Dark mode: ON

Infosec Decoded Season 4 #23: Battery Malware

With Doug Spindler and @sambowne@infosec.exchange

Tue, Mar 19, 2024

Doug Spindler

A squatter of a squatter gets squatters to move out legally. The “Squatter Hunter" obtains a lease moves in.

Nvidia AI Conference this week:

  • Omniverse to Apple's (AAPL) recently launched VisionPro virtual reality headset.
  • "Project GR00T" foundation for Humanoid Robots
  • 6G research platform that offers "researchers a comprehensive suite to advance AI for radio access network (RAN) technology. Foundation for a hyper-intelligent world supported by autonomous vehicles, smart spaces and a wide range of extended reality and immersive education experiences and collaborative robots

Sam Bowne

Lawmakers see power grid security risks from Chinese storage batteries
The main concern is that China would embed malware to bring down the energy grid. Sophisticated, sometimes undetectable malware on these energy storage stations could pose a threat to the industrial control systems connected to the US energy grid. In a worst-case scenario, an attack on these control systems could result in widespread blackouts impacting industrial centers or financial hubs.

CATL says, “CATL’s energy storage products sold to the US contain ‘passive’ devices only, which are not equipped with communication interfaces that may enable CATL to control the sold products. Additionally, CATL’s US products do not have the capability to collect, transfer or send data and therefore do not pose any security threats.”

Patrick Miller, CEO of Ampere Industrial Security, tells CSO. "“There’s a control system that sits on top and it’s also Chinese-made. So, it may not be made by CATL, but it’s likely made by a partner company or another Chinese company." CATL, the little-known Chinese battery maker that has the US worried

Europe’s AI Act demands extensive "logs" - targets biometrics, bias, black boxes

Elsevier publishes LLM-generated nonsense

Joint Statement on Efforts to Counter the Proliferation and Misuse of Commercial Spyware