Tag Archive for: Means

The lessons military planners are learning from the Ukraine invasion and what it means if the UK went to war with Russia | World News

/in


Throughout the Cold War, Britain’s military planners thought long and hard about what was needed to beat the Soviets if World War Three ever broke out.

Assuming both sides weren’t annihilated by nuclear weapons, they assumed a Soviet invasion would lead to a war in western Europe, and trained and equipped UK forces would need to counter that threat.

With the collapse of the Soviet Union, it was believed that the threat was no longer there, and came from other places.

But the invasion of Ukraine has changed all of that. While analysts say a direct conflict between NATO and Russia is unlikely, it is possible – particularly in the Baltic states, or Finland.

The Ukraine war is providing a golden opportunity for British and NATO military planners to observe Russia fighting on the battlefield and to plan accordingly. Here, according to former Royal United Services Institute (RUSI) head Professor Michael Clarke and retired Air Vice Marshal Sean Bell, are a few of the lessons the MoD will be taking on board.

1. The days of purely expeditionary conflicts are over

For years, since the fall of the Berlin Wall in 1989, the belief was that Western armed forces would only ever have to take part in what was known as ‘expeditionary’ wars. These are conflicts involving a strong military force going into a situation in which it has superiority, so it can win easily – for example the Gulf and Iraq wars and conflicts in Sierra Leone and Kosovo.

Now, the threat of an encounter with Russia – regarded as a military peer – is very present and it is arguable the British and other allied forces are not yet equipped for that.

Prof Clarke, former director of the RUSI and a fellow of Kings College London, told Sky News: “With British military planners … the idea of having to go all-out to fight a proper big war was ‘we’ll only do it with the US and certainly won’t be doing it for, let’s say, the next 10 years’.

“24 February showed that… Russia is now a manifest threat and will be for as long as Putin is in power and probably his successor as well. It is THE problem of European stability and security.”

Expeditionary wars of which the 2003 invasion of Iraq was one will no longer be the only type of conflict planners have to prepare for. Pic: AP
Image:
Expeditionary wars, of which the 2003 invasion of Iraq was…

Source…

What China’s targeting of US telecoms means for post-quantum security

/in


Ceding the initiative to an adversary is a difficult position to recover from — even in cyberspace. Chinese state-sponsored cyber actors are seizing the initiative to exploit publicly known vulnerabilities to unpatched network devices, such as home office routers, to compromise major U.S. telecommunications companies and network service providers, the FBI and other agencies warn in the latest joint cybersecurity advisory

These cyber actors are infiltrating victims’ accounts by “using publicly available exploit code against virtual private network (VPN) services, or public facing applications — without using their own distinctive or identifying malware — so long as the actors acted before victim organizations updated their systems,” the advisory explained. 

While defending against common vulnerabilities is essential, the Biden administration must maintain the initiative against post-quantum cryptography threats. Post-quantum refers to the stage when quantum computers advance to “a sufficient size and level of sophistication” that they break the cryptography that secures our digital communications and financial transactions on the internet. These systems are cryptanalytically relevant quantum computers, meaning they could pose significant national, economic and cybersecurity risks to the United States by weakening the public-key cryptography we rely on to communicate.

It is not a question of if, but when cryptanalytically relevant quantum computers will be developed, according to the White House’s fact sheet on quantum technologies, which estimates this milestone is attainable “at some point in the not-too-distant future.”

Last May, the Biden administration enacted two directives to expand the 2018 National Quantum Initiative Act: an executive order establishing a committee to advise the White House about the National Quantum Initiative program; and the National Security Memorandum on Promoting United States Leadership in Quantum Computing. The memorandum warns that quantum information science presents significant security risks to cryptographic systems that safeguard critical infrastructure and secure military and civilian…

Source…

An Internet of Things Future Means Securing Entire Supply-Chains

/in


By Nils Gerhardt, Chief Technology Officer for Utimaco

The ‘Internet of Things’ (or IoT) is far more than smart speakers and app-connected lightbulbs: in less than a decade it has gone from a buzzword to a vital part of tens of thousands of businesses, and by 2030 the industry could be worth $12.6 globally.

Its value proposition is clear: ‘data’ is being created everywhere, whether it is traffic and footfall flows or CO2 emissions, and a vast network of sensors can capture that data. Once collected it can be analysed – something that is much easier now that cloud computing gives anyone access to the capabilities of a supercomputer. Devices can then make changes as needed.

This is already powering ‘smart cities’, though we are only just beginning to utilise its full potential, and is a key component in Industry 4.0, a term for the ‘fourth industrial revolution’ in manufacturing in which every component in a production line exists as much in the digital as the physical world, with 5G networks constantly exchanging data to make factories more efficient and proactively address maintenance problems. Combined with robotics, autonomous systems and 3D printing, a factory or warehouse could potentially run without the need for humans.

Of course, anywhere that data is being exchanged through internet-connected components is a potential vector for attack. We have already seen how ransomware can have devastating consequences in industrial settings, but imagine what could be done if bad actors gained access to a factory, oil refinery or energy production facility’s IoT network. By just increasing the amount of torque a robotic screwdriver uses they could ruin whole batches of products, or by turning off heatsinks they could start a fire. More worrying, IoT systems have already been hijacked and turned into huge botnets. This could mean that tens of thousands of smart devices could be turned into spam email servers, or they could flood targets with traffic in Distributed Denial of Service (DDoS) attacks.

Does network always mean vulnerability?

In a business ‘campus’ in which everything is connected to everything else, one wireless thermostat with an unpatched…

Source…

Inside the $625 Million Axie Hack and What It Means for Crypto Gaming

/in


Videogames based on blockchain networks appear to be a prime target for thieves, raising more concerns about the security of cryptocurrencies held on these decentralized gaming networks.

Thieves targeting Axie Infinity, a popular blockchain-based videogame, made off with 173,600 ether tokens and $25.5 million in USDC, a type of stablecoin that is pegged to the dollar. The theft occurred on March 23, according to developers of Axie, but was announced publicly on March 29. At recent prices for ether, the heist was worth about $615 million, down slightly from the $625 million value when the theft was disclosed.

Axie is a “play-to-earn” game in which users create and collect virtual pets. The creatures are nonfungible tokens, or NFTs, that are traded in the game, using various cryptos as currency. The hack occurred on a blockchain “bridge” network called Ronin, which is used for transferring cryptos between the Ethereum network and Axie. Sky Mavis, the Vietnam-based game studio behind Axie, manages Ronin.

The Ronin hack is disconcerting, partly because of the size of the theft, but also because of how it transpired. Ronin is managed by just nine computer “nodes” that validate transactions in the network. Typically, it takes a majority of nodes to form a consensus on the validity of a transaction, enabling it to be recorded on the blockchain. In this case, the hackers gaining control of just five nodes did the trick.

Axie said it “recruited an all star cast of partners” to secure the Ronin network, according to its foundational white paper. But the attackers still managed to hack the nodes and forge fake withdrawals, Axie said in a post on the attack.

In response, Axie said it has increased the threshold for validating transactions to eight nodes from five, according to the Ronin’s Newsletter site. “While the investigations are ongoing, at this point we are certain that this was an external breach,” the site said on Wednesday. “All evidence points to this attack being socially engineered, rather than a technical flaw.”

Axie also said it is working with the blockchain data firms Chainalysis and




Source…