Tag Archives: Technology

KRACK attack: beware of public Wi-Fi

Why can KRACK be so dangerous?

Cybersecurity experts have discovered a critical weakness in Wi-Fi connections that could make your private information vulnerable to cyber criminals. The threat is called KRACK (key reinstallation attacks) and could allow someone to steal information sent over your private Wi-Fi or any open connections you might access in public places like coffee shops.

KRACK is dangerous because it affects so many people. Most people who connect wirelessly to the internet through Wi-Fi on their phone, tablet, laptop, etc. do so using the WPA2 (Wi-Fi Protected Access) protocol that helps keep your information safe by encrypting it—making it a secret code. Only now, KRACK has made it much less protected because thieves may be able to decypher the code that protects your information, and read it whenever they want.

Cyber criminals can also use KRACK to modify wirelessly transmitted data to and from the websites you visit. You might think you’re going to your bank’s website, when in reality you’re at a fake phishing site made to look like it. You unknowingly enter your username and password, and the thieves now can record that information.

How do I protect myself?

Update your operating system

Update your OS ASAP. In the meantime, Apple, Google and others are presumably working to roll out a patch to protect against KRACK.

Microsoft just announced it included a patch in an October 10th security update. For Windows customers who have their “Windows Update enabled and applied the security updates,” they’re automatically protected from the KRACK threat, according to Windows Central.

However, don’t assume you’re protected. Even if you’re a Windows user, double check you have the latest security updates.

Use Wi-Fi networks only when necessary

Until you’ve installed the security KRACK patch, avoid using Wi-Fi connections, both at home and especially public hotspots. Your home Wi-Fi connection is slightly more secure only because cyber thieves need to be relatively close to your physical location to steal your data. But that doesn’t mean you’re safe at home or in public.

If you absolutely need to use a wireless network, make sure you’re not transmitting confidential info like your SSN, credit card number, or bank information.

If possible, hardwire your wirelessly connected devices back to your modem/router. Cyber criminals can’t steal signals out of the air if they’re not there, so find that yellow ethernet cable you stashed somewhere in a drawer and use it to connect to as many devices as possible.

Update your wireless router’s firmware

Your router’s firmware helps it work correctly with your devices, so keep it up-to-date. When the security patch rolls out, you don’t want any issues with conflicting or unsupported firmware versions. Updating your router’s firmware is a relatively painless process.

Configure your router so only your approved devices can connect to the network. Each of your devices has a media access control (MAC) address that uniquely identifies it to work with the network. Configure your router to only allow listed devices. The process may differ depending on your router brand.

Hide your Wi-Fi network so even those close enough to detect your signal won’t see it listed. Hiding your network won’t stop dedicated hackers from eventually finding it, but it will create another step they must go through, which is your goal until the patch comes through. It’s likely it will take developers some time to adequately address KRACK, so stay vigilant.

Avoid unencrypted websites

Encrypted websites contain an HTTPS at the beginning of their URL’s. The information you send and receive to them is secure. Websites that only use the HTTP are NOT encrypted. So use HTTPS sites as much as possible. HTTPS Everywhere is a browser plugin that automatically switches thousands of sites from HTTP to HTTPS.

Get some good cybersecurity software

Having cybersecurity software always helps mitigate risk. For critical attacks like KRACK, it’s especially important to add as many layers of protection as possible.

What information can be stolen?

Anything you can send wirelessly over the internet. So, pretty much everything. Passwords, credit card numbers, voice messages, pictures, texts, and the like. Again, this goes for both public and private wireless networks, so your info could be stolen while you’re signed in to the library’s Wi-Fi network or when you’re texting someone from your living room. Deactivate your cell phone’s Wi-Fi connection until you’ve gotten the fix from your OS developer or stay on 3G network for data transfer.

Can it affect my devices?

Strictly speaking, no. Neither your wirelessly connected devices nor your router are being directly targeted. Unlike ransomware, thieves aren’t KRACKing into your device and threatening to destroy your information. It’s more of an elaborate heist job than a hostage situation. They want to decrypt the protocol, to eavesdrop on what your devices are saying. They’re interested in the info not who is talking. More importantly, thieves want to go unnoticed.

How did the KRACK vulnerability happen?

Your cell phone and Wi-Fi device (i.e. modem) need to “talk” to each other decide on how to work together transmit data. The language they use is called a protocol, or system of rules. The protocol is encrypted for privacy. It’s like if two people switched to a different language to discuss something privately. If you don’t know the language, you’re in the dark. That’s how your information is kept private when sent over Wi-Fi.

But the KRACK attack gives cyber criminals an opening to decrypt the information sent. It would be like someone bringing an interpreter to the couple’s private discussion. They now can overhear everything that’s being said.

Can I tell if someone’s stealing my info over Wi-Fi?

As of yet, there’s no way to know if someone is KRACKing your wireless access. That’s why it’s especially important to keep an eye out for an update, and to follow the safety recommendations above.

 

 

The post KRACK attack: beware of public Wi-Fi appeared first on Panda Security Mediacenter.

Read More

Ada Lovelace Day: celebrating women in technology

By the 1800s, long before the famous Enigma machine and military computerization to decipher codes, a Victorian woman trapped in a patriarchal world, glimpsed the potential reach of computing and the change it would impose on humanity.

The post Ada Lovelace Day: celebrating women in technology appeared first on WeLiveSecurity

Read More

Bionic employees and biohacking

pandasecurity-biohacking

Wireless chips are an increasingly important part of day-to-day life. We use contactless cards to pay for goods, they have replaced travel tickets, and many people even use embedded chips to access their offices at work.

But almost every chip required another plastic card – pretty soon you end up with a wallet full of contactless cards. Which is why some individuals have taken an extreme approach that allows them to do away with the cards altogether.

Embedding embedded chips

The chip inside a contactless card which provides all the clever intelligent functionality is actually extremely small. In fact, it is probably no larger than a grain of rice – which means that most of the plastic card it is embedded in is just wasted space.

As a result, some people are choosing to have the chips surgically implanted in their skin. The process is very similar to the microchipping technique used to help identify lost pets.

Once implanted, you can never leave home without your contactless card again. It also means that you can tell your friends you’re a bionic human!

Gaining acceptance

What was once a niche hobby for hardware hackers and geeks is now gaining more widespread acceptance. One American firm – Three Square Market – is even offering these wireless bionic implants to employees, replacing traditional door access cards and cash payments in the office canteen.

Other businesses are already looking at ways to take these implants to the next level. More than simply replacing existing electronics systems, they are looking at ways to enhance our biological capabilities. Some hope that one day humans will be able to navigate in the dark using echolocation like a bat, or to see colours in the normally-invisible infra-red spectrum for instance.

Obviously, there are ethical questions about these kinds of projects, but there are also concerns about security. If people are worried about AI being hacked and destroying the world, should they not have the same fears about bionic humans who meld biology and wireless technology?

There are already some serious issues to consider

The reason that existing implants work so well is because they simply replicate existing systems. Embedding your bank card’s chip under the skin allows you to tap-and-pay in-store for instance. But in the same way that someone can “skim” your contactless card to steal cash, criminals could also scan the card under your skin without your permission. People with embedded chips will need to pay extra attention to where they put their hands if they want to avoid being scammed!

On the plus side, current embedded chips are not designed to perform serious computing activities. Hackers may be able to read the chip contents without permission, but they cannot (yet) upload viruses or other malware to them. And because these chips are not connected to the human nervous system, they cannot be used to take over someone’s body.

As bionic chips improve, bionic hacking will undoubtedly become a real issue. Fortunately, technology has not yet brought us to that point. Which is great news for early adopters of implanted chips.

The post Bionic employees and biohacking appeared first on Panda Security Mediacenter.

Read More

Bionic employees and biohacking

pandasecurity-biohacking

Wireless chips are an increasingly important part of day-to-day life. We use contactless cards to pay for goods, they have replaced travel tickets, and many people even use embedded chips to access their offices at work.

But almost every chip required another plastic card – pretty soon you end up with a wallet full of contactless cards. Which is why some individuals have taken an extreme approach that allows them to do away with the cards altogether.

Embedding embedded chips

The chip inside a contactless card which provides all the clever intelligent functionality is actually extremely small. In fact, it is probably no larger than a grain of rice – which means that most of the plastic card it is embedded in is just wasted space.

As a result, some people are choosing to have the chips surgically implanted in their skin. The process is very similar to the microchipping technique used to help identify lost pets.

Once implanted, you can never leave home without your contactless card again. It also means that you can tell your friends you’re a bionic human!

Gaining acceptance

What was once a niche hobby for hardware hackers and geeks is now gaining more widespread acceptance. One American firm – Three Square Market – is even offering these wireless bionic implants to employees, replacing traditional door access cards and cash payments in the office canteen.

Other businesses are already looking at ways to take these implants to the next level. More than simply replacing existing electronics systems, they are looking at ways to enhance our biological capabilities. Some hope that one day humans will be able to navigate in the dark using echolocation like a bat, or to see colours in the normally-invisible infra-red spectrum for instance.

Obviously, there are ethical questions about these kinds of projects, but there are also concerns about security. If people are worried about AI being hacked and destroying the world, should they not have the same fears about bionic humans who meld biology and wireless technology?

There are already some serious issues to consider

The reason that existing implants work so well is because they simply replicate existing systems. Embedding your bank card’s chip under the skin allows you to tap-and-pay in-store for instance. But in the same way that someone can “skim” your contactless card to steal cash, criminals could also scan the card under your skin without your permission. People with embedded chips will need to pay extra attention to where they put their hands if they want to avoid being scammed!

On the plus side, current embedded chips are not designed to perform serious computing activities. Hackers may be able to read the chip contents without permission, but they cannot (yet) upload viruses or other malware to them. And because these chips are not connected to the human nervous system, they cannot be used to take over someone’s body.

As bionic chips improve, bionic hacking will undoubtedly become a real issue. Fortunately, technology has not yet brought us to that point. Which is great news for early adopters of implanted chips.

The post Bionic employees and biohacking appeared first on Panda Security Mediacenter.

Read More

Artificial Intelligence: Myth and Reality

pandasecurity-artificial-intelligence-myths

As Artificial Intelligence (AI) begins to find practical applications in day-to-day life, we are hearing more and more about it. In amongst the success stories are countless warnings of a Terminator-like future where self-aware robots take over the world.

So how can you separate fact from fiction, and could humanity really be eradicated by intelligent computers?

Computers will be more intelligent than people within the next 50 years – MYTH

Computer scientists are still divided over whether artificial intelligence will ever outperform humans. Computers are capable of storing and analysing huge amounts of data – much more than people – but they lack the intuition that makes us human.

Whether AI becomes more intelligent, or is able to appear more intelligent than us, remains unclear. Without the ability to display and read emotions, AI will never have the complete skillset that defines human intelligence.

Artificial Intelligence will destroy humanity – MYTH

Many philosophers ask the question, ‘What happens if machines achieve self-awareness?’ If AI can think for itself, could it act for itself? And what would it do to protect itself?

These questions formed the basis for The Terminator, and the movie has been scaring ordinary people ever since. Could AI wipe out humanity if it felt threatened?

The answer is…probably not. Artificial Intelligence systems run according to pre-defined parameters, helping to ensure they stay on track, solving the problems for which they were invented. Unless someone makes a mistake creating these parameters, the system is unlikely to develop “evil” tendencies.

AI can control people – FACT

We tend to think that only other humans can control us because we interact with them in the real world. But the reality is that our thoughts, feelings and emotions are manipulated by machines all the time.

Many of the adverts we see online are already designed and targeted using AI. Take Amazon for instance – they keep a record of every product you ever search for. AI then uses that information to arrange for you to see adverts for those products on other websites you visit. Known as “retargeting”, by continually showing us the same product AI begins to influence our interests – and many people do end up making a purchase.

As AI develops, these techniques will become more effective. AI may not completely “control” us, but it can certainly motivate us to act in specific ways.

AI is hack-proof – MYTH

Just because AI demonstrates intelligence, it is still little more than a complex computer program. Which means that it can be hacked.

Sophisticated cybercriminals could change the parameters used to control the AI system, allowing it to develop in unexpected ways – such as gaining Terminator-style self-awareness. More likely, AI will be directed to perpetuating other criminal activities, like bank fraud.

The future of AI isn’t really scary at all

As AI develops, systems may get better at identifying cyberattacks and protecting themselves. But for the foreseeable future, AI will need the same protections as your notebook computer – a decent anti-malware application, protected by a firewall to monitor network connections and block malicious activity.

Although you probably don’t have much dealing with AI in your house, there’s no reason to leave your computers unprotected. Download a free trial of Panda Protection and keep hackers away from your personal data.

The post Artificial Intelligence: Myth and Reality appeared first on Panda Security Mediacenter.

Read More

Artificial Intelligence: Myth and Reality

pandasecurity-artificial-intelligence-myths

As Artificial Intelligence (AI) begins to find practical applications in day-to-day life, we are hearing more and more about it. In amongst the success stories are countless warnings of a Terminator-like future where self-aware robots take over the world.

So how can you separate fact from fiction, and could humanity really be eradicated by intelligent computers?

Computers will be more intelligent than people within the next 50 years – MYTH

Computer scientists are still divided over whether artificial intelligence will ever outperform humans. Computers are capable of storing and analysing huge amounts of data – much more than people – but they lack the intuition that makes us human.

Whether AI becomes more intelligent, or is able to appear more intelligent than us, remains unclear. Without the ability to display and read emotions, AI will never have the complete skillset that defines human intelligence.

Artificial Intelligence will destroy humanity – MYTH

Many philosophers ask the question, ‘What happens if machines achieve self-awareness?’ If AI can think for itself, could it act for itself? And what would it do to protect itself?

These questions formed the basis for The Terminator, and the movie has been scaring ordinary people ever since. Could AI wipe out humanity if it felt threatened?

The answer is…probably not. Artificial Intelligence systems run according to pre-defined parameters, helping to ensure they stay on track, solving the problems for which they were invented. Unless someone makes a mistake creating these parameters, the system is unlikely to develop “evil” tendencies.

AI can control people – FACT

We tend to think that only other humans can control us because we interact with them in the real world. But the reality is that our thoughts, feelings and emotions are manipulated by machines all the time.

Many of the adverts we see online are already designed and targeted using AI. Take Amazon for instance – they keep a record of every product you ever search for. AI then uses that information to arrange for you to see adverts for those products on other websites you visit. Known as “retargeting”, by continually showing us the same product AI begins to influence our interests – and many people do end up making a purchase.

As AI develops, these techniques will become more effective. AI may not completely “control” us, but it can certainly motivate us to act in specific ways.

AI is hack-proof – MYTH

Just because AI demonstrates intelligence, it is still little more than a complex computer program. Which means that it can be hacked.

Sophisticated cybercriminals could change the parameters used to control the AI system, allowing it to develop in unexpected ways – such as gaining Terminator-style self-awareness. More likely, AI will be directed to perpetuating other criminal activities, like bank fraud.

The future of AI isn’t really scary at all

As AI develops, systems may get better at identifying cyberattacks and protecting themselves. But for the foreseeable future, AI will need the same protections as your notebook computer – a decent anti-malware application, protected by a firewall to monitor network connections and block malicious activity.

Although you probably don’t have much dealing with AI in your house, there’s no reason to leave your computers unprotected. Download a free trial of Panda Protection and keep hackers away from your personal data.

The post Artificial Intelligence: Myth and Reality appeared first on Panda Security Mediacenter.

Read More

Oreo and the sweet history of Android versions

Oreo Android, the sweetest version?

What does an Oreo cookie, a donut, a marshmallow or a lollipop have to do with your smartphone? Well, believe it or not, the names of all those sweets indicate the Android operating system installed on your cell phone.

After months of speculation about the new features to be included in the new Android operating system, August 21, the day of the solar eclipse, was the date chosen by Google’s engineers to unveil Android 8.0, codenamed Oreo. This new version allows you to minimize videos to a small window in any corner of your screen so that you can video chat while you’re checking your calendar or writing an email, for example.

However, the trend of codenaming Android releases after sweets and desserts is nothing new. Despite Android’s first two versions were unnamed: Android 1.0 (launched in September 2008) and Android 1.1 (released a year and a half after the first one), all subsequent Android versions have received tastier names than their predecessors.

Android Cupcake

Version 1.1 was followed three months later by version 1.5 (April 2009). Despite incorporating some really cool features (such as the ability to associate the contacts on your phone to pictures, or record videos in MPEG-4 and 3GP formats), this release is mainly remembered for being the first one codenamed after something as sweet as a cupcake.

From then on, all new Android versions have received a name that is irresistible for those with a sweet tooth.

Android Donut

If it was not tasty enough, Android Cupcake was followed by Android Donut in September 2009. This version, which featured a quick search box and major improvements to Android Market,  was followed a month later by Eclair (Android 2.0 and 2.1), with amazing live wallpapers which responded to your touch. Additionally, Eclair included live traffic information that allowed users to choose the fastest way to get to their destination.

Frozen yogurt

Almost a year after Eclair’s release, Android decided it was time to offer users another delicacy with the launch of Froyo, short for “frozen yogurt.” This new version enabled users to control their phones using their voice.

Gingerbread

In December 2010, seven months after Froyo was released, Android announced the launch of Ginberbread. This codename was used to refer to versions 2.3 and 2.3.7, which provided a smooth experience for both users and app developers. This release introduced support for NFC communication, which allows users to, among other things, make payments with their phone as if it were a credit card.

An Android version as sweet as honey

Just three months after the release of Gingerbread, Android launched Honeycomb in March 2011. Honeycomb was the first Android operating system specifically adapted for work with tablets, and featured a simple interface that allowed the use of wide-format images.

Ice cream sandwiches

Several months had to pass before Android 4.0, codenamed Ice Cream Sandwich, was released in October 2011. This version managed to satisfy users’ sweet tooth once again, with its new control technology and customization options.

Jelly beans

Almost an entire year had to pass before Android 4.1, Jelly Bean, came out  in July 2012. Jelly Bean was the first operating system to include a personal assistant with Artificial Intelligence. Plus, it provided the ability to use different user accounts on the same cell phone.

After a long break… Kit Kat

The technological advances included in Android 4.1 were so widely acclaimed that users had to wait more than a year for the next Android version. However, after the long wait, October 2013 saw the release of Android Kit Kat and its revolutionary ‘OK Google’. ‘OK Google’ allowed people to start a voice search, get driving directions or play a song without even touching their phones – just verbally saying the phrase.

Lollipop

Android Lollipop, released in November 2014, allowed the operating system to make the jump from smartphones and tablets to other types of devices. This update, which spanned versions between 5.0 and 5.1.1, marked the birth of the Android-based smartwatches, smart cars and smart TVs.

Marshmallow

It looks as if, after Jelly Bean, Android made the decision to launch a single new version per year.  So, 13 months after Lollipop was launched, Google released Android Marshmallow in October 2015. User devices (now spanning not only tablets and smartphones, but all sorts of devices), became even tastier with the new Google Now on Tap, a feature that provided quicker shortcuts and smarter replies, as well as improved security features.

Summer nougat

June 2016 saw the release of Android Nougat. This version included a new Multi-Window mode and support for a new virtual reality platform called Daydream.

Some years ago, getting your phone wet was lethal. Today, however, Samsung’s latest spot for the launch of the Galaxy S8 smartphone features people taking pictures with their cell phones from the bottom of a swimming pool. Who knows if Android version 35, if Google continues with its habit of releasing a new version each year, will allow us to command our smartphone or smartwatch to make us some chocolate cookies…

The post Oreo and the sweet history of Android versions appeared first on Panda Security Mediacenter.

Read More

Facebook Telepathy Texting – Could It Be Hacked?

Is telepathy texting the next step in technology communications?

With over 2 billion registered members, Facebook is the world’s most popular online service. But to maintain that title, Facebook is constantly developing new services to keep people logging in. In a recent video conference, Facebook chief Mark Zuckerberg discussed one of the cutting edge projects his team are working on. The top secret Building 8 division has begun to develop what they call a “direct brain interface”, or the technology that would allow to text by “telepathy”.

What would you do with a direct brain interface?

The direct brain interface is intended to capture the words you plan to speak as they pass through your brain. These thoughts would then be converted into text, ready for transmission – to a nearby screen, or even directly into the mind of another person using a similar interface.

Initially, Facebook hopes that their new technology will allow people with brain injuries or communication problems finally “speak” with the outside world. One scientist working on the project believes such a device would be “as transformative as the computer mouse”.

Taking the direct brain interface mainstream

Once the medical application has been proven, Facebook would naturally expect to take the interface mainstream. Zuckerberg described how he would like to see the technology used to send messages telepathically between Facebook users.

Because the technology is “decades” from release, it is hard to properly imagine what the interface could do. At the most basic level it will probably work like a person-to-person version of the Facebook Messenger app. Presumably users would be able to send text messages direct to the brain of their friends, anywhere in the world without having to lift a finger, or making a sound.

The potential for problems

Just like any computing device, there is always a potential risk that the direct brain interface could be hacked. Again, the specifics of such an attack are hard to guess, but could be relatively harmless, such as receiving unwanted advertising messages directly into the brain.

The outcomes of a cyberattack could conceivably be far worse too. Malware that increases processor activity could cause the interface to overheat, damaging the brain for instance. As the Stuxnet virus demonstrated, malware can cause physical damage. But if that damage is caused to devices connected directly to the human brain, the results could be catastrophic – potentially fatal.

Plenty of time to prepare

The good news is that Facebook’s telepathic text system is still a long, long way from even having something to test. It will be many years before we see a working prototype, let alone a unit that we can actually buy.

In the meantime, engineers will be hard at work developing security measures to protect users against hackers and malware. And as devices finally start to appear, you can expect to see new anti-malware products going on sale to add an extra layer of defence.

In the meantime, why not check if Facebook Messenger is properly protected on your phone with a free Panda Mobile Security download

The post Facebook Telepathy Texting – Could It Be Hacked? appeared first on Panda Security Mediacenter.

Read More

Boarding Passes May Soon Be Part of the Past with Biometric

Are the Biometric security sistem safe?

Back in June, the Department of Homeland Security (DHS) released a privacy impact assessment update for the Traveler Verification Service (TVS). The update is aimed at international travelers and reveals further developments and expanding on the biometric entry-exit airport system throughout the US. Intended to improve security and ease boarding time, DHS and Customs and Border Protection (CBP) began implementing a face recognition technology on every person boarding an international flight. Similar to the fictional technology shown in the TV show Person of Interest, CBP partnering with commercial air carriers are now capturing facial images of individuals exiting the US, and those images are matched with pictures of previously captured photos of the same people. Once the technology becomes a standard, we may no longer have to show our passes to the airport staff before we board a plane.

International airports

Currently, there are at least five international airports in the US with such devices in place. The airports are in Houston, Washington D.C., Atlanta, Chicago and Las Vegas. There is no public information about the success rate of the new system, but CBP hopes for an accuracy rate of at least 96%. Travelers are informed about the procedure through airport announcements as well as signs stating ‘The airline of choice is collecting facial images and sharing them with the CBP to verify each traveler’s identity and to create a record of departure from the US.’

What about US citizens?

When released, the news immediately became viral as the update confirmed the new safety measure would be partially implemented towards US citizens too. The update highlights the fact that images of US citizens will not be stored for the future and the data will be used solely for verification purposes and will be deleted by the end of the flight. However, during ConectID back in May, John Wagner, deputy assistant commissioner at CBP said that even though they are not planning on storing biometric tracking information of US citizens, exceptions might be made as long as the right privacy approvals are obtained. So briefly, it is possible facial scans of exit travelers, that include US citizens, to be stored for the future.

Why is the government spending hundreds of millions of dollars on the new face recognition technology?

According to the New York Times, there is no tax payers’ money involved, as the technology is funded by visa fee surcharges of up to $1 billion expected to be collected over the next ten years. One of President Trump’s campaign promises was to support DHS and CPB in their fight against illegal immigration to the US. You may wonder why President Trump would sign a bill about the exiting travelers? Apparently, the majority of undocumented immigrants in the US come to the US as legal visa holders but then remain in the US undocumented. The new technology hopes that it will help tackle the problem with non-immigrants who overstay their visits in the US.

How is this affecting you as a US citizen?

If you are a US citizen, as a matter of law, government agencies cannot spy on you. They may monitor your behavior, but technically it is not considered spying as they are executing such monitoring to keep the US safe. Government agencies such as DHS, CBP, CIA, and NSA are in place to defend US interests. There is no doubt in the intentions of the government agencies. However, things get horribly wrong when the information gets stolen, or when a public body employee with access to highly classified information decides to make a career as a whistleblower.

As we have seen with documents released by WikiLeaks and Michael Snowden, sometimes leaks happen, and sensitive personal information ends in the hands of the people who are not supposed to have it. Even though WikiLeaks editor-in-chief Julian Assange often says leaks do not pose a real risk to soldiers or civilians, this is not always the case as sensitive information is known to have been used against the US interests. Leaks such as Vault 7, confirm the fact that hacking tools and information stolen from US government agencies have been and could be again used against US citizens. Same goes for biometric information.

Facial recognition is becoming part of our lives as it is rumored the next version of iPhone will join the family of smartphones with this feature. We sincerely hope the images will be securely kept and air travel service providers will be heavily regulated not to store passenger’s biometric information. As you can imagine, there will be serious repercussions if such information ends up in the wrong hands and suddenly phones become easily hackable. The last thing we want is for hackers to have access to a database that contains information about traveling fellow Americans.

The post Boarding Passes May Soon Be Part of the Past with Biometric appeared first on Panda Security Mediacenter.

Read More

Hackers target energy and utility firms

Why cyber warfare is becoming so important

In the early stages of any war, the first action is to try and disrupt the infrastructure of an enemy. In recent years, this means risking people’s lives to bomb key infrastructure, like power plants, bridges and fuel depots.

With key utilities crippled, society quickly breaks down, making it very hard for the country to continue. Were all of the UK’s power stations to be destroyed, daily life would change drastically. There would be immediate shortages of almost every resource, placing great strain on the population. Some estimates suggest that as much as 90% of the total population may die if power could not be restored within a matter of days.

Taking warfare online

To attack enemy infrastructure, an army must risk its soldiers’ lives. A successful campaign looks to minimise those risks as much as possible. Which is why cyber warfare is becoming so important.

Most utility infrastructure is now computer-controlled, which means it is also connected to a network, allowing data to be moved around the facility. If this network can be compromised by hackers, they can take control of key systems inside the power plant. In the event of actual war, these compromised systems can be used to take down the power grid completely.

Using cyber warfare techniques, nation states can attack each other without endangering any of their troops.

Cyber warfare is a genuine threat to society

This scenario sounds like a science fiction story – but we are already seeing these techniques being used in the real world. Ukraine has experienced a number of serious cyberattacks in recent years, taking key infrastructure offline for several hours at a time.

Expert analysis shows that these coordinated attacks are being organised from outside Ukraine itself. Indeed, some even suspect that the attacks are being sanctioned by the Russian government in an effort to maintain political influence within Ukraine.

Be prepared

Serious attacks against power stations and utilities are thankfully relatively rare. Indeed, Ukraine appears to be the only country to have publicly acknowledged that their infrastructure has been attacked by a hostile third party.

But that does not mean these kinds of attacks will not become more commonplace. Governments across the world are already creating cybersecurity teams to identify and block attacks to protect national infrastructure and avert a disaster.

In the meantime, we can all play a part in helping to protect against cyberattack. By installing antimalware tools, you can prevent hackers from using your computer as part of an attack. The more computers we can protect, the harder it becomes for attacks to succeed.

You can get started right away – download a free trial of Panda Protection now.

The post Hackers target energy and utility firms appeared first on Panda Security Mediacenter.

Read More