Tech Friday with Dave Hatter- February 14th 2020 - SPONSORED BY INTRUST IT


  • Big week for patches:
  • Projected images fool autonomous vehicles:
    • Researchers from Ben-Gurion University of the Negev reported that the autopilot systems by cards including the including the Tesla Model X can be tricked by images projected on the road or on nearby billboards,
    • These images caused the cars to brake or veer into oncoming traffic lanes, which could be exploited by hackers
    • The issue stems from advanced driving assistance systems (ADAS)
    • The spoofing attacks are not security vulnerabilities but "reflect a fundamental flaw of models that detect objects that were not trained to distinguish between real and fake objects"
    • They were able to cause aTesla Model X to brake suddenly due to a spoofed image or a person projected in front of the car
    • In another case, a Tesla Model X’s system changed lanes into oncoming traffic when spoofed lanes were projected
    • Researchers said that they were able to create “phantom” images that appeared and obstacle in the road and in some cases, the systems believed that they were legitimate
    • Researchers indicated these spoofing attacks have not yet been encountered in the wild, but warn that they don't require any special expertise or complex tools or preparation
    • "The absence of deployed vehicular communication systems, which prevents the advanced driving assistance systems (ADASs) and autopilots of semi/fully autonomous cars to validate their virtual perception regarding the physical environment surrounding the car with a third party, has been exploited in various attacks suggested by researchers" - Ben-Gurion research team
    • Tesla told the BenGurion team that it would not "comment" on the findings because it involved an "experimental" stop sign recognition system for the autopilot which changed the configuration of the vehicle
    • Read the research here:https://www.nassiben.com/phantoms
  • Foreign Threats More Numerous, Sophisticated as 2020 Election Looms, Official Says:
    • There are been well-known issues with election security in the past
    • US intelligence agencies, former special counsel Robert Mueller and the Senate Intelligence Committee have all concluded that Russia interfered in the 2016 election through hacking and disinformation
    • With the presidential election just around the corner and recent Iranian tensions flaring, cyber concerns are top of mind in DC
    • In addition to the presidential election, nationwide elections for the House and a third of the Senate will occur as well as many state and local elections
    • Officials at the federal, state and local levels say they will be watching carefully for efforts to interfere with the election
    • Former National Security Council senior director for Europe and Russia Fiona Hill testified recently that "right now, Russia’s security services and their proxies have geared up to repeat their interference in the 2020 election"
  • "This is not a Russia-only problem," said Shelby Pierson, election threat executive within the Office of the Director of National Intelligence.
    • "Russia, China, Iran, North Korea, [and] non-state hacktivists all have opportunity, means, and potentially motive to come after the United States in the 2020 election to accomplish their goals." Pearson
    • Congress has appropriated funds for state and local election officials to improve election security efforts. They sent $380 million to the states in 2018, and an additional $425 million this month
    • In 2018 Congress clarified that cyber actions that fall below the use of force can be conducted as "traditional military activities" rather than covert activities giving Cyber Command new options go on the offensive against US enemies
    • A former US official said "There is a night-and-day difference between 2016 and this" in regards to Cyber Command's possible activity under the new rules
    • This will be the first major test of efforts to improve security since the 2016 election
    • Sen. Ron Johnson, chairman of the Senate Homeland Security and Governmental Affairs Committee, told The Hill he "definitely intends" to hold a hearing on election security in 2020
    • The Senate Intelligence Committee is also expected to release the third of five reports based on its investigation into Russian interference in the 2016 elections in January
    • U.S. government officials have issued several warnings that countries including Russia, China, Iran and North Korea as well as "hacktivists" were likley to target the upcoming election
    • Shelby Pierson - Intelligence Community Election Threat Executive said a key part of the post-2016 improvements made to election security involve notifying victims more promptly
    • A group of federal agencies incuding the FBI released a framework for how disclosures to private entities, congressional stakeholders, presidential candidates and the public would work in late 2019
    • "What we're trying to do now is handle this in real time…we're not trying to simply intellectually look back on what occurs in 2021 past inauguration" - Pierson
    • "What we want to do is be able to affect this in real time and so that we have fair, safe elections from foreign interference," Shelby Pierson - Intelligence Community Election Threat Executive
    • Most election infrastructure is owned and operated by local governments
    • Protecting the integrity of elections in the United States against criminal activity and national security threats is among the top priorities of the DOJ and the FBI
    • The FBI’s new policy recognizes the necessity of notifying responsible state and local officials of credible cyber threats to election infrastructure
    • The intent of the new FBI policy will result in increased collaboration between all levels of government for the integrity and security of U.S. elections
    • Previously, the FBI notified only the affected counties, not the election officials for the entire state. Now the FBI will expand its notifications about hacks affecting election infrastructure and include state-level officials, as well as local and county authorities
    • Another issue is the recent concerns raise about Huawei backdoors
    • Huawei's equipment occupies every step of the network chain between our laptops and phones through to the data centres hosting the content we want to access
    • Three of the five countries in the Five Eyes intelligence alliance, the US, Australia, and New Zealand have effectively prohibited the installation of Huawei equipment
    • You can read the FBI press release here:https://www.fbi.gov/news/pressrel/press-releases/fbi-announces-new-policy-for-notifying-state-and-local-election-officials-of-cyber-intrusions-affecting-election-infrastructure

Best Regards,