The U.S. government agencies put out a warning that Russian military has been using a Kubernetes cluster to attempt distributed and anonymized brute force access against hundreds of government and private sector targets worldwide. Department of Homeland Security (DHS)’s Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), the National Security Agency (NSA), and the National Cyber Security Center jointly issued the warning. The agencies said the attacks started at least in mid-2019 through early 2021 and have been called Fancy Bear, APT28, and Strontium. Specifically named in the warning is Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS), military unit 26165. The GTsSS most often used Microsoft Office 365 cloud service to gain access although other service providers and on-prem email servers were attacked. One way to protect against the attacks is to use two-factor authentication.
The U.S. federal government has been beefing up its cybersecurity defense. DHS announced it has hired and onboarded 300 cybersecurity professionals and has tentative job offers out to 500 other people. The department is in a 60-day hiring action it calls the Cybersecurity Workforce Sprint. In all, 2000 vacancies need to be filled. The DHS’ CISA also will be keeping a published list of bad security practices. Finally a historically large budget for CISA $2.42 billion just passed unopposed out of its House subcommittee.
Microsoft announced its new operating system Windows 11, which has a more stringent security baseline required from the hardware it runs on. The OS is designed to only run on systems that have a Trusted Platform Module (TPM) 2.0 security chip. The TPM 2.0 generates, stores, and manages the use of cryptographic keys and supports a strong cryptographic algorithm called Secure Hash Algorithm 2 256 (SHA-2 256).
Adelphi University launched the Anita D’Amico Endowment Fund for Cybersecurity and Psychology Research. The endowment will fund research that looks how psychology intersects with cybersecurity. “I am honored that Adelphi University has launched this endowment fund for cybersecurity and psychology research in my name and I thank all those who are contributing to it. Human attitudes and behaviors are a major contributor to the safety and security of cyber systems,” said Anita D’Amico, vice president of Market Development at Synopsys. “Psychological principles can be used to better understand the interplay between cyber attackers and defenders and can shed light on how to motivate everyday computer users to adopt more secure practices and avoid risky behaviors. Human factors research can provide insight into the organizational characteristics that influence the introduction of vulnerabilities into software and systems. This endowment will fund interdisciplinary psychology and cybersecurity research to promote a more safe and secure cyber world.” D’Amico was recently the CEO of Code Dx, which was acquired by Synopsys.
Pervasive computing — IoT, edge, cloud, data center, and back
The majority of consumers interviewed in a recent report conducted by Cadence felt that hyperconnectivity — always being connected to a network via a device — was a good thing — with caveats. Consumers want the devices to be secure, convenient, and work seamlessly together. Cadence recorded consumers want lists, which include great battery life, frictionless updates, data security, and transparency of how data is used. Cadence commissioned an independent insight agency to interview 3,073 adults in five key technology markets, including the U.S., U.K, Israel, China, and Germany, in Q4 2020.
Synopsys’ Fusion Design Platform is qualified for Samsung Foundry‘s latest 3nm gate-all-around (GAA) process technology after the foundry achieved a successful first-pass silicon for an advanced, high-performance, and multi-subsystem system-on-chip (SoC). GAA will be used for high-performance computing (HPC), 5G, mobile, and advanced artificial intelligence (AI) applications. The gate-all-around FET (GAA FET) promises to remedy the channel width variations and mobility loss seen in advanced node finFETs. Synopsys reports that its R&D collaboration with Samsung on the reference flow and GAA-focused power-optimization techniques is showing, according to a press release, “improved electrostatic properties that translate to increased performance and reduced power with the added benefit of new optimization opportunities based on the additional vector of nano-sheet-width control.”
AT&T will run its 5G mobile network on Microsoft’s cloud, which means all of AT&T’s mobile network traffic will be managed with Microsoft Azure. Microsoft will acquire AT&T’s Network Cloud platform technology, which includes its 5G core software used by mobile and IoT devices to connect to the Internet, and will invite the AT&T engineers to join Microsoft. Microsoft is developing its Azure for Operators product AT&T will continue to operate its network for its customers but will use Microsoft’s hybrid and hyperscale infrastructure.
Marvell announced that its OCTEON 10 DPU (data processing unit) family will include Arm Neoverse N2 cores.
TotalEnergies Gas Mobility will be using Siemens‘ IoT MindSphere for monitoring of its Natural Gas for Vehicle (NGV) refueling stations across the Netherlands, Belgium, and France. MindSphere is an industrial IoT service available on the cloud and is part of the Siemens’ Xcelerator portfolio of software and services.
Xilinx newest version of its Vivado Design Tools are now using machine-learning (ML) optimization algorithms to speed up FPGA programming. The Vivado ML Editions has ML-based logic optimization, delay estimation, and intelligent design runs to automate timing closure iterations. Xilinx is also introducing the concept of an Abstract Shell, where modules can be defined to compile incrementally and in parallel.
RISC-V processor designer SiFive has qualified the Imperas simulation models for the full range of the SiFive processor Core IP Portfolio.
The U.S. Federal Aviation Administration (FAA) signed a three-year Memorandum of Agreement (MOA) with Verizon’s drone company, Skyward, to test cellular-connected drones. The two entities will separately collect and analyze data focused on how well cellular communications networks can handle the safety-critical command and control (C2) of unmanned aircraft systems (UAS). The data will help inform both groups as they suggest standards and regulations that will enable businesses to fly safely beyond visual line of sight (BVLOS) and help shape a universal traffic management (UTM) system, which will be a traffic control for drones. In the U.S., drone operators are not allowed to fly drones BVLOS, although Skyward has experience flying BVLOS — with the FAA waiver — to inspect communications equipment during a 2020 wildfire. Verizon’s spectrum will be part of the test.
Car companies must now report any accidents involving self-driving cars or autonomous systems in cars to the U.S. National Highway Traffic Safety Administration (NHTSA). Manufacturers and operators of vehicles equipped with SAE Level 2 advanced driver assistance systems (ADAS) or SAE Levels 3-5 automated driving systems (ADS) must report crashes to the agency within one day of learning of the crash. NHTSA has a form online to ease data submittal. “NHTSA’s core mission is safety. By mandating crash reporting, the agency will have access to critical data that will help quickly identify safety issues that could emerge in these automated systems,” said Dr. Steven Cliff, NHTSA’s acting administrator in a press release. “In fact, gathering data will help instill public confidence that the federal government is closely overseeing the safety of automated vehicles.”