Can Data Infrastructure Vendors Stop Hackers?

A group of technology vendors at last week’s GEOINT 2015 conference demonstrated a data infrastructure they claim could stop hackers in their tracks.

The Multilevel Secure System (MLS) combines technology and services from Lockheed Martin, Seagate, Red Hat, SGI, Cray, Bay Microsystems, Mellanox, Vion, Altair, Crunchy and Splunk.

The ecosystem is based on Security-Enhanced Linux (SELinux), but it adds role-based access control with a policy for each role, so no one can get to the system root and the root can’t see user data. All access is logged, so any attempts to penetrate the system can be traced. Policies are based on roles such as security admin, audit admin and sysadmin, and each file is tagged with a security level so some users can see it while others can’t.

At the heart of the system lies a Seagate ClusterStor, which

Lockheed Martin is the system integrator for the ecosystem. Red Hat is providing its Enterprise Linux, along with Docker and cluster management and orchestration, while SGI and Cray bring high-performance computing capabilities. Bay and Mellanox are moving all that data with InfiniBand with RDMA.

Vion’s technology offers data access and fusion based on user role, while Altair’s PBS provides job scheduling, Crunchy is chipping in its Enterprise PostgreSQL database and Splunk is auditing it all.

At the Geospatial Intelligence conference in Washington, D.C., each vendor set up their own demonstration of how the system could work for users. Seagate showed two computer screens, one with access to more sensitive video of military operations than the other screen. Lockheed demonstrated the Data Fusion technology, with the ability to limit, merge or view data sets depending on role. One user might only have access to a lower level of data, while another could see that data with another level layered on top of it.

The vendors say the ecosystem could prevent breaches like the massive U.S. Office of Personnel Management data theft that was disclosed earlier this month.

View the original content and more from this author here: http://ift.tt/1U3ImaF

from hacker samurai http://ift.tt/1T0MQNV
via IFTTT

Can Data Infrastructure Vendors Stop Hackers? | hacker samurai

from Hacker Samurai http://ift.tt/1T0MQNV
via IFTTT

When Police Become the Hackers | hacker samurai

from Hacker Samurai http://ift.tt/1IJCFWr
via IFTTT

When Police Become the Hackers

Special police squads or teams are a staple of movies and television like CSI, The Mod Squad, and Miami Vice. Whether they’re real or not, they make law enforcement seem pretty cool and more exciting. The most exciting real police team I know of is SWAT. But now in the modern era, there are plenty of threats and crimes such as online prostitution, phishing, identity theft, ransomware, cyber-terrorism, online drug sales such as Silk Road; the list goes on. There are already several special police and federal teams assigned to handle such problems; but now a new team has to be formed due to a serious change in the cyberworld. Get ready because the police will soon be required to become professional hackers.

With the recent clipping of the NSA’s wings by the USA Freedom Act, and the encouragement of tech companies for users to employ encryption (also due to the NSA), law enforcement is currently in a bind as it’s more difficult to monitor encrypted communications than ordinary ones. If ordinary users can easily use encrypted communications as peddled by tech companies, criminals can too. It will be tougher for law enforcement to track illegal drug traffickers, gun runners, online pimps and human traffickers. In fact, they could be using Snapchat right now, automatically dissolving vital communication evidence. But since news came out that the popular online messaging service was actually keeping the data, the best move criminals can take is to use other means, like encryption.

So what’s law enforcement to do if it can no longer monitor everybody? The answer is to monitor or focus on known somebodies and wait for them to slip. But they can’t do that if all they see is garbage resulting from encryption; encryption meant to be used by ordinary people. In the UK, legislation is being prepared to force companies to hand over keys to encrypted transmission, but since legislation takes ages, police is eying the use of computer network exploitation (CNE) in layman’s terms, hacking. Since intelligence agencies already have their hands full trying to monitor and intercept terrorism, law enforcement is coming up shorthanded when it comes to other forms of cybercrime. Police departments are therefore considering training themselves in the art of CNE. Instead of waiting for other intelligence agencies to decipher encrypted criminal messages, police can try to do it themselves.

Police departments can either train themselves or hire professional hackers otherwise known as white hats as consultants. Without the proper keys or hints, encryption is very difficult to break. Police can try to determine their target’s account name and password or determine vulnerabilities in their target’s software. If basement hackers can find vulnerabilities every other Tuesday, the police with enough resources can as well. Speaking of resources, it’s high time for the police, not just in the UK, but the whole world to invest in cyber-security and CNE skills to help combat the ever increasing crime rate in cyberspace or the use of cyberspace in real-world crimes.

Only two thing stands in the way of this important, well-meaning but intrusive component in law-enforcement. Privacy issues and ethics. Police cannot just barge into someone’s home without a search warrant and the same goes when hacking into someone’s computer whether he/she is a criminal or not.  The difference between white hat hackers and black hats is that white hats are paid to do it by the same people they hack into in order to find vulnerabilities in the system, patch them and make them more secure. Black hats do it for attention, vengeance, principle and/or personal gain. Everyone is still presumed innocent until proven guilty so unless there’s enough reason to be suspected, authorities are still required to issue search warrants in search of evidence.

Of course the intrusive nature of hacking, again leads to the question of privacy. The possibility of abuse of CNE cannot be discounted. Without a sufficient legal framework, police can hack into anyone they deem as a suspect to a crime. They can hack into anyone just for kicks or they’d just become extra arms of the supposedly crippled intelligence agencies for mass surveillance. So like the legislation for the surrender of cryptography codes that needs to be prepared, legislation and guidelines for the safe and fair use of CNE by police should be prepared as well.

It’s not a bad idea letting the police take a crack at cracking since everyone is getting savvier and savvier with current technologies including criminal elements that can use encryption in hiding their activities. The use of encryption standards is completely legal, breaking them without a warrant to do so is not. Authorities can only work within the confines of the law, therefore a law that balances law enforcement and privacy concerns need to be made first before nerds in uniform can become regular fixtures in any police department.

View the original content and more from this author here: http://ift.tt/1NqEBaD

from hacker samurai http://ift.tt/1IJCFWr
via IFTTT

Federal agencies are wide open to hackers, cyberspies

By that time, the FBI already knew-and told OPM-that security-clearance forms had been tapped, officials said.

Archuleta said the cyberattacks were discovered because of OPM’s stepped-up efforts in the past 18 months to improve security, but she acknowledged the office still has work to do.

“They entered the network – we’re not quite sure how because of lack of logging”, she said at the hearing.

Perhaps I’m missing something here, but I was under the impression that the NSA, FBI, CIA, Department ofHomeland Security and all the rest were supposed to be protecting us from attacks from bad guys – not just launching their own attacks. “We are a data base”.

Connally said the U.S. is “facing a systematic, organized, financed, pernicious campaign by the Chinese government…to penetrate our cyber world”.

Chaffetz asked Wednesday whether the figure could actually be as high as 32 million people.

“This is a huge loss with massive potential to wreak havoc against possibly millions of people for years to come”, Lopez said.

A week later, the personnel agency revealed a second breach of a security clearance database that contained the background check files of millions of military and intelligence community. That information included details about drug use, criminal convictions, mental health issues and the names and addresses of relatives and any foreigners with whom they had contact.

But, the number of those affected is expected to continue to increase.

Archuleta promised to provide further information pending deeper investigation, but in the meantime, she said she would be hiring a cybersecurity advisor with an August 1 start date.

Committee Chairman Jason Chaffetz, R-Utah, didn’t accept a delay in producing a number, though, and pointed to a budget request for the year 2016 that Archuleta penned this past February.

In addition, she inherited an agency whose cyber-security has been neglected for decades, Archuleta suggested during the hearing.

OPM said it also developed a multi-phase strategy to secure legacy information technology applications as the agency’s infrastructure undergoes an upgrade.

The brief dispute Tuesday illustrated the internal wrangling over the Obama administration’s response to the OPM hack. David Cox, president of the American Federation of Government Employees (AFGE) wrote in a letter to OPM Director Katherine Archuleta that the union believed that the social security numbers were not stored in an encrypted state, which would give the threat actor direct access to the data.

“After an extensive analysis of this incursion, we found no evidence of the exfiltration of sensitive personal data”, Hess said.

“I am as upset as [those affected] are about what happened and what these perpetrators have done with our data”, said Archuleta, who also confirmed that attackers gained access to the network with credentials stolen from security contractor KeyPoint in 2014.

But Archuleta said the quote was being misinterpreted, arguing that she was referring only to personally identifiable information and not other files held by OPM. “To be clear, the employee was working on OPM’s systems, not KeyPoint’s”. It was the second of three Capitol Hill hearings this week on the OPM breaches. The new specialist will work with the agency’s chief information officer to manage ongoing response to the current incidents, help complete a plan to mitigate future incidents and assess whether long-term changes to the IT architecture are needed, the report noted.

View the original content and more from this author here: http://ift.tt/1LSnwp2

from hacker samurai http://ift.tt/1LSmMjN
via IFTTT

Federal agencies are wide open to hackers, cyberspies | hacker samurai

from Hacker Samurai http://ift.tt/1LSmMjN
via IFTTT

FAA Panel to Study Ways to Defend Flight Systems From Hackers | hacker samurai

from Hacker Samurai http://ift.tt/1LFsoAS
via IFTTT

FAA Panel to Study Ways to Defend Flight Systems From Hackers

NEWS ANALYSIS: Government regulators quietly gathered aircraft makers and airline executives to start working on ways to keep hackers from compromising flight management systems.

 

The Federal Aviation Administration has decided that the time has come to give a close look at the security of its data systems. These systems, which include networks that help the agency run the air traffic control system, send radar images to flight controllers and control connections to the radios that keep flight controllers to in touch with pilots in the air.To find solutions the FAA has convened a committee of aircraft manufacturers, airline executives and pilots to look into ways to boost the security of these critical systems.The worry about data security is a fairly new thing for the aviation business. While airlines and aircraft manufacturers have the same exposure to hackers, malware and nation state spies as any other business, until recently little thought had been given to the data systems that support airline flight systems.But that’s was before things started to break. In April, American Airlines grounded several flights because their onboard flight planning software crashed as flights were leaving their gates in a number of cities.Some flights were cancelled and others were delayed. Social media lit up with word that the iPads that pilots were using for flight planning and terminal navigation had crashed and the software they were using had stopped working.

As it turned out, the problem with the airline’s iPads wasn’t due to hackers or malware, but rather a bug in the mapping program provided by Jeppesen, an aviation and marine navigation software company owned by Boeing. The problem was fixed in a few days when the software was updated. In the meantime, the airline’s pilots flew using paper charts, just as they’d learned to do in flight school.However, the American Airlines flight groundings demonstrated clearly just how vulnerable aviation safety might be if something even more serious goes wrong.The potential vulnerability was underscored when the FCC admitted that the agency had been penetrated by a cyber-attack shortly before that and was hiring one of its existing consultants, SRA International of Fairfax, Va. on a sole-source contract to help deal with it.If you don’t recall hearing any news about an FAA’s cyber-attack, that’s because the FAA unlike most businesses, isn’t required to disclose it. But because it’s a government agency, it still has to make its procurement actions public and that’s how the information came to light.Fortunately, Washington is overrun with journalists who scour obscure reports for such things and it was Nextgov.com, which is part of Government Executive magazine, which reported the first word about cyber-attack that hit the FAA.The attack on the FAA is actually part of a much bigger and more difficult problem. How will the airline industry secure the global web of networks that aviation authorities use to provide data and flight clearances to planes, to update flight plans, and that pilots use to send flight plans and other data to the FAA and their employers. Those networks, which have slowly evolved since they were first put in place in the 1960s, basically just grew. At first, they were never part of any overall plan.

View the original content and more from this author here: http://ift.tt/1Lz5r1n

from hacker samurai http://ift.tt/1LFsoAS
via IFTTT

Is college application data safe from hackers? | hacker samurai

from Hacker Samurai http://ift.tt/1g5TtjR
via IFTTT

Is college application data safe from hackers?

TREASURE ISLAND, Florida— High School senior Matthew Kuba is ready for college. But to get there he had to spend hours online filling out financial aid forms and college applications.

They’re asking for your parents’ total balance of cash, savings, and checking accounts,” said Kuba showing us his application.

College applicants like Kuba start by filling out the FAFSA, a detailed Federal Student Aid form required by most universities whether they qualify for assistance or not.

“It was just kind of like… where does this all go,” looking at the massive list of information he was required to submit for admission.

Matthew says he was unprepared for just how much information would be collected.

“Parent’s social security…along with when they were married. It’s asking for their date of birth, so pretty much anything that could be used to identify me online is just as abundant as the information they’re getting on my parents,” said Kuba.

It’s all that information–experts warn–that could be vulnerable to criminals trying to hack into college servers.

“It is happening at universities across the county [and] it is happening right now,” said Cyber Security expert Steven Casco of CardNotPresent.com.

“They not only get one bit of information, they get an entire family’s information,” said Casco. “They get the mother and the father, the social security, the amount in the bank, the son or the daughter. Not just the one who is applying to [the] school but the other dependents that those parents have. That is a treasure trove from criminals.”

Casco says over the past year and a half, more than 100 colleges have reported breaches of sensitive information. Top notch institutions like Butler University where last June, the birthdates, Social Security numbers and bank account information for nearly 163,000 students were stolen.

At Tallahassee Community College, financial aid information for 2,800 students was also compromised in 2011. The breach wasn’t discovered until students found out months later.

Two men in Miami were arrested in connection to using the information to allegedly file 3.3 million dollars in fraudulent tax returns.

“They don’t care if it’s a private institution or an Ivy league School, or a community college around the block,” said Casco. “If they can get in they’re going to want to get in, and they’re going to want to steal as much as they can.”

Worst of all, applicants have no way to know how secure the college they’re applying to really is.

“One school might be doing absolute gangbusters in locking everything down which is fantastic; [but] the other three schools you apply to may not have no controls whatsoever. And you don’t know! And that to me is a truly scary thing.”

“I got into UF though,” said Kuba with a smile!

As Matthew heads up to Gainesville he’s confident the University of Florida is taking steps to keep his information safe but still worries about his identity falling into the wrong hands.

“No matter how much security you have, it’s never enough. You can’t stop it,” worries Kuba.

So what can you do as a student applying or as a parent?

Experts suggest that you can call the universities you’re applying to and ask about their data security. If nothing else, it lets them know data security is something that’s important to you and something that they should be making a top priority.

Secondly, experts suggest parents activate credit monitoring, not just for the student applying, but for the entire family; even younger siblings. If their identity is compromised, you might not find out until years later in their teenage years and by that time their credit could take years to repair.

View the original content and more from this author here: http://ift.tt/1g5Tvbb

from hacker samurai http://ift.tt/1g5TtjR
via IFTTT

Insurers take on hackers

Some security pros would argue that it’s less a question of whether your company’s confidential files will get hacked than it is a matter of when.

If it seems as though no one is safe, 4.2 million active and former federal workers would agree with you. The theft of their personal information was revealed this month. That was the same week when local medical software company Medical Informatics Engineering acknowledged its own breach of private patient information.

Other high-profile hacking victims have included Chase, Home Depot, Target, Anthem, Staples, Kmart, Dairy Queen and SuperValu. The number of individual victims of identity fraud was a staggering 12.7 million last year, according to Javelin Strategy & Research.

The insurance industry has responded with policies that cover data breaches. Some local companies have embraced the protection, and others say they are too busy taking care of business to investigate the option.

Jeff Donnell, Medical Informatics Engineering’s vice president of marketing, last week said his firm is covered. The biggest advantage, he said, is that it offers policyholders access to experienced, independent legal and forensics consultants after a hacking incident. The experts are still trying to determine how many individuals’ information might have been compromised in the attack, which was detected May 26.

“Without question, having that insurance in place has been a tremendous asset as we work on recovery,” Donnell said.

Cyber insurance has exploded into a $2 billion industry, with demand doubling or tripling in some areas in each of the past two years, according to Financial Services Roundtable, a Washington, D.C., banking advocacy group. Annual sales of the policies totaled less than one-tenth of that amount just 12 years ago.

PricewaterhouseCoopers, one of the public accounting firms that recommend cyber insurance to clients, advised in a paper published last year that corporate executives must step up and understand the risks – and stop labeling data security as a problem best delegated to information technology staff.

Rae Pearson, founder and president of Alpha Rae Personnel Inc., said her Fort Wayne staffing firm has had coverage for some time.

“It’s important, particularly if you do things online, to protect the customer,” she said.

Her policy protects the company if an employee breaches confidentiality or commits fraud. Pearson considers it a cost of doing business.

Karen Cameron, executive vice president of Fort Wayne-based iAB Bank, said the business has cyber insurance. It made sense to secure coverage, she said, because of the prevalence of hacking attacks and stringent regulations imposed by the banking industry.

But iAB doesn’t rely exclusively on that policy’s protection, she said.

Bank officials focus on policies and procedures designed to lessen their risk of identify theft. They also try to educate customers about ways to protect themselves, she said.

The company’s policy pays for breach-related expenses, including business interruption, crisis management and the costs of creating and mailing new account cards to customers.

More than 50 companies issue policies, including AIG, Travelers and Lloyds.

Cyber Data Risk Managers is a broker specializing in cyber insurance in the U.S. and Australia. The firm gives prospective clients a taste of how much they can expect to spend.

A fiber optics communications provider with $35 million in revenue would pay about $47,000 in annual premiums for $10 million in cyber coverage. A financial services provider with $100 million in revenue would pay about $37,000 in premiums for $1 million in coverage.

Meanwhile, a social worker with a $120,000 salary would pay $859 a year for coverage of claims up to $1 million.

The brokerage offers more than two dozen examples of premiums based on policies with payout potential of $1 million or more because getting hacked can get expensive – fast.

Victims often lose customers and jobs after an event, Financial Services Roundtable said. After being hacked, companies typically have to bring in experts in data security, invest in upgraded systems, conduct investigations, notify affected customers, pay for identify theft protection and repair their reputations.

View the original content and more from this author here: http://ift.tt/1IFX5j2

from hacker samurai http://ift.tt/1HpSxAZ
via IFTTT

Insurers take on hackers | hacker samurai

from Hacker Samurai http://ift.tt/1HpSxAZ
via IFTTT

Is Your Next Flight Safe From Hackers?

Now that one airline has been forced to ground its flights, consumers are starting to wonder: is it still safe to fly? And if it is, what’s being done to ensure these hacks aren’t repeated?

Sebastian Mikosz, CEO of LOT (the Polish airline that was hacked), told reporters that this is a widespread problem.

“This is an industry problem on a much wider scale, and for sure we have to give it more attention,” said Mikosz, as quoted by Reuters.

Security experts are not overly optimistic about the situation.

“We see that it’s very easy — even some of the best, most well-funded institutions can have gaps and weaknesses,” Stephen Boyer, co-founder and CTO of BitSight Technologies, told Benzinga. “They can potentially ground flights because they can’t do the route planning or flight planning. There’s always some risk. I think it’s going to vary from organization to organization.”

Boyer said that he sees a pattern in the industry. When technologists are working on something new, they build the system to perform well. At this stage, security is an afterthought.

“We don’t [initially] build them with a threat model,” said Boyer. “Oftentimes we expose those threats later. These systems are enormously complex. I think they’re going to get more security now as people are turning attention that way.”

Rami Essaid, co-founder and CEO of Distil Networks, agrees that development does not happen with security in mind.

“We need a fundamental mind shift,” Essaid told Benzinga. “[We need to] think of the security aspect first and then develop around that.”

Until things change, Essaid expects to see more hacker attacks.
View the original content and more from this author here: http://ift.tt/1RLfcJk

from hacker samurai http://ift.tt/1eejTi2
via IFTTT

Is Your Next Flight Safe From Hackers? | hacker samurai

from Hacker Samurai http://ift.tt/1eejTi2
via IFTTT

HACKERS ATTACK SCRIPT.CC FOLLOWING SERVER UPGRADE; MINING SITE EXPECTS TO RESUME | hacker samurai

from Hacker Samurai http://ift.tt/1GHxOUD
via IFTTT

HACKERS ATTACK SCRIPT.CC FOLLOWING SERVER UPGRADE; MINING SITE EXPECTS TO RESUME

Hacking attacks occur at the least opportune times. Script.cc, a mining site, ran a server upgrade and later found its database had been breached. The company hopes to be up and running soon after moving to a new server following the attack that emptied its wallet.

Script.cc recently posted a notice advising customers they are running audits on all accounts and once the accounts have been verified, account holders will be able to log in.

ETA: June 30

“Our ETA stands at June 30th if everything runs smoothly, once we ‘relaunch’ all user balances will be available for withdraw,” the recent notice states.

June 24: Hackers Return

The company advised customers not to deposit any funds since the hackers still had access to the site. On June 24, the hackers returned and cleaned out the databases and taking the cat room with it, the site reported in an update. “That doesn’t affect us at all since we have many images of the database before the attack,” the site noted.

Cloudminingreviews.com, a mining review site that invites people to compare and find the best miners, ranks Script.cc as its fifth among its top mining sites. It gives the site five out of five stars for cost, four and a half stars for reliability, and sour stars for support. There are seven customer reviews.

View the original content and more from this author here: http://ift.tt/1NodDAp

from hacker samurai http://ift.tt/1GHxOUD
via IFTTT

Duo aims to protect personal data from hackers | hacker samurai

from Hacker Samurai http://ift.tt/1RL5vuD
via IFTTT

Duo aims to protect personal data from hackers

The founders of Triage Security are working to develop cybersecurity software that will help businesses and large organizations protect personal data from both outside hackers as well as attacks from within.

They are one of nine teams developing a concept at The Iron Yard’s third digital health accelerator in downtown Spartanburg. Triage Security CEO Rick Lawson and Chief Financial Officer Todd Betlem, both of Boiling Springs, said the accelerator has provided them with an incredible network of businesses and partners to support their work.

“Both Rick and I left our full-time jobs to pursue The Iron Yard program and are blessed to have very supportive wives and previous employers,” Betlem said.

Personal data protected by the company’s software will include customers’ names, addresses, Social Security and credit card numbers. The software will install without modifications to an underlying application, Betlem said.

Stolen health records usually sell for more than stolen credit card records and can provide hackers with more information that can be used for identity theft, Lawson said.

The software being developed by Triage Security will include algorithms to stop data leaks by using applications that monitor and protect themselves. Software packages will be customized and have the ability to stop cyberattacks as they happen and alert the effected organizations in real-time, Betlem said. In most cases, organizations that experience a cyberattack aren’t alerted about them until after they occur.

View the original content and more from this author here: http://ift.tt/1C12ZyL

from hacker samurai http://ift.tt/1RL5vuD
via IFTTT

Hackers, espionage threaten miners | hacker samurai

from Hacker Samurai http://ift.tt/1LDC26W
via IFTTT

Hackers, espionage threaten miners

Hackers and online corporate espionage have emerged as one of the top 10 threats to mining and resource houses for the first time, according to global accounting consultancy EY.

In its annual assessment of business risks facing the mining and metals industry, due to be released today, EY has put cybersecurity in its top 10 for the first time, based on discussions with key executives in the sector.

Alongside more traditional business risks — EY’s top three include lack of investment in future growth, productivity and access to capital — unchanged from last year, the global accountant has elevated IT security to ninth on its list.

The threat of hackers seizing control of remote operations centres — such as last year’s attack on a German steel mill that caused serious damage to a blast furnace — or the more traditional theft of pricing and operational data meant mining companies needed to take online threats more seriously, according to the EY report.

View the original content and more from this author here: http://ift.tt/1eedAuX

from hacker samurai http://ift.tt/1LDC26W
via IFTTT

DNI Head James Clapper “Salutes” Chinese For OPM Hack

If you can’t beat them, then you better offer compliments. That seems to be the attitude of U.S. Director of National Intelligence James Clapper when he announced Thursday it appears that Chinese hackers pulled off the network intrusion that led to the theft millions of personnel records from the federal government.

Speaking at a Washington intelligence conference on Thursday morning, Clapper said China was the “leading suspect” in the attacks, but then added that given the difficulty of the intrusion, “You have to kind of salute the Chinese for what they did.”

More on recent OPM hack

U.S. officials are still studying how many people were impacted in the recently discovered breach of records and background investigation data from the Office of Personnel Management, but it appears that up to 18 million Social Security numbers could have been compromised. The latest information also seems to suggest that sensitive personal information related to background checks on thousands of U.S. government employees was also accessed, which significantly ups the ante in terms of the potential intelligence value of the data.

President Obama signed an executive order nearly three months ago giving the Treasury Department the power to impose sanctions against any person who conducts a cyber attack that is a “significant threat” against the U.S. government or a U.S. firm. The Feds have not used these new powers yet, but according to knowledgeable sources, the White house team is seriously considering taking this route to punish the perpetrators.

On Thursday, presidential spokesperson Josh Earnest noted that the new legal power “gives the U.S. government a whole set of new tools that didn’t previously exist in responding to incidents like this.” He went further to say that the U.S. would not give advance notice of its “response to this incident, but they certainly are available.”

Of note, the Obama administration had avoided publicly attributing the breach to China to date, even though several officials have privately commented that the hackers were almost certainly Chinese.

Statement from DNI head James Clapper

In his comments, Clapper noted that hackers will continue to make efforts to steal information from the government and from American companies until we beef up deterrence against the theft of intellectual property and private records.

“The challenge here, the problem for us, frankly, is until such time as we can create both the substance and the psychology of deterrence, this is going to go on,” Clapper explained, “And that’s been frankly a struggle for us, because of concerns about unintended consequences and other related policy issues.”

This comment was apparently an allusion to an internal battle within the executive branch on how to respond to cyber attacks. Clapper noted the lack of a credible threat of retribution from the U. means policy makers must give “a lot more attention to defense.”

Clapper also argued that establishing a clear protocol for major hacking incidents would allow the government to state once a hacker crossed “a red line, at that point, what are we going to do about it?”

When asked what specific response would he recommend to the Chinese intrusion, Clapper refused to answer, saying that was up to the White House and other policy makers.

View the original content and more from this author here: http://ift.tt/1QUpuvy

from hacker samurai http://ift.tt/1TUrlQ7
via IFTTT

DNI Head James Clapper “Salutes” Chinese For OPM Hack | hacker samurai

from Hacker Samurai http://ift.tt/1TUrlQ7
via IFTTT

Lawmakers urge removal of top execs at computer-hacked agency | hacker samurai

from Hacker Samurai http://ift.tt/1KkfXdo
via IFTTT

Lawmakers urge removal of top execs at computer-hacked agency

Eighteen Republican lawmakers sent a letter to President Barack Obama on Friday requesting the removal of two Office of Personnel Management (OPM) executives after a data breach that compromised the personal information of millions of Americans.

Led by House of Representatives Oversight and Government Reform Committee Chairman Jason Chaffetz, the group called for the dismissal of agency Director Katherine Archuleta and Chief Information Officer Donna Seymour for the failure to correct vulnerabilities to OPM’s network despite warnings.

“We have lost confidence in Director Archuleta’s ability to secure OPM’s networks and protect the data of millions of Americans,” the letter read.

In a separate letter, Maryland Democratic Representative Chris Van Hollen asked Archuleta for greater identity theft protection for everyone potentially affected by the breach, not just the 4.2 million who have been identified so far.

“Extending identity theft protection is an important step in the direction of helping affected people cope with the potentially dangerous consequences of this breach,” he wrote.

Many members of Congress have sought Archuleta’s resignation since it was announced early this month that hackers had broken into OPM computers, compromising the data of millions of current and former federal employees.

The letters follow at least three public hearings in Congress recently in which Archuleta has testified that millions were affected by two separate data hacks – more than the 4.2 million that have been identified so far.

The FBI has said up to 18 million could have been affected.

View the original content and more from this author here: http://ift.tt/1GAmwSK

from hacker samurai http://ift.tt/1KkfXdo
via IFTTT

Building code violations, hackers, and a dented cruiser: Pepper Pike police blotter

Suspicion, Bryce Road: A resident, 72, arrived on station June 19 to report a fraudulent attempt to transfer funds out of one of his accounts.

Building code violation (summons served), Cambridge Lane: A summons was served June 22 on a woman who accepted it for her son, 65, co-owner of the house being cited. A police report indicated that building code violations on the single-family home had gone uncorrected at least since May 7, with a court date set for Aug. 5.

Building code violation (arrest), Gates Mills Boulevard: An officer was requested June 8 to serve a building code citation to a homeowner residing in the 32000 block of Gates Mille Boulevard (Pepper Pike) for an ongoing violation. A 51-year-old man was arrested.

Damage to property, Lander Road: While on a June 10 call to the Beechbrook juvenile residential facility, an officer noted damage incurred to the front bumper and push bumper of his cruiser.

View the original content and more from this author here: http://ift.tt/1LMCn4c

 

from hacker samurai http://ift.tt/1Ijy7dL
via IFTTT

Building code violations, hackers, and a dented cruiser: Pepper Pike police blotter | hacker samurai

from Hacker Samurai http://ift.tt/1Ijy7dL
via IFTTT

Threat Situational Awareness- Navigating The Flood Of Security Data | hacker samurai

from Hacker Samurai http://ift.tt/1IjvOak
via IFTTT

Threat Situational Awareness- Navigating The Flood Of Security Data

One of the top challenges facing security practitioners today is not simply defending themselves from the risk of attack, but prioritizing the constant stream of threat data they receive from security tool designed to protect them. “Too Much Information” is the new reality for many organizations and the question has now become how to identify important incidents from low-priority events.

During this interview with ICIT Fellow Danyetta Magana, Parham Eftekhari (Sr. Fellow, ICIT) will explore these topics and more as the two identify solutions to overcome this growing challenge.

 

View the original content and more from this author here: http://ift.tt/1JcobB6

 

from hacker samurai http://ift.tt/1IjvOak
via IFTTT

Proposed Cyber Legislation And Their Impact On The Security Community | hacker samurai

from Hacker Samurai http://ift.tt/1IjtGQa
via IFTTT

Proposed Cyber Legislation And Their Impact On The Security Community

As the number of breach incidents continues to climb, the importance of a highly skilled cybersecurity workforce on protecting our nation’s critical infrastructure sectors continues to grow. But how does proposed legislation impact the cyber communities ability to do their job?

During this podcast with ICIT Fellow Dan Waddell (Managing Director, National Capital Region, (ISC)2) we asses this question and look at issues including net neutrality and threat information sharing.

View the original content and more from this author here: http://ift.tt/1KhjIP3

from hacker samurai http://ift.tt/1IjtGQa
via IFTTT

Keeping Smart Cities Smart Preempting Emerging Cyber Attacks in U.S. Cities | hacker samurai

from Hacker Samurai http://ift.tt/1BS8SOo
via IFTTT

Keeping Smart Cities Smart Preempting Emerging Cyber Attacks in U.S. Cities

The Institute for Critical Infrastructure Technology, working closely with IOActive and other Fellows, has published its latest legislative briefing titled “Keeping Smart Cities Smart: Preempting Emerging Cyber Attacks in U.S. Cities“.   As more and more U.S. cities adopt ‘smart’ technologies,  America finds its urban centers  increasingly at risk for cyber-attacks which could bring entire cities to a standstill, wreak havoc for citizens and cost billions for governments and the private sector.

In this analysis, ICIT identifies the various types of technologies that are used in smart cities and how each type of technology is vulnerable to an attack (including likely attack scenarios).  The report closes by making recommendations on what vendors and policy makers must do to ensure that the technologies manufactured for use in smart cities are adequately secure.

This brief was sent to members of the House of Representatives Homeland Security Committee and Cybersecurity Caucus, presented to Representatives and Senators including Senators Markey and Alexandar and Congressmans Marchant, Ratcliffe and Langevin, federal agencies and select ISACs and DHS Sector Coordinating Councils.

The following experts contributed to this brief:

Author:

• Cesar Cerrudo, ICIT Fellow (CTO, IOActive)

Contributions by:

• James Scott (ICIT Senior Fellow – Institute for Critical Infrastructure Technology)
• Drew Spaniel (ICIT Visiting Scholar, Carnegie Mellon University)
• Chris Schumacher (ICIT Fellow – Sr. Technology Consultant, New Light Technologies)

GO HERE TO DOWNLOAD BRIEF

 

 

View the original content and more from this author here : http://ift.tt/1BS7ziF

from hacker samurai http://ift.tt/1BS8SOo
via IFTTT

Securing Federal Data Post OPM : Lunch and Learn | hacker samurai

from Hacker Samurai http://ift.tt/1Hk0MQU
via IFTTT

Securing Federal Data Post OPM : Lunch and Learn

This week the Institute for Critical Infrastructure Technology held a Lunch and Learn called “Securing Data for Today’s Federal Agency” which focused on the increasingly daunting task of protecting federal data in an age of information sharing and increased threats both inside and outside an agency.  An all-star cast of current and former federal agency leaders along with ICIT Fellows and industry partners shared cutting edge strategies, technologies and best practices to guide agencies through the uncertainty they face as they work to protect their assets.

Some of the key takeaways from the session included:

1. The importance of encrypting your data using technologies that enable the data owner to revoke access

2. Understanding the difference between secure information sharing and creating cultures of trusted information sharing

3. Accepting that there is no way to prevent data leakage from happening, so the mindset must change to ‘how do I gain better control over data knowing I will eventually lose control?”

4. The importance of integrating the various security products an agency uses into one security system, and taking the knowledge gleaned from that system and delivering it into the hands of end users who can use it to make decisions to protect the network and its assets

5. The emergence of predictive technologies like Behavioral Analytics which are providing agencies the ability to foresee breaches and prevent them from occurring

 

A special thanks to our Fellow Dan Skinner (Federal Practice Manager, WatchDox by Blackberry) and to Richard Spires (CEO, Resilient Networks; Former CIO, U.S. Department of Homeland Security) for hosting the Luncheon.

 

View the original content and more from this author here: http://ift.tt/1FF151i

from hacker samurai http://ift.tt/1Hk0MQU
via IFTTT

Prison Term Sought for Private Eye Who Hacked Email

Tony Ortega, a journalist, suspects his email was hacked because he writes about Scientology.CreditSonia Recchia/Getty Images for Sundance

In the end, the amount of money a New York private investigator made from people who paid him to illegally pilfer the emails of possibly dozens of people he was investigating was small — just $5,000.

But the privacy violation was so great that federal prosecutors are asking a judge on Friday to sentence the investigator, Eric Saldarriaga, 41, to serve as much as six months in prison to send a stern message about the wrongness of illegal hacking.

At least one of the people who had their email accounts hacked by Mr. Saldarriaga was a journalist who has written articles about the Church of Scientology and suspects that the investigator was hired to look into his work, according to a letter from the victim that prosecutors filed with the court on Thursday.

Prosecutors are seeking prison time for Mr. Saldarriaga, who lives in Queens, even though the court’s own probation department has recommended six months of home detention plus three years of supervised probation. The request for the stiffer sentence shows how serious the authorities are taking the hacking of emails and social media accounts.

“Unlike defendants in a gun or drug case, who often act without reflection, there is reason to believe that individuals who engage in hacking and other forms of cybercrime can be deterred by a substantial threat of penalties,” said Daniel S. Noble, a prosecutor working for Preet Bharara, the United States attorney for Manhattan, in a pre-sentencing memorandum submitted this week.

Mr. Saldarriaga, who pleaded guilty on March 6 to one count of conspiracy to commit computer hacking, paid an unidentified overseas firm to secure the login credentials and passwords for the email accounts he wanted access to without permission. Mr. Saldarriaga’s use of a so-called hacker-for-hire firm surfaced during a broad investigation into the illicit activity conducted by federal authorities in Los Angeles several years ago.

When federal authorities in New York approached Mr. Saldarriaga in March 2014 about his activities, they found him to be cooperative and willing to acknowledge that he had taken money from clients to break into private email accounts, according to a court filing. But to date, no one else has been charged in the matter.

Law enforcement officials are increasingly concerned about hackers breaking into email accounts at law firms, large companies and investor-relations firms to gather information about business strategies and potential corporate deals.

In December, FireEye, a computer security consulting firm, released a report about a sophisticated hacking group it called Fin4 that was taking aim at corporate email accounts at large pharmaceutical companies and financial services firms to get information about potential merger negotiations.

Before the release of the report, FireEye officials gave a private briefing toSecurities and Exchange Commission officials and others in law enforcement, alerting them that the information obtained by the hackers might be used by some to make potentially profitable trades, said a person briefed on that meeting but not authorized to speak publicly.

View the original content and more from this author here: http://ift.tt/1KfqLYC

from hacker samurai http://ift.tt/1dkIzEC
via IFTTT

Prison Term Sought for Private Eye Who Hacked Email | hacker samurai

from Hacker Samurai http://ift.tt/1dkIzEC
via IFTTT

Lecture app wins award for McMaster, Western hackers

Two McMaster students and one from Western University were among the winners of a Toronto hack-a-thon with an app that will transcribe a lecture podcast into notes.

ClassScribe is the invention of Alyssia Jovellanos and Jonathan Boulanger, first-year computer science students at Mac, and Martin Ciesielski-Listwan, a first-year software engineering student in London, Ont.

They won an HP sponsor’s prize — a GoPro camera — at the 24-hour AngelHack in Toronto earlier this month, competing against professional developers.

The hack-a-thon requires teams to come up with an idea and create a demo within 24 hours.

The winning group hopes to have ClassScribe ready to roll out in September. They are working on adding some functions and creating a business plan.

The trio say they came up with the idea for the app when thinking about problems they see around them.

While it might immediately be assumed that the problems to be solved with ClassScribe are 8:30 a.m. classes or boring lecturers, the students insist they were thinking about students with disabilities that make note-taking difficult or impossible.

The app, which builds on an open voice-to-text platform, includes algorithms that highlight often-repeated words and filter out fillers.

Features the group intends to include are zeroing in on words like “exam” and “test” and providing general summaries of a lecture’s contents.

Associate professor Christopher Anand says the translator will also be important to English-as-a-second-language students.

Anand, who teaches in the computing and software department and created McMaster’s software entrepreneurship program, said his son missed school for surgeries and that his university hired note-takers to attend class.

But it often took a week to get the notes.

“If this tool helps vulnerable students, maybe the university should be providing it.”

View the original content and more from this author here: http://ift.tt/1RCslo0

from hacker samurai http://ift.tt/1Kh5HCB
via IFTTT

Lecture app wins award for McMaster, Western hackers | hacker samurai

from Hacker Samurai http://ift.tt/1Kh5HCB
via IFTTT

Be very careful; warning about free city WiFi

It’s phase one of mayor Coderre’s “smart city plan”, but be careful.

You’ll be able to get free WiFi in the Old Port and elsewhere in Montreal.

The city says the free service will be available in the Old Port and around the Palais des Congres within weeks.

The cost? 2.4 million dollars.

But technology experts are issuing a warning, saying public wifi isn’t always secure, that hackers usually target such a public network.

Tech analyst Carmi Levy warns hackers can set up their own hotpots adjacent to legitimate locations hoping subscribers will sign in theirs as opposed to the genuine counterpart.

As a result, hackers could gain access to personal data, even if it’s not online banking.

“If a hacker gains access to your email, those are essentially the keys to the kingdom because we put everything in our email, all of our usernames, all of our passwords”, added Levy in an interview with CTV News.

Most people CTV News spoke with say the possibility of hackers getting their hands on personal information won’t really deter them, saying such a service is convenient.

View the original content and more from this author here: http://ift.tt/1HjC6b4

from hacker samurai http://ift.tt/1IhvPvt
via IFTTT

Be very careful; warning about free city WiFi | hacker samurai

from Hacker Samurai http://ift.tt/1IhvPvt
via IFTTT

How to protect your data from computer hijackers

There’s a threat lurking in the darkest corners of the web, waiting to strike — and it doesn’t discriminate. Individuals, businesses and even police departments have all found themselves victims of CryptoLocker, a particularly harmful form of malicious software (malware).

CryptoLocker falls into a category of malware known as ransomware, which is essentially a sophisticated extortion scheme. Unlike traditional viruses, whose purpose is to infect other computers, ransomware takes a user’s files “hostage” by encrypting them and then demanding a ransom for the decryption key.

Ransom payments are generally delivered via Bitcoin — a type of digital currency independent from any central bank. This independence makes bitcoins particularly difficult to trace and it also allows cybercriminals anonymity.

The ransom amount can range from $100 to hundreds of thousands of dollars. For hackers, this can be an extremely lucrative deal. In fact, a New York Times articlereported that experts estimated CryptoLocker hackers pulled in over $30 million in a 100-day period in 2013.

While there are several ways malware can infect your computer, the most commonly known method is by opening a suspicious email attachment. Ransomware can also be installed in a “drive-by download,” which happens when a user visits an infected site or clicks on a popup that redirects them to a harmful site.

If you’ve received the dreaded error message proclaiming your files are being held hostage until you pay up, your options are limited. You could pay the ransom, but there is no guarantee the hackers will make good on the promise to deliver the decryption key. Once infected, restoring your computer from a backup is your best option.

Fortunately, there are several preventative steps you can take to ensure you never have to face the tough decision of negotiating with hackers or losing your family vacation photos forever.

•Update your software frequently. Keeping software up-to-date is one of the simplest ways to decrease the likelihood of a cyber-attack. Not only should you be running the latest version of your operating system, but you should also keep programs such as Java, Acrobat, Flash and your web browser updated.

•Invest in antivirus software. With a wide array of choices (including some free options), there’s no excuse to not have antivirus software. While it may mean you have one more thing to keep updated, it’ll be well worth it in the end.

•Back your files up. Don’t overlook the importance of keeping a complete backup of your files both locally and off site. In the event that you do get hacked, you’ll be able to restore from the backed up files, which means minimal data loss and less headache.

Businesses can also implement preventative measures to ensure a single employee doesn’t accidentally compromise an entire system.

•Enact a software restriction policy. This is the best way for businesses to protect themselves from cyber attacks. Software restriction policies allow administrators to identify and control programs running on a system. Administrators can block or restrict the access of unapproved or unsupported software.

•Leverage centralized, policy-driven patch management. Establish a policy for acquiring, testing and deploying changes to the computer system. Patch management provides an organized way for a business to determine weaknesses in its system and then apply updates (called patches) to eliminate these vulnerabilities.

•Utilize web content filtering. Minimize risk by blocking access to potentially dangerous sites through a content filtering system. The software would scan for sites likely to pose a threat and block access to them.

•Don’t give employees administrator privileges. When creating employee accounts, be sure to designate user privileges instead of administrator privileges. Assigning user privileges limits the changes the account can make, which prevents employees from installing potentially malicious software.

Despite taking these defensive steps, end-user behavior is the key to prevention. Implement safe browsing and email habits, such as avoiding peer-to-peer file sharing and not opening unsolicited emails or attachments.

View the original content and more from this author here: http://ift.tt/1Kfhvnv

from hacker samurai http://ift.tt/1GBAJ0Z
via IFTTT

How to protect your data from computer hijackers | hacker samurai

from Hacker Samurai http://ift.tt/1GBAJ0Z
via IFTTT

Splatoon Hackers Make Octoling A Playable Character | hacker samurai

from Hacker Samurai http://ift.tt/1LJku6g
via IFTTT

Splatoon Hackers Make Octoling A Playable Character

Are you an octoling or a squid?

It’s been nearly a month since Nintendo’s squid-shooter was released and already the community is hungry for more. Following on from a cheeky fan who “data-mined” a disc copy of Splatoon to find out what exactly Nintendo had in store for the game’s player base, a video has now emerged of a playable octoling thanks to an enthusiastic Splatoon hacker.

With the octoling assets so readily available, it comes as no surprise footage such as this has already appeared. There are also weapon testing rooms and more on show. Take a look at the 9 minute video below and let us know in the comments if you think Nintendo will ever make playable octolings a reality in Splatoon via DLC.

View the original content and more from this author here: http://ift.tt/1KeNc0f

from hacker samurai http://ift.tt/1LJku6g
via IFTTT

You’re on your own': Codan fights back after Chinese hacking attack | hacker samurai

from Hacker Samurai http://ift.tt/1GsPAvp
via IFTTT

You’re on your own': Codan fights back after Chinese hacking attack

Hackers steal $US160 billion ($208 billion) worth of intellectual property from Western companies every year, according to cyber-security experts. The damage, they say, is incalculable and Western governments have made it a priority to protect their nations’ commercial assets.

But try telling that to Donald McGurk, chief executive of Adelaide-based communications, metal detection and mining technology firm Codan, who has watched sales and prices of his firm’s metal detectors collapse since Chinese hackers stole its designs three years ago to sell cheap imitations into Africa.

With the Australian government wary of rocking the boat ahead of this month’s historic signing of a free trade deal with China, McGurk says he was forced to hire a private investigative firm in China to stage a series of raids on counterfeit factories.

“They said you’re on your own,” McGurk said, referring to the Australian government officials he lobbied to help with his problem. The Australian government did not immediately respond to queries about Codan.

Codan’s experience provides a rare look at the longer-term impacts of hacking on companies, as most keep the extent of incidents under wraps. In fact, experts say many firms continue to turn a blind eye to cybersecurity even as hackers become increasingly sophisticated.

A PriceWaterhouseCoopers report found the average information security budget dropped 4 per cent to $US4.1 million last year, reversing a three-year trend of rising funds to tackle cybercrime. That was even as the total number of detected security incidents jumped 48 per cent to 42.8 million globally, PWC said.

Bryce Boland, chief technology officer for Asia at cyber-security firm FireEye, said many companies are too focused on the reverse engineering capabilities of Chinese companies, which allow them to copy products within weeks of their public launch.

“They may be good at reverse engineering but they’re much better at just getting the plans during the development phase (via hacking) and leveraging those immediately,” Boland said by telephone from Singapore.

Codan began to realise it had a problem when it started receiving faulty metal detectors back into its services centre in 2011. Those products, stamped with the Codan logo, had unrecognisable, inferior parts.

Hacked using the hotel wifi

Then the Australian Security Intelligence Organisation (ASIO) came knocking: a Codan employee’s laptop had been hacked into when he logged on using hotel wifi during a business trip to China. With an African gold rush underpinning demand for the metal detectors, Codan’s blueprints had been filched by a Chinese manufacturing chain.

McGurk asked the Australian government for help, requesting they speak to Chinese authorities, but discovered his company was on its own. McGurk believes a landmark free trade deal with China, recently signed after more than a decade of negotiations, was responsible.

“No one wants to muddy the waters by putting in play something that’s negative,” he said.

The company instead spent “significant sums” on private investigators, who worked with China police to track the supply chain of the counterfeit metal detectors.

They discovered it led to Dubai, where police raids found “significant” numbers of counterfeit gold detectors in storage, en route to Sudan, Guinea and Niger.

China meted out jail terms of up to two years for the principals of three first-tier manufacturing companies in the supply chain, while Dubai fined several players around $5000 each, McGurk said.

Codan, meanwhile, was forced to slash the price of its gold detectors from around $4000-$5000 to around $2500 to compete with the counterfeiters.

The company’s net profit collapsed to $9.2 million in the year to June 30, 2014, from $45 million a year earlier as a result.

China’s infiltration of private online business has returned to the spotlight this month after United States officials blamed Chinese hackers for compromising the records of up to four million current and former government employees.

China has called the US comments irresponsible, while President Barack Obama vowed that the US would aggressively bolster its cyber defences.

‘It’s like playing Whack-A-Mole’

Behind these public state-level spats, many companies are fighting a quieter battle where the front keeps changing.

FireEye said it uncovered a hacking campaign in June by a China-based group it calls APT3, targeting organisations in the aerospace and defense, construction and engineering, high tech, telecommunications and transportation industries.

FireEye says APT3 engages in “phishing”, a technique of sending company employees innocuous emails containing website addresses which trick them into downloading programs that automatically lead to protected information. It says APT3 is especially sophisticated because it constantly changes online identities, making it difficult to track.

Codan is ramping up its defences. The company is introducing encrypted products, employs three or four people to work full-time on preventing hacking-led counterfeiting and has a lawyer whose sole role is to coordinate those efforts.

“I don’t think you could ever presume it’s behind you, but now we’re in a position to understand what’s happened,” McGurk said. “It’s like playing Whack-A-Mole. They just pop up somewhere else.”

View the original content and more from this author here: http://ift.tt/1Lw4gAx

from hacker samurai http://ift.tt/1GsPAvp
via IFTTT

Exclusive: Chinese Cyber-Thieves Hack FBI in Dangerous Breach | hacker samurai

from Hacker Samurai http://ift.tt/1e57kW2
via IFTTT

Exclusive: Chinese Cyber-Thieves Hack FBI in Dangerous Breach

Chinese hackers have in recent months penetrated an untold number of FBI agents’ personnel files, Newsweek has learned, in a breach with potentially dangerous national security implications.

The FBI, along with the Department of Homeland Security, is not only responsible for investigating the massive breach of federal Office of Personnel Management (OPM) computers by suspected Chinese cyber-thieves, which was reported earlier this month, but is principally responsible for detecting domestic terrorist plots and foreign spies.

The extent of the FBI penetration, reported here for the first time, is unknown. An FBI spokesman referred an inquiry to OPM, which has said 4 million federal employee files were breached.

James Trainor, acting assistant director for the FBI’s cyber division, said at a fiery congressional hearing Wednesday that the number may be more than four times that.

An FBI source told Newsweek he was notified by OPM in May that his personnel file had been penetrated by hackers in the same Chinese intrusion.

“This is the second notification that I’ve been breached,” the veteran agent said on the condition of anonymity. “They got me through Anthem Blue Cross, now they have me through OPM. I think of the 17 million they have on file, they’re only notifying 4 million. But I was notified last month.”

Anthem Blue Cross, which insures millions of government employees, announced last February that it had been hit by a sophisticated cyberattack that may have affected 8.8 million to 18.8 million people who were members of other Blue Cross Blue Shield plans.

Asked whether the entire FBI workforce of over 36,000 agents and support personnel had been compromised, the agent responded: “I don’t think so…. but it’s pretty ugly. I guess [OPM staff] outsourced some of their software to a Chinese company. Unfortunately I don’t think anyone’s going to be fired like they should be.”

Any penetration of the FBI could have “mind boggling” effects, he said, “because there are counterintelligence implications, national security implications.”

Security problems also dogged the training of new FBI agents in recent months. Two classes were cancelled in September due to congressional budget cuts that reduced the number of personnel dedicated to conducting background investigations of trainees for security clearances. They are “all on track now,” an FBI spokesman said.

Nor is this the first time the FBI has been hacked. A Balkan-based hacker connected to the group Anonymous claimed in February 2014 that he had penetrated FBI files.

“Black-Shadow of the Slovenian branch of Anonymous said he has posted the FBI domain email addresses and passwords for 68 agents…” website Techeye reported. “His post also includes a short profile on FBI director James Comey, including sensitive information such as his date of birth, his wife’s name, the date they got married, his educational history and even the geographical coordinates of his residence.”

View the original content and more from this author here: http://ift.tt/1BNfIVs

from hacker samurai http://ift.tt/1e57kW2
via IFTTT

Suspect in $55 Million A.T.M. Scheme Is Extradited to U.S. | hacker samurai

from Hacker Samurai http://ift.tt/1e54Xmk
via IFTTT

Suspect in $55 Million A.T.M. Scheme Is Extradited to U.S.

A man who prosecutors say orchestrated one of the biggest bank thefts in American history faced charges in the United States after fighting extradition from a German jail for a year and a half.

The suspect, Ercan Findikoglu, 33, is accused of stealing more than $55 million in a series of thefts that prosecutors said was stunning in its sophistication, involving hackers gaining access to bank computers and runners withdrawing millions in cash from A.T.M.s within hours.

For years, Mr. Findikoglu, who prosecutors say went by the online code names “Segate” and “Predator,” meticulously stayed off American soil to avoid Secret Service agents investigating the case. Even after being arrested in Germany in 2013, he fought extradition to the United States for 18 months. But on Tuesday, an airplane with Mr. Findikoglu touched down in New York for his day in court.

On Wednesday, Mr. Findikoglu pleaded not guilty to 18 charges, including computer intrusion, bank and wire fraud conspiracy and money laundering, in Federal District Court in Brooklyn. The judge agreed with prosecutors that no bail should be granted to Mr. Findikoglu, a Turkish citizen, because he probably had enough cash to flee the country.

“Cybercriminals, and especially hackers as this defendant is alleged to be, wreak havoc and steal millions of dollars by breaching our information systems and networks with clicks and keystrokes from the perceived anonymity of their computers at locations all over the globe,” Kelly T. Currie, acting United States attorney for the Eastern District of New York, said in a statement.

Mr. Findikoglu’s lawyer, Christopher Madiou, declined to comment.

Others suspected of taking part in the A.T.M. thefts have already been arrested. The Justice Department’s long effort to bring Mr. Findikoglu to trial highlights the Obama administration’s desire to prosecute those accused of coordinating online attacks on American companies from abroad.

Prosecutors said the A.T.M. thefts spanned three years, from 2010 to 2013, and targeted multiple institutions, including JPMorgan Chase, MasterCard and the American Red Cross.

Prosecutors said that hackers including Mr. Findikoglu wormed their way into the computer systems of financial institutions that process prepaid debit cards. Next, they said, the hackers significantly raised the withdrawal limits normally set for the cards, which are often used to pay employees or aid disaster victims.

In the final step, resembling a movie version of a bank job, but without the masks, teams of thieves in at least 24 countries sped from A.T.M. to A.T.M. using the cards to draw out money. On the Saturday before Christmas in 2012 alone — a day when A.T.M.s are flush with cash for holiday shoppers — one team withdrew $400,000 from 140 locations in New York in less than three hours, the prosecutors said.

View the original content and more from this author here: http://ift.tt/1LqOdDh

from hacker samurai http://ift.tt/1e54Xmk
via IFTTT

Hackers Stole Secrets of U.S. Government Workers’ Sex Lives | hacker samurai

from Hacker Samurai http://ift.tt/1LqJiCb
via IFTTT

Hackers Stole Secrets of U.S. Government Workers’ Sex Lives

A failure to communicate – The top 5 ways to improve the weakest link in information security

By HP Security Strategist Stan Wisseman

In a previous post, I highlighted five primarily technology-based actions you can take to greatly enhance your security program. However, as we’ve heard many times, people are the weakest link in the security chain. “What we have here is failure to communicate.”

This line from “Cool Hand Luke” sums up the challenge we have in the information security field. We all need to think differently on how to have business success with the constant threat of attack (or as Luke would say, you’ve got to “get your mind right”). That includes users, partners, executive management and board members. Raising the collective security IQ of the workforce can be one of the most cost effective, proactive security controls you can implement.

The recent SANS Security the Human: 2015 Security Awareness Report had 3 key findings:

1. Support is essential: It is clear that security awareness pro­grams will continue to fail until they get the same emphasis and support as technical controls. To address this, we have to better educate senior leadership that cyber security is far more than just bits and bytes; it also includes the human element.
2. Soft skills are lacking: The majority of those in charge of security awareness programs have highly technical backgrounds and lack the necessary communication or human behavior skills. The importance of communication skills for information security professionals was also emphasized in the 2015 (ISC)2 Global Information Security Workforce Study results.
3. Security awareness is still in its infancy: Majority of programs surveyed were immature. The report notes that if we are

To effectively change behavior regarding information security, employees and executives must feel a sense of urgency and understand not only that they are targets, but also that their actions play a key role in securing the organiza­tion. Effective organizations:

1. Have an engaged, security aware workforce. General security awareness activities (newsletters,security awareness month, etc.) are important to remind the workforce of security best practices and of imminent threats. Testing users for their ability to avoid phishing scams will help reduce the threat of this common attack vector to the enterprise.  Role-based security training programs are essential as well. For example, the2015 HP Cyber Risk Report found that “…most vulnerabilities stem from a relatively small number of common, well-understood software programming errors.” Developers need training on software security best practices to effectively build more secure applications. Provide workforce incentives (e.g., spot bonuses, reward points) to put a spotlight on examples of security awareness behaviors you want to see. Likewise, it’s necessary to penalize those that place your organization at risk;

2. Have clear policies and procedures that prioritize the protection of data and IT assets and which foster compliance with security standards. Policies and procedures are always important, but they are essential for information security. You need to create and publish your policies to gain consensus on how you will handle specific security issues. Policy rules need to be clear, simple, understandable, and achievable by the workforce;

3. Have the support of executive leadership. Translate information security issues into terms of risk – that’s the language they understand. Make it personal and show how they’ll be impacted. Stage realistic security incident exercises that brings in other stakeholders like outside council, communications, solution providers to participate. The annual renewal of cybersecurity insurance can also drive a useful discussion.

4. Have learned to work together and respond to security incidents, collaborating effectively. Practice makes perfect and you should exercise the Incident Response team on a regular basis to ensure that roles are understood and they aren’t learning on the job during an incident. The Incident Response plan needs to be accessible to all parties (e.g., on a mobile app). Don’t forget to communicate with employees, key business partners, and customers in a timely manner post-incident;

5. And, is obtaining critical intelligence by sharing information externally, with trusted partners and government agencies. Holistic threat intelligence is not a single player sport – we need to collaborate just like our adversaries are doing. US government agencies like the FBI and DHS want to partner with private industry in dealing with the cybersecurity threats (e.g., InfraGard andInformation Sharing and Analysis Organizations (ISAOs)). While there are concerns with sharing incident and threat information with the government, as reflected in this ICIT brief, sharing IoC data with others may help them, and you, avoid an incident. You can also leverage commercial platformsto establish your own trusted communities to share threat intelligence data.   

A cultural mind shift on cyber security is needed similar to the one that had to take place for auto safety. It took decades to understand the risks, pass appropriate legislation and then change human behaviors to reduce the risk factors and associated injuries. I still recall being a passenger in the 60’s without a seat belt in the back of my family’s station wagon – something I certainly wouldn’t allow today with my kids (wouldn’t own a station wagon, either!) Real change started when Ralph Nader, an early advocate for auto safety, wrote a book and spoke to Congress of auto safety in terms the general public and legislators could understand. 

With regards to Detroit engineers, Nader said they had a “…general unwillingness to focus on road-safety improvements for fear of alienating the buyer or making cars too expensive.” Sound familiar? Once regulations were imposed, auto companies complied and there were massive advertising campaigns to convince the public to buckle up – efforts to enhance auto safety continue to this day.

Significant security incidents like the ones that have recently hit Sony Pictures and OPM can raise security awareness and spawn some remediation actions. However, reactions like the US Federal government’s 30-day sprint won’t change the underlying mindset or behavior of the workforce. A concerted effort over a longer period of time will be required.

HP Enterprise Security University has a wide range of eLearning and stand-up security courses available. HP recently released Security User Awareness training based on theSANS Critical Security Controls. HP also has an Executive Breach Response framework available to ensure that executive stakeholders can respond confidently to security incidents.

Learn more about HP Enterprise Security and http://ift.tt/1LwzAPC.

from hacker samurai http://ift.tt/1eIGKTQ
via IFTTT

A failure to communicate – The top 5 ways to improve the weakest link in information security |...

from Hacker Samurai http://ift.tt/1eIGKTQ
via IFTTT

Feds unsure how hackers got credentials to hit HR system | hacker samurai

from Hacker Samurai http://ift.tt/1GyuB9D
via IFTTT

Feds unsure how hackers got credentials to hit HR system

Federal officials still don’t know how hackers got a hold of credentials that allowed them to break into the government’s main human resources computer system, stealing the most sensitive personal information on millions of Americans, the agency chief told Congress on Tuesday.

Months after the breach was detected, many of the details remain unclear — including how many millions of people have been affected and what kinds of data was stolen.

But Office of Personnel Management Director Katherine Archuleta insisted nobody should be fired or otherwise punished for the breach, saying they are all working diligently to try to get a handle on the situation.

“I don’t believe anyone is personally responsible,” she told the Senate Appropriations Committee. “I believe that we’re working as hard as we can to protect the data of our employees, because that’s the most important thing that we can do. And I take it very seriously. I’m angry as you are that this has happened toOPM, and I’m doing everything I can to move as quickly as I can to protect the systems.”

The Obama administration is working up an estimate to see if it will need to demand more money from Congress to fix the problems, which auditors said extend far beyond OPM and likely touched many agencies who are behind on their technological defenses.

Ms. Archuleta said the latest hack was actually two breaches: One that grabbed the personal information of more than 4 million federal employees, and another that got into the government’s background check system, and may have exposed the most sensitive of information about millions.

it followed three smaller cybersecurity attacks in 2014.

Ms. Archuleta’s explanations aren’t sitting well with some lawmakers who say the questions are stacking up.

“The extent of the damage done by these attacks is not yet fully known, nor is it fully known how quickly OPM has moved to address the most glaring problems,” Sen. Ben Sasse, Nebraska Republican, wrote in a letter to Ms. Archuleta and to White House budget office Director Shaun Donovan and Homeland Security Secretary Jeh Johnson.

He said it’s also not clear that the steps the OPM has taken in the aftermath of the hacks will be effective in protecting systems in the future, and could take up to two years to complete.

Ms. Archuleta said even discovering the two major recent hacks is a sign that her agency is getting better. The attacks traced back to late last year, but weren’t discovered until officials began upgrading systems this year and noticed previous weird activities in the logs.

At least one of the breaches happened because someone used authentication credentials from an OPM contractor, Keypoint, which itself was hit by one of the earlier 2014 breaches.

Ms. Archuleta said they don’t believe the company was at fault — though investigators aren’t sure exactly how the hackers got the credentials.

“We have not identified a pattern or a material deficiency that resulted in the compromise of the credentials,” she said. “And since last year we have been working with Keypoint and they have taken strides in securing its network and have been proactive in meeting the additional security controls that we have asked them to use to protect all of the background data.”

The OPM has promised those affected by the hacks will be given 18 months of credit monitoring and identity risk insurance, at a cost of about $20 million to federal taxpayers. Notices have gone out to the more than 4 million persons identified in one of the hacks.

 

Federal officials still don’t know how hackers got a hold of credentials that allowed them to break into the government’s main human resources computer system, stealing the most sensitive personal information on millions of Americans, the agency chief told Congress on Tuesday.

Months after the breach was detected, many of the details remain unclear — including how many millions of people have been affected and what kinds of data was stolen.

But Office of Personnel Management Director Katherine Archuleta insisted nobody should be fired or otherwise punished for the breach, saying they are all working diligently to try to get a handle on the situation.

 

“I don’t believe anyone is personally responsible,” she told the Senate Appropriations Committee. “I believe that we’re working as hard as we can to protect the data of our employees, because that’s the most important thing that we can do. And I take it very seriously. I’m angry as you are that this has happened toOPM, and I’m doing everything I can to move as quickly as I can to protect the systems.”

The Obama administration is working up an estimate to see if it will need to demand more money from Congress to fix the problems, which auditors said extend far beyond OPM and likely touched many agencies who are behind on their technological defenses.

Ms. Archuleta said the latest hack was actually two breaches: One that grabbed the personal information of more than 4 million federal employees, and another that got into the government’s background check system, and may have exposed the most sensitive of information about millions.

It followed three smaller cybersecurity attacks in 2014.

Ms. Archuleta’s explanations aren’t sitting well with some lawmakers who say the questions are stacking up.

“The extent of the damage done by these attacks is not yet fully known, nor is it fully known how quickly OPM has moved to address the most glaring problems,” Sen. Ben Sasse, Nebraska Republican, wrote in a letter to Ms. Archuleta and to White House budget office Director Shaun Donovan and Homeland Security Secretary Jeh Johnson.

He said it’s also not clear that the steps the OPM has taken in the aftermath of the hacks will be effective in protecting systems in the future, and could take up to two years to complete.

Ms. Archuleta said even discovering the two major recent hacks is a sign that her agency is getting better. The attacks traced back to late last year, but weren’t discovered until officials began upgrading systems this year and noticed previous weird activities in the logs.

At least one of the breaches happened because someone used authentication credentials from an OPM contractor, Keypoint, which itself was hit by one of the earlier 2014 breaches.

Ms. Archuleta said they don’t believe the company was at fault — though investigators aren’t sure exactly how the hackers got the credentials.

“We have not identified a pattern or a material deficiency that resulted in the compromise of the credentials,” she said. “And since last year we have been working with Keypoint and they have taken strides in securing its network and have been proactive in meeting the additional security controls that we have asked them to use to protect all of the background data.”

The OPM has promised those affected by the hacks will be given 18 months of credit monitoring and identity risk insurance, at a cost of about $20 million to federal taxpayers. Notices have gone out to the more than 4 million persons identified in one of the hacks.

View the original content and more from this author here: http://ift.tt/1IdKdoE

from hacker samurai http://ift.tt/1GyuB9D
via IFTTT

SEC INVESTIGATES HACKERS SUSPECTED OF STEALING CORPORATE EMAILS | hacker samurai

from Hacker Samurai http://ift.tt/1LmyUeE
via IFTTT

SEC INVESTIGATES HACKERS SUSPECTED OF STEALING CORPORATE EMAILS

For the very first time, the government is investigating cybercriminals suspected of insider trading. The Securities and Exchange Commission (SEC) is investigating a group of hackers who appear to have systematically broken into email systems at biotech and health care companies. The SEC posits the hackers were specifically looking for information on mergers and other market-shaking events.

Eight companies have reportedly been contacted by the SEC for information on a possible compromise of their email systems. According to Reuters, this is the first time the SEC has asked companies about “possible breaches in connection with an insider trading probe.”

The bulk of the targeted companies come from the biotech and health care spheres. Reuters says the SEC investigation—and a parallel Secret Service investigation—were spurred by a late 2014 report from security firm FireEye about a group called Fin4. FireEye, previously covered by Fast Company, noted that the hackers targeted executives, legal counsel, consultants, and researchers. They gained access to the targets’ inboxes by creating imitations of Microsoft Outlook login pages, duping people into providing their user name and password information. It’s unclear at the moment how many companies were compromised.

View the original content and more from this author here: http://ift.tt/1LmyZiE

from hacker samurai http://ift.tt/1LmyUeE
via IFTTT

CryptoWall: Hackers using bitcoin to demand ransoms | hacker samurai

from Hacker Samurai http://ift.tt/1LmrDLR
via IFTTT

CryptoWall: Hackers using bitcoin to demand ransoms

Web users have to worry about yet another security threat: ransomware. The FBI now estimates that losses due to ransomware, a type of malware, topped $18 million dollars in the last year.

Unfortunately, hackers have been using bitcoin and other digital currencies as their primary choice for payments. As bitcoin transactions hide the identity of the receiving party, the digital currency has become a top choice for hackers and other people engaged in illicit activities.

With ransomware, computer hackers basically take control of sensitive or valuable information and hold it hostage. If users do not pay a ransom, they lose access to the data.

Ransomware has become one of the fastest growing and most common types of security threats threatening the web. Between April of 2014 and June of 2015, the FBI’s Internet Crime Complaint Center received 992 complains related to Cryptowall, the most commonly used ransomware software.

As already mentioned, ransomware could be generating $18 million dollars in costs. Much of the costs are accrued not through ransoms, however, but instead post-attack costs, such as network mitigation, increased security measures, legal costs, and lost productivity.

Ransoms can range from a few hundred dollars to several thousand dollars, depending on the nature of the information and the targeted person or company. The highest reported ransoms demand so far have been for $10,000 dollars.

Dell SecureWorks estimates that as many as 600,000 computers have been infected with one variant or another of CryptoWall. Dell estimates that as much as $1 million dollars in ransoms have been paid out, making the malicious malware one of the most profitable scams of all time. Many of the ransoms were paid using bitcoin.

CryptoWall can infect computers running either Mac or Windows operating systems. So far, it does not appear that Linux computers or servers are at risk.

What is Cryptowall?

“Cryptowall” is a trojan horse that encrypts files on a compromised computer and then forces the owner to either pay up, or lose access to their files. The malware can be spread through compromised websites, infected emails, and other means.

Encryption is itself a type of security measure that makes it very difficult for a party to open a file or hard drive without having proper access. Many people encrypt their hard drives, for example, making it almost impossible for outside parties to gain access to the files unless the owner him or herself unlocks the files.

The ransom is time-limited, meaning that if you do not pay within a given period of time, your files will be encrypted forever. It is very difficult to break encryption. Even spy agencies, such as the National Security Agency have trouble breaking through encrypted files (though most types of encryption can be broken with the right expertise and resources).

The malware can be downloaded to your computer through ZIP files, PDFs, and various other types of files. Many users falsely trust some of these files when downloading them because the files are “non-executable”. Unfortunately, hackers do not need to use executable files to infect your computer.

Hackers use the Tor network and other methods to hid their identity. Forcing users to pay with bitcoin also helps to conceal the hacker’s identity, making it very difficult for people with compromised computers to take legal action.

The software and its variants go under a wide variety of names, such as CryptoDefense, but all function in a similar way. Gain access to a computer, corrupt registries, and take sensitive data hostage. The malware was first discovered in June of 2014, though a precursor called CryptoLocker appeared in September of 2013.

While bitcoin has been a net positive for the online community, the cryptocurrency’s anonymity makes the currency a great option for those engaged in illicit activities. From facilitating drug deals through websites such as the infamous Silk Road, to acting as an untraceable currency for ransoms, bitcoin has its advantages for criminals.

View the original content and more from this author here: http://ift.tt/1IcR0Pk

from hacker samurai http://ift.tt/1LmrDLR
via IFTTT

Calling All Hackers: MIT Hacking Medicine@SG Now Open | hacker samurai

from Hacker Samurai http://ift.tt/1N9ZupJ
via IFTTT

NSA spying: France summons US envoy over Wikileaks claims | hacker samurai

from Hacker Samurai http://ift.tt/1N9Zu9t
via IFTTT

Calling All Hackers: MIT Hacking Medicine@SG Now Open

Whether you’re a student, programmer, clinician, designer or engineer, MIT Hacking Medicine@SG wants you and your ideas!

AsianScientist (Jun. 24, 2015) – For the first time, MIT Hacking Medicine will be held in Singapore on July 25-26, 2015. Co-located with the largest ever hackathon in Singapore, Hackathon@SG, the event aims to generate solutions that provide a better quality of life for the elderly.

Born out of the gaps in the industry, medical hackathons bring clinicians and other healthcare professionals together with a diverse group of engineers, students, programmers, designers and entrepreneurs to solve the toughest problems in healthcare. Because of the wide range of perspectives from various sectors, the ideas generated are often multidisciplinary and provide innovative solutions to complex healthcare issues. The theme for the MIT Hacking Medicine@SG 2015 is “Aging-In-Place”. Co-organized by MIT Hacking Medicine and the Singapore-MIT Alliance for Research and Technology (SMART), and supported by the Infocomm Development Authority of Singapore, the hackathon aims to reduce hospital stays, encourage wellness and seamlessly connect the elderly to their healthcare providers and family caregivers.

Teams participating in the MIT Hacking Medicine@SG 2015 will have 24 hours to develop solutions based on the “Aging-In-Place” theme. Teams can also choose to work on additional, more specific challenge statements which will be released at a later stage after the pre-hackathon workshop on July 1, 2015.

They are also required to produce a prototype to demonstrate their solution and participate in a final pitching segment at the end of the hackathon. There are S$25,000 worth of prizes up for grabs, with a top prize of S$9,000 for the winning team. Successful teams will also be eligible for follow-on grants to help commercialize their solutions. MIT Hacking Medicine will also be sending ten event managers and mentors to facilitate the event, including Entrepreneur-In-Residence at MIT Mr. Zen Chu. Previous participants of MIT Hacking Medicine, such as Podimetrics and Smart Scheduling, have gone on to launch their own companies and even run clinical trials on products first conceptualized at the hackathon. So if you have an idea that you have been itching to execute, register by emailing here with your name and occupation by July 16, 2015! Asian Scientist Magazine is proud to be a media partner of MIT Hacking Medicine@SG 2015.

View the original content and more from this author here: http://ift.tt/1fAgif9

from hacker samurai http://ift.tt/1N9ZupJ
via IFTTT