Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Category: cybercrime/malcode – Page 189

Circa 2018

As the national power grid becomes increasingly dependent on computers and data sharing—providing significant benefits for utilities, customers, and communities—it has also become more vulnerable to both physical and cyber threats.

While evolving standards with strict enforcement help reduce risks, efforts focused on response and recovery capabilities are just as critical–as is research aimed at creating a well-defended next generation smart grid. The Daily Herd recently sat down with Michael Ahern to discuss the many challenges involved in securing the against physical and cyber –both now and in the future.

In addition to his role as director in WPI’s Corporate and Professional Education and instructor for the Foisie Business School, Ahern also leads a WPI research team supporting BAE Systems as part of the Defense Advanced Research Project Agency’s Rapid Attack Detection, Isolation, and Characterization Systems (DARPA RADICS) intitative.

Read more | >

WASHINGTON, D.C.-Today, U.S. Secretary of Energy Rick Perry announced the establishment of the DOE Artificial Intelligence and Technology Office (AITO). The Secretary has established the office to serve as the coordinating hub for the work being done across the DOE enterprise in Artificial Intelligence. This action has been taken as part of the President’s call for a national AI strategy to ensure AI technologies are developed to positively impact the lives of Americans.

DOE-fueled AI is already being used to strengthen our national security and cybersecurity, improve grid resilience, increase environmental sustainability, enable smarter cities, improve water resource management, as well as speed the discovery of new materials and compounds, and further the understanding, prediction, and treatment of disease. DOE’s National Labs are home to four of the top ten fastest supercomputers in the world, and we’re currently building three next-generation, exascale machines, which will be even faster and more AI-capable computers.

“The world is in the midst of the Golden Age of AI, and DOE’s world class scientific and computing capabilities will be critical to securing America’s dominance in this field,” said Secretary Perry. “This new office housed within the Department of Energy will concentrate our existing efforts while also facilitating partnerships and access to federal data, models and high performance computing resources for America’s AI researchers. Its mission will be to elevate, accelerate and expand DOE’s transformative work to accelerate America’s progress in AI for years to come.”

Read more | >

After being hit by a ransomware attack, Massachusetts city New Bedford faced a payout demand of more than $5 million – one of the largest known ransoms ever.

After a ransomware attack slapped a hefty payout demand of $5.3 million on New Bedford, Mass., the city announced that it is instead opting to pick up the pieces and restore what it can from backups itself.

If the city had opted to pay, the payout would have been the largest known ransom payout for an attack yet.

Read more | >

Safeguarding passwords, credit card numbers or cryptographic keys in computer programs will require less computational work in the future. Researchers at the Max Planck Institute for Software Systems in Kaiserslautern and Saarbrücken have come up with a new technology called ERIM to isolate software components from each other. This allows sensitive data to be protected from hackers when the data is processed by online services, for example. The new method has three to five times less computational overhead than the previous best isolation technology, making it more practical for online services to use the technology. This was reason enough for USENIX, a US-American computing systems association, and Facebook to award their 2019 Internet Defense Prize to the researchers.

Computer programs are like a fortress. Just as a fortress is protected by thick walls, moats and iron gates, firewalls and other security technologies prevent cyber criminals from maliciously exploiting apps. And just as one poorly guarded gate or a supposedly secret escape tunnel may allow besiegers to capture a castle, all hackers need is a small security gap to gain access to all components of a software. In the worst case, they can then get their hands on the data that grants them access to or even allow them to make credit card payments. For example, the Heartbleed bug in the widely used OpenSSL encryption software made user names and passwords of various and programs vulnerable to hackers.

Read more | >

In a rare feat, French police have hijacked and neutralized a massive cryptocurrency mining botnet controlling close to a million infected computers.

The notorious Retadup malware infects computers and starts mining cryptocurrency by sapping power from a computer’s processor. Although the malware was used to generate money, the malware operators easily could have run other malicious code, like spyware or ransomware. The malware also has wormable properties, allowing it to spread from computer to computer.

Since its first appearance, the cryptocurrency mining malware has spread across the world, including the U.S., Russia, and Central and South America.

Read more | >

Hacking the iPhone has long been considered a rarified endeavor, undertaken by sophisticated nation-states against only their most high-value targets. But a discovery by a group of Google researchers has turned that notion on its head: For two years, someone has been exploiting a rich collection of iPhone vulnerabilities with anything but restraint or careful targeting. And they’ve indiscriminately hacked thousands of iPhones just by getting them to visit a website.

Read more | >

In February, an artificial intelligence lab cofounded by Elon Musk informed the world that its latest breakthrough was too risky to release to the public. OpenAI claimed it had made language software so fluent at generating text that it might be adapted to crank out fake news or spam.

On Thursday, two recent master’s graduates in computer science released what they say is a re-creation of OpenAI’s withheld software onto the internet for anyone to download and use.

Aaron Gokaslan, 23, and Vanya Cohen, 24, say they aren’t out to cause havoc and don’t believe such software poses much risk to society yet. The pair say their release was intended to show that you don’t have to be an elite lab rich in dollars and PhDs to create this kind of software: They used an estimated $50,000 worth of free cloud computing from Google, which hands out credits to academic institutions. And they argue that setting their creation free can help others explore and prepare for future advances—good or bad.

Read more | >

The Internal Revenue Service (IRS) is warning taxpayers about a snowballing email attack that uses messages pretending to be legitimate IRS communications. The end game for the effort is malware being installed on unsuspecting users’ machines; imposters may gain control of the taxpayer’s computer or secretly download software that tracks every keystroke, eventually giving them passwords to sensitive accounts, such as financial accounts.

The gambit starts with messages to taxpayers from email addresses that spoof legitimate IRS addresses. The emails contain a link to a spoofed IRS.gov website that displays fake details about the targeted recipient’s tax refund, return or account.

The fake emails have subject lines like “Automatic Income Tax Reminder” or “Electronic Tax Return Reminder.” They claim to contain a “temporary password” or “one-time password” to access the files purportedly needed to submit a request for a refund or for information. However, those files are actually just malware in disguise.

Read more | >