• Internet of Things vulnerability: Analyzing the 21 October DDoS attack

    The Friday, 21 October 2016 Distributed Denial of Service (DDoS) has been analyzed as a complex and sophisticated attack, using maliciously targeted, masked TCP, and UDP traffic over port 53. Dyn has confirmed that Mirai botnet was the primary source of the malicious attack traffic. The attack generated compounding recursive DNS retry traffic, further exacerbating the attack’s impact. Dyn says it will not speculate on the motivation or the identity of the attackers, but suggests that, but says that the attack has opened up an important conversation about Internet security and volatility. The attack has not only highlighted vulnerabilities in the security of Internet of Things (IOT) devices that need to be addressed, but it has also sparked further dialogue in the internet infrastructure community about the future of the Internet.

  • DHS S&T awards UCSD $1.4 million to measure Internet vulnerabilities

    DHS S&T has awarded $1,356,071 to UCSD to develop new capabilities better to enable cyber security researchers to measure the Internet’s vulnerabilities to cyberattacks. The award is part of S&T’s Cyber Security Division’s (CSD) larger Internet Measurement and Attack Modeling (IMAM) project.

  • Could your kettle bring down the Internet?

    How could a webcam help bring down some of the world’s most popular Web sites? It seems unlikely but that’s what happened recently when hackers attacked the Internet infrastructure run by U.S. firm Dyn, knocking out services including Paypal, Twitter, and Netflix. More accurately, the attacked involved potentially hundreds of thousands of surveillance cameras and digital video recorders connected to the Internet that had been weaponized by the hackers. Such a high-profile attack demonstrates just how serious the security flaws are in the tech industry’s current approach to the Internet of Things. Without a significant change in the way these devices are designed and used, we can expect to see many more instances of Internet-enabled cameras, TVs, and even kettles used for nefarious purposes. It is time for developers to grow up and take responsibility for their designs or risk interference from regulators.

  • Is someone really trying to find out if they can destroy the Internet?

    A prolonged Internet outage prevented access to major sites like Twitter, Netflix, Spotify, and the New York Times on Friday. Because of the increase in number and intensity of DDoS type attacks in recent years, security analysts have theorized that some of the attacks are masking the probing of vulnerabilities. The Internet remains incredibly vulnerable to attacks on its infrastructure and right now, there are few ways of avoiding them. It does bring into question the ability of governments to put even more of its interface with the public online since as soon as it does, it becomes a potential target for malicious actors. Governments in particular need to become more adept at dealing with this possibility.

  • Long game: Russian government hacking aims to undermine democracy in U.S., globally

    The evidence of cyberattacks by Russian government hackers against the Democratic Party and the Clinton campaign is not only incontrovertible – this is the conclusion of both the U.S. intelligence community and leading cyber experts – but such attacks are nothing new. “This is not a new activity. It is new only in the United States. They routinely undertake cyber operations against democracies in Eastern Europe and other neighbors in the region, mostly to effect turnout, to spread propaganda, and to make the election seen less legitimate,” says Christopher Porter of FireEye’s iSIGHT team. “Ultimately they want to break democracy itself” in the United States and “around the world, wherein it is seen like a less legitimate system. That’s their ultimate goal to send message to the public that democracy cannot be trusted.”

  • Autos require cybersecurity, too

    Most people are familiar with the process of updating the software on their computer and mobile phone, but cyber components — and cybersecurity — are not limited to computers and smart phones. Today’s automobile is a smart device and is highly sophisticated. Late model automobiles also are connected devices. While there never has been a confirmed malicious attack of an automobile, white-hat hackers have proven that automobiles are vulnerable to cyberattacks. Most white-hat hackers believe it is not if, but when hackers will exploit cyber vulnerabilities to remotely access connected vehicles.

  • DoD' “Hack the Pentagon” follow-up initiative

    The Defense Department has awarded a contract to HackerOne and Synack to create a new contract vehicle for DoD components and the services to launch their own ”bug bounty” challenges, similar to the “Hack the Pentagon” pilot program, with the ultimate objective to normalize the crowd-sourced approach to digital defenses.

  • U.K. police charges man with terrorism over researching, using encryption

    Samata Ullah, a 33-year old Briton, earlier this month was charged in a London court with six counts of terrorism, one of which related to researching and using encryption. Privacy advocates say that a controversial statute under British law criminalizes, in the name of combatting terrorism, actions which, on their own, are perfectly legal.

  • New cyber threat: Hacking 3D manufacturing systems

    Researchers demonstrated the first complete sabotage attack on a 3D additive manufacturing (AM) system, illustrating how a cyberattack and malicious manipulation of blueprints can fatally damage production of a device or machine. More than 100 industries, including aerospace, automotive, and defense, employ additive printing processes. The AM industry accounted for $5.165 billion of revenue in 2015. Furthermore, 32.5 percent of all AM-generated objects are used as functional parts.

  • Widespread anti-Semitic harassment of journalists perceived as critical of Donald Trump: Report

    A new report released earlier today by the Anti-Defamation League (ADL) details a troubling, year-long rise in anti-Semitic hate targeting journalists on Twitter, with data showing that the harassment has been driven by rhetoric in the 2016 presidential campaign. The anti-Semitic tweets have been directed at 800 journalists, both conservative and liberal, who wrote critically about Trump. The tweet writers are disproportionately likely to self-identify as Donald Trump supporters, conservatives, or part of the “alt-right,” a loosely connected group of extremists, some of whom are white supremacists. There were 19,253 anti-Semitic tweets in the first six months of 2016, and the words that appear most frequently in the bios of the 1,600 most prolific anti-Semitic Twitter attackers are “Trump,” “nationalist,” “conservative,” and “white.” “To be clear,” ADL stresses, “this does not imply that the Trump campaign supported or endorsed the anti-Semitic tweets, only that certain self-styled supporters sent these ugly messages.”

  • “Lurking malice” found in cloud hosting services

    A study of twenty major cloud hosting services has found that as many as 10 percent of the repositories hosted by them had been compromised — with several hundred of the “buckets” actively providing malware. Such bad content could be challenging to find, however, because it can be rapidly assembled from stored components that individually may not appear to be malicious.

  • Should NSA and cyber command have separate leadership?

    The National Security Agency is the nation’s digital spying organization. U.S. Cyber Command is a military unit focused on cyberwarfare. Does it make sense for one person to lead them both at the same time? I believe that the NSA and Cyber Command should be under separate leadership, so each can pursue its mission with undivided focus and complete intensity. The NSA can gather intelligence. Cyber Command can defend our military networks and be ready to attack the systems of our enemies.

  • WikiLeaks founder’s Internet connection cut by a “state party”

    WikiLeaks said yesterday (Monday) that the Internet connection of its founder, Julian Assange, had been “severed by a state party.” During the past few months, WikiLeaks has collaborated with Russian government intelligence agencies to publish tens of thousands of private e-mails stolen by Russian government hackers from the computer systems of the Democratic Party and the Clinton campaign in an effort to help Donald Trump win the 8 November elections. The United States said it would respond “proportionally” to the Russian interference in the U.S. elections.

  • U.S. mulls how to respond to Russian interference in the U.S. elections

    The United States earlier this week has accused Russia of interfering in the U.S. electoral process. Cyber experts found the digital fingerprints of two Russian government hacker groups were behind the hacking of the Democratic National Committee (DNC), the Democratic Congressional Campaign Committee (DCCC), and the Clinton campaign, but it was still a major step for the United States officially and formally to charge that Russia was behind the hacking – an unmistakable evidence that Russia was throwing its weight behind one of the candidates.

  • The Siberian candidate: Russia’s 2-pronged campaign to undermine the U.S. political system

    We now know what the U.S. intelligence community has known for a while: Vladimir Putin has instructed the FSB (Russia’s Federal Security Service) and GRU (the Russian military’s main intelligence agency) to use their considerable cyberwarfare capabilities to help Donald Trump defeat Hillary Clinton in the 8 November. The Russian digital campaign of interference in the U.S. electoral process has intensified. We can only guess what additional actions the Russian government hackers will take in the days immediately before 8 November – and on election day itself.