The Cyber - BLOG

Informal and open-ended Blog on everything related to computer networks and data

May 19, 2022

The Department of Justice today announced the revision of its policy regarding charging violations of the Computer Fraud and Abuse Act (CFAA). 

The policy for the first time directs that good-faith security research should not be charged. Good faith security research means accessing a computer solely for purposes of good-faith testing, investigation, and/or correction of a security flaw or vulnerability, where such activity is carried out in a manner designed to avoid any harm to individuals or the public, and where the information derived from the activity is used primarily to promote the security or safety of the class of devices, machines, or online services to which the accessed computer belongs, or those who use such devices, machines, or online services. https://www.justice.gov/opa/pr/department-justice-announces-new-policy-charging-cases-under-computer-fraud-and-abuse-act

April 18, 2022

How Democracies Spy on Their Citizens. The inside story of the world’s most notorious commercial spyware and the big tech companies waging war against it. 

April 5, 2021

"In October 2016, the United States Strategic Capabilities Office launched 103 Perdix drones out of an F/A-18 Super Hornet. The drones communicated with one another using a distributed brain, assembling into a complex formation, travelling across a battlefield, and reforming into a new formation. The swarm over China Lake, California was the sort of “cutting-edge innovation” that would keep America ahead of its adversaries, a Defense Department press release quoted then Secretary of Defense Ash Carter as saying. But the Pentagon buried the lede: The Strategic Capabilities Office did not actually create the swarm; engineering students at the Massachusetts Institute of Technology (MIT) did, using an “all-commercial-components design.” writes Zachary Kallenborn. 

https://thebulletin.org/2021/04/meet-the-future-weapon-of-mass-destruction-the-drone-swarm/

February 26, 2022 

What is Russia's cyber capability compared to Ukraine?

Excellent video analysis of the current conflict in cyberspace from DefenseNews

Jan 23, 2022

Amazon's series about privacy (or the lack of) to remember when chatting with Alexa...(and probably not only with Alexa). Check out the excellent Twitter thread and the article from Reuters.

"I downloaded all the data Amazon has on me, and honestly the creepiest thing about it is that they sent me the actual audio files of every time I spoke to Amazon Alexa...The question I would like to know is if they've saved the audio from all the times I didn't say the wake word" writes Alina Utrata from Cambridge Universityhttps://twitter.com/AlinaUtrata/status/1485194962027388929

Amazon wages secret war on Americans' privacy, documents show (Reuters): https://www.reuters.com/investigates/special-report/amazon-privacy-lobbying

You can request your own personal informationhttps://www.amazon.com/gp/help/customer/display.html?nodeId=GXPU3YPMBZQRWZK2

January/February 2022

"Across the world, unrelenting cyberattacks are adding layers of risk and complexity to already fraught problems of security, politics, and governance." Here are four essays in the lead pack of the Foreign Affairs January/February issue that consider how policymakers can respond.

https://www.foreignaffairs.com/issue-packages/2021-12-14/digital-disorder

December 23, 2021

A UNIDIR publication on the topic of information-warfare, although this term is mentioned only once in passing.

Also known as information-weaponization (for those who are fond of apparently "new" terms), it is in fact a matter of techniques of propaganda, disinformation, and manipulation of media content, which can have important consequences for the stability of groups, institutions, and larger or smaller social segments, all techniques that come from the past but are highly effective using modern information technologies; it is in fact a complimentary space to that known as cyber-warfare.

https://unidir.org/publication/2021-innovations-dialogue-conference-report

 

December 22, 2021

Deepfakes, Trust & International security (UNIDIR, UN Institute for Disarmament Research). Conference report and video of sessions.

 The fabrication and manipulation of digital content is not a new phenomenon. “Deepfakes”, including all forms of digital content as video, text, images and audio with malicious content, manipulated or created from scratch are a relatively new emerging phenomenon based on Machine Learning technologies. Deepfakes are being used to deliberately spread false information and reduce trust in institutions and international actors. Internet is a global communication “medium” allowing weaponization of information; Information Operations (IO) include activities of (counter)propaganda, disinformation, consensus building, discrimination, defamation, delegitimation, censorship, all traditional techniques (centuries-old) projected into a new medium, the cyber-dimension. IO and PSYOPS (Psychological Operations) can influence attitudes, manipulate the target's values, perceptions, beliefs, emotions, reasoning and behaviour. Which countermeasures and governance approaches effectively address the risks presented to international security and stability? https://unidir.org/publication/2021-innovations-dialogue-conference-report

December 17, 2021

"MORE THAN MATH: TOWARD A BETTER STRATEGY FOR ADVANCED ANALYTICS" by JAMES “MIKE” BLUE, ANTHONY SMITH, AND COLLEEN MCCUE

https://warontherocks.com/2021/12/more-than-math-toward-a-better-strategy-for-advanced-analytics/

November 27, 2021

Israel and Iran Broaden Cyberwar to Attack Civilian Targets

"Iranians couldn’t buy gas. Israelis found their intimate dating details posted online. The Iran-Israel shadow war is now hitting ordinary citizens. Millions of ordinary people in Iran and Israel recently found themselves caught in the crossfire of a cyberwar between their countries. In Tehran, a dentist drove around for hours in search of gasoline, waiting in long lines at four gas stations only to come away empty. In Tel Aviv, a well-known broadcaster panicked as the intimate details of his sex life, and those of hundreds of thousands of others stolen from an L.G.B.T.Q. dating site, were uploaded on social media" write Farnaz Fassihi and Ronen Bergman. 

https://www.nytimes.com/2021/11/27/world/middleeast/iran-israel-cyber-hack.html?smid=url-share

November 3, 2021

“The US Commerce Department has added four foreign companies from Israel, Russia, and Singapore to its Entity List for "engaging in activities that are contrary to the national security or foreign policy interests of the United States". Israeli firms NSO Group and Candiru listed for having developed and supplied spyware to foreign governments”

https://www.darkreading.com/threat-intelligence/us-blacklists-israeli-firms-nso-group-candiru

October 11, 2021

On cyber-crime (UNIDIR, UN Institute for Disarmament Research)

Information and Communication Technologies (ICTs) can be exploited for criminal purposes (through cybercrime) or used to undermine international security (so-called cyber-attacks or cyber-operations). However, the international security and crime dimensions of ICTs are distinct issues, with different processes, tools and frameworks, even if they sometimes overlap in some ways.

https://www.unidir.org/publication/icts-international-security-and-cybercrime

October 5, 2021

Facebook offline for many hours (Wired)  

A FACEBOOK, INSTAGRAM, WhatsApp, and Oculus outage knocked every corner of Mark Zuckerberg’s empire offline on Monday. It’s a social media blackout that can most charitably be described as “thorough” and seems likely to prove particularly tough to fix.

https://www.wired.com/story/why-facebook-instagram-whatsapp-went-down-outage/

 

August 2, 2021

Securing Wireless Devices in Public Settings (US National Security Agency) 

Telework has become an essential component of business, and many people are teleworking from home or during travel. While the owners of home networks can take steps to secure those networks, it can be difficult to ensure public networks (e.g., conference or hotel Wi-Fi®) are secure. Protecting personal and corporate data is essential at all times, but especially when teleworking in public settings.

CSI_SECURING_WIRELESS_DEVICES_IN_PUBLIC.PDF (defense.gov)

October 5, 2021

Details on Facebook outage (FB Engineering)  

Now that our platforms are up and running as usual after yesterday’s outage, I thought it would be worth sharing a little more detail on what happened and why — and most importantly, how we’re learning from it. 

https://engineering.fb.com/2021/10/05/networking-traffic/outage-details/

August 1, 2021

Report on the weaponization of increasingly autonomous technologies: Artificial Intelligence (UNIDIR)

The rapidly advancing field of AI and machine learning has significant implications for the role of autonomy in weapon systems. States face the daunting task of trying to understand the legal, policy, ethical, strategic, and other considerations of a technology that is rapidly evolving. This paper is an introductory primer for non-technical audiences on the current state of AI and machine learning, designed to support the international discussions on the weaponization of increasingly autonomous technologies.

https://unidir.org/publication/weaponization-increasingly-autonomous-technologies-artificial-intelligence

 

June 21 to July 2, 2021

THE SUMMER INSTITUTES IN COMPUTATIONAL SOCIAL SCIENCES

The Department of Political and Social Sciences of Bologna University is the local host institution of the "Summer Institutes in Computational Social Sciences". The members of the CSSC are co-organizing the event.

SICSS-Bologna  | University of Bologna

https://sicss.io/2021/bologna/

 

July 19, 2021

On spyware/cyber-surveillance and Project Pegasus by NSO Group (The Guardian) 

Revealed: leak uncovers global abuse of cyber-surveillance weapon. This article is more than 2 months old. Spyware sold to authoritarian regimes used to target activists, politicians and journalists, data suggests

https://www.theguardian.com/world/2021/jul/18/revealed-leak-uncovers-global-abuse-of-cyber-surveillance-weapon-nso-group-pegasus

 

October 2, 2020

The report outlines the findings on ransomware, provides a description and analysis of the domain and lists relevant recent incidents.

A series of proposed actions for mitigation is provided.

https://www.enisa.europa.eu/publications/ransomware

 

September 26, 2019

"How The U.S. Hacked ISIS". DINA TEMPLE-RASTON explores the cyber operational tactics that the US Cybercom and NSA employed in order to hack ISIS. The following links lead both to the article and the interviews during and in the aftermath of the Operation Glowing Symphony

https://www.npr.org/2019/09/26/763545811/how-the-u-s-hacked-isis

https://www.npr.org/transcripts/763545811

 

Check Out the Italian Newsletter "Guerre di Rete"

Every Sunday "Guerre di Rete" selects and analyses news and stories on cybersecurity, politics and the Net, surveillance, cybercrime, digital rights, artificial intelligence, from a global perspective.

July 9, 2019

The Most Clever 'Zip Bomb' Ever Made Explodes a 46MB File to 4.5 Petabytes. Files so deeply compressed that they’re effectively malware have been around for decades—and a researcher just unveiled a brand-new Zip bomb that explodes a 46-megabyte file to 4.5 petabytes of data.

https://www.vice.com/en/article/597vzx/the-most-clever-zip-bomb-ever-made-explodes-a-46mb-file-to-45-petabytes?fbclid=IwAR2CDSbskQ1-td5YQA18IzXxkPcuSpkf2ls-I5mm5FUs44LK-M7pLaUUfA0

Israeli Pegasus spyware used 'zero click-attack' to infect smartphones

An #Israeli firm accused of supplying #Pegasus #spyware to governments has been linked to a list of tens of thousands of smartphone numbers, including those of activists, journalists, business executives and politicians around the world, according to reports.

Don't miss this information. Accept cookies from YouTube.

Review your preferences

Accept cookies

ICTs, International Security & Cybercrime: Understanding Their Intersection For Better Policy Making

Information and Communication Technologies (ICTs) can be exploited for criminal purposes (through cybercrime) or used to undermine international security (through so-called cyberattacks or cyber operations). However, the international security and crime dimensions of ICTs are distinct issues, with different processes, tools, and frameworks designed to address them, albeit they increasingly overlap in some ways. In this context, there is a need for greater understanding of how international frameworks and policy discussions on combatting cybercrime and promoting responsible State behaviour in the use of ICTs may be better leveraged for coherent responses. This side event to the UNGA First Committee discussed the findings and recommendations of a new UNIDIR report on the intersection and touchpoints between international cybersecurity and cybercrime.

Don't miss this information. Accept cookies from YouTube.

Review your preferences

Accept cookies

Quantum Computers, Explained With Quantum Physics

Quantum computers aren’t the next generation of supercomputers—they’re something else entirely. Before we can even begin to talk about their potential applications, we need to understand the fundamental physics that drives the theory of quantum computing. (Featuring Scott Aaronson, John Preskill, and Dorit Aharonov.)

Don't miss this information. Accept cookies from YouTube.

Review your preferences

Accept cookies

How Big Data Could Transform The Health Care Industry

Meet a data scientist who is using big data to create the medical systems of the future. Dr. Eric Schadt of the Icahn Institute is creating algorithms that can detect ailments and chart personalized health profiles.

Don't miss this information. Accept cookies from YouTube.

Review your preferences

Accept cookies

Demonstrating Quantum Supremacy

Google: "We’re marking a major milestone in quantum computing research that opens up new possibilities for this technology. Learn how the Google AI Quantum team demonstrated how a quantum computer can perform a task no classical computer can in an experiment called "quantum supremacy."

Don't miss this information. Accept cookies from YouTube.

Review your preferences

Accept cookies

“Machine Learning: Living in the Age of AI,” examines the extraordinary ways in which people are interacting with AI today. Hobbyists and teenagers are now developing tech powered by machine learning and WIRED shows the impacts of AI on schoolchildren and farmers and senior citizens, as well as looking at the implications that rapidly accelerating technology can have. The film was directed by filmmaker Chris Cannucciari, produced by WIRED, and supported by McCann Worldgroup.

Don't miss this information. Accept cookies from YouTube.

Review your preferences

Accept cookies

Digital data is being collected all over the world very quickly and has increased in quantity faster than anyone expected. The organization and sharing of this data is crucial to the ongoing work of biomedical research and in many ways the future of medicine depends on it.

Don't miss this information. Accept cookies from YouTube.

Review your preferences

Accept cookies

The Power of Data Visualization

  • Flood in Uk

    Flooding in the UK is predicted to get worse with climate change. Here is a flood extent map for Worcester & Gloucester - darker colours mean it has been flooded more.

  • UK electrical grid

    Here are the electrical connections that make up the UK National Grid, coloured by their year of construction. You can see the vast majority of the network is from the 50s-70s, with some newer bits. Data from National Grid.

  • GPS Tracking

    GPS tracking of 6 different wolf packs in Voyageurs National Park. Notice how territorial they are and how much they avoid each other, although there's at least one wolf from the white pack who doesn't care at all.

  • Clouds Frequency

    This is a map of annual cloudiness, as the percentage of the days that are cloudy. Taken from MODIS cloud mask data. A bit dodgy around the coasts, but you can see the difference between the North and the South of Europe

  • GDELT

    GDELT project is an open datasets used by computational journalists and academics to map global news events. It includes broadcast and web news from every country in 100 languages. It identifies people, locations, organizations, sources, quotes