Two days after rumors of a malware infection at the Kudankulam Nuclear Power Plant surfaced on Twitter, the plant’s parent company confirms the security breach.
Category: cybercrime/malcode
Security researchers have been following the xHelper malware on Android with great interest, owing to the app’s seemingly incomprehensible ability to reinstall itself on an infected device despite factory resets.
Using a supercomputing system, MIT researchers have developed a model that captures what web traffic looks like around the world on a given day, which can be used as a measurement tool for internet research and many other applications.
Understanding web traffic patterns at such a large scale, the researchers say, is useful for informing internet policy, identifying and preventing outages, defending against cyberattacks, and designing more efficient computing infrastructure. A paper describing the approach was presented at the recent IEEE High Performance Extreme Computing Conference.
For their work, the researchers gathered the largest publicly available internet traffic dataset, comprising 50 billion data packets exchanged in different locations across the globe over a period of several years.
Future Consequences of Cryptocurrency Use: Systemic Investigation of Two Scenarios
Posted in bitcoin, business, complex systems, counterterrorism, cryptocurrencies, cybercrime/malcode, disruptive technology, economics, education, employment, encryption, finance, futurism, governance, government, hacking, innovation, law enforcement, open access, policy, privacy, security, strategy, terrorism | Leave a Comment on Future Consequences of Cryptocurrency Use: Systemic Investigation of Two Scenarios
We face complexity, ambiguity, and uncertainty about the future consequences of cryptocurrency use. There are doubts about the positive and negative impacts of the use of cryptocurrencies in the financial systems. In order to address better and deeper the contradictions and the consequences of the use of cryptocurrencies and also informing the key stakeholders about known and unknown emerging issues in new payment systems, we apply two helpful futures studies tools known as the “Future Wheel”, to identify the key factors, and “System Dynamics Conceptual Mapping”, to understand the relationships among such factors. Two key scenarios will be addressed. In on them, systemic feedback loops might be identified such as a) terrorism, the Achilles’ heel of the cryptocurrencies, b) hackers, the barrier against development, and c) information technology security professionals, a gap in the future job market. Also, in the other scenario, systemic feedback loops might be identified such as a) acceleration of technological entrepreneurship enabled by new payment systems, b) decentralization of financial ecosystem with some friction against it, c) blockchain and shift of banking business model, d) easy international payments triggering structural reforms, and e) the decline of the US and the end of dollar dominance in the global economy. In addition to the feedback loops, we can also identify chained links of consequences that impact productivity and economic growth on the one hand, and shift of energy sources and consumption on the other hand.
Watch the full length presentation at Victor V. Motti YouTube Channel
Hackers equipped with black market software are targeting cash machines with dated software and substandard security and walking away with millions over the course of a series of attacks, according to a collaborative investigation by Motherboard and German newsroom Bayerischer Rundfunk. Though law enforcement agencies are tightlipped about the trend, it’s a sign that banks may be surprisingly vulnerable to cybercrime.
Other sources, granted anonymity by Motherboard, described the same trend: “There are attacks happening, but a lot of the time it’s not publicized,” said one.
Plug-And-Play
The German attacks and others throughout Europe seem to be carried out with Russian software called Cutlet Maker, which Motherboard reports can be bought for $1,000. In the U.S., a program called Ploutus. D is more popular.
Both programs can be installed into ATMs through a USB or other physical access point — though the hackers usually need to break into the ATM’s hardware to access it.
“Access to the power grid that is obtained now could be used to shut something important down in the future when we are in a war,” White noted. “Espionage is part of the whole program. It is important to remember that cyber has just provided a new domain in which to conduct the types of activities we have been doing in the real world for years.”
The US is also beginning to pour more money into cybersecurity. The 2020 fiscal budget calls for spending $17.4 billion throughout the government on cyber-related activities, with the Department of Defense (DoD) alone earmarked for $9.6 billion.
Despite the growing emphasis on cybersecurity in the US and around the world, the demand for skilled security professionals is well outpacing the supply, with a projected shortfall of nearly three million open or unfilled positions according to the non-profit IT security organization (ISC)².
Much too easy: Planting a two-dollar spy chip on hardware with a technique that can be pulled off on a less than $200 budget? Yet that was the work of a proof in concept investigation by a security researcher and tech-watching sites were discussing the story on Monday.
Turns out you can slip a spy chip into any hardware for no more than $198 to $200, said reports. The spotlight was on security researcher Monta Elkins, Hacker-in-Chief, FoxGuard Solutions. He has a proof-of-concept version of a hardware implant.
John Dunn, Naked Security, talked about the chip as bad news for security were it to happen. “In fact, this has already happened as part of a project by researcher Monta Elkins, designed to prove that this sort of high-end hardware hack is no longer the preserve of nation-states.”
The National Security Agency develops advanced hacking tools in-house for both offense and defense—which you could probably guess even if some notable examples hadn’t leaked in recent years. But on Tuesday at the RSA security conference in San Francisco, the agency demonstrated Ghidra, a refined internal tool that it has chosen to open source. And while NSA cybersecurity adviser Rob Joyce called the tool a “contribution to the nation’s cybersecurity community” in announcing it at RSA, it will no doubt be used far beyond the United States.
No one’s better at hacking than the NSA. And now one of its powerful tools is available to everyone for free.
There’s plenty of malware that turns victims’ computers into zombified servants. A new strain is using some surprising — and completely legitimate — software to do it.