Search Results

Submitted by: Daryl Haegley, Director, Mission Assurance & Cyber Deterrence at Dod FYSA  www.dc3.mil DC3’s mission is to deliver superior digital and multimedia (D/MM) forensic services, cyber technical training, vulnerability sharing, technical solutions development, and cyber analysis within the following DoD mission areas: cybersecurity and critical infrastructure protection, law enforcement and counterintelligence, document and media exploitation, and counterterrorism. Kristopher Johnson, Director Check out the PowerPoint Below

Submitted by: Daryl Haegley, Director, Mission Assurance & Cyber Deterrence at Dod https://www.smartcitiesdive.com/news/visionaries-advancing-water-infrastructure-SUEZ/578555/ Visionaries must step forward to advance water infrastructure The current crisis has made clear that access to clean water is closely related to our ability to withstand shocks to the system. Sustainable infrastructure should be a vision we can all get behind. Editor's Note: The following is a guest post from Jon Freedman, head of global government affairs for SUEZ's Water Technologies & Solutions (WTS) business unit. The past few months have been difficult for everyone. Across the U.S., people from all walks of life are worried about their health and their financial well-being, but I’ve also talked to more and more people over the last few weeks who see past the fear and the doubt. There’s a growing feeling that this moment in history is an opportunity for significant change. As leaders look for ways to jumpstart the economy when states begin lifting stay-at-home orders, it’s time to consider investments in sustainable, resilient infrastructure that addresses the needs of communities now, and for decades to come. Getting beyond table stakes If the coming years follow the playbook of nearly every economic crisis we’ve seen in the past 80 years, we should expect governments at home and around the world to engage in major infrastructure projects to spur economic activity for long-term recovery. There are many water infrastructure projects that are shovel-ready or close to it, that could encourage immediate economic activity. Even without a stimulus, infrastructure repair in the U.S. is sorely needed. Every four years, the American Society of Civil Engineers grades the condition and safety of U.S. roads, bridges, water systems, dams, airports and railways. Since the 1980s, these critical assets have averaged a D+. At this point in time, funding these projects are table stakes. Projects should be selected not only for their ability to stimulate the economy, but for their ability to reduce pollution, restore ecosystems, or address the impacts of climate change such as water scarcity. Consider, for example, the construction of a new wastewater treatment plant in a fast-growing, water-scarce region of the country. Building an ordinary wastewater treatment plant could easily perform the first-order goal of spurring more economic activity. Some wastewater treatment plants, however, are more sustainable than others. At nearly all plants in the U.S., water is usually discharged back into local rivers, lakes or oceans after treatment. It’s used once, then sent away, a practice that is especially wasteful in water scarce areas of the U.S. One way of cementing the sustainability of water infrastructure is the encouragement of water reuse, or water recycling. Water recycling programs fully or partially treat wastewater for other uses, such as for irrigation — creating a circular, sustainable use of resources. Reuse projects have helped increase the supply of drinking water, build sustainable irrigation systems for agriculture and landscaping, and restore groundwater supplies. Recycled water can also be used for industrial purposes, such as cooling water, encouraging economic development in water scarce areas that might not have traditionally been able to support heavy industry, or even data centers. There is currently a simmering debate in Congress over the next wave of stimulus. House Speaker Nancy Pelosi has recently floated a $760 billion, five-year infrastructure package that sets aside up to $80 billion for water infrastructure, and $8 billion per year for wastewater plants — a five-fold increase over typical appropriations. At the same time, committees in both houses of Congress have begun work on the reauthorization of the Safe Drinking Water Act that will likely include funding for water infrastructure. But even without stimulus funding, Congress can take several important steps to encourage investments in sustainable infrastructure. For example, Congress could enact investment tax credits tailored to encourage sustainable water practices among industrial water users. The vast majority of companies have active environment and sustainability goals, but the cost of some major upgrades combined with generally low water costs often makes it difficult for companies to recoup their investment. Targeted tax credits, which shorten the time it takes for companies to realize value on new investments in water sustainability, could also be linked to increased energy efficiency, thereby resulting in building water sustainability and resilience while reducing greenhouse gas emissions. Turning crisis into opportunity The current health crisis will end one day. What will remain in its wake is an opportunity to learn from the situation and to build resiliency for future crises. What has this crisis taught us? We’ve learned that there are broad social benefits to making sure people have access to clean water while being asked to stay indoors. Water utilities across the country have suspended shutoffs and reconnected water service for people who had been living without. Avoiding the worst effects of the next crisis will require the development of mechanisms that protect financial and operational viability of utilities. Ensuring their resilience requires investment. A recent poll from the Value of Water Campaign, conducted as the coronavirus crisis began to unfold in the U.S., showed widespread support for increased federal investment to rebuild the nation’s water infrastructure, with 73% of respondents supporting investment to increase resilience to climate change. Water scarcity in communities across the globe is closely related to climate change, and we found in a separate poll that nearly 70% of Americans listed water scarcity as one of their top environmental concerns. For respondents in the Northwest and Northeast portions of the country, water scarcity was their top climate-related concern. The current crisis has made clear that access to clean water is closely related to our ability to withstand shocks to the system. Building sustainable infrastructure should be a vision we can all get behind. Thanks to => John Gaffigan of Fend, Inc. => for forwarding

Submitted by: Daryl Haegley, Director, Mission Assurance & Cyber Deterrence at Dod ICSJWG 2020 VIRTUAL SPRING MEETING June 9 - 10, 2020 We are very pleased to announce the 2020 Virtual Spring Meeting!. Meeting Registration is now open! We are very pleased to open registration for our Virtual Meeting, from June 9th to June 10th.Please register for the meeting  https://gateway.on24.com/wcc/gateway/eliteCSRALLCamanagedaffiliate/2360375 no later than June 5, 2020. When at the registration site, users can see the entire agenda for each day, with abstracts of the presentations for each speaker. Note that registration is for the entire meeting, not just a single presentation (you do not have to register for each session you want to attend). There is no cost to attend this event. Overview We are excited about the offerings for the upcoming virtual meeting! The meeting will kick off on June 9th with an overview of the current CISA Mission by Director Christopher Krebs. The day will continue with an agenda filled with informative presentations. A Capture the Flag activity is available all-day June 9th and 10th.The CTF exposes analysts to hunting across ICS networks for malicious behavior, with puzzles appropriate for both the beginner and the experienced analyst. Challenges include artifacts generated from IT/OT host forensic data, network data (from both bro logs and pcap), and OT equipment actively being exploited by a threat actor. An Overview of CISA ICS Training will be provided on June 10th. The training series includes both a Foundational track and an Advanced track.The Foundational track provides basic ICS specific information including terms, types, architecture, cyber basics, Maturity Model review, data flow, network models, and more. The Advanced track includes assessment and evaluation processes and procedures, critical ICS risks and mitigations, analysis of captured ICS traffic to discover vulnerabilities, and more. The Technical Workshop will return on June 10th with both presentations and a demonstration. Presentation topics include the Open Source IR Toolkit, Low Level Forensics, OT/ICS Communication Protocols, Detecting Malicious Applications on Disk and in Memory (YARA and Volatility Introduction). The demonstration is on Improving Industrial Control System Security with Model-based Control Design and System Virtualization. Additional Information For additional information, please visit ourwebpage < https://www.us-cert.gov/ics/Industrial-Control-Systems-Joint-Working-Group-ICSJWG  or contact us at ICSJWG.Communications@cisa.dhs.gov Respectfully, ICSJWG Program Office, ICSJWG@cisa.dhs.gov < Caution-mailto:ICSJWG@cisa.dhs.gov >  Check out the documents below:

Submitted by: Daryl Haegley, Director, Mission Assurance & Cyber Deterrence at Dod https://www.cisa.gov/publication/cybersecurity-best-practices-for-industrial-control-systems From POLITICO today: KEEPING THE LIGHTS ON —CISA and the Energy Department joined with the U.K. National Cyber Security Centre on Friday to issue security guidance for industrial control system operators. The best-practices document offers high-level advice and appears designed for executives rather than IT administrators or chief information security officers; in addition to the actual security advice, it lists the potential impacts of a cyber incident, from short-term problems such as shutdowns to long-term troubles such as lawsuits. One section lists the most common IT and operational technology flaws that CISA saw in fiscal 2019, including porous boundary protections that allowed undetected incursions; authentication failures that made it difficult to trace breaches back to specific compromised accounts; and lack of fidelity to the “principle of least functionality,” magnifying the scope of damage that hackers could do. Accompanying the document’s “Defend ICS Processes Today” checklist, which lists cybersecurity basics such as “Disable unnecessary services, ports, and protocols,” is a forward-looking “Proactively Protect Tomorrow” section with advice about network architecture, security monitoring, supply chain security and risk management. Absent from the document, however, is advice for ICS component manufacturers and purchasers. CPS, ICS, IoT…which term applies to you? Cyber-Physical Systems and Control Systems (CPS/CS) include those systems referred to as industrial control systems (ICS), internet of things (IoT), operational technology (OT), platform information technology (PIT), and supervisory control and data acquisition (SCADA). Examples include but are not limited to: building automation systems; energy/utility monitoring and control systems; lighting; fire and life safety; physical security; fuel handling; logistics; medical; manufacturing; and weapons systems. Damage to or compromise of any CPS/CS may compromise a mission  or cause cascading failures if the CPS/CS is used as a gateway into an organization’s broader information networks.  Source: Report to the President on Strengthening the Nation’s Cybersecurity Workforce for Cyber-Physical Systems and Control Systems (CPS/CS) in accordance with Executive Order 13870, “America’s Cybersecurity Workforce.”

Submitted by: Daryl Haegley, Director, Mission Assurance & Cyber Deterrence at Dod Army to release white paper request seeking vendors through 4th iteration of "cyber innovation challenge" to "rapidly integrate innovative and novel capabilities" into the Persistent Cyber Training Environment (PCTE) platform https://insidedefense.com/insider/army-release-white-paper-request-persistent-cyber-training-environment Army to release white paper request for Persistent Cyber Training Environment By Jaspreet Gill / May 22, 2020 at 12:36 PM The Army later this year is planning to release a white paper request for the Persistent Cyber Training Environment and award a contract in the first quarter of fiscal year 2021. The service is seeking vendors through the fourth iteration of a "cyber innovation challenge" to "rapidly integrate innovative and novel capabilities" into the PCTE platform, according to a May 19 Army notice. The PCTE will provide the Defense Department cyber workforce a joint training environment that will enable cyberspace training, exercises, mission rehearsals, experimentations and more capabilities. The PCTE will be integrated into the Cyber Training, Readiness, Integration, Delivery and Enterprise Technology effort, for which the Army plans to award a contract next year. Specifically, the service is looking for solutions to address emerging U.S. Cyber Command operational priorities, including Cyber Mission Force assessment planning and analytics. The Army is looking for an assessment planning tool, visualizations and dashboards, a scoring engine and more capabilities tied to mission tasks. To address traffic generation priorities, the PCTE platform should "define, shape, control and record realistic traffic emulation capabilities" that mirror real-world activities and terrain. Specific areas of interest for the Army include network traffic layers, cyber traffic terrain and traffic command-and-control dashboards. The service will award a vendor for the PCTE through an other transaction agreement, according to the notice, and a request for white papers will be released in the fourth quarter of this fiscal year. Thanks to => Dan Bennett of National Renewable Energy Laboratory (NREL) =>for forwarding

Submitted by: Daryl Haegley, Director, Mission Assurance & Cyber Deterrence at Dod The National Aeronautics and Space Administration (NASA) has experienced an exponential increase in malware attacks and a doubling of agency devices trying to access malicious sites in the past few days as personnel work from home, the space agency's Office of the Chief Information Officer said on Monday. "A new wave of cyber-attacks is targeting Federal Agency Personnel, required to telework from home, during the [COVID-19] outbreak," officials wrote in a memo. The wave includes the doubling of email phishing attempts, an exponential increase in malware attacks on NASA systems, and double the number of mitigation-blocking of NASA systems trying to access malicious sites (often unknowingly) due to users accessing the Internet. The FBI has issued an alert over a persistent Kwampirs malware attack targeting the healthcare sector Tuesday. The healthcare sector supply chain attacks deploy Kwampirs Remote Access Trojan that exploits network vulnerabilities of the targeted organization. Attacks involving the Kwampirs malware have intensified during the ongoing COVID-19 crisis. The healthcare sector has become an easy target of the Kwampirs malware attacks due to the COVID-19 pandemic. Separately, Illinois is one of seven states that will offer Abbott Laboratories' new rapid response COVID-19 tests at Walgreens. Deerfield-based Walgreens announced Tuesday that drive-thru testing will be available at 15 locations across Arizona, Florida, Kentucky, Louisiana, Tennessee, Texas, and Illinois -- which are expected to be activated beginning later this week. Federal officials will choose the locations based on areas identified as outbreak "hot spots." Once they're ready, they'll test up to 3,000 people a day, and get positive or negative results within five minutes. U.S. Army researchers at Fort Detrick in Maryland have begun testing potential vaccines for the novel coronavirus on animals, officials said. The U.S. Army Medical Research Institute of Infectious Diseases in Frederick is testing on "non-human primates," said a U.S. Department of Defense official. According to the official, human trials on a small group of people would begin if the animal trials were successful.

Submitted by: Daryl Haegley, Director, Mission Assurance & Cyber Deterrence at Dod •          Introduction to Networking: How the Internet Works by Charles R. Severance:  Short but provides a very accessible introduction to the basics of networking.  Individuals who have taken Network+ or another introductory course may find it overly basic. •          Tubes: A Journey to the Center of the Internet by Andrew Blum: This book is essentially a travelogue focusing on the physical sites that make up the global internet architecture.  It provides a readable introduction to internet exchanges, peering, fiber-optic cable infrastructure, and other esoteric topics that are seldom addressed outside of niche publications (and certainly not as painlessly as they are handled by Blum). •          Worm: The First Digital War by Mark Bowden: The subtitle is misleading—the book definitely does not address a “digital war”—but Worm is nevertheless a very readable description of the global cybersecurity community’s attempts to battle the Conficker worm.  The technical descriptions of the malware are decent and the book does a good job of showing the multitude of government and private sector entities that must work together across national boundaries to degrade large-scale botnets. •          The Cuckoo’s Egg: Tracking a Spy Through the Maze of Computer Espionage by Cliff Stoll:  An entertaining and accessible classic of the cybersecurity literature canon.  Although it was written 20 years ago it is still pertinent today. •          Countdown to Zero Day: Stuxnet and the Launch of the World’s First Digital Weapon by Kim Zetter: Probably the best description of advanced malware available for non-specialist readers. Also provides a decent overview of the computer security industry and the collaboration that takes place to reverse engineer destructive malware samples. Very readable. •          Network Attacks and Exploitation: A Framework by Matthew Monte: Monte is a former practitioner and this book clearly and concisely lays out some frameworks and approaches to thinking through offense and defense in cyberspace. He describes the different steps required to execute network attacks and presents and analyzes useful case studies of specific incidents. •          On Cyber: Towards an Operational Art for Cyber Conflict by Greg Conti and David Raymond: The authors have a combination of operational experience and technical expertise and in On Cyber they attempt to bridge the gap between the tactics of cybersecurity and the strategic implications of cyber conflict.

Submitted by: Daryl Haegley, Director, Mission Assurance & Cyber Deterrence at Dod Cyber Trends and Policy Issues · Rob Joyce – DEF CON 26 - “NSA Talks Cybersecurity” · Thomas Dullien – CyCon 2018 – “Security, Moore’s law, and the anomaly of cheap complexity” · Matt Tait – INFILTRATE 2018 – “Updating how we think about security” · Nate Fick – INFILTRATE 2016 – “Learning to Win” · Alex Stamos – DataEDGE 2019 – “The Platform Challenge: Balancing Safety, Privacy and Freedom” · Thomas Dullien – Black Hat Asia 2017 – “Why We Are Not Building A Defensible Internet” Computers and Code 101 · CS50, “Lecture 0 – Computational Thinking” · CS50, “Lecture 0 – Arrays” · CS50, “Lecture 0 – Memory” · Computerphile, “Inside the CPU” · Computerphile, “Turing Complete” · Computerphile – “Virtual Machines Power the Cloud” Internet 101 · Jessica McKellar – RuPy 13 – “How the Internet Works” · Andrew Blum – TED – “What is the Internet, really?” · Martin Hannigan – NANOG 37 – “Analysis of DNS Root Server Location” · Geoff Huston – ENOG 13 – The Death of Transit and Beyond · Craig Labovitz – NANOG 76 – “Internet Traffic 2009-2019 Offensive Cyber 101 · Computerphile – “Running an SQL Injection Attack” · Computerphile – “Buffer Overflow Attack” · Computerphile – “Cracking Websites with Cross-Site Scripting” · Haroon Meer – Black Hat USA 2010 - “Memory Corruption: The (almost) Complete History” Offensive Cyber 201 · Thomas Dullien – RuhrSec 2018 – “Weird Machines, Exploitability, and provable non-exploitability: Understanding the nature of ‘exploits’” · dotsarecool – “Super Mario World Credits Warp Explained” · Mikko Hypponen – DEF CON 19 – “The History and Evolution of Computer Viruses” · Alexei Bulazel – ShmooCon 2018 – “Catch Me If You Can: A Decade of Evasive Malware Attack and Defense” Defensive Cyber 201 · Ivan Dwyer – Google Security for Everyone Else · David Weston – Black Hat USA 2018 – “ZEROing Trust: Do Zero Trust Approaches Deliver Real Security?”

Submitted by: Daryl Haegley, Director, Mission Assurance & Cyber Deterrence at Dod People who are intentionally spreading and infecting others with COVID-19 could face federal terrorism charges, according to Department of Justice (DOJ) officials. A U.S. attorney said the DOJ is working to stop coronavirus-related fraud and hold people accountable who are infecting others on purpose. Federal terrorism threat charges were filed against a Pennsylvania man after police said he intentionally coughed on an elderly man recovering from pneumonia and claiming he had COVID-19. In a separate incident, authorities in Pennsylvania are planning on filing criminal charges against a woman who coughed on more than $35,000 worth of food that all then had to be thrown away in what the grocery store owners are calling a coronavirus prank. "What we're seeing is that it's quite possible that the coronavirus mutually fits the definition of biological weapon potentially under the federal terrorism statues," said the DOJ official. "So, if someone is out there purposefully infecting others, whether it's coughing on someone or infecting something that they then give to another person - that it's just despicable. I think it's also criminal and we're going to hold them accountable," he added.

Submitted by: Daryl Haegley, Director, Mission Assurance & Cyber Deterrence at Dod https://www.hbo.com/documentaries/kill-chain-the-cyber-war-on-americas-elections ELECTION SECURITY GETS THE DOCUMENTARY TREATMENT — HBO on March 26 debuts an election security documentary, "Kill Chain: The Cyber War on America's Elections," from the same team behind the 2006 Emmy-nominated doc "Hacking Democracy." It revisits some of the previous film's characters, namely the protagonist Harri Hursti, the Finnish election security expert who co-founded the DEF CON Voting Village. For readers of this space, many of the lessons and events of "Kill Chain" will be familiar, if no less alarming: the VR Systems hack, the myth that voting machines aren't connected to the internet, the Senate's inability to enact election security legislation. But the storytelling is still engaging: Hursti is a more compelling figure than your MC host knew; for example, getting local press for his computer skills at age 13 and helping the Finnish government on a mysterious project he wouldn't discuss. Some were less familiar, and in places, the documentary appears to provide previously unrevealed information. In an interview, an Indian hacker going by CyberZeist talks about breaking into an Alaskan website where he could have changed the vote (but didn't because he was afraid of being caught). He contends he could have made millions selling the backdoor to Russians wanting to get into the system to alter the numbers. "There was no containment, in effect," Hursti says, reviewing state documents asserting the contrary. Hursti deems CyberZeist as credible. In another instance, experts looked at voting machines at a polling place during Georgia's last gubernatorial election, where six of seven machines went heavily Democratic for the whole ticket and one swung the opposite toward the GOP. University of California Berkeley statisticians Philip Stark and Kellie Ottoboni concluded there was less than a one in a million chance of that happening. The documentary covers almost all the bases, with appearances from lawmakers to election experts: Sens. Mark Warner (D-Va.), James Lankford (R-Okla.), Amy Klobuchar (D-Minn.) and Ron Wyden (D-Ore.); DEF CON founder Jeff Moss; University of Michigan computer science professor J. Alex Halderman; and Hursti's fellow Voting Village co-founder Jake Braun. The major election security vendors declined interviews, although their promotional videos make entertaining cameos — of note though, is how those vendors have moved closer to the positions of the other interviewees in favor of outside testing in the past year or so. The final verdict: It's a should-watch for election security enthusiasts because it's a good flick, and a must-watch for the average voter who isn't caught up.

Submitted by: Daryl Haegley, Director, Mission Assurance & Cyber Deterrence at Dod https://www.zdnet.com/article/academics-steal-data-from-air-gapped-systems-using-pc-fan-vibrations/ Academics steal data from air-gapped systems using PC fan vibrations Israeli researchers use vibrations from CPU, GPU, or PC chassis fans to broadcast stolen information through solid materials and to nearby receives, breaking air-gapped system protections. Academics from an Israeli university have proven the feasibility of using fans installed inside a computer to create controlled vibrations that can be used to steal data from air-gapped systems. The technique, codenamed AiR-ViBeR, is the latest in a long list of wacky data exfiltration techniques devised by Mordechai Guri, the head of R&D at the Ben-Gurion University of the Negev in Israel. For the past half-decade, Guri has been researching methods of sending data from air-gapped computers to the outside world without being detected. Research into this topic is important because air-gapped systems -- computers isolated on local networks with no internet access -- are often used on government or corporate networks to store sensitive data, such as classified files or intellectual property. Guri's research doesn't look at ways of compromising and planting malware on these super-secure systems but instead focuses on innovative and never-before-seen ways of getting the data out, without being detected, and through methods that network defenders are not aware of. In past research, Guri and his team at the Ben-Gurion university's Cyber-Security Research Center have shown that attackers could steal data from secure systems using a plethora of techniques such as: · LED-it-Go - exfiltrate data from air-gapped systems via an HDD's activity LED · USBee - force a USB connector's data bus give out electromagnetic emissions that can be used to exfiltrate data · AirHopper - use the local GPU card to emit electromagnetic signals to a nearby mobile phone, also used to steal data · Fansmitter - steal data from air-gapped PCs using sounds emanated by a computer's GPU fan · DiskFiltration - use controlled read/write HDD operations to steal data via sound waves · BitWhisper - exfiltrate data from non-networked computers using heat emanations · Unnamed attack - uses flatbed scanners to relay commands to malware infested PCs or to exfiltrate data from compromised systems · xLED - use router or switch LEDs to exfiltrate data · aIR-Jumper - use a security camera's infrared capabilities to steal data from air-gapped networks · HVACKer - use HVAC systems to control malware on air-gapped systems · MAGNETO & ODINI - steal data from Faraday cage-protected systems · MOSQUITO - steal data from PCs using attached speakers and headphones · PowerHammer - steal data from air-gapped systems using power lines · CTRL-ALT-LED - steal data from air-gapped systems using keyboard LEDs · BRIGHTNESS - steal data from air-gapped systems using screen brightness variations In new research published this week, Guri expanded on this past work by looking at a medium his team has not analyzed before -- namely vibrations. More specifically, Guri looked at the vibrations that can be generated using a computer's fans, such as CPU fans, GPU fans, power-station fans, or any other fan installed on the computer chassis. Guri says that malicious code planted on an air-gapped system can control the speed at which fans work. By moderating fan speed up and down, the attacker can control the frequency of the vibrations coming off the fan. The AiR-ViBeR technique takes sensitive information stored on an air-gapped system and then alters the fan speed to generate a vibrational pattern that propagates through the nearby environment, such as a desk. Guri says that a nearby attacker can record these vibrations using accelerometer sensors found in modern smartphones, and then decode the information hidden in the vibration pattern to reconstruct the information stolen from the air-gapped system. Collecting these vibrations can be done in two ways. If the attacker has physical access to the air-gapped network, they can place their own smartphones on a desk near an air-gapped system and collect the beamed vibrations without touching the air-gapped computer. If the attacker does not have access to an air-gapped network, then attackers can infect the smartphones of employees working for the targeted company operating an air-gapped system. Malware on the employee's device can pick up these vibrations on behalf of the attacker. Guri says this is possible because the accelerometer sensors in modern smartphones can be accessed by any app without requiring the user's permission, which makes this technique highly evasive. STEALING DATA VIA VIBRATIONS TAKES A WHILE However, while the AiR-ViBeR technique is some pretty innovative work, transmitting data through vibrations is extremely slow. In fact, data can be exfiltrated through vibrations at a lowly speed of half a bit per second, making AiR-ViBeR one of the slowest exfiltration methods that Guri and his team have come up with in recent years. While the AiR-ViBeR attack might be deemed "feasible," it is highly unrealistic that attackers would ever use it in the wild, as they would most likely opt for other techniques that exfiltrate information at faster speeds. Additional technical details on the AiR-ViBeR technique can be found in a white paper published this week and named "AiR-ViBeR: Exfiltrating Data from Air-Gapped Computers via Covert Surface ViBrAtIoNs." BOTTOM LINE: **** Regular users have nothing to fear in regards to AiR-ViBeR, as there are far more dangerous threats lurking on the internet. However, administrators of super-secure air-gapped networks will most likely need to take Guri's latest work into consideration and deploy some of the countermeasures listed in the paper, if they deem this technique a credible threat. Thanks to => Kevin McGrail from Infrashield => for forwarding

Submitted by: Daryl Haegley, Director, Mission Assurance & Cyber Deterrence at Dod The President has signed the National Strategy to Secure 5G (in addition to the Secure 5G and Beyond Act and the Broadband DATA Act).  Here is the link: https://www.whitehouse.gov/wp-content/uploads/2020/03/National-Strategy-5G-Final.pdf