Tag Archive for: stumped

Railways’ video surveillance system project stumped by lack of cyber security clearance

/in


After facing hurdles in the implementation of CCTV surveillance systems at major railway stations across the country, the Ministry of Railways has flagged a critical cyber safety issue involving national security with the NITI Aayog.

As part of enhanced security measures, the railways are implementing a Video Surveillance System at hundreds of railway stations in a phased manner. The project is being financed through the Nirbhaya Fund controlled by the Ministry of Women & Child Development.

Though funds were sanctioned and tenders finalised, there has been an inordinate delay in commencing the work since the Original Equipment Manufacturers (OEMs) of the surveillance cameras are reluctant to get cyber security testing done by the Standardisation Testing & Quality Certification (STQC) Directorate, Ministry of Electronics and Information Technology.

Also read: Four years on, mission to install CCTVs at railway stations derails

Despite constant reminders and follow-up by the Ministry of Railways with the service providers after the contract agreements were placed, not a single camera manufacturer got cyber security clearance from the STQC Directorate, sources in the railways told The Hindu.

“The OEMs are reluctant to get the testing done for reasons best known to them and not showing interest in the CCTV projects of the railways since only we are insisting on cyber security clearance of cameras and its components to ensure security. However, the cyber security clearance is not being insisted on for other surveillance camera projects funded by the Union Government like the smart cities,” a senior railway official said.

Security audit mandatory

In a meeting convened by NITI Aayog on July 30, 2019, involving top officials of the Ministry of Railways, Research Designs & Standard Organisaton, RailTel Corporation of India Ltd. etc., it was decided to make security auditing and testing mandatory for data protection.

To ensure the security of the camera and network from vulnerabilities & breaches and discourage false undertaking from OEMs, it was decided that security auditing and testing be carried out by reputed agencies like CERT-IN or STQC at the time of Proof of Concept (POC) as…

Source…

New malware found on 30,000 Macs has security pros stumped

/in


Close-up photograph of Mac keyboard and toolbar.

A previously undetected piece of malware found on almost 30,000 Macs worldwide is generating intrigue in security circles, which are still trying to understand precisely what it does and what purpose its self-destruct capability serves.

Once an hour, infected Macs check a control server to see if there are any new commands the malware should run or binaries to execute. So far, however, researchers have yet to observe delivery of any payload on any of the infected 30,000 machines, leaving the malware’s ultimate goal unknown. The lack of a final payload suggests that the malware may spring into action once an unknown condition is met.

Also curious, the malware comes with a mechanism to completely remove itself, a capability that’s typically reserved for high-stealth operations. So far, though, there are no signs the self-destruct feature has been used, raising the question why the mechanism exists.

Besides those questions, the malware is notable for a version that runs natively on the M1 chip that Apple introduced in November, making it only the second known piece of macOS malware to do so. The malicious binary is more mysterious still, because it uses the macOS Installer JavaScript API to execute commands. That makes it hard to analyze installation package contents or the way that package uses the JavaScript commands.

The malware has been found in 153 countries with detections concentrated in the US, UK, Canada, France, and Germany. Its use of Amazon Web Services and the Akamai content delivery network ensures the command infrastructure works reliably and also makes blocking the servers harder. Researchers from Red Canary, the security firm that discovered the malware, are calling the malware Silver Sparrow.

Reasonably serious threat

“Though we haven’t observed Silver Sparrow delivering additional malicious payloads yet, its forward-looking M1 chip compatibility, global reach, relatively high infection rate, and operational maturity suggest Silver Sparrow is a reasonably serious threat, uniquely positioned to deliver a potentially impactful payload at a moment’s notice,” Red Canary researchers wrote in a blog post…

Source…

HP Smart Install stumped, no longer installing

/in

A longtime Buzzblog reader, who prefers to remain anonymous, sent me this in an email a few days ago:

“I just opened an HP LaserJet M401dne.  It came with a note stating that Smart Install was disabled, and pointed me to www.hp.com/go/SmartInstall.”

The bad news, delivered in 30 different languages, was the “top sheet (of paper) as I found it out of the box,” says this IT manager.

At the HP link we are told:

Smart Install is a technology developed by HP that was designed to simplify printer software installation. Due to the difficulty in upgrading the Smart Install software files on the printer, HP has disabled the Smart Install option and recommends downloading and installing the software from HP’s support Web site for the most current software for your printer.

To read this article in full or to leave a comment, please click here

Network World Paul McNamara