Computer crime news, articles and features | 91av /topic/computer-crime/ Science news and science articles from 91av Tue, 22 Aug 2023 08:16:46 +0000 en-US hourly 1 https://wordpress.org/?v=7.0.1 242057827 Tricks for making AI chatbots break rules are freely available online /article/2388231-tricks-for-making-ai-chatbots-break-rules-are-freely-available-online/?utm_campaign=RSS|NSNS&utm_content=computer-crime&utm_medium=RSS&utm_source=NSNS Mon, 21 Aug 2023 10:29:51 +0000 /?post_type=article&p=2388231 2388231 Hackers can turn computer cables into antenna to steal sensitive data /article/2329053-hackers-can-turn-computer-cables-into-antenna-to-steal-sensitive-data/?utm_campaign=RSS|NSNS&utm_content=computer-crime&utm_medium=RSS&utm_source=NSNS Tue, 26 Jul 2022 12:12:33 +0000 /?post_type=article&p=2329053 SATA cable
SATA cables are found in most computers
Shutterstock/Nor Gal

Hackers can covertly turn a cable inside a computer into a makeshift antenna that can secretly transmit sensitive data, even from “air-gapped” devices that are deliberately not connected to the internet.

Air-gapped computers are commonly used by government security services and key infrastructure control systems to prevent remote hackers from gaining access, but that doesn’t mean it is impossible to get data out.

at Ben-Gurion University of the Negev, Israel, has worked for years to develop a series of proof of concept attacks that use different components within computers as unusual transmitters. In the past he has managed to extract information by encoding it in rapid adjustments of screen brightness, deliberate temperature changes within a machine or flickering power LEDs.

Guri’s latest attack focuses on the Serial Advanced Technology Attachment (SATA) cables that connect CD, DVD and hard disc drives to the motherboard of most computers. He found that by deliberately creating a very specific series of superfluous data reads or writes from or to the drives, the cables can be made to create a radio wave at around 6 gigahertz. This wave can be used to encode and transmit data to a waiting hacker several metres away.

Forcing a computer to create these radio wave signals would involve installing a piece of malware, which Guri calls SATAn, on the air-gapped machine. This might seem like a challenge, but it is possible. A report published in 2021 by security company ESET says that that target air-gapped machines, but that they rely heavily on USB drives to infect machines. They also use USB drives for subsequent removal of data, which is transmitted back to the attacker once the drive is plugged into an internet-connected machine.

The report says that only one piece of malware, known as BadBIOS, has ever been claimed to use covert channels similar to SATAn to transmit data – but that its existence is hotly debated by researchers. The Stuxnet worm that targeted Iranian nuclear centrifuges and gave them commands that deliberately caused damage was thought to have been introduced to air-gapped networks via a USB drive, but wasn’t designed to remove data.

Guri says he doesn’t know if similar attacks to SATAn are actually taking place, but says that they are entirely plausible. “This attack is highly available since hard drives exist in all systems such as workstations and servers,” he says. “In addition, the malware uses legitimate read and write hard drive operations which are very challenging to detect and identify as malicious.”

He says that a Faraday cage around the computer that stops all electromagnetic signals would prevent this kind of attack, but for most applications this simply isn’t practical. Another potential measure would be to constantly create noise by reading and writing superfluous data to the hard disc, but that this comes with the downside that it places undue wear and tear on the component.

Reference:

]]>
2329053
US chooses encryption tools to protect us from quantum computers /article/2327054-us-chooses-encryption-tools-to-protect-us-from-quantum-computers/?utm_campaign=RSS|NSNS&utm_content=computer-crime&utm_medium=RSS&utm_source=NSNS Tue, 05 Jul 2022 15:14:24 +0000 /?post_type=article&p=2327054 2327054 What is the Hertzbleed computer chip hack and should you be worried? /article/2324748-what-is-the-hertzbleed-computer-chip-hack-and-should-you-be-worried/?utm_campaign=RSS|NSNS&utm_content=computer-crime&utm_medium=RSS&utm_source=NSNS Thu, 16 Jun 2022 14:30:05 +0000 /?post_type=article&p=2324748 computer chip
3D rendering of a computer chip
jiang jie feng/Shutterstock
Hertzbleed, a newly identified attack that could be used to grab information from computer chips, has captured the attention of technology security researchers – and technology news websites. Here’s what you need to know about the story.  

What is Hertzbleed?

It is a new computer hack that takes advantage of a power-saving feature common to modern computer chips in order to steal sensitive data. It has been demonstrated in the lab and could be used by hackers in the wild. Most chips use a technique called dynamic frequency scaling, or CPU throttling, to increase or reduce the speed with which they carry out instructions. Ramping the power of the CPU up and down to match demand makes them more efficient. In the past, hackers have shown that they can read these power signatures and learn things about the data being processed. This can give them a foothold to break into a machine. The team behind Hertzbleed found that you can actually do something similar remotely by watching carefully to see how quickly a computer completes certain operations, then using that information to determine how it is currently throttling the CPU. Demonstrating that such attacks can be performed remotely makes the issue much more dangerous because remote attacks are much easier for hackers to carry out.

What does it mean for you?

Intel declined a request for interview by 91av, but said in a that all of its chips are vulnerable to the attack. The company said that, through such an attack, it “may be possible to infer parts of the information through sophisticated analysis”. AMD, which shares chip architecture with Intel, also issued a security alert listing several of its mobile, desktop and server chips as . The company didn’t respond to a request for comment. Chipmaker ARM was also approached by 91av, but didn’t answer questions about whether it was working to avoid similar problems with its own chips. One major issue is that even if your personal hardware isn’t affected, you could still fall victim to Hertzbleed. Thousands of servers around the word will store and process your information, archive your data and run the services you use daily. Any of these may be running on hardware that is vulnerable to Hertzbleed. Intel says that the attack can take “hours to days” to steal even a tiny amount of data, so Hertzbleed is more likely to leak small snippets of data rather than large files, email conversations and the like. But if that snippet of data is something like a cryptographic key, then its impact can be significant. “Hertzbleed is a real, and practical, threat to the security of cryptographic software,” say the researchers who discovered the flaw, .

How was it discovered?

Hertzbleed was created by a group of researchers from the University of Texas at Austin, the University of Illinois Urbana-Champaign and the University of Washington in Seattle. They say that they disclosed their discovery to Intel in the third quarter of last year, but that the company asked for it to be kept quiet until May this year – which is a common request designed to allow a company to fix a flaw before it becomes common knowledge. Intel allegedly then asked for an extension to 14 June, but has apparently released no fix for the problem. AMD was informed of the problem in the first quarter of this year. Details of the vulnerability have now been on the researchers’ website and will be presented at the USENIX Security Symposium later this summer. “Side channel power attacks have been long known about, but this is a troubling evolution of the art,” says at the University of Surrey, UK. “The story of its discovery and how it was kept under wraps is a cautionary tale for what else might be out there.”

Can it be fixed?

Neither Intel nor AMD are releasing patches to fix the problem, claim the researchers on their website. Neither company responded to questions posed by 91av. When attacks that watched for changes in a chip’s speed, or frequency, were first discovered in the late 1990s, there was a common fix: write code that only used “time invariant” instructions – that is, instructions that take the same time to carry out regardless of what data is being processed. This stopped an observer gaining knowledge that helped them read data. But Hertzbleed can get around this strategy and can be done remotely. Because this attack relies on the normal operation of a chip feature, not a bug, it could prove tricky to fix. The researchers say that a solution would be to turn off the CPU throttling feature on all chips, globally, but warn that doing so would “significantly impact performance” and that it may not be possible to fully stop frequency changes on some chips.]]>
2324748
Phishing /article/2280851-phishing/?utm_campaign=RSS|NSNS&utm_content=computer-crime&utm_medium=RSS&utm_source=NSNS Tue, 15 Jun 2021 10:58:12 +0000 /?post_type=term&p=2280851 2280851 Hundreds of UK ambulances rely on software vulnerable to cyberattack /article/2252227-hundreds-of-uk-ambulances-rely-on-software-vulnerable-to-cyberattack/?utm_campaign=RSS|NSNS&utm_content=computer-crime&utm_medium=RSS&utm_source=NSNS Tue, 18 Aug 2020 15:53:38 +0000 /?post_type=article&p=2252227
ambulance
Yorkshire Ambulance Service ambulances are vulnerable to hacking
Ian Dagnall / Alamy

HUNDREDS of ambulances in the UK are still using devices that run on defunct Windows operating systems, making them more vulnerable to cyberattacks. The WannaCry ransomware that knocked out computers at dozens of hospitals in 2017 took advantage of a similar vulnerability.

According to data obtained through Freedom of Information (FOI) requests, North East Ambulance Service and Yorkshire Ambulance Service use devices in their ambulances daily that run on Windows XP.

About 500 vehicles run by the Yorkshire Ambulance Service have a mobile device terminal that controls a vehicle’s GPS navigation and deals with status messages, such as where a patient lives and the type of emergency. Some 350 run on Windows XP, which hasn’t been supported by Microsoft since April 2014. Yorkshire Ambulance Service says it will update these by 15 October.

North East Ambulance Service runs XP on devices in 550 vehicles. London Ambulance Service also said it has five XP devices, but they aren’t connected to the internet.

91av put in FOI requests to all the ambulance trusts in England last year asking whether devices within each trust ran on Windows XP, Windows 98 or Windows 95. Only those mentioned in this article were using obsolete versions of Windows and all three declined to provide additional comment.

“In each dual crewed ambulance and rapid response vehicle there is a mobile data terminal, which is controlled by a third party company, Terrafix,” said Yorkshire Ambulance Service in its FOI response.

Terrafix responded to 91av with the following comment: “Terrafix agrees that using Windows XP in a standard system setup can be open to vulnerabilities, however all Terrafix systems provided to Ambulance Trusts across the UK are completely locked down and do not allow any unprotected physical or remote access. This, therefore, negates any vulnerability from using Windows XP, or any version of operating system, on a Terrafix device.”

Ray Walsh at advocacy group ProPrivacy says: “Terrafix provides systems to many ambulances, so is a high-level potential target for hackers, cybercriminals and cyberwarfare attacks.”

“The company is responsible for systems that provide the information that first responders and paramedics receive while on call,” he says. “If it were to be hacked, cybercriminals could potentially get a hold of any patient data that is provided by the mobile data terminal in the ambulance or, worse, interfere with the vital information that enables the ambulance to get to the patient quickly.”

Windows XP no longer gets security updates. Potential consequences were seen in 2017, when the WannaCry ransomware attacks took down hundreds of thousands of computers worldwide. More than 60 UK National Health Service trusts were affected, which prevented doctors from accessing patient records and forced the cancellation of many procedures.

WannaCry exploited computers that hadn’t been updated with the latest Windows security patches or that ran versions of the operating system that Microsoft no longer supported.

]]>
2252227
Tech giants, states or trolls: Who will control tomorrow’s internet? /article/2220597-tech-giants-states-or-trolls-who-will-control-tomorrows-internet/?utm_campaign=RSS|NSNS&utm_content=computer-crime&utm_medium=RSS&utm_source=NSNS Wed, 23 Oct 2019 05:00:00 +0000 http://mg24432530.400 2220597 The great Bangladesh cyber heist /video/2202401-the-great-bangladesh-cyber-heist/?utm_campaign=RSS|NSNS&utm_content=computer-crime&utm_medium=RSS&utm_source=NSNS Fri, 10 May 2019 10:07:18 +0000 /?post_type=video&p=2202401 2202401 Uncrackable computer chips stop malicious bugs attacking your computer /article/2176020-uncrackable-computer-chips-stop-malicious-bugs-attacking-your-computer/?utm_campaign=RSS|NSNS&utm_content=computer-crime&utm_medium=RSS&utm_source=NSNS Wed, 08 Aug 2018 18:00:00 +0000 http://mg23931900.300 2176020 Your social media data is out there, just waiting to be leaked /article/2169035-your-social-media-data-is-out-there-just-waiting-to-be-leaked/?utm_campaign=RSS|NSNS&utm_content=computer-crime&utm_medium=RSS&utm_source=NSNS /article/2169035-your-social-media-data-is-out-there-just-waiting-to-be-leaked/#respond Wed, 16 May 2018 12:02:20 +0000 /?post_type=article&p=2169035 /article/2169035-your-social-media-data-is-out-there-just-waiting-to-be-leaked/feed/ 0 2169035