-
GPS vulnerable to spoofing
GPS technology is ubiquitous in civilian and military applications; Cornell University researchers raise uncomfortable questions by demonstrating how GPS navigation devices can be readliy duped by transmission of fake GPS signals that receivers accept as authentic ones
-
-
Cyber Storm II drill shows ferocity of virtual attack
In March governments from Australia, the United Kingdom, New Zealand, Canada, and the United States ran the largest-ever cyber war games, Cyber Storm II; the drill tested critical infrastructure including dam walls, telecommunications, and government computer networks
-
-
NATO in major anti-terror drill
NATO will hold a two-week comprehensive anti-terrorrism drill in Sardinia; 15 nations, 10 agencies will coordinate land, air, sea, space assets in an effort to smooth communication, information sharing, and operational execution
-
-
Briefly noted
Aussie cyber security needs work… D.C. policy carry iPhones… Surveillance radar in Indonesian straits… HUD awards Iowa critical infrastructure funds…
-
-
"Thought helmets" for silent, secure communication among soldiers
U.S. Army funds research into helmets with embedded sensors which “read” a soldier’s thoughts (well, brain waves) and transmit them, telepathy-like, to their intended target
-
-
Keep IT security simple
New study of corporate security breaches says that 87 percent of all security breaches could have been avoided “if reasonable security controls had been in place at the time of the incident”
-
-
Briefly noted
Debating whether DHS should have cybersecurity responsibilities… FDA revisits refused foods issue… DoD tests contractors’ ID cards
-
-
USPS to deploy IPv6-capable video surveillance
The U.S. Postal Services wants to increase security inside the more than 40,000 post offices around the country; it will install IPv6-capable CCTV systems — complying with the federal government encouragment of agnecies to migrate to IPv6
-
-
U.K. start-up develops file-sharing monitoring tool
Businesses can face serious consequences from illegal file sharing which takes place on their network, whether the files contain confidential client data or copyrighted material; new tool helps companies monitor file sharing
-
-
GAO: U.S. computer emergency readiness team is not ready
Government Accounting Office criticizes US-CERT for lacking “a comprehensive baseline understanding of the nation’s critical information infrastructure operations” and for not exhibiting “aspects of the attributes essential to having a truly national capability,” among other things
-
-
IBM shows hardware-based encryption tool
System x Vault protects data when a server’s hard drive is disposed or stolen, without affecting server performance
-
-
Forrester boosts 2008 tech spending forecast
For the technology sector, it may be a case of good news now and so-so news later; one wild card for the tech sector is the poor health of the nation’s banks and other financial-services companies, which account for about 18 percent of the U.S. technology market
-
-
CTO defends researcher's decision to reveal SCADA exploit
Supervisory Control and Data Acquisition (SCADA) software controls critical U.S. infrastructure; in June, a researcher released attack code which takes advantage of a stack-based buffer overflow bug in SCADA software; security patches have been provided, but the community debates whether the researcher acted responsibly
-
-
Botnets, not the Russian government, behind Georgian attacks
Scrutiny of botnet activity indicates Russia’s attacks on Georgia were not state-sponsored
-
-
Analyst group: Some companies cutting IT spending
Many large companies, especially those in the financial services, utilities, and telecommunications industries, have cut their technology budgets this year because of the economic slowdown
-
More headlines
The long view
States Rush to Combat AI Threat to Elections
This year’s presidential election will be the first since generative AI became widely available. That’s raising fears that millions of voters could be deceived by a barrage of political deepfakes. Congress has done little to address the issue, but states are moving aggressively to respond — though questions remain about how effective any new measures to combat AI-created disinformation will be.
Ransomware Attacks: Death Threats, Endangered Patients and Millions of Dollars in Damages
A ransomware attack on Change Healthcare, a company that processes 15 billion health care transactions annually and deals with 1 in 3 patient records in the United States, is continuing to cause massive disruptions nearly three weeks later. The incident, which started on February 21, has been called the “most significant cyberattack on the U.S. health care system” by the American Hospital Association. It is just the latest example of an increasing trend.
Chinese Government Hackers Targeted Critics of China, U.S. Businesses and Politicians
An indictment was unsealed Monday charging seven nationals of the People’s Republic of China (PRC) with conspiracy to commit computer intrusions and conspiracy to commit wire fraud for their involvement in a PRC-based hacking group that spent approximately 14 years targeting U.S. and foreign critics, businesses, and political officials in furtherance of the PRC’s economic espionage and foreign intelligence objectives.
Autonomous Vehicle Technology Vulnerable to Road Object Spoofing and Vanishing Attacks
Researchers have demonstrated the potentially hazardous vulnerabilities associated with the technology called LiDAR, or Light Detection and Ranging, many autonomous vehicles use to navigate streets, roads and highways. The researchers have shown how to use lasers to fool LiDAR into “seeing” objects that are not present and missing those that are – deficiencies that can cause unwarranted and unsafe braking or collisions.
Tantalizing Method to Study Cyberdeterrence
Tantalus is unlike most war games because it is experimental instead of experiential — the immersive game differs by overlapping scientific rigor and quantitative assessment methods with the experimental sciences, and experimental war gaming provides insightful data for real-world cyberattacks.