their own weight have been developed at Stanford University.
The miniature robots – dubbed MicroTugs – have power equivalent to a human dragging a blue whale, according to the website detailing the development.
The scientists behind the MicroTugs took inspiration from nature, borrowing techniques used by geckos and ants in their design.
The robots could be used in factories or on building sites.
The team at Stanford, including PhD students David Christensen and Elliot Hawkes, demonstrated a 9g robot that can carry more than 1kg vertically up glass. This is equivalent to a human climbing a skyscraper while carrying an elephant.
Another one – that weighs just 20mg but can carry 500mg, was so tiny it had to be built under a microscope, using tweezers to put the parts together.
The secret to the robots’ strength lies in their sticky feet – which is copied from geckos, some of nature’s most adept climbers.
“The hardest part in the development of these guys was coming to the realization that this was possible,” Mr Christensen told the BBC.
He had worked on making things with the adhesive before but had not considered combining it with robotics.
“When we stepped back and thought about it, this was actually a really great use for our adhesives, with its tiny contact force required, and ability to engage and disengage many times a second,” he said. (read full article and see video …)
4/28/2015 - EU officially ranks cyber crime a top concern
April 28, 2015 – The Hill
EU officially ranks cyber crime a top concern
by Cory Bennett
Cyber crime is one of the top three security challenges that will guide the European Commission’s security agenda for the next five years.
The commission on Tuesday adopted a new European Agenda, which sets out three “pressing” safety concerns: terrorism, organized crime and cyber crime.
The choice to include cyber is yet another in a long string of indications of how rapidly cyber threats have become a major concern for governments worldwide.
“Terrorism, organised crime, and cyber crime are complex and evolving security challenges that cross European borders,” said first Vice-President Frans Timmermans in a statement. “So it is time we Europeans work better and more closely together to make sure our citizens are safe.”
Countries can no longer deny the massive global safety threat and significant economic drain caused by cyberattacks.
Some estimate cyber crime costs the global economy over $400 billion annually. Terrorist groups are also bolstering their cyber skills, successfully hacking military, government and media outlet Twitter feeds.
But international law enforcement cooperation in tackling cyber crime is challenging.
The ubiquity of online anonymity software and ease of committing digital crime from afar has made evidence gathering difficult and exposed outdated concepts of jurisdiction.
For instance, many cyber crooks operate out of Eastern European countries and Asian nations that don’t have extradition treaties with the U.S.
The new agenda will focus on finding “ways to overcome obstacles to criminal investigations online, notably on issues of competent jurisdiction and rules on access to Internet-based evidence and information,” according to an EU release. (read full article…)
4/28/2015 - Rapid escalation of the cyber-arms race
April 28, 2015 – BBC News
Rapid escalation of the cyber-arms race
by Gordon Corera
Codenamed Locked Shields 2015, Nato officials say it was the “most advanced ever live-fire cyber-defence exercise”.
Four hundred cyber-warriors from 16 countries last week responded to a scenario in which computer networks came under attack from another state’s hackers.
The scenario was based around the idea of “hybrid conflicts”, just below the level of war, in which one state both carries out espionage and disrupts the communications and operations of another, tied in with other activities.
The countries portrayed in the scenario were fictional, but it is hard to interpret this as anything other than thinking about Russia, which is seen as having pioneered hybrid conflict in Ukraine and, before that, Georgia.
The exercise itself was taking place in Estonia, which was subject to its own cyber-attack.
But the ability to carry out significant – even destructive – cyber-attacks is spreading rapidly: all part of a cyber-arms race accelerating rapidly not just between Nato and Russia but also beyond into other states and even non-state actors.
Just before Christmas, Sony Pictures got hacked.
Physical damage
The intrusion was attributed by the US to North Korea and linked to the release of the studio’s film The Interview, in which North Korea’s leader was featured as being killed.
The cyber-attack did not only expose embarrassing corporate secrets but also wiped company computers, rendering them as useful as a brick.
Computer espionage has been happening for years, but the destructive element was another sign that states are increasingly willing to deploy malware that does real physical damage and to link their cyber-attacks to physical threats (in this case against cinemas showing the film).
In North Korea’s case, cyber-weapons are a vital part of the country’s arsenal.
“Cyber-hacking is a crucial part of their asymmetric military capabilities. They have been pursuing it for such a long time with unbelievable levels of concentration, support and investment,” says Kim Heung Kwang, a former computer science professor in North Korea who left for the South.
“That’s how they have been able to foster this in such a lopsided shape compared to everything else in the country.”
He says a military unit that had 500 personnel when it started in 1998 has now grown to more than 3,000.
This kind of wiper attack, which renders computers unusable, was first seen on a large scale in 2012, when staff at the oil company Saudi Aramco tried to switch on their computers.
US officials believed this attack was, like the Sony hack, state-sponsored, in Saudi Aramco’s case by Iran.
But, if so, it was almost certainly simply a response to attacks on Iran itself – including most famously the Stuxnet virus, which damaged Iranian centrifuges over an extended period and is widely believed to have been the joint work of the US and Israel. (read full article …)
4/27/2015 - Beware document-based malware
April 27, 2015 = Computer Weekly
Beware document-based malware, warns Sophos researcher James Lyne
by Warwick Ashford
Cyber attackers are turning to document-based malware as users wise up to malicious email attachments and web links, James Lyne, global head of security research at Sophos, has warned. “We are seeing a big shift to attacks using macros embedded in documents,” Lyne told attendees of RSA Conference 2015 in San Francisco.
Lyne said a study showed that while only 1 in 200 participants (0.5%) would open an email attachment and 70% would click on a web link, 98.5% would open a document file. “Most people do not think of document files as being a security risk, which is why we are seeing a massive shift to using malware embedded in documents to launch attacks,” he said.
This is being coupled with high-quality social engineering methods such as sending spoofed emails containing malicious documents. Lyne, for example, said he recently received an email that appeared to be from someone he knows, asking to meet up and accompanied by malicious document file. To entice him into opening the document, the spoofed email said: “Please check my itinerary and let me know when we can meet.”
Lyne said this kind of social engineering attack is worrying because the conversion rate of such high-quality but simple cons could be “astonishingly high”. Another worrying trend Sophos researchers have identified is the increasing use of destructive document-based malware such as CyCoomer. Opening a document booby-trapped with CyCoomer will result in the deletion of all files on the victim’s computer and network-connected drives.
“We have not seen this kind of wanton destruction for years,” said Lyne. He also warned that mainstream cyber criminals are becoming extremely “technically competent” and are routinely outperforming so-called advanced persistent threat (APT) actors that include nation states. (read full article …)
4/26/2015 - 25 Online Security Tools for Small Businesses
Online Security Tools for Small Business
April 26, 2015 – Practical Ecommerce
by Sig Ueland
Recent cyber breaches at Target, Sony, and The White House reveal one simple truth: Online security is everyone’s concern. As larger businesses take steps to secure their networks, less secure smaller businesses must develop their own cyber security plans, finding the right tools for their needs, as well as their budgets.
Here is a list of online security tools for small businesses. There are tools for cyber defense and secure communication. Included are encryption applications, security testers, secure communication tools, password apps, online security platforms, an open threat exchange, and a cyber security planner for small businesses. Nearly all of these tools are free or have free plans.
Online Security Tools
FCC Small Biz Cyber Planner. By the Federal Communications Commission, the Small Biz Cyber Planner is an online resource to help small businesses create customized cyber security plans. Create and save a custom cyber security plan for your company, choosing from a menu of expert advice to address your specific business needs and concerns. The site also has a Cybersecurity Tip Sheet. Price: Free.
Surveillance Self-Defense. From the Electronic Frontier Foundation, Surveillance Self-Defense is a guide to defending yourself and your friends from surveillance by using secure technology and developing careful practices. Get a security starter pack to assess your personal risk, protect your most cherished communications and information, and start thinking about incorporating privacy-enhancing tools into your daily routine. Price: Free.
Open Threat Exchange. Hosted by AlienVault, Open Threat Exchange is an open threat information sharing and analysis network to put effective security measures within the reach of all organizations. Open Threat Exchange provides real-time, actionable information for all participants. AlienVault also offers a free ThreatFinder to quickly analyze a network for compromised systems and malicious communication. Price: Free.
GnuPG. GnuPG, also known as GPG, is a complete and free implementation of the OpenPGP standard to encrypt and sign your data and communication. GnuPG is free and can be freely used, modified, and distributed. GnuPG does not use any patented algorithms. Price: Free. (read full article …)
4/25/2015 - Oil, gas operators could be vulnerable to hackers
April 25, 2015 – Pittsburgh Post-Gazette
Oil, gas operators could be vulnerable to hackers
by Katelyn Ferral and Andrew Conte
In the vast network of data, drilling and pipes that’s made Marcellus shale an international energy reserve, computer attacks pose a serious threat.
Hackers target energy companies all the time because of the information and technology involved, but the public rarely hears about it, said Paul Kurtz, CEO of TruSTAR Technology, a Washington startup that allows companies to share anonymous information about hacks. He and other cybersecurity experts said the risk from these attacks extends beyond losing information to opening opportunities for serious damage.
“It’s quite easy for people to say, ‘It’s not going to happen here,‘ “ said Kurtz, who was White House senior director for critical infrastructure protection in the Bill Clinton and George W. Bush administrations. “The problem is that the bad guys aren’t necessarily that selective. … There is no doubt that you could use a cyber attack to make things blow up.”
Terry Boss, senior vice president of environment, safety and operations at Interstate Natural Gas Association of America, a Washington trade group, disagrees.
A major pipeline incident “isn’t realistic,” Boss said.
Even if hackers got past cybersecurity protections, he said, simple mechanical controls can prevent pipeline pressure buildup.
“Is it disruptive if there’s a cyber event for a company? Absolutely,” Boss said. “Is it going to affect the health of the customers along the pipeline or delivery? No. We’re doing everything we can do to prevent that sort of thing.”
Few energy companies are willing to talk about whether it’s that easy to attack their systems. Fifteen gas companies operating in Western Pennsylvania declined to comment about specifics — or at all — on their cybersecurity precautions.
Consol Energy Inc., based in Cecil, tells employees to watch out for email scams, discourages them from using external flash drives and warns them to be careful online at home. The company formulates quarterly cybersecurity response plans and is in the second year of a three-year computer systems review, said George Rosato, Consol vice president of information systems and technology. The company’s plans address how quickly it could recover from a cyber incident.
“As data moves back and forth, and specifically outside of our firewalls, we have to make sure we can protect that data,” Rosato said.
The chances of an adversary initiating a cyber attack on an oil and gas company are much greater than that of a physical attack, said former Homeland Security Director Tom Ridge.
The industry makes a tempting target for terrorists or foreign countries that want to hurt the economy by disrupting energy supplies, Ridge said. Activists opposed to fossil fuels, meanwhile, would consider it a victory to cause problems, he said.
“It’s a grave business risk to minimize the potential impact of a successful cyber attack, and I think the oil and gas industry, for a variety of reasons, is probably at the top of the list,” Ridge told the Tribune-Review.
Hackers regularly target energy companies, accounting for nearly a third of the incidents handled last year by Homeland Security’s Industrial Control Systems Cyber Emergency Response Team.
Even among energy producers, oil and gas operators face extended risks because projects often involve multiple companies working together, sharing information and trying to integrate systems, experts said. (read full article…)
4/23/2015 - iPhones more intelligent than us
April 23, 2015 – Washington Post
The coming problem of our iPhones being more intelligent than us
by Vivek Wadhwa
Ray Kurzweil made a startling prediction in 1999 that appears to be coming true: that by 2023 a $1,000 laptop would have the computing power and storage capacity of a human brain. He also predicted that Moore’s Law, which postulates that the processing capability of a computer doubles every 18 months, would apply for 60 years — until 2025 — giving way then to new paradigms of technological change.
Kurzweil, a renowned futurist and the director of engineering at Google, now says that the hardware needed to emulate the human brain may be ready even sooner than he predicted — in around 2020 — using technologies such as graphics processing units (GPUs), which are ideal for brain-software algorithms. He predicts that the complete brain software will take a little longer: until about 2029.
The implications of all this are mind-boggling. Within seven years — about when the iPhone 11 is likely to be released — the smartphones in our pockets will be as computationally intelligent as we are. It doesn’t stop there, though. These devices will continue to advance, exponentially, until they exceed the combined intelligence of the human race. Already, our computers have a big advantage over us: they are connected via the Internet and share information with each other billions of times faster than we can. It is hard to even imagine what becomes possible with these advances and what the implications are. (read full article…)
4/23/2015 - How Artificial Intelligence is Changing Law
April 23, 2015 – Newswire
Holmes and Watson – How Artificial Intelligence is Changing Law
by Patrick Ellis
In 1897, Oliver Wendell Holmes, Jr. wrote:
People want to know under what circumstances and how far they will run the risk of coming against what is so much stronger than themselves, and hence it becomes a business to find out when this danger is to be feared. The object of our study, then, is prediction, the prediction of the incidence of the public force through the instrumentality of the courts.
Holmes, laying the groundwork for his famed prediction theory of law, was referring to an attorney’s responsibility to anticipate the legal consequences of client conduct based on the applicable facts and law, and advise accordingly. Yet, more than a century later, Holmes’ definition of an attorney’s object of study takes on new meaning against the backdrop of currently available and rapidly evolving technologies.
For example, Professor Bill Henderson recently detailed Premonition Analytics, a new legal analytics company that claims to use artificial intelligence, predictive analytics and data mining to provide lawyers’ “win rates” and, the next logical step, forecast an attorney’s success in front of certain courts or judges. There are a number of issues around Premonition, ranging from how to define a “win” to how data mining can practically work in an environment where public records are still often paper-based or hopelessly unstructured. Nevertheless, Premonition, which holds itself out as “Precognitive Law” (reminiscent of the cadaverous, babbling mutants from Minority Report) will be one to watch.
And there are others, not all necessarily aimed at prediction, but that apply some form of machine learning to provide intelligence on which forecasts could be based: Lex Machina, Kira, Lexalytics, and Juristat, just to name a few. All of these tools, some of which I’ve used, are very promising and are already making significant changes to the way attorneys make decisions on both a tactical and strategic level. But significant roadblocks, like those I mentioned above and others, stand between where our profession is and where we could be.
In thoughtful and rare piece of criticism on the proliferation of intelligent system technologies in law, Addison Cameron-Huff outlines six reasons why he is skeptical of one of the latest additions to the legal analytics bunch, ROSS, summarized with
It’s far too early to say if Watson will replace legal researchers/junior associates and I don’t think it’s realistic that this will happen even in the next few years. Furthermore, if there was such a technology it would be first applied to far more lucrative problems that don’t have the thorny vagueness of our legal system. (read full article…)
4/23/2015 - Artificial intelligence and the tools of power
April 23, 2015 – San Diego Daily Transcript
Artificial intelligence and the tools of power
by Daniel Coffey
Michael Lewis, author of the remarkable 2014 book “Flash Boys,” recently wrote an excellent piece in Vanity Fair about the efforts to discredit him by some of the groups he exposed.
“Flash Boys” and his March 17 Vanity Fair print article are yet another chapter in a revelatory journey, as Lewis once again alerts people to the abusive patterns emerging from a combination of high-speed trading computers and under-appreciated Wall Street motivations, incentives and greed. He reveals how trust is monetized and abused.
“Flash Boys” is an amazingly detailed and clear articulation of how investors large and small are effectively “front-run” and fleeced by very rapid high-frequency trading. …
“Flash Boys” implicitly raises a central question about the challenge of artificial intelligence (AI). Most important, AI is now capable of a stupefying level of computational speed and artificial complexity that no human can readily apprehend. …
It’s not necessary for a thinking machine to spontaneously develop its own motivations. People themselves impose encoded motivations as part of the purpose to be achieved, whether for good or evil.
Physical computing devices make things happen, but it is the ethereal computer code that truly is the source of knowledge of good and evil. The code embeds and carries the necessary fragment of human nature for the specific tasks and objectives at hand, and thus it poses the real danger.
It’s not necessary for a thinking machine to spontaneously develop its own motivations. People themselves impose encoded motivations as part of the purpose to be achieved, whether for good or evil. …
An AI machine that can politely censor speech is dangerous. Virtual reality is inherently not truthful. Machines programmed to arbitrage or take advantage of human motivations, fears, conflicts, needs or reasoning hold seeds that are not harmless; each AI-induced harm can be slight, chronic, parasitic, acute or lethal, and may shift from one to another in a millisecond.
Put another way, superhuman thinking machines with incomprehensible capabilities encoded with malevolent human purpose pose real dangers. Unfortunately, the main purpose of many physically endowed AI machines is to do evil destructive things without hesitation. (read full article …)
Concerns of an Artificial Intelligence Pioneer
4/20/2015 - Baidu: the internet will be 'your second brain'
April 20, 2015 – South China Morning Post
Top Baidu scientist says search firm wants to make the internet ‘your second brain’
by Wu Nan and Adrian Wan
BaiduEye shows how the Chinese search giant is innovating in areas outside of its core business, according to one of the firm’s chief scientists.
Yu Kai, vice director of Baidu’s Institute of Deep Learning (IDL), told the South China Morning Post that the wraparound headset, which sits atop a user’s ears and can sync visual and oral cues and provide related information to the user’s smartphone, could be adopted in professional and recreational fields including mine exploration, hospitals, and museums.
First announced in September, Yu said it could be fully commercialised in five years.
He gave the example of a museum guest wearing BaiduEye looking at a painting, the device can scan the image and provide information about it and its painter, as well as relevant historical data or suggestions of similar works of art.
“Through the device, the internet can become your second brain,” Yu said. “It’s like your own personal robot.” (read full article…)
4/20/2015 - The ‘Cyber Cold War’ era has begun
April 20, 2015 – Digital News Asia
Eugene Kaspersky: The ‘Cyber Cold War’ era has begun
by Gabey Goh
KASPERSKY Lab is seeing more attacks coming from a variety of groups, from criminal organisations to nation-states, as well as an increase in the use of cyber-espionage tools, according to founder, chairman and chief executive officer Eugene Kaspersky.
“We’re expecting more attacks on industrial environments, which is why our industrial security team will become ever more important.
“We’re afraid that the next target … from all groups … would be attempts to destroy or shut down industrial facilities, or even taking control of these assets for ransom,” he told a media conference at the recent Interpol World in Singapore.
Out of all categories of attackers, Eugene said that he is most afraid of cyber-terrorist attacks, as they can be the most unpredictable.
“We’re seeing the rise of traditional criminal groups employing professional IT talent to support traditional crime. I believe that all espionage tools developed by nation-states are dangerous because the cybercriminals will learn from it and use them as well.
“And you ask me ‘Who’s worse than the mafia?’ Well, terrorists. Especially for highly computerised nations such as Singapore that depend on IT systems much more than any other nation.
“Singapore is in a ‘dangerous zone’ in that sense, and in a similar situation with Israel,” he said, declaring that the world is already well into the age of the ‘Cyber Cold War.’
Speaking of wars, Kaspersky Lab recorded a rare and unusual example of one cybercriminal attacking another in 2014.
Hellsing, a small and technically unremarkable cyber-espionage group targeting mostly government and diplomatic organisations in Asia, was subjected to a spear-phishing attack by another threat actor, and decided to strike back.
The discovery was made by Kaspersky Lab researchers looking into the activity of Naikon, a cyber-espionage group also targeting organisations in the Asia Pacific region.
The researchers noticed that one of Naikon’s targets had spotted the attempt to infect its systems with a spear-phishing email carrying a malicious attachment.
The target questioned the authenticity of the email with the sender and, apparently dissatisfied with the reply, did not open the attachment. Shortly thereafter, the target forwarded to the sender an email containing the target’s own malware.
This moved triggered Kaspersky Lab’s investigation and led to the discovery of the Hellsing APT (Advanced Persistent Threat) group. The method of counter-attack indicates that Hellsing wanted to identify the Naikon group and gather intelligence on it.
Kaspersky Lab believes that this could mark the emergence of a new trend in cybercriminal activity: The APT wars. (read full article…)
4/19/2015 - Computer security expert blocked from flight
April 19, 2015 – USA Today
Computer security expert blocked from flight after tweets
by Elizabeth Weise
A computer security researcher on his way to give a talk about computer security vulnerabilities at a major conference was told he couldn’t fly on United Airlines Saturday, due to comments he’d made on Twitter.
Chris Roberts, of One World Labs in Denver, was on his way to San Francisco for the RSA security conference when he was told by United Airlines that he wouldn’t be allowed to board his plane.
“Roberts was told to expect a letter explaining the reasons for not being allowed to travel on United,” his lawyers at the Electronic Frontier Foundation, a cyber rights group in San Francisco, posted on Saturday.
Roberts was able to get a flight on another airline and finally arrived in San Francisco late Saturday, said Elaine Hayoz, a One World Labs spokeswoman.
United made the decision not to allow Roberts to fly on United “because he had made public statements about having manipulated airfare equipment and aircraft systems,” said Rahsaan Johnson, United Airlines spokesman. …
Roberts’ troubles began Wednesday when he flew from Denver, where his company is based, to Syracuse, N.Y.
Once onboard, he pondered on Twitter whether he would be able to hack into the flight’s onboard computer settings.
“Find myself on a 737/800, lets see Box-IFE-ICE-SATCOM, ? Shall we start playing with EICAS messages? “PASS OXYGEN ON” Anyone ? :)” his tweet read.
EICAS refers to the plane’s onboard communication system, the “engine-indicating and crew-alerting system.”
Clearly someone was paying attention. When Roberts’ plane arrived in Syracuse, he was removed by FBI agents and questioned for four hours.
His next tweet read, “Lesson from this evening, don’t mention planes…the Feds ARE listening, nice crew in Syracuse, left there naked of electronics.” …
Ironically, Roberts’ talk, scheduled for Thursday, is in part about the vulnerabilities of transportation systems.
EFF, which has taken on his case, said Saturday that United’s refusal to allow him to fly “is both disappointing and confusing. As a member of the security research community, his job is to identify vulnerabilities in networks so that they can be fixed,” EFF’s Andrew Crocker said on the organization’s website. (read full article…)
4/18/2015 - Cyber crime now 'number one' threat
April 18, 2015 – Business Standard (AFP)
Cybercrime now ‘number one’ threat – Europol chief
by AFP Staff
Cybercrime has become as big a threat to Europe’s security as terrorism, the head of the continent’s policing agency warned today.
“The threat online is huge. It is now the number one security concern, alongside terrorism,” Europol chief Rob Wainwright said.
“It’s become a global problem and we urgently need global instruments to deal with it,” the continent’s police czar told AFP.
Wainwright was speaking on the sidelines of a global cyber conference ending in The Hague, which focused on issues such as Internet freedom, safety and security.
More than 1,500 delegates from almost 100 countries, civil society and tech industry giants such as Microsoft, Facebook and Cisco gathered for the two-day Global Conference on CyberSpace (GCCS) in the Netherlands.
Delegates yesterday launched a forum designed to serve as a platform for countries to share expertise in the fight against cyber threats, including hacking attacks and data protection.
With backers including the United States, Britain and the Netherlands, the Global Forum on Cyber Expertise will for the first time bring together the experiences of a wide range of online companies and players including Microsoft and Europol.
“This is an extremely important initiative that will help many countries, particularly in the developing world, build up their capacity to tackle the issue,” Christopher Painter, US State Department Coordinator for Cyber Issues told AFP. (read full article…)
4/18/2015 - Russian Millionaire Taking AI to Next Level
April 18, 2015 – Newsweek
Russian Millionaire Taking Artificial Intelligence to Next Level
by Rory Ross
Despite his millions, the world of Moscow property development left Nikolay Gurianov “really bored.” Two motorbike crashes later, he reckoned it was time to move on, find a new business and swap two wheels for four.
He asked a marketeer: “What is the most interesting business that isn’t property, oil, armaments, diamonds, drugs or slavery?” And so began his career in IT—and a switch to Aston Martins.
In 2002, he set up Braintree, a technology outfit that helped Russian firms “optimise databases.” But databases too failed to ignite Gurianov. Drifting, he lit on artificial intelligence (AI). At last, here was a challenge fit for both intellect and wallet.
There are two types of AI: Weak and Strong. Weak AI is found in iPhones. Strong AI equates to human intelligence but is elusive. Via Braintree, Gurianov, now 47, claims he has plunged £20m into cracking Strong AI.
“We are ahead of our competitors,” he says, a laid-back oligarch-in-exile in Chelsea, London. “Everyone is pessimistic about lifting AI above human intelligence. But I will soon launch the ‘neuro-net,’ a cleverer, faster replication of the human brain, the first step to Strong AI. I have christened the project ‘Sunny.’”
Intelligence is the skill to create knowledge. “Dogs are intelligent, but poor at creating new knowledge,” says Gurianov. “Human beings alone can create new knowledge from old. Sunny will create new knowledge more efficiently.
“Once we have launched the neuro-net,” says John Corry, Gurianov’s CEO, “Braintree will split: One part will develop Sunny; the other, practical applications.”
Such as? “Optimisation of data storage. There is too much information on the internet to manage; imagine how much more when AI gets going. Precisely. You can’t. Data storage is key.” (read full article…)
4/18/2015 - Real feelings for artificial intelligence
April 18, 2015 – South China Morning Post
Real feelings for artificial intelligence
by Alex Lo
Most people think love and sex should be between people, if at all. That is why we find sex dolls offensive. But is this judgmental attitude justified?
We are increasingly faced with this problem because sex toys and related devices are getting more hi-tech all the time. It’s highly possible that in the not-too-distant future, we can have a quasi human-like relationship with a smart machine. …
Practically every month, the Japanese release a lifelike robot to perform all sorts of services. Meanwhile their country has cornered the sex dolls market with such top-quality dolls as Candy Girls. As we reported recently, the dolls have taken China by storm, with its legions of lonely hearts turning to them for solace, though each costs upwards of US$2,500.
The dolls are made of thermoplastic elastomer or silicone, with adjustable hands, a removable head and detachable genitals. The most expensive versions vibrate. I suppose it’s only a matter of time before their limbs can be made to caress and embrace. And with the advances in robotics, the sky is the limit – this combination of advanced AI, robotics and ergonomics. Who knows if some lonely computer or robotic genius has not already built one for himself and is living and loving happily ever after? …
What’s to stop us in future from dropping human-to-human relationships altogether and diving head over heels into a loving relationship with a smart and attractive machine? That future may already be here. (read full article…)
4/17/2015 - FBI pulls security expert off United flight
April 17, 2015 – CNN Money
Fearing United plane was hacked, FBI pulls security expert off flight
by Jose Pagliery
A computer security expert was pulled from his United Airlines flight in Syracuse on Wednesday afternoon, after the FBI feared he had hacked the plane.
All it took was a tweet to raise the FBI’s suspicion.
It sounded like Chris Roberts, a cybersecurity professional from Denver, was about to use his laptop to force the plane to deploy the emergency oxygen masks.In a tweet, Roberts referenced the plane’s satellite communications and the aircraft’s engine-indicating and crew-alerting system.
Federal law enforcement didn’t find that funny and immediately kicked into action. Roberts said FBI agents detained and questioned him for four hours. They also seized his laptop, iPad, hard drives, and other computer gear.
A day and a half later, it’s clear that Roberts meant no harm. The plane is fine. No one was hurt. The computer gear should soon be on its way back to Denver. And Roberts learned to be more careful on Twitter.But this ordeal also reveals a potentially dangerous flaw in airplanes. Roberts said he took to Twitter out of frustration that Airbus and Boeing (BA) – the world’s two largest plane manufacturers — aren’t listening to warnings he’s made for years.
Anyone can plug a laptop into the box underneath his or her seat and reach key controls in the plane, such as engines and cabin lighting. That’s the claim made by Roberts and the cybersecurity firm he co-founded, One World Labs.
“I was probably a little more blunt than I should have been,” Roberts told CNNMoney. “I’m just so frustrated that nothing is getting fixed.”
United (UAL) deferred all questions to the FBI. The agency has not yet provided comment on the matter.
He hacks planes?
Roberts’ job is to find weaknesses in computer systems — especially airplanes. For years, he explored whether a malicious hacker could take over a pilot’s controls — and how they’d do it.
He found that a hacker could theoretically do it from a passenger seat. Every chair has a tiny computer and screen, and those are plugged into the airplane’s CAN bus. Every vehicle has one. Think of it like a spine. It’s how the brain communicates with the limbs. It’s how your car accelerator talks to your engine’s fuel injector.
But — if it’s not built just right — it also means your plane passenger seat is ultimately connected to the pilot’s cockpit.
Roberts said he eventually tested out the theory himself 15 to 20 times on actual flights. He’d pull out his laptop, connect it to the box underneath his seat, and view sensitive data from the avionics control systems.
“I could see the fuel rebalancing, thrust control system, flight management system, the state of controllers,” he said.
If a fellow passenger ever asked what he was doing, Roberts would simply say, “We’re enhancing your experience by putting in new systems.” (read full article…)
4/17/2015 - Algorithmic Attacks: Fighting Next-gen Cyber Threats
April 17, 2015 – Scientific Computing
Algorithmic Attacks: Fighting Next-gen Cyber Threats
University of Utah
The next generation of cyberattacks will be more sophisticated, more difficult to detect and more capable of wreaking untold damage on the nation’s computer systems.
So, the U.S. Department of Defense has given a $3 million grant to a team of computer scientists from the University of Utah and University of California, Irvine, to develop software that can hunt down a new kind of vulnerability that is nearly impossible to find with today’s technology.
The team is tasked with creating an analyzer that can thwart so-called algorithmic attacks that target the set of rules or calculations that a computer must follow to solve a problem. Algorithmic attacks are so new and sophisticated that only hackers hired by nation states are likely to have the resources necessary to mount them, but perhaps not for long.
“The military is looking ahead at what’s coming in terms of cybersecurity, and it looks like they’re going to be algorithmic attacks,” says Matt Might, associate professor of computer science at the University of Utah and a co-leader on the team.
“Right now, the doors to the house are unlocked so there’s no point getting a ladder and scaling up to an unlocked window on the roof,” Might says of the current state of computer security. “But, once all the doors get locked on the ground level, attackers are going to start buying ladders. That’s what this next generation of vulnerabilities is all about.”
Typically, today’s software vulnerabilities rely on programmers making mistakes while creating their programs, and hackers will exploit those mistakes. For example, the software will receive a programming input crafted by a hacker and use it without automatically validating it first. That could result in a vulnerability giving the hacker access to the computer or causing it to leak information.
Algorithmic attacks don’t need to find such conventional vulnerabilities. They can, for instance, secretly monitor how an algorithm is running or track how much energy a computer is using and use that information to glean secret data that the computer is processing. Algorithmic attacks can also disable a computer by forcing it to use too much memory or driving its central processing unit to overwork. (read full article…)
Algorithmic Attacks: Fighting Next-gen Cyber Threats
4/18/2015 - Terrorists' cyber-threat to the world
April 18, 2015 – The New Zealand Herald
Terrorists’ cyber-threat to the world
Everyone is a possible target as extremist hackers make the computer their new weapon of mass destruction
They sign as Cybercaliphate. Last January, this name appeared on the YouTube and Twitter accounts of the United States military’s central command, with Isis (Islamic State) propaganda. And, last week, Cybercaliphate resurfaced when hackers seized the Paris television network TV5Monde.
Cyber coups have emerged – with on-line videos of grisly executions – as a potent weapon in asymmetrical warfare, where small groups take on military giants like the US.
The new face of the cyber terror isn’t jihadis brandishing AK-47 rifles and using suicide bombs, but someone with a laptop, an internet connection and hacking skills.
The identity of Cybercaliphate is hotly debated, but it is a high-tech cadre. The Syrian Electronic Army and the Iran-based Ajax Security Team, helped trail blaze this David-versus-Goliath battlefield. The SEA, which backs President Bashar al-Assad, has hacked the New York Times, Financial Times and other media websites critical of his regime.
Word is that Isis is keen to attract more zealous young hackers.
Finding people with top cyber security skills – hard enough in the corporate world – is quickly becoming a vital element in this secretive, high-tech war.
“You’re going to see the cyber skills set become the most pressing issue in cyber security,” says Bryce Boland, a top technology expert for the Asia-Pacific region for FireEye, an American cyber security business.
Faced by individual hackers or shadowy state surrogates like APT (Advanced Persistent Threat) 30, believed to have operated from China for a decade, the US military has lowered its fitness standards to recruit geeks in the cyber race.
Three years ago US Defence Secretary Leon Panetta warned of a “cyber Pearl Harbour”, after large US financial institutions were hacked and the Shamoon virus wrought havoc with Saudi Arabia and Qatar’s energy infrastructure. The most serious scenario, he said, was a mass cyber attack coupled with a physical assault.
Cyber attacks by states or state surrogates are now a routine part of state espionage and an offensive military tool.
The US, backed by Israel, is believed to have launched the Stuxnet virus in 2010 against Iran’s nuclear programme. A People Liberation Army unit has been accused of facilitating Chinese cyber attacks on the US. And North Korea was fingered for last year’s Sony Studios hack, allegedly drawing US retaliation. (read full article…)
4/17/2015 - APT Group 'Pawn Storm' Ratchets Up Attacks
April 17, 2015 – Dark Reading
APT Group ‘Pawn Storm’ Ratchets Up Attacks
by Jai Vijayan
Threat actors have set up several new C&C servers and dozens of new malicious URLs — and now targeting White House staffers, Trend Micro says.
In an update this week, security firm Trend Micro, which first reported on the threat last October, said the group behind Pawn Storm has been busy setting up dozens of new exploit URLs and command and control servers since the beginning of the year.
Among the group’s targets are members of the White House and the North Atlantic Treat Organization (NATO) as well as governments in Europe, Asia and the Middle East. Many of the group’s targets include Russian dissidents and those opposed to the Kremlin, suggesting it has ties to the Russian government, the security firm says.
“Geopolitics serve as harbingers for cyber attacks,” saysTom Kellermann, chief cybersecurity officer at Trend Micro. “Hackers sympathetic to Russia have escalated a campaign of hacking targeting the US government; NATO and Ukraine.”
The attackers are also targeting journalists who are critical of the Russian regime, he says, adding that thousands of individuals have been selectively targeted over the past several months.
The group behind Pawn Storm has been active since at least 2007 and has used a combination of malware-laden spear-phishing emails, watering-hole attacks, and spoofed Microsoft Outlook Web Access login pages to infiltrate systems belonging to a very highly targeted set of victims. The apparent goal behind the campaign is economic and political cyber-espionage. Victims have included defense contractor ACADEMI (formerly Blackwater), SAIC, and the Organization for Security and Cooperation in Europe. The most recent targets have included members of the White House and journalists. (read full article…)
4/17/2015 - Iran steps up cyber attacks on the US
April 17, 2015 – The National
Iran steps up cyber attacks on the US
by Greg Russell
AS NEGOTIATORS from a group of world powers prepare to meet representatives from Iran next week to discuss that country’s nuclear programme, a report published today suggests the Iranians have stepped up their cyber attacks on the US. Norse, a cyber security firm, and the American Enterprise Institute said Iran had greatly increased the frequency and sophistication of its attacks.
Frederick W Kagan, the AEI’s critical threats director, said: “Cyber gives them a usable weapon in ways nuclear technology does not. And it has a degree of plausible deniability that is attractive to many countries.”
He added that if sanctions against Iran were suspended under the proposed nuclear accord, Iran would be able to divert the revenue from improved oil exports to cyber weapons.
The report was released 15 months after a cyber attack on the world’s biggest gambling company, the Las Vegas Sands Corporation, crippled many of its computers and compromised employee data. It was believed to have been in response to a statement from the billionaire chief executive of Sands, Sheldon Adelson, in which he said Iran should be bombed to force it to abandon its nuclear programme.
James R Clapper, the US director of national intelligence, confirmed to Congress in February that Iranian hackers were behind the attack.
Evidence from the Norse report and US intelligence agency analyses suggested that Iran had made much greater use of cyber weapons over the past year, despite international sanctions.
The attacks have mostly appeared speculative, but a few, like the Sands attack, have been for destructive purposes.
Norse said it had traced thousands of attacks against American targets to hackers inside Iran. And it said the hackers were moving from flamboyant, attention-grabbing cyber attacks in which they deface websites or take them offline to far quieter surveillance.
They appeared, in some cases, to be searching for infrastructure systems that could provide the opportunity for more dangerous and destructive attacks. (read full article…)
4/16/2015 - Artificial intelligence is about to take a big leap
April 16, 2015 – Geek Snack
Artificial intelligence is about to take a big leap thanks to IBM
by Jason Moth
Artificial intelligence is not yet at the point where it can challenge the intellect of a human being, but that day might be closer than you think. Recent advances are transforming this technology into something that inspires both awe and fear into the general population.
One company that has been working for some time to bring the controversial technology to the next level is called Numenta and was founded by Jeff Hawkins. Those names might not ring a bell to most since Numenta hasn’t made much progress in recent years, but that may very well change soon thanks to a bold new plan. Hawkins says that he wants to create artificial intelligence software based on the human brain and he now has IBM backing up the project.
The tech giant recently put together a team of 100 people to work together with Numenta at its Almaden research lab in San Jose, California. The group is currently known as the Cortical Learning Center and is attempting to bring artificial intelligence to the next level with the help of Jeff Hawkins.
The plan involves building advanced pieces of software with algorithms that mimic the neural network found inside our own brains. The software will not be able to learn as fast as an actual brain since the algorithms are the equivalent of only about 100 neurons, but many are already calling this one of the most advanced machine learning program to date.
What separates Numenta’s project from other artificial intelligence software is its ability to learn new things much faster than most of its counterparts. (read full article…)
4/16/2015 - Cyber crime: Responding to modern terrorism
April 16, 2015 – Officer.com
Cyber crime: Responding to modern terrorism
The cyber threat landscape is changing rapidly. Organized crime, cybercrime syndicates for hire, and nation-state actors are motivated by substantial financial gain, intellectual property theft, and the threat of offensive actions.
Threats to critical infrastructure are real. Hackers and other cyber-criminals are not only interested in ripping off banks; the threat landscape also includes targets that range from banks to phone companies to water and sewerage providers to public transportation networks and government institutions.
The tenth biggest threat to the stability of the world in the next ten years comes from the risk of cyber attacks, according to World Economic Forum’s 10th edition of the Global Risks report, published in January. Failure of climate change adaptation, major water crises, and cyber-attacks are all high risk and, worryingly, rate ahead of failure of critical infrastructure based on their likelihood and potential impact.
Not surprisingly, cyber security was a hot topic at this year’s World Economic Forum, the global gathering of CEOs, world leaders, and other power players in Davos, Switzerland. Attendees were warned that attacks on power plants, telecommunications, and financial systems—even turning traffic lights green—are the terrifying possibilities of modern cyber terrorism.
Jean-Paul Laborde, head of the UN’s counter-terrorism unit, highlighted increasing links between organized crime and extremist groups, such as ISIS, which he said were now combining to launch cyber attacks. Laborde called for an international legal framework to bring these criminals to justice.
With a host of well-publicized data breaches last year—including the Sony hack and hackers supporting Islamic militants’ takeover of a U.S. military command’s Twitter and YouTube accounts—it is clear that cyber attacks aren’t going away anytime soon. While there is a significant difference between what is a large data breach and the hacking of a Twitter account—in what the Pentagon called an annoying prank that did not breach military networks or access classified data—both incidents are being taken seriously. (read full article…)
4/15/2015 - New trend in cybercriminal activity: APT wars
April 15, 2015 – Help Net Security
New trend in cybercriminal activity: APT wars
Kaspersky Lab has recorded a rare and unusual example of one cybercriminal attacking another. In 2014, Hellsing, a small and technically unremarkable cyberespionage group targeting mostly government and diplomatic organizations in Asia, was subjected to a spear-phishing attack by another threat actor and decided to strike back.
The discovery was made during research into the activity of Naikon, a cyberespionage group also targeting organizations in the Asia-Pacific region. The experts noticed that one of Naikon’s targets had spotted the attempt to infect its systems with a spear-phishing email carrying a malicious attachment.
The target questioned the authenticity of the email with the sender and, apparently dissatisfied with the reply, did not open the attachment. Shortly thereafter the target forwarded to the sender an email containing the target’s own malware. This move triggered an investigation and led to the discovery of the Hellsing APT group.
The method of counter-attack indicates that Hellsing wanted to identify the Naikon group and gather intelligence on it.
Deeper analysis of the Hellsing threat actor reveals a trail of spear-phishing emails with malicious attachments designed to propagate espionage malware among different organizations. If a victim opens the malicious attachment, their system becomes infected with a custom backdoor capable of downloading and uploading files, updating and uninstalling itself. According to Kaspersky Lab’s observations, the number of organizations targeted by Hellsing is close to 20.
The company has detected and blocked Hellsing malware in Malaysia, the Philippines, India, Indonesia and the US, with most of the victims located in Malaysia and the Philippines. The attackers are also very selective in terms of the type of organizations targeted, attempting to infect mostly government and diplomatic entities.
“The targeting of the Naikon group by Hellsing, in some sort of a vengeful vampire-hunting-“Empire Strikes Back” style, is fascinating. In the past, we’ve seen APT groups accidentally hitting each other while stealing address books from victims and then mass-mailing everyone on each of these lists. However, considering the targeting and origin of the attack, it seems more likely that this is an example of a deliberate APT-on-APT attack,” said Costin Raiu, Director of Global Research and Analyst Team at Kaspersky Lab.
The Hellsing threat actor has been active since at least 2012 and remains active. (read full article…)
4/15/2015 - Simda botnet hackers will return with a vengeance
April 15, 2015 – V3
by Alastair Stevenson
Simda botnet hackers will return with a vengeance
Interpol’s Simida takedown is nothing but a PR stunt that will drive the botnet’s authors’ to create even more dangerous attack tools, according to experts within the security community. Interpol reported successfully freeing 770,000 machines from the Simda botnet during a joint operation with Microsoft, Kaspersky Lab, Trend Micro and Japan’s Cyber Defense Institute on Monday.
Interpol and its partners heralded operation has been hailed as a major success in the ongoing battle against cyber crime.
However, experts have questioned the long term significance of the action.
Amichai Shulman, CTO of Imperva told V3 because the botnet’s creators are still at large, they will inevitably return with more sophisticated attack tools in the near future.
“I don’t see this as a victory at all. I see it more as a PR stunt which happens usually twice a year, usually in conjunction with a big trade show,” he said. “The same bot technology will (and in fact is) be used construct other botnets, probably by the same individuals who ran the network that was taken down. I think that law enforcement should not focus on taking down the botnet but on taking down the people who operate it.”
TK Keanini, CTO at Lancope agreed, arguing the botnet will never truly be dead while its authors remain free.
“With almost 100 percent certainty these folks will reinvent themselves and they will innovate new ways to evade detection and more distributed architectures to remain resilient to the next takedown,” he said.
Simda has been used to target everything from general web users to financial institutions for several years.
The attacks granted hackers remote access to victim systems and let them spread malware and steal vast amounts of data, including personal identifiable information and banking passwords.
Kaspersky Lab security expert Vitaly Kamluk said the campaign was particularly dangerous as it had defence-dodging capabilities.
“This bot is mysterious because it rarely appears on our KSN radars despite compromising a large number of hosts every day,” he explained in a blog post. “It has a number of methods to detect research sandbox environments with a view to tricking researchers by consuming all CPU resources or notifying the botnet owner about the external IP address of the research network.” (read full article…)
4/14/2015 - 1m new cyber threats released daily
April 14, 2015 – Daily Mail
1million new cyber threats released daily
by Press Association
Nearly one million new cyber threats were released online every day in 2014, with five out of six large companies globally targeted, according to a new report from cyber security experts. Compiled by anti-virus and web security experts Symantec, the firm’s Internet Security Threat Report also found that 17% of all apps on Google’s Android platform were malicious software, or malware, in disguise.
The report also announced an increase in ransomware – where hackers take over a user’s device or files and demand money in order to release them. Symantec says this activity increased by 113% in 2014, with the UK the third targeted country globally. …
This appears to tally up with Symantec’s findings, which reports that five out of six large companies were targeted by cyber criminals last year, a rise of 40% compared to the previous year.
Kevin Haley, director of Symantec Security Response, said: “Attackers don’t need to break down the door to a company’s network when the keys are readily available.
“We’re seeing attackers trick companies into infecting themselves by Trojanising software updates to common programs and patiently waiting for their targets to download them – giving attackers unfettered access to the corporate network.”
The report also found a large number of viruses and potentially harmful pieces of software are being circulated inadvertently on social media, by users who are unaware of the full content of what they are sharing.
“Cyber criminals are inherently lazy; they prefer automated tools and the help of unwitting consumers to do their dirty work,” added Mr Haley. “Last year, 70% of social media scams were shared manually, as attackers took advantage of people’s willingness to trust content shared by their friends.” (read full article …)
4/14/2015 - Cyber crime 'bigger than drugs trade'
April 14, 2015 – London Evening Standard
Cyber crime ‘could be bigger than drugs trade’ warns City of London police chief
by Kiran Randhawa
Cybercrime may now be bigger than the drug trade, the City of London police commissioner has warned. Adrian Leppard said the problem is so bad police do not have enough resources to tackle it. Detectives believe that only one in five cybercrimes was reported, and of those only another one in five receive a proper response from law enforcement agencies. …
The National Fraud Authority estimated in 2013 that the cost of fraud to the UK economy, including cybercrime, was £52 billion. The Office of National Statistics says about seven people are defrauded every minute. Last November, the treasury select committee was told that banks “substantially understate the true scale” of fraud. The committee heard that cybercriminals were stealing twice the amount from banks that they reported. (read full article…)
4/14/2015 - Understanding Artificial Intelligence
April 14, 2015 – Brookings TechTank
Understanding Artificial Intelligence
by Mohit Kaushal and Scott Nolan
Artificial Intelligence (AI) has arrived, with decades of academic research now coming to fruition. Endless applications of AI already exist, only to become more sophisticated and ubiquitous as the field progresses and commercialization continues. Today Siri enables our internet searches, self-driving cars can be seen on the streets of Mountain View and IBM’s Watson beats humans at Jeopardy.
The academic field of research, birthed in 1956 by Alan Turin’s seminal paper “Computer Machinery and Intelligence”, has developed rapidly over the past decade. At a simple level, machine learning – referred to more broadly as AI – collects data, processes it, and attempts to produce reasonable, actionable outputs.
Over time, the individual scientific disciplines behind AI have become more complex and specialized. Today areas of study including Bayesian methods, computational neuroscience, natural language processing, neural networks and reinforcement learning represent only a handful of the many subfields involved. This multidisciplinary work will continue to evolve both incrementally and in a step-function towards the pursuit of human-level AI. With humble beginnings in rote task automation, AI will very soon exhibit intuitive, seemingly emotional capabilities.
Deep impact
As consumers, we should expect AI technology to permeate all aspects of life within a few short years. Auto manufactures have offered cruise control for decades, reducing cognitive effort for the human operator. New car models include automated lane-keeping and parallel parking. Soon, the concept of a human driver may be as foreign as the human loom operator.
As citizens and policy-makers, we must also understand and plan for what’s ahead. AI’s progression from irrelevance, to human enhancement, to human substitution will proliferate throughout the economy and impact all industries, including those that today appear unassailable.
Technology has repeatedly altered how society and economies function at the most fundamental levels. With exponential progress in the fields most related to AI development – namely computing and software – we can only expect this pattern to maintain or strengthen. This raises serious ethical, regulatory and policy questions about the costs and benefits unlocked through this technology.
Because of the advantages a superhuman AI will confer to its “owner” and the existential risks it would simultaneously present humanity, many of the dynamics begin to resemble those behind the race toward an atomic bomb. Without an unprecedented level of international cooperation, a new effort paralleling the Manhattan Project might become the logical path forward …
Recent press has even highlighted the risks associated with AI becoming “super-intelligent”: not just equaling or outperforming humans in certain fields, but leaving humans in AI’s intellectual dust across every domain. In this scenario, our ability to contribute becomes virtually insignificant in all but the most artisanal of sectors. While this seems like the worst-case scenario, it’s not. If AI has goals different from ours, it may view humanity as a problem to be solved on the path to an optimal world, creating a doomsday scenario.
While building an all-powerful AI seems avoidable, some AI philosophers predict that once human-level AI exists, its ability to self-improve will rapidly cascade into super-intelligent AI if unchecked. Given the advantages it would by definition have over us, a malevolent, superhuman AI would be a hard thing to reign in. The consequence is that we may have only one chance to design AI to be “human-friendly”. A reliable solution to this “control problem” is arguably one of the biggest unsolved AI problems today.
It goes without saying that AI technology and its applications should be guided to enhance our economy and society to the greatest extent possible, while minimizing catastrophic risk. The open question is how best to do this in a world of tradeoffs. …
A new Manhattan Project
Aggressive, governmental funding of AI technology may on the surface seem optional but the underlying dynamics are complex. Because of the advantages a superhuman AI will confer to its “owner” and the existential risks it would simultaneously present humanity, many of the dynamics begin to resemble those behind the race toward an atomic bomb. Without an unprecedented level of international cooperation, a new effort paralleling the Manhattan Project might become the logical path forward for many nations and coalitions. (read full article…)
4/13/2015 - Meet the Bots
April 13, 2015 – Slate
Meet the Bots
Artificial stupidity can be just as dangerous as artificial intelligence.
by Adam Elkus
The day that science fiction writers have feared for so long has finally come—the machines have risen up. There is nowhere you can run and nowhere you can hide. The software “bot” onslaught is here, and every Homo sapien is a target of the limitless legions of unceasing, unemotional, and untiring automatons. Resistance is futile, silly human—the bots are on the march. To get a scale of the size of the automated army arrayed against us, consider that a 2014 story reported that one-third of all Web traffic is considered to be fake. The bots are pretending to be us.
Bots, like rats, have colonized an astounding range of environments. Play online video games? That dude with seemingly superhuman reflexes that keeps pwning you is probably a bot. Go on the online dating platform Tinder and you will be targeted by wave after wave of these rapacious robotic creatures as you search for love and companionship. Want to have a conversation with people on Twitter? Some of them are probably not human. Have the temerity to go up against the Kremlin or even the Mexican government with an opposing point of view? Call John Connor, because here come the bots—bots that try to relentlessly remind you of things favorable to the regime, bots that try to stop protests, and many other automated instruments of political repression. And, if that weren’t enough, hackers may use bots to automate a variety of dastardly deeds.
Tesla’s Elon Musk and the famous astrophysicist Stephen Hawking have become standard-bearers for the growing fear over artificial intelligence—but perhaps the most fascinating element here is that their warnings focus on hypothetical malicious automatons while ignoring real ones. Musk, in a recent interview, mused about whether we would be lucky if future robots enslaved us as pets. Yet today humankind is imperiled by a different type of bot onslaught from which there is no escaping, and Musk has not sounded the alarm. Perhaps that is due to the fact that the artificial menace behind this rise of the machines is not really anything we would consider to be “artificial intelligence.” Instead, to survey the bot armies marching across the Internet is to marvel at the power of artificial stupidity. Despite bots’ crudely coded, insectoid simplicity, they have managed to make a lot of people’s lives miserable.
So what’s a bot? Despite the name bot, these nonhuman Internet entities are not (contra to stock art in tech articles), literally robots typing on keyboards with metallic fingers. They are crude computer programs, ably defined by James Gleick in a New York Review of Books piece:
It’s understood now that, beside what we call the “real world,” we inhabit a variety of virtual worlds. Take Twitter. Or the Twitterverse. Twittersphere. You may think it’s a stretch to call this a “world,” but in many ways it has become a toy universe, populated by millions, most of whom resemble humans and may even, in their day jobs, be humans. But increasing numbers of Twitterers don’t even pretend to be human. Or worse, do pretend, when they are actually bots. “Bot” is of course short for robot. And bots are very, very tiny, skeletal, incapable robots—usually little more than a few crude lines of computer code. The scary thing is how easily we can be fooled.
So why is it called a “bot” despite the fact that it is far simpler than most real-world robots, which have complex software architectures? To answer this question is to go to some foundational debates about what machine intelligence really represents. In their textbook on artificial intelligence, David Poole and Alan Mackworth delineate several approaches to building artificial agents. One is to make a complex computer program that functions well in an environment simplified for the agent. For example, a factory robot can do well in its industrial home but might very well be lost outside that context. The other is to make a simple, buglike agent with limited abilities to reason and act but the ability to function in a complex and interactive environment. Many bio-inspired robots fit this design paradigm. (read full article…)
4/13/2015 - Schneier on ‘really bad’ IoT security
April 13, 2015 – Network World
Schneier on ‘really bad’ IoT security: ‘It’s going to come crashing down’
Security expert Bruce Schneier has looked at and written about difficulties the Internet of Things presents – such as the fact that the “things” are by and large insecure and enable unwanted surveillance – and concludes that it’s a problem that’s going to get worse before it gets better. After a recent briefing with him at Resilient Systems headquarters in Cambridge, Mass., where he is CTO, he answered a few questions about the IoT and what corporate security executives ought to be doing about it right now. Here’s a transcript of the exchange.
What should enterprises worry about when it comes to the Internet of things?
Everything.
What practical steps should a CSO/CISO take now, anticipating there will be this IoT to deal with?
There’s nothing you can do. This is very much like the computer field in the ‘90s. No one’s paying any attention to security, no one’s doing updates, no one knows anything – it’s all really, really bad and it’s going to come crashing down.
And it will be worse because these are going to be low-margin devices, low-cost devices. You update your computer and phone every three to five years. You update your thermostat approximately never. Home routers today. Do you know the way you patch your home router? You throw it away and buy a new one. And that is going to be a freakin’ disaster.
This is a tough one. It’s like the computer ecosystem in the mid-90s but without things like the profit margin. Companies will make “the thing” and they just put it out there and then they make the next thing. There’s nobody left on staff to do updates, who knows how it works. It’s not like your OS. So when you look at the cars, the thermostats, the refrigerators – it’s going to be bad.
Home routers is where we’re seeing it right now. Low cost, binary blobs, no one knows how they work, there’s no one to update them, lots of vulnerabilities, and we’re just stuck with it. Look at routers. When you see where routers are you’ll see where everyone else is going. It’s not good.
Is there a way to predict what the likely problems will be that the CIO/CISO will face?
Yes. They will all happen, all the time. I can with 100% certainty predict the problems. There will be vulnerabilities, they’ll be exploited by bad guys, and there will be no way to patch them. (read full article…)
4/13/2015 - Cyberattacks on industry double in 2014
April 13, 2015 – Computer Business Review
Cyberattacks on SCADA and industry double in 2014, says Dell
by Jimmy Nicholls
Why we could be seeing more Stuxnets in the future
Cyberattacks against industrial targets doubled last year as hackers made increasing use of encryption to hide themselves, according to data from the computer manufacturer Dell. Analysis from the firm’s intelligence network showed an 100% increase in attacks against supervisory control and data acquisition (SCADA) systems, which are used to monitor and control industrial processes.
Florian Malecki, product marketing director of network security at Dell, said: “We have got all these benefits from the internet, but from a cyber-war point of view what does that really mean? Rather than attack a nation with bombs or planes all future terrorists could soon hack into the network from where all our cars are being driven.”
Attacks on industrial systems can cause graver damage than traditional hacking, disrupting manufacturing processes or even disabling critical infrastructure. Such assaults have previously been the exclusive domain of governments because of the resources needed, with the most famous example being the use of the Stuxnet virus to damage Iranian nuclear centrifuges at the end of 2009, in an attack thought to have been backed by the US and Israel.
Of the attacks against Scada that Dell saw most were said to have been against Finland, the UK and the US, most likely because the technology is commonly used in those countries, with the systems often connected to the internet.
“Since companies are only required to report data breaches that involve personal or payment information, Scada attacks often go unreported,” said Patrick Sweeney, executive director, Dell Security. “This lack of information sharing combined with an aging industrial machinery infrastructure presents huge security challenges that will to continue to grow in the coming months and years.” (read full article …)
4/11/2015 - Cameras-everywhere science fiction becomes reality
April 11, 2015 – LA Times
In a cameras-everywhere culture, science fiction becomes reality
by Tracey Lien and Paresh Dave
Science fiction writer David Brin calls it “a tsunami of lights” — a future where tiny cameras are everywhere, lighting up everything we do, and even predicting what we’ll do next.Unlike George Orwell’s novel “1984,” where only Big Brother controlled the cameras, in 2015, cheap, mobile technology has turned everyone into a watcher.
A snowboarder with a GoPro can post a YouTube video of a friend’s 540-degree McTwist in the halfpipe. But also — as happened recently — a Penn State fraternity can upload Facebook photos of partially naked, sleeping college women.
A San Jose homeowner cowers behind a locked door while she watches an intruder stroll through her home on a surveillance video. A man launches a drone to spy on his neighbor tanning by her pool. Pet owners monitor their dogs.
With each technological advance, more of our lives — from the humdrum to the hyper-dramatic — is being caught on camera.
That includes the police, whose actions can be recorded by anyone with a camera phone. In South Carolina, a cellphone video released last week showed a police officer firing eight shots at a fleeing man’s back. In San Bernardino County, news choppers captured footage of deputies punching and kicking a man as he lay face-down on the ground with his hands behind his back.
“Painting a picture that cameras are everywhere and anywhere is pretty provocative,” said Ryan Martin, a technology analyst at 451 Research, but it can also present opportunities to increase accountability and improve safety.
There are 245 million surveillance cameras installed worldwide, according to research firm IHS, and the number increases by 15% a year.
Surveillance technologies are evolving in fascinating ways. Google researchers are developing a camera small enough to fit on a contact lens.
That may be years off, but other cutting-edge ideas are hitting the market now.
ParaShoot is selling a $199 HD camera that’s light enough to wear on a necklace or stick to a wall or car dashboard. “Never miss the meaningful moments again,” the company touts. …
The U.S. Department of Defense is developing video-monitoring technology called Mind’s Eye to predict crime before it happens, not unlike the 2002 movie “Minority Report,” starring Tom Cruise.
China is using face-recognition technology to identify dissidents as part of its Gold Shield Internet monitoring and censorship program.
It’s not just governments that are collecting rich stores of data. Facebook uses face-recognition technology to identify users’ friends in photos. (read full article …)
4/10/2015 - DARPA's AI Search For Crime
April 10, 2015 – Forbes
Memex In Action: Watch DARPA Artificial Intelligence Search For Crime On The ‘Dark Web’
by Thomas Fox-Brewster
Of late, DARPA has shown a growing interest in open sourcing its technology, even if its most terrifying creations, like army robot wildcats designed to reach speeds of 50Mph, are understandably kept private. In a week’s time, the wider world will be able to tinker with components of the military research body’s in-development search tool for the dark web. The Memex technology, named after an mechanical mnemonic dreamt up just as the Second World War was coming to a close, has already been put to use by a number of law enforcement agencies, who are looking to counter crime taking place on networks like Tor, where Hidden Services are protected by the privacy-enhancing, encrypted hosting, often for good, often for bad. In its first year, the focus at Memex has been on tracking human trafficking, but the project’s scope stretches considerably wider.
It’s likely that in the coming weeks many other law enforcement agencies will avail themselves of the search tools, which will land on DARPA’s Open Catalog next Friday (though DARPA told FORBES the release could be pushed back to the following Monday). FORBES got an exclusive look at the front end of one of the search technologies created by one of the Memex team, a group of self-proclaimed hackers called Hyperion Gray.
According to Alejandro Caceres, who heads up the Hyperion Gray team, a handful of his firm’s tools will be available, including “advanced web crawling and scraping technologies, with a dose of Artificial Intelligence and machine learning, with the goal of being able to retrieve virtually any content on the Internet in an automated way”. It’s solution to the problem of finding crime on the so-called “dark web” (a term anathema to Tor’s supporters), is called SourcePin. It is trying to overcome one of the main barriers to modern search: crawlers can’t click or scroll like humans do and so often don’t collect “dynamic” content that appears upon an action by a user.
“Our approach to solving this problem is to build a system that sees the web more like a human user with a browser, and therefore actually behaves like a human user by using a browser to crawl the web, to the point of being able to scroll down a page, or even hover over an object on the page to reveal more content…. we are teaching the system how to act like a human and handle virtually any web page scenario. Eventually our system will be like an army of robot interns that can find stuff for you on the web, while you do important things like watch cat videos,” says Caceres.
The videos below show the SourcePin front end in action, bringing up a host of Tor-based .onion sites with a tile-based user interface, the latter being a newer version. Clicking on a link brings up more information on the site, which in this case is Euro Guns, described as “the number one gun dealer in onionland [another name for Tor]”, where visitors can buy weapons and ammo in exchange for bitcoin. (read full article…)
4/9/2015 - Emergency meeting after Isis cyber-attack
April 9, 2015 – The Guardian
French media groups to hold emergency meeting after Isis cyber-attack
by Angelique Chrisafis and Samuel Gibbs
France’s culture minister is to call an urgent meeting of French media groups to assess their vulnerability to hacking after the public service television network TV5Monde was taken over by individuals claiming to belong to Islamic State, blacking out broadcasts as well as hacking its websites and Facebook page.
All TV5Monde broadcasts were brought down in a blackout between 10pm and 1am local time on Wednesday to Thursday by hackers claiming allegiance to Isis. They were able to seize control of the television network founded by the French government in 1984, simultaneously hacking 11 channels as well as its website and social media accounts.
Experts say the cyber-attack represented a new level of sophistication for the Islamist group, which has claimed complex hacking before, but nothing as big as this. The Paris prosecutor’s office has opened a terrorism investigation into the attack.
The culture minister, Fleur Pellerin, said she would bring together all heads of big French TV companies as well as newspaper groups and the news agency Agence France-Presse within 24 hours “to assure myself of their vulnerable points, any risks that exist and the best way to deal with it”.
The interior minister, Bernard Cazeneuve, said France had already increased its anti-hacking measures to protect against cyber-attacks following January’s gun attacks on the satirical weekly Charlie Hebdo and the bloody hostage-taking at a Kosher grocery store in Paris, which left 17 people dead.
The prime minister, Manuel Valls, called the attack on TV5Monde “an unacceptable insult to freedom of information and expression”.
During the attack, the hackers posted documents on TV5Monde’s Facebook page purporting to be the identity cards and CVs of relatives of French soldiers involved in anti-Isis operations, along with threats against the troops.
“Soldiers of France, stay away from the Islamic State! You have the chance to save your families, take advantage of it,” read one message. (read full article …)
4/9/2015 - Unnerving artificial intelligence in 'Ex Machina'
April 9, 2015 – Los Angeles Times
Unnerving consideration of artificial intelligence in ‘Ex Machina’
by Kenneth Turan
Shrewdly imagined and persuasively made, “Ex Machina” is a spooky piece of speculative fiction that’s completely plausible, capable of both thinking big thoughts and providing pulp thrills. But even saying that doesn’t do this quietly unnerving film full justice.
The compelling directorial debut for novelist and screenwriter Alex Garland, “Ex Machina” is also an involving chamber drama featuring emotional moves and countermoves by a trio of individuals played by Domhnall Gleeson, Oscar Isaac and Alicia Vikander. Except one of them just happens to be machine-made.
The title “Ex Machina” comes from the Latin phrase deus ex machina, translated as god from the machine. Its origins have to do with Greek drama, but the reference here is to man playing god, to the unthought-of complications involved in creating sentient life.
Stories about artificial intelligence are a frequent science fiction topic, from Czech writer Karel Capek’s 1920 play “R.U.R.” (which coined the term “robot”) to Spike Jonze’s invisible “Her.” But the lumbering image that the word “robot” conveys is all wrong for Ava, stunningly played by Vikander, a creature of otherworldly delicacy and beauty who intentionally doesn’t look like AI we’ve seen before. Simultaneously naive and knowing, she seems to be discovering the world right before our eyes.
Before we get to Ava, however, we meet Caleb Smith, expertly played by Gleeson, who here combines a smidgen of savvy with his trademark open-faced innocence. …
One reason for the success of “Ex Machina” is that Ava herself, in terms of design, acting and technology, is such a remarkable and compelling creation. Conceived by the comic book artist known as Jock, her look combines shiny mesh with translucent material on her arms and torso that reveal the mechanism within. “You can see that I am a machine” is one of the first things Ava says to Caleb, and, after six months of post-production work by Andrew Whitehurst of VFX house Double Negative, the film’s visual effects supervisor, that edgy combination of human and machine is exactly what we see. (read full article …)
4/9/2015 - France's TV5Monde 'hit by Islamic State hackers'
April 9, 2015 – BBC News
France’s TV5Monde ‘hit by Islamic State hackers’
The French television network TV5Monde says it has suffered an “unprecedented” attack from hackers claiming to belong to Islamic State (IS). TV5Monde said its TV station, website and social media accounts were all hit.
The hackers also posted documents purporting to be ID cards of relatives of French soldiers involved in anti-IS operations.
TV5Monde regained control over most of its sites about two hours after the attack began.
Its digital director, Helene Zemmour, called the hack “unprecedented and large-scale”.
A message posted by the hackers on TV5Monde’s Facebook site read: “The CyberCaliphate continues its cyberjihad against the enemies of Islamic State.” (read full article …)
4/8/2015 - Can the Military Make a Prediction Machine?
April 8, 2015 – Defense One
Can the Military Make a Prediction Machine?
by Patrick Tucker
What could the military do if it could better understand the massive amounts of data that humanity creates, an estimated 2.5 quintillion bytes every day? Could it predict aspects of the future?
If Pentagon funds can help create—even partially—a machine capable of understanding cause and effect, or causality, and do so on the scale of thousands of signals, data points, and possible conclusions, then, perhaps, big data will reach its real potential: a predictive tool that allows leaders to properly position soldiers, police forces, and humanitarian relief long before the action starts.
Among the military programs probing this new realm is Big Mechanism, run by the Defense Advanced Research Projects Agency, or DARPA. It seeks to turn machine-collected (or machine-generated) data into real insights into complex systems, and do so automatically.
Join Patrick Tucker online for a video discussion with DARPA’S Paul Cohen and IARPA’s Jason Matheny at 11 a.m. EDT on Monday, April 13. Sign up here for the Defense One viewcast.
Some, such as Wired’s Bruce Sterling, have suggested that access to huge amounts of data, which makes correlational analysis easier, has made old-fashioned, theory-based science obsolete. But in a recent conversation with Defense One, DARPA program manager Paul Cohen said he was looking more to mechanize the human capacity for causation, rather than innovate around it. “We’re a very much aiming toward a new science, but we’re very much interested in causal relationships,” he said. “What we’re finding is that mathematical modeling of systems is very hard to maintain.”
The supply of data, it turns out, is growing too quickly for the human race to use it effectively to solve big problems. The expanding reach and power of computational intelligence is both cause and, at least potentially, cure.
“Having big data about complicated economic, biological, neural and climate systems isn’t the same as understanding the dense webs of causes and effects—what we call the big mechanisms—in these systems,” Cohen said last year. “Unfortunately, what we know about big mechanisms is contained in enormous, fragmentary and sometimes contradictory literatures and databases, so no single human can understand a really complicated system in its entirety. Computers must help us.” (read full article …)
4/8/2015 - How the U.S. thinks Russians hacked the White House
April 8, 2015 – CNN
How the U.S. thinks Russians hacked the White House
by Evan Perez and Shimon Prokupecz
Russian hackers behind the damaging cyber intrusion of the State Department in recent months used that perch to penetrate sensitive parts of the White House computer system, according to U.S. officials briefed on the investigation.
While the White House has said the breach only affected an unclassified system, that description belies the seriousness of the intrusion. The hackers had access to sensitive information such as real-time non-public details of the president’s schedule. While such information is not classified, it is still highly sensitive and prized by foreign intelligence agencies, U.S. officials say.
The White House in October said it noticed suspicious activity in the unclassified network that serves the executive office of the president. The system has been shut down periodically to allow for security upgrades.
The FBI, Secret Service and U.S. intelligence agencies are all involved in investigating the breach, which they consider among the most sophisticated attacks ever launched against U.S. government systems. The intrusion was routed through computers around the world, as hackers often do to hide their tracks, but investigators found tell-tale codes and other markers that they believe point to hackers working for the Russian government.
National Security Council spokesman Mark Stroh didn’t confirm the Russian hack, but he did say that “any such activity is something we take very seriously.”
“In this case, as we made clear at the time, we took immediate measures to evaluate and mitigate the activity,” he said. “As has been our position, we are not going to comment on [this] article’s attribution to specific actors.”
Neither the U.S. State Department nor the Russian Embassy immediately responded to a request for comment.
Ben Rhodes, President Barack Obama’s deputy national security adviser, said the White House’s use of a separate system for classified information protected sensitive national security-related items from being obtained by hackers.
“We do not believe that our classified systems were compromised,” Rhodes told CNN’s Wolf Blitzer on Tuesday.
“We’re constantly updating our security measures on our unclassified system, but we’re frankly told to act as if we need not put information that’s sensitive on that system,” he said. “In other words, if you’re going to do something classified, you have to do it on one email system, one phone system. Frankly, you have to act as if information could be compromised if it’s not on the classified system.”
To get to the White House, the hackers first broke into the State Department, investigators believe.
The State Department computer system has been bedeviled by signs that despite efforts to lock them out, the Russian hackers have been able to reenter the system. One official says the Russian hackers have “owned” the State Department system for months and it is not clear the hackers have been fully eradicated from the system.
As in many hacks, investigators believe the White House intrusion began with a phishing email that was launched using a State Department email account that the hackers had taken over, according to the U.S. officials.
Director of National Intelligence James Clapper, in a speech at an FBI cyberconference in January, warned government officials and private businesses to teach employees what “spear phishing” looks like.
“So many times, the Chinese and others get access to our systems just by pretending to be someone else and then asking for access, and someone gives it to them,” Clapper said.
The ferocity of the Russian intrusions in recent months caught U.S. officials by surprise, leading to a reassessment of the cybersecurity threat as the U.S. and Russia increasingly confront each other over issues ranging from the Russian aggression in Ukraine to the U.S. military operations in Syria.
Sen. Susan Collins said the revelations of the Russian hack “are troubling and further expose that our nation’s defenses against cyber-attacks are dangerously inadequate.” The Republican senator from Maine said the breach showed the need to pass legislation to encourage the government and private companies to bolster their cyber defenses.
The attacks on the State and White House systems is one reason why Clapper told a Senate hearing in February that the “Russian cyberthreat is more severe than we have previously assessed.” (read full article …)
4/7/2015 - ISIL Defacements Exploiting WordPress Vulnerabilities
April 7, 2015 – FBI Public Service Announcement
ISIL Defacements Exploiting WordPress Vulnerabilities
Alert Number: I-040715a-PSA
Summary
Continuous Web site defacements are being perpetrated by individuals sympathetic to the Islamic State in the Levant (ISIL) a.k.a. Islamic State of Iraq and al-Shams (ISIS). The defacements have affected Web site operations and the communication platforms of news organizations, commercial entities, religious institutions, federal/state/local governments, foreign governments, and a variety of other domestic and international Web sites. Although the defacements demonstrate low-level hacking sophistication, they are disruptive and often costly in terms of lost business revenue and expenditures on technical services to repair infected computer systems.
Technical Details
Researchers continue to identify WordPress Content Management System (CMS) plug-in vulnerabilities, which could allow malicious actors to take control of an affected system. Some of these vulnerabilities were exploited in the recent Web site defacements noted above. Software patches are available for identified vulnerabilities.
Successful exploitation of the vulnerabilities could result in an attacker gaining unauthorized access, bypassing security restrictions, injecting scripts, and stealing cookies from computer systems or network servers. An attacker could install malicious software; manipulate data; or create new accounts with full user privileges for future Web site exploitation.
Threat
The FBI assesses that the perpetrators are not members of the ISIL terrorist organization. These individuals are hackers using relatively unsophisticated methods to exploit technical vulnerabilities and are utilizing the ISIL name to gain more notoriety than the underlying attack would have otherwise garnered. Methods being utilized by hackers for the defacements indicate that individual Web sites are not being directly targeted by name or business type. All victims of the defacements share common WordPress plug-in vulnerabilities easily exploited by commonly available hacking tools.
Defense
The FBI recommends the following actions be taken:
- Review and follow WordPress guidelines:
http://codex.wordpress.org/Hardening_WordPress - Identify WordPress vulnerabilities using free available tools such as
http://www.securityfocus.com/bid,
http://cve.mitre.org/index.html,
https://www.us-cert.gov/ - Update WordPress by patching vulnerable plugins:
https://wordpress.org/plugins/tags/patch - Run all software as a non-privileged user, without administrative privileges, to diminish the effects of a successful attack
- Confirm that the operating system and all applications are running the most updated versions
4/7/2015 - Distributed Artificial Intelligence Climbs Out Of The Box
April 7, 2015 – The Platform
Distributed Artificial Intelligence Climbs Out Of The Box
by Nicole Hemsoth
If complex artificial intelligence applications could easily be run on the fly across hundreds of thousands of compute cores around the world–and at a cost that significantly undercuts the top public cloud providers–a new world of potential uses and new applications will certainly flourish. So, too, would the company capable of providing such a paradigm.
Long the domain of big supercomputing sites in research and commercial spheres, AI at this scale has been off limits for all but the largest institutions. But one startup, not long out of stealth and armed with the creators of Siri on the software side and some mysterious hardware infrastructure, and $143 million to push to the its own massive grid of compute, is aiming to make this a reality. The interesting thing is that the company has already shown how it can work in the context of some unique use cases–but the question is how it actually can compete in price, performance, and scalability. …
It turns out, the same concepts that underpin large-scale distributed computing projects like Folding@Home, which taps into unused computing power, is at the core of Sentient’s push to provide millions of cores for large-scale financial, medical, and other AI projects. The question is, however, why, with the “unlimited” resources from large public cloud providers like Amazon Web Services, would a user choose to carry out a massive-scale AI project using this approach, especially when AWS, Google Cloud Platform, Microsoft Azure, and other providers have standardized hardware, an exact view of system performance, a sense of where the workloads are running, and what is essentially a straightforward pricing model. …
Distributed computing for artificial intelligence across a large pool of remote, diverse resources (not in the monolithic cloud sense) might sound like a grand challenge on the compute side, but Beberg says new middleware and container tools are making this a possibility. Even for massive jobs that require many thousands of compute cores.
While it’s tempting to detail the AI stack that Sentient has built, a lot of that is homegrown and secret sauce, says Beberg. The use cases are noteworthy, too, but the question is how the scale required for these massive distributed workloads is achieved given the performance and data movement that demanding AI applications need. While the processing power of the CPU cores is important here, it isn’t just about raw floating point capability. Because of the data movement issues inherent to any distributed computing problem, the company’s approach is not a good fit for classic data-intensive problems with massive file sizes, but Sentient says it is already utilizing petaflops of computing capacity, even if the datasets are at terabyte scales. In other words, for compute-intensive workloads, which certainly describes AI, the approach the company has come up with can be a useful way to scale and retain performance.
Sentient has found some interesting ways to get around that data movement problem, which is derived from the middleware, scheduling, and application delivery and packaging platforms that Beberg has helped develop. At the highest level, Sentient has built some clever caching and pre-fetching tools, which is essential to countering the data movement bottleneck. A large amount of the data is used over and over again, with new writes happening as “learning” takes place in the software. This cuts down on the constant back and forth, streamlines the read/write process, clearing the way for optimization of how data is managed. Of course, given the mixed resources and other demands, the story does not end there. (read full article…)
4/7/2015 - Company promises 'human' artificial intelligence
April 7, 2015 – Australian Financial Review
Aussie investors back company that promises ‘human’ artificial intelligence
by Timna Jacks
Former mining stock Aziana Limited has whet Australian investors’ appetite for science fiction, with its share price jumping 125 per cent since it announced it was acquiring a US-based tech company called BrainChip, which promises artificial intelligence through a microchip that replicates the neural system of the human brain.
Shares in the company closed at 9¢ before the Easter long weekend, having been priced at just 4¢ when the backdoor listing of BrainChip was announced to the market on March 18.
The technology has the capacity to learn autonomously and can form memories and associations in the same way as a biological brain. It works 5000 times faster and uses a thousandth of the power of the fastest computers available today.
Creator of the patented digital chip, Peter Van Der Made told The Australian Financial Review the technology has the capacity to learn autonomously, due to its composition of 10,000 biomimic neurons, which, through a process known as synaptic time-dependent plasticity, can form memories and associations in the same way as a biological brain. He said it works 5000 times faster and uses a thousandth of the power of the fastest computers available today.
Mr Van Der Made said the technology – technically known as a Spiking Neuron Adaptive Processor (SNAP) – would have myriad commercial uses, with an early lucrative option likely to be in smartphones, within 12 months.
“Smartphones are a very big focus. BrainChip’s technology can recognise your voice, so you could unlock the phone by talking to it, which means you could use it as a security device to control not just your smartphone, but other devices too. We’re also thinking about things like facial recognition,” he said.
The chip has endless potential applications, including driverless cars, implantable prostheses, drones, forecasting and insurance risk analysis. It could also theoretically give sight to blind people with an artificial retina; inject “life-like character” in avatars in computer games; serve as an intelligence sensor and safety device for aircraft and cars, and a security solution for the so-called Internet of Things, Mr Van Der Made said. (read full article…)
4/6/2015 - Executive Order On Cyber Crime is No Joke
April 6, 2015 – EFF Deeplinks Blog
The White House’s New Executive Order On Cyber Crime is (Unfortunately) No Joke
by Nadia Kayyali and Kurt Opsahl
On the morning of April 1st, the White House issued a new executive order (EO) that asserts that malicious “cyber-enabled activities” are a national threat, declares a national emergency, and establishes sanctions and other consequences for individuals and entities. While computer and information security is certainly very important, this EO could dangerously backfire, and chill the very security research that is necessary to protect people from malicious attacks.
We wish we could say it was a very well-orchestrated April Fool’s joke, it appears the White House was serious. The order is yet another example of bad responses to very real security concerns. It comes at the same time as Congress is considering the White House’s proposal for fundamentally flawed cybersecurity legislation.
That perhaps shouldn’t be surprising, since so far, D.C.’s approach to cybersecurity hasn’t encouraged better security through a better understanding of the threats we face (something security experts internationally have pointed out is necessary). Instead of encouraging critical security research into vulnerabilities, or creating a better way to disclose vulnerabilities, this order could actually discourage that research.
The most pernicious provision, Section 1(ii)(B), allows the Secretary of the Treasury, “in consultation with” the Attorney General and Secretary of State, to make a determination that an person or entity has “materially … provided … technological support for, or goods or services in support of any” of these malicious attacks.
While that may sound good on its face, the fact is that the order is dangerously overbroad. That’s because tools that can be used for malicious attacks are also vital for defense. For example, penetration testing is the process of attempting to gain access to computer systems, without credentials like a username. It’s a vital step in finding system vulnerabilities and fixing them before malicious attackers do. Security researchers often publish tools, and provide support for them, to help with this testing. Could the E.O. be used to issue sanctions against security researchers who make and distribute these tools? On its face, the answer is…maybe. (read full article …)
4/6/2015 - Cyberattack hit FAA earlier this year
April 6, 2015 – NextGov
FAA Computer Systems Hit by Cyberattack Earlier this Year
by Aliya Sternstein
Hackers earlier this year attacked a Federal Aviation Administration network with malicious software, agency officials said Monday. In early February, FAA discovered “a known virus” spread via email on “its administrative computer system,” agency spokeswoman Laura Brown told Nextgov.
“After a thorough review, the FAA did not identify any damage to agency systems,” she added. …
Last month, however, federal auditors reported the air traffic system was vulnerable to cyberattacks. Vulnerabilities involving non-airspace systems also threaten flight safety, a March 2 Government Accountability Office review concluded.
“The excessive interconnectivity between [the National Airspace System] and non-NAS environments increased the risk that FAA’s mission-critical air traffic control systems could be compromised,” the report stated. (read full article …)
4/6/2015 - Will Artificial Intelligence Replace Social Media Marketers?
April 6, 2015 – The Content Standard
Will Artificial Intelligence Replace Social Media Marketers?
by Kyle Harper
In a press release last week, Boston-based artificial intelligence (AI) company Cortex announced it’s coming out of a “stealth round” of funding with half-a-million dollars and the revolutionary goal of providing marketers with AI-based tools for learning and optimizing their social media marketing efforts.
It sounds like something out of science fiction: Cortex claims its service can improve social media ROI by 400 percent using a “consolidation of tools, automation of redundant work, and by adding data to a currently unscientific practice.” This arrives as a slap in the face to many current SaaS programs for social marketers, like the popular Hootsuite, which rely on analytical and organizational approaches to improve social media.
Brennan White, CEO of Cortex, views these “multi-step” approaches to be too time-consuming. “Our average customer has seen a 400 percent increase in engagement and seven hours per user, per week of time saved,” claims White. “We’re making marketing less intrusive and more enjoyable.”
What many marketers (and certainly most consumers) don’t realize, however, is artificial intelligence is already an integral part of their social media experience. Seemingly simple functions, like automatically tagging faces or determining which stories appear in a News Feed, have consistently put Facebook at the forefront of AI for social media. In fact, Facebook has begun hosting an “open-source” platform for AI researchers and theorists to constantly improve the way AI impacts the social media experience. (read full article …)
4/6/2015 - Obama’s War On Hackers
April 6, 2015 – Dark Reading
Obama’s War On Hackers
by Jeremiah Grossman
Cybersecurity legislation, for the most part, is a good idea. But not without protections for bug bounty programs and other vital, proactive security research.
There has been a lot of discussion recently around President Obama’s plans to broaden the scope of legislation that would crack down on cybercrime in his proposed Modernizing Law Enforcement Authorities to Combat Cyber Crime plan. This proposal has raised a lot of questions for me and for many of my peers in the security research industry. Chief among them: will the research that I do, and that many in the community do, now become subject to investigation and possible prosecution?
Unfortunately, as currently proposed, the provisions are sufficiently vague so that solely consulting the law does little to clearly answer the question. That, for obvious reasons, leads to another set of questions:
- Who would I ask to find out if the research I am conducting might violate the law?
- Would inquiring put the spotlight on me and put my research at risk?
- And, in general, what are the overall implications to the security research community?
Cybersecurity legislation is a complex topic. I think the intention of the law is largely a good one: government wants to crack down on criminals who have the potential to cripple infrastructure that is vital not only to business but to the lives of citizens in general. Defining laws that would only target the bad guys, however, is a very tricky thing.
Those of us in the trenches of information security are very much aware of the proactive industry research that takes place every day with the goal of preventing such crippling attacks from ever happening. However, concerns that security research could also be seen as illegal might curtail involvement by some of the brightest and most talented minds in our security community. Fear alone is a very credible deterrent, and unless there is a means for researchers to verify their research without fear, vital research will never see the light of day, or it will be taken overseas. (read full article…)
4/4/2015 - Police pay ransom after cryptolocker attack
April 4, 2015 – Tewksbury Town Crier
Police pay ransom after cyberterror attack on network
by Jayne W. Miller
Tewksbury [MA – pop. ~30,000] – Last December Tewksbury Police confronted a new, and growing, frontier in cyberterrorism when the CryptoLocker ransomware virus infected the department’s network, encrypting essential department files until the town paid a $500 bitcoin ransom. In total, police systems were down between four and five days as the department worked with the FBI, Homeland Security, Massachusetts State Police, as well as private firms in an effort to restore their data without paying the ransom.
According to the U.S. Department of Homeland Security’s Computer Emergency Readiness Team (US-CERT), CryptoLocker is a malware campaign that initially surfaced in 2013. CryptoLocker is a new variant of ransomware that restricts access to infected computers and demands the victim provide a payment to the attackers in order to decrypt and recover their files. As of this time, the primary means of infection appears to be through phishing emails containing malicious attachments, phony FedEx and UPS tracking notices, and even through pop-up ads.
Police Chief Timothy Sheehan told the Town Crier that Tewksbury was hit with a newer form of CryptoLocker, for which authorities did not have the key. Though initially infected sometime on December 7, the department became aware of the malware on December 8, 2014.
This kind of malware has the ability to find and encrypt files located within shared network drives, USB drives, external hard drives, network file shares and even some cloud storage drives. If one computer on a network becomes infected, mapped network drives could also become infected, which is what happened in Tewksbury. CryptoLocker then connects to the attackers’ command and control (C2) server to deposit the asymmetric private encryption key out of the victim’s reach.
Sheehan said that they believe the virus entered the system through the Officer –In-Charge’s (OIC) computer and began looking for a large store of data. Since all the computers have mapped drives and are networked, the virus went to the largest server – in this case that housed the Computer Aided Dispatch, records management, arrest logs, calls for service, motor vehicle matters, and so on – and encrypts everything, making it impossible to access.
“It basically rendered us in-operational, with respect to the software we use to run the Police Department,” said Sheehan.
Once officers tried to access the data following the malware infection, they received a demand for a $500 bitcoin ransom sent to a web address and account that cannot be traced by the FBI, State Police, or National Security. Bitcoin is a digital, peer-to-peer, currency with military-grade cryptography. While bitcoin promises security for online transactions, it has also become the preferred currency for ransomware, because it is untraceable. (read full article …)
4/3/2015 - How Facebook Will Be Everywhere in the ‘Connected World’
April 3, 2015 – Tech CheatSheet
How Facebook Will Be Everywhere in the ‘Connected World’
by Jess Bolluyt
Facebook has a vision for the future: a future in which millions more people around the globe are connected to the Internet — and to Facebook. Speaking at Facebook’s F8 Developer’s Conference, Facebook’s chief tech officer Mike Schroepfer told an audience how the social network plans to “build the connected world” through a trifecta of planetary connectivity, artificial intelligence, and virtual reality, as per a version of the keynote published on Backchannel. In doing so, Facebook will not only press onward with the tradition of each new generation of technology enabling people to connect with others in faster, more efficient, and more immersive ways, but use that push toward innovation to propel Facebook closer to ubiquity the world over. …
Artificial intelligence is also an important part of Facebook’s plans for the connected world. “AI can help people connect with the things that matter to them, but it requires a new kind of machine intelligence that can understand context,” Schroepfer says. Such artificial intelligence will underly Facebook’s future interfaces and systems. Facebook has already developed AI that can identify 487 different categories of sports in videos, and it’s developed a new technology it’s calling Memory Networks. The technology adds a kind of short-term memory to the convolutional neural networks that underpin existing deep learning systems, enabling them to understand language more deeply and answer relatively complex questions about texts they haven’t seen before.
Schroepfer says that Facebook considers shared experiences via virtual reality as the next phase in human communication. While virtual reality has long been a dream for the computing industry, the technology that enables the creation of immersive experiences is beginning to become a reality thanks to advances in processing power, graphics, and optical technology. Facebook’s Oculus team is building the hardware and software that Facebook hopes will “turn VR into something that millions of people will use every day.”
“With more connectivity, smarter AI, and immersive VR,” Schroepfer says, “people can stay closer to distant friends and family. The events and moments you share online — wishing happy birthday to a friend, celebrating an anniversary, or watching your kid ride a bike for the first time – can become even more awesome.” In building the technologies to make these goals possible, Facebook plans to work in the open and build communities around them to speed the pace of innovation.
‘Heading down the rabbit hole together’
But many are skeptical of Facebook’s intentions for the connected world. Co.Design’s Mark Wilson referred to Facebook’s 10-year plan for the connected world as the social network’s plot to “become the Matrix.” In Wilson’s assessment, Mark Zuckerberg’s chart of how technology has enabled people to share increasingly complex experiences — with text progressing to photos progressing to videos progressing to the next step of virtual and augmented reality — is a “beautiful conceit” about connecting humanity. However, Wilson thinks that Facebook doesn’t just want to map its social network onto a world that already exists. Instead, he argues, “They want to suck the real world inside Facebook’s virtual walls. They want you to live in the Facebook Matrix.”
Wilson thinks that Facebook doesn’t just want to map its social network onto a world that already exists. Instead, he argues, “They want to suck the real world inside Facebook’s virtual walls. They want you to live in the Facebook Matrix.”
Michael Abrash, the chief scientist at Facebook-owned Oculus VR, referenced the film more than once while speaking at F8, referencing red and blue pills and the nature of reality. But Abrash said, “Unlike Morpheus, I’m not offering you a choice [of pills] today. No matter what you pick, we’re heading down the rabbit hole together.”
Wilson takes this to mean that “Facebook is building an entire infrastructure to suck your physical life into its digital world. He points Facebook updating its Parse app development platform to tap in to the Internet of Things, the company’s development of visual artificial intelligence that defines what’s going on in the world around you, and Abrash’s projection that virtual reality platforms will evolve to enable users to “pull the real world into virtual reality,” letting them interact with real, physical things in the digital world. (read full article …)
4/3/2015 - Vital Oregon websites have security vulnerabilities
April 3, 2015 – Portland Tribune
Vital Oregon state websites a click away from security vulnerabilities
by Hillary Borrud
Oregonians who used state websites to pay child support, file unemployment claims and renew their vehicle registration in recent months were vulnerable to attackers who could intercept Social Security numbers and other sensitive information.
The state and private contractors left the door open to what is known as a “man in the middle attack” by using outdated encryption protocols on some websites. In that scenario, the attacker intercepts data as it’s passed from the sender to the intended recipient.
A spokeswoman for the Employment Department said Thursday, April 2, that to her knowledge, no one’s personal information had been compromised due to the weakness.
State employees do not know how many websites might have this vulnerability because although some information technology work is centralized at the Department of Administrative Services, many agencies have autonomous IT teams and websites, according to Oregon Chief Information Security Officer Stefan Richards.
The Pamplin Media Group/EO Media Group Capital Bureau tested more than a dozen websites and found several with outdated encryption protocols and other weaknesses. Most of the websites tested were on a list of vulnerable websites that a private Web developer sent the Department of Administrative Services in early February.
For example, the Employment Department website still uses the encryption protocol TLS 1.0 that has been known to be vulnerable for years, including at a portal where people are asked to enter Social Security numbers to file an unemployment claim.
A Web portal for Department of Human Services employees uses another older protocol, SSL 2, although the agency’s chief information officer Kristen Duus said the site does not contain sensitive information and the agency plans to upgrade it in a couple of weeks.
The Capital Bureau found two other state websites — the child support payment portal at the Oregon Department of Justice and the vehicle registration renewal portal at the DMV — using a newer, but still outdated and vulnerable, encryption technology called SSL 3.
“That does sound bad,” wrote Jacob Hoffman-Andrews, senior staff technologist for the Electronic Frontier Foundation, in an email Wednesday, April 1, after he learned of the situation. “It’s not likely to lead to bulk data breaches, but it means that individual’s data is at risk whenever they are accessing these websites.”
Richards, the state’s chief information security officer, also said the older protocols are known to be vulnerable. “I’m a little bit surprised there’s SSL 2 out there,” Richards said. He added that the problem “needs to be fixed” and “there’s kind of no excuse not to get rid of (SSL 2).” (read full article …)
4/3/2015 - The Rising US-China Cyber Stakes
April 3, 2015 – The Diplomat
The Rising US-China Cyber Stakes
Why is the Obama White House willing to risk Chinese retaliation over new cyber-espionage allegations?
by Robert Farley
The new executive order from the Obama administration significantly increases the stakes for Chinese and American firms. In the belief that private Chinese companies often benefit directly from industrial espionage (both state supported and privately conducted) against U.S. firms, the administration has determined that individual Chinese companies will be subject to financial and legal reprisal.
As several commentators have noted, the Chinese government may respond to this order by sanctioning U.S. firms working in China. This could dim the prospects of a wide swath of U.S. companies that depend on integration with the PRC, especially given that China has already evinced a willingness to respond to U.S. sanctions, and that U.S. companies face a tough environment with Chinese local government in the best of times.
But the Obama administration may be willing to take the risk of a hard stance on Chinese cyber-espionage. Industrial espionage isn’t the only, or even the most important, way for China to get technology from U.S. companies. Ever since China began attracting more FDI, Chinese companies have focused on the potential for technology transfer, which many Western firms have been happy to oblige. And despite the tremendous advances that the Chinese tech sector has made, technology transfers still flow much more heavily from the United States to China than the other way around. (read full article …)
4/2/2015 - IBM uncovers new bank transfer cyber scam
April 2, 2015 – Reuters
IBM uncovers new, sophisticated bank transfer cyber scam
by Bill Rigby
IBM has uncovered a sophisticated fraud scheme run by a well- funded Eastern European gang of cyber criminals that uses a combination of phishing, malware and phone calls that the technology company says has netted more than $1 million from large and medium-sized U.S. companies.
The scheme, which IBM security researchers have dubbed “The Dyre Wolf,” is small in comparison with more recent widespread online fraud schemes but represents a new level of sophistication.
According to IBM, since last year the attackers have been targeting people working in companies by sending spam email with unsafe attachments to get a variant of the malware known as Dyre into as many computers as possible.
If installed, the malware waits until it recognizes that the user is navigating to a bank website and instantly creates a fake screen telling the user that the bank’s site is having problems and to call a certain number.
If users call that number, they get through to an English-speaking operator who already knows what bank the users think they are contacting. The operator then elicits the users’ banking details and immediately starts a large wire transfer to take money out of the relevant account.
The use of a live phone operator is what makes the scheme unique, said Caleb Barlow, vice president of IBM Security.
“What’s very different in this case, is we saw a pivot of the attackers to use a set of social engineering techniques that I think are unprecedented,” said Barlow. “The focus on wire transfers of large sums of money really got our attention.” (read full article …)
4/2/2015 - Stuxnet Five Years Later: Did We Learn The Right Lesson?
April 2, 2015 – Dark Reading
Stuxnet Five Years Later: Did We Learn The Right Lesson?
by Andrew Ginter
No! That’s despite an abundance of best practices and standards that are shining light into the dark corners of industrial control system security.
The 5th anniversary of the day the Stuxnet worm came into public view is upon us. The worm triggered changes in industrial control systems products, networks, and methodologies. Looking back, what did we learn? Did we look for lessons where the light was brightest? Or did we look in the dark corners where our need was greatest? The bright light shining was “best practice violations.” What did the light show us?
- Stuxnet spread between sites on USB sticks. Poor USB device control is a best practice violation, and so we took action. Some of us glued USB ports shut. Many of us changed procedures to send of all of our industrial control system (ICS) information through firewalls to control the use of removable media.
- Stuxnet spread across networks for months using zero-day vulnerabilities. Hmm – zero-days happen in all software; there is no avoiding them. Some of us pushed the vendors for speedier security updates, and maybe invested a bit more in patch management, or maybe not. The bright light of best practice violations has little to say about zero-days.
- Stuxnet spread through IT/OT firewalls on SQL Server connections using a Siemens S7 hard-coded password. Hard-coded passwords are a serious best-practice violation, so we all criticized Siemens. In the best-practice theme of “passwords matter,” many of us accelerated our IT/OT integration plans and deployed Active Directory servers to centralize all password policies and password management.
In fact, many of us accelerated our IT/OT integration plans even more generally, moving responsibility for all ICS security functions into central, expert, IT security teams. Now we do ICS security “by the book,” applying all IT security best practices.
Breaching a zero-vulnerabilities network
Is this progress? I was talking to an ICS security architect for an industrial firm at a conference a few months ago. They were doing everything “by the book.” They had just passed an internal security audit by their IT security experts and, after years of work, their control system had come up squeaky clean. Zero vulnerabilities and compliant with all relevant cyber security standards and regulations.
So — icing on the cake — they brought in a penetration tester. They set her up on the corporate network. They told her:
Pretend the receptionist’s PC had been compromised in a standard targeted attack. Let’s say the malware evaded anti-virus because there are less than one hundred copies circulating world-wide, so there are no anti-virus signatures. Let’s say the malware escalated privilege by telling the receptionist he needed to install a video CODEC. Let’s say the malware stegographically tunnels a command-line interface through one of the thousands of web application protocols that the next-gen corporate firewalls understand.”
This is a classic, targeted attack. The pen-tester’s mission is to use her control over this one machine to break into the zero-vulnerabilities ICS network. How far does she get?
Five minutes later, she was in, controlling equipment on the ICS.
Five minutes.
Really? Five minutes? How is this possible? She simply continued with the standard targeted attack pattern. She downloads a password hash scraper and finds the domain administrator’s password hash on the compromised machine. The domain administrator, after all, was on the machine the day before adding the machine into the domain for the test.
She uses the hash to log into the domain controller and creates an account for herself with administrative privileges. She logs into one of the plant systems she sees exposed through the firewall. (I was not told which system. Remote Desktop? A SQL Server? The file server deployed to reduce the use of USB sticks?) There are many targets to choose from on a typical, zero-vulnerabilities, best-practice, integrated IT/OT firewall.
After five minutes, she says “I’m in. Do you want me to stir this pot?”
“Step away from the keyboard,” she is told. This system controls a large, complex, dangerous physical process. Any unqualified individual “stirring the pot,” however briefly, is an unacceptable risk. (read full article …)
4/1/2015 - Obama orders new cyber sanctions program
April 1, 2015 – The Christian Science Monitor
Obama signs order creating new cyber sanctions program
By Ken Dilanian and Julie Pace, Associated Press
President Obama on Wednesday created the first-ever sanctions program to penalize overseas hackers who engage in cyber spying and companies that knowingly benefit from the fruits of that espionage, potentially including state-owned corporations in Russia and China.
“Cyberthreats pose one of the most serious economic and national security challenges to the United States,” Obama said in a statement after signing an executive order creating the sanctions.
The order was the latest attempt by his administration to come up with options short of direct retaliation to deal with a growing cyberthreat coming from both nations and criminal groups. It gives the US the authority to sanction individuals and companies, though no specific penalties were announced.
Obama said the sanctions would apply to those engaged in malicious cyber activity that aims to harm critical infrastructure, damage computer systems, and steal trade secrets or sensitive information.
In a fact sheet, the White House said the sanctions would also apply to “a corporations that knowingly profits from stolen trade secrets.” Analysts have long suspected that state-owned companies in China and Russia are complicit in economic cyber espionage that targets the intellectual property of Western companies. (read full article …)
Share this:
- Click to print (Opens in new window)
- Click to share on Facebook (Opens in new window)
- Click to share on LinkedIn (Opens in new window)
- Click to share on Twitter (Opens in new window)
- Click to share on Reddit (Opens in new window)
- Click to share on Tumblr (Opens in new window)
- Click to share on Pinterest (Opens in new window)