As the modern world increasingly becomes “wired,” more critical systems and infrastructure are being linked via the Internet. And while that has given rise to incredible new technologies that boost efficiency and capability, it has also meant that countries are more vulnerable to hacking and cyber attack.
Most nations do their best to defend their critical networks against hackers, DDoS (denial of service) attacks and outright cyber assaults. But not all systems are well-protected; some, in fact, are incredibly vulnerable.
Following the Fukushima nuclear disaster in March 2011, there were calls throughout the industry to tighten safety standards at all atomic power plants around the world. However, according to a new review of the industry, cyber security was apparently not high on the list.
As reported by the UK’s Financial Times, nuclear power plant managers are engaged in a “culture of denial” about the risks of cyber attack, as many have failed to take adequate measures to protect themselves from hacking, the review found.
AN AUTONOMOUS helicopter gunship is flying over a military base in Arizona. Suddenly, officers on the ground lose radio contact: hackers have taken control of an on-board computer. Could they fly the helicopter?
This has happened – well, almost. New Scientist can reveal that the US Defense Advanced Research Projects Agency (DARPA) used this scenario in a drill to test the cybersecurity of an uncrewed Boeing Little Bird helicopter.
Despite the hackers being given unfettered access to the computer, and then trying their hardest to disable the helicopter – even crashing the computer – they could not disrupt critical systems. For DARPA, which is aiming to develop an “unhackable” drone by 2018 as part of its High-Assurance Cyber Military Systems (HACMS) programme, the drill was a success.
This isn’t just about the military, though. The software that kept the helicopter’s computer secure was at the heart of its operating system, and it could be just what the world needs to make everything from pacemakers to insulin pumps and power stations to cars immune to hacking.
Risk-based, or adaptive authentication grew out of the recognition that single- and multiple-factor authentication methods were based on an erroneous assumption: that identity could be absolutely confirmed and, once confirmed, used as a basis of trust for all subsequent access decisions for the authenticated identity. It is clear that even the most robust multifactor authentication mechanisms do not give this level of assurance, though certainly one-time password methods are still most effective in approaching that goal.
In order to address this inherent limitation, adaptive approaches were developed that…
Back in the old days – say, a whole 10 years ago – thieves had to be physically inside a healthcare facility to steal patient information. How times have changed.
Now, with the Internet and the seeming lack of consistent implementation of online security best practices when it comes to patient information, we’re making things much easier for attackers. The proof is in the data. Gartner research conservatively estimates close to 40 million health care records have been breached to date. That’s likely a conservative figure, given that breaches of fewer than 500 records are not required to be reported.
Smartwatches with network and communication functionality represent a new and open frontier for cyber attack, according to a study by HP Fortify.
The study revealed that 100% of the tested smartwatches contained significant vulnerabilities, including insufficient authentication, lack of encryption and privacy concerns….
Warnings of hackers controlling cars lead to growing safety concerns.
The risk was highlighted this week when hackers gained access to a 2014 Jeep Cherokee driven by a reporter for Wired magazine. According to his account, they turned on the Jeep’s windshield wipers, shut the engine down while it was being driven down the highway, took control of the steering wheel and then disabled its brakes, sending it into a ditch.
The recently detected cyberattacks at Pennsylvania State University may spell bad news for other colleges and universities, according to IT security experts. Hackers such as those that targeted Penn State don’t set their sights on individual institutions, but on entire industries.
“I don’t want to be the harbinger of doom, but usually when you see one breach, there’s more to follow,” said Ken Westin, a security analyst with the IT security company Tripwire. “Penn State is an indicator that there have been more breaches and there will be more breaches that are targeting similar kinds of information.”
After weeks of silence, the day of truth has arrived. David Vincenzetti, the 47-year-old founder of the infamous Milanese technology firm Hacking Team, agreed to finally give his perspective on the devastating cyber attack on his company’s servers.
Hacking Team rose to prominence by producing Galileo, a suite of surveillance technologies that allow governments to intercept and decrypt data. More than 40 countries in the world use the product to infiltrate and monitor the communications of terrorists, traffickers and criminals. But the firm has attracted controversy for dealing with non-democratic clients — the governments of Sudan, Libya and…
CVS is warning customers of its online photo printing service that their credit card data may have been breached.
The website cvsphoto.com was inactive Friday, replaced by a note from the company that read, “We have been made aware that customer credit card information collected by the independent vendor who manages and hosts CVSPhoto.com may have been compromised. As a precaution, as our investigation is underway we are temporarily shutting down access to online and related mobile photo services. We apologize for the inconvenience.”
Security expert Brian Krebs pointed out on his site that last week Walmart Canada reported a similar breach of its photo site. The two companies both work with third-party vendor PNI Digital Media, which provides….