Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Category: cybercrime/malcode – Page 225

Battle of the Bots: How AI Is Taking Over the World of Cybersecurity

Google has built machine learning systems that can create their own cryptographic algorithms — the latest success for AI’s use in cybersecurity. But what are the implications of our digital security increasingly being handed over to intelligent machines?

Google Brain, the company’s California-based AI unit, managed the recent feat by pitting neural networks against each other. Two systems, called Bob and Alice, were tasked with keeping their messages secret from a third, called Eve. None were told how to encrypt messages, but Bob and Alice were given a shared security key that Eve didn’t have access too.

ai-cybersecurity-7

In the majority of tests the pair fairly quickly worked out a way to communicate securely without Eve being able to crack the code. Interestingly, the machines used some pretty unusual approaches you wouldn’t normally see in human generated cryptographic systems, according to TechCrunch.

Biometric Security Gains Popularity, But Is Far from Foolproof

Whenever cybersecurity is discussed, the topic of biometric authentication rises alongside it as a better, more effective, more secure method of security. But is it? Do biometrics actually provide a safer way to complete purchase transactions online?

“Biometrics are a device-specific authentication method,” said Madeline Aufseeser, CEO of online fraud prevention company Tender Armor, of the ways biometric authentication is presently used to secure a digital purchase transaction (as opposed to logging into a bank’s web site, to view an account or transfer money). “Typically the same biometric method does not work across multiple purchasing channels today. The fingerprint used to make a purchase with a smartphone cannot necessarily be used to authenticate a phone order purchase or purchase made with a computer. When you confirm [a purchase transaction] with your fingerprint on a smartphone, all that’s saying is that’s the same fingerprint that’s allowed to use this phone, or the specific application on the phone. Because the fingerprint is only resident and stored on the phone, the phone is authenticating itself, not the cardholder conducting the transaction.”

This sounds a little odd compared to what we might have heard about the capabilities of biometrics previously, mainly because it goes against a core assumption: that a biometric identifier (like a fingerprint) goes with transactional data, from the phone or device, to the payment processor, to the merchant.

Google’s neural networks created their own encryption method

Fortifying cybersecurity is on everyone’s mind after the massive DDoS attack from last week. However, it’s not an easy task as the number of hackers evolves the same as security. What if your machine can learn how to protect itself from prying eyes? Researchers from Google Brain, Google’s deep Learning project, has shown that neural networks can learn to create their own form of encryption.

According to a research paper, Martín Abadi and David Andersen assigned Google’s AI to work out how to use a simple encryption technique. Using machine learning, those machines could easily create their own form of encrypted message, though they didn’t learn specific cryptographic algorithms. Albeit, compared to the current human-designed system, that was pretty basic, but an interesting step for neural networks.

To find out whether artificial intelligence could learn to encrypt on its own or not, the Google Brain team built an encryption game with its three different entities: Alice, Bob and Eve, powered by deep learning neural networks. Alice’s task was to send an encrypted message to Bob, Bob’s task was to decode that message, and Eve’s job was to figure out how to eavesdrop and decode the message Alice sent herself.

Russian military build impenetrable closed internet – and mocks US technology

For my CISO/ CSO friends.

It is believed that Russia has the Internet that is considered as impenetrable. Such technology protects Russia from hacking attempts.

The World Wide Web (WWW) is prone to hacking, as shown in the recent cyber attacks on the US which led to outages on giants including Twitter, Amazon and Spotify, for which Russia has been largely blamed, so the Eastern European powerhouse has upped its security measures.

The electronic communication system is independent from the WWW and is unable to be connected to unless it is from a verified and licensed computer.

Chinese firm admits its hacked products were behind Friday’s massive DDOS attack

A Chinese electronics component manufacturer says its products inadvertently played a role in a massive cyberattack that disrupted major internet sites in the U.S. on Friday.

Hangzhou Xiongmai Technology, a vendor behind DVRs and internet-connected cameras, said on Sunday that security vulnerabilities involving weak default passwords in its products were partly to blame.

According to security researchers, malware known as Mirai has been taking advantage of these vulnerabilities by infecting the devices and using them to launch huge distributed denial-of service attacks, including Friday’s outage.

DARPA investigating blockchain for nuclear weapons, satellite security

If the Defense Department is looking to implement blockchain, other organizations may quickly follow suit. Blockchain technology helps guarantee that information has a timestamp and recorded whenever any change happens, ensuring data can be trusted in real time. In DARPA’s case, blockchain technology could help track attempted data breaches.

“Whenever weapons are employed … it tends to be a place where data integrity in general is incredibly important,” Booher said. “So nuclear command and control, satellite command and control, command and control in general, [information integrity] is very important.”

In September, DARPA awarded a $1.8 million contract to computer security firm Galois, asking it to verify a specific type of blockchain technology from a company called Guardtime. If the verification goes well, the military could become one of a growing number of industries and institutions using blockchain to help ensure the security of their operations.

Will Quantum Computers Kill Bitcoin?

Since they were first theorized by the physicist Richard Feynman in 1982, quantum computers have promised to bring about a new era of computing. It is only relatively recently that theory has translated into significant real-world advances, with the likes of Google, NASA and the CIA working towards building a quantum computer. Computer scientists are now warning that the arrival of the ultra-powerful machines will cripple current encryption methods and as a result bring a close to the great bitcoin experiment—collapsing the technological foundations that bitcoin is built upon.

“Bitcoin is definitely not quantum computer proof,” Andersen Cheng, co-founder of U.K. cybersecurity firm Post Quantum, tells Newsweek. “Bitcoin will expire the very day the first quantum computer appears.”

The danger quantum computers pose to bitcoin, Cheng explains, is in the cryptography surrounding what is known as the public and private keys—a set of numbers used to facilitate transactions. Users of bitcoin have a public key and a private key. In order to receive bitcoin, the recipient shares the public key with the sender, but in order to spend it they need their private key, which only they know. If somebody else is able to learn the private key, they can spend all the bitcoin.

Quantum Computing Could Cripple Encryption; Bitcoin’s Role

Earlier this week, Canada’s electronic spy agency the Communications Security Establishment warned government agencies and businesses against quantum mechanics, which could cripple the majority of encryption methods implemented by leading corporations and agencies globally.

Governments and private companies employ a variety of cryptographic security systems and protocols to protect and store important data. Amongst these encryption methods, the most popular system is public key cryptography (PKC), which can be integrated onto a wide range of software, platforms, and applications to encrypt data.

The Communications Security Establishment and its chief Greta Bossenmaier believes that quantum computing is technically capable of targeting PKC-based encryption methods, making data vulnerable to security breaches and hacking attempts from foreign state spies and anonymous hacking groups.