Cyberwars: The Month of Cyberattacks

hackers_securityThe month of August has been a busy time for online security specialists, due to numerous cyberattacks being reported close to each other. First came word that supermarket chain Supervalu had been hacked, followed by news of security breaches at a largest American medical group, the Nuclear Regulatory Commission and then the UPS Store. In all cases, the intrusions led to the theft of millions of users’ personal data.

The worst of the lot appears to have been the massive cyberattack on Community Health Systems, one of the largest hospital chains in the US that oversees 206 hospitals in 29 states. According to the company, the intrusion led to stolen Social Security numbers, patient names, addresses, birth dates and telephone numbers of some 4.5 million patients. And as usual, the attack is believed to have had the backing of a foreign government.

https://i0.wp.com/www.chs.net/wp-content/uploads/2013/12/hma-map.pngThis is the largest known attack to involve hospital patient information since the US government began tracking these types of data breaches in 2009. According to Elysium Digital data security expert Joseph Calandrino:

One possible goal of this attack is to facilitate future targeted attacks. The type of data that was stolen from the hospital system is often used to verify a person’s identify. The exposure of this data creates a risk that the hackers could leverage it to gain access to other accounts and information.

As is so often the case these days, it is believed the cyberattack originated in China. Security firm Mandiant, which investigated the breach in April and June, said the hackers belong to a group that targets crucial infrastructure, such as defense, engineering, financial services, and health care companies. It’s unclear if these hackers are affiliated with the Chinese government.

Unit-61398-Chinese-Army-Hacking-Jobs-With-Great-BenefitsVarious security experts have long accused China of waging a cyberwar on US government and private company websites. For example, a report that was released by Mandiant back in 2013 linked Unit 61398 of the China’s People’s Liberation Army to a large number of cyberattacks on US soil. However, the Chinese government has flatly denied that it is involved in cyber-espionage or hacking.

Community Health Systems has since reported that it stopped the cyberattack by removing the malicious software used by the hackers and is notifying its patients of the breach. It has also been reported that the hack may have been facilitated by the Heartbleed bug, a flaw in OpenSSL that hackers use to exploit to obtain encrypted data. The timing certainly seems apt, as the bug was revealed back in April and the attack took place between April and June.

nsasecurity_primary-100041064-largeHowever, this was were merely one of several breaches that took place over the past few months. In addition to the CHS, UPS, and numerous major outlets, cybersecurity firm Hold Security identified what was arguably the largest known data breach in history earlier this month. In this attack, the Russian cybergang Cybervor allegedly stole 1.2 billion username and password combinations and more than 500 million email addresses.

With these latest attacks, it appears that large-scale security breaches carried out by individual hackers and sponsored by nation-states is becoming the new normal. And as these kinds of attacks become more common, cybersecurity experts are concerned that people may suffer from “alert fatigue”, where they will basically cease caring about and not be aware of breaches that affect them.

RAND_hqIn addition, security experts would like people to keep in mind that there is a difference between a spike in activity and reporting on activity. Much like the problems of violence, teen sex and crime rates, there is likely a gap between an actual increase and the perception of one. As Lillian Ablon, a researcher for the RAND Corporation, explained:

Back during Operation Aurora [in 2009], when Google got hacked, Google coming out [in 2010] was a big step in the industry. Before that, companies didn’t really talk about being breached.

Legally, companies and government agencies are required to report security breaches to the public only when customer data is involved, and only in 47 states. Alabama, New Mexico, and South Dakota lack mandatory reporting laws, and few laws on the books extract penalties when a breach occurs. Still, whatever the magnitude of the number of security breaches, it’s also true that we are living in an increasingly uncertain world when it comes to keeping our data safe.

internetNaturally, public vigilance is a good policy, but its not exactly a solution. When the hacks at the Nuclear Regulatory Commission, the Community Health Systems, the Cybervor attack, and hack of the DHS, the attacks were suspected of coming from abroad. More and more, attacks are being staged from a location that is far removed from the source, and backed by third parties who are likely unknown.

Security experts believe that the eventual solution will require businesses to rethink how they operate, putting a much bigger emphasis on security. But the consequences of that could have global economic implications, if better security hurts competitiveness. In the short term, it means that customers who do business with companies that suffer security breaches will need to be that much more vigilant.

That means not reusing passwords for multiple accounts, using two-factor authentication when available, and keeping a close eye on bank statements and credit card activity. And as for the breaches themselves, there’s not much you can do except be prepared to hear about more of them, more often. For better or for worse, it is the age we live in, where big data means big data intrusion!

Sources: cnet.com, (2), (3)

Digital Eyewear Through the Ages

google_glassesGiven the sensation created by the recent release of Google Glass – a timely invention that calls to mind everything from 80’s cyberpunk to speculations about our cybernetic, transhuman future – a lot of attention has been focused lately on personalities like Steve Mann, Mark Spritzer, and the history of wearable computers.

For decades now, visionaries and futurists have been working towards a day when all personal computers are portable and blend seamlessly into our daily lives. And with countless imitators coming forward to develop their own variants and hate crimes being committed against users, it seems like portable/integrated machinery is destined to become an issue no one will be able to ignore.

And so I thought it was high time for a little retrospective, a look back at the history of eyewear computers and digital devices and see how far it has come. From its humble beginnings with bulky backpacks and large, head-mounted displays, to the current age of small fixtures that can be worn as easily as glasses, things certainly have changed. And the future is likely to get even more fascinating, weird, and a little bit scary!

Sword of Damocles (1968):
swordofdamoclesDeveloped by Ivan Sutherland and his student Bob Sprouli at the University of Utah in 1968, the Sword of Damocles was the world’s first heads-up mounted display. It consisted of a headband with a pair of small cathode-ray tubes attached to the end of a large instrumented mechanical arm through which head position and orientation were determined.

Hand positions were sensed via a hand-held grip suspended at the end of three fishing lines whose lengths were determined by the number of rotations sensed on each of the reels. Though crude by modern standards, this breakthrough technology would become the basis for all future innovation in the field of mobile computing, virtual reality, and digital eyewear applications.

WearComp Models (1980-84):
WearComp_1_620x465Built by Steve Mann (inventor of the EyeTap and considered to be the father of wearable computers) in 1980, the WearComp1 cobbled together many devices to create visual experiences. It included an antenna to communicate wirelessly and share video. In 1981, he designed and built a backpack-mounted wearable multimedia computer with text, graphics, and multimedia capability, as well as video capability.

Wearcomp_4By 1984, the same year that Apple’s Macintosh was first shipped and the publication of William Gibson’s science fiction novel, “Neuromancer”, he released the WearComp4 model. This latest version employed clothing-based signal processing, a personal imaging system with left eye display, and separate antennas for simultaneous voice, video, and data communication.

Private Eye (1989):
Private_eye_HUDIn 1989 Reflection Technology marketed the Private Eye head-mounted display, which scanned a vertical array of LEDs across the visual field using a vibrating mirror. The monochrome screen was 1.25-inches on the diagonal, but images appear to be a 15-inch display at 18-inches distance.

EyeTap Digital Eye (1998):
EyeTap1
Steve Mann is considered the father of digital eyewear and what he calls “mediated” reality. He is a professor in the department of electrical and computer engineering at the University of Toronto and an IEEE senior member, and also serves as chief scientist for the augmented reality startup, Meta. The first version of the EyeTap was produced in the 1970’s and was incredibly bulky by modern standards.

By 1998, he developed the one that is commonly seen today, mounted over one ear and in front of one side of the face. This version is worn in front of the eye, recording what is immediately in front of the viewer and superimposing the view as digital imagery. It uses a beam splitter to send the same scene to both the eye and a camera, and is tethered to a computer worn to his body in a small pack.

MicroOptical TASK-9 (2000):
MicroOptical TASK-9Founded in 1995 by Mark Spitzer, who is now a director at the Google X lab. the company produced several patented designs which were bought up by Google after the company closed in 2010. One such design was the TASK-9, a wearable computer that is attachable to a set of glasses. Years later, MicroOptical’s line of viewers remain the lightest head-up displays available on the market.

Vuzix (1997-2013):
Vuzix_m100Founded in 1997, Vuzix created the first video eyewear to support stereoscopic 3D for the PlayStation 3 and Xbox 360. Since then, Vuzix went on to create the first commercially produced pass-through augmented reality headset, the Wrap 920AR (seen at bottom). The Wrap 920AR has two VGA video displays and two cameras that work together to provide the user a view of the world which blends real world inputs and computer generated data.

vuzix-wrapOther products of note include the Wrap 1200VR, a virtual reality headset that has numerous applications – everything from gaming and recreation to medical research – and the Smart Glasses M100, a hands free display for smartphones. And since the Consumer Electronics Show of 2011, they have announced and released several heads-up AR displays that are attachable to glasses.

vuzix_VR920

MyVu (2008-2012):
Founded in 1995, also by Mark Spitzer, MyVu developed several different types of wearable video display glasses before closing in 2012. The most famous was their Myvu Personal Media Viewer (pictured below), a set of display glasses that was released in 2008. These became instantly popular with the wearable computer community because they provided a cost effective and relatively easy path to a DIY, small, single eye, head-mounted display.myvu_leadIn 2010, the company followed up with the release of the Viscom digital eyewear (seen below), a device that was developed in collaboration with Spitzer’s other company, MicroOptical. This smaller, head mounted display device comes with earphones and is worn over one eye like a pair of glasses, similar to the EyeTap.

myvu_viscom

Meta Prototype (2013):
Developed by Meta, a Silicon Valley startup that is being funded with the help of a Kickstarter campaign and supported by Steve Mann, this wearable computing eyewear ultizes the latest in VR and projection technology. Unlike other display glasses, Meta’s eyewear enters 3D space and uses your hands to interact with the virtual world, combining the benefits of the Oculus Rift and those being offered by “Sixth Sense” technology.

meta_headset_front_on_610x404The Meta system includes stereoscopic 3D glasses and a 3D camera to track hand movements, similar to the portrayals of gestural control in movies like “Iron Man” and “Avatar.” In addition to display modules embedded in the lenses, the glasses include a portable projector mounted on top. This way, the user is able to both project and interact with computer simulations.

Google Glass (2013):
Google Glass_Cala
Developed by Google X as part of their Project Glass, the Google Glass device is a wearable computer with an optical head-mounted display (OHMD) that incorporates all the major advances made in the field of wearable computing for the past forty years. These include a smartphone-like hands-free format, wireless internet connection, voice commands and a full-color augmented-reality display.

Development began in 2011 and the first prototypes were previewed to the public at the Google I/O annual conference in San Francisco in June of 2012. Though they currently do not come with fixed lenses, Google has announced its intention to partner with sunglass retailers to equip them with regular and prescription lenses. There is also talk of developing contact lenses that come with embedded display devices.

Summary:
Well, that’s the history of digital eyewear in a nutshell. And as you can see, since the late 60’s, the field has progressed by leaps and bounds. What was once a speculative and visionary pursuit has now blossomed to become a fully-fledged commercial field, with many different devices being produced for public consumption.

At this rate, who knows what the future holds? In all likelihood, the quest to make computers more portable and ergonomic will keep pace with the development of more sophisticated electronics and computer chips, miniaturization, biotechnology, nanofabrication and brain-computer interfacing.

The result will no doubt be tiny CPUs that can be implanted in the human body and integrated into our brains via neural chips and tiny electrodes. In all likelihood, we won’t even need voice commands at that point, because neuroscience will have developed a means to communicate directly to our devices via brainwaves. The age of cybernetics will have officially dawned!

Like I said… fascinating, weird, and a little bit scary!

‘High Dynamic Range’