DARPA News March 25, 2019 There are no common tools, methods, or solutions for chip-level security currently in wide use. This is largely driven by the economic hurdles and technical trade-offs often associated with secure chip design. To ease the burden of developing secure chips, DARPA developed the Automatic Implementation of Secure Silicon (AISS) program. AISS aims to automate the process of incorporating scalable defense mechanisms into chip designs, while allowing designers to explore economics versus security trade-offs and maximize design productivity. The objective of the program is to develop a design tool and IP ecosystem – which includes tool […]
Category Archives: Cyber security
Triton is the world’s most murderous malware, and it’s spreading
MIT technology Review March 5, 2019 Triton malware came to light in 2017 when hackers took over the safety instrumented systems of a petrochemical plant in Saudi Arabia. Fortunately, a flaw in the code gave the hackers away before they could do any harm. The malware has not been deconstructed and the hacking group’s identity has not been established with certainty. The hackers behind Triton had tested elements of the code used during the intrusion to make it harder for antivirus programs to detect. Researchers are still digging into the malware’s origins. Experts are urging companies to revisit all their […]
These 3 high-profile DOD systems have persistent operational flaws, according to testing
Fedscoop February 1, 2019 According to the DOD Office of the Director of Operational Test & Evaluation’s 2018 report , in tests there were an increasing number of instances where the cyber Red Teams employed during DOT&E assessments experienced greater difficulty in penetrating network defenses or maintaining previously acquired accesses. But they estimate that the rate of these improvements is not outpacing the growing capabilities of potential adversaries who continue to find new vulnerabilities and techniques to counter the fixes and countermeasures by DOD defenders. Three areas of concern are: The F-35 Joint Strike Fighter’s brain is malfunctioning, DOD EHR (Electronic […]
Five emerging cyber-threats to worry about in 2019
MIT Technology Review January 4, 2019 According to experts in the field we going to see more mega-breaches and ransomware attacks in 2019. Besides planning to deal with established risks, like threats to web-connected consumer devices and critical infrastructure, cyber-defenders should be paying attention to new threats, too. Here are some that should be on watch lists: Exploiting AI-generated fake video and audio, Poisoning AI defenses, hacking smart contracts, Breaking encryption using quantum computers, Attacking from the computing cloud. A recent report by NAS from a group of US quantum experts urges organizations to start adopting new and forthcoming kinds of […]
Cybersecurity flaws could allow adversaries to ‘circumvent’ U.S. missile defense systems
Fedscoop December 7, 2018 An inspector general (Open Access audit ) of the Department of Defense ballistic missile defense systems found a host of existing network vulnerabilities that could allow adversaries to access technical information on those systems and sidestep the nation’s defenses. Auditors broadly recommend using multifactor authentication; mitigating vulnerabilities in a timely manner; protecting data stored on removable media; and implementing adequate physical security controls…read more.
Computer hackers could be thwarted by new ‘deception consistency’ method
Science Daily November 28, 2018 When the attackers are trapped, they can only make observations that are consistent with what they have seen already so that they cannot recognize the deceptive environment. Researchers at NYSU at Binghamton used logic constraints to characterize an attacker’s best knowledge (either positive, negative, or uncertain). When migrating the attacker’s FTP connection into a contained environment, they use these logic constraints to instantiate a new FTP file system that is guaranteed free of inconsistency. In tests, they found that the participants’ chances of recognizing deceptive environments are close to random guesses. The technique may not […]
Security vulnerabilities in terahertz data links
Science Alert October 15, 2018 Unlike microwaves, which propagate in wide-angle broadcasts, terahertz waves travel in narrow, very directional beams with a cone angle of less than 2 degrees. A team of researchers in the US (Brown University, Rice University, SUNY Buffalo) set up a direct line-of-site terahertz data link between a transmitter and receiver and experimented with devices capable of intercepting signal. They were able show several strategies that could steal signal without being detected by using a flat piece of metal that could redirect a portion of the beam to a secondary receiver operated by an attacker…read more. […]
Battling Online Bots, Trolls and People
Inside Science August 31, 2018 Researchers at New York University developed a methodology for detecting bots on Twitter using an ensemble of classifiers and apply it to study bot activity within political discussions in the Russian Twittersphere focusing on the interval from February 2014 to December 2015. They found that on most days, the proportion of Tweets produced by bots exceeds 50%. They found that the software platform used for Tweeting is among the best predictors of bots. A recent report by RAND Corporation listed a number of recommendations for defending democracies in the advent of mal icious bots and […]
CyberWar Map visualizes global threats
Government Computer News August 31, 2018 Researchers at George Washington University have developed a new CyberWar Map that offers an initial screen that displays what looks like the missile-tracking screens in the movie War Games. The map serves as a visual index and access point to the National Security Archives’ extensive collection of Cyber Vault documents. The CyberWar Map is a living research aid: documents and nodes will be added on a regular basis… read more.
Future elections may be swayed by intelligent, weaponized chatbots
MIT Technology Review As we’ve created technical countermeasures that are better at detecting bot-like behavior, it’s become easier to shut them down. The next generation of bots is rapidly evolving. Admittedly, these conversational interfaces are still bumpy, but they’re getting better. The propaganda bots won’t declare themselves to be automated. They’ll present themselves as human users participating in online conversation in comment sections, group chats, and message boards. Contrary to popular belief, this isn’t happening. Most bots merely react to keywords that trigger a boilerplate response. As bots learn how to understand context and intent, they become more adept at engaging […]