cyberwarfare
Latest
The US will protect Japan against cyberattacks
The US knows that it's not enough to protect its own networks against cyberattacks -- its allies have to be safe, too. Appropriately, it's agreeing to shield Japan from digital assaults against its military and critical systems. The move gives the island nation a big security boost (its online defense unit has a mere 90 people) and hopefully reduces the chances that less-than-sympathetic neighbors China and North Korea will compromise a strategically vital country. While it's doubtful that the pact will deter many hacking attempts, it could make any local cyberwarfare campaigns that much tougher. [Image credit: AP Photo/Eugene Hoshiko]
The US Navy wants to protect its drones against hacks
Cyberwarfare is bad enough by itself, but it's especially dangerous when military drones are involved. The last thing you want is a hijacked UAV that can give away your position or, worse, fire on your own troops. To that end, the US Navy is asking private companies for help with developing technology that protects drones, missiles and other airborne weapons against hacks. Whoever has the best proposal will (hopefully) craft systems that not only prevent enemies from getting in, but bounce back quickly if the worst happens.
2001 DARPA movie predicts the state of today's technology
Does DARPA employ psychics or something? I mean they must, or how else can you explain this precognitive glimpse at the modern world? The advanced research agency produced it more than a decade ago! Admittedly, many of the ideas featured were already rolling out, in development or pulled from sci-fi, but you can see the futuristic vision (and ugly UIs everywhere) in this DARPA film, Strategic Cyber Defense. Included are a number of modern technologies such as ubiquitous touchscreens, voice activated computer interfaces (a la "Ok Google"), advanced behavioral analysis, real-time translation and automated cyber-defenses. Watch the video below to see how many of today's future technologies you can spot -- and how many are better off left as concepts that didn't pan out.
Department of Defense creates new cyberunit in Silicon Valley
In order to better combat cyberthreats to national security, the US Department of Defense is setting up shop in Silicon Valley. At a lecture today at Stanford University, Defense Secretary Ash Carter outlined the department's new focus on cyberdefense, including tapping into the ecosystem of Silicon Valley to drive innovation against cyber attacks against "US interests." Carter announced that he's setting up the Defense Innovation Unit X (X stands for Experimental) inside the DOD, staffed by active-duty and military personnel alongside reservists. "They'll strengthen existing relationships and build new ones; help scout for new technologies; and help function as a local interface for the department," Carter explained. "Down the road, they could help startups find new work to do with DOD."
China's 'Great Cannon' shoots down websites it doesn't like
According to a new report from Citizen Lab, China has not only built itself a "Great Cannon" but has already fired it as well. This potent online weapon seems to be capable of intercepting internet traffic at the national level then directing it at specific networks to knock them offline. China's already widely suspected of being behind the recent attack against Github, which was overloaded for nearly a week via "an ongoing and evolving large DDOS attack." Now it appears that Github's attackers used the Cannon to redirect that traffic from Chinese search engine giant Baidu to cripple the website. All reportedly because the San Francisco-based website hosted a pair of pages that link to content banned in China.
The White House officially launches its new cyber warfare agency
One of the reasons that the US has been slow to respond to attacks is because its security agencies don't talk to each other. This lack of communication may make the FBI, CIA etc look very butch, but it's pretty terrible when lives, businesses and second-tier studio comedies are on the line. This is why the White House has sanctioned the creation of a new agency that's designed to remedy the problem. The US Cyber Threat Intelligence Integration Center has been given the official go-ahead, and will sit between the FBI, NSA and CIA, amongst others, collating that data and offering a cohesive policy to fight off digital attacks. Another thing the CTIIC will be responsible for is informing both lawmakers and US businesses of impending threats and advise upon solutions, maybe starting with "don't make movies about North Korea without making sure your network is full of holes."
NSA leaks suggest Iran learned cyberwarfare from US attacks
The US government and security experts have connected Iran to many cyberattacks in the past, including one launched against the Navy. Based on a 2013 NSA document leaked by Edward Snowden, published by The Intercept, it's also been long suspected that Iran's state hackers learned their craft from the West. Ironically, from previous attacks against its own networks. The NSA is also worried the country's cyberweapons are becoming more and more potent, as it continues to improve, and not just replicate its enemies' tactics. As you might have guessed, Iran's crusade to give its enemies a taste of their own medicine started with the attacks against its nuclear facility.
UK government reveals its hacking guidelines
It's no secret that numerous countries see hacking as a viable security strategy, but the British government has been reluctant to admit as much. Ask it about GCHQ's ability to mess with communications, for example, and it will only say that whatever it does is legal and necessary (even if it isn't). The nation's leaders just got a little more honest, however: the UK Home Office has published the guidelines that law enforcement and spies follow when using "equipment interference" (read: hacking) to get into phones and PCs. The rule set largely deals with high-level issues such as proportional uses of hacks, data retention and the validity of warrants, but it's a rare acknowledgment that these digital intrusions even take place. It goes so far as to mention that the UK intercepts and bugs gadgets it wants to spy on, much like its American counterparts. Minister James Brokenshire claims that the government is being "as open as it can be" about its security policies by publishing the documents, and this is certainly a milestone given earlier secretiveness.
The US Army wants you to look at code it uses to spot cyberattacks
Believe it or not, the US government doesn't always keep its cyberwarfare code a secret. The Army Research Lab has quietly posted the source code for Dshell, a tool it uses to both spot and understand cyberattacks against the Department of Defense. The hope is that this open-door policy will not only help other countries and companies defend against hackers, but help improve the US military's own safeguards -- if you have a knack for digital security, you could spot flaws or offer improvements.
NSA brags about turning the tables on cyberwarfare hackers
How confident is the National Security Agency about its ability to wage cyberwarfare? Enough so that it's bragging about it. A new round of Edward Snowden leaks published by Der Spiegel reveal that the institution has not only been gearing up for a future of digital battles (it asked for $1 billion to improve its cyberattacks back in 2013), but boasts about what it can already do. For example, it touts that it can "drink your milkshake" (There Will Be Blood style) if you dare attack American government computers. When China hacked the Department of Defense in 2009, the NSA not only pinpointed the source of attack, but broke into China's intelligence network and monitored the country's spying efforts. This "fourth party collection," as the NSA calls it, lets the agency find out what's happening without doing all the hard work.
Obama renews push for comprehensive cybersecurity legislation
Barack Obama's last effort to get some cybersecurity legislation through Congress stalled in 2011, when it successfully cleared the Republican-held House, but withered in the Senate. After some high-profile attacks on government social networking accounts, Sony and others, he's resurrecting those plans. It will be one of the many things the president discusses during his upcoming State of the Union address, but he is delivering a preview of those plans today in a speech at the Department of Homeland Security. Obviously many of the details will need to be worked out by Congress, but Obama is pushing for some liability protection for companies that quickly respond and share information about attacks. The White House says there will also be strict requirements for the protection of personal data.
Cyberattacks used security software to cover their trail
State-sponsored hacking attempts frequently rely on specially written software, but that's a risky move. Unless it's well-made, custom code can be a giveaway as to who's responsible. Attackers are switching things up, however. Security researchers at CrowdStrike and Cymmetria have discovered that a likely cyberwarfare campaign against military-related targets in Europe and Israel used commercial security software to both cover its tracks and improve its features. Typically, the attacks would try to fool people into installing rogue Excel scripts through bogus email. If anyone fell for the ploy, the script installed malware that also grabbed parts of Core Security's defense assessment tool in its attempt to throw investigators off the scent. That's no mean feat -- Core has copy protection and digital watermarks to prevent the software from winding up in the wrong hands, so the perpetrators clearly went out of their way to use it.
Obama doesn't believe the Sony hack was an act of war
If you were worried that the US government would see the Sony Pictures hack as grievous enough to prompt a larger conflict with North Korea, you can relax. President Obama tells CNN that he doesn't see the digital assault as an "act of war" -- it was a serious instance of "cybervandalism," but that's it. He still isn't giving any clues as to what the previously mentioned proportional response will be, but the remarks suggest that it won't involve an especially damaging retaliatory hack or any real-world weaponry. If leaks are correct, the White House may be more interested in stopping future attacks by North Korea than launching one of its own. [Image credit: Alex Wong/Getty Images]
The US wants China's help blocking North Korean hackers
Apparently, the US is willing to recruit any ally it can get in its digital battles -- including countries that are frequently its adversaries. Sources for both the Associated Press and the New York Times claim that American officials have asked China to implement a block that would "cripple" North Korea's ability to launch cyberattacks like the one that hobbled Sony Pictures. Unfortunately, this request may be more than a little optimistic. China reportedly agrees that the attacks aren't cool, but it hasn't promised help. It doesn't exactly have much of an incentive to lend a hand when it's frequently engaged in cyberwarfare with the US.
US officials ID North Korea as source of Sony Pictures hack
According to CNN, NBC, and the New York Times, US officials will announce tomorrow that they've identified North Korea as the source behind a massive cyberattack against Sony Pictures. As a result of threats tied to the attack, Sony Pictures today cancelled the premiere of its upcoming movie The Interview. According to the sources, the government has decided North Korea was "centrally involved", even though the attack may have been launched using computers elsewhere, contrary to reports it may not have been related to that country at all. There's also no word on what, if any, response there will be to the attack. Sounds like a job for Simon.
FBI warns businesses about large-scale Iranian hacking threats
There's still some debate over the scale of Iran's reported Operation Cleaver hacking campaign, but the FBI is clearly taking it seriously. According to Reuters' copy of a confidential report, the federal law enforcement agency is warning businesses of advanced Iranian hacks targeting American defense, education and energy firms. The alert stops short of accusing Iran of a cyberwarfare campaign, but notes that the attacks usually come from two connections within the country. There isn't exactly a huge list of suspects here.
North Korea denies hacking Sony Pictures, but likes that someone did
If you suspect that North Korea hacked Sony Pictures' network, you're not going to get confirmation any time soon. State news outlet KCNA is now denying any North Korean role in the breach, and calls the allegation a "wild rumor." With that said, the nation is more than happy to see the movie studio suffer after daring to poke fun at Kim Jong Un in The Interview. KCNA suggests that the hack could be a "righteous deed," and that the perpetrators (Guardians of Peace) may be "supporters and sympathizers" of the North's cause.
North Korea treats its state-sponsored hackers like royalty
There's still a dispute as to whether or not North Korean hackers broke into Sony Pictures' network, but one thing is clear: the country spoils its cyberwarriors rotten. A defector tells Reuters that Bureau 121, the spy division responsible for at least some state-sponsored internet attacks, gives hackers "very strong" financial incentives. They get giant apartments in posher parts of town, and they're relatively wealthy; one Bureau member could pay to move his entire rural family to the capital if he wanted. Many North Koreans see one of these jobs as an honor.
Pentagon turns to Silicon Valley for the future of warfare
Back in the day, when wars were won and lost by whoever had the biggest stick, the US reigned supreme. Nowadays, however, having the fastest jet isn't much use when hackers can attack you on a whim. That's why the Department of Defense has opened its doors to pitches from those outside the defense community to dream up the next generation of digital weapons. The idea is to coax minds from academia and the sort of companies that you read about on a daily basis into coming up with smarter drones, cybersecurity platforms and better conventional weapons. The DoD is hoping that some technologies will be up and running by 2025, hopefully in time to prevent America's film industry being ruined by the targets of its satire.
Sony Pictures is worried that North Korea hacked its computers
If you've been intrigued by the hack that took down Sony Pictures' computers, you've probably wondered who the self-proclaimed culprits, the "Guardians of Peace," might be. Are they disgruntled employees? Social activists? According to Recode sources, Sony is worried that they're actually North Korean cyberwarriors. The company and its security consultants are "actively exploring" theories that an outfit in China breached the network on North Korea's behalf. Investigators haven't confirmed anything, but they also haven't ruled out the Korean link so far.
