Posts Tagged ‘Germany’
Tuesday, July 21, 2015 @ 12:07 PM gHale
Over the past 50 years, BPA has gone from miracle to menace. Its popularity soared after the 1950s, when scientists discovered it could make polycarbonate plastic — a hard, durable, and transparent material perfect for everything from water bottles to medical devices.
But recently, success has soured: A growing body of evidence shows even low doses of BPA might be harmful to human and environmental health. It now has a label as an endocrine disrupting compound, a substance that can derail the body’s hormone balance and potentially cause cancer or birth defects.
Manufacturers are phasing BPA out of their products, particularly storage containers used for food and beverages, but it’s still a huge industry. Furthermore, BPA doesn’t break down easily, making it hard to safely dispose of the material. If it leeches into waterways, it may persist as an environmental toxin.
A new hybrid photocatalyst can break down BPA using visible light, said researchers at the University of Malaya, Kuala Lumpur, Malaysia; and Leibniz Universität Hannover, Hannover, Germany. Their findings could eventually see use to treat water supplies and to more safely dispose of BPA and materials like it.
This hybrid material breaks down BPA through photocatalytic oxidation, a process in which light activates an oxidizing chemical reaction. When light strikes a photocatalyst like titanium dioxide (TiO2) nanoparticles, the jolt of energy can kick one of its electrons up to an excited state and create a charge distribution imbalance. At the higher-energy electron band, there’s now an excess of negative charge due to the addition of an electron. Meanwhile, at the lower-energy electron band, there’s an excess of positive charge (known as a “hole”) because an electron has left. In this excited, unbalanced state, TiO2 can catalyze oxidation and reduction of materials around it. The excited electron will have a tendency to leave the TiO2 to reduce something nearby, while the hole will help another substance to oxidize by accepting one of its electrons.
However, pure TiO2 has a large bandgap — it takes a great deal of energy to excite electrons from one level to another — and only displays photocatalytic properties under ultraviolet light. Plus, the excited electron tends to quickly fall back down and recombine with the hole, giving the catalyst little time in its excited state to induce a reaction.
In order to turn TiO2 nanoparticles into a better photocatalyst, the researchers made several modifications. First, they added silver to the surface of the nanoparticles, a common technique to enhance the charge separation. When light strikes TiO2 and excites one of its electrons, the silver will pull that electron away so it can’t fall back down into the hole. The hole can then more readily assist in an oxidation reaction.
The addition of silver also shifted the wavelength at which the photocatalyst became excited by inducing localized surface plasmon resonance effects — a phenomenon in which energetic electrons at the surface of a material vibrate at a specific frequency and enhance light absorption over a narrow range of wavelengths. In this case, the silver shifted the wavelength of light necessary to activate the photocatalyst toward the visible light spectrum.
“The inclusion of a noble metal [like silver] in the ultraviolet-responsive TiO2 has significantly extended the spectrum toward the visible light through localized surface plasmon resonance effects,” said Pichiah Saravanan, a researcher from University of Malaya who lead the project.
Then, they wrapped the Ag/TiO2 nanoparticles in sheets of reduced graphene oxide (RGO), a thin layer of carbon atoms arranged in a honeycomb pattern. Like the silver, the addition of RGO helped the hole to persist by accepting excited electrons from TiO2. It also reduced the nanoparticles’ bandgap, decreasing the amount of energy necessary to activate the photocatalyst.
When the researchers mixed the hybrid nanoparticles with BPA solution under an artificial visible light source, they found BPA oxidized and broke down much more effectively than it did without the catalyst present. Furthermore, the RGO-Ag-TiO2 nanoparticles outperformed those where RGO or Ag alone added in to the TiO2, suggesting both modifications played a role in the enhanced catalytic activity under visible light.
Eventually, the team hopes to use their findings to help break down BPA and other contaminants in water supplies. “We strongly feel the developed nano-photocatalyst could be one of the nanomaterials that can sustainably address said problem,” said Saravanan.
Friday, May 8, 2015 @ 05:05 PM gHale
There is a new push in Europe to fight off increasingly sophisticated cyber attacks.
A new project called SAFEcrypto will draw together cryptographers and other IT experts from Germany, France, Switzerland, Britain and Ireland to devise urgent security solutions capable of withstanding attack from the next generation of hackers.
The project, led by Queen’s University Belfast, will focus on an acute threat from emerging technologies including ‘quantum computers’ – capable of processing information much faster than silicon-based computers used today.
The project, which will run for four years at a cost of €3.8 million ($4.3 million), will concentrate on three main areas:
• Protecting information passed via satellites
• Protecting public-safety communications systems, eg those used by police, fire and ambulance services
• Safeguarding the privacy of data collected by municipal authorities
“(Centre for Secure Information Technologies) CSIT was among the first centers in the UK to be recognized as a center of academic excellence in cyber security research in 2012, and it is a natural progression for us to start working on a larger, pan-European stage,” said project lead professor Máire O’Neill from the CSIT at Queen’s. “Horizon 2020 has given us the opportunity to form a project consortium which is a true partnership between industry and academia.”
“Organizations are steadily increasing the level of spending on encryption products to protect their intellectual property and to maintain the privacy of customer details and personal information,” said O’Neill, who earned a UK Royal Academy of Engineering Silver Medal in 2014 and who is a former British Female Inventor of the Year (2007). “It is estimated that 25 percent of enterprises globally operate an internal public key encryption infrastructure (PKI). We believe these present day PKI systems will become vulnerable to attack by a new form of very powerful quantum computers in the near future.”
SAFEcrypto represents the first major project in Northern Ireland using funding from Horizon 2020, the biggest EU research and innovation program ever developed.
Tuesday, May 5, 2015 @ 02:05 PM gHale
German automaker, Audi, created its first batch of liquid “e-diesel” at a research facility in Dresden, Germany.
This e-diesel is the result of a “power to liquid” process, created by German clean tech company Sunfire, which is a partner of Audi.
The process uses carbon dioxide, a common greenhouse gas, which can end up captured directly from air. Carbon dioxide is the result of burning fossil fuels and contributes to global warming. Sunfire said it can recycle the gas to make a more efficient, carbon-neutral fuel, according to a published report.
Unlike conventional fossil fuels, the “e-diesel” doesn’t contain sulphur and other contaminants. “The engine runs quieter and fewer pollutants are being created,” Sunfire’s Christian von Olshausen said.
They can make the fuel in three steps. First, the researchers heat up steam to very high temperatures to break it down into hydrogen and oxygen. This process requires temperatures over 1,470 degrees Fahrenheit and can end up powered by green energy such as solar or wind power.
Second, they mix the hydrogen with carbon dioxide under pressure and at high temperature to create what they call blue crude. The final step calls for the blue crude to end up refined into fuels in a similar way fossil crude oil is refined into gasoline.
Audi said lab tests shown the “e-diesel” can end up mixed with fossil fuels or used as a fuel on its own.
The new fuel underwent testing by German Education and Research minister Johanna Wanka last week. She put the first five liters into her official car, and declared the project a success.
“If we can make widespread use of CO2 as a raw material, we will make a crucial contribution to climate protection and the efficient use of resources, and put the fundamentals of the green economy in place,” she said.
Sunfire said its plant is set to produce more than 3,000 liters of “e-diesel” over the coming months. The company said it was aiming for a pre-tax price of between 1 and 1.20 euros per liter ($1.10 to $1.30), compared to the current German pre-tax price of around 0.6 euros per liter of gasoline.
Wednesday, September 3, 2014 @ 03:09 PM gHale
In a continuing effort to combat growing and more sophisticated attacks, Europol will launch a new taskforce with the mission of tackling cybercrime in the European Union and beyond.
The new Joint Cybercrime Action Taskforce (J-CAT) has its headquarters at the Europol’s European Cybercrime Center (EC3) and Andy Archibald, the deputy director of the National Cyber Crime Unit at the United Kingdom’s National Crime Agency (NCA), will lead the unit.
The United States, the United Kingdom, Canada, Austria, Germany, France, Italy, the Netherlands and Spain are part of the J-CAT in the six-month pilot during which the taskforce will coordinate international investigations targeting malware, underground forums and other cyber threats, Europol said. Colombia and Australia have also committed to the project.
The initiative is the result of collaboration between the EC3, the FBI, the NCA and the EU Cybercrime Taskforce. Cyber liaison officers from the EC3, European Union member states, and non-EU law enforcement partners are part of the J-CAT.
“Today is a good day for those fighting cybercrime in Europe and beyond. For the first time in modern police history a multi-lateral permanent cybercrime taskforce has been established in Europe to coordinate investigations against top cybercriminal networks. The Joint Cybercrime Action Taskforce will operate from secure offices in Europol’s HQ assisted by experts and analysts from the European Cybercrime Centre,” said Troels Oerting, head of the EC3. “The aim is not purely strategic, but also very operational. The goal is to prevent cybercrime, to disrupt it, catch crooks and seize their illegal profits”
The EC3 has worked in numerous international operations, including the one against the banking Trojan Shylock, and a recently disrupted global scheme targeting money transfer services in Europe. With the launch of the J-CAT, law enforcement agencies want to further strengthen anti-cybercrime efforts and make joint investigations as efficient as possible.
The new taskforce will collect data on malware development and distribution, botnets, online fraud, and cyber intrusions from national repositories, government agencies and private sector partners. The data will end up converted into actionable intelligence used in investigations. The J-CAT will also organize meetings to obtain input on online threats from computer emergency response teams (CERTs) and private companies.
“There are many challenges faced by law enforcement agencies with regards to cyber criminals and cyber attacks. This is why there needs to be a truly holistic and collaborative approach taken when tackling them,” Archibald said. “The J-CAT will, for the first time, bring together a coalition of countries across Europe and beyond to coordinate the operational response to the common current and emerging global cyber threats faced by J-CAT members.”
In June, Europol signed an agreement with the European Union Agency for Network and Information Security (ENISA) to help EU member states with combating and preventing cybercrime.
Tuesday, July 1, 2014 @ 11:07 AM gHale
Attackers mainly targeting the energy sector were able to get in and surreptitiously cull strategic information.
As more reports become public, it is apparent the attack, labeled Dragonfly, is a cyber espionage program mainly targeting energy grid operators, major electricity generation firms, petroleum pipeline operators, and energy industry industrial equipment providers, according to a report from Symantec. The majority of the victims were located in the United States, Spain, France, Italy, Germany, Turkey, and Poland.
The attacker’s approach is very strategic and almost surgical in how they are able to get into various systems. The Dragonfly group has a range of malware tools at its disposal and is capable of launching attacks through a number of different vectors. Its most ambitious attack campaign saw it compromise a number of industrial control system (ICS) equipment providers, infecting their software with a remote access-type Trojan. This caused companies to install the malware when downloading software updates for computers running ICS equipment, Symantec report said. These infections not only gave the attackers a beachhead in the targeted organizations’ networks, but also gave them the means to mount sabotage operations against infected ICS computers.
As more information is releasing, ICS-CERT is continually issuing new reports on its public portal.
Dragonfly appears to have a broad focus with espionage and persistent access as its current objective with sabotage as an optional capability if required.
In addition to compromising ICS software, Dragonfly has used spam email campaigns and watering hole attacks to infect targeted organizations. The group has used two main malware tools: Backdoor.Oldrea and Trojan.Karagany. The former appears to be a custom piece of malware, either written by or for the attackers.
The Dragonfly group, also known by other vendors as Energetic Bear, appears to have been in operation since at least 2011 and may have been active even longer than that, according to the report. Dragonfly initially targeted defense and aviation companies in the U.S. and Canada before shifting its focus mainly to U.S. and European energy firms in early 2013.
The campaign against the European and American energy sector quickly expanded in scope. The group initially began sending malware in phishing emails to personnel in target firms, according to the report. Later, the group added watering hole attacks to its offensive, compromising websites visited by those working in energy in order to redirect them to websites hosting an exploit kit. The exploit kit in turn delivered malware to the victim’s computer. The third phase of the campaign was the Trojanizing of legitimate software bundles belonging to three different ICS equipment manufacturers.
Dragonfly bears the hallmarks of a state-sponsored operation, displaying a high degree of technical capability. The group is able to mount attacks through multiple vectors and compromise numerous third party websites in the process. Dragonfly has targeted multiple organizations in the energy sector over a long period of time. Its current main motive appears to be cyber espionage. But that also has the potential for sabotage.
Analysis of the compilation timestamps on the malware used by the attackers indicates the group mostly worked between Monday and Friday, with activity mainly concentrated in a nine-hour period that corresponded to a 9 am to 6 pm working day in the UTC +4 time zone. Based on this information, it is likely the attackers are in Eastern Europe.
Dragonfly uses two main pieces of malware in its attacks. Both are remote access tool (RAT) type malware which provide the attackers with access and control of compromised computers. Dragonfly’s favored malware tool is Backdoor.Oldrea, also known as Havex or the Energetic Bear RAT. Oldrea acts as a back door for the attackers on to the victim’s computer, allowing them to extract data and install further malware.
Oldrea appears to be custom malware, either written by the group itself or created for it. This provides some indication of the capabilities and resources behind the Dragonfly group.
Once installed on a victim’s computer, Oldrea gathers system information, along with lists of files, programs installed, and root of available drives. It will also extract data from the computer’s Outlook address book and VPN configuration files. This data then writes to a temporary file in an encrypted format before sending to a remote command-and-control (C&C) server controlled by the attackers.
The majority of C&C servers appear to be on compromised servers running content management systems, indicating the attackers may have used the same exploit to gain control of each server. Oldrea has a basic control panel which allows an authenticated user to download a compressed version of the stolen data for each particular victim.
The second main tool used is Trojan.Karagany. Unlike Oldrea, Karagany was available on the underground market. The source code for version 1 of Karagany leaked in 2010. Symantec believes Dragonfly may have taken this source code and modified it for its own use. Symantec detected this version as Trojan.Karagany!gen1.
Karagany is capable of uploading stolen data, downloading new files, and running executable files on an infected computer. It is also capable of running additional plugins, such as tools for collecting passwords, taking screenshots, and cataloging documents on infected computers.
Symantec found the majority of computers compromised by the attackers suffered infection with Oldrea. Karagany saw use in 5 percent of infections. The two pieces of malware are similar in functionality and what prompts the attackers to choose one tool over another remains unknown.
The Dragonfly group used at least three infection tactics against targets in the energy sector. The earliest method was an email campaign, which saw selected executives and senior employees in target companies receive emails containing a malicious PDF attachment. Infected emails had one of two subject lines: “The account” or “Settlement of delivery problem.” All of the emails were from a single Gmail address.
The spam campaign began in February 2013 and continued into June 2013. Symantec identified seven different organizations targeted in this campaign. The number of emails sent to each organization ranged from one to 84.
The attackers then shifted their focus to watering hole attacks, comprising a number of energy-related websites and injecting an iframe into each which redirected visitors to another compromised legitimate website hosting the Lightsout exploit kit. Lightsout exploits either Java or Internet Explorer in order to drop Oldrea or Karagany on the victim’s computer. The fact the attackers compromised multiple legitimate websites for each stage of the operation is further evidence that the group has strong technical capabilities.
Going After ICS Vendors
The most ambitious attack vector used by Dragonfly was the compromise of a number of legitimate software packages. Three different ICS equipment providers ended up targeted and malware inserted into the software bundles they had made available for download on their websites. All three companies made equipment used in a number of industrial sectors, including energy.
The first identified Trojanized software was a product used to provide VPN access to programmable logic controller (PLC) type devices. The vendor discovered the attack shortly after it was mounted, but there had already been 250 unique downloads of the compromised software.
The second company to suffer compromise was a European manufacturer of specialist PLC type devices. In this instance, a software package containing a driver for one of its devices ended up compromised. Symantec estimated the Trojanized software was available for download for at least six weeks in June and July 2013.
The third firm attacked was a European company which develops systems to manage wind turbines, biogas plants, and other energy infrastructure. Symantec believes that compromised software may have been available for download for approximately ten days in April 2014.
The Dragonfly group is technically adept and able to think strategically. Given the size of some of its targets, the group found a “soft underbelly” by compromising their suppliers, which are invariably smaller, less protected companies.
Click here for more information on the Dragonfly attacks.
Tuesday, June 10, 2014 @ 03:06 PM gHale
By connecting dead ends, it is possible to significantly increase power grid stability.
As the input from renewable sources is volatile because of the uncertainty of things like how much and how hard the wind blows or if the sun is shining, there’s a higher risk of local power instabilities and potential blackouts.
In an effort to curb those issues, scientists from the Potsdam Institute for Climate Impact Research (PIK) in Potsdam, Germany, created a novel concept from nonlinear systems analysis called basin stability. They found by connecting dead ends can significantly increase power grid stability. The findings ended up confirmed via a case study of the Scandinavian power system.
“The cheapest and thus widespread way to implement new generators into a high-voltage power grid is by simply adding single connections, like creating dead-end streets in a road network,” said Peter J. Menck, lead author of a study on the subject.
To test the resulting system’s stability, the scientists simulated large perturbations in a standard electrical engineering model. “We found that in the power grid nodes close to the dead-end connections, the ability to withstand perturbations is largely reduced,” Menck said.
“Yet it turned out that this can be easily repaired by judiciously adding just a few transmission lines,” Menck said. Apparently, the provision of alternative routes in the network should allow for a dispersion of perturbation effects. Thereby, technical protection mechanisms at the different nodes of the grid can deal with problems, while dead ends make the effects culminate at single points of the network.
These new insights are the result of applying for the first time the novel mathematical concept of basin stability developed at PIK.
“From energy grids to the Amazon jungle or human body cells, systems possess multiple stable states,” said co-author Jürgen Kurths who leads the institute’s research domain “Transdisciplinary Methods and Concepts.”
“To understand blackouts, forest dieback, or cancer, it is crucial to quantify the stability of a system – and that’s precisely what we’re now able to do,” he said.
The concept conceives a system’s alternative states as points in a mountainous landscape with steep rocks and deep valleys. The likelihood that a system returns to a specific sink after suffering a severe blow depends on how big this basin is.
“Compared to the potential costs of a blackout, adding a few transmission lines would definitely be affordable,” said co-author Hans Joachim Schellnhuber, director of PIK. “The new study gives just one example that innovative solutions, in our case even based on already existing technology, can indeed help master the transformation of our energy system, for many good reasons such as climate stabilization.”
Wednesday, May 21, 2014 @ 07:05 PM gHale
Cyber crime and investigations know no boundaries and last week 300 houses ended up raided and over 100 people arrested as part of an international law enforcement operation targeting people believed to be responsible for selling, creating and using the BlackShades Remote Access Trojan (RAT).
News of the operation came out last week, when the members of hacker forums said police raided them. On Monday, Europol confirmed the operation and provided more details.
Raids took place in over 10 countries, including Belgium, France, the Netherlands, Germany, UK, Estonia, Austria, Canada, U.S., Denmark, Chile, Italy and Croatia.
Investigators seized over 1,000 computers, laptops, mobile phones, USB sticks, external hard drives and routers.
“This case is yet another example of the critical need for coordinated law enforcement operations against the growing number of cyber criminals operating on an EU and global level,” said Troels Oerting, head of the European Cybercrime Centre (EC3).
“EC3 will continue — together with Eurojust and other partners — to work tirelessly to support our partners in the fight against fraudsters and other cyber criminals who take advantage of the Internet to commit crime. The work is far from over, but our cooperation to work together across borders has increased and we are dealing with cases on an ongoing basis.”
The BlackShades RAT, which sells for between $40 and $100, is a popular tool among cybercriminals. The malware can hijack webcams, steal files, log keystrokes, and launch denial-of-service attacks against a designated target.
In a recent case in the Netherlands, an 18-year-old used it to infect over 2,000 computers. The teen hijacked the webcams of infected devices in an effort to capture intimate pictures of women.
The FBI arrested Michael Hogue, one of the creators of BlackShades, back in 2012. However, others continued to improve the RAT even after Hogue’s arrest. In November 2013, Symantec said the use of BlackShades had increased in the previous five months.
“This case is a strong reminder that no one is safe while using the Internet, and should serve as a warning and deterrent to those involved in the manufacture and use of this software,” said Koen Hermans, assistant to the National Member for the Netherlands.
“This applies not only to victims, but also to the perpetrators of criminal and malicious acts. The number of countries involved in this operation has shown the inherent value in Eurojust’s coordination meetings and coordination centers.”