Author: Sean Gallagher

Internet file sharing has long been a prime route for malware to spread. The situation is one of the reasons (aside from the exposure of proprietary data) that many companies restrict the use of cloud file sharing to corporate-approved systems. But it turns out that those enterprise cloud folders are just as bad. As more companies sanction the use of cloud applications for collaboration and sharing data—even just between individuals' computers and mobile devices—those cloud apps have increasingly become fertile ground for malware.

In a study based on data collected from millions of users over the first three months of 2016, cloud security company Netskope found that 11 percent of corporate-approved cloud applications harbored malware. That total more than doubled, up from just 4.1 percent in the previous quarter's data.The malware discovered included JavaScript exploits, droppers used to spread other malware, malicious embedded macros in document files, actual backdoor malware, spyware, and adware. Some mobile device malware was found as well.

All of the malware was found in file sharing applications, though only 26.2 percent of it appeared to be actually shared (whether internally to others in the affected company, externally with partners, or even publicly shared). That means the cloud folders were either infected because they were connected to a device exploited by malware, or the files were moved to the folders by the user.

ANDOVER, Mass.—At the front door of Raytheon's Integrated Air Defense Center, there's a reminder of how big microwave electronics used to be—the original microwave oven. The now ever-present kitchen device was invented after a Raytheon engineer discovered his candy bar melted while he was standing near a magnetron used in a radar system the company was developing. Nearly the size of a refrigerator, the original microwave looks like it would cook a whole lot more than whatever was put within its metal grate, which was meant to contain the microwaves from its magnetron.

A few hundred yards away from the relic, Raytheon manufactures a much different microwave technology today. In a semiconductor fabrication facility, built to resemble a giant integrated circuit from above, the company produces many of the chips that go into its modern radar systems, including monolithic microwave integrated circuits (MMICs). These tiny radio frequency amplifiers are similar to ones found in cellular phones, Wi-Fi adapters, and other wireless communications devices.

This technology is currently in the process of getting a major upgrade as the result of more than 16 years of research by Raytheon. And any MMIC evolution will be driven by the same substance that has made power-sipping LED light bulbs, Blu-ray players, and game consoles possible: gallium nitride (or, in chemical shorthand, GaN).

Although North Korea has had a string of bad luck with its only suspected nuclear-capable ballistic missile—which had four failed test launches in the last two months—the Democratic People's Republic of Korea is clearly intent on shifting its nuclear capabilities into overdrive. On Monday, the International Atomic Energy Agency (IAEA) announced that North Korea's government had apparently re-activated the nuclear fuel production reactor at Yongbyon—the plant responsible for the creation of plutonium used in the DPRK's nuclear weapons program.

The analysis by the IAEA, as IAEA chief Yukiya Amano said during a news conference on Monday, pointed to “resumption of the activities of the five megawatt reactor, the expansion of centrifuge-related facility, [and] reprocessing—these are some of the examples of the areas [of activity indicated at Yongbyon]." In this instance, "reprocessing" refers to the extraction of plutonium from irradiated uranium fuel.

These conclusions were reached based on satellite imagery, as North Korea has denied IAEA inspectors access to the plant. But if the IAEA is correct, the expansion of the centrifuge facility would indicate that North Korea is preparing to produce more fuel for nuclear warheads.

While campaigning for office, Canadian Prime Minister Justin Trudeau promised that his government would never buy the controversial, increasingly expensive F-35 Joint Strike Fighter for his country's air force. That declaration came despite the previous administration's commitment to purchase 65 of those planes from Lockheed Martin. Now, however, it appears Trudeau's government has found a way to fulfill his campaign promise and avoid any potential legal headaches that would result from Canada dropping its commitment with Lockheed. Trudeau's solution? Buy more fighters from Boeing now, delay an F-35 decision 'til later.

At last week's CANSEC defense trade show in Ottawa, Canadian Defence Minister Harjit Sajjan said that the Canadian Air Force's aging CF-18 Hornet fighter fleet would present a "growing capability gap" over the next decade that would make it difficult for Canada to meet its commitment to NATO. "This I find unacceptable, and it's one thing that we plan to fix," Sajjan said.

And as Defense News reports, the fix Sajjan and the Trudeau government will implement was proposed by Boeing. Instead of waiting for the F-35 to become available, Canada would buy a new version of Boeing's F/A-18 Super Hornet—and thus push the need to make a decision on an F-35 purchase into the late 2020s. The "interim" acquisition plan was reportedly presented to the Canadian government by Boeing with a very warm reception.

Augmented reality displays have been used by the military for decades. Their usage has traditionally been confined mostly to aircraft, first in the form of "heads up" displays in the cockpit and more recently (as with the F-35) integrated directly into helmets, giving pilots the ability to essentially look through the aircraft and see the skies around them and ground below them. But now, augmented reality is going underwater. Engineers at the US Navy's Naval Surface Warfare Center Panama City Division (NSWC PCD) are developing a diver's helmet with a built-in "heads up" display that can guide divers to where they need to be, locate the objects they're looking for, and even "see" in near-zero visibility.

The Divers Augmented Vision Display (DAVID) helmet can display high-resolution sonar imagery overlaid on the environment around the diver, as well as other data transmitted from a boat above. The project, led by Underwater Systems Development Project Engineer Dennis Gallagher (no relation to this author) is preparing for its first underwater tests in October.

DAVID is similar in its approach to the sorts of augmented reality displays being explored in the industrial world—in fields like aircraft manufacturing and maintenance, for example, where augmented reality headsets can show workers precisely where to put a rivet, or locate a system problem based on diagnostic data. DAVID's display can be turned on and off by the diver and repositioned within the mask by the support team on the surface at the diver's request, and it can display a huge variety of helpful visuals: text messages from above, diagrams and photos of objects the diver is looking for or working with, even floating virtual instructions on how to operate or fix equipment in the diver's field of vision.

On Wednesday, the state media of the Democratic People's Republic of Korea (North Korea) broadcast video of leader Kim Jong Un watching what appears to have been a successful launch of a submarine-launched ballistic missile. However, the launch actually took place in April. The footage was broadcast now, according to analysts, likely as an attempt to demonstrate North Korea's nuclear threat as a senior DPRK official meets with China this week. The broadcast may also be an attempt to draw attention away from a string of failed launches of North Korea's Musudan intermediate range ballistic missile (IRBM).

The video was broadcast just after analyst reports said North Korea had made a fourth failed attempt in two months to test-launch the Musudan—a missile designed to strike at targets as distant as Guam and the Philippines. The missile exploded on launch. Earlier on April 15, North Korea's military attempted a launch from a mobile launching system, but it exploded shortly after liftoff. Just two weeks later, as North Korea was preparing for the congress of the Worker's Party, there was an attempt at a dual launch—with both missiles crashing into the sea.

The Musudan, also known as the BM-25, was introduced in 2003. It is derived from the Soviet-era R-27 (NATO designation SS-N-6) and is essentially an improved solid-fuel "Scud" missile. North Korea has allegedly sold kits of the Musudan to Iran. The missile is believed to have a range between 2.500 and 4,000 kilometers (1,500 to 2,500 miles). But since its initial appearance, there had been no known test launches of the Musudan—only ground tests of the engine.

At this week's Special Operations Forces Industry Conference, the US Special Operations Command (USSOCOM) cracked the door open a bit on its Tactical Assault Light Operator Suit (TALOS) program—an attempt to create a powered, armored exoskeleton for use by special operations forces such as the Navy's SEALs and the Army's Green Berets. TALOS is the system that led President Barack Obama to announce in 2014 that "we are building Iron Man.”

Navy Commander Anthony Baker of USSOCOM's Joint Acquisition Task Force unveiled the initial list of requirements for TALOS, which is intended to enhance the "comprehensive ballistic protection, situational awareness, and surgical precision and lethality" of special operations troops, particularly in urban combat.

Launched by then-commander of USSOCOM Admiral William McRaven in 2013 as a joint project with the Defense Advanced Research Projects Agency (DARPA), the TALOS program is the latest evolution of "super troop" research that has been underway in secret for decades but has only become practical within the last few years. Initial prototypes demonstrating some of the technologies for TALOS were developed by MIT under the USSOCOM/DARPA program in 2014, and USSOCOM is now on course to produce a full advanced prototype of TALOS by August of 2018.

On Wednesday, the inspector general of the Department of State issued a scathing report on former Secretary of State Hillary Clinton's use of a private mail server during her tenure there, further securing the episode's legacy as perhaps the most historic case of "shadow IT" ever. Paying a State Department employee on the side to set up and administer her personal mail server, Clinton claims she just was doing what her predecessors did—but you'd be hard-pressed to find any government executive who ignored rules, regulations, and federal law so audaciously just to get mobile e-mail access.

If you've worked in IT for any amount of time, you've run across the shadow IT syndrome—employees using outside services to fix a problem rather than using internally supported tools. Sometimes (but rarely), it's actually mission-essential. For example, at a previous employer, when half the company lost access to e-mail and the content management system because a network card was stolen in a smash-and-grab at the telco's co-location facility, I set up a password-secured Wiki on my personal Web server to handle workflow and communications for a day. (The CIO was not happy, particularly when my boss wanted me to write an article about it. The corporate counsel had the story spiked because it exposed a Sarbanes-Oxley breach—not exposed by me, but by the company's failure to have a backup system.)

Often, people use shadow IT at work because of a lack of official IT resources to support a need. But they also use shadow IT for personal convenience—especially the personal convenience of executives and managers who want what they want and will twist the arm of someone in IT to support it whether it's within policy or not (or find someone else to do it for them and then tell IT they have to support it).

Some of the most critical business systems run by US government agencies are older than many of the IT people who support them, written in mainframe assembler code or COBOL. That might not shock or surprise anyone who works in mainframe-centric industries like insurance and finance, where the time-tested reliability of some systems has granted them lives that reach back to the Johnson administration. But a new GAO report has called out some of these systems as being so archaic that they're consuming increasingly larger portions of agencies' IT budgets just for operation and maintenance. As the breach at the Office of Personnel Management demonstrated, old systems are also a security risk—particularly when they've been "updated" with now-unsupported versions of Windows Server and Internet and database components that were end-of-life'd by their creators years ago.

To drive those points home, the report—written by David A. Powner, GAO's Director for Information Technology Management Issues—called out specific legacy systems from multiple agencies that are particularly obsolete, reliant on older programming languages and older computing technology that are no longer supported. To help members of Congress too young to remember them, the report also included an infographic (as show above) to explain what an 8-inch floppy disk was.

Of the top ten oldest systems cited by GAO, six are over 50 years old—and five of the ten oldest systems, all dating from before the 1980s, are not slated to be replaced anytime soon. And it should come as no surprise that the two oldest systems in government are at the Internal Revenue Service, and both will remain in place for some time.

Unknown attackers have been directing an ever-changing army of bots in a distributed denial of service (DDoS) attack against NS1, a major DNS and traffic management provider, for over a week. While the company has essentially shunted off much of the attack traffic, NS1 experienced some interruptions in service early last week. And the attackers have also gone after partners of NS1, interrupting service to the company's website and other services not tied to the DNS and traffic-management platform. While it's clear that the attack is targeting NS1 in particular and not one of the company's customers, there's no indication of who is behind the attacks or why they are being carried out.

NS1 CEO Kris Beevers told Ars that the attacks were yet another escalation of a trend that has been plaguing DNS and content delivery network providers since February of this year. "This varies from the painful-but-boring DDoS attacks we've seen," he said in a phone interview. "We'd seen reflection attacks [also known as DNS amplification attacks] increasing in volumes, as had a few content delivery networks we've talked to, some of whom are our customers."

In February and March, Beevers said, "we saw an alarming rise in the scale and frequency of these attacks—the norm was to get them in the sub-10 gigabit-per-second range, but we started to see five to six per week in the 20 gigabit range. We also started to see in our network—and other friends in the CDN space saw as well—a lot of probing activity," attacks testing for weak spots in NS1's infrastructure in different regions.