Author: Sean Gallagher

NEW ORLEANS—Former Cisco CEO John Chambers delivered a keynote on Tuesday at the Association for Unmanned Vehicle Systems International (AUVSI) XPONENTIAL conference, slamming the Obama administration for moving too slowly on adjusting regulations governing commercial and private drones.

Chambers said that Obama doesn't "get" drones and that the US is potentially being left behind in a market that he claimed could drive trillions of dollars in economic impact. His remarks drew loud applause from the audience of attendees—many of whom represented companies eager to cash in on drones as either vendors or customers.

Federal Aviation Administration administrator Michael Huerta responded on Wednesday with a talk about the FAA's progress on drone regulations before the same audience that Huerta had previously called "a lion's den" in his last appearance at AUVSI's flagship conference four years ago. But, he joked, "We're getting to know each other so well that UAS conventions are getting to be like family reunions."

NEW ORLEANS—It’s now possible to prevent the heartbreak, wallet-ache, and risk of physical injuries when consumer drones suddenly plummet from the skies mid-flight. At the Association for Unmanned Vehicle Systems International's XPONENTIAL conference, a company called ParaZero is introducing SafeAir, a device that deploys a parachute to safely bring a falling drone back to earth.

To ensure that the parachute deploys in time to prevent a crash at low altitudes, SafeAir shoots out the chute with a gust of pressurized gas. SafeAir attaches to the top of a drone and uses an independently-powered chip to detect when the drone goes into freefall. According to a company spokesperson, SafeAir has worked with drone manufacturers to develop recovery systems for their drones based on how far it is safe for their drones to fall—including DJI (the makers of the popular Phantom consumer drone), professional photography drone maker 3D Robotics, and Martin Aviation—makers of the JetPack search and rescue small uncrewed aerial system (UAS).

ParaZero also manufactures pyrotechnic-deployed parachutes for larger drones, along with an airbag system for cinematic drones to protect cameras and other expensive gear during an unpowered landing.

NEW ORLEANS—The problem with robots on the battlefield today, according to Marine Corps Colonel Jim "Jinx" Jenkins, is that they still have to be driven by humans. That's why the Marine Corps and the Department of Defense are researching ways for robots to act more like teammates on the battlefield than just another piece of hardware.

Jenkins, who serves as Director of Science and Technology at the Marine Corps' Warfighting Lab at Quantico, Virginia, said in a presentation at the Association for Unmanned Systems International's XPONENTIAL conference that while robots such as those used for explosive ordnance disposal and other roles on the battlefield take soldiers and Marines out of some dangerous situations, they take their operators out of the fight.

"A marine is driving, so we haven't improved our manpower situation, and sometimes it costs more manpower." he noted, since operators have to pay such close attention to what they're doing with the robot that they need someone watching their back. "We need to move toward autonomy" for robots and other uncrewed systems, he said. Eventually, the Marine Corps wants swarms of collaborating drones and robots to act at the command of a single operator as a force multiplier at every level of operations.

The Islamic State has been deft in its use of the Internet as a communications tool. ISIS has long leveraged social media to spread propaganda and even coordinate targets for attacks, using an ever-shifting collection of social media accounts for recruitment and even to call for attacks on individuals ISIS leaders have designated as enemies. But the organization's efforts to build a sophisticated internal “cyber army” to conduct information warfare against the US and other powers opposing it have thus far been fragmented and limited in their effectiveness—and more often than not they've been more propaganda than substance.

Now, ISIS is taking another crack at building a more credible cyber force. As analysts from Flashpoint note in a report being published today (entitled "Hacking for ISIS: The Emergent Cyber Threat Landscape"), ISIS earlier this month apparently merged four separate pro-ISIS “cyber” teams into a single group called the United Cyber Caliphate.

“Until recently, our analysis of the group's overall capabilities indicated that they were neither advanced nor did they demonstrate sophisticated targeting,” said Laith Alkhouri, Director of Research & Analysis for the Middle East and North Africa and a co-founder at Flashpoint. “With the latest unification of multiple pro-ISIS cyber groups under one umbrella, there now appears to be a higher interest and willingness amongst ISIS supporters in coordinating and elevating cyber attacks against governments and companies.”

The number of reported breaches of organizations' data has been growing hyperbolically over the past few years, based on data in Verizon's 2016 Data Breach Investigations Report (DBIR). And a major reason for that is that many organizations are still doing security like they were decades ago. The leading cause of reported data breaches, as documented by Verizon, is "miscellaneous errors"—mistakes made by employees—that open the door to attackers.

For those who've followed the recent chain of crypto-ransomware attacks at hospitals around the country, this finding will come as no surprise. Issues such as system misconfiguration, end users sending sensitive data out of the network by mistake, or users clicking on stuff they shouldn't be clicking on were among the errors made by organizations that led to about 18 percent of the data breaches documented in 2015—and were likely the leading contributor to the many incidents that went unreported.

In 63 percent of "confirmed" breaches, attackers took advantage of weak password credentials, default passwords left in place, or passwords that were stolen through phishing attacks or other means. In other words, if organizations were using something other than just usernames and passwords as credentials to gain access to systems, more than half of the data breaches that happened in 2015 would not have occurred.

A nuclear power plant 75 miles from Munich has been harboring malware—including remote-access trojans and file-stealing malware—on the computer system that is used to monitor the plant's fuel rods. Fortunately, as Reuters reported, the computer isn't connected to the Internet, and the malware was never able to be activated.

The malware was discovered on computer systems at the Gundremmingen nuclear power facility by employees of the German electrical utility company RWE. It included Conflicker, a worm first detected in 2008 designed to steal user credentials, personal financial data, and turn infected computers into "bots" to carry out distributed denial of service (DDoS) attacks. W32.Ramnit, a worm that provides attackers with a remote access tool and allows them to steal files and inject code into webpages to capture banking data, was also discovered on the system.

In addition to the infected computer system, last upgraded in 2008, malware was discovered on 18 USB removable storage devices. Both Conflicker and W32.Ramnit spread themselves through USB drives. The malware did no harm because it required Internet access to contact a command-and-control network, and it appears that the plant was not specifically targeted by attackers since the malware was focused largely on financial fraud.

The Joint Land Attack Cruise Missile Defense Elevated Netted Sensor (JLENS) system program has been savaged by the House Armed Services Committee in its markup of the Defense Department's 2017 budget. The proposed cut in funding—from the $45 million requested by the Army to a mere $2.5 million—may signal the end of a program that was a source of controversy well before one of the program's radar aerostats broke loose and drifted hundreds of miles. But that incident, which caused power outages and property damage as the wayward blimp dragged its broken tether from Aberdeen, Maryland, into central Pennsylvania, was likely responsible for the program finally being brought to heel.

JLENS was originally intended to be a collection of paired radar dirigibles, tethered to the ground while floating at altitudes of up to 10,000 feet. Of each pair, one aerostat would be equipped with a sensitive "look-down" phased array search radar; the other would have a targeting radar for tracking targets and guiding weapons to them.

The system was intended, as the program's name suggests, to defend against submarine-launched and ship-launched cruise missiles, but it was also advertised as a way to spot low-flying aircraft, drones, swarms of small boats, and even some ground vehicles. Raytheon, the prime contractor for JLENS, and the Army tried to dispel concerns that JLENS could be used for domestic surveillance.

Recent reports of an unidentified flying object striking a British Airways flight at London's Heathrow Airport spurred a wave of fear over drones interfering with commercial aircraft. But now it appears the object may have only been a floating plastic bag, according to British transport minister Robert Goodwill.

The Telegraph reports that Goodwill could not confirm the identity of the object that struck the British Airways Airbus A320 as it prepared to land last Sunday. The incident happened at an altitude of about 1,700 feet over southwest London, well above the regulatory ceiling for drone operations of 400 feet.

"The reported drone strike on Sunday has not been confirmed it was actually a drone," Goodwill said. "It was the local police force that tweeted that they had a report of a drone striking an aircraft." That social media message may have been prompted by fear of drones in response to recent British government reports of near-misses with drones by aircraft around London.

Security researchers at Cisco Talos and Check Point have published reports detailing the inner workings of Nuclear, an "exploit kit" Web service that deployed malware onto victims' computers through malicious websites. While a significant percentage of Nuclear's infrastructure has been recently disrupted, the exploit kit is still operating—and looks to be a major contributor to the current crypto-ransomware epidemic.

Introduced in 2010, Nuclear has been used to target millions of victims worldwide, giving attackers the ability to tailor their attacks to specific locations and computer configurations. Though not as widely used as the well-known Angler exploit kit, it has been responsible for dropping Locky and other crypto-ransomware onto over 140,000 computers in over 200 countries, according to statistics collected by Check Point (PDF). The Locky campaign appeared to be placing the greatest demand on the Nuclear pay-to-exploit service.

Much of Talos' data on Nuclear comes from tracking down the source of its traffic—a cluster of "10 to 15" IP addresses that were responsible for "practically all" of the exploit infrastructure. Those addresses were being hosted by a single cloud hosting provider—DigitalOcean. The hosting company's security team confirmed the findings to Talos and took down the servers—sharing what was on them with security researchers.

The National Security Archives at George Washington University has just added a classic text of computer security to its "Cyber Vault" project—the original version of what came to be known as the "Ware Report," a document published by the predecessor to the Defense Advanced Research Projects Agency in February 1970. And as much as technology has changed in the 46 years that have passed, the Ware Report would still hold up pretty well today with a few notable edits.

The document, officially entitled "Security Controls for Computer Systems: Report of the Defense Science Board Task Force on Computer Security," was the result of work undertaken in 1967 at the behest of the Advanced Research Projects Agency (ARPA, now DARPA) to deal with the risks associated with the rapid growth of "multi-access, resource-sharing computer systems"—the primordial network ooze from which the Internet would be born. Authored by a task force led by computer science and security pioneer Willis Ware, the report was a first attempt to take on some of the fundamental security problems facing a future networked world.

The Ware Report included a list of conclusions and recommendations that (based on recent data breaches and security failures) many have failed to take to heart. The first of these is one that recent ransomware attacks seem to show that organizations have forgotten. "Providing satisfactory security controls in a computer system is in itself a system design problem," Ware wrote in the summary memo accompanying the report. "A combination of hardware, software, communication, physical, personnel and administrative-procedural safeguards is required for comprehensive security. In particular, software safeguards alone are not sufficient."