Lifeboat Foundation

Freshly discovered malware called Triton can compromise safety systems that control many kinds of industrial processes.

For years, security experts have been warning that hackers can disable systems that control critical infrastructure we all rely on, such as dams and power plants. Now researchers at Mandiant, which is part of the security firm FireEye, have revealed that a new form of malware, dubbed Triton, closed down the operations of a business in the Middle East belonging to Schneider Electric, a French company. The researchers say that they haven’t attributed the hack to a particular attacker, but they do say it bore hallmarks of threats from a nation-state.

Triton appears to have targeted a so-called safety instrumented system, or SIS, which monitors the operation of a physical process using sensors and acoustics. By taking control of it, hackers can destroy or damage the process the SIS is monitoring by tricking it into thinking everything’s normal, when in fact the process is operating at unsafe levels.

Continue reading “A New Industrial Hack Highlights the Cyber Holes in Our Infrastructure” »

Forget hacking a computer. Some researchers want to hack the brain to create human superintelligence to compete with AI.

As artificial intelligence (AI) becomes more prevalent in the domains of security and employment, what are the policy implications? What effects might AI have on cybersecurity, criminal and civil justice, and labor market patterns?

IN AN AGE of nonstop breaches and hacks, getting a handle on your own digital security matters more than ever. But everyone has their own threat model—a set of concerns unique to themselves. The average smartphone user doesn’t need to know what a Faraday cage is; an NSA contractor probably already has a good grasp of security basics. (Or … do they?) In this guide, we’ve included a few ways to improve your online security posture based on those different levels of risk. These won’t prevent the next megabreach or banish ransomware from the earth. They’re not all-encompassing. But they’ll help get you in the mindset of the types of steps you should be taking based on your particular situation. And they’ll help ensure that the next time you read one of those paralyzing headlines, it doesn’t apply to you.

In an age of nonstop breaches and hacks, getting a handle on your own digital security matters more than ever. But everyone has their own threat model—a set of concerns unique to themselves. The average smartphone user doesn’t need to know what a Faraday cage is; an NSA contractor probably already has a good grasp of security basics. (Or … do they?) In this guide, we’ve included a few ways to improve your online security posture based on those different levels of risk. These won’t prevent the next megabreach or banish ransomware from the earth. They’re not all-encompassing. But they’ll help get you in the mindset of the types of steps you should be taking based on your particular situation. And they’ll help ensure that the next time you read one of those paralyzing headlines, it doesn’t apply to you.

Most people probably aren’t aware of this, but the 2016 U.S. Presidential election included a candidate who had a radio-frequency identification chip implanted in his hand. No, it wasn’t Donald J. Trump. It was Zoltan Istvan, a nominee representing the Silicon Valley-based Transhumanist Party and his body-worn chip unlocked his front door, provided computer password access and sent an auto-text that said: “Win in 2016!”

The transhumanist movement – employing technology and radical science to modify humans – offers a glimpse into the marriage of machines and people, the focus of a recent paper released by the Institute for Critical Infrastructure Technology (ICIT). With cybernetic implants already available to consumers, the prospect for techno-human transmutation – cyborgs – is not as far away as many may think.

Continue reading “Why cyborg creators must self-govern security, privacy efforts” »

The European Union’s new ambitious approach to cyber challenges could be a game-changer for its cyber posture as well as for the transatlantic and neighbourhood relations, concludes this analysis by Tomáš Minárik and Siim Alatalu of the NATO Cooperative Cyber Defence Centre of Excellence, the NATO-affiliated cyber defence think-tank. Nevertheless, the EU could make better use of existing expertise in NATO and individual Member States.

The following analysis does not represent the official views of NATO.

On 13 September 2017, the European Commission and the High Representative issued a Joint Communication to the European Parliament and the Council [JOIN(2017) 450 final], bearing the title Resilience, Deterrence and Defence: Building strong cybersecurity for the EU. It introduces an ambitious and comprehensive plan to improve cybersecurity throughout the EU. The Commission and the High Representative (HR) proposed a broad range of measures, divided into three areas – resilience, deterrence and defence:

Continue reading “EU Cybersecurity Package: New Potential for EU to Cooperate with NATO” »

Hopefully not!

Hacking experts having been warning for years that it’s too easy to breach a cockpit’s defenses. Now an alarming government test proves their point.

A serial leak of the agency’s cyberweapons has damaged morale, slowed intelligence operations and resulted in hacking attacks on businesses and civilians worldwide.

South Korea is ‘almost 100 per cent certain’ that North Korean hackers have stolen the blueprints for their warships and submarines.

The despotic regime is thought to have taken the documents after hacking into Daewoo Shipbuilding & Marine Engineering Co Ltd’s database in April last year.

Continue reading “North Korean hackers steal warship blueprints from South” »