Critical internet resources

USDA faces mounting criticism over cybersecurity vulnerabilities in the food and agriculture sector

Experts warn that the potential for disaster in the food and agriculture sector is immense. The US Department of Agriculture (USDA) is tasked with preventing such crises by securing the sector’s infrastructure from physical and cyber threats. However, in today’s increasingly digital world, the USDA is alarmingly unprepared to fulfil this role, according to policymakers, independent experts, and even the department’s reports to Congress.

That crucial responsibility is handled by a small, underfunded office within the USDA, which is already stretched thin with other duties. The department’s leadership rarely highlights the serious cyber threats facing the food and agriculture industry. This industry contributed over 5% to the US economy and provided about 10% of the nation’s jobs last year. Despite these pressing risks, it remains uncertain whether the department has made meaningful progress in addressing them.

While other agencies that protect critical infrastructure have been proactive in confronting cyber threats, the USDA needs to be faster to act, even as industry stakeholders become increasingly anxious about their digital vulnerabilities. The food and agriculture sector has largely remained under the radar regarding cybersecurity, with hackers focusing on more profitable targets for now. But this reprieve is unlikely to last indefinitely. The 2021 ransomware attack on meat-processing giant JBS, which forced the closure of plants across the country and threatened to disrupt beef prices, served as a wake-up call about the sector’s vulnerabilities.

Over the past decade, the cyber risks to food and agriculture have escalated as automation has become more widespread across the industry. Technology has become deeply embedded in modern agriculture, from tractors guided by GPS and cloud-connected devices controlling planting patterns to drones (some manufactured in China) surveying and spraying crops and automated systems managing livestock feeding. That integration extends through the entire supply chain, from food processors to distributors, making it more vulnerable to cyberattacks.

However, these technological advancements were adopted mainly before the rise in cyber threats to critical infrastructure, leading to serious concerns about the security of the US food supply. Cyberattacks on the food system could manifest in various ways, and one of the most severe concerns involves manipulating food safety data, either by concealing a food-borne illness or by falsely creating evidence of one.

Why does this matter?

The USDA still needs to provide interviews. However, a spokesperson emphasised that the department remains ‘committed to enhancing our cyber capabilities, promoting cyber awareness across the sector, and raising the industry’s cyber profile, despite the limited funding allocated by Congress for this purpose.’

The department also stays engaged with the sector through biweekly email updates, periodic meetings with industry leaders, and organised threat briefings. Additionally, when pro-Russian hacktivists targeted the sector earlier this year, Detlefsen noted that USDA quickly brought in him and his colleagues to discuss the situation. According to Scott Algeier, executive director of the Food and Agriculture ISAC, the USDA is ‘doing well’ in its role as a policy coordinator, collaborator, and convener’ while allowing the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) to handle the technical aspects of cybersecurity.

White House urges better security for internet routing protocol

The White House’s cybersecurity office urged network operators to adopt available measures to secure the Border Gateway Protocol (BGP), a critical yet vulnerable technology used for routing internet traffic. The new guidance highlights that BGP lacks sufficient security and resilience features against current risks, a concern that has persisted for 25 years.

BGP is used by networks to exchange routing information, such as internet addresses, with other networks. For example, a mobile network uses BGP to connect with a cloud service or residential broadband network. Without updates, BGP is susceptible to exploits by malicious actors. Hijacking BGP can redirect users to malicious sites, exposing them to theft or data breaches, and can also facilitate DDoS attacks or disrupt telecommunications.

The Office of the National Cyber Director (ONCD) recommends that network operators adopt Resource Public Key Infrastructure (RPKI), which involves digital certificates managed by Regional Internet Registries. RPKI supports technologies like Route Origin Validation (ROV) and Route Origin Authorization (ROA) to help networks verify reachable internet addresses.

The ONCD acknowledges that securing BGP is challenging and provides detailed guidance on the protocol. It notes that federal networks in the US have not fully implemented ROAs but aim to have over 60% of advertised IP space secured by the end of the year. The ONCD will lead a new Internet Routing Security Working Group, including the Cybersecurity and Infrastructure Security Agency (CISA) and industry partners.

Russian malware Banshee compromises Mac security

A new malware named Banshee, developed by Russian hackers, is targeting macOS users by compromising browser extensions. Banshee poses a significant threat by stealing sensitive data such as passwords, cryptocurrency, and personal information. The malware affects a wide range of web browsers, including Safari, Chrome, and Firefox, and can infiltrate various crypto wallets.

Banshee is being sold on the dark web for as little as $3,000, making it an accessible tool for cybercriminals. Researchers at Elastic Security Labs identified that Banshee operates on both x86_64 and ARM64 macOS systems. Once the malware infiltrates a system, it begins harvesting data from the Mac’s Keychain, desktop, and documents, with the ability to evade detection.

Infection methods likely involve deceptive tactics, such as fake pop-ups mimicking legitimate updates or urgent notifications. Despite the growing concerns, the full extent of Banshee’s spread and impact remains unclear. Apple’s security infrastructure, while robust, has been exploited through browser extensions, underscoring the need for vigilance.

To protect against such threats, Mac users should limit browser extensions, be cautious with downloads, keep software updated, and use strong, unique passwords. These practices, while not foolproof, significantly reduce the risk of falling victim to malware like Banshee.

Critical browser flaw puts Mac and Linux users at risk

A newly identified zero-day flaw linked to the 0.0.0.0 IP address has been exploited by hackers, placing users of major web browsers on macOS and Linux at risk. This vulnerability has been observed in popular browsers like Safari, Chrome, and Firefox, which could potentially allow unauthorised access to private networks. Although Windows users are unaffected, other browsers like Microsoft Edge, Brave, and Opera, which are based on Chromium, are also vulnerable.

The cybersecurity firm Oligo has reported that this flaw enables hackers to communicate with local software on Mac or Linux systems. By using the 0.0.0.0 address instead of localhost, public websites might execute arbitrary code on a visitor’s device, bypassing long-standing security measures. Oligo researchers have estimated that around 100,000 websites could facilitate this attack, which has already been used in targeted strikes on AI workloads.

In response to the threat, Apple has promised to address the issue in the upcoming macOS 15 Sequoia beta by blocking the 0.0.0.0 address. An update to Safari’s WebKit will also block connections to this IP. Chrome is considering a similar approach to ensure that users cannot bypass its Private Network Access protection. Mozilla, however, remains cautious, with a spokesperson noting that tighter restrictions might lead to compatibility issues, and therefore, Firefox has not yet implemented any proposed restrictions.

The widespread nature of the vulnerability and the potential for serious security breaches underscore the urgent need for a solution. Users of affected browsers are encouraged to stay updated on patches and fixes as they become available, particularly from browser developers like Apple, Google, and Mozilla.

Researchers develop a method to improve reward models using LLMs for synthetic critiques

Researchers from Cohere and the University of Oxford have introduced an innovative method to enhance reward models (RMs) in reinforcement learning from human feedback (RLHF) by leveraging large language models (LLMs) for synthetic critiques. The novel approach aims to reduce the extensive time and cost associated with human annotation, which is traditionally required for training RMs to predict scores based on human preferences.

In their paper, ‘Improving Reward Models with Synthetic Critiques’, the researchers detailed how LLMs could generate critiques that evaluate the relationship between prompts and generated outputs, predicting scalar rewards. These synthetic critiques improved the performance of reward models on various benchmarks by providing additional feedback on aspects like instruction following, correctness, and style, leading to better assessment and scoring of language models.

The study highlighted that high-quality synthetic critiques significantly increased data efficiency, with one enhanced preference pair as valuable as forty non-enhanced pairs. The approach makes the training process more cost-effective and has the potential to match or surpass traditional reward models, as demonstrated by GPT-4.0’s performance in certain benchmarks.

As the field continues to explore alternatives to RLHF, including reinforcement learning from AI feedback (RLAIF), this research indicates a promising shift towards AI-based critiquing, potentially transforming how major AI players such as Google, OpenAI, and Meta align their large language models.

Reliance’s Jio platforms clears major hurdle in bid to launch satellite internet in India

Reliance Industries’ Jio Platforms, a major player in the Indian telecommunications market, has recently cleared a significant regulatory hurdle in its ambitious plan to launch satellite internet services in India. That development marks a pivotal step forward in Jio’s mission to expand its digital footprint and offer high-speed internet across the country’s vast and diverse landscape. The approval comes from the Indian National Space Promotion and Authorization Center (IN-SPACe), which is responsible for regulating and promoting private sector participation in the country’s space sector. The nod of approval is crucial for Jio Platforms as it paves the way for the deployment of low-earth orbit (LEO) satellites to provide internet services.

Jio’s satellite internet project aims to deliver high-speed broadband connectivity to remote and rural areas, where traditional fiber-optic networks are challenging to implement. That initiative aligns with the Indian government’s vision of a ‘Digital India’ aimed at bridging the digital divide and ensuring that every citizen has access to the internet. In its endeavor to roll out satellite internet, Jio Platforms is collaborating with SES, a Luxembourg-based satellite telecommunications company. The partnership is expected to leverage SES’s expertise in satellite technology and Jio’s robust terrestrial infrastructure, creating a seamless internet experience for users.

The technology underpinning this initiative involves the use of LEO satellites, which orbit closer to the Earth compared to traditional geostationary satellites. That proximity results in lower latency and faster internet speeds, making it a viable solution for real-time applications such as video conferencing, online gaming, and streaming services. The market in India presents a massive opportunity for satellite internet providers, given its large population and the significant number of underserved regions. According to industry estimates, India has over 700 million internet users, yet millions still lack reliable internet access, particularly in rural and remote areas.

Jio Platforms’ entry into the satellite internet space will position it against other global players like Elon Musk’s SpaceX and its Starlink project, as well as Amazon’s Project Kuiper. Two other companies, Inmarsat and Eutelsat‘s Bharti Enterprises-backed OneWeb, have also received approval to operate satellites over India, with OneWeb having secured all its necessary permissions late last year. IN-SPACe Chairman Pawan Goenka also noted that the agency would soon authorise private companies to operate ground stations, enabling satellite operators to download data as they pass over India. This year, India opened the gates for foreign direct investment in the sector, allowing outside companies to invest in the manufacture of components and systems or subsystems for satellites up to 100% without approval.

Why does it matter?

The Indian satellite broadband service market is expected to grow 36% annually over the next five years and reach $1.9 billion by 2030, according to consultancy Deloitte. That indicates substantial growth potential and a transformative impact on the country’s internet accessibility.

Iran allocates funds to expand state-controlled internet infrastructure

The Raisi administration in Iran has allocated millions of dollars towards bolstering the country’s internet infrastructure, focusing on tightening control over information flow and reducing the influence of external media.

This decision, part of a broader financial strategy for the Ministry of Communications and Information Technology, reflects a 25% increase from the previous year’s budget, totalling over IRR 195,830 billion (approximately $300 million). Additionally, over IRR 150,000 billion (over $220 million) in miscellaneous credits have been earmarked to expand the national information network.

The Ministry of Communications and Information Technology’s efforts aim to reduce dependency on the global internet, leading to a more isolated and state-controlled national information network.

Why does it matter?

Popular social media platforms like Instagram and Facebook are blocked in Iran, and the government appears to be tightening internet control. Cloudflare has observed a significant decrease in internet traffic from Iran over the past two years, suggesting a trend of increased control and isolation. However, widespread internet disruptions have sparked discontent, leading the Tehran Chamber of Commerce to call for policy reassessment, citing economic concerns.

Internet shutdowns spike in Q1 2024

In the first quarter of 2024, Pulse has documented 22 deliberate internet shutdowns across 12 countries, with some ongoing since 2023. This figure matches the peak seen in 2021 during Myanmar‘s military coup, highlighting a concerning trend. India has been the most affected, with nine shutdowns, followed by Ethiopia and Senegal, each experiencing two incidents. Over half of these shutdowns have been localised, impacting specific regions within countries including Chad, Comoros, Cuba, Iran, Pakistan, Palestinian Territory and Russia.

Among the recorded events, nine led to nationwide disruptions lasting from hours to months, affecting approximately 297 million internet users and resulting in over 910 days of downtime. These shutdowns have inflicted significant economic losses, amounting to USD 565.4 million in GDP, as reported by Pulse. Such disruptions hinder societal progress, hamper economies, and undermine the stability of the global internet infrastructure.

Why does it matter?

Championing an open and easily accessible internet, advocates stress the significance of prioritising policies that ensure uninterrupted connectivity. Governments and policymakers globally are encouraged to endorse efforts to protect the internet, acknowledging its pivotal role in nurturing economic development and providing opportunities for individuals to exercise fundamental human rights in the digital era.

Vietnam approves ‘IPv6 for Gov 2024’ project to transition state services to IPv6

The Ministry of Information and Communications in Vietnam has recently approved the ‘IPv6 For Gov 2024’ project, which aims to transition all online state services to Internet Protocol version 6 (IPv6).

By the end of this year, Vietnam aims to have 65-80 percent of internet activities using IPv6, positioning the state among the top 8 nations worldwide in terms of protocol adoption. The project aims to convert 90-100 percent of formal e-Portals and public service portals of state ministries, agencies, and local authorities. This transition will facilitate more efficient and secure communication and interaction between citizens and the government.

According to statistics from the Ministry of Information and Communications, Vietnam has made significant progress in adoption. As of December 2023, IPv6 usage in Vietnam had reached an impressive 59 percent, placing the country in second position among ASEAN nations and ninth worldwide. Furthermore, all critical national Internet infrastructure in Vietnam already operates on IPv6, demonstrating the country’s commitment. By the end of the previous year, 76.48 million broadband internet subscribers, whether fixed or mobile, were already using this technology.

Internet Protocol version 6, offers a solution to the impending shortage of addresses with its nearly limitless address space. It enables the seamless integration of these technologies into the digital ecosystem.

ICANN launches project to look at what drives malicious domain name registrations

The Internet Corporation for Assigned Names and Numbers (ICANN) has launched a project to explore the practices and choices of malicious actors when they decide to use the domain names of certain registrars over others. The project, called Inferential Analysis of Maliciously Registered Domains (INFERMAL), will systematically analyse the preferences of cyberattackers and possible measures to mitigate malicious activities across top-level domains (TLDs). It is funded as part of ICANN’s Domain Name System (DNS) Security Threat Mitigation Program, which aims to reduce the prevalence of DNS security threats across the Internet.

The team leading the project intends to collect and analyse a comprehensive list of domain name registration policies pertinent to would-be attackers, and then use statistical modelling to identify the registration factors preferred by attackers. It is expected that the findings of the project could help registrars and registries identify relevant DNS anti-abuse practices, strengthen the self-regulation of the overall domain name industry, and reduce the costs associated with domain regulations. The project would also help increase the security levels of domain names and, thus, the trust of end-users.