Thursday, October 23, 2014

BBC: US 'probes hackable flaws' in medical devices

23 October 2014 Last updated at 08:52 ET  BBC

The US government is reported to fear that pacemakers could be hacked
US officials have revealed they are investigating about two dozen suspected examples of medical equipment vulnerable to hack attacks, potentially putting patients' lives at risk.
The products include heart implants and drug infusion pumps, according to a report by the Reuters news agency.

It said investigators were concerned that flaws in the kit could be used to cause heart attacks and drug overdoses.

There are no known examples of deaths having happened this way.

One expert suggested that investigators' efforts would better channelled elsewhere.

But the Department of Homeland Security indicated its fears were justified.

"It isn't out of the realm of the possible to cause severe injury or death," an unidentified government official told Reuters.

"These are the things that shows like Homeland are built from."

The TV series Homeland featured a plot in which a fictional US vice-president was targeted via his pacemaker.

There have been warnings that drug overdoses could be given by internet-connected kit

Dick Cheney, who was vice-president under President George W Bush, later revealed he had feared a similar attack and had the wireless connectivity of his pacemaker disabled.

Hacked pumps
The inquiry is reportedly being co-ordinated by the US Department of Homeland Security's Industrial Control Systems Cyber Emergency Response Team (ICS-Cert).

It is said to also cover medical imaging equipment and hospital networking systems.

The probe is reportedly an extension of research by Barnaby Jack, a security expert who died in July 2013, a week before he was scheduled to give a talk on the topic at the Black Hat conference.

He had earlier told the BBC about a way he had found to compromise insulin pumps used by diabetic patients, which connected to the internet to get updates.

"We can influence any pump within a 300ft [91m] range," Mr Jack told the BBC. "We can make that pump dispense its entire 300-unit reservoir of insulin and we can do that without requiring its ID number."
Barnaby Jack spoke to the BBC in 2012 about medical device hacks
Reuters said that government staff told it they were working with device-makers to identify and patch software bugs and other vulnerabilities.

Three manufacturers, whose kit is believed to affected, told the news agency that they had already made safety improvements, but declined to provide specifics. The BBC requested further comment and one of the firms, Medtronic, provided a statement.

"We are committed to addressing the industry-wide issue of wireless hacking," it said.

"We believe the risk to an individual customer is low and the therapeutic benefits of our cardiac devices for treating heart conditions and insulin pumps for diabetes far outweigh this risk.

"Medtronic has already taken a number of concrete actions to enhance device security and... will assess whether additional security measures can be implemented without compromising the therapy that the device is designed to deliver to patients."

However, one expert suggested that the danger of such hacks was minor when compared with the risks caused by another tech-related problem with medical equipment - inconsistent user interfaces - and that efforts would be better spent on that issue.

"We've got no documented cases of people being killed as a result of hacking of medical equipment, but there are many instances of people dying as a result of safety usability failures," said Ross Anderson, professor of security engineering at the University of Cambridge.

"You can find instances of pumps from the same manufacturer where the up key and the down key might be '2' and '5' on one pump and '2' and '7' on another - the design of some medical equipment interfaces is as careless as the design of aircraft cockpits was in the 1930s.

"And there have been tragic cases, not just of kids being killed when they are given 10 times the dosage of morphine or whatever, but of nurses who are blamed for this subsequently committing suicide."

Lessons in cybersecurity launched for schoolchildren (across the UK)

The Telegraph

Secondary pupils across the UK will take part in cybersecurity lessons as Cabinet funded resources are launched in response to the rising industry skills gap

In cyber security, there will be many more jobs than candidates in the next 20 years Photo: Alamy

By Josie Gurney-Read, Online Education Editor
9:34AM BST 23 Oct 2014

Lessons in cybersecurity will be delivered to schoolchildren across the UK in response to growing concerns about a rising skills gap in the industry.

Resources funded by the Cabinet Office and backed by the National Crime Agency will include case studies of international cybercrime attacks and lessons on cryptography and malware.

The plans, which have been designed to give secondary school students an insight into the industry, have been developed to allow teachers to embed cybersecurity lessons into traditional curricular subjects as well as computing.

Teenagers involved in the lessons will be taught about the importance of firewalls, will learn about key malware threats currently facing the UK, and will also gain an understanding of the career opportunities within the industry.

While it is hoped that these resources could play a part in filling the skills gap which is set to increase over the next twenty years, leading industry experts have called for cybersecurity to be made a part of the curriculum.

Stephanie Daman, CEO of the Cyber Security Challenge UK, said that knowing how to operate in the digital environment and understanding the pitfalls of the Internet were “fundamental to the way we live”.

“I do feel pretty passionately that we need to have the right things in the curriculum,” she said. “One of the reasons we don’t get people into cybersecurity is because they stop doing STEM subjects.

“The kids that are coming through the programme now are not going to fill our immediate need, but it’s like everything else, it’s where we have fallen down in the past; we hadn’t planned at a sufficiently early stage, we hadn’t primed the pipeline. That’s why we have a skills gap now.”

Further to the lesson plans for secondary school pupils, the organisation also recently launched a massive open online course (MOOC), open to people of all ages and developed by the Open University in partnership with BIS, GCHQ and the Cabinet Office.

However, the lessons, launched yesterday at Sedgehill School in London, have been developed specifically for pupils aged 11 to 16.

Ken Mackenzie, head of at Sedgehill School, said that presenting students with the opportunities to expand their digital skills was one of the key reasons why the school signed up.

“Students at our school may live in London but they don’t necessarily experience London in the same way that students from more affluent backgrounds would. We feel computing is a particular strength at the school and we work hard to make sure we are presenting students with a full range of opportunities.”

However, Mr Mackenzie also stressed that, aside from enhancing digital skills, the focus on careers was one that appealed to the school.

“Because of the community we serve, we start careers guidance very early on. These are conversations that take place both formally and informally,” he said.

“In order to put people in charge of their futures, we need to give them all the information we can, so that they can make informed decisions. This guidance is, sadly, not something a lot of our students get at home.”

Rob Partridge, head of BT’s Security Academy, contributed to the lesson plans. Speaking to the Telegraph, he emphasised the need to find a work force to fill the jobs anticipated over the next two decades.

“Looking at recent statistics, in cybersecurity there will be more jobs than candidates in the next twenty years,” he said. “To make sure we have those people, we need to develop our own workforce, we need to go back to grassroots level, to key stage one and key stage two teaching, to make sure the computing curriculum is taught properly in schools.”

While he voiced support for the inclusion of cybersecurity within the computing curriculum, Partridge said that embedding lessons within the traditional curriculum was a step forward.

“The new computing curriculum is a brilliant step forward, but what we’ve tried to do is augment the traditional curriculum subjects.

“What we have tried to do, through these lesson plans, is provide teachers with learning resources that not only help them teach what’s on the maths curriculum, for example, but which also helps them teach cybersecurity.”

NPR: Who's Catching Your Cellphone Conversations?

October 21, 2014 2:39 PM ET

The police could be monitoring your cellphone.iStockphoto
With the right equipment, people can hijack your cellphone, listen to your calls and read your texts, alarming privacy rights advocates and tech experts alike.

We know the eavesdropping is happening, but we don't know much about who's doing the listening. The police and other law enforcement agencies do it, but they have been restricted by the FBI from telling us about it. Beyond the police, the listeners could be the U.S. government, corporate spies or even foreign intelligence agencies.

The devices, known as IMSI catchers or by a brand name, Stingray, used to be expensive, bulky and hard to purchase. Now they can be bought online for as little as $1,800 and can be as small as a briefcase.

"Today, a tech-savvy criminal or hobbyist can even build one using off-the-shelf equipment,"writes Stephanie Pell, a cyberethics fellow at the Army Cyber Institute at West Point.

IMSI catchers trick cellphones into thinking they're connected, as normal, to a network like Verizon or AT&T. But the devices hijack the phone's signal, and in some cases, intercept the contents of calls and texts. The IMSI catchers take advantage of a vulnerability built into the system. Phones using 3G or 4G technology can authenticate cell towers, but phones on older 2G systems cannot tell between real and fake towers.

An IMSI catcher blocks the smarter 3G and 4G signals, forcing phones in the area to switch to the unsecured 2G service — something that phones also do routinely in more rural areas, where 2G service is widespread. The IMSI catcher then poses as a tower and "catches" signals.

IMSI catchers — the letters stand for International Mobile Subscriber Identity, a code unique to each phone — have gotten little media attention. But in August, Popular Science published a map showing the locations of a large number of IMSI catchers, or interceptors, spread throughout the U.S.

Now, there's an arm's race on between the technology used to intercept cellphone calls and the technology used to detect that technology.

The map was made by a company that sells a device, called a GSMK CryptoPhone, that can detect the interceptors — known as an IMSI catcher-catcher. ESD America says that it and its customers have used the CryptoPhone to find some 500 of the fake cell towers.

"Interceptor use in the U.S. is much higher than people had anticipated," ESD CEO Les Goldsmith told Popular Science. "One of our customers took a road trip from Florida to North Carolina and he found 8 different interceptors on that trip."

The CryptoPhone, which sells for $3,500, is built onto a Samsung Galaxy SIII phone.

In September, another CryptoPhone marketing executive drove around Washington, D.C., looking for signs of IMSI catchers. He said he found 18 in less than two days.

The map of those locations is unnerving. "It looks," writes Ashkan Soltani of The Washington Post, "like a primer on the geography of Washington power, with the surveillance devices reportedly near the White House, the Capitol, foreign embassies and the cluster of federal contractors near Dulles International Airport."

Granted, these executives will profit from sales of the CryptoPhone. Some security experts are skeptical that the CryptoPhone can pinpoint with accuracy the location of the IMSI catchers.

But there's enough evidence to alarm others, including the Federal Communications Commission, which set up a task force in August "to combat the illicit and unauthorized use of IMSI catchers." Set up in response to congressional questioning, the task force will study the extent of IMSI catcher use by criminal gangs and foreign intelligence services.

Pell, of the Army Cyber Institute, says the real issue is the cell system's underlying vulnerability. She sees it as a threat to national cybersecurity.

"Whatever effective monopoly the U.S. government once had over the use of IMSI catchers is now gone," Pell writes in Wired. Fixing that flaw would hinder some law enforcement efforts, but that cost is outweighed by the benefit of knowing no foreign elements are listening in on government officials' conversations, she says.

We know more about police using Stingrays — often from the trail of objections by privacy rights advocates — but we still don't know much.

The FBI, Secret Service, National Security Agency and at least nine other national agencies use IMSI catchers, according to the American Civil Liberties Union.

Some 46 local agencies in 18 states use the technology — but because most acquire Stingrays secretly, that number "dramatically underrepresents the actual use of stingrays by law enforcement agencies," the ACLU says.

Local police acquire Stingrays secretly, an FBI requirement. Before using the technology, police departments must sign nondisclosure agreements promising not to release Stingray details to the public, according to documents obtained in September by the websiteMuckRock under a Freedom of Information Act request.

The Florida-based Harris Corp., maker of the Stingray, notifies the FBI and FCC when police request the technology, and the FBI then requires the nondisclosure agreement. The arrangement is a condition of Harris' FCC equipment authorization, explains Nathan Wessler, an attorney with the ACLU.

That secrecy — along with grants from the Department of Homeland Security — has allowed police to get and use Stingrays without local approval or oversight, he says. When the ACLU sued the Tucson, Ariz., police for Stingray records, an FBI agent invoked the FBI nondisclosure agreement as a reason to keep the information secret, Wessler says.

When police use them against potential suspects, they can sweep up information from the cellphones of dozens or even hundreds of bystanders. They do these sweeps without warrants and without telling the public how much information they keep or for how long, Wessler says.

"I do think the average person should be concerned about this," he says.

"Information about where we are and where we go over the course of time can reveal sensitive information about our lives," he says. "Whether we visit a psychologist, go to an AA meeting, stop off at a liquor store after work, who we spend time with: That information should be private."

Wednesday, October 22, 2014

What Makes Cellphone Coverage Vary?

October 22, 2014

Pots and Pans

It seems I have been writing about cellphones for a few days, so I thought I would cover a question that I have been asked many times. I travel a lot and it’s not unusual to sit next to somebody and note that the two of you are having a very different cellular experience. One of you may be getting one bar for data and voice while the other might be getting four, sitting only a few feet apart. What explains this difference in cellular performance? I will start with the obvious explanations, but sometimes the differences are due to more subtle issues.

Who is your carrier? Both people might have an iPhone, but if one has Verizon and the other has AT&T the experience is different because both are connected to completely different technologies and totally separate networks. AT&T and T-Mobile use GSM (Global System for Mobile) technology, the technology that is used in most of the rest of the world. But Verizon and Sprint use CDMA (Code Division Multiple Access) technology. These technologies are so different that a handset that is made only for one technology won’t work on the other. This is why you can’t take your Verizon handset to most of the rest of the world when you travel.

Who’s on the nearest tower? I’ve often been driving with somebody and hear them be glad to see an upcoming cell tower because they assume this means they’ll get better coverage. But you can’t assume this because not every carrier is on every cell tower. There are a large number of cell towers in the country. Some of these are owned by the wireless carriers but many are leased. The cellular companies look at available towers and then cobble together the combination of towers that make the most effective and cost-efficient network for them.

This task has gotten hard for the carriers because of the fact that cellphones now carry data. The original cell tower network with all of the giant towers was created back when cellphones only carried voice. But now that the networks are deploying data and using higher frequencies it turns out that a more ideal network would place the towers closer together than the traditional locations. This is causing massive reconfigurations of the networks as the carriers try to improve data reception.

Cell sites get busy. Or said another way, any one carrier on a tower might get busy while another carrier might not be busy. As cell sites get busy they do a couple of things to handle the excess traffic. Most carriers still give preference to voice over data, so as more voice calls are added to a network the amount of bandwidth allocated to data is often choked down (but not always). And eventually the tower site refuses to add new customers. But when sites get busy the performance normally degrades.

You might be roaming. Roaming is when a customer is riding a different network than the one to which they subscribe. If you are an AT&T customer and are roaming on a T-Mobile site, you will not get the same priority as a T-Mobile customer. This might mean getting slower data speeds if the site becomes busy, and it could also mean being booted from the site as it becomes full.

Spectrum is not created equal. There is not just one spectrum being used for cellular data. There are already nearly a dozen different slices of spectrum being used and the FCC is going to be auctioning more over the next two years. Every time you move to a different cell site you might be changing the frequency you are using. Carriers not only cobble together a network of the ideal cell sites, but they also play a chess game of deciding which spectrum to deploy at each tower. None of the carriers owns all of the different spectrum available, and the spectrums they own in different cities can be drastically different. This means getting four bars at your home might not give you the same experience as getting four bars when you are traveling.

What your phone allows. Perhaps one of the biggest differences in reception is that each cellphone maker decides what spectrum a given handset is going to receive. It costs a lot of energy, meaning battery time, for a phone to always search on all of the different frequencies. So different handsets allow different frequency bands. This is why LTE coverage differs so widely because there are many sets that don’t even see some of the LTE frequencies. All handsets look for the basic cellular bands, but only the most expensive sets are designed to look for almost everything out there. And as more cellular bands are allowed into the mix this will get more pronounced. Of course, you have to read very deep into the specifications of your phone to understand what it does and does not receive. Good luck asking that question at the cellphone store.

Plain old interference. Every cellular frequency has a different propagation characteristic. If you and the guy next to you are talking on different frequencies then you each will be dealing with a different set of interference. This is one of the reasons that cellular coverage is so wonky in complicated buildings like airports and hospitals. Each cellular frequency is likely to find a different set of problems in a complex environment and one frequency might get killed in a given part of the airport while another is fine. This is why you might find yourself walking around trying to find a signal while people around you are still talking.

Tuesday, October 21, 2014

CompTIA Brings New IT Fundamentals Certification to Users

Oct 20, 2014Michael Cusanelli  The VAR Guy

CompTIA is introducing a new IT Fundamentals exam to help industry newcomers learn essential terminology and concepts.

Todd Thibodeaux, president and chief executive officer at CompTIA
CompTIA’s new IT Fundamentals certification exam is now available, the company announced, covering a range of IT topics and provide a solid understanding in the technology concepts and practices organizations use today.

The exam is designed for individuals looking to get a basis for the different types of terminology used in the IT field and to help new additions to the industry get up to speed with their coworkers. The exam covers five topics, including software, hardware, security, networking and basic IT literacy, according to the company. CompTIA also recommends the exam for companies looking to promote and verify basic fluency in IT terminology and concepts among employees.