Connect with us

Technology

Welcome to DarkSide – and the inexorable rise of ransomware | John Naughton

Published

on

On Friday 7 May, Colonial, the quaintly named operator of the pipeline that brings 45% of the US east coast’s gasoline and jet fuel from Texas to New York, announced that it had been hacked. My initial assumption was that this was Russian retaliation for the Biden administration’s punitive cyber-attacks on Russia in response to the SolarWinds hack. After all, if a pipeline like this isn’t “critical infrastructure”, what is? If so, were we not witnessing a significant escalation in information warfare between two nuclear-armed powers?

Fortunately, my overheated imagination turned out to be wrong, but the reality – in a way – is almost as interesting. On 10 May, the FBI announced that the attack on Colonial was caused by an outfit called DarkSide, which specialises in ransomware, and that the bureau had forced the company to halt its pipeline’s operations so that it could carry out a full investigation into the breach.

So who or what is DarkSide? According to Intel 471, a security company that surveys the teeming cybercriminal ecosystem of the internet, DarkSide was first spotted in November 2020 on a Russian-language hacker forum, advertising for partners for a ransomware service. What it was pitching was a platform that “approved” cybercriminals could use to infect companies with ransomware and carry out negotiations and payments with victims. “We are a new product on the market,” it burbled, “but that does not mean that we have no experience and came from nowhere. We received millions of dollars profit by partnering with other well-known cryptolockers. We created DarkSide because we didn’t find the perfect product for us. Now we have it.” Not long afterwards, its software was found to be behind several ransomware attacks on manufacturers and legal firms in Europe and the US.

According to Intel 471, in March 2021, DarkSide “rolled out a number of new features in an effort to attract new affiliates. These included versions for targeting Microsoft Windows- and Linux-based systems, enhanced encryption settings, a fully fledged and integrated feature built directly into the management panel that enabled affiliates to arrange calls meant to pressure victims into paying ransoms and a way to launch a distributed denial of service (DDoS).”

Note the reference to a “management panel”. In conventional software packages, this would be called a “dashboard”, a visual tool to enable non-technical managers to run a complex program without knowing anything about the code. The panel also seems to provide scripts for conducting negotiations with victims. Intel 471 monitored one of these conversations. “This is a lot of money,” the victim writes. “My management needs a better understanding of what data you may have taken. Can you provide proof that you have our data?” Answer: “Yes will provide a sample for you.” The victim continues: “When you receive payment you will not publish the attack or sell exfiltrated data?” Answer: “Of course not, you will get access to a server with data and will delete it yourself. Also we can provide you with a pentest [penetration test] report how you have been breached and what [you] need to improve.”

You get the picture. This is awfully like the kind of dialogue you would see in a conventional business negotiation. What it shows is what the security expert Ross Anderson has been pointing out for years: that cybercrime has been industrialised and that one can analyse it using the methods and economic concepts that one would use if studying any burgeoning line of business.

In that sense, public discourse about cybercrime and its practitioners is way behind the curve. As Ross and his colleagues have shown, criminals are rational actors, not lone hackers with poor hygiene and a penchant for pizza. They see what they do as a low-risk activity with very high profit margins. And they operate in a networked world in which even large and wealthy companies are still failing to take computer security seriously. The significance of the Colonial hack is its confirmation of cybercrime as a major new industry.

Many years ago, I got my first insight into this underworld when a senior police officer took me on a virtual tour of this netherworld. We looked at the online markets in which stolen personal details were traded and the different prices at which various “products” were bought and sold. (PayPal logins attracted premium prices at the time; maybe they still do.) What it looked like was eBay for crooks. And the most striking thing was that in these marketplaces the traders seemed as anxious as you or I would be to establish reputations for reliability and quality. In some cases, there were even star rating systems like you’d see on Uber or, for that matter, on eBay. There may be honour among thieves, as the saying goes, but they still fretted about their online reputations. And DarkSide’s claim that it has occasionally donated some of its profits to charity suggests an interesting new interpretation of “corporate responsibility”. It’s time we wised up to this new reality.

What I’ve been reading

Picture perfect
Obscura No More is a lovely essay in the American Scholar by Andy Grundberg on the rise of photography as an art form.

Pandemic pandemonium
The origin of Covid: Did people or nature open Pandora’s box at Wuhan? is a great piece of analysis by Nicholas Wade in the Bulletin of the Atomic Scientists.

Ready for future shocks?
What Is Ours Is Only Ours to Give is an excellent essay by Maria Farrell on the Crooked Timber blog triggered by Kim Stanley Robinson’s new novel, The Ministry for the Future.

Source link

Technology

2021 iPhone photography awards – in pictures | Technology

Published

on

The 14th annual iPhone photography awards offer glimpses of beauty, hope and the endurance of the human spirit. Out of thousands of submissions, photojournalist Istvan Kerekes of Hungary was named the grand prize winner for his image Transylvanian Shepherds. In it, two rugged shepherds traverse an equally rugged industrial landscape, bearing a pair of lambs in their arms.

Source link

Continue Reading

Technology

With Alphabet’s legendary commitment to products, we can’t wait to see what its robotics biz Intrinsic achieves • The Register

Published

on

Alphabet today launched its latest tech startup, Intrinsic, which aims to build commercial software that will power industrial robots.

Intrinsic will focus on developing software control tools for industrial robots used in manufacturing, we’re told. Its pitch is that the days of humans having to manually program and adjust a robot’s every move are over, and that mechanical bots should be more autonomous and smart, thanks to advances in artificial intelligence and leaps in training techniques.

This could make robots easier to direct – give them a task, and they’ll figure out the specifics – and more efficient – the AI can work out the best way to achieve its goal.

“Over the last few years, our team has been exploring how to give industrial robots the ability to sense, learn, and automatically make adjustments as they’re completing tasks, so they work in a wider range of settings and applications,” said CEO Wendy Tan White.

“Working in collaboration with teams across Alphabet, and with our partners in real-world manufacturing settings, we’ve been testing software that uses techniques like automated perception, deep learning, reinforcement learning, motion planning, simulation, and force control.”

Tan White – a British entrepreneur and investor who was made an MBE by the Queen in 2016 for her services to the tech industry – will leave her role as vice president of X, Alphabet’s moonshot R&D lab, to concentrate on Intrinsic.

She earlier co-founded and was CEO of website-building biz Moonfruit, and helped multiple early-stage companies get up and running as a general partner at Entrepreneur First, a tech accelerator. She is also a board trustee of the UK’s Alan Turing Institute, and member of Blighty’s Digital Economic Council.

“I loved the role I played in creating platforms that inspired the imagination and entrepreneurship of people all over the world, and I’ve recently stepped into a similar opportunity: I’m delighted to share that I’m now leading Intrinsic, a new Alphabet company,” she said.

The new outfit is another venture to emerge from Google-parent Alphabet’s X labs, along with Waymo, the self-driving car startup; and Verily, a biotech biz. ®

Source link

Continue Reading

Technology

Charles River to create 90 new jobs at Ballina biologics site

Published

on

Charles River is expanding its testing capabilities in Ballina as part of its partnership with Covid-19 vaccine manufacturer AstraZeneca.

Contract research organisation Charles River Laboratories is planning an €8m site expansion in Ballina to facilitate batch release testing for Covid-19 vaccines from AstraZeneca.

The expansion at the Mayo site will create an additional 1,500 sq m of lab space and 90 highly skilled jobs in the area over the next three years.

Click here to check out the top sci-tech employers hiring right now.

The company provides longstanding partners AstraZeneca with outsourced regulated safety and development support on a range of treatments and vaccines, including testing and facilitating the deployment of Vaxzevria for Covid-19 and Fluenz for seasonal infleunza.

The latest investment follows earlier expansions at the Ballina site and Charles River recently announced plans to establish a dedicated laboratory space to handle testing of SARS-CoV-2 and other similar pathogens that cause human disease.

“We are incredibly proud of the transformational changes we have implemented on site and the role that Charles River has played in supporting the safe and timely roll-out of AstraZeneca’s Covid-19 vaccine,” said Liam McHale, site director for Charles River Ballina.

“Throughout the pandemic, our site remained fully operational while keeping our employees safe and having a positive impact on human health. Our expanded facility will provide us with the increased capacity needed to continue the essential services we provide to our clients.”

Charles River acquired the Ballina facility, which focuses on biologics testing, in 2002. The company employs 230 people at its two facilities in Ireland, including the Mayo site and a site in Dublin, established in 2017, which serves as the EMEA and APAC headquarters for the company’s microbial solutions division.

IDA Ireland is supporting the expansion. Mary Buckley, executive director of the agency, said Charles River is an “employer of long standing” in Co Mayo.

“The enhancement of its product lines and the development of additional capability at the Ballina facility is most welcome,” she added. “Today’s announcement is strongly aligned to IDA Ireland’s regional pillar and its continued commitment to winning jobs and investment in regional locations.”

Dan Wygal, country president for AstraZeneca Ireland, added: “Our Covid-19 vaccine, Vaxzevria, undergoes extremely robust safety and quality testing prior to becoming available for patients. We are committed to bringing safe, effective vaccines to Ireland and other markets as quickly as possible, and Charles River will continue to be an important partner in this regard.”

Source link

Continue Reading

Trending

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates 
directly on your inbox.

You have Successfully Subscribed!