cyberdefense
Latest
Facebook and Microsoft disabled slew of North Korean cyber threats
If you ask the White House, North Korea's WannaCry attack was just the tip of the iceberg. Homeland security adviser Tom Bossert reported that Facebook and Microsoft disabled a range of North Korean online threats in the past week. Facebook removed accounts and "stopped the operational execution" of ongoing attacks, while Microsoft patched existing attacks that went beyond WannaCry. Details of just what those attacks were aren't available.
Russian hackers reportedly stole NSA cyber defense material
The Wall Street Journal reports today that Russian hackers stole documents detailing how US agencies defend their networks against cyberattacks, how they breach foreign networks and the computer code they use to do so. Sources told the publication that the stolen files were identified through Kaspersky security software used by an NSA contractor that had taken classified material from the NSA and saved it on his come computer.
HP Enterprise let Russia review the Pentagon's security software
Last year, Hewlett Packard Enterprise (HPE) allowed a Russian defense agency to analyze the source code of a cybersecurity software used by the Pentagon, Reuters reports. The software, a product called ArcSight, is an important piece of cyber defense for the Army, Air Force and Navy and works by alerting users to suspicious activity -- such as a high number of failed login attempts -- that might be a sign of an ongoing cyber attack. The review of the software was done by a company called Echelon for Russia's Federal Service for Technical and Export Control as HPE was seeking to sell the software in the country. While such reviews are common for outside companies looking to market these types of products in Russia, this one could have helped Russian officials find weaknesses in the software that could aid in attacks on US military cyber networks.
US is ready to hack Russia if it interferes with the election
American officials are nervous that Russia's alleged attempt to influence the election could extend to the vote itself, and they aren't willing to take any chances. A senior intelligence source tells NBC News that US cyberwarfare agents are in a position to hack Russian critical infrastructure (including command systems, the electrical grid and telecoms) if there's evidence of an attack that disrupts the election in a "significant way." The US isn't expecting such a large breach, but the message is clear: we can hurt you if you meddle with the democratic process.
US reportedly elevates the role of Cyber Command
Now that the US treats cyberwarfare as a staple of its combat operations, it's ready to raise the prominence of its internet warriors. Reuters sources say that the Obama administration is planning to elevate Cyber Command, turning it into a "unified command" that's just as crucial as a major regional section like Pacific Command. The proposed shuffle would also detach Cyber Command from the NSA, giving it more input on the use of online weapons and defenses.
Pentagon competition dares you to hack its websites
The US military already tests the security of its networks, but it doesn't feel that's enough in an era when cyberattacks are a constant reality. It's starting up an experimental competition, Hack the Pentagon, that invites private citizens (carefully screened, of course) to hack public Department of Defense websites. While the government is keeping sensitive systems off-limits, this will hopefully identify vulnerabilities that in-house experts wouldn't catch.
NSA will unite divisions to better tackle online threats
The US' National Security Agency isn't as united as it looks at first glance. Its intelligence gathering division (the one that conducts mass surveillance and hacking) and cyberdefense groups are largely separate. And that creates real problems -- among other issues, the intel group might be exploiting security flaws that the defensive team doesn't even know about, leaving critical systems open to attack. Those walls are about to come down, however. The NSA is poised to unveil a reorganization that will merge its offensive and defensive capabilities, helping them coordinate the fight against digital threats.
Syrian government supporters hack the US Army's website
The Syrian government's digital supporters aren't letting up on their attacks against the US. Officials have confirmed that hackers linking themselves to the Syrian Electronic Army both defaced the US Army's website and steered visitors to a page championing the regime. The military rejects the intruders' claims that they compromised internal databases, noting that there's no classified or personal data at risk. Still, the Army isn't taking any chances -- it temporarily took down its website to make sure things didn't get any worse. However light the damage might be, it's safe to say that the feds' cyberdefense efforts just took another bad blow. [Image credit: Ted Aljibe/AFP/Getty Images]
The US Army wants you to look at code it uses to spot cyberattacks
Believe it or not, the US government doesn't always keep its cyberwarfare code a secret. The Army Research Lab has quietly posted the source code for Dshell, a tool it uses to both spot and understand cyberattacks against the Department of Defense. The hope is that this open-door policy will not only help other countries and companies defend against hackers, but help improve the US military's own safeguards -- if you have a knack for digital security, you could spot flaws or offer improvements.
FBI director sees progress in the US' ability to fight cyberattacks
FBI director James Comey has held office for more than a year, but he hasn't really had an opportunity to explain his views on camera. What does he think about the US' ability to cope with cyberattacks, for example? If you've been curious to understand his approach, you'll be glad to know that CBS News has posted the first part of an interview with Comey touching on these subjects. He reveals that he's happy with the progress the government has made on dealing with online intruders, even if it's clear that there's still a long way to go. As he explains, the US' digital defense is a lot like a high school soccer team. It's competent on the field, but no where near the World Cup skill it needs to stop many threats.
US military will spend $23 billion on cyber defense, create its own secure 4G network
The US Department of Defense told a Washington thinktank yesterday that it would spend $23 billion in the next four years to kick its cyber defenses up a gear. That'll include building out a "secure 4G wireless network that will get iPads, iPhones and Android devices online by mid-2014," according to Joint Chiefs of Staff Chairman Martin Dempsey. The DoD recently approved Blackberry 10, iOS and Samsung Galaxy devices with Knox, and General Dempsey himself was packing a smartphone he said would "make Batman and James Bond jealous." While there were no details about how such a mobile network would be locked down, he did say that all 15,000 of the Department's computer networks would be consolidated into an enterprise cloud system to increase security. All that is to combat a "17-fold" cyber warfare increase in just over two years -- no doubt including recent Chinese hacking that the White House took the rare step of recently highlighting.
Japan working on powerful cyber weapon, knows best defense is a good offense
The Japanese government has been (relatively) quietly churning away on an advanced new cyber weapon. In the post Stuxnet age it's no surprise that a government would be working on powerful new tools to defend its digital borders, but this particular virus (developed with help from Fujitsu) is raising eyebrows with some over how it accomplishes its goals. Essentially, when it detects an intruding piece of malware, the program follows the virtual trail left behind back to the attack's source -- disabling every machine it encounters along the way. The goal, obviously, is to stop the spread of a malicious piece of code by finding and shutting down, not just the source, but all middleman PCs that are also now potential hosts. In some admittedly extreme scenarios this weapon could potentially spiral out of control, taking out far more computers than intended. Nightmarish hellscapes dominated by computers run amok aside, its definitely interesting and we understand how it might cause some concern. Check out the source for a few more details.
