recentpopularlog in

pierredv : cybersecurity   215

« earlier  
EU Member States Release Report on Coordinated Risk Assessment on Cybersecurity in 5G Networks
"European Union Member States published a report on the 'EU coordinated risk assessment on cybersecurity in Fifth Generation (5G) networks'. The report is based on the results of the national cybersecurity risk assessments by all EU Member States. It identifies the main threats and threats actors, the most sensitive assets, the main vulnerabilities, and several strategic risks. From the release . . . "
CircleID  5G  cybersecurity  EU 
8 days ago by pierredv
EC warns on state-backed threats to 5G - Mobile World Live
The European Commission (EC) highlighted significant security challenges arising from deployment of 5G networks following a wide-reaching risk assessment around the technology, in what is being regarded as a thinly-veiled swipe at Chinese vendors Huawei and ZTE.

Following risk assessments by the bloc’s 28 member states, the EC highlighted several security challenges it believes are likely to appear or become more prominent in 5G than in previous generations of mobile technology.
EC  EuropeanCommission  5G  Huawei  ZTE  cybersecurity  spectrum-vulnerability  China 
13 days ago by pierredv
A connected world will be a playground for hackers - Cyber security - The Economist, Sep 2019
"Few companies making connected gadgets have much experience with cyber security"

"AS WAYS TO break into casinos go, a fish tank is an unusual route. Yet that is what was used in an unnamed American gambling house in 2017. It had invested in a fancy internet-connected tank in which the temperature and salinity of the water were remotely controlled. Its owners were not naive: when they installed it, they isolated its controls on their own specific part of their company network, away from all their sensitive systems.

It made no difference. According to Darktrace, a computer-security firm, attackers from Finland managed to break into the tank’s systems, then used it as a stepping stone for the rest of the casino’s networks. They made off with around 10GB of data."
TheEconomist  cybersecurity  IoT  vulnerability 
16 days ago by pierredv
Newer Diameter Telephony Protocol Just As Vulnerable As SS7, Jul 2018
"Security researchers say the Diameter protocol used with today's 4G (LTE) telephony and data transfer standard is vulnerable to the same types of vulnerabilities as the older SS7 standard used with older telephony standards such as 3G, 2G, and earlier."

"The difference between these two is that while SS7 did not use any type of encryption for its authentication procedures, leading to the easy forgery of authentication and authorization messages, Diameter supports TLS/DTLS (for TCP or SCTP, respectively) or IPsec."

"4G operators often misconfigure Diameter"

"Researchers say that the Diameter misconfigurations they've spotted inside 4G networks are in many cases unique per each network but they usually repeat themselves to have them organized in five classes of attacks: (1) subscriber information disclosure, (2) network information disclosure, (3) subscriber traffic interception, (4) fraud, and (5) denial of service."
LTE  4G  cyber-spectrum  cybersecurity  Diameter  SS7 
22 days ago by pierredv
Cyber Risk Now on Top of Corporate Risk Agendas, Cyber Insurance Expanding - CircleID Sep 2019
Results from the 2019 Marsh-Microsoft Global Cyber Risk Perception survey indicates several encouraging signs of improvement in the way organizations view and manage cyber risk. The study which surveyed of over 1,500 business leaders around the world reports that cyber risk is now clearly and firmly at the top of corporate risk agendas with a "positive shift towards the adoption of more rigorous, comprehensive cyber risk management in many areas." The survey has also revealed cyber insurance coverage is expanding to meet evolving threats. Some highlights:
CircleID  risk-assessment  risk-management  cybersecurity 
29 days ago by pierredv
F-Secure - Attacks using IoT devices and Windows SMB escalate in 2019 , Sep 2019
"Cyber criminals upped the intensity of IoT and SMB-related attacks in the first half of 2019, according to a new F-Secure report, “Attack Landscape H1 2019”. The report underscores the threats IoT devices face if not properly secured when online, as well as the continued popularity of EternalBlue and related exploits two years after WannaCry."
F-Secure  IoT  cybersecurity 
5 weeks ago by pierredv
Stalking cheap Chinese GPS child trackers is as easy as 123... 456 – because that's the default password on 600k+ of these gizmos • The Register, Sep 2019
"Concerned parents who strap GPS trackers to their kids to keep tabs on the youngsters may be inadvertently putting their offspring in danger. Hundreds of thousands of the gizmos ship with pathetic security, including a default password of 123456, allowing them to be potentially monitored by strangers, it is claimed."

"White hats at Avast announced on Thursday they discovered 29 models of gadgets, designed to track their child wearers, had that weak default passcode. "

"once into an account, you can see the kid's GPS coordinates, eavesdrop on the built-in microphone, access any photos on the device, and potentially even make a call to the child"

"The security pros scanned a million account numbers, and said they found more than 600,000 vulnerable devices are in circulation"
TheRegister  GPS  China  cyber-spectrum  cybersecurity  hacking  Avast  surveillance  tracking 
6 weeks ago by pierredv
Why 5G requires new approaches to cybersecurity - Brookings, Tom Wheeler and David Simpson, Sep 2019
"The hyperbolic rhetoric surrounding the Chinese equipment issues is drowning out what should be a strong national focus on the full breadth of cybersecurity risk factors facing 5G."

"Policy leaders should be conducting a more balanced risk assessment, with a broader focus on vulnerabilities, threat probabilities, and impact drivers of the cyber risk equation."

"There are five ways in which 5G networks are more vulnerable to cyberattacks than their predecessors:"
1. moved away from centralized, hardware-based switching to distributed, software-defined digital routing
2. virtualizing in software higher-level network functions formerly performed by physical appliances
3. the network is also being managed by software—...—that itself can be vulnerable
4. dramatic expansion of bandwidth
5. IoT

Recommendations
#1: Companies must recognize and be held responsible for a new cyber duty of care
#2: Government must establish a new cyber regulatory paradigm to reflect the new realities
Brookings  5G  cybersecurity  risk-assessment 
7 weeks ago by pierredv
5G Real Security Threats Lost in Trump's Twitter Diplomacy - CircleID Sep 2019
"A new report on 5G and geopolitics by Oxford Information Labs details the complex landscape of 5G security. Importantly, it draws out how a variety of proven technical concerns around the quality of Huawei security practices and equipment are drowned out by the US' Twitter diplomacy."

"Critical international dialogue on genuine cybersecurity concerns relating to 5G and Huawei are being lost in the noise of the US-China trade war. This includes issues like network resiliency, attack surfaces, remote access, and the move to software-defined networks"

"... the evolution from 4G to 5G will be more complex than previous evolutions in mobile technology. For instance, rather than cookie-cutter networks, 5G implementations will be highly specialised and vulnerable to software exploits."
CircleID  Huawei  5G  security  cyber-spectrum  cybersecurity 
7 weeks ago by pierredv
How dangerous is the KNOB Bluetooth vulnerability and what should I be - Aug 2019
Via Dale Hatfield

"Security researchers recently discovered a way to intercept a Bluetooth connection between two devices, leading to the ability to plainly view all of the data being transmitted between the two devices. The ‘attack’ was successful on 17 different kinds of Bluetooth chips on 24 different devices that they tested, which means that every popular brand of device that uses Bluetooth is vulnerable."

"In essence, the security researchers figured out how to lower the encryption level used to keep Bluetooth connections secured, by jumping in during the initial negotiation process prior to making a connection."

"In order to actually pull this off in real life, the perpetrator would need a really specialized and expensive piece of equipment, be relatively nearby and could only exploit the connection at the very moment that the two devices where attempting to pair with one another."
cyber-spectrum  cybersecurity  Bluetooth  vulnerability 
8 weeks ago by pierredv
Hack in the box: Hacking into companies with “warshipping” | Ars Technica
"For under $100, compact hardware can turn a shipped package into a horse for attacks."

"Using less than $100 worth of gear—including a Raspberry Pi Zero W, a small battery, and a cellular modem—the X-Force Red team assembled a mobile attack platform that fit neatly within a cardboard spacer dropped into a shipping box or embedded in objects such as a stuffed animal or plaque."
cybersecurity  vulnerability  cyber-spectrum  ArsTechnica 
10 weeks ago by pierredv
D-Link Agrees to Make Security Enhancements to Settle FTC Litigation | Federal Trade Commission
"Smart home products manufacturer D-Link Systems, Inc., has agreed to implement a comprehensive software security program in order to settle Federal Trade Commission allegations over misrepresentations that the company took reasonable steps to secure its wireless routers and Internet-connected cameras."
FTD  D-Link  cyber-spectrum  cybersecurity 
11 weeks ago by pierredv
5G security enhancements take aim at emerging threats | FierceWireless Jul 2019
"While complex 5G networks present an expanded threat surface for potential security attacks, enhancements in the next-generation technology also provide transformational security safeguards, according to 5G Americas president Chris Pearson."

"5G Americas, along with project leaders from AT&T and Cisco, released a white paper (PDF) Wednesday detailing 5G security threats, enhancements and standards development meant to handle more stringent protections that will be required by new services and applications."

"Specific 5G security enhancements, according to 5G Americas, include:

Unified authentication framework that enables seamless mobility across different access technologies and support of concurrent connections
User privacy protection for vulnerable information often used to identify and track subscribers
Secure Service-Based Architecture and slice isolation, optimizing security that prevents threats from spreading to other network slices
Native support for secure steering of roaming (SoR), allowing operators to steer customers to preferred partner networks, which improves customer experience, reduces roaming charges, and prevents roaming fraud
Improved SS7 and Diameter protocols for roaming
Improved rogue base station detection and mitigation
Additional proprietary operator and vendor analytics for more layers of security
"
5G  cybersecurity  cyber-spectrum  FierceWireless 
11 weeks ago by pierredv
Serious Zoom security flaw could let websites hijack Mac cameras - The Verge, Jul 2019
"Today, security researcher Jonathan Leitschuh has publicly disclosed a serious zero-day vulnerability for the Zoom video conferencing app on Macs. He has demonstrated that any website can open up a video-enabled call on a Mac with the Zoom app installed. That’s possible in part because the Zoom app apparently installs a web server on Macs that accepts requests regular browsers wouldn’t. In fact, if you uninstall Zoom, that web server persists and can reinstall Zoom without your intervention."
TheVerge  cybersecurity  hacking  vulnerability  Zoom  Mac 
july 2019 by pierredv
What Are the Top 5G Security Challenges? - SDxCentral
Via Scott Fox, Jul 2019

"The Department for Digital, Culture, Media and Sport of the United Kingdom government released a technical report on 5G architecture and security in December 2018. It outlined four security mechanisms 5G networks need to meet.

First, cross-layer security. A unified framework is needed to coordinate different security methods for each security layer, such as applications or the IoT.

Then, end-to-end security. There should be a secure connection for the communication paths between the user and the core network. The distributed nature of 5G networks makes this challenging.

Cross-domain security is a must. 5G networks create a massive amount of novel use cases with unique requirements. Since the vertical market will only grow in order to fulfill those novel use cases, the report calls for cooperation between those in the 5G system to enact integrated security solutions that go across domains.

Finally, the concept of secure-by-design. As the network changes and evolves, security must be built into the design during development."
5G  cybersecurity  cyber-spectrum 
july 2019 by pierredv
Medtronic Recalls MiniMed Insulin Pumps as FDA Warns About Hacking Risk | WNEP.com
Via Jeff Reed, June 2019

"The US Food and Drug Administration issued a warning on Thursday about possible risk of hacking for some diabetes patients’ insulin pumps. Certain insulin pumps from Medtronic MiniMed have been recalled due to potential cybersecurity risks and it’s recommended for people who use those insulin pumps to switch to different models, according to the FDA."

"In the United States, Medtronic has identified about 4,000 patients who are potentially using insulin pumps that are vulnerable to this issue"
FDA  hacking  cyber-spectrum  cybersecurity 
july 2019 by pierredv
United States Steps Up Digital Incursions Into Russia's Electric Power Grid, According to NYT, CircleID Jun 18
The United States has shifted its Russia strategy more towards offense and inserted potentially crippling malware inside Russia's electric power grid at a depth and with an aggressiveness that had never been tried before, according to a New York Times's story that broke over the weekend.
CircleID  cybersecurity  cyberwar 
june 2019 by pierredv
Hacking these medical pumps is as easy as copying a booby-trapped file over the network • The Register Jun 2019
"Two security vulnerabilities in medical workstations can exploited by scumbags to hijack the devices and connected infusion pumps, potentially causing harm to patients, the US government revealed today"

"An attacker successfully exploiting the critical flaw could remotely install malicious firmware, thereby disabling the workstation or altering its function."
TheRegister  healthcare  cyber-spectrum  cybersecurity  vulnerability  DHS 
june 2019 by pierredv
Sunday's Google Cloud outage impacted Gmail, YouTube, Snapchat, with global ripple effects | FierceTelecom, Jun 2019
"Google Cloud has bounced back from a major outage Sunday that impacted its own services, including YouTube and Gmail, as well as those of some of its clients."

"Aside of social media apps being down, the outage meant that some of Google's Nest customers couldn't use their Nest thermostats, Nest smart locks, and Nest cameras, according to Twitter posts on Google Nest."
FierceWireless  Google  cybersecurity  availability  networking 
june 2019 by pierredv
Marek’s Take: Network slicing is a security nightmare for operators | FierceWireless
“Even if you put security to one side, operationalizing network slicing with any kind of agility, at any kind of scale, is going to be very complex. When you then add in the security requirements — as you have to — that adds yet more complexity,” said Patrick Donegan, founder and principal analyst with HardenStance.

"And 5G networks alone have more security challenges than 3G and 4G networks. . . . each network function has a very large number of secured trusted relationships that have to be up and running continuously."

"But it’s unclear which entity will ultimately be responsible for the security of a network slice. Will it be the underlying operator? Or the enterprise/MVNO that is operating the slice?"

"... there are new players entering the space that see network slicing as an opportunity. For example, cloud providers may be able to offer a solution to this complex undertaking ... [Oracle]"
FierceWireless  5G  cyber-spectrum  cybersecurity  opinion 
june 2019 by pierredv
Keep your files and communications safe with Office - Office Support
Office gives you tools to help keep your information secure and private, and ways to recover your files from malicious attacks or accidental deletions.
Microsoft  Office  cybersecurity  howto  tools  resources 
may 2019 by pierredv
Fighting IMSI catchers: A look at 5G cellular paging security - Ericsson May 2019
"The latest 5G standard includes several new privacy safeguards against IMSI catchers or Stingrays. By design, the new standard protects against privacy attacks in the UPLINK (through a concealed long-term identifier called SUCI). In addition, it also ensures the privacy of paging message distribution in the DOWNLINK. This latest built-in privacy enhancement is the joint effort of many working groups across 3GPP and mitigates the risk of the newest 5G-capable devices being identified or tracked via, for example, side-channel information in 5G cellular paging protocol."

"In one of our earlier blog posts, we wrote about protecting 5G against IMSI catchers, which is a significant privacy enhancement introduced for the 5G standard in the UPLINK direction. . . . In this blog post, we introduce the 5G standard's DOWNLINK privacy enhancements, specifically in the 5G cellular paging protocols."

"While in 4G paging timing was determined based on a long-term identifier (called IMSI), now in 5G they are determined based on a temporary identifier (called 5G-S-TMSI). . . . The effect of this change is that it becomes infeasible for an over-the-air attacker to deduce information about a device's long-term identifier by monitoring the air interface and detecting which paging occasions the device is monitoring. "

"While in 4G, the paging identifier could be either a long-term or a temporary identifier, on 5G networks, it can only be a temporary identifier."

"While in 4G, it is optional to refresh the temporary identifier - the S-TMSI - after paging, on 5G networks it becomes compulsory to refresh the 5G-S-TMSI. "
Ericsson  5G  cyber-spectrum  IMSI-catchers  surveillance  cybersecurity 
may 2019 by pierredv
Israel’s Airstrike on Hamas Hackers: First Real-Time Physical Retaliation Against Cyberattack - CircleID May 2019
"Amid escalating violence between Israel and Gaza this weekend, the Israeli Defense Force claimed it bombed and partially destroyed the base of an active Hamas hacking group in Gaza"

"Although physical retaliations have occurred against cyberattacks in the past including in Estonia, Georgia and US 2015 airstrike to assassinate Islamic state hacker Junaid Hussain, these were all planned events plotted out over several months, notes Newman. Israel's weekend attack was a real-time response to the alleged base of an active Hamas hacking group. "
Israel  CircleID  hacking  retaliation  cybersecurity  cyberwar 
may 2019 by pierredv
WhatsApp urges users to update app after discovering spyware vulnerability | Technology | The Guardian May 2019
The vulnerability was used in an attempted attack on the phone of a UK-based attorney on 12 May, the FT reported. The lawyer, who was not identified by name, is involved in a lawsuit against NSO brought by a group of Mexican journalists, government critics and a Saudi Arabian dissident.
cybersecurity  WhatsApp  hacks  spyware  TheGuardian 
may 2019 by pierredv
Can “Internet-of-Body” Thwart Cyber Attacks on Implanted Medical Devices? - IEEE Spectrum
Via Keith Gremban

"Medtronic discloses medical device vulnerabilities, while Purdue University scientists propose countermeasure to block attacks"

"The U.S. Department of Homeland Security last week warned that numerous medical devices made by Medtronic are vulnerable to cyber attack. The vulnerabilities affect 17 of the company’s implantable cardiac device models and the external equipment used to communicate with them.

A Medtronic spokesperson told IEEE Spectrum that the company voluntarily disclosed the vulnerabilities ..."

"At risk are certain models of heart-regulating devices: implantable cardiac resynchronization therapy/defibrillators (CRT-Ds) and implantable cardioverter defibrillators (ICDs). CRT-Ds send electrical impulses to the lower chambers of the heart to help them beat together in a more synchronized pattern. ICDs deliver electrical impulses to correct fast heart rhythms. External computers program the devices and retrieve information.

Such devices emit radio frequency signals that can be detected up to several meters from the body. A malicious individual nearby could conceivably hack into the signal to jam it, alter it, or snoop on it, according to the Feds’ warning."

"For more than a decade researchers have repeatedly warned that medical devices could be turned into murder weapons. Scientists have demonstrated in written reports and live, at conferences, how to hack into an insulin pump, or a pacemaker, or even an entire hospital network."
cybersecurity  healthcare  IoT  IEEE-Spectrum 
may 2019 by pierredv
Why the US still won’t require SS7 fixes that could secure your phone | Ars Technica Apr 2019
"Yet decades later, SS7 and other components of the nation’s digital backbone remain flawed, leaving calls and texts vulnerable to interception and disruption. Instead of facing the challenges of our hyper-connected age, the FCC is stumbling, according to documents obtained by the Project On Government Oversight (POGO) and through extensive interviews with current and former agency employees. The agency is hampered by a lack of leadership on cybersecurity issues and a dearth of in-house technical expertise that all too often leaves it relying on security advice from the very companies it is supposed to oversee.
Captured

CSRIC is a prime example of this so-called “agency capture”—the group was set up to help supplement FCC expertise and craft meaningful rules for emerging technologies. But instead, the FCC’s reliance on security advice from industry representatives creates an inherent conflict of interest. The result is weakened regulation and enforcement that ultimately puts all Americans at risk, according to former agency staff."

"Emails from 2016 between working group members, obtained by POGO via a Freedom of Information Act request, show that the group dragged its feet on resolving SS7 security vulnerabilities despite urging from FCC officials to move quickly. The group also repeatedly ignored input from DHS technical experts.

The problem wasn’t figuring out a fix, however, according to David Simpson, a retired rear-admiral who led the FCC’s Public Safety and Homeland Security Bureau at the time. The group was quickly able to discern some best practices—primarily through using different filtering systems—that some major carriers had already deployed and that others could use to mitigate the risks associated with SS7."
SS7  telecoms  cybersecurity  ArsTechnica 
may 2019 by pierredv
Sinister secret backdoor found in networking gear perfect for government espionage: The Chinese are – oh no, wait, it's Cisco again • The Register Apr 2019
"US tech giant Cisco has issued a free fix for software running on its Nexus 9000 series machines that can be exploited to log in as root and hijack the device for further mischief and eavesdropping. "

"Yes, everything has bugs, from Cisco to Huawei, and Ericsson to Siemens kit. It's important they get fixed. It's just rather odd to see the US administration lean on its allies to ditch Huawei gear apparently out of fears of Chinese snooping via backdoors when its own homegrown offerings are just as flawed and open to remote access."
TheRegister  Cisco  cybersecurity  backdoors  Huawei 
may 2019 by pierredv
FCC Chairman Pai: Private sector should build 5G; security is key issue | FierceWireless
"Looking at the bigger picture, “we believe 5G security issues need to be addressed upfront,” he said in prepared remarks. “Making the right choices when deployment is beginning is much easier than trying to correct mistakes once network construction and operation is well underway. Moreover, decisions that impact 5G security need to be made with the long term in mind. Focusing too heavily on short-term considerations could result in choices that are penny-wise but pound foolish.”"
FierceWireless  5G  security  cyber-spectrum  cybersecurity  FCC  Ajit-Pai 
may 2019 by pierredv
The Terrifying Potential of the 5G Network | The New Yorker - apr 2019
"The future of wireless technology holds the promise of total connectivity. But it will also be especially susceptible to cyberattacks and surveillance."
NewYorker  5G  cybersecurity 
april 2019 by pierredv
Hacker Finds He Can Remotely Kill Car Engines After Breaking Into GPS Tracking Apps - Motherboard Apr 2019
The hacker, who goes by the name L&M, told Motherboard he hacked into more than 7,000 iTrack accounts and more than 20,000 ProTrack accounts, two apps that companies use to monitor and manage fleets of vehicles through GPS tracking devices. The hacker was able to track vehicles in a handful of countries around the world, including South Africa, Morocco, India, and the Philippines. On some cars, the software has the capability of remotely turning off the engines of vehicles that are stopped or are traveling 12 miles per hour or slower, according to the manufacturer of certain GPS tracking devices.
automobile  GPS  hacking  cybersecurity  Motherboard 
april 2019 by pierredv
Above Us Only Stars — C4ADS
EXECUTIVE SUMMARY

In this report, we present findings from a year-long investigation ending in November 2018 on an emerging subset of EW activity: the ability to mimic, or spoof, legitimate GNSS signals in order to manipulate PNT data. Using publicly available data and commercial technologies, we detect and analyze patterns of GNSS spoofing in the Russian Federation, Crimea, and Syria which demonstrate that the Russian Federation is growing a comparative advantage in the targeted use and development of GNSS spoofing capabilities to achieve tactical and strategic objectives at home and abroad. We profile different use cases of current Russian state activity to trace the activity back to basing locations and systems in use.
“In Section One, we examine GNSS spoofing events across the entire Russian Federation, its occupied territories, and overseas military facilities. We identify 9,883 suspected instances across 10 locations that affected 1,311 civilian vessel navigation systems since February 2016. We demonstrate that these activities are much larger in scope, more diverse in geography, and longer in duration than any public reporting suggests to date.”

“Finally, in Section Four, we expose the use of GPS spoofing in active Russian combat zones, particularly Syria, for airspace denial purposes. This is a capability scarcely reported in the public domain. Using data from a scientific sensor on the International Space Station (ISS), we are able to identify ongoing activity that poses significant threats to civilian airline GPS systems in the region. . . . ”
GPS  GNSS  spoofing  cybersecurity 
april 2019 by pierredv
Can I sue because my GPS might be spoofed? | RNTF Apr 2019
The U.S. Supreme Court’s answer seems to be “yes.”

Earlier this year it declined to hear an appeal from Fiat Chrysler and let a class action suit against the company go ahead. The plaintiffs assert that their vehicles were designed without sufficient cyber-security protections.
RNTF  GPS  litigation  liability  cyber-spectrum  cybersecurity 
april 2019 by pierredv
Telefónica launches IoT Cybersecurity Unit | FierceWireless apr 2019
"Recognizing the great threats posed to the IoT world, Telefónica has launched its own IoT Cybersecurity Unit, a new project that combines the company’s expertise in both cybersecurity and IoT."
FierceWireless  iot  cybersecurity 
april 2019 by pierredv
Triton hackers return with new, covert industrial attack | ZDNet ap r2019
"After gaining a foothold into the corporate side of the network, the Triton group focused on gaining access to the operational side of the industrial system. The threat actors did not steal any data, take any screenshots, or use any form of keylogger; instead, they focused on moving laterally through the system, maintaining persistence and performing network reconnaissance."

"FireEye has previously linked Triton to Russia's Central Scientific Research Institute of Chemistry and Mechanics research lab, based in Moscow, with "high confidence.""
malware  cybersecurity  SCADA 
april 2019 by pierredv
Hospital viruses: Fake cancerous nodes in CT scans, created by malware, trick radiologists - The Washington Post, Apr 2019
"But what if the scan had shown faked cancerous nodules, placed there by malware exploiting vulnerabilities in widely used CT and MRI scanning equipment? Researchers in Israel say they have developed such malware to draw attention to serious security weaknesses in critical medical imaging equipment used for diagnosing conditions and the networks that transmit those images — vulnerabilities that could have potentially life-altering consequences if unaddressed."

"Mirsky said the attack works because hospitals don’t digitally sign the scans to prevent them from being altered without detection and don’t use encryption on their PACS networks, allowing an intruder on the network to see the scans and alter them."
WashingtonPost  cybersecurity  healthcare  vulnerability 
april 2019 by pierredv
Healthcare Hardest Hit by Cyberattacks, Data Breaches in 2018, Apr 2019
"Healthcare was the leading industry for cyberattacks and data breaches last year, making up 41 percent of cyber incidents tracked by specialty insurer Beazley. "

"Beazley found that most common cause of a healthcare data breach was unintended disclosure by an employee, accounting for 31 percent of cyber incidents in the sector, although incidents of hack or malware attacks increased by 10 percentage points compared to 2017 to 30% of the total."
healthcare  cybersecurity  ransomware 
april 2019 by pierredv
Secure Your Data, But Don't Overlook the Wireless Net | Insight for the Connected Enterprise
having now read the “Cyber-Spectrum Resilience Framework” report myself, I, too agree, that it raises some important issues for consideration by virtually every enterprise that relies on wireless service to support its business
cyber-spectrum  spectrum-vulnerability  cybersecurity 
april 2019 by pierredv
Researchers find 36 new security flaws in LTE protocol | ZDNet
"A group of academics from South Korea have identified 36 new vulnerabilities in the Long-Term Evolution (LTE) standard used by thousands of mobile networks and hundreds of millions of users across the world.

The vulnerabilities allow attackers to disrupt mobile base stations, block incoming calls to a device, disconnect users from a mobile network, send spoofed SMS messages, and eavesdrop and manipulate user data traffic."

"The research team's discoveries aren't exactly new. Several academic groups have identified similar vulnerabilities in LTE over the past years on numerous occasions --July 2018, June 2018, March 2018, June 2017, July 2016, October 2015 ... These vulnerabilities have been the driving force behind efforts to create the new and improved 5G standard --which, unfortunately, isn't that secure either, with some researchers already poking holes in it as well."

"They discovered this sheer number of flaws by using a technique known as fuzzing --a code testing method that inputs a large quantity of random data into an application and analyzes the output for abnormalities, which, in turn, give developers a hint about the presence of possible bugs."

"Because the flaws reside in both the protocol itself and how some vendors have implemented LTE in their devices, researchers believe many other flaws still exist in the real world."
cybersecurity  cyber-spectrum  spectrum-vulnerability  LTE  cellular  vulnerability  fuzzing  hacking 
april 2019 by pierredv
A Dangerous, Norm-Destroying Attack - CircleID
"Briefly, some crew of attackers — I suspect an intelligence agency; more on that below — has managed to abuse ASUS' update channel and private signing key to distribute bogus patches. These patches checked the victims' MAC address; machines on the list (about 600 of them) downloaded the malware payload from a bogus website that masqueraded as belonging to ASUS. "

"This isn't the first time that code-signing keys have been abused — Stuxnet did it, too — but it's not a common thing. This alone shows the attacker's sophistication. "

"MAC addresses aren't secret, but they're not trivially available to most parties. They're widely available on-LAN; that might suggest that the attacker already had a toehold in the targets' networks."
cybersecurity  ASUS  Steven-Bellovin  hacking  supply-chain 
april 2019 by pierredv
Insurance Companies Will Shape the Future of Cyber Security — Reverb Advisors
Companies now consider potential losses from a cyber breach as a cost of doing business. CFOs are even factoring potential losses into financial projections. Rather than increasing spending on what appears to be a lost cause, more and more organizations are simply buying cyber security insurance for the eventuality of a breach. A major advantage of cyber security insurance is the insurer is responsible for quantifying risk. ... "

"As an industry, we’ve arrived at an interesting point. Companies no longer have to care about how much a breach will cost, just how much cyber security insurance costs."

"As Bruce Schneier points out, it’s not about technology for threat avoidance, it’s about strategies for risk management."

“Of course, it’s in the insurers best interest to accurately model risk and encourage companies to prevent breaches. . . . The biggest challenge (and opportunity), lies in how to accurately model cyber security risk. . . . Despite the fact that many insurers are essentially eyeballing it, business is booming. . . . But there still remains massive uncertainty around how to validate model accuracy and optimize policy pricing. ”

"Risk scores should not be based on expert opinions that can’t be assessed, but on statistical correlation with historical breaches. "
cybersecurity  risk-management  insurance 
march 2019 by pierredv
Norsk Hydro cyber attack: What's new? - Help Net Security Mar 2019
Norwegian aluminum producer Norsk Hydro ASA was hit by ransomware-wielding attackers early this week.

“As best we can tell now, it appears the adversary likely compromised Active Directory at Norsk to use legitimate means to spread the ransomware widely and quickly."
ransomware  cybersecurity  NorskHydro 
march 2019 by pierredv
Hackers Hijacked ASUS Software Updates to Install Backdoors on Thousands of Computers - Motherboard Mar 2019
The Taiwan-based tech giant ASUS is believed to have pushed the malware to hundreds of thousands of customers through its trusted automatic software update tool after attackers compromised the company’s server and used it to push the malware to machines.
malware  security  hacking  cybersecurity 
march 2019 by pierredv
National Risk Management | Homeland Security
The National Risk Management Center (NRMC) is the Cybersecurity and Infrastructure Security Agency’s (CISA) planning, analysis, and collaboration center working to identify and address the most significant risks to the Nation’s critical infrastructure. Through the NRMC’s collaborative efforts with the private sector, government agencies, and other key stakeholders, the CISA works to identify, analyze, prioritize, and manage high-consequence threats to critical infrastructure through a crosscutting risk management paradigm.
DHS  cybersecurity  risk-management 
march 2019 by pierredv
Cybersecurity and Infrastructure Security Agency | US-CERT
On November 16, 2018, the President signed into law the Cybersecurity and Infrastructure Security Agency Act of 2018. This Act elevates the mission of the former Department of Homeland Security (DHS) National Protection and Programs Directorate (NPPD) and establishes the Cybersecurity and Infrastructure Security Agency (CISA). CISA is responsible for protecting the Nation's critical infrastructure from physical and cyber threats, a mission that requires effective coordination and collaboration among a broad spectrum of government and private sector organizations.
cybersecurity  US  USGovernment  legislation 
march 2019 by pierredv
Senate Reintroduces IoT Cybersecurity Improvement Act | Global Policy Watch Mar 2019
On March 11, 2019, a bipartisan group of lawmakers including Sen. Mark Warner and Sen. Cory Gardner introduced the Internet of Things (IoT) Cybersecurity Improvement Act of 2019. The Act seeks “[t]o leverage Federal Government procurement power to encourage increased cybersecurity for Internet of Things devices.” In other words, this bill aims to shore up cybersecurity requirements for IoT devices purchased and used by the federal government, with the aim of affecting cybersecurity on IoT devices more broadly.To accomplish this goal, the Act puts forth several action items for the Director of the National Institute of Standards and Technology (“NIST”) and the Office of Management and Budget (“OMB”). Details of these action items and their deadlines are discussed below.
Covington  IoT  cybersecurity  legislation 
march 2019 by pierredv
[pdf] Next-generation networks, next-level cybersecurity problems - Positive Technologies
"In preparation for the brave new world of 5G and IoT, the last few years have seen operators make significant CapEx investments in their next-generation networks. However, despite spending billions upgrading from a protocol developed in the 70’s (ss7) to Diameter (4G and 5G), flaws exist that allow an attacker to carry out eavesdropping, tracking, fraud, theft, and worse."
networking  cybersecurity  cyber-spectrum  spectrum-vulnerability  SS7  Diameter  cellular  PositiveTechnologies 
march 2019 by pierredv
SS7 vulnerabilities and attack exposure report, 2018 - Positive Technologies
Via Dale

"This report reveals the results of SS7 security analysis. Signaling System 7 (SS7) is used for exchanging data between network devices in telecommunications networks. While this standard was being developed, only fixed-line operators had access to the SS7 network, so its security was not first on the priority list. Today the signaling network is not isolated, and this allows an intruder to exploit its flaws and intercept calls and SMSs, bypass billing, steal money from mobile accounts, or affect mobile network operability."

"Although new 4G networks use another signaling system, Diameter, SS7 security issues have not been forgotten, because mobile operators should ensure 2G and 3G support and interaction between networks of different generations. Moreover, research shows that Diameter is prone to the same threats. This protocol's vulnerabilities along with possible cross-protocol attacks that use Diameter and SS7 flaws will be outlined in the next report."

CONCLUSION

"The research has shown that the level of security of mobile communication networks is still low. The overwhelming majority of networks remain vulnerable, which allows criminals to intercept subscribers' voice calls and messages, perform fraudulent operations, and disrupt service availability for subscribers."
SS7  Diameter  spectrum-vulnerability  cyber-spectrum  cybersecurity  telecoms  2G  3G  4G  PositiveTechnologies 
march 2019 by pierredv
The Mirai botnet explained: How IoT devices almost brought down the internet | CSO Online Mar 2018
"On October 12, 2016, a massive distributed denial of service (DDoS) attack left much of the internet inaccessible on the U.S. east coast. The attack, which authorities initially feared was the work of a hostile nation-state, was in fact the work of the Mirai botnet.

This attack, which initially had much less grand ambitions — to make a little money off of Minecraft aficionados — grew more powerful than its creators ever dreamed possible. It's a story of unintended consequences and unexpected security threats, and it says a lot about our modern age."
IoT  cybersecurity  botnets  DDoS 
march 2019 by pierredv
32 of the Best and Worst Infosec Analogies | The State of Security
the infosec industry has glommed onto a never-ending chain of analogies and metaphors to better explain the intangibles of digital security.

We can’t seem to keep them all straight, nor do we know them all. So we reached out to security influencers and asked them what their favorite and least favorite infosec analogies or metaphors were and why they loved and hated them so much. I took a little editorial liberty and squeezed in a few sayings that don’t necessarily qualify as analogies or metaphors, but I think you’ll appreciate them nonetheless.
cybersecurity  infosec  metaphors  analogies 
march 2019 by pierredv
Cyber Pearl Harbor: Analogy, fear, and the framing of cyber security threats in the United States, 1991-2016 | Lawson | First Monday March 2019
Abstract

"During the two and a half decades leading up to the Russian cyber attacks on the 2016 U.S. presidential election, public policy discourse about cybersecurity typically framed cybersecurity using metaphors and analogies to war and tended to focus on catastrophic doom scenarios involving cyber attacks against critical infrastructure. In this discourse, the so-called “cyber Pearl Harbor” attack was always supposedly just around the corner. Since 2016, however, many have argued that fixation on cyber Pearl Harbor-like scenarios was an inaccurate framing that left the United States looking in the wrong direction when Russia struck. This essay traces the use of the cyber Pearl Harbor analogy and metaphor over the 25-year period preceding the Russian cyber attacks of 2016. It argues that cyber Pearl Harbor has been a consistent feature of U.S. cybersecurity discourse with a largely stable meaning focused on catastrophic physical impacts. Government officials have been primarily responsible for driving these concerns with news media uncritically transmitting their claims. This is despite the fact that such claims were often ambiguous about just who might carry out such an attack and often lacked supporting evidence."
FirstMonday  metaphor  analogy  cybersecurity  war 
march 2019 by pierredv
Cryptominers Infected 10x More Organizations Than Ransomware in 2018 - CircleID, Feb 2019
A new security report reveals cryptominers infected ten times more organizations than ransomware in 2018, but only one in five IT security professionals were aware their company's networks had been infected by mining malware.
cybersecurity  CircleID  cryptomining 
february 2019 by pierredv
Cybersecurity for Autonomous Vehicles Must Be a Top Concern for Automakers - IEEE - The Institute Jan 2019
Via Dale, "no mention of jamming, spoofing, and replay attacks"

"Auto manufacturers have begun taking steps to mitigate cybersecurity risks in their autonomous vehicles."

Problems identified:
= lack of consensus
= standards needed
automobile  cyber-spectrum  cybersecurity  IEEE 
february 2019 by pierredv
Security Researcher Assaulted Following Vulnerability Disclosure - cybersec Feb 2019
"Following a serious vulnerability disclosure affecting casinos globally, an executive of casino technology vendor Atrient has assaulted the security researcher who disclosed the vulnerability at the ICE conference in London"

"These kiosks and the back end server communicate the personal details of their users and send data like drivers license scans (used for enrollment), user home addresses and contact details, as well as details about user activity, unencrypted over publicly accessible internet. When the researcher discovered that the unauthenticated reward server was directly connected to the kiosks on the casino floor they realized that the API the kiosks used was wide open and extremely vulnerable to criminal abuse."
vulnerability  cybersecurity 
february 2019 by pierredv
DHS admits rogue stingrays in Washington, DC. - TechSpot, Apr 2018
In a letter obtained by the Associated Press from the Department of Homeland Security to Senator Ron Wyden (D-Oregon), the United States government formally acknowledges they have found unauthorized IMSI catchers in different parts of Washington DC and possibly other areas of the country.

IMSI catchers, commonly known as stingrays, are most commonly used by the FBI and other law enforcement agencies around the country to locate a particular phone by essentially acting as a legitimate cell tower that the targeted phone attaches to. Stingrays also have the capability to intercept text messages and even phone calls.

"Overall, [DHS' National Protection and Programs Directorate] believes the malicious use of IMSI catchers is a real and growing risk," wrote acting undersecretary, Christopher Krebs.
TechSpot  cyber-spectrum  spectrum-vulnerability  cybersecurity  StingRay 
february 2019 by pierredv
Mystery of Blocked Key Fobs at Parking Lot 'Likely' Solved, Canadian Ministry Says
In a Facebook post on Friday, Westview characterized the fob-blocking culprit as “faulty consumer electronic equipment stuck in transmit mode in the are.” The co-op added, “We want to communicate that this was NOT the result of any intentional criminal activity, or any other activity that was speculated.”
Gizmodo  interference  security  cyber-spectrum  cybersecurity  spectrum-vulnerability  automobile  hacks 
february 2019 by pierredv
New security flaw impacts 5G, 4G, and 3G telephony protocols | ZDNet, Jan 2019
"A new vulnerability has been discovered in the upcoming 5G cellular mobile communications protocol. Researchers have described this new flaw as more severe than any of the previous vulnerabilities that affected the 3G and 4G standards."

"Further, besides 5G, this new vulnerability also impacts the older 3G and 4G protocols, providing surveillance tech vendors with a new flaw they can abuse to create next-gen IMSI-catchers that work across all modern telephony protocols."

According to "a research paper named "New Privacy Threat on 3G, 4G, and Upcoming5G AKA Protocols," published last year. ..., the vulnerability impacts AKA, which stands for Authentication and Key Agreement, a protocol that provides authentication between a user's phone and the cellular networks."

"Instead of intercepting mobile traffic metadata, this new vulnerability reveals details about a user's mobile activity, such as the number of sent and received texts and calls, allowing IMSI-catcher operators to create profiles for each smartphone holder."

"For example, two other academic studies from French and Finnish researchers also found that IMSI-catcher attacks are still possible against the upgraded 5G-AKA protocol, despite 3GPP's claims."
ZDNet  cyber-spectrum  cybersecurity  spectrum-vulnerability  3G  4G  5G  StingRay  IMSI-catchers  3GPP 
february 2019 by pierredv
Opinion | If 5G Is So Important, Why Isn’t It Secure? - The New York Times, Jan 2019
"The Trump administration’s so-called “race” with China to build new fifth-generation (5G) wireless networks is speeding toward a network vulnerable to Chinese (and other) cyberattacks. So far, the Trump administration has focused on blocking Chinese companies from being a part of the network, but these efforts are far from sufficient. We cannot allow the hype about 5G to overshadow the absolute necessity that it be secure."

"Shortly after taking office, the Trump F.C.C. removed a requirement imposed by the Obama F.C.C. that the 5G technical standard must be designed from the outset to withstand cyberattacks. For the first time in history, cybersecurity was being required as a forethought in the design of a new network standard — until the Trump F.C.C. repealed it. The Trump F.C.C. also canceled a formal inquiry seeking input from the country’s best technical minds about 5G security, retracted an Obama-era F.C.C. white paper about reducing cyberthreats, and questioned whether the agency had any responsibility for the cybersecurity of the networks they are entrusted with overseeing."
NYTimes  Tom-Wheeler  cyber-spectrum  cybersecurity  5G  cellular 
january 2019 by pierredv
Yes, you can remotely hack factory, building site cranes. Wait, what? • The Register
"Did you know that the manufacturing and construction industries use radio-frequency remote controllers to operate cranes, drilling rigs, and other heavy machinery? Doesn't matter: they're alarmingly vulnerable to being hacked, according to Trend Micro."

"In addition to basic replay attacks, where commands broadcast by a legitimate operator are recorded by an attacker and rebroadcast in order to take over a targeted plant, attack vectors also included command injection, "e-stop abuse" (where miscreants can induce a denial-of-service condition by continually broadcasting emergency stop commands) and even malicious reprogramming. During detailed testing of one controller/receiver pair, Trend Micro researchers found that forged e-stop commands drowned out legitimate operator commands to the target device."

"Just to keep site managers' blood pressure high, Trend Micro highlighted that not only could script kiddies carry out some of these types of attack against industrial plants, a remote attacker could achieve persistent access by using a battery-powered cellular modem dropped off at a quiet part of a site with a drone."
TheRegister  hacking  cyber-spectrum  vulnerability  cybersecurity 
january 2019 by pierredv
The Route of a Text Message – the scottbot irregular
"This is the third post in my full-stack dev (f-s d) series on the secret life of data. This installment is about a single text message: how it was typed, stored, sent, received, and displayed. I sprinkle in some history and context to break up the alphabet soup of protocols, but though the piece gets technical, it should all be easily understood."
code  infrastructure  security  cybersecurity  history  SS7 
january 2019 by pierredv
CenturyLink's outage started in Denver, spread across country - Denver Post, Jan 2019
"For about 30 hours, from the early morning hours of Dec. 27 until late on Dec. 28, chaos reigned on CenturyLink’s system as a faulty third-party network management card in Denver caused a series of outages across the country. "

"For about 30 hours, from the early morning hours of Dec. 27 until late on Dec. 28, chaos reigned on CenturyLink’s system. Western states that depend most heavily on the company’s fiber-optic system were hardest hit, but reports of outages and slower speeds came in from Alaska to Florida, according to downdetector.com."

"Computer scientists borrowed the term “Sorcerer’s Apprentice Syndrome” to describe what happens when a part of a network sends out “packets” of bad information that then get replicated and sent out over and over"

“Once on the secondary communication channel, the invalid frame packets multiplied, forming loops and replicating high volumes of traffic across the network, which congested controller card CPUs (central processing unit) network-wide, causing functionality issues and rendering many nodes unreachable,” the company said in a statement.

"Massey, who worked on cybersecurity issues at the Department of Homeland Security before joining CU, said most states have invested very little in cybersecurity and other safeguards when it comes to their 911 centers. They are not as failproof as they need to be."
DenverPost  CenturyLink  cybersecurity  outages  vulnerability  Dan-Massey  Dirk-Grunwald 
january 2019 by pierredv
How spies can use your cellphone to find you – and eavesdrop on your calls and texts, too - The Washington Post, May 2018
"The letter [from the Department of Homeland Security to Sen. Ron Wyden (D-Ore.)], dated May 22 and obtained by The Washington Post, described surveillance systems that tap into a global messaging system that allows cellular customers to move from network to network as they travel. The decades-old messaging system, called SS7, has little security, allowing intelligence agencies and some criminal gangs to spy on unwitting targets — based on nothing more than their cellphone numbers."

"Researchers say that SS7 tracking systems around the world now create millions of “malicious queries” — meaning messages seeking unauthorized access to user information — each month."

"Firewalls installed by carriers in recent years block many of the malicious queries, but many others are successful in eliciting unauthorized information from cellular carriers worldwide."

"Criminals last year used SS7 to intercept security codes that a bank texted to its customers in Germany, allowing the criminals to steal money from accounts, according to news reports."

"Carriers worldwide have gradually added better security, but SS7 does not have any way to verify that carriers sending data requests are who they claim to be. The firewalls increasingly installed by carriers, meanwhile, protect their own customers but typically not people who are roaming on the network, said Engel, the German researcher who first reported the security and privacy risks of SS7."

"DHS, which declined to comment for this article, issued a report on SS7 cellphone security in April 2017 that noted the risk to federal personnel"

"The DHS report recommended that carriers adopt new protections. An FCC group, the Communications Security, Reliability and Interoperabilty Council, issued recommendations for improving SS7 security in March 2017 that U.S. carriers have largely adopted

CSRIC recos, see https://api.ctia.org/docs/default-source/default-document-library/ss7-statement-2017-final.pdf

FCC, Communications Security, Reliability and Interoperability Council,
WORKING GROUP 10: Legacy Systems Risk Reductions Final Report(Mar. 2017) https://www.fcc.gov/file/12153/download.
WashingtonPost  cybersecurity  cellular  cyber-spectrum  SS7  crime 
december 2018 by pierredv
New 4G, 5G Network Flaw 'Worrisome' Oct 2017
"4G and 5G wireless networks' Evolved Packet Core (EPC) architecture can be exploited to intercept and collect mobile data as well as launch denial-of-service (DoS) attacks, according to new research. "
4G  5G  cybersecurity  cyber-spectrum 
december 2018 by pierredv
Connected Vehicle Security Vulnerabilities | IoT Security Headlines, Mar 2018
"In the history of mandatory regulation of computerized vehicles, an E-Letter entitled, “Black box is not safe at all,” was published in Science [1] in 2017. It mentioned that on-board diagnostics (OBD-II) specifications were made mandatory for all cars sold in the United States in 1996. The European Union made European OBD (EOBD) mandatory for all gasoline (petrol) vehicles sold in the European Union starting in 2001."
cyber-spectrum  automobile  transportation  spectrum-vulnerability  cybersecurity  hacks  jamming  spoofing 
december 2018 by pierredv
5G Security Transparency - Anthony Rutkowski, Dec 2018
"Fortunately, open global industry collaboration is more active today than at any point in history — especially now for 5G security. It is that collaboration that also provides significant 5G security transparency today. That transparency is more essential than ever. "
CircleID  5G  security  cybersecurity 
december 2018 by pierredv
Outages show the need to think clearly about national security | PolicyTracker: Dec 2018
"On Thursday, millions of smartphone users in the UK lost their data services after the O2 network suffered technical problems. While the problem only lasted a day, it was one of the biggest mobile network outages because it hit the many external services that rely on the operator’s data network."

"The blackout raises questions over the future of mission-critical applications. What will happen when 5G networks underpin a country’s water supply, electricity grid, emergency services and even self-driving cars?"

"Isn’t it time for an evidence-based approach to the security of networks, based on independent testing of equipment from companies which are prepared to cooperate? Anything else looks suspiciously like a backdoor way of damaging potential competitors."
PolicyTracker  cyber-spectrum  cybersecurity  cellular 
december 2018 by pierredv
Your USB Serial Adapter Just Became a SDR | Hackaday, Dec 2018
"With a Python script, a length of wire attached to the TX pin, and a mastery of the electron that we mere mortals can only hope to achieve, [Ted] has demonstrated using a common USB to serial adapter as an SDR transmitter."
hacking  SDR  cybersecurity  USB  RF 
december 2018 by pierredv
Starwood Reservation Database Security Incident Dec 2018
Marriott has taken measures to investigate and address a data security incident involving the Starwood guest reservation database. This site has information concerning the incident, answers to guests’ questions and steps you can take.
hacking  cybersecurity  Starwood  Marriott 
december 2018 by pierredv
Road Map: Building a More Resilient Internet | National Telecommunications and Information Administration
"... the Departments of Commerce and Homeland Security have developed a road map that charts a path forward, setting out steps to stop the cyber threat to our internet infrastructure."

"The road map is organized into five lines of effort -- Internet of Things, Enterprise, Internet Infrastructure, Technology Development and Transition, Awareness and Education – that include tasks aligned with the actions prescribed in the Botnet Report."
NTIA  cybersecurity  resilience  Internet  DHS  DoC 
december 2018 by pierredv
Exclusive: After massive hack, Marriott pledges to pay for new passports if fraud has taken place - MarketWatch
“With your passport number, name, and date of birth, anyone can apply for a new passport by reporting the existing one stolen, use it as a proof of identity to open a new bank account or access an existing one,” he said. “Your passport number is an integral part of your identity, along with your name and date of birth and it can cause immense damage in the wrong hands.”
security  privacy  passport  cybersecurity  identity-theft 
december 2018 by pierredv
Cybersecurity for Mobile Financial Services: A Growing Problem, CGAP Nov 2018
"... industrial-grade PIN harvesting is supplanting these slow approaches to obtaining individual PINs. There are many opportunities to acquire DFS account numbers and the associated PINs without ever meeting (or even knowing) the person whose money is being stolen. USSD is the most common form of access to mobile money services in developing countries, and it does not offer much protection for these sensitive credentials. Credentials can be collected in a number of ways that providers and policy makers should be aware of."
cyber-spectrum  spectrum  cybersecurity  mobile  cellular  CGAP 
november 2018 by pierredv
Security Vulnerability in Internet-Connected Construction Cranes - Schneier on Security, Oct 2018
"The F25 software was found to contain a capture replay vulnerability -- basically an attacker would be able to eavesdrop on radio transmissions between the crane and the controller, and then send their own spoofed commands over the air to seize control of the crane. "
cybersecurity  spectrum 
november 2018 by pierredv
Massive MIMO Will Create More Wireless Channels, But Also More Vulnerabilities - IEEE Spectrum, Nov 2018
"As wireless communications systems have to accommodate an ever-increasing number of data transfers, a lack of sufficient protocols for ensuring that data is transferred to the correct user could leave systems open to an attack."

"A major constraint of this approach, especially as the number of communication channels for each base station continues to grow, is the limited number of pilots available. Sometimes, users must be assigned the same pilot sequence, which can interfere with the proper transfer of data and lead to poor system performance. This is called pilot contamination. But this contamination can also be harnessed by an attacker to purposely interfere with data transfers. "

"when an attacker is close to the base station, within 300 meters or closer, he or she can impose their own pilots strongly enough to reduce the total transmission rate of a massive MIMO system by more than 50 percent"

"Pilot contamination can also be used to siphon off data transfers if the attacker’s pilot signals are strong enough, threatening the privacy of wireless communications. "
IEEE-Spectrum  spectrum  cybersecurity  cyber-spectrum  MIMO 
november 2018 by pierredv
Physical layer security in wireless networks: a tutorial - IEEE Journals & Magazine
Abstract:
Wireless networking plays an extremely important role in civil and military applications. However, security of information transfer via wireless networks remains a challenging issue. It is critical to ensure that confidential data are accessible only to the intended users rather than intruders. Jamming and eavesdropping are two primary attacks at the physical layer of a wireless network. This article offers a tutorial on several prevalent methods to enhance security at the physical layer in wireless networks. We classify these methods based on their characteristic features into five categories, each of which is discussed in terms of two metrics. First, we compare their secret channel capacities, and then we show their computational complexities in exhaustive key search. Finally, we illustrate their security requirements via some examples with respect to these two metrics.

Downloadable: http://dl-maghaleh.ir/wp-content/uploads/2016/12/order-z-1477601572-3352.pdf
wireless  Spectrum  cybersecurity  cyber-spectrum 
november 2018 by pierredv
Securing the spectrum - why information management alone won’t keep a 4iR world safe - The Deployable Fourth Industrial Revolution - QinetiQ April 2018
Dr Anil Shukla, Fellow and Principal Consultant
12 Apr 2018

See also https://www.qinetiq.com/Blogs/2018/01/What-does-the-UK-need-to-do-to-pursue-its-spectrum-resilience-objectives

" as infrastructure providers delve deeper into the 4iR toolbox ... They should"
= Recognise that spectrum resilience is inherently linked to traditional information cyber effects
= Test spectrum resilience against approved frameworks
= Require organisations to report spectrum attacks in the same way they have to report data security breaches
Qinetiq  cybersecurity  Spectrum  cyber-spectrum  denial-of-spectrum 
november 2018 by pierredv
Whitepaper: What does the UK need to do to pursue its spectrum resilience objectives? - QinetiQ Jan 2018
Dr. Anil Shukla
26 Jan 2018

See also https://www.qinetiq.com/insights/2018/04/securing-the-spectrum

Radio spectrum access is critical. It underpins the UK’s economy and provides significant social value through the range of applications it supports.
spectrum  cybersecurity  Qinetiq  cyber-spectrum  denial-of-spectrum 
november 2018 by pierredv
« earlier      
per page:    204080120160

Copy this bookmark:





to read