recentpopularlog in

itsicherheit_strategie

« earlier   
How US authorities tracked down the North Korean hacker behind WannaCry
On September 6, the US Department of Justice formally charged a North Korean programmer for some of the biggest cyber-attacks in recent years. According to a 179-page DOJ indictment, the US believes that Park Jin Hyok, a 34-year-old North Korean, is one of the many individuals behind a long string of malware attacks and intrusions. The DOJ says Park was an active member of a government-sponsored hacking team known in the private cyber-security sector as the Lazarus Group. But in reality, officials say, he was also a government employee working for a government-owned company named Chosun Expo Joint Venture (Chosun Expo hereinafter). Investigators say that Chosun Expo was founded as a joint venture between the South and North Korean governments, and was meant to be an e-commerce and lottery website. South Korean officials pulled out of the deal, but the North Korean government continued to manage the company through various individuals, branching out in different online services, such as online gaming and gambling. US officials say that the company was only a front and money-making entity for Lab 110, a component of the DPRK military intelligence apparatus. A report published by an organization of North Korean dissidents living in South Korea, cited in the indictment, identified Chosun Expo as providing "cover for North Korean government officers."
zdnet, 06.09.2018
land_nordkorea  kriminalität_cracker_blackhat  itsicherheit_malware_spyware  geheimdienst_kp_kpa_rgb_lab110  geheimdienst_militär  geheimdienst_allg_unternehmen_tarnfirma  geheimdienst_polizei_infiltration_tech  us_ministerium_justiz  itsicherheit_botnetz_c&c  geheimdienst_polizei_tarnung_undercover  datenschutz_id_management  itsicherheit_strategie  geheimdienst_uk_nca_nccu  geheimdienst_allg_spionage  militär_allg_spezialeinheit  militär_allg_infiltration_tech  geheimdienst_uk_gchq_ncsc  geheimdienst_us_fbi 
16 days ago by kraven
The Sensors That Power Smart Cities Are a Hacker's Dream
Researchers from IBM Security and data security firm Threatcare looked at sensor hubs from three companies—Libelium, Echelon, and Battelle—that sell systems to underpin smart city schemes. Smart city spending worldwide is estimated to reach about $81 billion globally in 2018, and the three companies all have different areas of influence. Echelon, for example, is one of the top suppliers of smart street lighting deployments in the world. An accidental missile alert in January sent Hawaii's residents scrambling, while a hack set off Dallas's tornado sirens last year. In fact, those incidents and others like it inspired Daniel Crowley of IBM X-Force Red and Jennifer Savage of Threatcare to investigate these systems in the first place. What they found dismayed them. In just their initial survey, the researchers found a total of 17 new vulnerabilities in products from the three companies, including eight critical flaws. “The reason we wanted to focus on hubs was that if you control the central authority that runs the whole show then you can manipulate a lot of information that’s being passed around,” Crowley says. Simple checks on IoT crawlers like Shodan and Censys yielded thousands of vulnerable smart city products deployed in the wild. The researchers contacted officials from a major US city that they found using vulnerable devices to monitor traffic, and a European country with at-risk radiation detectors.
wired, 09.08.2018
gesellschaft_stadt_smart_city  überwachung_sensor_netzwerk  überwachung_stadt_smart_city  itsicherheit_exploit_flaw  itsicherheit_strategie  itsicherheit_netzwerk  itsicherheit_implementierung  itsicherheit_iot_m2m  internet_iot_m2m 
6 weeks ago by kraven
"Cyberdiplomatie": Militärschläge gegen Hackerangriffe?
Militärschläge als Antwort auf Cyberattacken – diese Option möchte man in der NATO nicht ausschließen. Die Frage, wie wer wann auf einen wie auch immer gearteten Cyberangriff zu reagieren hat, kann über Krieg und Frieden entscheiden. Vergangenes Jahr entwickelten auch die EU-Mitgliedstaaten deswegen eine "Cyber Diplomacy Toolbox“, die beschreibt, in welchem Stadium eines Netzangriffs was auf diplomatischer Ebene zu unternehmen ist. Die immer noch als vertraulich eingestuften Papiere zur "Cyber Diplomacy Toolbox“ liegen heise online vor, ebenso Papiere die derzeit für eine Abstimmung im Europäischen Rat vorbereitet werden.
heise, 20.07.2018
itsicherheit_angriff_zuschreibung  itsicherheit_strategie  geheimdienst_eu_ead_siac_intcen_sitcen_hybridfusioncell  militär_nato  staat_politik_desinformation  staat_politik_propaganda  militär_allg_kriegsführung_irregulär  geheimdienst_polizei_infiltration_tech  militär_allg_infiltration_tech  eu_europäischer_rat_der_eu  staat_politik_diplomatie  militär_allg_kriegsführung_elektro_it_ki 
9 weeks ago by kraven
Russische Agenten angeklagt: Mit Bitcoin und CCleaner gegen Hillary Clinton
Kurz vor einem Treffen von US-Präsident Donald Trump mit Russlands Präsident Wladimir Putin belasten neue Spionagevorwürfe das Verhältnis der beiden Staaten. Die US-Justiz klagte am Freitag zwölf russische Mitarbeiter des russichen Geheimdienstes GRU an, weil sie im US-Präsidentschaftswahlkampf 2016 die E-Mail-Server und Computernetzwerke der Demokratischen Partei gehackt haben sollen, um die Chancen der demokratischen Kandidatin Hillary Clinton zu verringern. Die 29-seitige Anklageschrift enthält zahlreiche neue technische Details zum Vorgehen der Hacker. Die Anklageschrift gegen die zwölf Offiziere führt nur detailliert auf, wie der russische Geheimdienst vorgegangen sein soll, um die Server der US-Demokraten zu hacken, das Material im Internet zu veröffentlichen und seine Aktivitäten zu verschleiern. Eine wichtige Rolle spielte dabei der Versuch, die Veröffentlichung einem "einsamen Hacker" mit dem Namen Guccifer 2.0 zuzuschreiben. Das Besondere an der Anklage: Einzelne Aktivitäten der Kampagne werden einzelnen Agenten zugeordnet. Belastet wird in der Anklage zudem die Enthüllungsplattform Wikileaks um den Australier Julian Assange. Demnach diskutierte Wikileaks, in der Schrift als "Organization 1" bezeichnet, mit Guccifer 2.0 über eine möglichst wirkungsvolle Veröffentlichung der kopierten Daten und schrieb Anfang Juni 2016: "Wir denken, dass Trump nur eine Chance von 25 Prozent hat, um gegen Hillary zu gewinnen." Daher wäre ein Konflikt zwischen Hillary und ihrem parteiinternen Konkurrenten Bernie Sanders "interessant".
golem, 15.07.2018
land_russland  geheimdienst_ru_gru_gu  geheimdienst_allg_desinformation  geheimdienst_allg_diskreditierung  geheimdienst_allg_manipulation_propaganda  geheimdienst_polizei_tarnung_undercover  land_usa  partei_allg_wahl_kampf  partei_us_demokraten  geheimdienst_polizei_infiltration_tech  itsicherheit_malware_spyware  tech_medien_kompetenz_dau  itsicherheit_strategie  gesellschaft_kontrolle_steuerung  itsicherheit_verdeckterkanal_data_exfil  itsicherheit_netzwerk  ngo_wikileaks  itsicherheit_angriff_zuschreibung  staat_wahl_manipulation  ru_regierung  us_ministerium_justiz_osc  überwachung_keylogger  ngo_allg_desinformation_propaganda  partei_us_republikaner  internet_soznetz_twitter 
10 weeks ago by kraven
Gute Nachricht für Whistleblower: Dresdner Forscher tricksen Druckerüberwachung aus
Am 3. Juni 2017 verhaftete das FBI Reality Leigh Winner. Die Sprachwissenschaftlerin arbeitete für einen Dienstleister der NSA, ihr wird vorgeworfen, geheime Dokumente des US-Geheimdienstes an The Intercept geleakt zu haben. Zwei Tage später veröffentlichte The Intercept einen Bericht über diese Dokumente, die von russischen Hackerangriffen im Vorfeld der US-Wahl handeln. Dass Reality Winner schon vor dieser Veröffentlichung verhaftet wurde, liegt an einer ganzen Kette an Unachtsamkeiten. Auch kleine gelbe Punkte trugen dazu bei. Kleine gelbe Punkte, die viele Farblaserdrucker auf Dokumenten hinterlassen und die sowohl das Gerät als auch den Druckzeitpunkt verraten. Forschern der Technischen Universität Dresden ist es gelungen, diese Muster zu erkennen, zu analysieren und letztlich auch zu anonymisieren. Timo Richter, Stephan Escher, Dagmar Schönfeld und Thorsten Strufe werteten für ihr Paper 1286 Seiten von 106 Druckermodellen 18 verschiedener Hersteller aus, die ausgedruckt und danach wieder eingescannt wurden. Dabei stießen sie auf fünf verschiedene Trackingmuster. Vier davon konnten die Forscher anonymisieren. Dennoch könnten Drucker auch andere, noch unbekannte Trackingmuster enthalten, wie Strufe sagte.
netzpolitik, 24.06.2018
überwachung_fingerprint_dokument  tech_hw_drucker_laser  anonymisierung  medien_presse_informantenschutz  überwachung_person_identifizierung  hacktivism_whistleblowing  itsicherheit_strategie  uni_de_tu_dresden 
june 2018 by kraven
Researchers hide information in plain text
Computer scientists at Columbia Engineering have invented FontCode, a new way to embed hidden information in ordinary text by imperceptibly changing, or perturbing, the shapes of fonts in text. FontCode creates font perturbations, using them to encode a message that can later be decoded to recover the message. The method works with most fonts and, unlike other text and document methods that hide embedded information, works with most document types, even maintaining the hidden information when the document is printed on paper or converted to another file type. "While there are obvious applications for espionage, we think FontCode has even more practical uses for companies wanting to prevent document tampering or protect copyrights, and for retailers and artists wanting to embed QR codes and other metadata without altering the look or layout of a document," says Changxi Zheng, associate professor of computer science and the paper's senior author. Zheng created FontCode with his students Chang Xiao (PhD student) and Cheng Zhang MS'17 (now a PhD student at UC Irvine) as a text steganographic method that can embed text, metadata, a URL, or a digital signature into a text document or image, whether it's digitally stored or printed on paper. It works with common font families, such as Times Roman, Helvetica, and Calibri, and is compatible with most word processing programs, including Word and FrameMaker, as well as image-editing and drawing programs, such as Photoshop and Illustrator. To use FontCode, you would supply a secret message and a carrier text document. FontCode converts the secret message to a bit string (ASCII or Unicode) and then into a sequence of integers. Each integer is assigned to a five-letter block in the regular text where the numbered codebook locations of each letter sum to the integer. Recovering hidden messages is the reverse process. From a digital file or from a photograph taken with a smartphone, FontCode matches each perturbed letter to the original perturbation in the codebook to reconstruct the original message. Matching is done using convolutional neural networks (CNNs). Recognizing vector-drawn fonts (such as those stored as PDFs or created with programs like Illustrator) is straightforward since shape and path definitions are computer-readable. However, it's a different story for PNG, IMG, and other rasterized (or pixel) fonts, where lighting changes, differing camera perspectives, or noise or blurriness may mask a part of the letter and prevent an easy recognition.
eurekalert, 10.05.2018
krypto_steganografie  überwachung_fingerprint_dokument  recht_urheberrecht_drm  hacktivism_whistleblowing  itsicherheit_strategie  medien_presse_informantenschutz  überwachung_identifizierung_itk_nutzer  uni_us_columbia  tech_ki_neuronales_netzwerk  software_texterkennung  software_schriftart  krypto_signierung 
may 2018 by kraven
Efail or OpenPGP is safer than S/MIME
Some may have noticed that the EFF has warnings [NB: https://www.eff.org/deeplinks/2018/05/attention-pgp-users-new-vulnerabilities-require-you-take-action-now] about the use of PGP out which I consider pretty overblown. The GnuPG team was not contacted by the researchers but I got access to version of the paper [NB: https://efail.de/] related to KMail. It seems to be the complete paper with just the names of the other MUAs redacted. Here is a response I wrote on the weekend to a reporter who inquired on this problem: The topic of that paper is that HTML is used as a back channel to create an oracle for modified encrypted mails. It is long known that HTML mails and in particular external links like <img href="tla.org/TAG"/> are evil if the MUA actually honors them (which many meanwhile seem to do again; see all these newsletters). Due to broken MIME parsers a bunch of MUAs seem to concatenate decrypted HTML mime parts which makes it easy to plant such HTML snippets. There are two ways to mitigate this attack: - Don't use HTML mails. Or if you really need to read them use a proper MIME parser and disallow any access to external links, - Use authenticated encryption. The latter is actually easy for OpenPGP because we started to use authenticated encryption (AE) since 2000 or 2001. Our AE is called MDC (Modification detection code) and was back then introduced for a very similar attack [NB: Massive Fail der gesamten in- und ausländischen Presse & inkl. EFF].
gnupg-users mailinglist, 14.05.2018
krypto_openpgp  software_krypto_gnupg  ngo_eff  itsicherheit_exploit_flaw  uni_de_fh_münster  software_mua_tb_enigmail  software_mua_html_mail  krypto_smime  itsicherheit_implementierung  itsicherheit_verdeckterkanal_data_exfil  itsicherheit_strategie  internet_protokoll_mime  krypto_openpgp_mdc  uni_nl_ku_leuven  uni_de_bochum 
may 2018 by kraven
Bundesbehörden zahlen eine Viertelmilliarde Euro Lizenzgebühren an Microsoft
Für Software-Lizenzen von Microsoft geben Bundesministerien und ihnen nachgeordnete Behörden bis Mai 2019 mehr als 250 Millionen Euro aus und bedienen damit die 2015 geschlossenen Verträge mit dem Unternehmen. Das hat die Antwort auf eine Anfrage des Linken-Politikers Victor Perli an das für Software-Einkauf zuständige Innenministerium ergeben, berichtet das Magazin Der Spiegel. Demnach zahlen jährlich allein Bundesbehörden Beträge zwischen 43,5 Millionen Euro (2015) und knapp 74 Millionen Euro (2017) an den US-Konzern. Wobei noch die Zahlen für das Verkehrsministerium und das Verteidigungsressort fehlen, weil sie ihre Microsoft-Lizenzgebühren nur teilweise beziffern konnten [NB: https://www.heise.de/ct/artikel/Das-Microsoft-Dilemma-Windows-10-und-Office-in-Behoerden-3970996.html].
heise, 14.04.2018
unternehmen_microsoft  land_deutschland  de_bundesregierung  staat_geldverschwendung  software_propietär_closed  staat_inkompetenz  itsicherheit_strategie 
april 2018 by kraven
Be careful what you copy: Invisibly inserting usernames into text with Zero-Width Characters
Zero-width characters are invisible, ‘non-printing’ characters that are not displayed by the majority of applications. These characters can be used to ‘fingerprint’ text for certain users. I saw a lot of interest in zero-width characters from a recent post by Zach Aysan [NB: https://www.zachaysan.com/writing/2018-01-01-fingerprinting-update] so I thought I’d publish this method here along with an interactive demo to share with everyone. The code examples have been updated to use modern JavaScript but the overall logic is the same. Companies are doing more than ever to avoid information leakage and stop whistleblowers, this trick is just one of many that can be used. Depending on your line of work, it could be vitally important to understand the risks associated with copying text. Very little applications will try to render the zero-width characters.
medium, 03.04.2018
medien_presse_informantenschutz  überwachung_fingerprint_dokument  itsicherheit_strategie  überwachung_identifizierung_itk_nutzer  überwachung_person_identifizierung  hacktivism_whistleblowing 
april 2018 by kraven
Operation Bayonet: Inside the Sting That Hijacked an Entire Dark Web Drug Market
In interviews with WIRED, ahead of a talk they plan to give at Kaspersky Security Analyst Summit Thursday, two Netherlands National High Tech Crime Unit officers detailed their 10-month investigation into Hansa, once the largest dark-web market in Europe. In their probe into that free-trade zone, which would come to be known as Operation Bayonet, the Dutch investigators not only identified the two alleged administrators of Hansa's black market operation in Germany, but went so far as to hijack the two arrested men's accounts to take full control of the site itself. The NHTCU officers explained how, in the undercover work that followed, they surveilled Hansa's buyers and sellers, discreetly altered the site's code to grab more identifying information of those users, and even tricked dozens of Hansa's anonymous sellers into opening a beacon file on their computers that revealed their locations. The fallout of that law enforcement coup, the officers claim, has been one of the most successful blows against the dark web in its short history: millions of dollars worth of confiscated bitcoins, more than a dozen arrests and counting of the site's top drug dealers, and a vast database of Hansa user information that authorities say should haunt anyone who bought or sold on the site during its last month online.
wired, 08.03.2018
software_anon_tor_onion_service  geheimdienst_polizei_infiltration_tech  anonymisierung_hosting  anonymisierung_missbrauch  itsicherheit_strategie  datenschutz_id_management  bezahlsystem_p2p  polizei_nl_klpd_nhtcu  unternehmen_allg_untergrund  anonymisierung_kommunikation  überwachung_beschlagnahme_hardware  überwachung_itforensik  überwachung_observation  land_niederlande  land_deutschland  land_usa  tech_medien_kompetenz_dau 
march 2018 by kraven
Browser as Botnet, or the Coming War on Your Web Browser
Technically, however, there is nothing stopping a website from serving arbitrary code that has nothing to do with your browsing experience. Your web browser will blindly execute whatever JavaScript code it receives from the website you are browsing. What’s to stop high-traffic sites like Facebook and Google from abusing this feature of the web, harvesting massive compute resources from their hundreds of thousands of concurrently connected users for free? Was this idea really feasible in practice? If so, was it being used in the wild? This post is a report of my trip down this rabbit hole of an idea, and a summary of the talk that I ended up giving at Radical Networks as a result of that research. Imagine a situation where your computer is participating as a node in a botnet, only this time malware isn’t installed as a program on your computer. Rather, it occurs in the background of the very browser tab you have open reading this blog post. This method would give malicious JavaScript code full access to the sandboxed web browser API, an increasingly powerful set of web technologies. It would also be transient and difficult to detect once the user has navigated off the website, providing compute resources to the botnet equal to the number of concurrent website visitors at any given time. What’s to stop high-traffic websites from leeching resources from their visitors for free for the duration of the time they are visiting a website?
medium, 14.01.2018
itsicherheit_software_browser  itsicherheit_strategie  software_browser_allg  software_javascript  software_javascript_web_worker  software_browser_allg_wasm  internet_spezifikation_w3c_webrtc  itsicherheit_botnetz_c&c  internet_spezifikation_w3c_html_frame  unternehmen_allg_werbung  überwachung_fingerprint_hardware  überwachung_fingerprint_software  kriminalität_cracker_blackhat  software_browser_allg_addon_adblocker  geheimdienst_us_nsa_tao_quantum  geheimdienst_polizei_infiltration_tech  geheimdienst_polizei_tarnung_undercover  itsicherheit_angriff_modell 
january 2018 by kraven
A Security Issue in Intel’s Active Management Technology (AMT)
In July 2017 Harry Sintonen, one of F-Secure’s Senior Security Consultants, discovered unsafe and misleading default behaviour within Intel’s Active Management Technology (AMT). “The attack is almost deceptively simple to enact, but it has incredible destructive potential. In practice, it can give a local attacker complete control over an individual’s work laptop, despite even the most extensive security measures,” Sintonen says. The issue allows a local intruder to backdoor almost any corporate laptop in a matter of seconds, even if the BIOS password, TPM Pin, Bitlocker and login credentials are in place. No, we’re not making this stuff up. The setup is simple: an attacker starts by rebooting the target’s machine, after which they enter the boot menu. In a normal situation, an intruder would be stopped here; as they won’t know the BIOS password, they can’t really do anything harmful to the computer. In this case, however, the attacker has a workaround: AMT. By selecting Intel’s Management Engine BIOS Extension (MEBx), they can log in using the default password “admin,” as this hasn’t most likely been changed by the user. By changing the default password, enabling remote access and setting AMT’s user opt-in to “None”, a quick-fingered cyber criminal has effectively compromised the machine. Now the attacker can gain access to the system remotely, as long as they’re able to insert themselves onto the same network segment with the victim (enabling wireless access requires a few extra steps).
f-secure, 12.01.2018
unternehmen_intel  tech_hw_chip_intel_me_amt_mebx  itsicherheit_strategie  itsicherheit_exploit_flaw  itsicherheit_authentisierung_passwort  itsicherheit_firmware_bios  tech_computer_fernwartung  tech_hw_laptop_notebook  überwachung_beschlagnahme_hardware  geheimdienst_us_nsa_cao_tarex  geheimdienst_polizei_infiltration_tech 
january 2018 by kraven
No boundaries for user identities: Web trackers exploit browser login managers
We show how third-party scripts exploit browsers’ built-in login managers (also called password managers) to retrieve and exfiltrate user identifiers without user awareness. To the best of our knowledge, our research is the first to show that login managers are being abused by third-party scripts for the purposes of web tracking. The underlying vulnerability of login managers to credential theft has been known for years. Much of the past discussion has focused on password exfiltration by malicious scripts through cross-site scripting (XSS) attacks. Fortunately, we haven’t found password theft on the 50,000 sites that we analyzed. Instead, we found tracking scripts embedded by the first party abusing the same technique to extract emails addresses for building tracking identifiers. We found two scripts using this technique to extract email addresses from login managers on the websites which embed them. These addresses are then hashed and sent to one or more third-party servers. Why does the attack work? All major browsers have built-in login managers that save and automatically fill in username and password data to make the login experience more seamless. The set of heuristics used to determine which login forms will be autofilled varies by browser, but the basic requirement is that a username and password field be available. The simplest defense is to allow users to disable login autofill. For instance, the Firefox preference signon.autofillForms can be set to false to disable autofilling of credentials.
freedom to tinker, 27.12.2017
itsicherheit_authentisierung_passwort  itsicherheit_software_browser  software_passwort_manager  software_javascript  überwachung_internet_tracking  überwachung_identifizierung_itk_nutzer  itsicherheit_by_obscurity  uni_us_princeton  itsicherheit_strategie  itsicherheit_exploit_flaw 
december 2017 by kraven
Investigation Report for the September 2014 Equation malware detection incident in the US
In early October, a story was published by the Wall Street Journal alleging Kaspersky Lab software was used to siphon classified data from an NSA employee’s home computer system. Given that Kaspersky Lab has been at the forefront of fighting cyberespionage and cybercriminal activities on the Internet for over 20 years now, these allegations were treated very seriously. To assist any independent investigators and all the people who have been asking us questions whether those allegations were true, we decided to conduct an internal investigation to attempt to answer a few questions we had related to the article and some others that followed it.
kaspersky, 16.11.2017
geheimdienst_us_nsa_tao_cna_cne  geheimdienst_us_nsa  land_usa  land_russland  itsicherheit_malware_spyware  itsicherheit_strategie  itsicherheit_by_obscurity  software_anti_malware_virus  unternehmen_kaspersky  itsicherheit_datensicherheit  absurdität_kuriosität  tech_medien_kompetenz_dau 
november 2017 by kraven
NSA Worker’s Software Piracy May Have Exposed Him To Russian Spies
Kaspersky Lab said an individual, believed to be one identified as a National Security Agency worker in news accounts, triggered the company’s antivirus software and paved the way for it to upload classified NSA files from his computer when he tried to pirate Microsoft Office and ended up infecting himself with malicious software. The piracy claim is included in a set of preliminary findings released by the Moscow-based company from an internal investigation into a byzantine spying scandal that didn’t seem like it could get any more bizarre.
intercept, 25.10.2017
geheimdienst_us_nsa_tao_cna_cne  geheimdienst_us_nsa  land_usa  land_russland  itsicherheit_malware_spyware  itsicherheit_strategie  itsicherheit_by_obscurity  software_anti_malware_virus  unternehmen_kaspersky  itsicherheit_datensicherheit  absurdität_kuriosität  überwachung_backdoor_software  internet_dienst_cloud  tech_medien_kompetenz_dau 
october 2017 by kraven
AI threatens humanity
Advances in artificial intelligence, or AI, and a subset called machine learning are occurring much faster than expected and will provide U.S. military and intelligence services with powerful new high-technology warfare and spying capabilities, says a report by two AI experts produced for Harvard’s Belfer Center. The range of coming advanced AI weapons include: robot assassins, superfast cyber attack machines, driverless car bombs and swarms of small explosive kamikaze drones. According to the report, “Artificial Intelligence and National Security [NB: http://www.belfercenter.org/sites/default/files/files/publication/AI%20NatSec%20-%20final.pdf],” AI “will dramatically augment autonomous weapons and espionage capabilities and will represent a key aspect of future military power.” The report also offers an alarming warning that artificial intelligence could spin out of control: “Speculative but plausible hypotheses suggest that General AI and especially superintelligence systems pose a potentially existential threat to humanity.” The 132-page report was written by Gregory C. Allen and Taniel Chan for the director of the Intelligence Advanced Research Projects Activity, (IARPA), the U.S. intelligence community’s research unit. “In the short term, advances in AI will likely allow more autonomous robotic support to warfighters, and accelerate the shift from manned to unmanned combat missions,” the report says, noting that the Islamic State has begun using drones in attacks. “Over the long term, these capabilities will transform military power and warfare.” Future threats could also come from swarms of small robots and drones. “Imagine a low-cost drone with the range of a Canada Goose, a bird which can cover 1,500 miles in under 24 hours at an average speed of 60 miles per hour,” the report said. “How would an aircraft carrier battle group respond to an attack from millions of aerial kamikaze explosive drones?” AI-derived assassinations also are likely in the future by robots that will be difficult to detect. “A small, autonomous robot could infiltrate a target’s home, inject the target with a lethal dose of poison, and leave undetected,” the report said. “Alternatively, automatic sniping robots could assassinate targets from afar.”
washington times, 23.08.2017
uni_us_harvard  geheimdienst_us_odni_iarpa  geheimdienst_allg_spionage  geheimdienst_allg_sabotage  geheimdienst_allg_desinformation  geheimdienst_polizei_infiltration_tech  itsicherheit_strategie  land_usa  militär_allg_sabotage  tech_ki  tech_ki_maschinelles_lernen  tech_roboter_allg_autonomie  uas_killer_kamikaze  militär_allg_strategie_doktrin  uas_ugv_autonomie  uas_ugv_formation_schwarm  überwachung_int_sigint_comint  staat_politik_sicherheit  staat_politik_sicherheit_rüstung_kontrolle_wettlauf  itsicherheit_angriff_modell  tech_ki_maschinelles_lernen_deep_learning  tech_automatisierung_ki_robotik  uas_ugv_killer_laws  militär_allg_kriegsführung_elektro_it_ki 
august 2017 by kraven
WannaCry: Was wir bisher über die Ransomware-Attacke wissen
Seit Freitagabend breitet sich die Ransomware WannaCry (WanaDecrypt0r 2.0) im weltweiten Internet aus. Es handelt sich um einen Kryptotrojaner, der Daten auf den betroffenen Computern verschlüsselt. Weltweit sollen zur Stunde über 220.000 Systeme betroffen sein. Anders als Locky & Co springt der Schädling von einem infizierten Rechner auf andere, übers Netz erreichbare Windows-Systeme über. Nach bisherigen Erkenntnissen nutzt WannaCry zwei Angriffsvektoren: Einmal verbreitet er sich – wie bei Kryptotrojanern üblich – per E-Mail. Doch wenn der Schädling ein Sytem infiziert hat, versucht er auch, wie ein Wurm andere Rechner im gleichen Netz zu kompromittieren. Dafür nutzt WannaCry offenbar eine Lücke in Windows Dateifreigaben (SMB). Diese Lücke war bekannt geworden, nachdem eine Hackergruppe namens Shadow Brokers einige Exploits der NSA-nahen Equation Group veröffentlicht hatte. Der Exploit, der die von WannaCry genutzte Lücke ausnutzt, ist unter dem Namen EternalBlue bekannt.
heise, 13.05.2017
software_os_windows  geheimdienst_us_nsa_tao_cna_cne  itsicherheit_exploit_flaw  itsicherheit_malware_spyware  itsicherheit_os  itsicherheit_strategie  kriminalität_cracker_blackhat  tech_netzwerk_protokoll_smb 
may 2017 by kraven
Nationales Cyber-Abwehrzentrum
Das Nationale Cyber-Abwehrzentrum (Cyber-AZ) ist ein Thema der Antwort der Bundesregierung (18/10839) auf eine Kleine Anfrage [NB: "Cyber-Sicherheitsstrategie der Bundesregierung"] der Fraktion Die Linke (18/10682). Wie die Bundesregierung darin darlegt, soll das Cyber-AZ unter Federführung des Bundesinnenministeriums "zu einer Institution weiterentwickelt werden, die ressortgemeinsam handelt, erforderliche Aktivitäten koordiniert und das IT-Krisenmanagement für Deutschland übernimmt".
hib, 31.01.2017
land_deutschland  uni_de_unibwm  geheimdienst_de_alle  itsicherheit_strategie  de_bundesregierung  sicherheitsforschung_de  sicherheitsforschung_eu  itsicherheit_ids_ips  überwachung_internet_dpi  überwachung_sensor_netzwerk  de_bundesamt_bsi  de_bundestag_dip 
february 2017 by kraven
Antivirensoftware: Die Schlangenöl-Branche
Antivirenprogramme gelten Nutzern und Systemadministratoren als unverzichtbar. Doch viele IT-Sicherheitsexperten sind extrem skeptisch. Antivirensoftware ist oft selbst voller Sicherheitslücken - und hat sehr grundsätzliche Grenzen.
golem, 21.12.2016
itsicherheit_by_obscurity  software_anti_malware_virus  itsicherheit_malware_spyware  itsicherheit_implementierung  überwachung_internet_mitm_sslproxy  itsicherheit_exploit_flaw  itsicherheit_strategie  tech_medien_kompetenz_dau 
december 2016 by kraven
Cyber-Sicherheitsstrategie 2016
Die "Cyber-Sicherheitsstrategie für Deutschland 2016" ist Gegenstand einer Unterrichtung durch die Bundesregierung (18/10395). Wie daraus hervorgeht, schreibt die Cyber-Sicherheitsstrategie 2016 die von der Bundesregierung im Februar 2011 beschlossene Cyber-Sicherheitsstrategie fort und "bildet den ressortübergreifenden strategischen Rahmen für die Aktivitäten der Bundesregierung mit Bezügen zur Cyber-Sicherheit".
hib, 23.11.2016
land_deutschland  itsicherheit_strategie  de_bundesregierung  geheimdienst_de_bnd_ta_sit_zeus_sscd  de_ministerium_bmi_zitis  geheimdienst_de_bka_qrf  sicherheitsarchitektur  de_bundesamt_bsi_ncaz  de_bundestag_dip  de_bundesregierung_sicherheitsrat_cyber 
november 2016 by kraven

Copy this bookmark:





to read