This Week in Cybercrime: Three Denial of Service Attacks, Kaspersky Calls for Help

Denial of service attacks rain down on Russia Today, Wikileaks, AT&T

3 min read
This Week in Cybercrime: Three Denial of Service Attacks, Kaspersky Calls for Help

-Today, there are reports that the web site of Russia Today is being hit by a denial of service attack. Exactly who is behind the attack and what their motive might be is unclear at this time, but speculation is that it may be connected to the Pussy Riot punk band conviction.

-On Wednesday, Reuters admitted that its blogging platform had been hacked again, and that another false story had been posted, this time claiming Saudi Arabia's Foreign Minister Prince Saud al-Faisal had died.

-In addition on Wednesday, word started to filter out that AT&T was being hit by a denial of service attack. AT&T admitted yesterday that the attack attempted “to flood our Domain Name System servers in two locations”, and that corporate customers had been affected, apparently some for at least eight hours.

-On Tuesday, the Financial Times reported that Wikileaks’ web site was back up after being down for 9 days because of a sustained denial of service attack. A Wikileaks spokesperson suspected it “was the work of a large organization,” although the person would not single out who it might be, such as the U.S. government with which it has been at odds with (wink, wink).

-Also on Tuesday, security researchers at Kaspersky Lab put out a call for help in deciphering how a new computer Trojan works. Kaspersky discovered the Trojan last week and dubbed it "Gauss", and tied its parentage to both Stuxnet and Flame. The purpose of Gauss seems to be to spy on financial transactions that take place mainly in Lebanese financial institutions.

A blog post at Kaspersky states:

“Despite our best efforts, we were unable to break the encryption. So today we are presenting all the available information about the payload in the hope that someone can find a solution and unlock its secrets. We are asking anyone interested in cryptology and mathematics to join us in solving the mystery and extracting the hidden payload.”

-A couple of interesting cyber security stories hit the news this week. On Monday, the Boston Globe reported on a survey recently conducted by computer security company CounterTack of 100 information security executives at companies with revenues greater than $100 million. The survey found that half of the executives admitted to computer network attacks in the past year, and that over a third did not believe that their organizations could stop future attacks. Being able to beat off advanced persistent attacks was a major worry of over 80% of those surveyed, with nearly half saying that they did not have the resources to keep such attacks at bay.

Making the CounterTack results a bit more worrisome was a survey report of nearly 10,000 executives in 138 countries released on Wednesday by consulting firm PricewaterhouseCoopers which indicated that despite the increase in IT security incidents and costs over the past few years, that only 39 percent of the executives said they reviewed their privacy policies annually, compared to 52 percent in 2009. As Jason Pett, head of PwC's U.S. internal audit services, remarked in a bit of understatement in a press release announcing the report, “No matter how strong a company’s data security policies and controls are, a company won’t really know the adequacy of its defense if it doesn’t continually verify that those defenses are sound, uncompromised and applied in a consistent manner.”

-There were also two off-beat cyber security stories this week as well. The first involved a 73-year-old Wisconsin woman who discovered that someone had been illegally taking out loans in her name for nearly a decade. She discovered this after she applied for a free credit report which was turned down because the credit monitoring service said that she had the incorrect address on her application. The woman only had applied for the credit report because she was one of the 100,000 plus individuals who had their Social Security and tax id numbers inadvertently posted on the Wisconsin Department of Revenue web site for three months this year; the state offered a year of free credit monitoring to those affected. So without the data breach, she may not have ever known her identity had been stolen.

The other story appeared in the Washington Post and claimed that motorists involved in traffic accidents should be wary of providing “too much” information to the other driver because it may lead to your identity being stolen. The story claims that the National Association of Insurance Commissioners (NAIC) is recommending that drivers in accidents “don’t share personal information, such as your driver’s license number, home address or even your telephone number.”  A NAIC official quoted in the story implies that ID theft is occurring as a result of staged vehicle accidents.

However, at least here in Virginia, the state Department of Motor Vehicles says that in case of an accident you need to get the driver’s name, address and contact details, including the driver’s license number, the license plate number of the vehicles involved, along with auto insurance information for the motorists involved.

The Post article is the first I have read about this being a potential source of ID theft. Anyone else read about ID theft being traced to a car accident, staged or not? And how real do you think the threat is?

The Conversation (0)

Metamaterials Could Solve One of 6G’s Big Problems

There’s plenty of bandwidth available if we use reconfigurable intelligent surfaces

12 min read
An illustration depicting cellphone users at street level in a city, with wireless signals reaching them via reflecting surfaces.

Ground level in a typical urban canyon, shielded by tall buildings, will be inaccessible to some 6G frequencies. Deft placement of reconfigurable intelligent surfaces [yellow] will enable the signals to pervade these areas.

Chris Philpot

For all the tumultuous revolution in wireless technology over the past several decades, there have been a couple of constants. One is the overcrowding of radio bands, and the other is the move to escape that congestion by exploiting higher and higher frequencies. And today, as engineers roll out 5G and plan for 6G wireless, they find themselves at a crossroads: After years of designing superefficient transmitters and receivers, and of compensating for the signal losses at the end points of a radio channel, they’re beginning to realize that they are approaching the practical limits of transmitter and receiver efficiency. From now on, to get high performance as we go to higher frequencies, we will need to engineer the wireless channel itself. But how can we possibly engineer and control a wireless environment, which is determined by a host of factors, many of them random and therefore unpredictable?

Perhaps the most promising solution, right now, is to use reconfigurable intelligent surfaces. These are planar structures typically ranging in size from about 100 square centimeters to about 5 square meters or more, depending on the frequency and other factors. These surfaces use advanced substances called metamaterials to reflect and refract electromagnetic waves. Thin two-dimensional metamaterials, known as metasurfaces, can be designed to sense the local electromagnetic environment and tune the wave’s key properties, such as its amplitude, phase, and polarization, as the wave is reflected or refracted by the surface. So as the waves fall on such a surface, it can alter the incident waves’ direction so as to strengthen the channel. In fact, these metasurfaces can be programmed to make these changes dynamically, reconfiguring the signal in real time in response to changes in the wireless channel. Think of reconfigurable intelligent surfaces as the next evolution of the repeater concept.

Keep Reading ↓Show less