Lifeboat Foundation

So yea bro, you got the sensors to pick up the frequency you can hack it.

For as smart as artificial intelligence systems seem to get, they’re still easily confused by hackers who launch so-called adversarial attacks — cyberattacks that trick algorithms into misinterpreting their training data, sometimes to disastrous ends.

In order to bolster AI’s defenses from these dangerous hacks, scientists at the Australian research agency CSIRO say in a press release they’ve created a sort of AI “vaccine” that trains algorithms on weak adversaries so they’re better prepared for the real thing — not entirely unlike how vaccines expose our immune systems to inert viruses so they can fight off infections in the future.

Advancement of artificial intelligence (AI) prompts fears of a Terminator-style future where humans live as an underclass to the machines we created. However, humanity may face a far more immediate threat in the form of AI malware.

Cyberattack blocked 911 dispatchers from logging calls, as a growing number of U.S. municipalities are taken hostage.

A hacking group linked to the Russian government has been attempting to breach the U.S. power grid, Wired reports.

Security experts from the non-profit group the Electric Information Sharing and Analysis Center (E-ISAC) and security firm Dragos tracked the hackers — and warn that the group has been probing the grid for weaknesses, searching for ways that they could access U.S. systems.

Even though there are no signs that the group has succeeded in accessing the power grid, the attacks still have experts worried. And that’s partly because of the history of this particular hacking group: Xenotime, who created the infamous Triton malware. In late 2017, Triton attacked critical infrastructure such as the industrial control systems used in power plants, and it could have been used to cause massive destruction through tampering with power plant controls. That lead it to be labeled the “world’s most murderous malware.”

Again, it’s all good stuff, essentially what I would hope for out a next-gen Deus Ex, but it’s still a little difficult to judge these elaborate upgrade trees without actually getting the opportunity to move through them at the intended pace. From what we can see, it’s plenty deep: there is the opportunity to build a hacking-fluent cyber ninja, and I’m going to guess that a good chunk of people playing this game are going to go that route.

‘Cyberpunk 2077’ is clearly stretching the limits of what’s possible on Xbox One and PS4.

Almost every day, news headlines announce another security breach and the theft of credit card numbers and other personal information. While having one’s credit card stolen can be annoying and unsettling, a far more significant, yet less recognized, concern is the security of physical infrastructure, including energy systems.

“With a credit card theft, you might have to pay $50 and get a new credit card,” says Stuart Madnick, the John Norris Maguire Professor of Information Technologies at the Sloan School of Management, a professor of engineering systems at the School of Engineering, and founding director of the Cybersecurity at MIT Sloan consortium. “But with infrastructure attacks, real physical damage can occur, and recovery can take weeks or months.”

A few examples demonstrate the threat. In 2008, an alleged cyberattack blew up an oil pipeline in Turkey, shutting it down for three weeks; in 2009, the malicious Stuxnet computer worm destroyed hundreds of Iranian centrifuges, disrupting that country’s nuclear fuel enrichment program; and in 2015, an attack brought down a section of the Ukrainian power grid—for just six hours, but substations on the grid had to be operated manually for months.

Continue reading “Protecting our energy infrastructure from cyberattack” »

Ben-Gurion University of the Negev (BGU) cyber security researchers have developed a new attack called Malboard evades several detection products that are intended to continuously verify the user’s identity based on personalized keystroke characteristics.

The new paper, “Malboard: A Novel User Keystroke Impersonation Attack and Trusted Detection Framework Based on Side-Channel Analysis,” published in the Computer and Security journal, reveals a sophisticated attack in which a compromised USB keyboard automatically generates and sends malicious keystrokes that mimic the attacked user’s behavioral characteristics.

Keystrokes generated maliciously do not typically match human typing and can easily be detected. Using artificial intelligence, however, the Malboard attack autonomously generates commands in the user’s style, injects the keystrokes as malicious software into the keyboard and evades detection. The keyboards used in the research were products by Microsoft, Lenovo and Dell.

Continue reading “New computer attack mimics user’s keystroke characteristics and evades detection” »

Low tech sometimes is really good because when systems can be exploited then basically you see that no tech is sometimes best.

Election Systems & Software has championed electronic voting machines in the US. Now it has had a change of heart about the need for paper records of votes.

Cyber threats: Over half a million electronic machines are used in big US elections. Many produce paper copies of votes that can be used to audit electronic results, but some don’t. That’s a problem because security experts have shown that machines can be hacked.

Continue reading “A big US maker of paperless voting systems now says paper is essential” »