Hackers

  • Skeptics doubt voluntary Cybersecurity Framework will achieve its goal

    The Framework for Improving Critical Infrastructure Cybersecurity, developedby NIST following Executive Order 13636to promote cybersecurity, has been received with both support and skepticism from critical infrastructure industries. The 41-page document, put together by industry and government experts, offers guidelines on cybersecurity standards and best practices to critical infrastructure firms. It says its role is to be a complement to industries’ existing risk management practices.Skepticssay that without incentives, legislation, or enforcement, the guidelines will not be adopted.”The marketplace will punish any company that implements anything that could be considered excessive security, because it will increase their costs,” says an industry insider.

  • Snowden stole co-worker’s password to gain access to secret databanks: NSA

    One reason National Security Agency (NSA) former analyst Edward Snowden was able to gain such broad access to a wide variety of agency’s secret documents was that he copied a password from a co-worker who has since resigned. After Snowden was denied access to NSANet, the agency’s computer network which connects into many of the agency’s classified databases, he persuaded a co-worker, an NSA civilian employee, to use his – the co-worker’s — Public Key Infrastructure (PKI) certificate to gain access. The NSA told Congress Snowden used what the agency describes as “digital deception”: the civilian NSA employee entered his password on Snowden’s computer, not realizing that Snowden was able to capture the password, allowing him even greater access to classified information. Once he gained access to NSANet, Snowden released a “Web crawler” inside the system. The crawler automatically indexed the NSANet, and using the passwords Snowden held – one his, one or more those of co-workers – copied every document in its path.

  • Israeli defense company launches cybersecurity solutions section

    In recent months the Israel Aerospace Industries (IAI) has increased its cyberdefense-related activities. Esti Peshin, director of the company’s cyber section and a veteran of the IDF’s hush-hush sigint Unit 8200, says IAI is now developing solutions for clients in Israel and abroad. “We’re a start-up, but with the backing of a company that earns $3.5 billion a year,” she said. Ultimately, she implied, these defensive measures can be turned into offensive capabilities. “Intelligence is a subset of attack,” Peshin said. “This is, first of all, a national mission.”

  • New cyber-attack model helps hackers time the next Stuxnet

    By Akshat Rathi

    Taking the enemy by surprise is usually a good idea. Surprise can only be achieved if you get the timing right — timing which, researchers argue, can be calculated using a mathematical model, at least in the case of cyber-wars. The researchers say that based on the stakes of the outcome, a cyberweapon must be used soon (if stakes are constant) or later (if the stakes are uneven). In other words, when the gain from a cyberattack is fixed and ramifications are low, it is best to attack as quickly as possible. When the gain is high or low and ramifications are high, it is best to be patient before attacking.

  • The “Mask": Kaspersky Lab discovers advanced global cyber-espionage operation

    Kaspersky Lab’s security researchers have announced the discovery of the Mask (aka Careto), an advanced Spanish-language speaking threat actor that has been involved in global cyber-espionage operations since at least 2007. What makes the Mask special is the complexity of the toolset used by the attackers. This includes a sophisticated malware, a rootkit, a bootkit, Mac OS X and Linux versions, and possibly versions for Android and iOS (iPad/iPhone). The primary targets are government institutions, diplomatic offices and embassies, energy, oil, and gas companies, research organizations and activists. Victims of this targeted attack have been found in thirty-one countries around the world.

  • New software obfuscation system a cryptography game changer

    A team of researchers has designed a system to encrypt software so that it only allows someone to use a program as intended while preventing any deciphering of the code behind it. This is known in computer science as “software obfuscation,” and it is the first time it has been accomplished. Previously developed techniques for obfuscation presented only a “speed bump,” forcing an attacker to spend some effort, perhaps a few days, trying to reverse-engineer the software. The new system puts up an “iron wall,” making it impossible for an adversary to reverse-engineer the software without solving mathematical problems that take hundreds of years to work out on today’s computers — a game-change in the field of cryptography.

  • view counter
  • Snowden’ leaks derailed important cybersecurity initiatives

    Edward Snowden’s leaks created such a climate of distrust around the NSA that many important cybersecurity initiatives died, stalled, or became non-starters. Security experts say that this is a case of throwing the baby out with the bathwater, and that the result of these stalled cybersecurity initiatives is that the United States is now more vulnerable to cyberattacks on its infrastructure, and government agencies and American corporations more exposed to sensitive information being compromised and stolen. U.S. officials have found it more difficult to respond to cyberattacks from Russia, China, and elsewhere. “All the things [the NSA] wanted to do are now radioactive, even though they were good ideas,” says James Lewis, a cybersecurity expert at the Center for Strategic and International Studies(CSIS).

  • New state-of-the-art cybersecurity resource available to software developers

    Cybercrime is booming; it is an estimated $100 billion industry in the United States and shows no signs of slowing down. Attackers have an arsenal of weapons at their disposal, including social engineering — or phishing — penetrating weak security protocols and exploiting software vulnerabilities that can serve as an “open window” into an organization’s IT environment. Closing those windows requires effective and accessible tools to identify and root out software vulnerabilities. Supported by a $23.4 million grant from DHS’s Science and Technology Directorate (S&T), the Software Assurance Marketplace, or SWAMP, provides a state-of-the-art facility that serves as an open resource for software developers, software assurance tool developers, and software researchers who wish to collaborate and improve software assurance activities in a safe, secure environment.

  • DARPA makes agency-sponsored software, publications available to R&D community

    DARPA has invested in many programs that sponsor fundamental and applied research in areas of computer science, programs which have led to new advances in theory as well as practical software. The R&D community has asked about the availability of results, and now DARPA has responded by creating the DARPA Open Catalog, a place for organizing and sharing those results in the form of software, publications, data, and experimental details. The Web site aims to encourage communities interested in DARPA research to build off the agency’s work, starting with big data.

  • Making the U.S. grid sturdier, smarter, and more secure to thwart blackouts

    In August 2003, fifty million customers throughout the northeastern United States and southeastern Canada lost power for up to two days. More than ten years later, the U.S. electric power system continues to be challenged. In the United States, 149 power outages affecting at least 50,000 customers occurred between 2000 and 2004, a number which grew to 349 between 2005 and 2009. In 2012, the prolonged power outages in New York and New Jersey caused by Hurricane Sandy once again demonstrated the system’s vulnerability. A broad, multidisciplinary effort by Georgia Tech researchers aims to revolutionize the delivery of electricity, advance the smart grid, thwart blackouts, integrate renewable energy sources, and secure utilities from cyberattacks.

  • Chemical, defense companies subject to Chinese Nitro attacks

    More and more chemical and defense companies around the world are victims of Nitro attacks. These attacks, launched by government-backed Chinese hackers, install PoisonIvy, a Remote Access Tool (RAT) stealthily placed on computer systems to steal information. The majority of the computers infected belong to firms in the United States, Bangladesh, and the United Kingdom.

  • National Guard units help states ward off cyberattacks

    Governors across the United States are mobilizing their states’ National Guard units to combat threats from cyberattacks. The state of Washington was the first state to assign the state’s National Guard cybersecurity responsibilities. The state recognized the potential of its National Guard as a cyberforce when it realized that many of its soldiers, who are full-time employees and part-time soldiers, worked for tech employers such as Google, Boeing, Cisco, Verizon, and Microsoft.

  • National cyber complex to open next to Ben-Gurion University of the Negev campus

    A new national cyber complex called CyberSpark will open at the Advanced Technology Park (ATP) which is located next to Ben Gurion University of the Negev. Fortune 500 companies Lockheed Martin and IBM announced they would invest in CyberSpark R&D facilities, joining other cybersecurity leaders Deutsche Telekom, EMC, RSA, and many startups. The 15-building ATP is the only type of complex of its kind in the world that includes Fortune 500 companies and cyber-incubators, academic researchers, and educational facilities as well as national government and security agencies. The CyberSpark will also include a high school geared toward science and technology.

  • Gaza-based Palestinian hackers compromise Israeli defense ministry computer

    Hackers broke into a computer at the Israeli Ministry of Defense through an e-mail attachment tainted with malicious software. The attachment looked as if it had been sent by the country’s internal security service, the Shin Bet. it was likely that Palestinians were behind the cyberattack, saying that the more recent attacks were similar to cyberattacks against Israeli computers more than a year ago. Those attacks originated in the Hamas-controlled Gaza Strip. The attackers used an e-mail attachment to infect the computers with Xtreme RAT malware, which is a remote access Trojan. The malware allows hackers complete control of an infected machine. They can steal information, load additional malicious software onto the network, or use the invaded computer as a base of operations from which to conduct reconnaissance and attempt to gain deeper access into the network.

  • Cal Poly unveils ambitious cybersecurity educational initiative

    Cal Poly, with a grant from the Northrop Grumman Foundation, has established a Cybersecurity Center, opened a new cyber lab, and is developing a cybersecurity curriculum with an ambitious set of goals in mind: educating thousands of students in cybersecurity awareness and readiness; producing experts in cyber technologies and systems, including many professionals who will serve the military and defense industry; and graduating cyber innovators who are prepared for advanced study and applied research in emerging cyber issues.