Tag Archive: Cyber Security


Russian Researchers Expose Breakthrough U.S. Spying Program

 

 

 

 

 

 

” The U.S. National Security Agency has figured out how to hide spying software deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers, giving the agency the means to eavesdrop on the majority of the world’s computers, according to cyber researchers and former operatives.

  That long-sought and closely guarded ability was part of a cluster of spying programs discovered by Kaspersky Lab, the Moscow-based security software maker that has exposed a series of Western cyber-espionage operations.

  Kaspersky said it found personal computers in 30 countries infected with one or more of the spying programs, with the most infections seen in Iran, followed by Russia, Pakistan, Afghanistan, China, Mali, Syria, Yemen and Algeria. The targets included government and military institutions, telecommunication companies, banks, energy companies, nuclear researchers, media, and Islamic activists, Kaspersky said. (http://reut.rs/1L5knm0)

  The firm declined to publicly name the country behind the spying campaign, but said it was closely linked to Stuxnet, the NSA-led cyber-weapon that was used to attack Iran’s uranium enrichment facility. The NSA is the agency responsible for gathering electronic intelligence on behalf of the United States.”

 

Lots more on the latest State spying revelations at Yahoo News

 

 

 

 

 

 

 

 

 

 

 

 

Detroit Database Held For Ransom

 

Bitcoin.png

 

 

” Mayor Mike Duggan detailed Monday how Detroit has been victimized by cyber crimes, including how a city database was frozen in April and held for ransom.

  Duggan said the city database was held hostage for a ransom of 2,000 bitcoins, an encrypted digital currency. A bitcoin is currently worth $401.75, making that ransom worth $803,500. Duggan said the ransom was not paid and the database wasn’t used or needed by the city.

“ It was a good warning sign for us,” he said at Michigan’s third summit focusing on cyber security issues in government, business and other sectors at the North American International Cyber Summit at Cobo Center. “

 

Detroit News

 

 

 

 

 

 

 

 

 

New ‘Bash’ Software Bug May Pose Bigger Threat Than ‘Heartbleed’

 

 

 

 

” A newly discovered security bug in a widely used piece of Linux software, known as “Bash,” could pose a bigger threat to computer users than the “Heartbleed” bug that surfaced in April, cyber experts warned on Wednesday.

  Bash is the software used to control the command prompt on many Unix computers. Hackers can exploit a bug in Bash to take complete control of a targeted system, security experts said.

  The Department of Homeland Security’s United States Computer Emergency Readiness Team, or US-CERT, issued an alert saying the vulnerability affected Unix-based operating systems including Linux and Apple Inc’s (AAPL.O) Mac OS X.

  The “Heartbleed” bug allowed hackers to spy on computers but not take control of them, according to Dan Guido, chief executive of a cybersecurity firm Trail of Bits.”

 

Reuters

 

For those who are interested here are some links to further stories about the newly discovered cyber-threat …

 

The Switchboard: Meet Shell Shock, the security bug experts say is worsethan Heartbleed

Bash Security Bug is Worse than Heartbleed

‘Worse than Heartbleed:’ Shellshock bash bug blasts OS X systems

‘Bigger than Heartbleed’ Shellshock flaw leaves OS X

Worse than Heartbleed? Today’s Bash bug could be

 

 

 

 

 

 

 

 

 

 

 

How To Find Out If You’ve Been Hacked In Under A Minute

 

 

 

 

 

” If it feels like the Internet is plagued by seemingly constant cybersecurity breaches, sometimes the best thing you can do is find out if your usernames and passwords are already owned by an enterprising criminal.

  The search engine Have I been pwned? (HIBP) is one of your best free and easy bets to find out if your sensitive information is floating out in cyberspace for all to see. There are other worthwhile options but HIBP’s new real-time monitoring tool separates it from the pack. 

  HIBP, which has provided easy access to stolen user credentials from newsworthy security breaches since last year, just introduced a major new feature that gives it access to about 175 million vulnerable accounts—a number that will keep growing rapidly—and alerts your within a minute to possible problems.

  Now, with the new feature, scores of smaller breaches are documented and made easy for anyone to search.”

 

Read more

 

 

 

 

 

 

 

 

 

No Security Ever Built Into Obamacare Site: Hacker

 

HEALTHCARE.GOV Security

 

 

” It could take a year to secure the risk of “high exposures” of personal information on the federal Obamacare online exchange, a cybersecurity expert told CNBC on Monday.

” When you develop a website, you develop it with security in mind. And it doesn’t appear to have happened this time,” said David Kennedy, a so-called “white hat” hacker who tests online security by breaching websites. He testified on Capitol Hill about the flaws of HealthCare.gov last week.

” It’s really hard to go back and fix the security around it because security wasn’t built into it,” said Kennedy, chief executive of TrustedSec. “We’re talking multiple months to over a year to at least address some of the critical-to-high exposures on the website itself.”

 

 

    The most interesting quote from the security expert in the video reveals that because HealthCare.gov is a Federal program if your personal information is compromised the government has NO OBLIGATION to inform you of that fact . Think about that before you sign up with the help of that convicted felon Navigator from ACORN .

 

 

 

 

 

 

 

Stuxnet: UK And US Nuclear Plants At Risk As Malware Spreads Outside Russia

 

 

 

 

” Security experts have warned the notorious Stuxnet malware has likely infected numerous power plants outside of Russia and Iran.

Experts from FireEye and F-Secure told V3 the nature of Stuxnet means it is likely many power plants have fallen victim to the malware, when asked about comments made by security expert Eugene Kaspersky claiming at least one Russian nuclear plant has already been infected.

“[The member of staff told us] their nuclear plant network, which was disconnected from the internet […] was badly infected by Stuxnet,” Kaspersky said during a speech at Press Club 2013.

Stuxnet is sabotage-focused malware that was originally caught targeting Windows systems in Iranian nuclear facilities in 2010. The malware is believed to originally have been designed to target only the Iranian nuclear industry, but subsequently managed to spread itself in unforeseen ways.

F-Secure security analyst Sean Sullivan told V3 Stuxnet’s unpredictable nature means it has likely spread to other facilities outside of the plant mentioned by Kaspersky.

It didn’t spread via the internet. It spread outside of its target due to a bug and so it started traveling via USB. Given the community targeted, I would not be surprised if other countries had nuclear plants with infected PCs,” he said.”

 

 

Here is a very thorough and detailed article for those readers interested in learning more about the history of Stuxnet .

 

Illlustration "How Stuxnet Worked"

 

 

” Computer cables snake across the floor. Cryptic flowcharts are scrawled across various whiteboards adorning the walls. A life-size Batman doll stands in the hall. This office might seem no different than any other geeky workplace, but in fact it’s the front line of a war—a cyberwar, where most battles play out not in remote jungles or deserts but in suburban office parks like this one. As a senior researcher for Kaspersky Lab, a leading computer security firm based in Moscow, Roel Schouwenberg spends his days (and many nights) here at the lab’s U.S. headquarters in Woburn, Mass., battling the most insidious digital weapons ever, capable of crippling water supplies, power plants, banks, and the very infrastructure that once seemed invulnerable to attack.

Recognition of such threats exploded in June 2010 with the discovery of Stuxnet, a 500-kilobyte computer worm that infected the software of at least 14 industrial sites in Iran, including a uranium-enrichment plant. Although a computer virus relies on an unwitting victim to install it, a worm spreads on its own, often over a computer network.

This worm was an unprecedentedly masterful and malicious piece of code that attacked in three phases. First, it targeted Microsoft Windows machines and networks, repeatedly replicating itself. Then it sought out Siemens Step7 software, which is also Windows-based and used to program industrial control systems that operate equipment, such as centrifuges. Finally, it compromised the programmable logic controllers. The worm’s authors could thus spy on the industrial systems and even cause the fast-spinning centrifuges to tear themselves apart, unbeknownst to the human operators at the plant. (Iran has not confirmed reports that Stuxnet destroyed some of its centrifuges.)”

 

 

Further reading :

How Digital Detectives Deciphered Stuxnet, the Most Menacing Malware in History

Confirmed: US and Israel created Stuxnet, lost control of it

The History of Stuxnet: Key Takeaways

Stuxnet: Anatomy of a Computer Virus on Vimeo

 

 

 

 

 

 

 

 

Why Syria Hacking Obama’s Twitter Account Is A Sign Of Things To Come

 

 

 

 

” Last week, the Syrian Electronic Army briefly hacked President Obama’s official Twitter account and claimed to have accessed some of his sensitive campaign emails. And this follows months of speculation that Chinese hackers have been doing everything from hacking into Mitt Romney’s 2012 presidential campaign to burrowing deep inside America’s most sensitive infrastructure. From an asymmetric warfare perspective, the Internet has tilted the military playing field once again. America has bombs, planes and tanks, the rest of the world has… free stuff on the Internet.

In other words, Syria couldn’t possibly attack the U.S. on our own soil (we hope), but it can mess with our Internet. As Syrian leaders have pointed out before, ever since the Syrian Electronic Army formed in 2011, these hackers have begun to comprise “a real army in a virtual reality.” Think of just some of the various attacks members of the Syrian Electronic Army have carried out over the past 18 monthsthey’ve hacked major media websites such as those of the New York Times and the Washington Post, they’ve defaced websites, coordinated denial of service attacks, sent false news accounts via social media accounts and used sophisticated phishing tacts to compromise the account information of potential opponents.

And they’re just getting warmed up. What if our national infrastructure is next? What if they decide to play a little game with our nuclear reactors (or, at least, those hooked up to computers and sensors), all while sitting thousands of miles away, playing around on the Internet?

 

    This is one reason that the State feels that it must “control” the internet . Hacking , Anonymous and the internet itself are the greatest “force multipliers” ever available to arm the people the power in their fight against tyranny and abusive government .