​Quantum leap forward: China to launch world’s longest, ‘hack-proof’ network by 2016

Is this why Russia’s Internet traffic is running through China?  -LW


AFP Photo/Str

AFP Photo/Str

China is completing the project of the planet’s longest, 2,000-kilometer quantum communication network from Beijing to Shanghai. The network is considered “unhackable” and is set to start operating in 2016.

The “unhackability” is due to the most secure encryption technology ever, the South China Morning Post reported.

By 2030, the network is expected to stretch all over the globe, Xinhua news agency said.

For now, the service is to be used by the Chinese government, the military and key business institutions such as banks.

The plans were disclosed by Professor Pan Jianwei, a quantum physicist with the University of Science and Technology of China and a lead scientist behind the project.

“China’s quantum information science and technology is developing very fast and China leads in some areas in this field. Any city in China, as long they want to, can start to build the quantum communication network now,” he said, Xinhua reported.

Chen Yuxiang, chief engineer for the construction of the Beijing-Shanghai network, indicated that the infrastructure would be ready between the end of the year and next summer. The network also needs to be built and activated.

The budget for the Beijing-Shanghai project is estimated at 100 million yuan ($16 million) for every 10,000 users.

Theoretically, the quantum network can’t be hacked: should anyone try to intercept the encryption key, the physical status of the quantum data, or qubits, would change, and alert those who sent the information.

Europe, Japan and Canada are also planning to start their own quantum networks. The US has also been looking for funds to sponsor a 10,000-kilometer network between major cities.

Experts are sure, though, that China is ahead of everyone in the quantum network project.

“The Chinese are really pushing the boundaries. They are moving at an incredible rate. No one else around the world has plans that are this ambitious,” Raymond Laflamme, the head of the Institute for Quantum Computing at the University of Waterloo in Canada, told The Telegraph.

“China is putting itself in the position of having secure private information that other countries will not be able to tap,” he added.

​Source.

‘New York Times’ Outage Traced to Phishing Email to Melbourne IT Partner

The New York Times Headquarters Ahead Of Earns Figures

This happened yesterday, August 27th. At least with cyber-crime no one gets killed. They’re sending a distinct message when they hit all these lamestream media outlets. I like it when anyone aiding the cabal gets a little nudge from the good guys as a reality check so they know who’s REALLY in charge.

Melbourne IT, an Australian firm that allows website owners to buy addresses such as latimes.com, said the downtime suffered by the New York Times website Tuesday began when hackers gained access to the user name and password of one of the company’s sales partners.

Using those reseller’s credentials, hackers changed the records that tell computers around the world from where to download web pages when someone types NYTimes.com into an Internet browser.

[Updated, 8:27 a.m. Aug. 28: The U.S.-based sales partner’s credentials ended up in the hackers’ hands after a targeted phishing attack was directed at the firm’s staff, Melbourne IT Chief Technology Officer Bruce Tonkin said early Wednesday. Essentially, several people at the U.S. firm were duped by emails that coaxed them into giving up log-in credentials.

“We have obtained a copy of the phishing email and have notified the recipients of the phishing email to update their passwords,” Tonkin said in an email. “We have also temporarily suspended access to affected user accounts until passwords have been changed.”]

Late Tuesday, Melbourne IT spokesman Tony Smith said said the company was reviewing how to improve security.

“We are currently reviewing our logs to see if we can obtain information on the identity of the party that has used the reseller credentials, and we will share this information with the reseller and any relevant law enforcement bodies,” he added.

Smith recommended that “for mission critical (domain) names,” domain-name owners use additional security features available from domain name registries that cost money but limit changes that can be made without extra authorization.

“Some of the domain names targeted on the reseller account had these lock features active and were thus not affected,” Smith said.

The hacking group also appeared to have tried to redirect visitors of some Twitter services and Huffington Post U.K., but they didn’t suffer easily visible outages.

Marc Frons, chief information officer for the New York Times Co., told the newspaper that he attributed the breach to “the Syrian Electronic Army or someone trying very hard to be them.” He warned company employees to refrain from sending sensitive email messages because the records changes made by the hackers could have allowed them to hijack emails.

The Syrian group did not immediately offer a reason for Tuesday’s attack, but it came as the White House debated how to respond to clear indications that the Syrian government launched a chemical attack on its civilians. Cybersecurity analysts said the incident highlighted the fact that every war will now have an online component.

“Website defacements … are more about image and propaganda than anything else, but the ubiquity of the World Wide Web and the amplification power of computer networks guarantee that information operations are more important than ever,” said Kenneth Geers, senior global threat analyst for the cybersecurity firm FireEye. He called the attack “a propaganda coup” for the Syrian Electronic Army that at least brought the hacking group free advertising.

Hackers have long defaced popular websites to direct attention to issues they consider important, but the number and intensity of the attacks continue to grow. The websites of the Washington Post, Financial Times, CNN and Time magazine have also been affected in recent months.

The NYTimes.com website was down for more than six hours. In the meantime, visitors saw either error messages or web pages created by the Syrian Electronic Army. The New York Times was able to get the redirection blocked by working with other Internet service providers. The company that hosts the website of the Syrian Electronic Army, for example, suspended the account.

Experts say these kind of disruptions are expected to continue.

“As long as media organizations play a critical role as influencers and critics, they will continue to be targets of cyber-attacks,” said Michael Fey, chief technology officer for computer security giant McAfee.

As news organizations have improved their own computer security, hackers have looked for weak spots at outside services the companies use.

Security analysts said other hackers, driven primarily by a desire to make money, may have used the sort of power they held while inside Melbourne IT’s systems to send visitors to websites laden with computer viruses.

“It’s what they could have done that really scares me,” said HD Moore, chief research officer for cyber security firm Rapid7.

The New York Times suffered an hour long outage earlier this month but attributed it to “technical difficulties” during a routine morning maintenance operation.

Hacker Dies Days Before He Was to Reveal How to Remotely Kill Pacemaker Patients [videos]

Barnaby Jack (Still from YouTube video/ViralNewsHD)

Another “convenient” death? At 36 years of age it’s unlikely it was from natural causes. Possible, but not likely. It will be interesting to hear what the coroner lists as the official cause of death.

If they can control drones, phones and automobiles remotely—and even ATMs as Jack illustrated a few years ago (see last video)—why would a wireless implant device be any different?

I’ve heard that the chips they want to implant in all of us will make it possible for them to “erase” us on demand if we are one of the few remaining after implementing their mass extinction eugenics agenda and we are a “problem”.

Kiwi Barnaby Jack may have become a “problem” to many manufacturers like Medtronic who supply these costly medical devices.

I wonder how many people now have pacemakers. Would a defibrillator also be at risk? Probably.

Was Jack a government asset gone rogue—meaning he decided to expose some other things he knew as postulated in the first video below or was currently investigating. Was he, like Michael Hastings, getting too close for comfort, too high risk?

The San Francisco Medical Examiner is already saying it may be months before the cause of death is released. Why, if no foul play is suspected? Or do they need time to cremate the remains as they did with Hastings so no foul play CAN be proven?

Or perhaps they need time to fudge his medical records with some deadly health condition he kept from his loved ones? Or perhaps they need to be sure they all get their stories straight so they don’t screw up as they’ve done before with myriad inconsistencies. These are all questions that go through my mind, but maybe I’m just a crazy conspiracy theorist…

If you don’t know Jack, have a look at this. He certainly seems healthy to me.

July 26, 2013

Barnaby Jack

Barnaby Michael Douglas Jack (November 22, 1977 – July 25, 2013

Security researcher Barnaby Jack has passed away in San Francisco, only days before a scheduled appearance at a Las Vegas hacker conference where he intended to show how an ordinary pacemaker could be compromised in order to kill a man.

Jack, who previously presented hacks involving ATMs and insulin pumps at the annual Black Hat conference in Vegas, was confirmed dead Friday morning by the San Francisco Medical Examiner’s office, Reuters reported. He passed away Thursday this week, but the office declined to offer any more details at this time.

Jack’s death came one week to the day before he was scheduled to detail one of his most recent exploits in a Black Hat talk called “Implantable Medical Devices: Hacking Humans.”

I was intrigued by the fact that these critical life devices communicate wirelessly. I decided to look at pacemakers and ICDs (implantable cardioverter defibrillators) to see if they communicated securely and if it would be possible for an attacker to remotely control these devices,” Jack told Vice last month.

Black Hat’s organizers will not be filling Jack’s spot at the event as a mark of respect for a legendary and irreplaceable” man. Security firm IOActive also tweeted their condolences in homage of their“beloved pirate.”

After around six months of research, Jack said he developed a way to hack one of those devices remotely and send it a high-voltage shock from upwards of 50 feet away.

If the devices can be accessed remotely, there’s always a potential for abuse,” he told Vice tech reporter William Alexander.

In a blog post earlier this year, Jack said he was influenced by a recent episode of the television program “Homeland,” in which a terrorist remotely hacked the pacemaker of the United States vice president.

Reuters/Arnd Wiegmann
Reuters/Arnd Wiegmann

In my professional opinion, the episode was not too far off the mark,” he wrote.

When Alexander asked Jack if a government official outfitted with a pacemaker would be vulnerable to assassination from a hacker, the researcher remarked, “I wouldn’t feel comfortable speculating about such a scenario.”

Although the threat of a malicious attack to anyone with an implantable device is slim, we want to mitigate these risks no matter how minor,” he wrote on his blog post. At the time, Jack said the vulnerability was being discussed with medical device manufacturers.

Over the past year, we’ve become increasingly aware of cyber security vulnerabilities in incidents that have been reported to us,” William Maisel, deputy director for science at the FDA’s Center for Devices and Radiological Health, told Reuters. “Hundreds of medical devices have been affected, involving dozens of manufacturers.”

At previous Black Hat talks, Jack detailed how he emulated a stunt found in the movie Terminator 2 that allowed him to remotely hack an automatic teller machine. In addition to being able to read credit card numbers and PINs inputted by another user, Jack also showed how a USB drive could be implanted in an ATM which would override the machine’s firmware and allow a hacker to take control.

In another presentation, Jack said he could hack insulin pumps to order the machines to deliver lethal doses to patients, in turn killing them.

We notified the manufacturer of the vulnerability and it will be fixed with the next insulin pump revision,” he told Vice.

Jack’s most recent employer, security firm IOActive, said in a statement, “Lost but never forgotten our beloved pirate, Barnaby Jack has passed. He was a master hacker and dear friend. Here’s to you Barnes!”

Black Hat is scheduled to begin Wednesday in Las Vegas, with a presentation by NSA Chief Gen. Keith Alexander. It will be immediately followed by the Def Con hacker conference, which will be taking place just down the road. Researchers at Def Con plan to demonstrate various high-profile hacks, including how modern cars can be compromised.

Source

Watch him hack an ATM. He could make them spew cash in a splashy way—like a one-armed bandit in a casino! Brilliant. It’s a good thing he warned ATM manufacturers about this breach before someone else shared the wealth.

 

Cabal & Media Blaming Middle East for Cyber Attacks on U.S. Banks

This is just one more way to keep the sheeple paranoid and willing to support war in the Middle East. Don’t believe it. They’re blatantly targeting Iran. Absolute bull.

Ally is Latest Bank to Be Hit by Mideast Cyberattack

Oct 19, 2012

Reuters reported that Ally may be the latest bank targeted by Mideast cyberattacks. According to the Reuters article, Ally has “confirmed it was monitoring unusual activity on its web site.” It appears Ally has been able to handle the attack. The Ally spokeswoman told Reuters that “There has been no customer impact related to unusual activity, and there is no indication of security concerns pertaining to customer information.” I’ve been able to access Ally Bank’s website without problems in the last couple of days.

Earlier this week, Capital One and BB&T confirmed being hit by these attacks. Today, a reader posted in the forum that he has been unable to login into his Discover account. I have not yet seen any news reports about Discover Bank being attacked.

Reports of cyberattacks against major U.S. banks began in September. As I described in September, these attacks are what are called distributed denial-of-service (DDoS) attacks in which hackers can overload websites and make them inaccessible by others. There have been no reports that customer accounts have been compromised.

The latest reports from U.S. officials have indicated that the hackers have been supported by the Iranian government. Iran may be retaliating against sanctions that have hit its economy.

There are concerns that the banks are not adequately communicating the problems they have been experiencing. This WSJ article reviews the issue and describes cases in which Wells Fargo and Bank of America customer support were clueless about the recent disruptions.

The WSJ article also warns that these DDoS attacks may portend more serious threats:

Such attacks may appear like victimless crimes, but they sometimes augur more serious breaches because they occupy engineers’ attention and give attackers insight into how companies’ systems work.

One reader commented in my last post about how denial of service attacks have sometimes been combined with a redirection attack. In this case, online banking customers could be redirected to a hacker’s site that looks like the login page of their bank. This kind of attack is called pharming. The popular website Consumerist was recently offline for almost a week after hackers were able to redirect Consumerist pages to spam websites.

I have not heard recent reports of any pharming attacks on the banks, but it’s a good idea to be aware of this threat. That’s one reason why banks in the last few years have added additional steps to their login process in which they will display a predefined phrase or image known by the customer before the customer is asked to enter his/her password. Bank of America calls this SiteKey. It’s a good idea to be on the lookout for anything suspicious while you’re logging into your online bank accounts.

Source