Connect with us

Biz & IT

Pixel 4 review: Google ups its camera game

Published

on

Google’s first-party hardware has always been a drop in the bucket of global smartphone sales. Pixel devices have managed to crack the top five in the U.S. and Western Europe, but otherwise represent less than 1% of the overall market. It’s true, of course, that the company got a late start, largely watching on the sidelines as companies like Samsung and Huawei shipped millions of Android devices.

Earlier this year, Google admitted that it was feeling the squeeze of slowing smartphone sales along with the rest of the industry. During Alphabet’s Q1 earnings call, CEO Sundar Pichai noted that poor hardware numbers were a reflection of “pressure in the premium smartphone industry.”

Introduced at I/O, the Pixel 3a was an attempt to augment disappointing sales numbers with the introduction of a budget-tier device. With a starting price of $399, the device seemingly went over as intended. The 3a, coupled with more carrier partners, helped effectively double year over year growth for the line. Given all of this, it seems like a pretty safe bet that the six-month Pixel/Pixela cycle will continue, going forward.

Of course, the addition of a mid-range device adds more onus for the company to differentiate the flagship. With a starting price of $799, the Pixel 4 certainly isn’t expensive by modern flagship standards. But Google certainly needs to present enough distinguishing features to justify a $400 price gulf between devices — especially as the company disclosed software upgrades introduced on flagship devices will soon make their way onto their cheaper counterparts.

Indeed, the much-rumored and oft-leaked devices bring some key changes to the line. The company has finally given in and added a dual-camera setup to both premium models, along with an upgraded 90Hz display, face unlock, radar-based gestures and a whole bunch of additional software features.

The truth is that the Pixel has always occupied a strange place in the smartphone world. As the successor to Google’s Nexus partnerships, the product can be regarded as a showcase for Android’s most compelling features. But gone are the days of leading the pack with the latest version of the operating system. The fact that OnePlus devices already have Android 10 means Google’s going head to head against another reasonably price manufacturer of quality handsets.

The Pixel line steps up a bit on the design side to distinguish the product from the “a” line. Google’s phones have never been as flashy as Samsung’s or Apple’s, and that’s still the case here, but a new dual-sided glass design (Gorilla Glass 5 on both), coupled with a metal band, does step up the premium feel a bit. The product is also a bit heavier and thicker than the 3, lending some heft to the device.

There are three colors now: black, white and a poppy “Oh So Orange,” which is available in limited quantities here in the U.S. The color power button continues to be a nice touch, lending a little character to the staid black and white devices. While the screen gets a nice update to 90Hz OLED, Google still has no interest in the world of notches or hole punches. Rather, it’s keeping pretty sizable bezels on the top and bottom.

The Pixel 4 gets a bit of a screen size boost from 5.5 to 5.7 inches, with an increase of a single pixel per inch, while the Pixel 4 XL stays put at 6.4 inches (with a PPI increase of 522 to 537). The dual front-facing camera has been ditched this time out, instead opting for the single eight megapixel, similar to what you’ll find on the 3a.

Storage hasn’t changed, with both 64 and 128GB options for both models; RAM has been bumped up to a default 6GB from 4GB last time out. The processor, too, is the latest and greatest from Qualcomm, bumping from a Snapdragon 845 to an 855. Interestingly, however, the batteries have actually been downgraded.

google pixel 4 013

The 4 and 4 XL sport a 2,800 and 3,700mAh, respectively. That should be augmented a bit by new battery-saving features introduced in Android 10, but even still, that’s not the direction you want to see these things going.

The camera is, in a word, great. Truth be told, I’ve been using it to shoot photos for the site since I got the phone last week. This Google Nest Mini review, Amazon Echo review and Virgin Galactic space suit news were all shot on the Pixel 4. The phone isn’t yet a “leave your DSLR at home” proposition, of course, but damn if it can’t take a fantastic photo in less than ideal and mixed light with minimal futzing around.

There’s no doubt that this represents a small but important shift in philosophy for Google. After multiple generations of suggesting that software solutions could do more than enough heavy lifting on image processing, the company’s finally bit the bullet and embraced a second camera. Sometimes forward progress means abandoning past stances. Remember when the company dug its heels in on keeping the headphone jack, only to drop it the following year?

google pixel 4 010

The addition of a second camera isn’t subtle, either. In fact, it’s hard to miss. Google’s adopted a familiar square configuration on the rear of the device. That’s just how phones look now, I suppose. Honestly, it’s fine once you conquer a bit of trypophobia, with a pair of lenses aligned horizontally and a sensor up top and flash on bottom — as one of last week’s presenters half joked, “we hope you’ll use it as a flash light.”

google pixel 4 008

That, of course, is a reference to the Pixel’s stellar low-light capabilities. It’s been a welcome feature, in an age where most smartphone users continue to overuse their flashes, completely throwing off the photo in the process. Perhaps the continued improvements will finally break that impulse in people — though I’m not really getting my hopes up on that front. Old habits, etc.

The 4 and 4 XL have the same camera set up, adopting the 12.2-megapixel (wide angle) lens from their predecessors and adding a 16-megapixel (telephoto) into the mix. I noted some excitement about the setup in my write-up. That’s not because the two-camera setup presents anything remarkable — certainly not in this area of three, four and five-camera flagships. It’s more about the groundwork that Google has laid out in the generations leading up to this device.

00100trPORTRAIT 00100 BURST20191016105119747 COVER 1

Essentially it comes down to this: Look at what the company has been able to accomplish using software and machine learning with a single camera setup. Now add a second telephoto camera into the mix. See, Super High Res Zoom is pretty impressive, all told. But if you really want a tighter shot without degrading the image in the process, optical zoom is still very much the way to go.

There’s a strong case to be made that the Pixel 4’s camera is the best in class. The pictures speak for themselves. The aforementioned TechCrunch shots were done with little or no manual adjustments or post-processing. Google offers on-screen adjustments, like the new dual-exposure control, which lets you manually adjust brightness and shadow brightness on the fly. Honestly, though, I find the best way to test these cameras is to use them the way most buyers will: by pointing and shooting.

The fact is that a majority of people who buy these handsets won’t be doing much fiddling with the settings. As such, it’s very much on handset makers to ensure that users get the best photograph by default, regardless of conditions. Once again, software is doing much of the heavy lifting. Super Res Zoom works well in tandem with the new lens, while Live HDR+ does a better job approximating how the image will ultimately look once fully processed. Portrait mode shots look great, and the device is capable of capturing them at variable depths, meaning you don’t have to stand a specific distance from the subject to take advantage of the well-done artificial bokeh.

Our video producer, Veanne, who is admittedly a far better photographer than I can ever hope to be, tested out the camera for the weekend. 

Although Veanne was mostly impressed by the Pixel 4’s camera and photo editing capabilities, here are three major gripes.

“Digital zoom is garbage.”

Google Pixel 4 digital zoom is garbage

 

“In low lighting situations, you lose ambiance. Saturday evening’s intimate, warmly lit dinner looked like a cafeteria meal.”

Pixel 4 camera sample

 

“Bright images in low lighting gives you the impression that the moving objects would be in focus as well. That is not the case.”

Other additions round out the experience, including “Frequent Faces,” which learns the faces of subjects you frequently photograph. Once again, the company is quick to point out that the feature is both off by default and all of the processing happens on the device. Turning it off also deletes all of the saved information. Social features have been improved, as well, with quick access to third-party platforms like Snapchat and Instagram.

Google keeps pushing out improvements to Lens, as well. This time out, language translation, document scanning and text copy and pasting can be performed with a quick tap. Currently the language translation is still a bit limited, with only support for English, Spanish, German, Hindi and Japanese. More will be “rolling out soon,” per the company.

google pixel 4 003

Gestures is a strange one. I’m far from the first to note that Google is far from the first to attempt the feature. The LG G8 ThinQ is probably the most recent prominent example of a company attempting to use gestures as a way to differentiate themselves. To date, I’ve not seen a good implementation of the technology — certainly not one I could ever see myself actually using day to day.

The truth is, no matter how interesting or innovative a feature is, people aren’t going to adopt it if it doesn’t work as advertised. LG’s implementation was a pretty big disappointment.

Simply put, the Pixel’s gestures are not that. They’re better in that, well, they work, pretty much as advertised. This is because the underlying technology is different. Rather than relying on cameras like other systems, the handset uses Project Soli, a long-promised system that utilizes a miniature radar chip to detect far more precise movement.

Soli does, indeed work, but the precision is going to vary a good deal from user to user. The thing is, simply detecting movement isn’t enough. Soli also needs to distinguish intention. That means the system is designed to weed out accidental gestures of the manner we’re likely making all the time around our phones. That means the system appears to be calibrated to bigger, intentional movements.

picka 2

That can be a little annoying for things like advancing tracks. I don’t think there are all that many instances where waving one’s hands across a device Obi-Wan Kenobi-style is really saving all that much time or effort versus touching a screen. If, however, Google was able to customize the experience to the individual over time using machine learning, it could be a legitimately handy feature.

That brings us to the next important point: functionality. So you’ve got this neat new piece of tiny radar that you’re sticking inside your phone. You say it’s low energy and more private than a camera. Awesome! So, how do you suggest I, you know, use it?

There are three key ways, at the moment:

  • Music playback
  • Alarm Silencing
  • Waving at Pokémon

The first two are reasonably useful. The primary use case I can think of are when, say, your phone is sitting in front of you at your desk. Like mine is, with me, right now. Swiping my hand left to right a few inches above the device advances the track. Right to left goes a track back. The movements need to be deliberate, from one end of the device to the other.

And then there’s the phenomenon of “Pokémon Wave Hello.” It’s not really correct to call the title a game, exactly. It’s little more than a way of showcasing Motion Sense — albeit an extremely delightful way.

You might have caught a glimpse of it at the keynote the other day. It came and went pretty quickly. Suddenly Pikachu was waving at the audience, appearing out of nowhere like so many wild Snorlaxes. Just as quickly, he was gone.

More than anything, it’s a showcase title for the technology. A series of five Pokémon, beginning with Pikachu, appear demanding you interact with them through a series of waves. It’s simple, it’s silly and you’ll finish the whole thing in about three minutes. That’s not really the point, though. Pokémon Wave Hello exists to:

  1. Get you used to gestures.
  2. Demonstrate functionality beyond simple features. Gaming, AR — down the road, these things could ultimately find fun and innovative ways to integrate Soli.

For now, however, use is extremely limited. There are some fun little bits, including dynamic wallpaper that reacts to movement. The screen also glows subtly when detecting you — a nice little touch (there’s a similar effect for Assistant, as well).

Perhaps most practical, however, is the fact that the phone can detect when you’re reaching for it and begin the unlocking process. That makes the already fast new Face Unlock feature ever faster. Google ditched the fingerprint reader this time around, opting for neither a physical sensor nor in-screen reader. Probably for the best on the latter front, given the pretty glaring security woes Samsung experienced last week when a British woman accidentally spoofed the reader with a $3 screen protector. Yeeesh.

There are some nice security precautions on here. Chief among them is the fact that the unlock is done entirely on-device. All of the info is saved and processed on the phone’s Titan M chip, meaning it doesn’t get sent up to the cloud. That both makes it a speedier process and means Google won’t be sharing your face data with its other services — a fact Google felt necessary to point out, for obvious reasons.

For a select few of us, at least, Recorder feels like a legitimate game changer. And its ease of use and efficacy should be leaving startups like Otter.ai quaking at its potential, especially if/when Google opts to bring it to other Android handsets and iOS.

I was initially unimpressed by the app upon trying it out at last week’s launch event. It struggles to isolate audio in noisy environments — likely as much of a hardware as software constraint. One on one and it’s far better, though attempting to, say, record audio from a computer can still use some work.

google pixel 4 004

Open the app and hit record and you’ll see a waveform pop up. The line is blue when detecting speech and gray when hearing other sounds. Tap the Transcript button and you’ll see the speech populate the page in real time. From there you can save it with a title and tag the location.

The app will automatically tag keywords and make everything else searchable for easy access. In its first version, it already completely blows Apple’s Voice Memos out of the water. There’s no comparison, really. It’s in a different league. Ditto for other apps I’ve used over the years, like Voice Record.

Speaking to the product, the recording was still a little hit or miss. It’s not perfect — no AI I’ve encountered is. But it’s pretty good. I’d certainly recommend going back over the text before doing anything with it. Like Otter and other voice apps, you can play back the audio as it highlights words, karaoke-style.

The text can be saved to Google Drive, but can’t be edited in app yet. Audio can be exported, but not as a combined file. The punctuation leaves something to be desired and Recorder is not yet able to distinguish individual voices. These are all things a number of standalone services offer, along with a web-based platform. That means that none of them are out of business yet, but if I was running any of them, I’d be pretty nervous right about now.

As someone who does interviews for a living, however, I’m pretty excited by the potential here. I can definitely see Recorder become one of my most used work apps, especially after some of the aforementioned kinks get ironed out in the next version. As for those who don’t do this for a living, usefulness is probably a bit limited, though there are plenty of other potential uses, like school lecturers.

google pixel 4 005

The Pixel continues to distinguish itself through software updates and camera features. There are nice additions throughout that set it apart from the six-month-old 3a, as well, including a more premium design and new 90Hz display. At $799, the price is definitely a vast improvement over competitors like Samsung and Apple, while retaining flagship specs.

The Pixel 4 doesn’t exactly address what Google wants the Pixel to be, going forward. The Pixel 3a was confirmation that users were looking for a far cheaper barrier of entry. The Pixel 4, on the other hand, is priced above OnePlus’s excellent devices. Nor is the product truly premium from a design perspective.

It’s unclear what the future will look like as Google works to address the shifting smartphone landscape. In the meantime, however, the future looks bright for camera imaging, and Google remains a driving force on that front.

Source link



Source link

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Biz & IT

Donald Trump is one of 15,000 Gab users whose account just got hacked

Published

on

The founder of the far-right social media platform Gab said that the private account of former President Donald Trump was among the data stolen and publicly released by hackers who recently breached the site.

In a statement on Sunday, founder Andrew Torba used a transphobic slur to refer to Emma Best, the co-founder of Distributed Denial of Secrets. The statement confirmed claims the WikiLeaks-style group made on Monday that it obtained 70GB of passwords, private posts, and more from Gab and was making them available to select researchers and journalists. The data, Best said, was provided by an unidentified hacker who breached Gab by exploiting a SQL-injection vulnerability in its code.

“My account and Trump’s account were compromised, of course as Trump is about to go on stage and speak,” Torba wrote on Sunday as Trump was about to speak at the CPAC conference in Florida. “The entire company is all hands investigating what happened and working to trace and patch the problem.”

An important data set

GabLeaks, as DDoSecrets is calling the leak, comes almost eight weeks after pro-Trump insurrectionists stormed the US Capitol. The rioters took hundreds of thousands of videos and photos of the siege and posted them online. Mainstream social media sites removed much of the content because it violated their terms of service.

“The Gab data is an important, but complicated dataset,” DDoSecrets personnel wrote in a post on Monday morning. “In addition to being a corpus of the public discourse on Gab, it includes every private post and many private messages, as well. In a simpler or more ordinary time, it’d be an important sociological resource. In 2021, it’s also a record of the culture and the exact statements surrounding not only an increase in extremist views and actions, but an attempted coup.”

Gab and a competing site called Parler were some of the last refuges that allowed much of the content to remain publicly available. Amazon and web hosting providers later cited a lack of adequate content moderation in suspending service to Parler.

Shortly before the shuttering, however, somebody found a way to use Parler’s publicly available programming interfaces to scrape about 99 percent of the user content from the site and subsequently make it publicly available.

While law enforcement groups likely had other ways to obtain the Parler data, its public availability enabled a much wider body of people to do their own research and investigations. The leak was especially valuable because materials contained metadata that’s usually stripped out before users can download videos and images. The metadata gave people the ability to track the precise timelines and locations of filmed participants.

DDoSecrets said that the 70GB GabLeaks contains over 70,000 plaintext messages in more than 19,000 chats by over 15,000 users. The dump also shows passwords that are “hashed,” a cryptographic process that converts plaintext into unintelligible characters. While hashes can’t be converted back into plaintext, cracking them can be trivial when websites choose weak hashing schemes. (Best told Ars they didn’t know what hashing scheme was used.) The leak also includes plaintext passwords for user groups.

Hate-speech haven

Gab has long been criticized as a haven for hate speech. In 2018, Google banned the Gab app from its Play Store for terms of service violations. A year later, web host GoDaddy terminated service to Gab after one of its users took to the site to criticize the Hebrew Immigrant Aid Society shortly before killing 11 people in a Pittsburgh synagogue.

Gab has also been investigated by Pennsylvania’s attorney general. In January, the Anti-Defamation League called on the US Justice Department to investigate Gab for its role in the insurrectionist attack on the capitol.

Attempts to reach Torba for comment didn’t succeed.

Best said that DDoSecrets is making GabLeaks available only to journalists and researchers with a documented history of covering leaks. People can use this link to request access.

Continue Reading

Biz & IT

Verizon tells users to disable 5G to preserve battery, then deletes tweet

Published

on

Enlarge / A Verizon booth at Mobile World Congress Americas in Los Angeles in September 2018.

Verizon has spent years hyping 5G despite it bringing just a minor speed upgrade outside the limited areas where millimeter-wave spectrum has been deployed, but the carrier’s support team advised users yesterday to shut 5G off if their phones are suffering from poor battery life.

The tweet from VZWSupport, now deleted, said, “Are you noticing that your battery life is draining faster than normal? One way to help conserve battery life is to turn on LTE. Just go to Cellular > Cellular Data Options > Voice & Data and tap LTE.”

While Verizon didn’t mention 5G in the tweet, people who responded to Verizon on Twitter and journalists writing stories noted that the effect of these instructions is to shut 5G off. “LTE is active by default as a backup for those times when 5G isn’t available. Following these instructions actually has the effect of turning off 5G,” Mashable noted. (Verizon’s instructions are for iOS, but it’s also possible to disable 5G on Android phones.)

Apple fights 5G battery drain with “Smart Data” mode

An Ars story in December 2018 warned that 5G components would take up precious space inside smartphones, reducing the size of batteries. In October 2020, the Ars review of the iPhone 12 and 12 Pro noted that “5G seems to have a big impact on battery life, especially when you’re riding that ultra-fast mmWave.”

Apple said it implemented a “Smart Data mode” that shifts each phone from 5G to LTE when 5G speeds aren’t necessary, saving on battery life while letting phones use 5G when the speed boost would provide a noticeable difference. Enabling “5G Auto” in the iPhone settings turns Smart Data mode on; the other choices are “5G On” and “LTE.” Apple notes that the 5G On mode “Always uses 5G network when it’s available. This might reduce battery life.”

We asked Verizon for more details on the impact 5G is having on its users’ battery life today and will update this article if we get a response.

Verizon’s tweet came just a few days after its latest 5G announcement that “parts of Sacramento, Seattle, and Pensacola” are the newest areas targeted by Verizon’s “aggressive rollout of its transformational 5G Ultra Wideband service.” Verizon also just committed to spend $45.45 billion in an auction for mid-band spectrum that it plans to use with 5G.

Samsung, Huawei also warn users of 5G battery drain

Other phone makers have acknowledged 5G-related battery drains in support pages. Samsung tells users, “You may notice that your phone’s battery drains faster than usual while you are connected to a 5G network. This is a limitation of the current 5G networks, and will be improved as the networks expand.” Samsung’s support page continues:

At this time, the 5G networks are only used for data connections, and are not yet capable of carrying phone calls and messages. Your phone will need to maintain a connection to the 3G or LTE network in addition to the 5G network so that phone calls, text messages, and data will be delivered consistently.

Because your phone is connected to multiple networks simultaneously, the battery will drain faster than one would typically expect, and the phone may get warmer than when solely on 3G or LTE.

As the 5G networks grow in capacity and capability, they will be able to handle more of your phone’s functions with less battery drain.

The Institute of Electrical and Electronics Engineers (IEEE) backs the multiple-networks explanation. Hopping between 3G, 4G, and LTE uses a lot of battery life, and the “present limited infrastructure of 5G exacerbates this [battery-drain] problem,” the IEEE says. “Current 5G smartphones need to maintain a connection to multiple networks in order to ensure consistent phone call, text message, and data delivery. And this multiplicity of connections contributes to battery drain.”

A Huawei support page tells users they may suffer faster battery drain on 5G compared to 4G, especially when streaming video. “On a 5G network, more bandwidth is required to create a smooth user experience when using the Internet,” Huawei says. “Therefore, more power may be consumed, especially when using the Internet to watch online videos.”

The wireless industry deployed 5G before carriers were ready to use the “standalone 5G” version that doesn’t require a connection to 4G networks. But that’s changing, as T-Mobile launched standalone 5G throughout much of the US in August 2020, while Verizon and AT&T have plans to follow suit.

Continue Reading

Biz & IT

Hackers tied to Russia’s GRU targeted the US grid for years

Published

on

Yuri Smityuk | Getty Images

For all the nation-state hacker groups that have targeted the United States power grid—and even successfully breached American electric utilities—only the Russian military intelligence group known as Sandworm has been brazen enough to trigger actual blackouts, shutting the lights off in Ukraine in 2015 and 2016. Now one grid-focused security firm is warning that a group with ties to Sandworm’s uniquely dangerous hackers has also been actively targeting the US energy system for years.

On Wednesday, industrial cybersecurity firm Dragos published its annual report on the state of industrial control systems security, which names four new foreign hacker groups focused on those critical infrastructure systems. Three of those newly named groups have targeted industrial control systems in the US, according to Dragos. But most noteworthy, perhaps, is a group that Dragos calls Kamacite, which the security firm describes as having worked in cooperation with the GRU’s Sandworm. Kamacite has in the past served as Sandworm’s “access” team, the Dragos researchers write, focused on gaining a foothold in a target network before handing off that access to a different group of Sandworm hackers, who have then sometimes carried out disruptive effects. Dragos says Kamacite has repeatedly targeted US electric utilities, oil and gas, and other industrial firms since as early as 2017.

“They are continuously operating against US electric entities to try to maintain some semblance of persistence” inside their IT networks, says Dragos vice president of threat intelligence and former NSA analyst Sergio Caltagirone. In a handful of cases over those four years, Caltagirone says, the group’s attempts to breach those US targets’ networks have been successful, leading to access to those utilities that’s been intermittent, if not quite persistent.

Caltagirone says Dragos has only confirmed successful Kamacite breaches of US networks prior, however, and has never seen those intrusions in the US lead to disruptive payloads. But because Kamacite’s history includes working as part of Sandworm’s operations that triggered blackouts in Ukraine not once, but twice—turning off the power to a quarter million Ukrainians in late 2015 and then to a fraction of the capital of Kyiv in late 2016—its targeting of the US grid should raise alarms. “If you see Kamacite in an industrial network or targeting industrial entities, you clearly can’t be confident they’re just gathering information. You have to assume something else follows,” Caltagirone says. “Kamacite is dangerous to industrial control facilities because when they attack them, they have a connection to entities who know how to do destructive operations.”

Dragos ties Kamacite to electric grid intrusions not just in the US, but also to European targets well beyond the well-publicized attacks in Ukraine. That includes a hacking campaign against Germany’s electric sector in 2017. Caltagirone adds that there have been “a couple of successful intrusions between 2017 and 2018 by Kamacite of industrial environments in Western Europe.”

Dragos warns that Kamacite’s main intrusion tools have been spear-phishing emails with malware payloads and brute-forcing the cloud-based logins of Microsoft services like Office 365 and Active Directory as well as virtual private networks. Once the group gains an initial foothold, it exploits valid user accounts to maintain access, and has used the credential-stealing tool Mimikatz to spread further into victims’ networks.

Kamacite’s relationship to the hackers known as Sandworm—which has been identified by the NSA and US Justice Department as Unit 74455 of the GRU—isn’t exactly clear. Threat intelligence companies’ attempts to define distinct hacker groups within shadowy intelligence agencies like the GRU have always been murky. By naming Kamacite as a distinct group, Dragos is seeking to break down Sandworm’s activities differently from others who have publicly reported on it, separating Kamacite as an access-focused team from another Sandworm-related group it calls Electrum. Dragos describes Electrum as an “effects” team, responsible for destructive payloads like the malware known as Crash Override or Industroyer, which triggered the 2016 Kyiv blackout and may have been intended to disable safety systems and destroy grid equipment.

Together, in other words, the groups Dragos call Kamacite and Electrum make up what other researchers and government agencies collectively call Sandworm. “One group gets in, the other group knows what to do when they get in,” says Caltagirone. “And when they operate separately, which we also watch them do, we clearly see that neither is very good at the other’s job.”

When WIRED reached out to other threat-intelligence firms including FireEye and CrowdStrike, none could confirm seeing a Sandworm-related intrusion campaign targeting US utilities as reported by Dragos. But FireEye has previously confirmed seeing a widespread US-targeted intrusion campaign tied to another GRU group known as APT28 or Fancy Bear, which WIRED revealed last year after obtaining an FBI notification email sent to targets of that campaign. Dragos pointed out at the time that the APT28 campaign shared command-and-control infrastructure with another intrusion attempt that had targeted a US “energy entity” in 2019, according to an advisory from the US Department of Energy. Given that APT28 and Sandworm have worked hand-in-hand in the past, Dragos now pins that 2019 energy-sector targeting on Kamacite as part of its larger multiyear US-targeted hacking spree.

Dragos’ report goes on to name two other new groups targeting US industrial control systems. The first, which it calls Vanadinite, appears to be have connections to the broad group of Chinese hackers known as Winnti. Dragos blames Vanadinite for attacks that used the ransomware known as ColdLock to disrupt Taiwanese victim organizations, including state-owned energy firms. But it also points to Vanadinite targeting energy, manufacturing, and transportation targets around the world, including in Europe, North America, and Australia, in some cases by exploiting vulnerabilities in VPNs.

The second newly named group, which Dragos calls Talonite, appears to have targeted North American electric utilities, too, using malware-laced spear phishing emails. It ties that targeting to previous phishing attempts using malware known as Lookback identified by Proofpoint in 2019. Yet another group Dragos has dubbed Stibnite has targeted Azerbaijani electric utilities and wind farms using phishing websites and malicious email attachments, but has not hit the US to the security firm’s knowledge.

While none among the ever-growing list of hacker groups targeting industrial control systems around the world appears to have used those control systems to trigger actual disruptive effects in 2020, Dragos warns that the sheer number of those groups represents a disturbing trend. Caltagirone points to a rare but relatively crude intrusion targeting a small water treatment plant in Oldsmar, Florida earlier this month, in which a still-unidentified hacker attempted to vastly increase the levels of caustic lye in the 15,000-person city’s water. Given the lack of protections on those sorts of small infrastructure targets, a group like Kamacite, Caltagirone argues, could easily trigger widespread, harmful effects even without the industrial-control system expertise of a partner group like Electrum.

That means the rise in even relatively unskilled groups poses a real threat, Caltagirone says. The number of groups targeting industrial control systems has been continually growing, he adds, ever since Stuxnet showed at the beginning of the last decade that industrial hacking with physical effects is possible. “A lot of groups are appearing, and there are not a lot going away,” says Caltagirone. “In three to four years, I feel like we’re going to reach a peak, and it will be an absolute catastrophe.”

This story originally appeared on wired.com.

Continue Reading

Trending