Posts Tagged ‘ cyber warfare ’

America’s already-failed cyber war

July 23, 2015
posted by

Kelley B Vlahos The American Conservative
by Kelley Vlahos  

"This spring, upwards of 22 million people -- including all government workers and their families -- were affected by the largest data breach of government computers ever, putting their personal histories ... at risk. In a seeming moment of candor, Department of Homeland Security Secretary Jeh Johnson said in July that the two separate hacks of the Office of Personnel management first discovered in June were a 'wake up call' for the federal government regarding the urgency of the cybersecurity threat .... After spending two decades and untold billions in taxpayer dollars on federal cyber priorities, not to mention the dedication of new agencies, programs, departments, task forces, a czar, and a cyber command under the U.S. military, the idea that the DHS needed an 'a-ha' moment to put the threat into perspective is absurd, even bordering on cheap sentiment considering the circumstances. " (07/23/15)

http://tinyurl.com/nhfxtwd  

No Comments »

The terrorism pretext: Mass surveillance is about money and power

July 20, 2015
posted by

CounterPunch CounterPunch
by Bill Blunden  

"For years public figures have condemned cyber espionage committed against the United States by intruders launching their attacks out of China. These same officials then turn around and justify America's far-reaching surveillance apparatus in terms of preventing terrorist attacks. Yet classified documents published by WikiLeaks reveal just how empty these talking points are. Specifically, top-secret intercepts prove that economic spying by the United States is pervasive, that not even allies are safe, and that it's wielded to benefit powerful corporate interests." (07/20/15)

http://tinyurl.com/ot5fr5o  

No Comments »

International cyber criminals steal, deface another gang’s web site

July 16, 2015
posted by

Newsweek    

"U.S. law enforcement, in coordination with more than a dozen international authorities, recently shut down Darkode -- a secretive online bazaar for exploits, malware, botnets and stolen personal information, like credit cards. 'Of the roughly 800 criminal Internet forums worldwide, Darkode represented one of the gravest threats to the integrity of data on computers in the United States,' said U.S. Attorney David Hickton. It is not clear when authorities shut down the site. But on Wednesday, darkode.com displayed a notice saying that the FBI seized the domain." [editor's note: That Hickton guy says Darkode was "one of" the gravest threats to data integrity. Not nearly the threat that the US government itself is by a damn site, though - TLK] (07/15/15)

http://tinyurl.com/ntammh6  

No Comments »

Mozilla blocks all Flash in Firefox after third zero-day

July 14, 2015
posted by

Computer World    

"Mozilla on Monday began blocking all versions of Adobe Flash Player from running automatically in its Firefox browser, reacting to news of even more zero-day vulnerabilities unearthed in a massive document cache pilfered from the Italian Hacking Team surveillance firm. ... With the block in place, any attempt to play Flash content in Firefox displays a message at the top of the browser display window that reads, 'Firefox has pre[v]ented the unsafe plugin 'Adobe Flash' from running on the target URL.' Users can sidestep the block by clicking an 'Allow' button at the far right of the message." (07/14/15)

http://tinyurl.com/ncx79b3  

No Comments »

Hacking the Hacking Team: The innards of the surveillance industry

July 8, 2015
posted by

CounterPunch CounterPunch
by Binoy Kampmark  

"What goes around can come around with inexorable force. An Italian hackers-for-hire company called the Hacking Team, selling software to facilitate surveillance, has been, in turn, hacked. In this self-assuming ecology, such companies will have to expect that what they allow others to do will be used on them in time. ... The surveillance industry has no codes of fidelity or borders of control. It is simply a business over nourished by peeping tom patrons. Caught in this tawdry mix are users of such technologies who simply want that rather frayed liberty of privacy to be protected. Not all who use encryption tools seek to trick the law and its suspicious officials." (07/08/15)

http://tinyurl.com/puqyhff  

No Comments »

Hacking Team hacked: firm sold spying tools to repressive regimes, documents claim

July 6, 2015
posted by

The Guardian The Guardian [UK]    

"The cybersecurity firm Hacking Team appears to have itself been the victim of a hack, with documents that purport to show it sold software to repressive regimes being posted to the company's own Twitter feed. The Italy-based company offers security services to law enforcement and national security organisations. It offers legal offensive security services, using malware and vulnerabilities to gain access to target's networks. According to the documents, 400GB of which have been published, Hacking Team has also been working with numerous repressive governments -- something it has previously explicitly denied doing." [editor's note: If Hacking Team works for governments, and it does work for governments, it works for "repressive" governments - TLK] (07/06/15)

http://tinyurl.com/p5qlbkl  

No Comments »

Hackers installed sophisticated malware on US computers. Why doesn’t anyone care?

July 6, 2015
posted by

Reason Reason
by Andrea Castillo  

"Duqu 2 is noteworthy for the unparalleled number of victims it intentionally infected, having compromised computer systems owned or used by Western heads of state, European telecommunications providers, American corporations, and Kaspersky Labs itself. During that time, hackers could freely explore comprised systems for a pervasive surveillance operation on the multilateral nuclear negotiations. Yet the scant and nonactionable details gleaned from this paranoid bugging scheme are surely not worth the tremendous geopolitical cost that comes with it. By targeting a trusted security research center and U.S. computer systems, the Duqu 2 attackers have dangerously crossed an unspoken barrier preventing an all-out global cyber war." (07/04/15)

http://reason.com/archives/2015/07/04/hackers-installed-duqu-2-malware  

No Comments »

Why cyber war is dangerous for democracies

June 25, 2015
posted by

The Atlantic The Atlantic
by Moises Naim  

"[W]hile it is important that democracies not spy on their citizens, it is as important that democracies have ways to defend themselves and their citizens from the dangerous cyber world that is emerging. This new world is significantly imbalanced in favor of non-democratic nations -- not because authoritarian states are more technologically sophisticated than their democratic counterparts, but because they are more institutionally flexible, opaque, unaccountable, and often corrupt." (06/25/15)

http://tinyurl.com/phbp4ue  

No Comments »

US: Swedish abductee sentenced to five years for writing software

June 24, 2015
posted by

Computer World    

"The creator of a tool that was used to steal data from a half-million computers will go to prison for close to five years, the U.S. Department of Justice said Tuesday. Alex Yucel, 25, of Sweden, pleaded guilty in February in federal court in New York to one count of distributing malicious software. He was sentenced to four and three-quarter years in prison and fined $200,000 .... Yucel was accused of creating and managing the sale of Blackshades, a remote access tool that was widely used by the criminal underground." (06/24/15)

http://tinyurl.com/qd8vlcf  

No Comments »

Spies are cracking into antivirus software, Snowden files reveal

June 23, 2015
posted by

The Hill The Hill    

"American and British spy agencies have been working together to exploit flaws in popular antivirus software to conduct surveillance, according to documents published by The Intercept from the cache of government leaker Edward Snowden. Together, the National Security Agency (NSA) and its British equivalent, Government Communications Headquarters (GCHQ), have worked to reverse engineer these products, study them for weaknesses, and even track emails coming into top security companies that might be alerting them to new viruses and vulnerabilities, The Intercept reported." (06/22/15)

http://tinyurl.com/nzwwndh  

No Comments »

Popular security software came under relentless NSA and GCHQ attacks

June 22, 2015
posted by

The Intercept The Intercept
by Andrew Fishman and Morgan Marquis-Boire  

"The National Security Agency and its British counterpart, Government Communications Headquarters, have worked to subvert anti-virus and other security software in order to track users and infiltrate networks, according to documents from NSA whistleblower Edward Snowden. The spy agencies have reverse engineered software products, sometimes under questionable legal authority, and monitored web and email traffic in order to discreetly thwart anti-virus software and obtain intelligence from companies about security software and users of such software." (06/22/15)

http://tinyurl.com/nlaxllu  

No Comments »

FBI fingers suspects in 2014 “Fappening” API attack

June 22, 2015
posted by

ProgrammableWeb    

"A federal warrant unsealed earlier in June claims that FBI agents stormed a home in Chicago in pursuit of a suspect involved in the infamous 'Fappening' hacking of multiple celebrities' iCloud accounts in 2014, according to an article by Jeremy Diamond for CNN. The raid took place last fall, just over a month after the private images were published on the Internet by what was suspected to be a network of individuals who traded the images online. The suspect was Emilio Herrera, 30, who lived in the home with his parents." (06/19/15)

http://tinyurl.com/p7dwrmw  

No Comments »

Giving government “backdoor” access to encrypted data threatens personal privacy and national security

June 17, 2015
posted by

Reason Reason
by Andrea Castillo  

"The 'Crypto Wars' are here again, which means federal officials are doing all they can to limit the technological tools that keep our personal data secure. President Obama and leaders from the National Security Agency (NSA), FBI, and Department of Homeland Security (DHS) have been pressuring the technology community to build 'backdoors' that allow government access to encrypted data. The War on Terror provides plenty of rhetorical ammunition to these anti-encryption officials, who seem to believe that purposefully sabotaging our strongest defenses against 'cyberterrorists' is an effective way to promote national security. But they are dangerously wrong, as recent revelations of decades-old security vulnerabilities imposed by encryption restrictions make all too clear." (06/16/15)

http://tinyurl.com/pko2gep  

No Comments »

FBI investigates Cardinals for hacking into Astros’ database

June 16, 2015
posted by

ESPN    

"The St. Louis Cardinals are being investigated by the FBI for allegedly hacking into networks and trying to steal information about the Houston Astros .... The [New York] Times reported Tuesday that the FBI and Justice Department officials have evidence that Cardinals officials -- who were not identified -- allegedly tapped into the Astros' database and had access to statistics, scouting reports and internal discussions about players, trades and other proprietary information." (06/16/15)

http://tinyurl.com/ot9qp94  

No Comments »

Hacking and the future of warfare

June 14, 2015
posted by

The Atlantic The Atlantic
by Adrienne LaFrance  

"It's not like government officials didn't see the attack coming. The Office of Personnel Management has faced repeated hacking attempts -- including an incident last year when Chinese hackers tried to steal tens of thousands of files about U.S. workers who had applied for top-secret security clearance. But a breach of federal data that was announced last month appears to be significantly worse than the federal government originally let on." (06/12/15)

http://tinyurl.com/nltk4gd  

No Comments »

Swiss, Austrians probe possible cyberattack on Iran nuclear talks

June 12, 2015
posted by

euronews [EU]    

"Swiss authorities have searched a house in Geneva and seized computer material in connection with a possible cyberattack on nuclear negotiations between Iran and major powers in the city, Switzerland's attorney-general said on Thursday. Austria is also investigating the case, which came to light when Russian computer security company Kaspersky Lab said on Wednesday a computer virus was used to hack into locations including three luxury hotels that had hosted negotiations between Iran and six world powers. ... Israel, Iran's arch-enemy and a strong critic of the talks between Tehran, the United States, Russia, China, France, Britain and Germany, on Thursday dismissed as baseless reports that it may have had a connection to the computer virus." (06/11/15)

http://tinyurl.com/pvn8xu9  

No Comments »

Kaspersky finds new nation-state attack — in its own network

June 11, 2015
posted by

Wired    

"Researchers at Kaspersky Lab in Russia have discovered yet another new nation-state attack attributed to members of the infamous Stuxnet and Duqu gang. But this time the perpetrators were hiding in plain sight -- inside the security firm's own networks. Kaspersky says the attackers became entrenched in its networks some time last year. For what purpose? To siphon intelligence about nation-state attacks the company is investigating -- a case of the watchers watching the watchers who are watching them." (06/10/15)

http://tinyurl.com/q4mj4f4  

No Comments »

Hackers breach US government personnel office

June 5, 2015
posted by

The Washington Post Washington Post    

"Chinese hackers breached the computer system of the Office of Personnel Management in December, officials said Thursday, and the agency will notify some 4 million current and former federal employees that their personal data may have been compromised. ... OPM, using new tools, discovered the breach in April, said officials at the agency who declined to comment on who was behind the hack. Other U.S. officials, who spoke on conditions of anonymity because it is an ongoing investigation, identified the hackers as being from China. The data potentially exposed included employees' job assignments, performance ratings and training, the officials said. The breach did not involve background or clearance investigations, they said." (06/04/15)

http://tinyurl.com/nodjvc4  

No Comments »

Report: New Snowden documents show NSA has expanded US web spying to include cyber attacks

June 4, 2015
posted by

Newser    

"The Obama administration has expanded the National Security Agency's authority to hunt for foreign threats coursing through American Internet pipes by allowing the agency to collect intelligence on cyberattacks, the New York Times and ProPublica reported Thursday, citing documents provided by Edward Snowden. The reports noted that the surveillance of U.S. internet traffic, which began in 2012, has been occurring without individual warrants envisioned under the Foreign Intelligence Surveillance Act, a 1978 law that predated the modern Internet." (06/04/15)

http://tinyurl.com/o4skw99  

No Comments »

Report: NSA hijacked app stores to hack phones

May 22, 2015
posted by

The Hill The Hill    

"The National Security Agency planned to infiltrate the Google and Samsung app stores to plant spying software on smartphones, according to new documents published from files leaked by Edward Snowden. The Intercept and CBC News jointly published the documents Thursday, which outline the snooping efforts designed by the U.S. and its 'Five Eyes' alliance -- Canada, the United Kingdom, New Zealand and Australia. ... agents sussed out smartphone Internet traffic by browsing through its Web traffic database created under the XKeyscore program. They would then track down those phones' connections to an app marketplace. Once identified, agents could hijack that connection to the app store and use it as a delivery system to plant spyware on the device." (05/21/15)

http://tinyurl.com/ks9zo65  

No Comments »

“Logjam” crypto bug could be how the NSA cracked VPNs

May 21, 2015
posted by

The Register [UK]    

"A team led by Johns Hopkins crypto researcher Matthew Green thinks they might have an explanation for how the NSA attacked VPN services: flaws in how TLS implements Diffie-Hellman crytography. In what's bound to be the next big branded bug, Green says servers that support 512-key 'export-grade' Diffie-Hellman (DH) can be forced to downgrade a connection to that weak level. The server -- and therefore the client -- will both still believe they're using stronger keys such as 768-bit or 1024-bit. Like so many things -- including the similar FREAK flaw -- the bug is ancient: a 20-year-old SSL bug that was inherited by TLS." (05/20/15)

http://tinyurl.com/o4v5qyj  

No Comments »

St. Louis Fed hit with hack

May 20, 2015
posted by

CNN Money    

"Visitors to parts of the St. Louis Federal Reserve's website last month were sent to phony sites that could be used to steal their personal information. The hack targeted the St. Louis Fed's Web servers -- not the Fed branch itself or its website. This kind of 'domain name server hack' sends a person to a different site, often laced with malware or phishing software." (05/19/15)

http://money.cnn.com/2015/05/19/technology/st-louis-fed-hack/  

No Comments »

Who hacked the White House?

April 27, 2015
posted by

Justin Raimondo Antiwar.com
by Justin Raimondo  

"Okay, so let's summarize the evidence we’re given in this piece pointing to the Russians: 1) The culprits are 'sophisticated actors.' 2) It can't be the Chinese because they only care about money -- so it must be the Russians, because the targets were political. Besides, the Russians 'hide their tracks better.' 3) The timing: 'it happened at a moment of renewed tension with Russia.' Is it really necessary to debunk this pallid ghost of an argument? To begin with, there are plenty of 'sophisticated actors' in the hacking world, not all of whom are acting on behalf of a state." (04/27/15)

http://tinyurl.com/o7g558d  

No Comments »

Estonia: NATO to hold major cyber defense drill

April 22, 2015
posted by

Albany Democrat-Herald    

"About 400 computer experts will participate in a major cybersecurity drill in Estonia this week as part of NATO's efforts to upgrade its capability to counter potentially debilitating hacker attacks. Teams from 16 nations will take part in the Locked Shields 2015 exercise at NATO's cyberdefense center in Tallinn. The annual drill is one of the largest of its kind." (04/21/15)

http://tinyurl.com/kwfswtz  

No Comments »

Sony hack: Wikileaks publishes more than 30,000 documents

April 17, 2015
posted by

Wikileaks The Hollywood Reporter    

"On Thursday, WikiLeaks published more than 30,000 documents and 170,000 emails from Sony Pictures, obtained from a hack that has been sourced to North Korea in anticipation of the studio's release of The Interview. The Julian Assange website noted in a press release that 'whilst some stories came out at the time, the original archives, which were not searchable, were removed before the public and journalists were able to do more than scratch the surface.' In a move that could trigger another round of embarrassing prying into Sony affairs, WikiLeaks has now published those documents in a searchable format." (04/16/15)

http://tinyurl.com/pyh7ea4  

No Comments »

Our Sponsors



Making a living off your Drupal site?

Drupal Managed Hosting

Fed up with Maintenance and Hosting companies?