Milspec Chips Stolen / Cybersecurity Is Government’s Job / Outlook Cybercommand Warning / Hardening Energy Sector / Tech Headlines
Charlie Osborne: Engineer faces 219 years in prison for smuggling US military chips to China
An electrical engineer faces up to 219 years in federal prison after being found guilty of conspiring to smuggle military-grade semiconductor chips to China.
On Tuesday, the US Department of Justice (DoJ) said that Yi-Chi Shih, a part-time Los Angeles resident, attempted to secure semiconductor chips used in US military applications in order to transfer them to Chinese associates…US prosecutors say the victim company’s designs have been used in both commercial and military applications. Customers include the US Air Force, Navy, and the Defense Advanced Research Projects Agency (DARPA).
The semiconductors have been used in missiles, missile guidance systems, fighter jets, radar applications, and “electronic warfare.” … Shih’s co-conspirator pleaded guilty to one count of smuggling and will be sentenced in September where he faces up to 10 years in prison.
“This defendant schemed to export to China semiconductors with military and civilian uses, then he lied about it to federal authorities and failed to report income generated by the scheme on his tax returns,” said US Attorney Nick Hanna. “My office will enforce laws that protect our nation’s intellectual property from being used to benefit foreign adversaries who may compromise our national security.”
Read the details of this espionage against American interests at ZDnet.
Phee Waterfield: Cybersecurity Should Be Handled by Law Enforcement and Government, Report
A quarter (25%) of survey respondents feel cybersecurity should be the responsibility of law enforcement, and 28% feel it is down to the government, according to a report by Palo Alto Networks.
The study, which surveyed over 10,000 respondents in EMEA and India, explored the attitudes towards new cybersecurity technologies, such as artificial intelligence (AI), and how these technologies protect their digital way of life. It was conducted with YouGov and alongside Dr Jessica Barker, co-founder of Cygenta.
According to respondents, 26% of EMEA would prefer their cybersecurity to be managed by AI rather than a human. Italy has the most confidence in relying on AI (38%), while in the UK only 21% of people prefer AI. The research also suggests that those who are more open to AI technologies have a “positive outlook on the role cybersecurity plays in their day-to-day lives.” 29% of respondents, who preferred their cybersecurity managed by AI, believe having cybersecurity checks in place has a very positive impact on their overall online experience.
The rest of this article is at InfoSecurity Magazine. Do you think more government intervention is needed in cybersecurity and at what level? I tend to think that the federal role should be to protect us from malicious foreign actors, a shield of defense to keep us safe…but how quickly we trade security for freedom. At what point does deep packet inspection for malicious activity turn into Big Brother? I’d love to hear what you think. Engage with me in conversation on Twitter at Weym0 (that’s a zero at the end.)
Graham Cluely: US Cyber Command warns nation-state hackers are exploiting old Microsoft Outlook bug. Make sure you’re patched!
US Cyber Command has issued a warning about an unnamed foreign country’s attempt to spread malware through the exploitation of a vulnerability in Microsoft Outlook.
The alert, posted on Twitter, refers to CVE-2017–11774, a vulnerability in Outlook that if exploited could allow an attacker to bypass security features and execute arbitrary commands on targeted Windows computers.
Microsoft issued a patch for the vulnerability in October 2017, but the security hole has since continued to be used by the Iranian-backed APT33 (also known as Elfin) hacking group…The latest alert from US Cyber Command comes little more than a week after the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) specifically warned of increased activity by Iranian hacking groups, and urged firms to take protective measures.
Read more about what the patch does to Outlook and the history of APT33 at Bitdefender’s Hot For Security blog.
David Bisson: Senate Passes Bill to Help Defend U.S. Energy Grid against Digital Attacks
The United States Senate has passed a bill to help strengthen the defenses of the U.S. energy grid against digital attacks. On 27 June, the Senate passed the Securing Energy Infrastructure Act. Introduced by U.S. Senators Angus King (I-Maine) and Jim Risch (R-Idaho), the main purpose of the bipartisan bill is to remove security vulnerabilities which digital attackers can abuse to access the U.S. energy grid. It seeks to do this by implementing several steps, including:
Creating a two-year pilot program within the National Laboratories that will partner with entities in the energy sector to identify security vulnerabilities as well as evaluate technology and standards to protect covered industrial control systems against those vulnerabilities.
Establishing a working group to evaluate the technology and standards used in the program as well as develop a strategy to defend energy sector entities against security vulnerabilities.
Submit reports that present the results of the program.
According to a press release published by Senator King, he and four other co-sponsors received their inspiration to create the bill from Ukraine’s experience with BlackEnergy in 2015.
Get the rest of the story over at TripWire.
Other things going on around the web:
Apple’s new FaceTime feature “Attention Correction” will fix your gaze so that it will appear you are looking directly into the eyes of the person you’re talking to. Usually displays and cameras are out of alignment so that it appears the person at the other end is not looking directly at you. Apple will deepfake you in realtime so that callers will seem more engaged with each other. Check out the fascinating discussion going on today on Twitter at techs test it out.
Symantec’s shares got a boost on rumors it will acquire Broadcom.
Imperial College of London released a report urging the to NHS urgently invest in cybersecurity including firebreaks in patient records and other techniques to make at-risk patient services safer.
An interesting discussion about digital license plates that change on command can be found over at Schneier On Security blog.
A Failure Here, Damaged Fiber There and a Day of Internet Glitches — Cloudflare and Google dealt with issues that affected countless sites and users on Tuesday nytimes.com
This major internet routing blunder took A week to fix. Why so long? It was IPv6 — and no one really noticed theregister.co.uk
Frontier customer bought his own router — but has to pay $10 rental fee anyway arstechnica.com
Dish Network and T-Mobile have agreed to a divestiture deal, pending resolution of DOJ concerns regarding proposed Sprint/T-Mobile merger cnbc.com
Satellite Giants Battered by New C-Band Proposals for 5G lightreading.com
Comcast Pushes Shapefile Broadband Mapping Approach multichannel.com
5% of Broadband Users Likely to Cut the Cord in the Next 12 Months multichannel.com
AT&T customers dialing 911 go through a nationwide outage, again phonearena.com
Potential US cord-cutters watch over six hours of mobile video per week rapidtvnews.com
D-Link agrees to beef up smart home security after FTC lawsuit: The FTC had sued D-Link over its internet-connected security cameras and wireless routers cnet.com
Help me out be thumbing this up or giving it claps or telling people or sharing it on social media please…and for goodness sake SUBSCRIBE. It’s free after all.
Politics may be married to technology and big media, but sometimes individuals can make a difference.
Get “The Dirty Deeds Playbook” today for just $2.99 on Kindle or for a few dollars more in paperback.
This satirical field manual uses fools & fanatics to sew chaos in American elections. Tools & techniques, observations & deception I’ve seen in the process over these past few years.
Support this news aggregation service by checking out my website at www.yourtechmoment.com today. Links there show all the places you can listen to the podcast or watch for free. Check out our FireTV app and Amazon Alexa skill for your flash briefing.
Also, find out about my other projects, subscribe to my newsletter and alerts, or buy books, advertise and support this project with some merchandise purchases.