Tech,Space,Gaming, and Science Fiction News to wet your whistle
On the Horizon: Parasitic Malware Will Feast on Critical Infrastructure
Parasitic malware, which seeks to steal processing power, has traditionally targeted computers and mobile devices. In the coming years, this type of malware will evolve to target more powerful, industrial sources of processing power such as Industrial Control Systems (ICS), cloud infrastructures, critical national infrastructure (CNI) and the IoT. The malware's primary goal will be to feast on processing power, remaining undetected for as long as possible. Services will be significantly disrupted, becoming entirely unresponsive as they have the life sucked out of them.
At the Information Security Forum, we anticipate that unprepared organizations will have a wide, and often unmonitored, attack surface that can be targeted by parasitic malware. They will see infected devices constantly running at full capacity, raising electricity costs and compromising functionality. Systems will degrade, in some cases leading to unexpected failure that halts critical services.
Every organization will be susceptible to parasitic malware. However, environments with high power consumption (such as power stations, water and waste treatment plants and data centers) and those reliant on industrial IoT (such as computerized warehouses, automated factories and smart cities) will become enticing targets for malicious attackers as high-power consumption tends to mask the energy usage of parasitic malware.
What is the Justification for This Threat?
ICS, combined with the increased adoption of IoT devices with greater processing power, will provide new and irresistible targets for parasitic malware. Additionally, smart cities have a high degree of digital adoption and, according to ISACA's 2018 Smart City survey, are particularly susceptible to malware.
'Cryptojacking' is a particularly popular strain of parasitic malware. It is installed on devices and steals processing power in order to illegally mine cryptocurrency. There has been a spectacular growth in cases of cryptojacking on computers and mobile devices and that this form of malware is taking over from ransomware as the most prevalent type of malware. Botnets, which also feast on processing power, are continuing to grow in scale and have already proved to have detrimental impacts on infected devices.
Parasitic malware infections on computers and other devices have already proven to generate significant costs to business. Their consumption of computational resources can cause business-critical systems to slow down or stop functioning entirely with compromised machines even infecting other network-connected devices. Parasitic malware can also exploit often overlooked security holes in a company's network. Organizations infected with parasitic malware are also likely to be vulnerable to other exploits and attacks, such as ransomware.
Given the significant power consumption of ICS and its relatively weak security, lack of monitoring and poor patching regimes, it will become the next frontier for parasitic malware. ICS environments often rely on older hardware and low-bandwidth networks. Consequently, even a slight increase in load could leave them unresponsive. Early 2018 saw the first documented cryptojacking malware attack on an ICS network, targeting a water utility in Europe. The attack was detected by chance before the network was compromised. However, it is just a matter of time before there is a successful attack and CNI is impacted by a serious infection.
Cloud infrastructure will also be a target for parasitic malware because it offers an attack surface with large amounts of processing power in an environment where computer resource consumption is difficult to monitor. In February 2018, Tesla found a strain of parasitic malware mining Monero on its AWS cloud servers. Although there was no major impact in this particular case, it indicates the potential for such malware to affect cloud environments.
How Can Your Organization Prepare?
Organizations should start implementing suitable controls to protect against parasitic malware holistically across the business, including areas that have ICS, IoT and cloud deployments.
About the author: Steve Durbin is Managing Director of the Information Security Forum (ISF). His main areas of focus include strategy, information technology, cyber security and the emerging security threat landscape across both the corporate and personal environments. Previously, he was senior vice president at Gartner.
NextVR has been partnering with the NBA to livesream games for the last two years , and now it's going to cover the upcoming Finals. After each game, the service will upload free-to-watch highlights in a new high-resolution format to its dedicated NextVR app, which works with most virtual reality headsets. Those with higher-end VR gear like the HTC Vive Pro will be able to fully appreciate the higher-resolution format, according to a press release. The company's partnership with the NBA continues to be the only regular VR sports programming across all mainstream American sports (along with the occasional golf tournament ). via Engadget RSS Feed https://ift.tt/2JmjptE If New feed item from http://www.engadget.com/rss-full.xml , t
ASUS is moving further into the cryptocurrency hardware market with a motherboard that can support up to 20 graphics cards, which are typically used for mining . The H370 Mining Master uses PCIe-over-USB ports for what ASUS says is sturdier, simpler connectivity than other mining-focused motherboards. You can manage each port and graphics card with on-board diagnostics. One feature scans your system when you boot up to determine the status of each port, while there are onboard LEDs that signify a problem with components such as memory or the processor (there's space for an Intel 8th-gen Core CPU ). ASUS has added some other features to optimize mining as well. The H370 Mining Master follows last year's B250 Mining Expert, which had room for 19 CPUs via PCIe ports. ASUS says that board had far more sales than it expected, which prompted the company to keep t
I've been a big fan of Botnik Studios , the comedy group responsible for internet gems like the neural network-generated Coachella lineup poster containing bands like "Billions of Mario." They've been putting out consistently great parodies of Scrubs scripts , ads for beef , and handsome names for boats , each of them made using a predictive text keyboard. I was curious about what exactly this meant and how I, too, could utilize AI to create viral hits, so I called up Botnik Studios CEO and former Clickhole writer Jamie Brew to explain in the video above. Botnik has a browser-based Predictive Writer that you can load up with "voices", hence its name, Voicebox. It works in a similar way to your phone's predictive text, by suggesting a group... Continue reading… via The Verge - Tech Posts https://ift.tt/2LaYqr4