A busy few days on the IT security front once again.

First, news reports started appearing last Thursday that the game company Electronics Arts was hacked. Apparently, the intruders were able to penetrate a decade-old server that was supporting BioWare Edmonton’s Neverwinter Nights game forums. EA  warned forum users on 15 June that it had discovered the day before that:

hackers may have obtained information such as user account names and passwords, email addresses, and birth dates of approximately 18,000 accounts—a very small percentage of total users.  We have emailed those whose accounts may have been compromised and either disabled their accounts or reset their EA Account passwords. If you did not receive an email from us, or if your password still works for your EA account, your username and password were not compromised.  Nevertheless, changing your password regularly is always helpful to protect your account.

And per usual, EA stated, "We take the security of your information very seriously and regret any inconvenience this may have caused you."

Last Thursday, EA announced that the hackers got a bit more information than first thought and made a more general announcement on a support website:

Our investigation shows that information such as user names, encrypted passwords, email addresses, mailing addresses, names, phone numbers, CD keys and birth dates from accounts on the server system associated with Neverwinter Nights may have been compromised. If you linked your legacy Bioware account to an EA Account, then additional information that you associated with your EA Account (if any) may have been compromised as well.  Such information could include your name, mailing address, billing address, language, game entitlements and games played, and other game-specific account information depending on your use of your EA Account.  Hackers obtained access to unencrypted passwords of a relatively small number of users, who have been notified.

EA warned customers of possible phishing attacks using the compromised information and said forum users should change their passwords.

Next, PBS was hacked again last week and a " 'very small number' of administrative user names and encrypted passwords were stolen,"CBS News reported on Saturday. PBS was first hacked in May, when it announced hackers had been able to publish "a fake news story on the PBS NewsHour's news blog, The Rundown, about late rapper Tupac Shakur being spotted alive in New Zealand."

In addition, a NATO-related website was apparently compromised last week. According to a very short and vague NATO statement dated last Thursday,

Police dealing with digital crimes have notified NATO of a probable data breach from a NATO-related web site operated by an external company. NATO’s e-Bookshop is a separate service for the public for the release of NATO information and does not contain any classified data. Access to the site has been blocked and subscribers have been notified.

More interesting was a NATO public relations statement that followed:

NATO’s Strategic Concept, approved last November, identifies cyber defence as one of the critical capabilities which the Alliance should develop to prevent, detect, defend against and recover from cyber-attacks. To deal with this growing threat, NATO defence ministers agreed this month on a cyber defence action plan. This action plan is already being implemented.

Why someone at NATO thought it was a good idea to link the two statements is beyond me.

Also, the hacking group LulzSec was able to penetrate, download, and release information from the Arizona Department of Public Safety's (DPS) computers, according to news reports like one last Thursday from ArizonaCentral.com. According to the ArizonaCentral.com story,

The DPS files, posted on LulzSec's web site, include personal information about officers and numerous documents ranging from routine alerts from out-of-state police agencies to videos and photos about the hazards of police work and operations of drug gangs. The names of the files are as innocuous as "resume" and "evaluation form" and as provocative as "cartel leader threatens deadly force on U.S. police."

LulzSec said it targeted the Arizona DPS because it was against Arizona's stand on the apprehension of illegal immigrants.

Interestingly, LulzSec posted a statement on its website on Saturday that it was now going to stop its 50 days of hack attacks. Numerous news outlets—like the Wall Street Journalspeculated on the motives behind the announcement; ideas have ranged from "Law enforcement is closing in on members of the group" to "The announcement was merely a ploy to take the heat off members while they went off and joined other hacker groups."

No one seriously expects, however, that the frequency of cyber attacks will suddenly fall off. What LulzSec demonstrated was just how easy it is to penetrate the IT systems of governments and big corporations alike and gain major publicity for doing so. More than likely LulzSec's efforts will only serve to encourage other hacking groups to redouble their efforts.

Almost on cue, the Ponemon Institute released a survey sponsored by Juniper Networks that, according to a press release, "found the threat from cyber attacks today is nearing statistical certainty and businesses of every type and size are vulnerable to attacks."

The Ponemon survey found that 90 percent of businesses had experienced a cyber security breach at least once in the past 12 months, with 59 percent of those organizations surveyed reporting two or more breaches in the past 12 months. In addition, 43 percent indicated they had experienced a rise in cyber attacks over the past 12 months.

You can read the Ponemon survey results here (PDF).

Then there were also reports that budget hotel company Travelodge had been hacked and its customer names and e-mail addresses taken. The company said it takes the incident very seriously but hasn't yet disclosed how many of its customers were affected.

Finally, the Wall Street Journal reported on Saturday that Citigroup indicated to U.S. government officials that the hackers who breached its security were able to steal some US $2.7 million from 3400 customers, or about $800 per customer. The Journal story states that there were "$48 billion in identity fraud losses and 9.9 million customer victims" every year in the United States, amounting to a cost of about $4850 per victim.

Looks like Citigroup got off easy.

PHOTO: iStockphoto

The Conversation (0)

Metamaterials Could Solve One of 6G’s Big Problems

There’s plenty of bandwidth available if we use reconfigurable intelligent surfaces

12 min read
An illustration depicting cellphone users at street level in a city, with wireless signals reaching them via reflecting surfaces.

Ground level in a typical urban canyon, shielded by tall buildings, will be inaccessible to some 6G frequencies. Deft placement of reconfigurable intelligent surfaces [yellow] will enable the signals to pervade these areas.

Chris Philpot

For all the tumultuous revolution in wireless technology over the past several decades, there have been a couple of constants. One is the overcrowding of radio bands, and the other is the move to escape that congestion by exploiting higher and higher frequencies. And today, as engineers roll out 5G and plan for 6G wireless, they find themselves at a crossroads: After years of designing superefficient transmitters and receivers, and of compensating for the signal losses at the end points of a radio channel, they’re beginning to realize that they are approaching the practical limits of transmitter and receiver efficiency. From now on, to get high performance as we go to higher frequencies, we will need to engineer the wireless channel itself. But how can we possibly engineer and control a wireless environment, which is determined by a host of factors, many of them random and therefore unpredictable?

Perhaps the most promising solution, right now, is to use reconfigurable intelligent surfaces. These are planar structures typically ranging in size from about 100 square centimeters to about 5 square meters or more, depending on the frequency and other factors. These surfaces use advanced substances called metamaterials to reflect and refract electromagnetic waves. Thin two-dimensional metamaterials, known as metasurfaces, can be designed to sense the local electromagnetic environment and tune the wave’s key properties, such as its amplitude, phase, and polarization, as the wave is reflected or refracted by the surface. So as the waves fall on such a surface, it can alter the incident waves’ direction so as to strengthen the channel. In fact, these metasurfaces can be programmed to make these changes dynamically, reconfiguring the signal in real time in response to changes in the wireless channel. Think of reconfigurable intelligent surfaces as the next evolution of the repeater concept.

Keep Reading ↓Show less