-
The “Mask": Kaspersky Lab discovers advanced global cyber-espionage operation
Kaspersky Lab’s security researchers have announced the discovery of the Mask (aka Careto), an advanced Spanish-language speaking threat actor that has been involved in global cyber-espionage operations since at least 2007. What makes the Mask special is the complexity of the toolset used by the attackers. This includes a sophisticated malware, a rootkit, a bootkit, Mac OS X and Linux versions, and possibly versions for Android and iOS (iPad/iPhone). The primary targets are government institutions, diplomatic offices and embassies, energy, oil, and gas companies, research organizations and activists. Victims of this targeted attack have been found in thirty-one countries around the world.
-
-
Israeli legal expert urges development of ethics code for cyberwarfare
Col. Sharon Afek, former deputy military advocate general, says that countries would benefit from developing an ethics code to govern cyber warfare operations. He notes that existing law already prohibits cyber operations which would directly lead to loss of life, injury, or property damage, such as causing a train to derail or undermining a dam. “Israel faces a complex and challenging period in which we can expect both a cyber arms race with the participation of state and non-state entities, and a massive battle between East and West over the character of the future legal regime,” he writes. He acknowledges, though, that only a catastrophic event like “Pearl Harbor or Twin Towers attack in cyberspace” would accelerate developments in this area.
-
-
New software obfuscation system a cryptography game changer
A team of researchers has designed a system to encrypt software so that it only allows someone to use a program as intended while preventing any deciphering of the code behind it. This is known in computer science as “software obfuscation,” and it is the first time it has been accomplished. Previously developed techniques for obfuscation presented only a “speed bump,” forcing an attacker to spend some effort, perhaps a few days, trying to reverse-engineer the software. The new system puts up an “iron wall,” making it impossible for an adversary to reverse-engineer the software without solving mathematical problems that take hundreds of years to work out on today’s computers — a game-change in the field of cryptography.
-
-
Social networking makes us smarter now, but more stupid in the long run
Does improved connectivity to other people through social networks makes us smarter or more stupid? Some say that connectivity allows us acquire information from other people as well as by direct experience. Many pundits say that in the Internet era, in which we have access to a diversity of information, humankind will learn to make more informed decisions. Others, however, suggest having so much information at our fingertips will limit our ability for concentration, contemplation, and reflection. Controlled tests show that both arguments are correct – but on different tike scales: Being able to copy from other people in vast networks means analytical responses rapidly spread – but only by making it easy and commonplace for people to reach analytical response without engaging analytical processing. The researchers conclude that this tendency to copy without thinking “can explain why increased connectivity may eventually make us stupid by making us smarter first.”
-
-
Snowden’ leaks derailed important cybersecurity initiatives
Edward Snowden’s leaks created such a climate of distrust around the NSA that many important cybersecurity initiatives died, stalled, or became non-starters. Security experts say that this is a case of throwing the baby out with the bathwater, and that the result of these stalled cybersecurity initiatives is that the United States is now more vulnerable to cyberattacks on its infrastructure, and government agencies and American corporations more exposed to sensitive information being compromised and stolen. U.S. officials have found it more difficult to respond to cyberattacks from Russia, China, and elsewhere. “All the things [the NSA] wanted to do are now radioactive, even though they were good ideas,” says James Lewis, a cybersecurity expert at the Center for Strategic and International Studies(CSIS).
-
-
New state-of-the-art cybersecurity resource available to software developers
Cybercrime is booming; it is an estimated $100 billion industry in the United States and shows no signs of slowing down. Attackers have an arsenal of weapons at their disposal, including social engineering — or phishing — penetrating weak security protocols and exploiting software vulnerabilities that can serve as an “open window” into an organization’s IT environment. Closing those windows requires effective and accessible tools to identify and root out software vulnerabilities. Supported by a $23.4 million grant from DHS’s Science and Technology Directorate (S&T), the Software Assurance Marketplace, or SWAMP, provides a state-of-the-art facility that serves as an open resource for software developers, software assurance tool developers, and software researchers who wish to collaborate and improve software assurance activities in a safe, secure environment.
-
-
Pace of acquisitions of cybersecurity startups quickens
With the number and scope of cybersecurity breaches on the rise, cybersecurity startups offering innovative security solutions have become a sought-after target in the merger and acquisition market. These innovative companies are eagerly sought not only for their technologies, but also as an investment vehicle, with the average valuation acquiring companies willing to pay approaching ten times revenue. “To pay ten times on services in the normal world is crazy, in the security world it’s normal,” says an industry insider.
-
-
DARPA makes agency-sponsored software, publications available to R&D community
DARPA has invested in many programs that sponsor fundamental and applied research in areas of computer science, programs which have led to new advances in theory as well as practical software. The R&D community has asked about the availability of results, and now DARPA has responded by creating the DARPA Open Catalog, a place for organizing and sharing those results in the form of software, publications, data, and experimental details. The Web site aims to encourage communities interested in DARPA research to build off the agency’s work, starting with big data.
-
-
Making the U.S. grid sturdier, smarter, and more secure to thwart blackouts
In August 2003, fifty million customers throughout the northeastern United States and southeastern Canada lost power for up to two days. More than ten years later, the U.S. electric power system continues to be challenged. In the United States, 149 power outages affecting at least 50,000 customers occurred between 2000 and 2004, a number which grew to 349 between 2005 and 2009. In 2012, the prolonged power outages in New York and New Jersey caused by Hurricane Sandy once again demonstrated the system’s vulnerability. A broad, multidisciplinary effort by Georgia Tech researchers aims to revolutionize the delivery of electricity, advance the smart grid, thwart blackouts, integrate renewable energy sources, and secure utilities from cyberattacks.
-
-
Chemical, defense companies subject to Chinese Nitro attacks
More and more chemical and defense companies around the world are victims of Nitro attacks. These attacks, launched by government-backed Chinese hackers, install PoisonIvy, a Remote Access Tool (RAT) stealthily placed on computer systems to steal information. The majority of the computers infected belong to firms in the United States, Bangladesh, and the United Kingdom.
-
-
National Guard units help states ward off cyberattacks
Governors across the United States are mobilizing their states’ National Guard units to combat threats from cyberattacks. The state of Washington was the first state to assign the state’s National Guard cybersecurity responsibilities. The state recognized the potential of its National Guard as a cyberforce when it realized that many of its soldiers, who are full-time employees and part-time soldiers, worked for tech employers such as Google, Boeing, Cisco, Verizon, and Microsoft.
-
-
Quantum encryption for wiretap-proof communication a step closer
Polarized light, in which all the light waves oscillate on the same plane, forms the foundation for technology such as LCD displays in computers and TV sets, and advanced quantum encryption. There are two ways to create polarized light, but each has its problems: filtering normal unpolarized to block unwanted light waves (but here, half of the light emitted, and thereby an equal amount of energy, are lost), or using light which is polarized at the source (but here, polarization is either too weak or hard to control). Now there is a better way: By emitting photons from a quantum dot at the top of a micropyramid, researchers are creating a polarized light source with a high degree of linear polarization, on average 84 percent. As the quantum dots can also emit one photon at a time, this is promising technology for quantum encryption, a growing technology for wiretap-proof communication.
-
-
Two Israeli startups with innovative cybersecurity solutions raise combined $25 million
Two Israeli cybersecurity startups, launched by veterans of the IDF technology units, announced that, separately, they had raised a combined $25 million from investors. Adallom’s solution accumulates users’ behavioral data in order to protect databases. It monitors how software applications like the customer relationship management program Salesforce, Google apps, and Microsoft Office 360 are used, and protects data security. Aorato’s solution watches for suspicious usage of employee credentials – for example, multiple guessing attempts. “2013 showed the world the risks of advanced threats in parallel to the implications of insiders’ access to sensitive corporate data,” Aorato’s CEO Idan Plotnik noted, referring to the Edward Snowden’s leaks of secret government information.
-
-
National cyber complex to open next to Ben-Gurion University of the Negev campus
A new national cyber complex called CyberSpark will open at the Advanced Technology Park (ATP) which is located next to Ben Gurion University of the Negev. Fortune 500 companies Lockheed Martin and IBM announced they would invest in CyberSpark R&D facilities, joining other cybersecurity leaders Deutsche Telekom, EMC, RSA, and many startups. The 15-building ATP is the only type of complex of its kind in the world that includes Fortune 500 companies and cyber-incubators, academic researchers, and educational facilities as well as national government and security agencies. The CyberSpark will also include a high school geared toward science and technology.
-
-
Gaza-based Palestinian hackers compromise Israeli defense ministry computer
Hackers broke into a computer at the Israeli Ministry of Defense through an e-mail attachment tainted with malicious software. The attachment looked as if it had been sent by the country’s internal security service, the Shin Bet. it was likely that Palestinians were behind the cyberattack, saying that the more recent attacks were similar to cyberattacks against Israeli computers more than a year ago. Those attacks originated in the Hamas-controlled Gaza Strip. The attackers used an e-mail attachment to infect the computers with Xtreme RAT malware, which is a remote access Trojan. The malware allows hackers complete control of an infected machine. They can steal information, load additional malicious software onto the network, or use the invaded computer as a base of operations from which to conduct reconnaissance and attempt to gain deeper access into the network.
-
More headlines
The long view
States Rush to Combat AI Threat to Elections
This year’s presidential election will be the first since generative AI became widely available. That’s raising fears that millions of voters could be deceived by a barrage of political deepfakes. Congress has done little to address the issue, but states are moving aggressively to respond — though questions remain about how effective any new measures to combat AI-created disinformation will be.
Ransomware Attacks: Death Threats, Endangered Patients and Millions of Dollars in Damages
A ransomware attack on Change Healthcare, a company that processes 15 billion health care transactions annually and deals with 1 in 3 patient records in the United States, is continuing to cause massive disruptions nearly three weeks later. The incident, which started on February 21, has been called the “most significant cyberattack on the U.S. health care system” by the American Hospital Association. It is just the latest example of an increasing trend.
Chinese Government Hackers Targeted Critics of China, U.S. Businesses and Politicians
An indictment was unsealed Monday charging seven nationals of the People’s Republic of China (PRC) with conspiracy to commit computer intrusions and conspiracy to commit wire fraud for their involvement in a PRC-based hacking group that spent approximately 14 years targeting U.S. and foreign critics, businesses, and political officials in furtherance of the PRC’s economic espionage and foreign intelligence objectives.
Autonomous Vehicle Technology Vulnerable to Road Object Spoofing and Vanishing Attacks
Researchers have demonstrated the potentially hazardous vulnerabilities associated with the technology called LiDAR, or Light Detection and Ranging, many autonomous vehicles use to navigate streets, roads and highways. The researchers have shown how to use lasers to fool LiDAR into “seeing” objects that are not present and missing those that are – deficiencies that can cause unwarranted and unsafe braking or collisions.
Tantalizing Method to Study Cyberdeterrence
Tantalus is unlike most war games because it is experimental instead of experiential — the immersive game differs by overlapping scientific rigor and quantitative assessment methods with the experimental sciences, and experimental war gaming provides insightful data for real-world cyberattacks.