Recent events have raised the question of whether the United States is prepared to defend its electricity grid.
Spies from other countries have been detected hacking into the United States' electricity grid, leaving traces of their activity and raising concerns over the security of the U.S. energy infrastructure to cyberattacks. The spies apparently sought ways to navigate and control the power grid as well as the water and sewage infrastructure, according to a published report. It's part of a rising number of intrusions, the article said, quoting former and current national security officials.
There have long been concerns over securing the power grid and other infrastructure. Those security issues are mounting as utilities use more Internet-based communications and software to control the grid through smart-grid technology. A report by security firm IOActive last month warned that people with $500 worth of equipment and the right training could manipulate smart meters with embedded communications in people's homes to potentially disrupt operation of the grid.
More than a decade after initial reports said critical infrastructure in the U.S. is vulnerable to cyberattack, the situation has only worsened as utilities move their control systems closer to the Internet and install smart-grid technology, according to security experts.
For many utility workers, it's easier to log onto the Internet from home when they get called at night. But if those home computers are infected with spyware they can be used by attackers to get into the control systems, which are supposed to be separated from the Internet.
But there are other problems that are more deeply embedded in the day-to-day operations of utility business. Network control software that utilities buy from outside vendors often includes the ability to run Web servers and enable remote access and wireless access. Then there are configuration problems, such as routers and other systems with no passwords or default passwords,
Another infrastructure vulnerability materialized this week in the Silicon Valley, where vandals were blamed for a massive phone and Internet outage. Police confirmed the phone and Internet outage that left thousands of customers in the San Jose, Calif., area without phone or broadband Internet service was caused by vandals who had cut AT&T fiber-optic cables. A cable in San Carlos, Calif., owned by Sprint Nextel was also cut about two hours later.
A representative said a utility hole cover had been lifted, and the fiber underground had been cut. She confirmed that the Sprint fiber that was cut also appeared to be the work of vandals.
Return of the worm?
The Conficker worm that has infected millions of Windows-based computers will likely be used to send spam and steal data much like one of the nastiest botnets on the Internet does, researchers said after finding links between Conficker and Waledac family of malware that includes the Storm botnet.
A week after failing to do anything but snore, the much-hyped Conficker worm was roused from its slumber, with infected computers transmitting updates via peer-to-peer and dropping a mystery payload onto PCs. Researchers suspect that the payload program may be a keystroke logger, a spam generator, or both.
Conficker now also tries to connect to MySpace, MSN.com, eBay, CNN.com, and AOL as a way to test that the computer has Internet connectivity, deletes all traces of itself in the host machine, and is set to shut down some functionality on May 3. In addition, Conficker reaches out to a domain that is known to be infected by Waledac and downloads an encrypted file.
One expert theorized that Eastern Europeans are behind Waledac. He suspects they created the Storm botnet to try different payloads and business models and that Waledac resulted from that. Ferguson speculates that they may be putting their lessons learned from earlier efforts into practice with Conficker.
The worm spreads via a hole in Windows that Microsoft patched in October, as well as through removable storage devices and network shares with weak passwords. The worm disables security software and blocks access to security Web sites.
To check if your computer is infected you can use this Conficker Eye Chart or this site at the University of Bonn. There is also a Conficker removal guide at CNET's Download.com.
Meanwhile, the cost of security is mounting for the Pentagon, which spent more than $100 million in the past six months to clean up from Internet attacks and network issues.
The Defense Department was forced to take up to 1,500 computers offline last year because of a cyberattack, and it banned the use of external removable storage devices because of their ability to spread viruses. The news comes amid internal government squabbles over which department would be best to manage the nation's cybersecurity programs and in the middle of a cybersecurity review ordered by President Obama.
Battling piracy
In a surprise development, the French parliament voted down Internet piracy legislation that had largely been expected to pass. Because the bill was expected to pass, few members of parliament were present for the final vote.
The "Creation and Internet" bill, which had won the preliminary approval of the parliament last week, would compel Internet service providers to take graduated actions against customers accused of illegally downloading copyrighted material. After warning a customer against such actions for a third time, an ISP could suspend the person's Internet access for up to a year.
Meanwhile, the copyright infringers responsible for leaking an incomplete version of the unreleased movie "X-Men Origins: Wolverine" will likely face harsh penalties thanks to strict U.S. intellectual property laws, but copyright enforcement is still woefully inadequate abroad, representatives of the entertainment industry told members of Congress.
One week after the 20th Century Fox film was found on the Internet, the House of Representatives Committee on Foreign Affairs held a hearing in Los Angeles to listen to industry representatives about addressing piracy. Committee Chair Howard Berman (D-Calif.) said he plans to introduce legislation shortly to bring more attention to intellectual property rights abroad.
Piracy cost the film industry $6.1 billion in 2005, according to the Motion Picture Association of America, while copyright infringement overall resulted in $18.3 billion in trade losses in 2007, according to the International Intellectual Property Alliance. Copyright infringement also costs the U.S. 750,000 jobs per year, according to the U.S. Chamber of Commerce.
It specifically cost one entertainment columnist his job. Roger Friedman, who worked 10 years for FoxNews.com, a division of News Corp., posted a short review of the forthcoming "X-Men Origins: Wolverine" and he soon found himself out of work.
Friedman wrote in his Fox 411 column last week that downloading the unreleased superhero movie from the Internet was "so much easier than going out in the rain."
News Corp., saying that the review promoted piracy, initially said that Friedman's employment had been terminated but issued a revised statement saying it was a mutual decision.
Also of note
Sun Microsystems rejected IBM's formal buyout offer, calling the bid insufficient and putting future deal talks at risk...General Motors and Segway are working on a two-wheel concept vehicle called Project PUMA (Personal Urban Mobility and Accessibility) and designed to ease congestion and pollution problems in cities...Groups advocating for the blind and reading disabled held a protest at the Manhattan offices of the Authors Guild, which has been very vocal in opposing text-to-speech technology in the Kindle e-reader.
Millions of Windows users braced themselves for the much-feared Conficker worm, worried that the exploit would wreak havoc on their systems on April 1.
Conficker was expected to shut down security services, block computers from connecting to security Web sites, and download a Trojan. It was also expected to reach out to other infected computers via peer-to-peer networking and include a list of 50,000 different domains, of which 500 would be contacted by the infected computer on April 1 to receive updated copies or other malware or instructions.
Then nothing happened. Was it all an elaborate April Fools' joke?
The Conficker worm may have failed to cause the digital pandemonium that some may have feared, but that doesn't mean we are in the clear. Just because the worm failed to create much of a stir on the day it was set to activate doesn't mean it won't wake up and act later.
Today, as on any day, PC users should make sure their systems are patched and running the latest security software. People should patch their systems to close the hole in Windows that Conficker exploits and should update their antivirus software. The major antivirus vendors all have free Conficker removal tools.
The worm also can spread via network shares and removable storage devices like USB thumb drives. So people are advised to use strong passwords when sharing files on a network and to download a patch Microsoft released to address the Autorun feature problem in Windows that makes using removable storage risky.
So, in the end, was the hype a good thing or a bad thing?
The problem is that there are tons of malicious programs and attacks out there on the Internet every day and people don't do enough to protect their computers, experts say. People need to be consistently vigilant about patching their systems and updating their security software--not just when a particular virus hits the headlines. This isn't new at all.
Lots of other worms and botnets are doing real damage, experts say, but Conficker garnered media attention because it was configured to activate on a certain date. The fact that the date happened to be April Fools' Day only added to its mystique.
Inside Google
Google is tight-lipped about its computing operations, but the company for the first time revealed the hardware at the core of its Internet might. Most companies buy servers from the likes of Dell, Hewlett-Packard, IBM, or Sun Microsystems. But Google, which has hundreds of thousands of servers and considers running them part of its core expertise, designs and builds its own.
The big surprise: each server has its own 12-volt battery to supply power if there's a problem with the main source of electricity. The company also revealed that since 2005, its data centers have been composed of standard shipping containers--each with 1,160 servers and a power consumption that can reach 250 kilowatts.
It may sound geeky, but a number people attending Google's server event--the kind of folks who run data centers packed with thousands of servers--were surprised not only by Google's built-in battery approach, but by the fact that the company has kept it secret for years.
In other Google minutia...On April 1, 2004, Google took the wraps off Gmail, which launched with a splash big enough that many were convinced it was a joke: an entire gigabyte of online storage.
Larger online e-mail rivals Hotmail and Yahoo Mail quickly matched that advantage. Nonetheless, Gmail has grown to become a force to be reckoned with. It's got tens of millions of users, Google says, though it won't pin down a precise number. And its growth today, in terms of new users joining the service, is faster than it was four or five years ago, said Todd Jackson, product manager for Gmail.
In a chat, Jackson offered an assessment of what Google has accomplished with Gmail thus far and what it expects in the future.
Google is also planning to spend some money on start-ups. The search giant has launched a venture capital arm to invest in a diverse array of industries, including those focused on the consumer Internet, software, clean tech, and health care.
The fund will be headed by William Maris, an investor and entrepreneur who was hired by Google last year to help set up the venture, and Rich Miner, former manager of Google's mobile platforms group. Google Ventures, as the fund is called, is expected to receive a $100 million investment from Google in the first year.
Google acknowledged that its timing is awkward, but noted that it also sees opportunity in the current economic climate.
"Economically, times are tough, but great ideas come when they will," Maris and Miner said in a joint blog. "If anything, we think the current downturn is an ideal time to invest in nascent companies that have the chance to be the 'next big thing,' and we'll be working hard to find them."
A wireless world
The new 4G wireless broadband network that Verizon Wireless plans to launch in 2010 could be rural America's answer to its broadband access prayers. But extending the network to every nook and cranny in the U.S. will likely take years.
A Verizon executive said during an interview at this week's CTIA 2009 trade show that the new 4G network the company is building will blanket the entire continental United States, including the far corners of rural America.
If Verizon makes good on this promise, it will be helping to bridge a widening gap between broadband haves and have-nots in this country. While Verizon Wireless' parent company Verizon Communications and other broadband providers have concentrated on building wireline broadband infrastructure in densely populated areas, such as cities and sprawling suburbs, they have not done a good job of extending that infrastructure to rural America.
Wireless industry executives at CTIA said that despite the economic meltdown, the cell phone industry remains strong. And they're confident that it will be a driving force in pulling the nation out of its current financial crisis.
Ivan Seidenberg, CEO of Verizon Communications, and Robert Dotson, CEO of T-Mobile USA, which is owned by Deutsche Telekom, said that despite the economic troubles facing the nation and the world, the wireless market is thriving and innovation is flourishing.
They also agreed that as the nation moves through the current crisis, the wireless industry could play a significant role in economic recovery. But they also warned that reluctant investors and overzealous regulators could stunt its potential and harm the recovery.
Meanwhile, Verizon Wireless doesn't care who emerges from the upcoming mobile OS wars because no matter who wins, Verizon will make sure its software runs on top of that operating system.
"I don't think I need to bet on an operating system," Lowell McAdam, CEO of Verizon Wireless, said in a question-and-answer session at CTIA. "I need to bet on layers that will bridge those operating systems."
McAdam was referring to the news announced Wednesday that Verizon Wireless will join the Joint Innovation Lab created by its corporate co-parent, Vodafone, along with China Mobile and Softbank. The lab plans to build "mobile widgets" for future phones that will apparently run on whatever operating systems Verizon decides to support on its future smartphones.
Also of note
Microsoft and TomTom reached a settlement in their respective patent suits...Facebook Chief Financial Officer Gideon Yu is leaving the company, representatives from the social network confirmed...Former Hewlett-Packard CEO Carly Fiorina said she is "seriously considering" a run for the U.S. Senate in the state of California.
|
Lotus knows there's more to work than just email.
Connect with people. Get live feeds. Create widgets. Work securely online or off. Try IBM Lotus Notes.
|
 |
- prev
- 1
- next
