The Daily Mail | Source URL
Thousands of ethical hackers and security researchers have gathered in Las Vegas this week to address some of the biggest potential threats to cybersecurity.
At the Black Hat information security conference, researchers have revealed how satellite communications could be used by hackers to launch ‘cyber-physical attacks,’ essentially turning their antennas into massive microwave ovens, according to the Guardian.
And Def Con, one of the world’s largest hacker conventions, will serve as a lab for breaking into voting machines, extending its efforts to identify potential security flaws in technology that may be used in the November U.S. elections.
In a presentation building off prior research, Ruben Santamarta of security firm IOActive warned that the communications used by ships, planes, and the military are vulnerable to hackers.
‘The consequences of these vulnerabilities are shocking,’ Santamarta said, according to the Guardian.
‘Essentially, the theoretical cases I developed four years ago are no longer theoretical.
‘We’re basically turning Satcom devices into radio frequency weapons,’ Santamarta said. ‘It’s pretty much the same principle behind the microwave oven.’
Satellite systems could also be used to leak information, the expert said.
At Def Con, a three-day ‘Voting Village,’ opened on Friday in effort to expose vulnerabilities in devices such as digital poll books and memory-card readers.
Def Con held its first voting village last year after U.S. intelligence agencies concluded the Russian government used hacking in its attempt to support Donald Trump’s 2016 candidacy for president. Moscow has denied the allegations.
Organizers have returned ahead of the November elections, in which Democrats hope to take control of the U.S. House of Representatives.
Trump’s national security team last week warned that Russia had launched ‘pervasive’ efforts to interfere in the elections.
‘These vulnerabilities that will be identified over the course of the next three days would, in an actual election, cause mass chaos,’ said Jake Braun, one of the village’s organizers.
‘They need to be identified and addressed, regardless of the environment in which they are found.’
Participants will have a chance to hack into more than five types of voting machines from manufacturers including Elections Systems & Software and Dominion Voting.
Last year a Danish researcher figured out how to take control of a touch-screen voting system used through 2014 in a remote hack that organizers said could work from up to 1,000 feet away.
A group representing U.S. secretaries of state lauded the goal of bolstering election security, but warned that the findings might be skewed.
‘It utilizes a pseudo environment which in no way replicates state election systems, networks or physical security,’ the National Association of Secretaries of State said in a statement.
‘Providing conference attendees with unlimited physical access to voting machines, most of which are no longer in use, does not replicate accurate physical and cyber protections established by state and local governments before and on Election Day,’ the group said.
Verified Voting, an advocacy group that helped organize the hacking village, said that some of the voting machine models being tested are still used to tally votes across the United States.
One system, the Dominion Premier/Diebold AccuVote TSx system, is used in 20 states and 23,784 precincts, according to Verified Voting.
WHAT IS THE US CYBER WARFARE COMMAND?
President Donald Trump ordered the US military in August 2017 to elevate its cyber warfare operations to a separate command.
The command centre, called the US Cyber Command or Cybercom, focuses on cyber warfare – such as government hacking campaigns.
It protects the United States from hostile online forces and helps the US pursue its own cyberwarfare objectives.
According to the New York Times, Cybercom has previously placed ‘implants’ in Islamic State group networks that let experts monitor the group’s behaviour and ultimately imitate or alter commanders’ messages so they unwittingly direct fighters to areas likely to be hit by drone or plane strikes.
Another technique likely being employed is a common type of cyber attack known as a denial of service.
The move was a response to a number of recent major cyber security incidents – such as Russian hacks during the 2016 election.
Cyber Command is now in the process of recruiting hundreds of skilled cyber operators to help with defensive and offensive operations.
It is headquartered in Fort Meade, Maryland and will eventually comprise almost 6,200 personnel organized into 133 teams.
These ‘Cyber Mission Force’ teams are already actively conducting operations and will achieve full operational capability by the end of fiscal year 2018.
Cyber warfare operations had previously been run under the umbrella of the National Security Agency, the country’s main electronic spying agency.
THE CONCRETE THAT COULD SHIELD AGAINST EMP ATTACKS
Engineers at the University of Nebraska-Lincoln have developed a type of concrete that could act as a shield against ‘doomsday’ electromagnetic pulse attacks.
The conductive concrete both absorbs and reflects electromagnetic waves to protect the electronics inside, and the creators say it could be used in new structures or applied through a spray-on method to retrofit existing buildings.
The researchers created a concrete that conducts electricity, replacing some of the standard concrete materials with magnetite.
The concrete also includes carbon and metal components, enhancing its absorbing abilities and allowing it to reflect as well.
The new concrete is now available for commercialization, and the team has joined with ABC Group in a research agreement for a new patent-pending pending product that would work with a shotcrete construction method, a spray-on technique that would allow for cost-effective retrofitting.