Cyber attacks have already targeted critical infrastructure around the world and the U.S. could be next

As the modern world increasingly becomes “wired,” more critical systems and infrastructure are being linked via the Internet. And while that has given rise to incredible new technologies that boost efficiency and capability, it has also meant that countries are more vulnerable to hacking and cyber attack.

Most nations do their best to defend their critical networks against hackers, DDoS (denial of service) attacks and outright cyber assaults. But not all systems are well-protected; some, in fact, are incredibly vulnerable.

READ MORE

Advertisements

Nuclear power plants are ripe for hacking due to a ‘culture of denial,’ new study warns

Following the Fukushima nuclear disaster in March 2011, there were calls throughout the industry to tighten safety standards at all atomic power plants around the world. However, according to a new review of the industry, cyber security was apparently not high on the list.

As reported by the UK’s Financial Times, nuclear power plant managers are engaged in a “culture of denial” about the risks of cyber attack, as many have failed to take adequate measures to protect themselves from hacking, the review found.

READ MORE

Could an ‘unhackable kernel’ keep all computers safe from cyberattack?

AN AUTONOMOUS helicopter gunship is flying over a military base in Arizona. Suddenly, officers on the ground lose radio contact: hackers have taken control of an on-board computer. Could they fly the helicopter?

This has happened – well, almost. New Scientist can reveal that the US Defense Advanced Research Projects Agency (DARPA) used this scenario in a drill to test the cybersecurity of an uncrewed Boeing Little Bird helicopter.

Despite the hackers being given unfettered access to the computer, and then trying their hardest to disable the helicopter – even crashing the computer – they could not disrupt critical systems. For DARPA, which is aiming to develop an “unhackable” drone by 2018 as part of its High-Assurance Cyber Military Systems (HACMS) programme, the drill was a success.

This isn’t just about the military, though. The software that kept the helicopter’s computer secure was at the heart of its operating system, and it could be just what the world needs to make everything from pacemakers to insulin pumps and power stations to cars immune to hacking.

READ MORE

How to limit cyber risk with adaptive authentication

Risk-based, or adaptive authentication grew out of the recognition that single- and multiple-factor authentication methods were based on an erroneous assumption: that identity could be absolutely confirmed and, once confirmed, used as a basis of trust for all subsequent access decisions for the authenticated identity. It is clear that even the most robust multifactor authentication mechanisms do not give this level of assurance, though certainly one-time password methods are still most effective in approaching that goal.

In order to address this inherent limitation, adaptive approaches were developed that…

READ MORE

Security needs to be a top priority for healthcare providers

Back in the old days – say, a whole 10 years ago – thieves had to be physically inside a healthcare facility to steal patient information. How times have changed.

Now, with the Internet and the seeming lack of consistent implementation of online security best practices when it comes to patient information, we’re making things much easier for attackers. The proof is in the data. Gartner research conservatively estimates close to 40 million health care records have been breached to date. That’s likely a conservative figure, given that breaches of fewer than 500 records are not required to be reported.

READ MORE

Smartwatches: a new frontier for cyber attack, HP study shows

Smartwatches with network and communication functionality represent a new and open frontier for cyber attack, according to a study by HP Fortify.

The study revealed that 100% of the tested smartwatches contained significant vulnerabilities, including insufficient authentication, lack of encryption and privacy concerns….

READ MORE

Hacking of Vehicles Shifts From Theory to Very Scary

Warnings of hackers controlling cars lead to growing safety concerns.

The risk was highlighted this week when hackers gained access to a 2014 Jeep Cherokee driven by a reporter for Wired magazine. According to his account, they turned on the Jeep’s windshield wipers, shut the engine down while it was being driven down the highway, took control of the steering wheel and then disabled its brakes, sending it into a ditch.

READ MORE

Colleges: A Playground for Hackers

The recently detected cyberattacks at Pennsylvania State University may spell bad news for other colleges and universities, according to IT security experts. Hackers such as those that targeted Penn State don’t set their sights on individual institutions, but on entire industries.

“I don’t want to be the harbinger of doom, but usually when you see one breach, there’s more to follow,” said Ken Westin, a security analyst with the IT security company Tripwire. “Penn State is an indicator that there have been more breaches and there will be more breaches that are targeting similar kinds of information.”

READ MORE

Finally, After Cyber Attack, “Hacking Team” Founder Speaks Out

After weeks of silence, the day of truth has arrived. David Vincenzetti, the 47-year-old founder of the infamous Milanese technology firm Hacking Team, agreed to finally give his perspective on the devastating cyber attack on his company’s servers.

Hacking Team rose to prominence by producing Galileo, a suite of surveillance technologies that allow governments to intercept and decrypt data. More than 40 countries in the world use the product to infiltrate and monitor the communications of terrorists, traffickers and criminals. But the firm has attracted controversy for dealing with non-democratic clients — the governments of Sudan, Libya and…

READ MORE

CVS investigating credit card breach on photo site

CVS is warning customers of its online photo printing service that their credit card data may have been breached.

The website cvsphoto.com was inactive Friday, replaced by a note from the company that read, “We have been made aware that customer credit card information collected by the independent vendor who manages and hosts CVSPhoto.com may have been compromised. As a precaution, as our investigation is underway we are temporarily shutting down access to online and related mobile photo services. We apologize for the inconvenience.”

Security expert Brian Krebs pointed out on his site that last week Walmart Canada reported a similar breach of its photo site. The two companies both work with third-party vendor PNI Digital Media, which provides….

READ MORE