Posted on

UK government vows to sink $2.3 billion into new cybersecurity plan

Enlarge (credit: Defence Images)

The UK government has promised to spend nearly £2 billion over the next five years to try to tackle the growing problem of cyber attacks in the country.

Recent research suggested that Britain is particularly susceptible to data breaches involving compromised employee account data. Nonetheless, chancellor of the exchequer Philip Hammond claimed on Tuesday that the country is "an acknowledged global leader in cyber security."

Number 11's occupant crowed that the previous Tory-led coalition government had chucked £860 million at the problem, but Hammond then undermined himself somewhat by adding that "we must now keep up with the scale and pace of the threats we face." Which underlines the fact that the government is playing catch-up in its race against cybercrims.

Read 12 remaining paragraphs | Comments

Posted on

Researchers find it’s terrifyingly easy to hack traffic lights

A typical intersection configuration.
Halderman et al., University of Michigan

Taking over a city’s intersections and making all the lights green to cause chaos is a pretty bog-standard Evil Techno Bad Guy tactic on TV and in movies, but according to a research team at the University of Michigan, doing it in real life is within the realm of anyone with a laptop and the right kind of radio. In a paper published this month, the researchers describe how they very simply and very quickly seized control of an entire system of almost 100 intersections in an unnamed Michigan city from a single ingress point.

Nodes in the traffic light network are connected in a tree-topology IP network, all on the same subnet.
Halderman et al., University of Michigan

The exercise was conducted on actual stoplights deployed at live intersections, "with cooperation from a road agency located in Michigan." As is typical in large urban areas, the traffic lights in the subject city are networked in a tree-type topology, allowing them to pass information to and receive instruction from a central management point. The network is IP-based, with all the nodes (intersections and management computers) on a single subnet. In order to save on installation costs and increase flexibility, the traffic light system uses wireless radios rather than dedicated physical networking links for its communication infrastructure—and that’s the hole the research team exploited.

Wireless security? What's that?

The systems in question use a combination of 5.8GHz and 900MHz radios, depending on the conditions at each intersection (two intersections with a good line-of-sight to each other use 5.8GHz because of the higher data rate, for example, while two intersections separated by obstructions would use 900MHz). The 900MHz links use "a proprietary protocol with frequency hopping spread-spectrum (FHSS)," but the 5.8GHz version of the proprietary protocol isn’t terribly different from 802.11n.

Read 11 remaining paragraphs | Comments

Posted on

4 Former LulzSec Members Sentenced To Prison Time In The UK

It’s been a while since we’ve talked about any hacking related arrests, or in this case, imprisonments. In this case, it’s some ‘ex’ members of LulzSec, for the attacks they perpetrated in 2011. The longest of the sentences being 32 months, almost 3 years for the guy that operated and managed the botnet used in...

Read the full post at darknet.org.uk