There’s plenty of malware that turns victims’ computers into zombified servants. A new strain is using some surprising — and completely legitimate — software to do it.
The threats of cyberattack and hypersonic missiles are two examples of easily foreseeable challenges to our national security posed by rapidly developing technology. It is by no means certain that we will be able to cope with those two threats, let alone the even more complicated and unknown challenges presented by the general onrush of technology — the digital revolution or so-called Fourth Industrial Revolution — that will be our future for the next few decades.
Technology is about to upend our entire national security infrastructure.
X.x.
Classical computers struggle to crack modern encryption. But quantum computers using Shor’s Algorithm make short work of RSA cryptography. Find out how.
Cybercriminals are zeroing in on the managed service providers that handle computer systems for local governments and medical clinics.
On July 3, employees at Arbor Dental in Longview, Washington, noticed glitches in their computers and couldn’t view X-rays. Arbor was one of dozens of dental clinics in Oregon and Washington stymied by a ransomware attack that disrupted their business and blocked access to patients’ records.
But the hackers didn’t target the clinics directly. Instead, they infiltrated them by exploiting vulnerable cybersecurity at Portland-based PM Consultants Inc., which handled the dentists’ software updates, firewalls and data backups. Arbor’s frantic calls to PM went to voicemail, said Whitney Joy, the clinic’s office coordinator.
Once the realm of science fiction, voice-mimicking software is now “well within the range of any lay criminal who’s got creativity to spare,” one cybersecurity expert said.
A web page pretending to offer an official application from PayPal is currently spreading a new variant of Nemty ransomware to unsuspecting users.
It appears that the operators of this file-encrypting malware are trying various distribution channels as it was recently observed as a payload from the RIG exploit kit (EK).
Bitcoin’s blockchain has been hijacked by a new strain of the Glupteba malware that uses the network to resist attacks, cyber security researchers have warned.
The malware uses the bitcoin blockchain to update, meaning it can continue running even if a device’s antivirus software blocks its connection to servers run by the hackers, security intelligence blog Trend Micro reported this week.
The Glupteba malware, first discovered in December 2018, is distributed through advertising designed to spread viruses through script and can steal an infected devices’ browsing history, website cookies, and account names and passwords with this particular variant found to be targeting file-sharing websites.
A first-of-its-kind cyberattack on the U.S. grid created blind spots at a grid control center and several small power generation sites in the western United States, according to a document posted yesterday from the North American Electric Reliability Corp.
The unprecedented cyber disruption this spring did not cause any blackouts, and none of the signal outages at the “low-impact” control center lasted for longer than five minutes, NERC said in the “Lesson Learned” document posted to the grid regulator’s website.
But the March 5 event was significant enough to spur the victim utility to report it to the Department of Energy, marking the first disruptive “cyber event” on record for the U.S. power grid (Energywire, April 30).
Circa 2018
As the national power grid becomes increasingly dependent on computers and data sharing—providing significant benefits for utilities, customers, and communities—it has also become more vulnerable to both physical and cyber threats.
While evolving standards with strict enforcement help reduce risks, efforts focused on response and recovery capabilities are just as critical–as is research aimed at creating a well-defended next generation smart grid. The Daily Herd recently sat down with Michael Ahern to discuss the many challenges involved in securing the national power grid against physical and cyber attacks –both now and in the future.
Continue reading “Protecting the power grid from cyber attacks” »
