Hackers in cybersecurity and geopolitics: апреля 2016

пятница, 29 апреля 2016 г.

Unskilled Pro-ISIS Hackers A Growing Threat

Hackers, who support ISIS don't have much resources but they are very creative and productive in ways of assistance to the terrorists. According to the report by security company Flashpoint many such individual hackers attract more attention to ISIS group and promote their physical violence.

Hackers sympathetic to ISIS may lack the funding and talent of government-sponsored hackers, but they merit attention because of their promotion of physical violence and ability to incite others via social media to target individuals or groups. A report today by security company Flashpoint points out that while these groups are not official members of ISIS, they are getting better and some day could gain the funding and training needed to carry out attacks where critical systems or data is impacted.

See more at: Unskilled Pro-ISIS Hackers A Growing Threat https://wp.me/p3AjUX-uCO

US Army: Public, private partnerships key in cybersecurity safety

Preparing for a cybersecurity threat shouldn’t be relegated to the techies of the world, but also to emergency management professionals and, really, to the public at large, a panel of state and private partners said at the annual Partners in Emergency Preparedness Conference on April 21.
The panel was made up of state Cyber Security Manager Rob Lang of the Washington Emergency Management Division, Lt. Col. Tom Muehleisen of the Washington National Guard, Dan Banks, the chief planner of the state Emergency Management Division and Jodie Ryan, CEO of private firm Celerity Response.
“The threat is real and persistent,” Lang said. “Today we want to talk about the plan. When most folks talk about cybersecurity, they think of IT. They think of the techies. But if you look back to policy and doctrine, back to 2009, you’ll see speeches from politicians, including President Obama, talking about the public safety aspects. … It’s a community issue. It’s something we all need to have a piece on.”
The state Comprehensive Emergency Management Plan is the go-to document for most emergencies that state and local officials will face. In March of last year, cyber security threats were formally added to the plan as an incident annex, providing a basic coordination framework similar to existing emergency management frameworks for state, local and tribal governments, the private sector and operators of cyber critical infrastructure to manage a significant cyber event when it occurs.

Experts Comments on BeautifulPeople.com Hacked

Dating website BeautifulPeople.com http://www.informationsecuritybuzz.com/hacker-news/experts-comments-beautifulpeople-com-hacked/ has allegedly been hacked, and the names, addresses, phone numbers and even private messages of 1.1 million members have been leaked online. Here to comment on this news are security experts from GBC and Kaspesky Lab. John Lord, Managing Director at GBG says that organisations need to take action to minimise the effects of identity theft of users. David Emm, Principal Security Researcher at Kaspersky recommended that there is need to have an effective cyber security strategy in place to combat the threats.

John Lord, Managing Director at GBG:
“Whilst BeautifulPeople.com has told users financial details were not leaked, this data breach should still be cause for concern. Card details can be replaced but your personal information, such as your name, your job and address cannot be so easily replaced and can be used by criminals, who purchased the details on the dark web, for identity theft.
In the first instance, identity thieves will use the real identity of an individual and thereafter, create synthetic identities compiled from elements of the data stolen from a user. Taking a ‘sledgehammer’ approach to blocking the original identity to avoid the identity theft is often a waste of time as fraudulent activity usually only happens for less than a month after the crime has occurred. As this hack allegedly occurred in December, organisations need to take action and use more data, analytical insights and triangulation of multiple identity proofing techniques to minimise the potential effects of identity theft for both the user and the businesses serving them.”
David Emm, Principal Security Researcher at Kaspersky Lab:
“Following last year’s attack on Ashley Madison, there is news of another dating site being hacked. However, the impact such exposure can have is not only detrimental to the security of an individual’s personal details, but can also have serious financial implications. Customers that are entrusting private information into the care of a website should be safe in the knowledge it is kept in a secure manner and all companies who handle private data have a duty to ensure it.
In the case of the ‘Beautifulpeople.com’ hack the leaked data contains information such as real names, addresses, sexual preferences and private messages between customers. Now it’s public, cyber-criminals have the opportunity to use this information to steal personal identities or more. Unfortunately, once a breach of this nature has been made, there is not much that can be done. In this case, customers can change usernames and passwords just to be on the safe side, but ultimately, the damage related to customers’ privacy being compromised is not something that can be easily fixed. Consumers should always read any terms of use and privacy policies very carefully before sharing confidential data with websites.
Whilst security solutions significantly mitigate the risk of a successful attack, there are also other measures businesses can take in order to provide thorough protection. These measures include running fully updated software, performing regular security audits on the website code and penetration testing the infrastructure. It’s crucial that businesses ensure all passwords are protected with proprietary hashing and salting technology. The best way for organisations to combat these types of cyber-attacks is at the beginning; by having an effective cybersecurity strategy in place before the company becomes a target.”

четверг, 28 апреля 2016 г.

Former Tor Developer Created Malware for FBI to Unmask Tor Users Wednesday

In an investigation conducted by Daily Dot journalists, it turns out that Matthew J. Edman, a former part-time employee of Tor Project, created malware for the Federal Bureau of Investigation (FBI) that has been used by US law enforcement and intelligence agencies in several investigations, including Operation Torpedo.

Matthew Edman is a computer scientist who specializes in cyber security and investigations and joined the Tor Project in 2008 to build and enhance Tor software's interactions with Vidalia software, cross-platform GUI for controlling Tor.
After 2009, Matthew was hired by a contractor working for defense and intelligence agencies, including the FBI, to develop an anti-Tor malware.
Moreover, the team said Edman worked only on the Vidalia project that Tor dropped in 2013 and replaced it with other tools designed to improve the user experience.

Mexico election hack: Political party behind leak of 93.4 million voter records?

Mexican election officials probing the leak of a database containing over 90 million voter registration records have indicated one of the main political parties in the country may have played a part in its release. While authorities claim to have identified the source of the leak, they have so far refused to name the suspected culprit.

Lorenzo Cordova Vianello, president of the Instituto Nacional Electoral (INE), a body which oversees the elections in Mexico, said that under Mexican law his organisation is forced to share copies of the national voter list with political parties which has raised suspicions one of them leaked the data. "The fact that this database [was] published to the public, it is not just a criminal offence, it is a national offence," he told Scientific American.

ISIS hackers respond to US cyberattacks with threat

A group of pro-ISIS hackers known as the United Cyber Caliphate responded to cyber attacks mounted by the U.S. against the terror group with a threat.
In a post Vocativ uncovered on the messaging app Telegram, the hackers declared the U.S. is their target and said President Barack Obama "should afford all the consequences." "#Expect the Islamic state #SOON," it said in a post published late Tuesday.
The group also slammed the "technical US-led war" against the Islamic State as "fake" and said it doesn't harm ISIS.

The threat posted on the United Cyber Caliphate's Telegram account.
The message is not an official statement by the terror group, but marks the time ISIS-affiliated hackers have responded to U.S. cyber attacks. It follows an April 24 New York Times report that Washington is taking the battle against ISIS online, directing its Cyber Command to wage computer attacks that aim to undermine ISIS' abilities to draw new supporters, distribute orders and execute daily functions like pay fighters. "We are dropping cyberbombs," Deputy Secretary of Defense Robert O. Work told the paper. "We have never done that before."

It is unclear if the United Cyber Caliphate has been effected by the attacks. They may have offered a response since they're the main group associated with Islamic State's hacking activities. Earlier this week, Vocativ discovered that the group distributed a "kill" list that appeared to include dozens of U.S. government personnel -- people linked to the State Department, the Department of Homeland Security and the departments of defense, energy, commerce and health and services.

Political split in Iran deepened: Revolutionary Guards' Cyber Attacks Now Directed at president Rouhani Cabinet Members

The long-lasting opposition of the two major political forces in Iran - president and ministers on the one side and Army of the Guardians of the Islamic Revolution on the other.
This time the tensions between the parties moved to the cyberspace.

Iran’s Revolutionary Guards, who have long waged cyber attacks against the country’s activists and journalists, have extended their hacking attacks to Rouhani administration officials, the International Campaign for Human Rights in Iran has learned, including close associates of President Hassan Rouhani and his cabinet members. To date, the Rouhani administration has not publicly criticized the Guards’ cyber attacks.
In the latest attack, Shahindokht Mowlaverdi, Rouhani’s Vice President for Women and Family Affairs, announced on Twitter and Telegram on April 20, 2016 that her Gmail and Facebook accounts had been hacked, and she asked her followers not to respond to any messages from the compromised accounts.

Although the cyber attacks are claimed to be initiated by the Revolutionary Guards this whole operation can be set up by somebody else. Aggression in the cyber terrain is often used nowadays as means of political influence and in this case it can serve two causes: undermining the official executive power - presidential cabinet, escalating of political crisis in the Islamic republic.

British Telecommunications stages simulated cyber-attack in search for new security talent

Last weekend, telecoms giant BT and the Cyber Security Challenge UK staged a mock investigation into a cyber-attack at London’s iconic BT Tower in a bid to find the country’s best hidden cyber security talent.

Twenty-four of the brightest candidates from a series of online qualifying rounds were invited to compete against each other to investigate how a fictitious retail company came under vicious cyber-attack, show off their abilities in front of prospective employers and qualify for the Challenge’s grand final Masterclass competition.

The event was the second face-to-face challenge in Cyber Security Challenge UK’s 2016 series of competitions, designed to find the UK’s best cyber security talent. Candidates were tasked to track down the perpetrators of a data breach who had siphoned of money using unauthorised bank transfers, physical compromise, LAN intrusion and point of sale devices.

German nuclear plant suffers cyber attack designed to give hackers remote access

A nuclear power plant in Germany has been found to be infected with computer viruses, but they appear not to have posed a threat to the facility's operations because it is isolated from the Internet, the station's operator said on Tuesday.

The Gundremmingen plant, located about 120 km (75 miles) northwest of Munich, is run by the German utility RWE.
The viruses, which include "W32.Ramnit" and "Conficker", were discovered at Gundremmingen's B unit in a computer system retrofitted in 2008 with data visualisation software associated with equipment for moving nuclear fuel rods.
Malware was also found on 18 removable data drives, mainly USB sticks, in office computers maintained separately from the plant's operating systems. RWE said it had increased cyber-security measures as a result.

Global Banking Network Warns of More Cyber Attacks

A global financial network used by 11,000 banks to transfer billions of dollars daily has issued an urgent warning to customers to install a software upgrade after discovering "a number of recent cyber incidents."

The warning from SWIFT, a global messaging network that sends payment instructions, comes as law enforcement officials in Bangladesh and elsewhere investigate February's theft of $81 billion from the Bangladesh central bank.
It is the first time SWIFT has acknowledged the Bangladesh Bank cyber attack was not isolated, but one of several recent attempts to hack the company's messaging platform.
Victims or the value of the previously undisclosed attacks were not disclosed by SWIFT.
To combat the attacks, SWIFT released a security update to the software that banks use to access its network.
The company hopes this will thwart malware that British defense contractor BAE Systems said was likely used by hackers in the Bangladesh Bank robbery.
In a notice to customers Monday the company said, "SWIFT is aware of a number of recent cyber incidents in which malicious insiders or external attackers have managed to submit SWIFT messages from financial institutions ... to the SWIFT network."
Because SWIFT is a key player in international financial transactions, central banks throughout the world have reason to be concerned. "These hacks specifically target financial institutions," said Shane Shook, a consultant who investigates large financial crimes. "It is much more efficient than stealing from consumers," he added.

Expanding Cyber War Kills Apple's Global Growth Plans. A headacke for the company giant

Tim Cook’s much-rumored plan to lead Apple into the car business hit the guardrail last week. German auto makers want nothing to do with the American giant.

That’s bad enough, but the reasons BMW and Daimler dropped out of the deal are even worse.

German newspaper Handelsblatt, citing unnamed industry sources, said one problem is the Germans disliked Apple’s plan to collect location-based data from the new cars. The data would drive new iCloud services.

We don’t know what those services would be. Presumably Apple thinks drivers would like them. But BMW and Daimler reportedly thought European consumers would object to having an American company handle their personal data.

Apple (AAPL) is not just any American company.

It spent the last three months facing public FBI demands to penetrate its own security measures and reveal data the U.S. government wanted to see. That German companies would object to this is no surprise. They recall a time when their own government’s agents routinely demanded “Your papers, please.”

Unlike many Americans, Germans are still sensitive to such intrusions.

Having seen the U.S. government demand data from Apple, and having seen Apple’s inability to stop it, BMW and Daimler probably made the right choice. The deal would not have worked. That’s not Apple’s fault, but Apple will pay the price. So will its American shareholders and employees.

Read more: Patrick Watson: Expanding Cyber War Kills Apple's Global Growth Plans
Important: Can you afford to Retire?

U.S. cyberwar against ISIS could use methods and tactics criminals use against enterprises

Cyberwar against ISIS could bring into play tools and tactics that corporate security pros face every day, only this time they will be used as part of a larger objective than criminal profit.
The goals of the offensive are to disrupt communications within ISIS and between the group and potential recruits.

To meet those goals, U.S. Cyber Command could use such means as DDoS and man-in-the-middle attacks, banking Trojans and even ransomware-type attacks that irreversibly encrypt machines (but skip the ransom), experts say.
Cyber operations would support traditional military tactics and carry out missions traditional military forces cannot, they say.
Knocking out communications ahead of ground attacks is standard military protocol and it used to be done using air attacks against communication centers, says James Barnett, a retired U.S. admiral who heads the cybersecurity practice at Washington law firm Venable LLP.
“That’s just part of the preparation of the battlefield,” he says. Now it is possible to accomplish the same goal with cyberattacks against command and control centers, he says.
ISIS has assets with which it buys armaments and pays troops, and it tries to sell oil to raise cash. Using cyberattacks to disrupt money transfers can deny the group some of its military resources, he says.
Cyber weapons could be embedded in command and control networks to gather intelligence or take them down. “Are we that good yet?” he says. “I don’t know.”
ISIS also holds territory that includes cities and towns, so attacks could be made against the control systems that run water and power supplies, he says.

US Army should have a new-born cyberforce instead of reforming the existant units

Frank DiGiovanni, director of Force Training within the Office of the Secretary of Defense said that
“If you are going to build a cyber force, it needs to be born cyber, from Day One,”
Cyber must be an offensive military capability, making skilled cyber forces a necessity. The challenge is how to develop such a force.

The cyber mission touches every aspect of military operations, from back office support to front line combat. But it can no longer be seen only as a defensive tool, says Frank DiGiovanni, director of Force Training within the Office of the Secretary of Defense.
Cyber troops must then be integrated with combat forces, so that commanders can choose cyber from among the military options at their disposal to achieve military objectives, just as they might choose bombs, artillery or an infantry maneuver. Commanders, DiGiovanni says, should see cyber as “just another piece of kit in their war-fighting capabilities.”

среда, 27 апреля 2016 г.

Brazilian Cybercrime Bills Threaten Open Internet for 200 Million People

Brazilian internet freedom activists are nervous. On Wednesday, a committee in the lower house of Congress, the Câmera dos Deputados, will vote on seven proposals ostensibly created to combat cybercrime.

Critics argue the combined effect will be to substantially restrict open internet in the country by peeling back the right to anonymity, and providing law enforcement with draconian powers to censor online discourse and examine citizens’ personal data without judicial oversight.
The bills are ripped straight from what has become a standard international playbook: Propose legislation to combat cybercrime; invoke child pornography, hackers, organized crime, and even terrorism; then slip in measures that also make it easier to identify critical voices online (often without judicial oversight) and either mute them or throw them in jail for defamation — direct threats to free speech.

ISIS-aligned hackers leak confidential info on 43 US State Dept employees

The Islamic State-aligned United Cyber Caliphate claims to have hacked into US State Department records, releasing online information on 43 employees it wants dead. The leak also includes staff with Homeland Security and other agencies, media reported.

The information was released through the group’s account on the messaging app Telegram. The departments of energy, commerce, health and defense have been compromised along with the State Department and DHS, the SITE Intelligence Group reported.
The document is entitled ‘wanted to be killed’ and contains threats to the US, which the group sees as its main enemy. Various staff members from all over the world were identified, including embassy workers in Sudan and Togo, Vocativ was able to verify. The list included other officials, Homeland Security among them.
However, according to Vocativ, the hack is unlikely to reveal much new. A lot of what was listed is publicly-available information, while many numbers are simply office lines.

United Cyber Caliphate (UCC), formation of a mega hacking group by ISIS

Hackers supporting the so-called Islamic State (ISIS) aka Daesh terrorist group have joined hands with other terrorist supporting groups to form a joint team and collectively target the cyberspace in the West. The super hacking unit is labeled United Cyber Caliphate (UCC) – The terrorist group announced this news on their groups on the Telegram messaging app.

January 2016 was the time when the previous merger happened on similar lines when AnonGhost and CCA fused together to threaten western cyber interests. AnonGhost is a hacking group which was previously associated with Anonymous but detached itself from them after #OpISIS when the terrorist group attacked Charlie Hebdo headquarters in Paris.
The merged alliance also used hashtag called “#KillCrusaders” and sustained its anti-Christians campaign which earlier ruined a Michigan church website after leaving behind an ISIS propaganda message. The UCC encompasses Cyber Caliphate Army (CCA), ISIS’s central hacking unit, and other pro-ISIS groups identical to Sons Caliphate Army (SCA) and Kalacnikov.TN (KTN).

Risk of Data Breaches Rises as Hackers Fine-Tune Their Tactics

The growth in the number of devices connected to the Internet of Things (IoT) has set the stage for malicious actors to come after high-value information on a global scale, according to findings from Verizon’s latest look at data breaches.

The 2016 Data Breach Investigations Report outlines some troubling trends that haven’t necessarily evolved, but have certainly gotten more dangerous to our tech-centric way of life.
By studying the patterns and tactics used to inflict damage in the cyber-realm across myriad industries, Jonathan Nguyen-Guy, CIO of Global Security Solutions with Verizon Enterprise Solutions, said researchers have been able to effectively reconstruct the hacker “playbook” and what is happening in “the wild.”
This year’s report — the ninth such study by Verizon — is based on more than 100,000 incidents and 3,141 confirmed data breaches. Of this larger data set, analysts evaluated more than 64,000 incidents and 2,260 breaches.

Slovak soldiers fought the best against hacker attacks

The best team at this year’s international cyber defence exercises Locked Shields 2016 came from Slovakia. The team of Slovak military experts withstood hacker attacks and as the only one was praised for great defence, the SITA newswire reported, referring to the website of the Slovak Armed Forces.

The Slovak team also scored well when dealing with various additional and legal tasks and answering journalists’ questions. In the final evaluation it placed first and received several awards for its performance, SITA wrote.
During the exercise the soldiers used unique defence software, completely developed by a military security technician.
The Locked Shields 2016 exercise is the biggest and most advanced international live-fire cyber defence exercise in the world. It has been organised since 2010 by the Tallinn-based NATO Cooperative Cyber Defence Centre of Excellence and focuses on training the security experts who protect national IT systems on a daily basis, according to the website.
The teams are tasked to maintain the networks and services of a fictional country, Berylia, under intense pressure. This includes handling and reporting incidents, solving forensic challenges as well as responding to legal, media and scenario injects.

Qatar National Bank: Database leak gives data on al-Jazeera journalists and British 'spies'

A 1.4GB trove of internal documents, files and sensitive financial data purporting to be from the Qatar National Bank (QNB) has been leaked online.

The massive data dump appears to contain hundreds of thousands of records including customer transaction logs, personal identification numbers and credit card data. Additionally, dozens of separate folders consist of information on everything from Al Jazeera journalists to what appears to be the Al-Thani Qatar Royal Family.

However, it is a folder listed as "SPY, Intelligence" that quickly catches the eye. Upon analysis, it contains a slew of records listed as Ministry of Defence, MI6 (the UK foreign intelligence service) and Qatar's State Security Bureau, also known as "Mukhabarat".

"There's also a lot of information on banking transactions, suggesting that the perpetrators were trying to expose specific transactions. This theory can be further strengthened by the hacker's attempts to profile the bank's customers into different categories, mostly focusing on Qatar's TV network along with other foreign agencies, some of which are categorised as 'spies'."

вторник, 26 апреля 2016 г.

Ransomware Attack on Hospital Highlights the Importance of Preparation for All Organizations

In early February, Hollywood Presbyterian Medical Center in Los Angeles made a $17,000 ransom payment in bitcoins to a malware hacker who seized control of the hospital's computer systems and demanded money ransom as a condition to returning access. The cyberattack occurred Feb. 5, when hackers using malware infected the institution's computers, preventing hospital staff from being able to communicate from those devices. The malware locked key systems by encrypting files, rendering them unusable by staff. Without the decryption key from the hackers, the hospital had no access to its own systems .

According to the chief executive officer, “[t]he quickest and most efficient way to restore our systems and administrative functions was to pay the ransom and obtain the decryption key.” The hospital said it alerted authorities and was able to restore all its computer systems with the assistance of technology experts, but the episode lasted 10 days. Early reporting indicated there was no evidence that any patient or employee information was subject to unauthorized access, however only time will tell whether the Hospital's security controls were robust enough to prevent such losses. Regardless of whether there was any data loss, one consequence is clear—the event disrupted operations and forced the hospital to return to pen and paper for its record-keeping for an extended period. The hackers are totally anonymous and there have been no reports of suspects.

Ransomware is a fast-growing problem for all organizations, not just hospitals.
Source

Hacker group lauded for improving Taiwan's information security

Taipei, April 25 (CNA) Vice Premier Duh Tyzz-jiun (杜紫軍) said that the Hacks in Taiwan (HIT) association has helped enhance Taiwan's information security technology and talent cultivation by holding activities and forums and the government should certainly extend its support to it.

Duh said at a party celebrating the first anniversary of the association that the government should work with hackers in dealing with information security issues, advancing related technology and improving talent cultivation, and the association provides an important platform to enable the exchange of information in this area.

Duh also praised the association for helping people increase their knowledge about information security and get the latest information in the area by holding seminars and contests.
Source

White hat hacker tries to breach Facebook employee's account, finds backdoor bug already planted in system

Even as Facebook constantly monitors its security system, it is still vulnerable to being penetrated by malicious hackers. Recently, a white hat hacker tried to gain backdoor entry and steal employees' login details, but to his surprise, he learnt that a bug found in the Accellion File Transfer Appliance had already been planted in the social media giant's system.
Taking advantage of the Menlo Park-headquartered firm's bug bounty program, white hat hacker Orange Tsai managed to breach a Facebook employee's account, only to discover that someone had already planted the backdoor bug.
Fortunately, the threat was a non-issue and Facebook's security researcher Reginaldo Silva confirmed that the malware Tsai discovered was actually installed by another security researcher.
Silva said: "On this case, the software we were using is third party. As we don't have full control of it, we ran it isolated from the systems that host the data people share on Facebook. We do this precisely to have better security, as chromakode mentioned. After incident response, we determined that the activity Orange detected was in fact from another researcher who participates in our bounty program. Neither of them were able to compromise other parts of our infra-structure so, the way we see it, it's a double win: two competent researchers assessed the system, one of them reported what he found to us and got a good bounty, none of them were able to escalate access."
Source

Hackers attack site of UN-backed human development network

The Philippine Human Development Network site appears to have been defaced by someone from Anonymous Rabaa

MANILA, Philippines – The website of the Philippine Human Development Network (HDN) was defaced on Tuesday, April 26, by a hacker claiming to be from the Anonymous Rabaa group.
The site, which remained online as of posting, showed a .gif image of a schoolgirl looking towards the camera, followed by the words, "Hacked by Dr.No0oS. Anonymous Rabaa team. The defaced site also appears to have a greeting for fellow hackers, though no explanation was given for why the HDN website of the Philippines was defaced.
The Philippine Human Development Network is a non-profit organization that promotes the concept of sustainable human development. It is assisted by the United Nations Development Programme (UNDP).
It prepares the Philippine Human Development Report and computes the Human Development Index of the country and of each province

A hacker group is threatening VPN providers with DDOS attacks

BlackVPN, a provider of virtual private network (VPN) software, has refused to pay a ransom demand from hacker group Armada Collective, which threatened to unleash a DDOS attack on the company if it didn’t pay up.
According to a blog post, BlackVPN received an email threat from the group demanding it pay 10.08 bitcoins (about $4,600) by Monday or “yours [sic] service going down” and the ransom demand will go up in price every day of non-payment. “Bitcoin is anonymous, nobody will ever know you cooperated,” said the email.

Source

Bangladesh bank hack attack: SWIFT compromised, alarms raised

The attackers who stole $81 million from the Bangladesh central bank probably hacked into software from the SWIFT financial platform that is at the heart of the global financial system, said security researchers at British defence contractor BAE Systems.

SWIFT, a cooperative owned by 3,000 financial institutions, confirmed to Reuters that it was aware of malware targeting its client software. Its spokeswoman Natasha Deteran said SWIFT would release on Monday a software update to thwart the malware, along with a special warning for financial institutions to scrutinise their security procedures.

The new developments now coming to light in the unprecedented cyber-heist suggest that an essential linchpin of the global financial system could be more vulnerable than previously understood to hacking attacks, due to the vulnerabilities that enabled attackers to modify SWIFT’s client software.
Source.

Anonymous Ghost Squad’s DDoS Attack Shuts Down KKK Website

The Anonymous vs. Ku Klux Klan (KKK) cyber war is well known to all of us. In continuation of that war, Anonymous affiliate Ghost Squad brought down one of major website belonging to the KKK members. The information appeared on the official website of the hacktivists

In a series of powerful distributed denial-of-service (DDoS) attacks just a few hours ago, Anonymous has shut down the official website of Loyal White Knights of the Ku Klux Klan (KKK). Ghost Squad, the group said to be behind this attack works with the online hacktivist Anonymous. The reason for attacking the KKK is the “blunt racism” in the name of free speech.
“We targeted the KKK due to our hackers being up in their face, we believe in free speech but their form of beliefs is monolithic and evil. We stand for constitutional rights but they want anyone who is not Caucasian removed from earth so we targeted the KKK official website to show love for our boots on the ground and to send a message that all forms of corruption will be fought. We are not fascist but we certainly do not agree with the KKK movement. They are the Fascists and they are the Racists.”
An error message “The kkkknights.com page isn’t working” is displayed for those visiting the website.
One of the attackers also tweeted about the attack:

пятница, 22 апреля 2016 г.

Obama appoints tech veterans from Microsoft and Uber to cybersecurity commission

President Obama has just released the list of appointees to the Commission on Enhancing National Cybersecurity — and it’s more or less what you’d expect: higher-ups from the big players in tech, plus some academics and the former director of the NSA. Wait, what?
Yes, General Keith Alexander (Retired), who headed the NSA during the enormous expansion of its surveillance apparatus — pointed, of course, at you — is the first listed member of the commission. On the one hand, better the devil you know, and what a resumé. On the other, wow.
The rest of the members are as follows, with their primary or most recent affiliation listed:

Annie I. Antón, Chair of the School of Interactive Computing at the Georgia Institute of Technology
Ajay Banga, president and CEO of MasterCard
Steven Chabinsky, Chief Risk Officer and General Counsel to CrowdStrike
Patrick Gallagher, Chancellor and CEO of the University of Pittsburgh
Peter Lee, CVP of Microsoft Research (and former director of a DARPA initiative)
Herbert Lin, cyber policy and security researcher at Stanford
Heather Murren, investor and Board of Trustees member at Johns Hopkins University
Joe Sullivan, chief security officer at Uber (and previously at Facebook)
Maggie Wilderotter, longtime (but former) CEO of Frontier Communications

So what does this commission do, exactly? It’s part of Obama’s larger overhaul of government tech policy, the Cybersecurity National Action Plan, announced earlier this year. In fact, it’s the first highlight on the administration’s summary of CNAP.

How real is the threat of cyberterrorism?

Cyberterrorism features high in the public mind. In a recent Gallup poll, 79 per cent of Americans ranked a cyberterrorism attack on essential infrastructure third in a list of the greatest threats facing the US.

But a former FBI special agent with particular expertise in cyberterrorism has said real cyberterrorists are so rare they might be considered unicorns in the ranks of more typical cyber-attackers, such as hacktivists, disgruntled insiders, criminals, spies or nation states engaged in cyber-warfare.

“I’m not too concerned that were going to have a cyber 9/11 tomorrow,” says former agent Andre McGregor, now working in the private sector as head of security at security consultants Tanium. While in the FBI, he focused on China, Russia, Iran, Al-Qaeda and Islamic State (and, these days, is also the FBI adviser to the television series Mr Robot).

House Republicans: Feds aren't ready for attack on power grid

House Republicans on Thursday pressed critical infrastructure defense officials on their level of preparedness in the event of a cyberattack on the electrical grid.

“The federal government does not have [a] basic planning scenario for a cyber threat to the power system and there is a huge disparity in what different groups think is a potential scenario for which states and local governments should prepare,” Rep. Lou Barletta (R-Pa.) said in his opening remarks for a Transportation and Infrastructure Committee hearing on the topic.
“What happens is we don’t have a comprehensive plan at a federal level to look at how we can support [grid operators] in the event of a national attack that would come in the way of cyber,” said Rep. Mark Meadows (R-N.C.).

China: We're 'victims not troublemakers' when it comes to cybercrime

China has hit back against accusations that state-sponsored hackers aligned with its government are attempting to breach the computer networks of the US military on a daily basis. Via the state-run Xinhua News agency, China said such claims by US officials are "self-serving rhetoric" designed to bolster military budgets.
"In the cyber space, China is a victim rather than a troublemaker," claimed Xinhua News. "It's the United States that has an overwhelming edge in internet technology, with the world's biggest internet intelligence agency and a first-rate cyber army. The so-called cyberattacks claimed by the United States may well be a farce directed by the superpower itself."

How 'Britain's FBI' hacks into computers to catch criminals and cyber-gangs

In a rare glimpse into the scope of its active surveillance operations, the UK's National Crime Agency (NCA), also dubbed the 'British FBI', has outlined some examples of the computer hacking and snooping techniques it uses to help catch crooks involved in everything from financial cybercrime to sextortion schemes.
The hacking – or 'equipment interference' as it's called by UK intelligence – disclosures were published this month in a joint submission to the UK Parliament by the NCA, HM Revenue & Customs and the National Police Chiefs Council as part of the ongoing scrutiny of the Investigatory Powers Bill. The controversial law, branded a Snoopers' Charter by critics, includes proposals that seek to enhance the surveillance powers open to the UK government, police and intelligence agencies while legitimising some of the tactics exposed by Edward Snowden in 2013

North Korean Cyber Capability Among World's Best, Brooks Says

North Korea’s asymmetric warfare potential is being bolstered by one of the world’s best and most organized cyber attack capabilities, according to the Army general nominated to command U.S. forces in South Korea.
“This is an area of growth,” Army General Vincent Brooks told the Senate Armed Services Committee during his nomination hearing Tuesday. “While I would not characterize them as the best in the world, they are among the best in the world and the best-organized. What they are experimenting with” and “what they are willing to do” has shown boldness and capability, he added.
Although Brooks, the former head of Army Pacific forces, touched on North Korea’s cyber attack skills, he declined during the public hearing to discuss U.S. offensive cyber capabilities against Kim Jong Un’s reclusive regime.

Ethiopia: Minister Presents Bill to Combat Cyber Warfare

Minister of Communications Technology, Debretsion Gebremichael has presented a Bill concerning cybersecurity to the House of People's Representatives. The Bill aims to defend the country against cyberattacks by combatting computer crimes.

Such a law would be vital to the operation of critical safety systems, such as emergency response, and to the protection of infrastructure systems.

The rationale is society's increasing use of Internet, computers, cell phones and mobile devices everyday to talk, email, text and tweet with family, friends and colleagues.

US Navy offers $26M contract to small business to train military cyber personnel

The U.S. Navy is offering a $26 million five-year contract to a small business to train the Navy and Marine Corps' cyber personnel.
The Navy issued a combined solicitation for the training program, which will involve online and in-person cybersecurity training for military personnel and civilians in the Navy's Space and Naval Warfare Systems Command and Fleet Cyber Command, as well as the Marine Corps Forces Cyberspace Command.
"The cyber training services acquired in this solicitation shall provide support to develop and deliver technical courses required to meet operational standards at National-level organizations providing support to cyber security missions. The courses will be aligned to compliment on going cybersecurity technological initiatives," stated the solicitation at FedBizOpps.gov.

Cyber War: Israelis Expose #OpIsrael Hackers

The annual #OpIsrael assault by the hacker group Anonymous was likely responsible for the recent shutdown of Israel Today's website. A tweet by Israeli Elite Force, a private Israeli hacker group that is fighting back, noted yesterday that "'Anons' got exposed by @Buddhax private hackersclub."
The Facebook page for Madsec Security LTD further clarified that the "Israeli Elite Force group managed to steal sensitive information and screenshots of some Anonymous operators who participated on #‎OpIsrael operation against Israel earlier this month. According to the tweet, some Anonymous hackers fell into [Buddhax's] 'trap' as part of the attack against Israel on this day. Inside the PDF file, we find live screenshots from their personal webcams, desktop screenshots, sensitive information related to terrorism (ISIS, Syria) and even usernames and passwords to personal and sensitive accounts."

Moscow's Smart City Security Flaws Could Create Traffic Chaos

Security researchers have warned that basic security flaws in smart traffic monitoring systems could allow black hats to change, falsify or even delete crucial data, potentially creating widespread disruption in the city.
Kaspersky Lab security researcher, Denis Legezo, highlighted a recent test of Moscow’s smart transportation system – a network of road sensors which gather traffic info to help officials alter traffic flow in real time and make future infrastructure planning decisions.
He revealed several basic security issues which made the system highly vulnerable to hackers.
The first was that the name of the manufacturer was printed clearly on the side of the sensor box.
“Although the research was done in Moscow, devices that could be accessed simply via Bluetooth could be easily found in many cities, as there are at least 135,000 such devices in global circulation,” Legezo claimed.

Sweden issued cyber attack alert as its air traffic reeled

Sweden suspects a hacker group linked to Russian intelligence was responsible for an attack on its air traffic control systems last November, it is claimed.

Air traffic control systems across much of Sweden were unavailable on November 4. Computer problems meant air traffic controllers were unable to use their displays, an issue that prompted the cancellation of multiple domestic and international flights. Arlanda, Landvetter and Bromma airports were particularly affected.

Sweden's air traffic control systems problems reportedly coincided with Russian electronic warfare activity in the Baltic Sea region, which may have included jamming of air traffic communication channels. The signals reportedly emanated from the Russian enclave of Kaliningrad, south of Lithuania.

LFV, Sweden's civil aviation administration, said its investigation into the November problems remains open. It declined to respond to the theory that a cyber attack might have been behind problems with the country's air traffic control system last year.

пятница, 29 апреля 2016 г.

четверг, 28 апреля 2016 г.

среда, 27 апреля 2016 г.

вторник, 26 апреля 2016 г.

пятница, 22 апреля 2016 г.

пятница, 29 апреля 2016 г.

четверг, 28 апреля 2016 г.

среда, 27 апреля 2016 г.

вторник, 26 апреля 2016 г.

пятница, 22 апреля 2016 г.