Tag: national security

Iran-Linked Hackers Are Sabotaging US Energy and Water Infrastructure

Posted on by faz_business


As US President Donald Trump threatens wholesale demolition of Iran’s infrastructure in the midst of an escalating war, Iran now appears to have already reciprocated with its own form of infrastructure sabotage: A hacking campaign hitting industrial control systems across the United States, including energy and water utilities, that US agencies say has had disruptive and costly effects.

In a joint advisory published Tuesday, a group of US agencies including the FBI, the National Security Agency, the Department of Energy, and the Cybersecurity and Infrastructure Security Agency warned that a group of hackers affiliated with the Iranian government has targeted industrial control devices used in a series of critical infrastructure targets including in the energy sector, water and wastewater utilities, and unspecified “government facilities.” According to the agencies, the hackers have targeted programmable logic controllers (PLCs)—a type of device designed to allow digital control of physical machinery—in those facilities, including those sold by industrial tech firm Rockwell Automation, with the apparent intention of sabotaging their systems.

By compromising those PLCs, the advisory warns, the hackers sought to change information on the displays of industrial control systems, which can in some scenarios cause system downtime, damage, or even dangerous conditions. “In a few cases, this activity has resulted in operational disruption and financial loss,” it reads.

When WIRED reached out to Rockwell Automation, a company spokesperson responded in a statement that it “takes seriously the security of its products and solutions and has been closely coordinating with government agencies in connection with” Tuesday’s advisory, and pointed to documents it has published for customers on how to better secure their PLCs.

Though the advisory doesn’t specify a particular group responsible for the hacking campaign, it notes that the attacks are similar to those carried out in by the Iran-linked group known as CyberAv3ngers, or the Shahid Kaveh Group, starting in late 2023. That team of hackers, believed to work in the service of the Iranian Revolutionary Guard Corps, inflicted several waves of attacks against Israeli and US targets in recent years, including gaining access to more than a hundred devices sold by industrial control system technology firm Unitronics and most commonly used in water and wastewater utilities.

This is a developing story, please check back for updates.

AI Research Is Getting Harder to Separate From Geopolitics

Posted on by faz_business


The world’s top AI research conference, the Conference on Neural Information Processing Systems—better known as NeurIPS—became the latest organization this week to become embroiled in a growing clash between geopolitics and global scientific collaboration. The conference’s organizers announced and then quickly reversed controversial new restrictions for international participants after Chinese AI researchers threatened to boycott the event.

“This is a potential watershed moment,” says Paul Triolo, a partner at the advisory firm DGA-Albright Stonebridge who studies US-China relations. Triolo argues that attracting Chinese researchers to NeurIPS is beneficial to US interests, but some American officials have pushed for American and Chinese scientists to decouple their work—especially in AI, which has become a particularly sensitive topic in Washington.

The incident could deepen political tensions around AI research, as well as dissuade Chinese scientists from working at US universities and tech companies in the future. “At some level now it is going to be hard to keep basic AI research out of the [political] picture,” Triolo says.

In its annual handbook for paper submissions, issued in mid-March, NeurIPS organizers announced updated restrictions for participation. The rules stated that the event could not provide services including “peer review, editing, and publishing” to any organizations subject to US sanctions, and linked to a database of sanctioned entities. It included companies and organizations on the Bureau of Industry and Security’s entity list and those on another list with alleged ties to the Chinese military.

The new rules would have affected researchers at Chinese companies like Tencent and Huawei who regularly present work at NeurIPS. The database also includes entities from other countries such as Russia and Iran. The US places limits on doing business with these organizations, but there are no rules around academic publishing or conference participation.

The NeurIPS handbook has since been updated to specify that the restrictions apply only to Specially Designated Nationals and Blocked Persons, a list used primarily for terrorist groups and criminal organizations.

“In preparing the NeurIPS 2026 handbook, we included a link to a US government sanctions tool that covers a significantly broader set of restrictions than those NeurIPS is actually required to follow,” the event’s organizers said in a statement issued Friday. “This error was due to miscommunication between the NeurIPS Foundation and our legal team.”

Before they reversed course, the conference organizers initially said that the new rule was “about legal requirements that apply to the NeurIPS Foundation, which is responsible for complying with sanctions,” adding that it was seeking legal consultation on the issue.

Immediate Backlash

The new rule drew swift backlash from AI researchers around the world, particularly in China, which produces a large quantity of cutting-edge machine learning papers and is home to a growing share of the world’s top AI talent. Several academic groups there issued statements condemning the measure and, more importantly, discouraging Chinese academics from attending NeurIPS in the future. Some urged Chinese academics to contribute instead to domestic research conferences, potentially helping increase the country’s influence in relevant science and tech fields.

The China Association of Science and Technology (CAST), an influential government-affiliated organization for scientists and engineers, said Thursday that it would stop providing funding for Chinese scholars traveling to attend NeurIPS and would use the money instead to support domestic and international conferences that “respect the rights of Chinese scholars.”

CAST also said it will no longer count publications at the 2026 NeurIPS conference as academic achievements when evaluating future research funding. It’s unclear if the organization will reverse course now that NeurIPS has walked back the new rule.

The Mysterious Shortwave Radio Station Stoking US-Russia Nuclear Fears

Posted on by faz_business


Since early this year, RIA-Novosti has published roughly one story per week on UVB-76, suggesting its coded messages are related to missile strikes on Iran, the war in Ukraine, and negotiations with Trump.

RT, which had once pooh-poohed the idea that UVB-76 was part of Moscow’s nuclear deterrence, began regularly posting its broadcasts on X, writing in April that the station often broadcasts “coded alerts pre-major events”—particularly around phone calls between Trump and Putin—and suggesting that it operates as a “nuke failsafe.”

Chatter about the station grew on Telegram, the messaging app popular in Russia. Channels claimed that UVB-76 grew active “during periods of escalation” of military activity and that it served as a kind of oracle, sending its coded messages “before global events.” Some of these channels, some with millions of subscribers, are themselves close to the Russian Ministry of Defense.

“In the time of tension between Russia and the West,” Goldmanis says, “such articles are ideal for mounting tension and fear.” There is some irony in the fact that Russians seem to be spooking themselves with tales of their own military communications network, but he argues that it speaks to a deeper fear in Russia: “Fear of losing the war, fear of the state collapse, fear of Western nuclear action, fear of their own government and military.”

All of this domestic shadowboxing, in turn, drove international headlines. The British tabloid The Sun proclaimed that Russia’s “doomsday radio station” had transmitted its “cryptic ‘nuke’ code.” Belgium’s Het Laatste Nieuws reported that the radio messages had caused “heightened alertness among military analysts worldwide.” Politika, a Serbian daily newspaper, penned a lengthy article that claimed that UVB-76 “put fear in the hearts of NATO generals and the Pentagon,” which have been powerless to crack its code. (That article was republished in Russian by RT’s foreign translation service.)

Amid this new attention, Moscow’s communications regulator Roskomnadzor—responsible for monitoring, regulating, and censoring all mass media, including both shortwave radio and the internet—commented on UVB-76 for the first time. A spokesperson for the agency didn’t say much, telling RT that information about the frequency and its purpose “is not publicly available.”

As public interest increased, UVB-76 kept churning out messages. On May 23, an operator read out the code “БЕЗЗЛОБИЕ,” roughly translated to “the absence of malice,” and “ХРЮКОСТЯГ,” or “oink,” followed by a series of numbers. This message, in particular, caught the attention of Dmitry Medvedev.

Medvedev has served as both president and prime minister of Russia and now serves on the hawkish Security Council of Russia as deputy chairman. Analysts at the Institute for the Study of War say Medvedev is frequently deployed by the Kremlin to “inflammatory rhetoric, often including nuclear blackmail, into the information space to spread fear among Western decision-makers and discourage future military aid to Ukraine.”

“Doomsday Radio: May’s ‘lack of malice’ has been replaced by a fierce ‘oink,’” Medvedev wrote on his Telegram channel. Invoking a wave of Ukrainian drone attacks that had roiled Moscow, Medvedev levied thematic insults against the Ukrainians and their backers in Europe: “Pigs,” “hogs,” and “boars.” He ended the post: “Password: ‘БЕЗЗЛОБИЕ.’ Answer: ‘ХРЮКОСТЯГ,’” the two UVB-76 codewords.

“Spasms of the Dead Hand”

Coincidental or intentional, Russia’s new fascination with UVB-76 comes just as it attempts to ratchet up fear of nuclear armageddon. To do that, Moscow is turning to that bit of Cold War lore: The Dead Hand.

Throughout the Cold War, there was a pervasive idea that the Soviets had built some kind of doomsday device. Popularized by films like Fail Safe and Dr. Strangelove, the idea went that Moscow had developed the ability to launch its ballistic missiles, even if all the Communist Party leadership were dead. Such a response could effectively end life on Earth.

Cybersecurity Professor Faced China-Funding Inquiry Before Disappearing, Sources Say

Posted on by faz_business


Jason Covert, one of attorneys representing Xiaofeng Wang and his wife, Nianli Ma, a library systems analyst whose employee profile was also removed by Indiana University, tells WIRED that Wang and Ma are both “safe” and that neither of them have been arrested. Their legal team is not currently aware of any pending criminal charges against them, and while the couple’s attorneys have viewed a search warrant from the Department of Justice, Covert says they have not received a copy of the affidavit establishing probable cause.

Wang is considered among the top researchers in the field of privacy, data security, and biometric privacy, and his sudden disappearance came as a shock to many of his academic peers. Wang joined IU in 2004 and is the lead principal investigator of the multidisciplinary Center for Distributed Confidential Computing, which he established in 2022 with an almost $3 million grant from the National Science Foundation (NSF), according to a since-deleted bio on IU’s website. As part of his application for the NSF funding and other US federal research grants, Wang would have been required to disclose other grants he already received or were currently pending review.

On March 28, the FBI searched two home addresses associated with Wang. The same day, IU also reportedly terminated Wang’s job via an email sent by provost Rahul Shrivastav, which WIRED obtained and was first reported by The Indiana Daily Student. The email also said it was understood that Wang had recently accepted a position with a university in Singapore, a detail also repeated in the statement attributed to Li.

The statement says Wang planned to start at the unnamed Singaporean university on June 1, 2025 and requested a leave of absence from Indiana University in early March. But IU responded by “putting him on administrative leave, removing his IU homepage, and disabling his IU email address,” it claims.

Wang’s new job offer “would be irrelevant in any event because it is for [the] next academic year and would not justify firing him,” Tanford says. Terminating his employment via an email was a violation of university policy, Tanford claims, which prohibits firing a tenured professor without cause, and requires a 10-day notice and a hearing before a faculty board of review, if requested by the staff member. “The faculty is deeply concerned. If the administration can fire a tenured professor without due process and in violation of a policy approved by our trustees, none of us is safe,” he says.

Reached for comment, an IU spokesperson declined to answer detailed questions from WIRED about prior communications between the university and Wang and the school’s decision to fire him.

“Indiana University was recently made aware of a federal investigation of an Indiana University faculty member,” university spokesperson Mark Bode tells WIRED in an emailed statement. “At the direction of the FBI, Indiana University will not make any public comments regarding this investigation. In accordance with Indiana University practices, Indiana University will also not make any public comments regarding the status of this individual.”

Trump’s Spy Chief Urged to Declassify Details of Secret Surveillance Program

Posted on by faz_business


Senator Ron Wyden of Oregon, a renowned privacy hawk who has served on the Senate intelligence committee since just after 9/11, has referred to the new provision as “one of the most dramatic and terrifying expansions of government surveillance authority in history.”

Declassifying the new types of businesses that can actually be considered an ECSP is an essential step in bringing about clarity to an otherwise nebulous change in federal surveillance practices, according to the ACLU and the other organizations joined in its effort. “Without such basic transparency, the law will likely continue to permit sweeping NSA surveillance on domestic soil that threatens the civil liberties of all Americans,” the groups wrote in their letter to Gabbard this week.

The Office of the Director of National Intelligence did not respond to multiple requests for comment.

In addition to urging Gabbard to declassify details about the reach of the 702 program, the ACLU and others are currently pressing Gabbard to publish information to quantify just how many Americans have been “incidentally” wiretapped by their own government. Intelligence officials have long claimed that doing so would be “impossible,” as any analysis of the wiretaps would involve the government accessing them unjustifiably, effectively violating those Americans’ rights.

The privacy groups, however, point to research published in 2022 out of Princeton University, which details a methodology that could effectively solve that issue. “The intelligence community’s refusal to produce the requested estimate undermines trust and weakens the legitimacy of Section 702,” the groups say.

Gabbard is widely reported to have softened her stance against government spying while working to secure her new position as director of the nation’s intelligence apparatus. During the 116th Congress, for instance, Gabbard introduced legislation that sought to completely dismantle the Section 702 program, which is considered the “crown jewel” or US intelligence collection and crucial to keeping tabs on foreign threats abroad, including terrorist organizations and cybersecurity threats—exhibiting a stance far more extreme than those traditionally held by lawmakers and civil society organizations who’ve long campaigned for surveillance reform.

While begging off from this position in January, Gabbard’s newly espoused views have, in fact, brought her more closely in line with mainstream reformers. In response to questions from the US Senate ahead of her confirmation, for example, Gabbard backed the idea of requiring the Federal Bureau of Investigation to obtain warrants before accessing the communications of Americans swept up by the 702 program.

Slews of national security hawks from former House speaker Nancy Pelosi to former House intelligence committee chairman Mike Turner have long opposed this warrant requirement, as traditionally have all directors of the FBI. “This warrant requirement strengthens the [intelligence community] by ensuring queries are targeted and justified,” Gabbard wrote in response to Senate questions in late January.

The Section 702 program was reauthorized last spring, but only for an additional two years. Early discussions about reauthorizing the program once more are expected to kick off again as early as this summer.

Sean Vitka, executive director of Demand Progress, one of the organizations involved in the lobbying effort, notes that Gabbard has a long history of supporting civil liberties, and refers to her recent statements about secret surveillance programs “encouraging.” “Congress needs to know, and the public deserves to know, what Section 702 is being used for,” Vitka says, “and how many Americans are swept up in that surveillance.”

“Section 702 has been repeatedly used to conduct warrantless surveillance on Americans, including journalists, activists, and even members of Congress,” adds Kia Hamadanchy, senior policy counsel for the ACLU. “Declassifying critical information, as well as providing long-overdue basic data about the number of US persons whose communications are collected under this surveillance are essential steps to increasing transparency as the next reauthorization debate approaches.”

A New Jam-Packed Biden Executive Order Tackles Cybersecurity, AI, and More

Posted on by faz_business


Four days before he leaves office, US president Joe Biden has issued a sweeping cybersecurity directive ordering improvements to the way the government monitors its networks, buys software, uses artificial intelligence, and punishes foreign hackers.

The 40-page executive order unveiled on Thursday is the Biden White House’s final attempt to kickstart efforts to harness the security benefits of AI, roll out digital identities for US citizens, and close gaps that have helped China, Russia, and other adversaries repeatedly penetrate US government systems.

The order “is designed to strengthen America’s digital foundations and also put the new administration and the country on a path to continued success,” Anne Neuberger, Biden’s deputy national security adviser for cyber and emerging technology, told reporters on Wednesday.

Looming over Biden’s directive is the question of whether president-elect Donald Trump will continue any of these initiatives after he takes the oath of office on Monday. None of the highly technical projects decreed in the order are partisan, but Trump’s advisers may prefer different approaches (or timetables) to solving the problems that the order identifies.

Trump hasn’t named any of his top cyber officials, and Neuberger said the White House didn’t discuss the order with his transition staff, “but we are very happy to, as soon as the incoming cyber team is named, have any discussions during this final transition period.”

The core of the executive order is an array of mandates for protecting government networks based on lessons learned from recent major incidents—namely, the security failures of federal contractors.

The order requires software vendors to submit proof that they follow secure development practices, building on a mandate that debuted in 2022 in response to Biden’s first cyber executive order. The Cybersecurity and Infrastructure Security Agency would be tasked with double-checking these security attestations and working with vendors to fix any problems. To put some teeth behind the requirement, the White House’s Office of the National Cyber Director is “encouraged to refer attestations that fail validation to the Attorney General” for potential investigation and prosecution.

The order gives the Department of Commerce eight months to assess the most commonly used cyber practices in the business community and issue guidance based on them. Shortly thereafter, those practices would become mandatory for companies seeking to do business with the government. The directive also kicks off updates to the National Institute of Standards and Technology’s secure software development guidance.

Another part of the directive focuses on the protection of cloud platforms’ authentication keys, the compromise of which opened the door for China’s theft of government emails from Microsoft’s servers and its recent supply-chain hack of the Treasury Department. Commerce and the General Services Administration have 270 days to develop guidelines for key protection, which would then have to become requirements for cloud vendors within 60 days.

To protect federal agencies from attacks that rely on flaws in internet-of-things gadgets, the order sets a January 4, 2027, deadline for agencies to purchase only consumer IoT devices that carry the newly launched US Cyber Trust Mark label.