cyber attack
Latest
Hackers release footage from upcoming Wolverine game and 1.3 million other stolen files
Much of the data focuses on the upcoming Wolverine video game.
Garmin reportedly paid millions to resolve its recent ransomware attack
The company is said to have made the payment through a third party.
UN confirms it suffered a 'serious' hack, but didn't inform employees
The United Nations was the victim of a massive, likely state-sponsored hacker attack this past summer, according to reports from The New Humanitarian and Associated Press. To make the matters worse, the organization didn't disclose the details and severity of the hack until those publications obtained an internal document on the situation.
Pro-ISIS hackers take French TV station off the air
A French-language TV station broadcast around the world, was reportedly hacked by ISIS, halting broadcasts for about three hours. TV5Monde's Facebook page and website were also hijacked, and network director Yves Bigot said operations were "severely damaged." The station's programming and Facebook page are back up, but its website remains "en maintenance." As in a recent US hack, the jihadist group used the site to issue threats against French soldiers and reveal the identities of their relatives. France provides air support for anti-ISIS ground forces that recently liberated the Iraqi city of Tikrit, and declared that ISIS must be "wiped out" after the Charlie Hebdo attacks.
JPMorgan and other US banks reportedly hit by cyberattack
A Bloomberg report claims that JPMorgan Chase and "at least" four more banks in the US have been victims of a virtual attack from hackers. The data gathered from the breach could reportedly "be used to drain accounts," according to two Bloomberg sources who have been briefed on the situation by the US government. At the moment, it is unknown which other banks were affected by this, but the FBI has already opened an investigation and is currently working to find out more details. "[We are] working with the United States Secret Service to determine the scope of recently reported cyberattacks against several American financial institutions," said the FBI in a statement. Meanwhile, a different report from CNN Money notes that seven of the "top" 15 banks were on the wrong end of these attacks, per people familiar with the matter -- though such information has not been corroborated by US officials.
Kaspersky Labs preps its own OS to guard vital industry against cyberwarfare
Kaspersky Labs' namesake Eugene Kaspersky is worried that widely distributed and potentially state-sponsored malware like Flame and Stuxnet pose dire threats to often lightly protected infrastructure like communication and power plants -- whatever your nationality, it's clearly bad for the civilian population of a given country to suffer even collateral damage from cyberattacks. To minimize future chaos and literally keep the trains running, Kaspersky and his company are expanding their ambitions beyond mere antivirus software to build their own, extra-secure operating system just for large-scale industry. The platform depends on a custom, minimalist core that refuses to run any software that isn't baked in and has no code outside of its main purposes: there'll be no water supply shutdowns after the night watch plays Solitaire from an infected drive. Any information shared from one of these systems should be completely trustworthy, Kaspersky says. He doesn't have details as to when the OS will reach behind-the-scenes hardware, but he stresses that this is definitely not an open-source project: some parts of the OS will always remain confidential to keep ne'er-do-well terrorists (and governments) from undermining the technology we often take for granted.
Iran claims to have been hit by 'heavy' cyber attack, pins slowdowns on coordinated hacking campaign
Whatever you think of Iran's politics, it's hard to deny that the country has frequently been the target of internet-based attacks that sometimes go beyond the originator's plans. If you believe High Council of Cyberspace secretary Mehdi Akhavan Behabadi, the pressure is only getting worse. He tells Iranian media that the nation is under "constant" digital bombardment and was just hit with a major assault on Tuesday that bogged down local internet access. Behabadi unsurprisingly contends that the attacks are deliberate efforts to undermine Iran's data, nuclear and oil infrastructures, with a finger implicitly pointed westward. While it's no secret that the country's enemies want to slow down what they see as a rush towards nuclear weapons, it's difficult to know how much of the accusation is serious versus bluster: we've seen individual smartphone users who consume more than the "several gigabytes" of traffic that reportedly caused national chaos in the most recent incident. No matter the exact nature, it's likely that residents stand to lose as Iran fences off the internet to keep outside influences, hostile and otherwise, from getting in. [Image credit: Amir1140, Wikipedia]
Google starts warning affected users about state-sponsored cyber attacks
The fallout from malware like Stuxnet and Flame might soon be rearing its head at a Google Plus page or Gmail inbox near you. A post on its online security blog states that Google will now issue warnings in the form of a strip placed just below the upper menu bar to users being targeted by suspected state-sponsored cyber attacks. Google stressed that such warnings don't mean that its systems have been compromised but it does make it highly likely that the recipient may be the target of state-sponsored phishing or malware. How exactly does Google know this to be the case? The company declined to offer specifics, only saying that data from victim reports and its own analysis strongly point toward the involvement of states or state-sponsored groups. Google also didn't mention how often it sees such malicious activity, though coverage of Stuxnet and Flame certainly has put a spotlight on cyber warfare involving nations. In the meantime, feel free to hit the source link below for Google's tips on how to secure your account.
U.S. Department of Defense preps cyber rules of engagement, plans to work more closely with ISPs
The Pentagon left no room for argument last year when it declared cyber attacks a potential act of war. "If you shut down our power grid, maybe we will put a missile down one of your smokestacks," a military official reportedly remarked. Yikes. Before we start bombing chimneys, however, the Department of Defense plans to draft up some relevant guidelines, noting in a recent House Armed Services Committee hearing that it will be delivering a set of cyberspace-specific rules of engagement in the coming months. "We are working closely with the joint staff on the implementation of a transitional command and control model for cyberspace operations," said Madelyn Creedon, assistant secretary of defense for Global Strategic Affairs. In addition to setting ground rules for cyber-engagements, the DOD also plans to expand efforts to share classified information on possible threats with internet service providers and defense contractors.
US Cyber Command completes major cyber attack simulation, seems pleased with the results
The US Cyber Command is barely out of its infancy, but it's already crossed one milestone off its to-do list, with the successful completion of its first major test run. The exercise, known as Cyber Flag, was carried out over the course of a single week at Nellis Air Force Base in Nevada, where some 300 experts put their defense skills to the test. According to Col. Rivers J. Johnson, the participants were divided into two teams: "good guys," and "bad guys." The latter were delegated with the task of infiltrating the Cyber Command's networks, while the former were charged with defending the mock cyberattack and keeping the government's VPN free of malware. The idea, according to the agency, was to simulate a real-world attack on the Department of Defense, in order to better evaluate the Command's acumen. "There were a variety of scenarios based on what we think an adversary would do in real world events and real world time," Johnson explained. "It was a great exercise." The Colonel acknowledged that the good guys weren't able to defend against all of the attacks, but pointed out that the vast majority were recognized and mitigated "in a timely manner." All told, Cyber Flag was deemed a success, with NSA Director and Cyber Command chief Gen. Keith Alexander adding that it "exceeded" his own expectations.
Water pump reportedly destroyed by SCADA hackers
The FBI and DHS are investigating damage to a public water system in Springfield, Illinois, which may have been the target of a foreign cyber attack. There's no threat to public safety and criminal interference has not been officially confirmed, but a security researcher called Joe Weiss has reported evidence that hackers based in Russia are to blame. He claims they accessed the water plant's SCADA online control system and used it to repeatedly switch a pump on and off, eventually causing it to burn out. Coincidentally, a water treatment facility was publicly hacked at the Black Hat conference back in August, precisely to highlight this type of vulnerability. If there are any SCADA administrators out there who haven't already replaced their '1234' and 'admin' passwords, then they might consider this a reminder.
US government to beat back botnets with a cybersecurity code of conduct
Old Uncle Sam seems determined to crack down on botnets, but he still needs a little help figuring out how to do so. On Wednesday, the Department of Homeland Security and National Institute of Standards and Technology (NIST) published a request for information, inviting companies from internet and IT companies to contribute their ideas to a voluntary "code of conduct" for ISPs to follow when facing a botnet infestation. The move comes as an apparent response to a June "Green Paper" on cybersecurity, in which the Department of Commerce's Internet Policy Task Force called for a unified code of best practices to help ISPs navigate through particularly treacherous waters. At this point, the NIST is still open to suggestions from the public, though Ars Technica reports that it's giving special consideration to two models adopted overseas. Australia's iCode program, for example, calls for providers to reroute requests from shady-looking systems to a site devoted to malware removal. The agency is also taking a hard look at an initiative (diagrammed above) from Japan's Cyber Clean Center, which has installed so-called "honeypot" devices at various ISPs, allowing them to easily detect and source any attacks, while automatically notifying their customers via e-mail. There are, however, some lingering concerns, as the NIST would need to find funding for its forthcoming initiative, whether it comes from the public sector, corporations or some sort of public-private partnership. Plus, some are worried that anti-botnet programs may inadvertently reveal consumers' personal information, while others are openly wondering whether OS-makers should be involved, as well. The code's public comment period will end on November 4th, but you can find more information at the source link, below.
Pentagon says cyber attacks are acts of war: send us a worm, get a missile in return?
Well, the Pentagon is finally fed up with hackers picking on its buddies and foreign intelligence taking shots at its computer systems, and has decided that such cyber attacks can constitute an act of war. Of course, the powers that be won't be bombing you for simply sending them some spyware, but attempts to sabotage US infrastructure (power grids, public transit, and the like) may be met with heavy artillery. It's unclear how our government will identify the origin of an attack or decide when it's serious enough to start shooting, but Uncle Sam is looking to its allies to help create a consensus answer for those questions. The retaliatory revelation is a part of the Pentagon's new cyber strategy that'll be made public in June -- so saboteurs beware, your next internet incursion might get you an ICBM in your backyard.
Thumb drive-based malware attack led to formation of US Cyber Command
Recently declassified documents have revealed that the worst breach of U.S. military computers evar went down in 2008, a major turning point in our nation's cyberstrategy that eventually led to the formation of the United States Cyber Command. Operation Buckshot Yankee, as the defense came to be known, began when a USB thumb drive infected by a foreign intelligence agency was found in the parking lot of a Department of Defense facility in the Middle East. Whomever found the thing placed it in their laptop (probably hoping to find Justin Bieber MP3s), which just so happened to be attached to United States Central Command. From that point, writes Deputy Defense Secretary William J. Lynn in Foreign Affairs, malware spread "undetected on both classified and unclassified systems, establishing what amounted to a digital beachhead, from which data could be transferred to servers under foreign control." Yikes! We still haven't found out which country orchestrated the attack, or what they might have learned from it, so until the Pentagon tells us otherwise we're going to do what we usually do in these situations and blame Canada (sorry, Don). [Warning: read link requires subscription]
