The Internet of Criminal Things—Trust in the Gods but Verify!

By Elizabeth Leake, STEM-Trek

February 20, 2019

“Are we under attack?” asked Professor Elmarie Biermann of the Cyber Security Institute during the recent South African Centre for High Performance Computing’s (CHPC) National Conference in Cape Town. A quick show of hands from ~10 percent of the audience revealed that even a technically well-informed community of practice doesn’t realize that we’re always under attack. 

“We are in the early stages of a cold cyber war that could quickly escalate into a hot cyber war that would ultimately spill into a full-scale kinetic war,” said Biermann.

Cyber warfare refers to the use of digital attacks by one country to disrupt the vital computer systems of another with the intention of causing damage, death and/or destruction. When it comes to power grids, the water supply, defense installations and community services, both offensive and defensive maneuvers are underway in every country; none are exempt.

“We tend to think it’s only the nation-states that engage in warfare, but civilians comprise the network of criminals, hacktivists and insiders,” she said. “All are actors in today’s cyber warfare landscape,” said Biermann.

Photo by Lawrette McFarlane.

They can exploit everything from our high-performance computing systems (HPC) all the way down to our mobile phones and Internet of Things (IoT) devices. “We buy smart devices, bring them home, and don’t change the default settings,” she said. “This is one of the biggest dangers of IoT—especially if the devices or chips are manufactured in countries that lack regulations on privacy or where there are state-sponsored initiatives that intend to cause harm to other countries.”

Hactivists often target government websites, “just because they can,” she said. Defacing a website may not have a big impact, but it’s low-hanging fruit that lets everyone know of their intentions. Some countries are better-prepared to fight cybercrime. China, for example, employs an estimated 50,000-100,000 cyber warriors.

Criminal networks have a huge capacity for disruption. They are run like a business and turn billions of dollars for the syndicate, making use of cyberinfrastructure and skilled IT personnel. Criminal networks invest in research and development intended to undo whatever R&D is put in place to protect government, commercial and private assets. They’re likely to exploit IoT to collect a record of the most vulnerable points of entry. There are well-funded, and well-staffed criminal organizations that conduct hacking and a range of other e-services for hire, or they sell tools that can be used for crime. In one case, an organization was making ATM skimmers that could be purchased for under 50 Rands (less than $4.00 US). “It allows you to sit in your car near the ATM and use your computer to capture PINs, and account information,” she said.

The Shadow brokers, rumored to be a Russian entity, obtained access to a vault of software tools developed by the U.S. National Security Agency (NSA), and made it available for everyone to use. “Visiting the Dark Web is like going to the pawn shop to see if your data is there,” she said. In one case, 300 million euros were generated by a single piece of code, and that money was then used to fund additional illicit operations.

Their financial transactions are conducted via cryptocurrency that is more difficult to track; especially when traversing international borders. While the address of the transaction can be discovered, it’s nearly impossible to track it to an individual. The geographic footprint is often intentionally-misleading in order to throw detectives off.

Ransomware isn’t new, but the targets and methodologies used by those who kidnap data and systems change, depending on the market. Because people tend to reuse passwords, it’s easier for criminals to gain access to their information, for example, which websites are visited, and even their bank balance. If the person visits a pornographic site—and, say that person is a priest or K-12 teacher, for example—it’s relatively easy to conduct “sextortion.” They are sent a message that, when opened, injects malware that hijacks their computer. They then receive some form of ransom note that indicates their data or computer won’t be released until they send a certain amount of funds (possibly the amount they have in the bank) to a cryptocurrency wallet. In such cases, victims are less likely to report the crime since it’s professionally embarrassing, and the amount at stake is unlikely to be a financial burden. With critical mass, a lot of money can be made by criminals this way. Unfortunately, once systems are comprised, the victim can be held hostage again and again in the future. When it happens, it’s always best to alert authorities and have the system cleaned by a professional.

“Many believe that if they see the little lock on the task bar that their transactions are safe, but bad guys also utilize encryption technology, such as SSL, in order to give the illusion of trust so they can be more successful in phishing attacks,” she said.

“Botnets are little pieces of code that install malware on your system,” said Bierman. It may not appear to be a problem from your side, and your system may not perform badly, but it allows the orchestrator to potentially command resources from millions of laptops, or HPC systems, for that matter. “Any system is only as safe as the latest antivirus definition files and operating system updates that are installed,” she said. Safe environments require vigilance and hard work to maintain. In fact, most attacks against HPC resources aren’t intended to capture data; the criminals try to harness unguarded computational power. But if a system is hijacked for use in an international crime, the center that manages the vulnerable system could become embroiled in an investigation and criminal case; they might even face some liability. That is why you would never want to sell computational cycles to a third-party (or nation-state) without a contract that acknowledges exactly how the power, storage and networks under your watch are being employed.

“Power is in the hands of those who control information,” she said. “What would you do if the services and software you rely on for business and social activities are based in a country that is currently under attack?” She cited the case of Russian interference in the U.S. elections, and how Facebook and Google were accused of furthering the agendas of paying customers who had criminal intent.

Fake news is intended to manipulate feelings and is a form of cyberattack. With broad public adoption of the tools and services used to perpetuate fake news, it’s easier to influence election outcomes.

“Many think that Google is impartial, but in reality, it’s ad-driven,” she said, and added, “Google renders the results that it wants you to buy.” Artificial Intelligence (AI) is being weaponized to conceal and accelerate cyberattacks in order to escalate the damage they can cause,” said Biermann. She provided a list of tools that can help keep social environments safe: Duckduckgo, Opera, Yandex, SocialMention, SocialBearing, Md5, and Shodan.

What can we do to protect ourselves?

Biermann suggests installing a VPN on personal devices which adds another layer of encryption. Install virus protection on your phones. Fewer than one percent protect their mobile phones, but Internet penetration in many sub-Saharan African regions was originally initiated and continues to be largely via mobile device. “And don’t use the free stuff; there is always a cost,” she added. Moving forward, decide to become proactive, vs. reactive.

Biermann and her colleagues also presented at the Understanding Risk in Shared Cyberecosystems (URISC) workshop led by Meshack Ndala (CHPC) during the CHPC National Conference that drew 571 participants from dozens of countries. URISC was named after a STEM-Trek cybersecurity workshop that was co-located with SC17.

The CHPC19 National Conference venue and dates will be announced soon. Watch the STEM-Trek and CHPC sites for more information.

About the Author

HPCwire Contributing Editor Elizabeth Leake is a consultant, correspondent and advocate who serves the global high performance computing (HPC) and data science industries. In 2012, she founded STEM-Trek, a global, grassroots nonprofit organization that supports workforce development opportunities for science, technology, engineering and mathematics (STEM) scholars from underserved regions and underrepresented groups.

As a program director, Leake has mentored hundreds of early-career professionals who are breaking cultural barriers in an effort to accelerate scientific and engineering discoveries. Her multinational programs have specific themes that resonate with global stakeholders, such as food security data science, blockchain for social good, cybersecurity/risk mitigation, and more. As a conference blogger and communicator, her work drew recognition when STEM-Trek received the 2016 and 2017 HPCwire Editors’ Choice Awards for Workforce Diversity Leadership.

Subscribe to HPCwire's Weekly Update!

Be the most informed person in the room! Stay ahead of the tech trends with industy updates delivered to you every week!

What’s New in HPC Research: Rabies, Smog, Robots & More

October 14, 2019

In this bimonthly feature, HPCwire highlights newly published research in the high-performance computing community and related domains. From parallel programming to exascale to quantum computing, the details are here. Read more…

By Oliver Peckham

Crystal Ball Gazing: IBM’s Vision for the Future of Computing

October 14, 2019

Dario Gil, IBM’s relatively new director of research, painted a intriguing portrait of the future of computing along with a rough idea of how IBM thinks we’ll get there at last month’s MIT-IBM Watson AI Lab’s AI Read more…

By John Russell

Summit Simulates Braking – on Mars

October 14, 2019

NASA is planning to send humans to Mars by the 2030s – and landing on the surface will be considerably trickier than landing a rover like Curiosity. To solve the problem, NASA researchers are using the world’s fastes Read more…

By Staff report

Chaminade University’s Immersion Program Builds Capacity for Data Science in Hawaii, Pacific Region

October 10, 2019

Kuleana is a uniquely Hawaiian value and practice which embodies responsibility to self, community, and the ‘aina' (land). At Chaminade University, a federally designated Native Hawaiian serving university in Hawai‘i Read more…

By Faith Singer-Villalobos

Trovares Drives Memory-Driven, Property Graph Analytics Strategy with HPE

October 10, 2019

Trovares, a high performance property graph analytics company, has partnered with HPE and its Superdome Flex memory-driven servers on a cybersecurity capability the companies say “routinely” runs near-time workloads on 24TB-capacity systems... Read more…

By Doug Black

AWS Solution Channel

Making High Performance Computing Affordable and Accessible for Small and Medium Businesses with HPC on AWS

High performance computing (HPC) brings a powerful set of tools to a broad range of industries, helping to drive innovation and boost revenue in finance, genomics, oil and gas extraction, and other fields. Read more…

HPE Extreme Performance Solutions

Intel FPGAs: More Than Just an Accelerator Card

FPGA (Field Programmable Gate Array) acceleration cards are not new, as they’ve been commercially available since 1984. Typically, the emphasis around FPGAs has centered on the fact that they’re programmable accelerators, and that they can truly offer workload specific hardware acceleration solutions without requiring custom silicon. Read more…

IBM Accelerated Insights

HPC in the Cloud: Avoid These Common Pitfalls

[Connect with LSF users and learn new skills in the IBM Spectrum LSF User Community.]

It seems that everyone is experimenting about cloud computing. Read more…

Intel, Lenovo Join Forces on HPC Cluster for Flatiron

October 9, 2019

An HPC cluster with deep learning techniques will be used to process petabytes of scientific data as part of workload-intensive projects spanning astrophysics to genomics. AI partners Intel and Lenovo said they are providing... Read more…

By George Leopold

Crystal Ball Gazing: IBM’s Vision for the Future of Computing

October 14, 2019

Dario Gil, IBM’s relatively new director of research, painted a intriguing portrait of the future of computing along with a rough idea of how IBM thinks we’ Read more…

By John Russell

Summit Simulates Braking – on Mars

October 14, 2019

NASA is planning to send humans to Mars by the 2030s – and landing on the surface will be considerably trickier than landing a rover like Curiosity. To solve Read more…

By Staff report

Trovares Drives Memory-Driven, Property Graph Analytics Strategy with HPE

October 10, 2019

Trovares, a high performance property graph analytics company, has partnered with HPE and its Superdome Flex memory-driven servers on a cybersecurity capability the companies say “routinely” runs near-time workloads on 24TB-capacity systems... Read more…

By Doug Black

Intel, Lenovo Join Forces on HPC Cluster for Flatiron

October 9, 2019

An HPC cluster with deep learning techniques will be used to process petabytes of scientific data as part of workload-intensive projects spanning astrophysics to genomics. AI partners Intel and Lenovo said they are providing... Read more…

By George Leopold

Optimizing Offshore Wind Farms with Supercomputer Simulations

October 9, 2019

Offshore wind farms offer a number of benefits; many of the areas with the strongest winds are located offshore, and siting wind farms offshore ameliorates many of the land use concerns associated with onshore wind farms. Some estimates say that, if leveraged, offshore wind power... Read more…

By Oliver Peckham

Harvard Deploys Cannon, New Lenovo Water-Cooled HPC Cluster

October 9, 2019

Harvard's Faculty of Arts & Sciences Research Computing (FASRC) center announced a refresh of their primary HPC resource. The new cluster, called Cannon after the pioneering American astronomer Annie Jump Cannon, is supplied by Lenovo... Read more…

By Tiffany Trader

NSF Announces New AI Program; Plans $120M in Funding Next Year

October 8, 2019

As the saying goes, when you’re hot, you’re hot. Right now, AI is scalding. Today the National Science Foundation announced a new AI initiative – The National Artificial Intelligence Research Institutes program – with plans to invest about “$120 million in grants next year... Read more…

By Staff report

DOE Sets Sights on Accelerating AI (and other) Technology Transfer

October 3, 2019

For the past two days DOE leaders along with ~350 members from academia and industry gathered in Chicago to discuss AI development and the ways in which industr Read more…

By John Russell

Supercomputer-Powered AI Tackles a Key Fusion Energy Challenge

August 7, 2019

Fusion energy is the Holy Grail of the energy world: low-radioactivity, low-waste, zero-carbon, high-output nuclear power that can run on hydrogen or lithium. T Read more…

By Oliver Peckham

DARPA Looks to Propel Parallelism

September 4, 2019

As Moore’s law runs out of steam, new programming approaches are being pursued with the goal of greater hardware performance with less coding. The Defense Advanced Projects Research Agency is launching a new programming effort aimed at leveraging the benefits of massive distributed parallelism with less sweat. Read more…

By George Leopold

Cray Wins NNSA-Livermore ‘El Capitan’ Exascale Contract

August 13, 2019

Cray has won the bid to build the first exascale supercomputer for the National Nuclear Security Administration (NNSA) and Lawrence Livermore National Laborator Read more…

By Tiffany Trader

AMD Launches Epyc Rome, First 7nm CPU

August 8, 2019

From a gala event at the Palace of Fine Arts in San Francisco yesterday (Aug. 7), AMD launched its second-generation Epyc Rome x86 chips, based on its 7nm proce Read more…

By Tiffany Trader

Ayar Labs to Demo Photonics Chiplet in FPGA Package at Hot Chips

August 19, 2019

Silicon startup Ayar Labs continues to gain momentum with its DARPA-backed optical chiplet technology that puts advanced electronics and optics on the same chip Read more…

By Tiffany Trader

Chinese Company Sugon Placed on US ‘Entity List’ After Strong Showing at International Supercomputing Conference

June 26, 2019

After more than a decade of advancing its supercomputing prowess, operating the world’s most powerful supercomputer from June 2013 to June 2018, China is keep Read more…

By Tiffany Trader

D-Wave’s Path to 5000 Qubits; Google’s Quantum Supremacy Claim

September 24, 2019

On the heels of IBM’s quantum news last week come two more quantum items. D-Wave Systems today announced the name of its forthcoming 5000-qubit system, Advantage (yes the name choice isn’t serendipity), at its user conference being held this week in Newport, RI. Read more…

By John Russell

A Behind-the-Scenes Look at the Hardware That Powered the Black Hole Image

June 24, 2019

Two months ago, the first-ever image of a black hole took the internet by storm. A team of scientists took years to produce and verify the striking image – an Read more…

By Oliver Peckham

Leading Solution Providers

ISC 2019 Virtual Booth Video Tour

CRAY
CRAY
DDN
DDN
DELL EMC
DELL EMC
GOOGLE
GOOGLE
ONE STOP SYSTEMS
ONE STOP SYSTEMS
PANASAS
PANASAS
VERNE GLOBAL
VERNE GLOBAL

Intel Confirms Retreat on Omni-Path

August 1, 2019

Intel Corp.’s plans to make a big splash in the network fabric market for linking HPC and other workloads has apparently belly-flopped. The chipmaker confirmed to us the outlines of an earlier report by the website CRN that it has jettisoned plans for a second-generation version of its Omni-Path interconnect... Read more…

By Staff report

Kubernetes, Containers and HPC

September 19, 2019

Software containers and Kubernetes are important tools for building, deploying, running and managing modern enterprise applications at scale and delivering enterprise software faster and more reliably to the end user — while using resources more efficiently and reducing costs. Read more…

By Daniel Gruber, Burak Yenier and Wolfgang Gentzsch, UberCloud

Intel Debuts Pohoiki Beach, Its 8M Neuron Neuromorphic Development System

July 17, 2019

Neuromorphic computing has received less fanfare of late than quantum computing whose mystery has captured public attention and which seems to have generated mo Read more…

By John Russell

Rise of NIH’s Biowulf Mirrors the Rise of Computational Biology

July 29, 2019

The story of NIH’s supercomputer Biowulf is fascinating, important, and in many ways representative of the transformation of life sciences and biomedical res Read more…

By John Russell

Quantum Bits: Neven’s Law (Who Asked for That), D-Wave’s Steady Push, IBM’s Li-O2- Simulation

July 3, 2019

Quantum computing’s (QC) many-faceted R&D train keeps slogging ahead and recently Japan is taking a leading role. Yesterday D-Wave Systems announced it ha Read more…

By John Russell

With the Help of HPC, Astronomers Prepare to Deflect a Real Asteroid

September 26, 2019

For years, NASA has been running simulations of asteroid impacts to understand the risks (and likelihoods) of asteroids colliding with Earth. Now, NASA and the European Space Agency (ESA) are preparing for the next, crucial step in planetary defense against asteroid impacts: physically deflecting a real asteroid. Read more…

By Oliver Peckham

ISC Keynote: Thomas Sterling’s Take on Whither HPC

June 20, 2019

Entertaining, insightful, and unafraid to launch the occasional verbal ICBM, HPC pioneer Thomas Sterling delivered his 16th annual closing keynote at ISC yesterday. He explored, among other things: exascale machinations; quantum’s bubbling money pot; Arm’s new HPC viability; Europe’s... Read more…

By John Russell

Argonne Team Makes Record Globus File Transfer

July 10, 2019

A team of scientists at Argonne National Laboratory has broken a data transfer record by moving a staggering 2.9 petabytes of data for a research project.  The data – from three large cosmological simulations – was generated and stored on the Summit supercomputer at the Oak Ridge Leadership Computing Facility (OLCF)... Read more…

By Oliver Peckham

  • arrow
  • Click Here for More Headlines
  • arrow
Do NOT follow this link or you will be banned from the site!
Share This