Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Category: cybercrime/malcode – Page 191

As the Equifax hack last year showed, there’s a lack of legislation governing what happens to data from a breach. And ultimately, a breach of genetic data is much more serious than most credit breaches. Genetic information is immutable: Vigna points out that it’s possible to change credit card numbers or even addresses, but genetic information cannot be changed. And genetic information is often shared involuntarily. “Even if I don’t use 23andMe, I have cousins who did, so effectively I may be genetically searchable,” says Ram. In one case, an identical twin having her genetic data sequenced created a tricky situation for her sister.

This week, DNA testing service MyHeritage revealed that hackers had breached 92 million of its accounts. Though the hackers only accessed encrypted emails and passwords — so they never reached the actual genetic data — there’s no question that this type of hack will happen more frequently as consumer genetic testing becomes more and more popular. So why would hackers want DNA information specifically? And what are the implications of a big DNA breach?

One simple reason is that hackers might want to sell DNA data back for ransom, says Giovanni Vigna, a professor of computer science at UC Santa Barbara and co-founder of cybersecurity company Lastline. Hackers could threaten to revoke access or post the sensitive information online if not given money; one Indiana hospital paid $55,000 to hackers for this very reason. But there are reasons genetic data specifically could be lucrative. “This data could be sold on the down-low or monetized to insurance companies,” Vigna adds. “You can imagine the consequences: One day, I might apply for a long-term loan and get rejected because deep in the corporate system, there is data that I am very likely to get Alzheimer’s and die before I would repay the loan.”

MyHeritage doesn’t offer health or medical tests, but many companies, like 23andMe and Helix, do. And there are plenty of players interested in DNA: researchers want genetic data for scientific studies, insurance companies want genetic data to help them calculate the cost of health and life insurance, and police want genetic data to help them track down criminals, like in the recent Golden State Killer case. Already, we lack robust protections when it comes to genetic privacy, and so a genetic data breach could be a nightmare. “If there is data that exists, there is a way for it to be exploited,” says Natalie Ram, a professor of law focusing on bioethics issues at the University of Baltimore.

Continue reading “Why a DNA data breach is much worse than a credit card leak” | >

S cientists have created the UK’s first ever “unhackable” fibre network in anticipation of the dawn of quantum computers, a technology that could render current security systems completely useless and leave critical infrastructure, banking and healthcare networks open to hackers.

The network, constructed by researchers from BT, the University of York and the University of Cambridge over the past two years, is secured by the laws of quantum physics which dictate how light and matter behave at a fundamental level. Using this, it is able to block anyone attempting to crack into the fibre link.

This could be a game changer for the healthcare and financial sector, when it is feared existing encryption…

Read more

In a profound talk about technology and power, author and historian Yuval Noah Harari explains the important difference between fascism and nationalism — and what the consolidation of our data means for the future of democracy. Appearing as a hologram live from Tel Aviv, Harari warns that the greatest danger that now faces liberal democracy is that the revolution in information technology will make dictatorships more efficient and capable of control. “The enemies of liberal democracy hack our feelings of fear and hate and vanity, and then use these feelings to polarize and destroy,” Harari says. “It is the responsibility of all of us to get to know our weaknesses and make sure they don’t become weapons.” (Followed by a brief conversation with TED curator Chris Anderson)

Check out more TED Talks: http://www.ted.com

The TED Talks channel features the best talks and performances from the TED Conference, where the world’s leading thinkers and doers give the talk of their lives in 18 minutes (or less). Look for talks on Technology, Entertainment and Design — plus science, business, global issues, the arts and more.

Follow TED on Twitter: http://www.twitter.com/TEDTalks

Continue reading “Why fascism is so tempting — and how your data could power it” | >

E xperts are suggesting quantum computing may render blockchain obsolete. As the tech giants such as Google and IBM are showing interest in Quantum computing the danger is evident. According to MIT Technology Review, this type of computing can hack the cryptography hash that universally secures the blockchain and in general the internet. This would suggest quantum computers may complete fraudulent transactions and steal coins. With its exponential power, quantum computers threaten blockchain’s future security.

Blockchain consists of encrypted nodes connected on a chain, which currently makes it almost impossible to hack. The order of entries adheres to the blockchain protocol, which makes it counterfeit-resistant.

To successfully hack a blockchain, you would need to alter both the targeted block and all of the blocks connected. Blockchains are synced throughout a peer-to-peer network. In this type of system, there is no central point of failure for hackers to penetrate. For a hacker to have a chance of penetrating the network, they would need to simultaneously alter at least 51% of the blockchain.

Read more

Pichai’s challenge is to find a way of reconciling Google’s dovish roots with its future. Having spent more than a decade developing the industry’s most formidable arsenal of AI research and abilities, Google is keen to wed those advances to its fast-growing cloud-computing business. Rivals are rushing to cut deals with the government, which spends billions of dollars a year on all things cloud. No government entity spends more on such technology than the military. Medin and Alphabet director Schmidt, who both sit on the Pentagon’s Defense Innovation Board, have pushed Google to work with the government on counter-terrorism, cybersecurity, telecommunications and more.

To win in the business of cloud computing, the company tiptoes into the business of war. Some staff fear it’s a first step toward autonomous killing machines.

Read more

Critical infrastructure, entertainment, finance, healthcare, telecoms, among recent targets of the Lazarus Group, aka Hidden Cobra.

On the eve of a historic summit with its rival neighbor South Korea and possible subsequent talks with the US President Donald Trump in the coming weeks, North Korea continues full-steam ahead in its mission to gather intelligence and generate income for the regime via its notorious nation-state hacking machine.

North Korea’s pervasive Lazarus Group, aka Hidden Cobra, was recently discovered ramping up a global cyber espionage campaign dubbed Operation GhostSecret, stealing information from organizations in the critical infrastructure, entertainment, finance, healthcare, and telecommunications sectors. Researchers from McAfee unearthed the wave of attacks, which they say first started with targeted hacks of banks in Turkey last month.

Read more

I remember this was like the plot to the Al Pacino CIA movie from the ‘90’s. Guess they actually figured out how to dial in on power lines.

Can security sleuths ever complain there’s nothing left to do? The answer is obvious, and one more path to mischief has been recognized in the form of power supplies serving as a data exfiltration tool. It appears that malware using power lines could exfiltrate data from air-gapped computers.

Researchers from the Ben-Gurion University of the Negev discovered malware that nabs data through lines.

“PowerHammer works by infecting an air-gapped computer with malware that intentionally alters CPU utilization levels to make the victim’s computer consume more or less electrical power,” said Catalin Cimpanu, BleepingComputer. Wait, air-gapped computers?

Continue reading “PowerHammer is wake-up call to data-stealing through power lines” | >

If you’ve read anything about quantum computers, you may have encountered the statement, “It’s like computing with zero and one at the same time.” That’s sort of true, but what makes quantum computers exciting is something spookier: entanglement.

A new quantum device entangles 20 quantum bits together at the same time, making it perhaps one of the most entangled, controllable devices yet. This is an important milestone in the quantum computing world, but it also shows just how much more work there is left to do before we can realize the general-purpose quantum computers of the future, which will be able to solve big problems relating to AI and cybersecurity that classical computers can’t.

“We’re now getting access to single-particle-control devices” with tens of qubits, study author Ben Lanyon from the Institute for Quantum Optics and Quantum Information in Austria told Gizmodo. Soon, “we can get to the level where we can create super-exotic quantum states and see how they behave in the lab. I think that’s very exciting.”

Read more

Each new technological breakthrough comes seemingly prepackaged with a new way for hackers to kill us all: self-driving cars, space-based weapons, and even nuclear security systems are vulnerable to someone with the right knowledge and a bit of code. Now, deep-learning artificial intelligence looks like the next big threat, and not because it will gain sentience to murder us with robots (as Elon Musk has warned): a group of computer scientists from the US and China recently published a paper proposing the first-ever trojan for a neural network.

Neural networks are the primary tool used in AI to accomplish “deep learning,” which has allowed AIs to master complex tasks like playing chess and Go. Neural networks function similar to a human brain, which is how they got the name. Information passes through layers of neuron-like connections, which then analyze the information and spit out a response. These networks can pull off difficult tasks like image recognition, including identifying faces and objects, which makes them useful for self-driving cars (to identify stop signs and pedestrians) and security (which may involve identifying an authorized user’s face). Neural networks are relatively novel pieces of tech and aren’t commonly used by the public yet but, as deep-learning AI becomes more prevalent, it will likely become an appealing target for hackers.

The trojan proposed in the paper, called “PoTrojan,” could be included in a neural network product either from the beginning or inserted later as a slight modification. Like a normal trojan, it looks like a normal piece of the software, doesn’t copy itself, and doesn’t do much of anything… Until the right triggers happen. Once the right inputs are activated in a neural network, this trojan hijacks the operation and injects its own train of “thought,” making sure the network spits out the answer it wants. This could take the form of rejecting the face of a genuine user and denying them access to their device, or purposefully failing to recognize a stop sign to create a car crash.

Read more