• “Watershed attack:” Hackers deploy new ICS attack framework, disrupting critical infrastructure

    Hackers working for a nation-state recently invaded the safety system of a critical infrastructure facility in what cyber experts call “a watershed attack” that halted plant operations. Cybersecurity firm FireEye disclosed the incident on Thursday, saying it targeted Triconex industrial safety technology from Schneider Electric SE. Schneider confirmed that the incident had occurred and that it had issued a security alert to users of Triconex, which cyber experts said is widely used in the energy industry, including at nuclear facilities, and oil and gas plants. FireEye and Schneider declined to identify the victim, industry or location of the attack.

  • The border fence looms over these Texans. Should the government pay them?

    By Julián Aguilar, Kiah Collier, and T. Christian Miller

    Long before President Donald Trump promised to build a wall, Homeland Security used its powers of eminent domain to seize hundreds of acres of land in south Texas to construct a border fence. Under the law, if the government takes or damages your property, it’s supposed to pay to make you whole again. In Texas, the agency has paid $18 million to landholders over the last decade. But scores of Texas landowners who have lived in the shadow of the border fence for years were never compensated for any damage to their property values.

  • DNA has gone digital – what could possibly go wrong?

    By Jenna E. Gallegos and Jean Peccoud

    Biology is becoming increasingly digitized. Researchers like us use computers to analyze DNA, operate lab equipment and store genetic information. But new capabilities also mean new risks – and biologists remain largely unaware of the potential vulnerabilities that come with digitizing biotechnology. In 2010, a nuclear plant in Iran experienced mysterious equipment failures which paralyzed Iran’s nuclear weapons program. Months later, a security firm was called in to troubleshoot an apparently unrelated problem, and found a malicious computer virus called Stuxnet, which was telling uranium-enrichment centrifuges to vibrate. Stuxnet demonstrated that cybersecurity breaches can cause physical damages. What if those damages had biological consequences? Could bioterrorists target government laboratories studying infectious diseases? What about pharmaceutical companies producing lifesaving drugs? As life scientists become more reliant on digital workflows, the chances are likely rising. The emerging field of cyberbiosecurity explores the whole new category of risks that come with the increased use of computers in the life sciences.

  • Lawmakers request additional documents from DHS re: Kaspersky investigation

    U.S. House Science, Space, and Technology Committee chairman Lamar Smith (R-Texas) sent a letter Tuesday to the Department of Homeland Security (DHS) requesting documents and information related to the DHS directive to all government agencies to identify and remove Kaspersky Lab software from their computer systems.

  • Israeli walk-and-fly Rooster robot aids disaster relief

    By Brian Blum

    RoboTiCan’s Rooster robot can help reach injured victims of natural disasters where it is not safe to send a human rescue worker. Rooster got its name from the fowl’s preference for walking but being able to fly when necessary, Ofir Bustan, RoboTiCan’s COO, said. “Most of the time it walks, but when it runs into an obstacle, it can hover and fly.” That makes Rooster different from most other search-and-rescue robots, which can either walk or fly but not both – meaning they can get stuck or are too high above the ground to search effectively for survivors.

  • Germany considering requiring home, car alarm systems to be equipped with back doors

    The German government will next week discuss sweeping new surveillance powers aimed to improve public safety. The proposal to be discussed would require operators of car and house alarm systems to help police and security services in their efforts to spy on potential terrorists or criminals.

  • U.K. government agencies told to remove Kaspersky software from their systems

    In another example of a Western government taking decisive action to limit the ability of Russian government hackers to steal sensitive information, The U.K. cyber security agency on Friday has advised U.K. government agencies to remove Kaspersky Lab’s products from their systems.

  • The Gene Drive Files: Who is in charge of bioengineering research?

    Synthetic biology, also called “gene drives” or “bioengineering” – a field that uses technologies to modify or create organisms or biological components – can be used to benefit mankind, but may also be used by terrorists and nation-states to develop design pathogens which could be unleased to kill tens of millions of people. Critics of gene drives are alarmed by the fact that the U.S. military has been the main funder of synthetic biology research in the United States. Given the possible security vulnerabilities related to gene drives developments, a new report by the National Academies of Sciences proposes a framework to identify and prioritize potential areas of concern associated with the field. “While biotechnology is being pursued primarily for beneficial and legitimate purposes, there are potential uses that are detrimental to humans, other species, and ecosystems,” says one of the report’s authors. A nonprofit monitoring synthetic biology research releases new documents ahead of a key UN scientific conference on bioengineering.

  • Court recognizes first amendment right to anonymity even after speakers lose lawsuits

    By Aaron Mackey

    Anonymous online speakers may be able to keep their identities secret even after they lose lawsuits brought against them, a federal appellate court ruled last week. The decision by the U.S. Court of Appeals for the Sixth Circuit in Signature Management Team, LLC v. John Doe is a victory for online speakers because it recognized that the First Amendment’s protections for anonymous speech do not end once a party suing the anonymous speaker prevails. The ruling, however, is not all good news for anonymous speech. The test announced by the court sets unmasking as the default rule post-judgment, placing the burden on the anonymous party to argue against unmasking.

  • Federal agencies complete second phase of Kaspersky product removal

    The U.S. federal government has completed the first two phases of a three-part plan to remove all Kaspersky Lab’s products from government computer systems. The U.S. intelligence community said that the Russian cybersecurity company’s anti-virus software was used to collect sensitive information from the systems on which it was installed, and deliver that information to Russia’s intelligence agencies.

  • Economic damage of carbon emissions costlier than earlier thought

    The data used to calculate the damage that an additional ton of carbon dioxide has on the global economy has long relied on outdated science. Recent updates modeled raise the calculations of those costs significantly and change the outlook on climate change from a positive for agriculture to a negative. When the most recent science is brought to bear, one of the major models used to calculate the social cost of carbon (SCC) moves the figure to $19.70, an increase of 129 percent.

  • An armed robber’s Supreme Court case could affect all Americans’ digital privacy for decades to come

    By H. V. Jagadish

    A man named Timothy Carpenter planned and participated in several armed robberies at Radio Shack and T-Mobile stores in Michigan and Ohio between 2010 and 2012. He was caught, convicted and sentenced to 116 years in federal prison. His appeal, which was heard by the U.S. Supreme Court on 29 November, will shape the life of every American for years to come – no matter which way it’s decided. The FBI found Timothy Carpenter because one of his accomplices told them about him. I believe the FBI could have obtained a search warrant to track Carpenter, if agents had applied for one. Instead, federal agents got cellphone location data not just for Carpenter, but for fifteen other people, most of whom were not charged with any crime. One of them could be you, and you’d likely never know it. The more people rely on external devices whose basic functions record and transmit important data about their lives, the more critical it becomes for everyone to have real protection for their private data stored on and communicated by these devices.

  • Antivirus but not anti-spy

    The late senator William Proxmire of Wisconsin (he died in 1989) made a name for himself for his Golden Fleece Awards — awards given each year to the most wasteful U.S. government programs. Senator James Lankford (R-Oklahoma), continuing in Proxmire’s tradition, has just released the third volume of his annual of his Federal Fumbles: 100 Ways the Government Dropped the Ball. One of the U.S. federal government’s major fumbles has been the way it has dealt with Russian cybersecurity firm Kaspersky Lab. The U.S. intelligence community has long suspected that Kaspersky Lab was using its popular antivirus software – used not only by individuals and corporations, but also by U.S. government agencies – to collect sensitive information from the computer systems on which the software was installed, and deliver that information to the GRU and the FSB, the KGB’s successor agency.

  • Risk management strategies to help communities deal with earthquakes

    As much as humanity tries, the attempt to avoid natural disasters sometimes seems almost futile. Be it a tornado, hurricane, earthquake or wildfire, everyone, at some point, will likely be affected by the results of a natural disaster. But the task of the people in each instance of a disaster is to return to a sense of normalcy, to get back to living life as closely to how they had lived before the natural disaster occurred. To do that means dependency on the infrastructure of their community, where the resumption of interrupted electrical power or the water supply is crucial to the recovery efforts. How quickly communities are able to become operational is directly proportional to the strength of the infrastructure in that community and the efficiency of the risk management plan in place designed to deal with such disasters.

  • Inaction on climate change has “jeopardized human life”: Report

    A major new report into climate change shows that the human symptoms of climate change are unequivocal and that the delayed response to climate change over the past twenty-five years has jeopardized human life and livelihoods. The human symptoms of climate change are unequivocal and potentially irreversible – affecting the health of populations around the world today.