No need for trenches in cyber-warfare, when all you need is a computer

No need for trenches in cyber-warfare, when all you need is a computer
Cyber warfare doesn't need anything more complex than a laptop and a power source. (Shutterstock/File)
Updated 12 February 2019

No need for trenches in cyber-warfare, when all you need is a computer

No need for trenches in cyber-warfare, when all you need is a computer
  • Estimates put the cost of cyber attacks at $575 bln
  • Conference told cyber warfare impacts the very fabric of society

DUBAI: Cyber-warfare allows anyone to hack and take over billboards, television stations and even speeches far from where the conflict is and from the comfort of their own homes, warned information security researcher and analyst Rodrigo Bijou on Tuesday.

“Cyberfare goes beyond just hacking a few computers and systems, it is the manipulation of the very fabric of society, online and offline,” Bijou told audience members at a packed hall Dubai’s World Government Summit.

“Maintaining cybersecurity is a necessity because it goes beyond simple piracy to manipulation of the fabric of society.”

Organizations operating in the Middle East – including media – have been targeted in cyberattacks so sophisticated and so big that they could only have been by governments or agencies operating on their behalf.

In 2018 the British government estimated the global cost of cyber attacks ranged from a “conservative” $375 bln to a top end of $575 bln.

Costs come as a result of a multitude of reasons: media company websites are taken over, bank accounts emptied, sensitive information stolen and leaked, or websites are simply disabled in malicious attacks.

None of these examples are good for any organization or government, but for smaller companies without the back up of highly experienced technical teams it can be crippling.    

Bijou spoke of the need for governments worldwide to be wary of “digital vulnerabilities” in order to stay ahead of hackers.

“We can change the dynamics of cyber-warfare through a global collaborative approach, turning hacking into a force for the betterment of humanity,” he said, adding that “Government must design cybersecurity strategies and ensure cyber resilience and work on unified cyber strategies operating in a single system to take care of any digital imbalance in order to confront piracy.”

Also speaking on the third and last day of the World Government Summit in Dubai was Facebook’s policy manager for Europe and MENA on counterterrorism and countering violent extremism, Erin Marie Saltman.

“We must fight the rhetoric of extremism and hatred that is spread through extremist content and calculations,” she said, adding that governments and companies “must constantly conduct objective analysis in the cyber world to challenge the threat of terrorism and extremism.”

“There are penetrating accounts and hate speech, so we must urge governments to do more to address this phenomenon that is spreading in the cyber world,” she said.

Saltman urged both governments and powerful companies to work together to counter these rhetorics.

“We must work together to create a digital fingerprint that contributes to creating a digital society to counter extremism,” she said.

SpaceX lands NASA launch contract for mission to Jupiter’s moon Europa

SpaceX lands NASA launch contract for mission to Jupiter’s moon Europa
Updated 24 July 2021

SpaceX lands NASA launch contract for mission to Jupiter’s moon Europa

SpaceX lands NASA launch contract for mission to Jupiter’s moon Europa
  • Europa Clipper mission due for blastoff in October 2024

LOS ANGELES: Elon Musk’s private rocket company SpaceX was awarded a $178 million launch services contract for NASA’s first mission focusing on Jupiter’s icy moon Europa and whether it may host conditions suitable for life, the space agency said on Friday.
The Europa Clipper mission is due for blastoff in October 2024 on a Falcon Heavy rocket owned by Musk’s company, Space Exploration Technologies Corp, from NASA’s Kennedy Space Center in Florida, NASA said in a statement posted online.
The contract marked NASA’s latest vote of confidence in the Hawthorne, California-based company, which has carried several cargo payloads and astronauts to the International Space Station for NASA in recent years.
In April, SpaceX was awarded a $2.9 billion contract to build the lunar lander spacecraft for the planned Artemis program that would carry NASA astronauts back to the moon for the first time since 1972.
But that contract was suspended after two rival space companies, Jeff Bezos’s Blue Origin and defense contractor Dynetics Inc, protested against the SpaceX selection.
The company’s partly reusable 23-story Falcon Heavy, currently the most powerful operational space launch vehicle in the world, flew its first commercial payload into orbit in 2019.
NASA did not say what other companies may have bid on the Europa Clipper launch contract.
The probe is to conduct a detailed survey of the ice-covered Jovian satellite, which is a bit smaller than Earth’s moon and is a leading candidate in the search for life elsewhere in the solar system.
A bend in Europa’s magnetic field observed by NASA’s Galileo spacecraft in 1997 appeared to have been caused by a geyser gushing through the moon’s frozen crust from a vast subsurface ocean, researchers concluded in 2018. Those findings supported other evidence of Europa plumes.
Among the Clipper mission’s objectives are to produce high-resolution images of Europa’s surface, determine its composition, look for signs of geologic activity, measure the thickness of its icy shell and determine the depth and salinity of its ocean, NASA said. 



Climate ‘mysteries’ still puzzle scientists, despite progress

Climate ‘mysteries’ still puzzle scientists, despite progress
Updated 23 July 2021

Climate ‘mysteries’ still puzzle scientists, despite progress

Climate ‘mysteries’ still puzzle scientists, despite progress
  • Scientists are still unsure what part clouds play “in the energy balance of the planet”
  • Climate models have come a long way, even since 2014, but there is still room for improvement to reduce uncertainties

PARIS: What worries one of the world’s leading climate scientists the most?
Heatwaves — and particularly the tendency of current models to underestimate the intensity of these bursts of deadly, searing temperature.
This is one of the “major mysteries” science still has to unravel, climatologist Robert Vautard told AFP, even as researchers are able to pinpoint with increasing accuracy exactly how human fossil fuel pollution is warming the planet and altering the climate.
“Today we have better climate projection models, and longer observations with a much clearer signal of climate change,” said Vautard, one of the authors of an upcoming assessment by the United Nations’ panel of climate experts.
“It was already clear, but it is even clearer and more indisputable today.”
The assessment, the first part of a trio of reports from the Intergovernmental Panel on Climate Change (IPCC), will be released on August 9 at the end of meetings starting Monday.
It focuses on the science underpinning our understanding of things like temperature increases, rising ocean levels and extreme weather events.
This has progressed considerably since the last assessment in 2014, but so has climate change itself, with effects being felt ever more forcefully across the planet.

'Phenomenal temperatures'
Scientists now have a greater understanding of the mechanisms behind “extreme phenomena, which now occur almost every week around the world,” said Vautard, adding that this helps better quantify how these events will play out in the future.
In almost real time, researchers can pinpoint the role of climate change in a given disaster, something they were unable to do at all until very recently.
Now, so-called “attribution” science means we can say how probable an extreme weather event would have been had the climate not been changing at all.
For example, within days of the extraordinary “heat dome” that scorched the western United States and Canada at the end of June, scientists from the World Weather Attribution calculated that the heatwave would have been “almost impossible” without warming.
Despite these advances, Vautard said “major mysteries remain.”
Scientists are still unsure what part clouds play “in the energy balance of the planet” and their influence on the climate’s sensitivity to greenhouse gases, he said.
But it is “phenomenal temperatures,” like those recorded in June in Canada or in Europe in 2019, that preoccupy the climatologist.
“What worries me the most are the heat waves” and the “thousands of deaths” they cause, said Vautard, who is director of France’s Pierre-Simon Laplace Institute, a climate research and teaching center.
With rainfall, scientists have a physical law that says water vapor increases by seven percent for every degree of warming, he said, with intense precipitation increasing by about the same amount.
But extreme heat is harder to predict.
“We know that heatwaves are more frequent, but we also know that our models underestimate the increasing intensity of these heatwaves, particularly in Europe, by a factor of two,” he said.
Climate models have come a long way, even since 2014, but there is still room for improvement to reduce these uncertainties.
“Before we had models that represented the major phenomena in the atmosphere, in the oceans,” said Vautard.
Today the models divide the planet’s surface into grids, with each square around 10 kilometers (six miles).
But even now he said the “resolution of the models is not sufficient” for very localized phenomena.
The next generation of models should be able to add even more detail, going down to an area of about a kilometer.
That would give researchers a much better understanding of “small scale” events, like tornadoes, hail or storm systems that bring intense rain like those seen in parts of the Mediterranean in 2020.

'Tipping points'
Even on a global scale, some fundamental questions remain.
Perhaps one of the most ominous climate concepts to have become better understood in recent years is that of “tipping points.”
These could be triggered for example by the melting of the ice caps or the decline of the Amazon rainforest, potentially swinging the climate system into dramatic and irreversible changes.
There are still “a lot of uncertainties and mysteries” about tipping points, Vautard said, including what level of temperature rise might set them off.
Currently, they are seen as low probability events, but he said that it is still crucial to know more about them given the “irreversible consequences on the scale of millennia” that they could cause.
Another crucial uncertainty is the state of the world’s forests and oceans, which absorb about half of the CO2 emitted by humans.
“Will this carbon sink function continue to be effective or not?” Vautard said.
If they stop absorbing carbon — as has been found in areas of the Amazon, for example — then more C02 will accumulate in the atmosphere, raising temperatures even further.
“It is a concern,” said Vautard.

Scientists stunned by rare Arctic lightning storms north of Alaska

Scientists stunned by rare Arctic lightning storms north of Alaska
Updated 17 July 2021

Scientists stunned by rare Arctic lightning storms north of Alaska

Scientists stunned by rare Arctic lightning storms north of Alaska
  • Air over the Arctic Ocean typically lacks the convective heat needed to generate lightning storms, but that's changing, scientists say

ANCHORAGE, Alaska: Meteorologists were stunned this week when three successive thunderstorms swept across the icy Arctic from Siberia to north of Alaska, unleashing lightning bolts in an unusual phenomenon that scientists say will become less rare with global warming.
“Forecasters hadn’t seen anything like that before,” said Ed Plumb, a National Weather Service meteorologist in Fairbanks, speaking about the storms that started on Saturday.
Typically, the air over the Arctic Ocean, especially when the water is covered with ice, lacks the convective heat needed to generate lightning storms.
But as climate change warms the Arctic faster than the rest of the world, that’s changing, scientists say.
Episodes of summer lightning within the Arctic Circle have tripled since 2010, a trend directly tied to climate change and increasing loss of sea ice in the far north, scientists reported in a March study published in the journal Geophysical Research Letters. As sea ice vanishes, more water is able to evaporate, adding moisture to the warming atmosphere.
“It’s going to go with the temperatures,” said co-author Robert Holzworth, an atmospheric physicist at the University of Washington in Seattle.
These electrical storms threaten boreal forests fringing the Arctic, as they spark fires in remote regions already baking under the round-the-clock summer sun. Boreal Siberia in Russia gets more lightning than any other Arctic region, Holzworth said.

“What used to be very rare is now just rare.”

Rick Thoman, climate scientist at University of Alaska Fairbanks

The paper also documented more frequent lightning over the Arctic’s treeless tundra regions, as well as above the Arctic Ocean and pack ice. In August 2019, lightning even struck within 60 miles (100 kilometers) of the North Pole, the researchers found.
In Alaska alone, thunderstorm activity is on track to increase three-fold by the end of the century if current climate trends continue, according to two studies by scientists at the National Center for Atmospheric Research in Boulder, Colorado, published over the last year in the journal Climate Dynamics.
“What used to be very rare is now just rare,” said Rick Thoman, a climate scientist with the University of Alaska Fairbanks. As the parade of Arctic storms this week demonstrated, lightning is already appearing in unexpected places, he said. “I have no memory of three consecutive days of this kind of thing” in the Arctic.
With the sharp uptick in lightning, Siberia has seen increasingly ferocious forest fires in recent years. This week, the Russian army deployed water-dropping aircraft to douse flames burning some nearly 2 million acres (800,000 hectares) of forest, while the hardest-hit region of Yakutia has been in a state of emergency for weeks.
Meanwhile, mid-June lightning sparked one of the biggest fires this summer in Alaska, scorching more than 18,000 acres of tundra about 125 miles (200 km) north of the Arctic Circle in the Noatak National Preserve in the northwestern corner of the state.
Warming in the Arctic is also encouraging the growth of vegetation on northern Alaska’s tundra, adding further fuel for fires, scientists said.
By the end of the century, twice as much Alaska tundra could burn on a regular basis than was the norm in the past, with fires occurring four times more frequently, according to researchers at the International Arctic Research Center in Fairbanks.
On the water, the lightning is an increasing hazard to mariners, and vessel traffic is increasing as sea ice retreats, Holzworth said.
People can become lightning rods and usually try to get low for safety. That’s tough to do on flat tundra or ocean expanse.
“What you really need is to pay better attention to the lightning forecasts,” he said.

US, UK cybersecurity agencies disclose hacking methods used by Russian spy group

US, UK cybersecurity agencies disclose hacking methods used by Russian spy group
Updated 02 July 2021

US, UK cybersecurity agencies disclose hacking methods used by Russian spy group

US, UK cybersecurity agencies disclose hacking methods used by Russian spy group
  • Operatives linked to Russia's spy agency GRU have tried to break into networks using Kubernetes, says NSO

WASHINGTON: US and British agencies disclosed on Thursday details of “brute force” methods they say have been used by Russian intelligence to try to break into the cloud services of hundreds of government agencies, energy companies and other organizations.
An advisory released by the US National Security Agency describes attacks by operatives linked to the GRU, the Russian military intelligence agency, which has been previously tied to major cyberattacks abroad and efforts to disrupt the 2016 and 2020 American elections.
In a statement, NSA Cybersecurity Director Rob Joyce said the campaign was “likely ongoing, on a global scale.”
Brute force attacks involve the automated spraying of sites with potential passwords until hackers gain access. The advisory urges companies to adopt methods long urged by experts as common-sense cyber hygiene, including the use of multi-factor authentication and mandating strong passwords.
Issued during a devastating wave of ransomware attacks on governments and key infrastructure, the advisory does not disclose specific targets of the campaign or its presumed purpose, saying only that hackers have targeted hundreds of organizations worldwide.
The NSA says GRU-linked operatives have tried to break into networks using Kubernetes, an open-source tool originally developed by Google to manage cloud services, since at least mid-2019 through early this year. While a “significant amount” of the attempted break-ins targeted organizations using Microsoft’s Office 365 cloud services, the hackers went after other cloud providers and email servers as well, the NSA said.
The US has long accused Russia of using and tolerating cyberattacks for espionage, spreading disinformation, and the disruption of governments and key infrastructure.
The Russian Embassy in Washington on Thursday “strictly” denied the involvement of Russian government agencies in cyberattacks on US government agencies or private companies.
In a statement posted on Facebook, the embassy said, “We hope that the American side will abandon the practice of unfounded accusations and focus on professional work with Russian experts to strengthen international information security.”
Joe Slowik, a threat analyst at the network-monitoring firm Gigamon, said the activity described by NSA on Thursday shows the GRU has further streamlined an already popular technique for breaking into networks. He said it appears to overlap with Department of Energy reporting on brute force intrusion attempts in late 2019 and early 2020 targeting the US energy and government sectors and is something the US government has apparently been aware of for some time.
Slowik said the use of Kubernetes “is certainly a bit unique, although on its own it doesn’t appear worrying.” He said the brute force method and lateral movement inside networks described by NSA are common among state-backed hackers and criminal ransomware gangs, allowing the GRU to blend in with other actors.
John Hultquist, vice president of analysis at the cybersecurity firm Mandiant, characterized the activity described in the advisory as “routine collection against policy makers, diplomats, the military, and the defense industry.”
“This is a good reminder that the GRU remains a looming threat, which is especially important given the upcoming Olympics, an event they may well attempt to disrupt,” Hultquist said in a statement.
The FBI and the Cybersecurity and Infrastructure Security Agency joined the advisory, as did the British National Cyber Security Center.
The GRU has been repeatedly linked by US officials in recent years to a series of hacking incidents. In 2018, special counsel Robert Mueller’s office charged 12 military intelligence officers with hacking Democratic emails that were then released by WikiLeaks in an effort to harm Hillary Clinton’s presidential campaign and boost Donald Trump’s bid.
More recently, the Justice Department announced charges last fall against GRU officers in cyberattacks that targeted a French presidential election, the Winter Olympics in South Korea and American businesses.
Unlike Russia’s foreign intelligence agency SVR, which is blamed for the SolarWinds hacking campaign and is careful not to be detected in its cyber ops, the GRU has carried out the most damaging cyberattacks on record, including two on Ukraine’s power grid and the 2017 NotPetya virus that caused more than $10 billion in damage globally.
GRU operatives have also been involved in the spread of disinformation related to the coronavirus pandemic, US officials have alleged. And an American intelligence assessment in March says the GRU tried to monitor people in US politics in 2019 and 2020 and staged a phishing campaign against subsidiaries of the Ukrainian energy company Burisma, likely to gather information damaging to President Joe Biden, whose son had earlier served on the board.
The Biden administration in April sanctioned Russia after linking it to election interference and the SolarWinds breach.

Latvian woman charged in US with role in cybercrime group Trickbot

Latvian woman charged in US with role in cybercrime group Trickbot
Updated 05 June 2021

Latvian woman charged in US with role in cybercrime group Trickbot

Latvian woman charged in US with role in cybercrime group Trickbot
  • Group accused of infecting millions of computers worldwide with malware that targeted hospitals, schools, governments, businesses and other entities

WASHINGTON: A Latvian woman has been charged with developing malicious software used by a cybercrime organization that infected computers worldwide and looted bank accounts of millions of dollars, the Justice Department said Friday.
Alla Witte is charged as part of a 47-count indictment with participating in an organization known as the Trickbot Group, which authorities say operated in Russia and several other countries. The group is accused of infecting millions of computers worldwide with malware that targeted hospitals, schools, governments, businesses and other entities.
Witte, who authorities say previously lived in Suriname, was arrested in Miami in February. She was arraigned Friday in federal court in Cleveland, according to the Justice Department.
The prosecution, which the Justice Department says is part of its newly developed ransomware task force, comes as the Biden administration confronts a growing scourge of ransomware attacks that have targeted crucial supply chains including meat and fuel. The White House, which has also been contending with cyberespionage campaigns aimed at US government agencies, issued a memo this week underscoring that the fight against ransomware is a top priority.
“These charges serve as a warning to would-be cybercriminals that the Department of Justice, through the Ransomware and Digital Extortion Task Force and alongside our partners, will use all the tools at our disposal to disrupt the cybercriminal ecosystem,” Deputy Attorney General Lisa Monaco said in a statement.

Shutterstock illustration image

The indictment accuses Witte of participating in a scheme to steal millions of dollars from entities across the world by infecting computers with malware that captured personal information — such as credit card numbers and passwords — and gave TrickBot members access to the victims’ networks.
Among the targets identified in the indictment are real estate and law firms, country clubs, public school districts and other companies.
Prosecutors say Witte worked as a malware developer for the group, writing code related to ransomware that told victims that they’d need to acquire special software to decrypt their files. She’s also accused of providing code that monitored and tracked authorized users of the malware.
In October, weeks before the 2020 presidential election, Microsoft announced legal action to disrupt TrickBot in an operation aimed at knocking offline command-and-control servers.
The indictment, which includes multiple other defendants whose names have been blacked out, includes charges of conspiracy to commit computer fraud, aggravated identity theft and other crimes.
It was not immediately clear if Witte had a lawyer.