WebProNews

Tag: cyber attacks

  • Iran Linked To Cyberattack on BBC

    Iran’s government has gone to some considerable lengths lately to muzzle the internet within the country’s borders. Not content with only blocking Google sites and encrypted search merely once in February, the government blocked SSL connections as well as many social networking sites a second time last month ahead of the country’s parliamentary elections at the beginning of March.

    This month, the Irani government is suspected of a “sophisticated cyberattack” on the BBC, likely a denial-of-service attack, that coincided with the country’s attempt to jam the satellite feed of the news service into Iran. In a planned speechto the Royal Television Society, Director General of the BBC Mark Thompson, while avoiding saying too much about the attack, will explain that “on the day of the cyber-attack there had also been an attempt to disrupt the Persian Service’s London phone-lines by the use of multiple automatic calls.”

    Cutting off service of the BBC’s Persian-language services isn’t entirely out of the scope of possibility for the Iran’s government, which has been open the drive to create about its own national internet. The annual “Enemies of the Internet” report from Reporters Without Borders cited several other attempts by Iranian authorities to undermine the freedom of the internet, such as not outright shutting down the speed of the internet but rather slowing it down to the point of ineffectiveness. Iran also maintains a formidable “cyber army” capable of carrying out cyberattacks as well as policing the internet for dissidents. Also, Iran is not shy to throw people into prison based on their activities on the internet.

    At the time of writing this, Iran couldn’t be reached for a statement (i.e., no Google searches turned up comments from Iranian authorities).

    Awkwardly, the spokeswoman for BBC couldn’t provide further comment to the BBC regarding the attack.

  • FBI Director Talks Cyber Attacks

    Terrorism is obviously still the most dangerous threat facing the United States. Cyber attacks and cyber terrorism may one day become the most dangerous threat, however, according to the FBI.

    The director of the FBI, Robert Mueller, recently spoke at the RSA Cyber Security Conference in San Francisco about what his organization is doing to stop cyber crime.

    Mueller began by telling a story of how iCloud and the Find my iPhone app helped stop a theft in New York City. He used this as an example of how technology is “an investigative tool.” Technology can also be used as a means of attack, however, and the FBI takes this new threat very seriously.

    He went on to say that traditional crime has now moved to the Internet. On the same note, terrorists are now using the Internet to recruit and raise money.

    In response to this, he began to detail what the FBI is doing to fight back against the increasing number of cyber threats. The first, of course, being cyberterrorism.

    He says that terrorists are becoming more “cyber savvy” and using the Internet to grow their business. The worst part is that they aren’t even hiding, but conducting their online business out in the open.

    He points to the Twitter account of Al Shabaab, an Al Qaeda affiliate in Somalia, that uses its account to taunt its enemies and encourage terrorist activity.

    While there has not been a major cyberattack from a terrorist cell yet, he says to not underestimate them. He points to a terrorist recruiting video that says cyber warfare is the warfare of the future.

    He then goes on to say that state-sponsored hacks and economic espionage are major threats as well. The main threat being foreign hostile nations seeking to steal “our intellectual property and our trade secrets for military and competitive advantage.”

    The main threat seems to be from state-sponsored hacking as they have “the time, the money and the resources to burrow in, and to wait.”

    He also calls attention to what he calls “hackers for profit” who steal information to sell to the highest bidder. He says that while these hackers may have been isolated groups before, they are now joining forces to create criminal syndicates.

    All of this results in the loss of data. What does that mean? Mueller says that we are “losing money… losing ideas and losing innovation.”

    What is the FBI doing about it? Mueller says that they have set cyber squads in every one of their 56 field offices, with more than 1,000 specially trained agents. He says that the FBI’s dual role in “law enforcement and national security” allows them to be “uniquely positioned to collect the intelligence we need to take down criminal networks, prosecute those responsible, and protect our national security.”

    Globally, the FBI has teamed up with police departments around the world in 63 offices to help discover “emerging trends and key players.”

    He says that their efforts are paying off. He references an investigation called “Operation Ghost Click” that targeted “a ring of criminals who manipulated Internet “click” advertising.”

    While terrorism remains the organization’s top priority, he expects cyber threats to be the number one threat to the U.S. in the near future.

    To combat this new threat, he says that all of their special agents will be trained in “fundamental skills to operate in this cyber environment.”

    He says that they are also creating a virtual environment where agents from all over the world can coordinate on attacks wherever they may happen.

    To help them combat the new threat of cyberterrorism, they are pushing for a national data breach reporting law. This would require any organization targeted by a hack to immediately report the intrusion to the FBI.

    For those companies who may not want to share the news of a hack, he says not to worry:

    You may believe that notifying the authorities will harm your competitive position. You may fear that news of a breach will erode shareholder confidence. Or you may think that the information flows just one way—and that is to us.

    We do not want you to feel victimized a second time by an investigation. We will minimize the disruption to your business, and we will safeguard your privacy. Where necessary, we will seek protective orders to preserve trade secrets and business confidentiality. And we will share with you what we can, as quickly as we can, about the means and the methods of attack.

    To reiterate the severity of cyber attacks, he says that there will be only two types of companies in the future – “companies that have been hacked and those that will be” Even then, he says that further in the future it will become “companies that have been hacked and will be hacked again.”

    To protect data, he feels that companies need to limit the data that can be “gleamed from any compromise.” Companies must also “segregate mission-centric data from routine information.”

    The end of the speech really hits home the whole point that Mueller is trying to make:

    In the days of the Roman Empire, connectivity was on the rise—new roads, new ways of communicating, and a new postal system to handle the influx of written documents. Postal deliveries were the high point of the day. People coming from every direction would converge at the port to meet the delivery boats arriving from Egypt.

    As they say, the more things change, the more they stay the same.

    Today we have the so-called “BlackBerry Jam,” where several individuals—heads down, shoulders slumped, all furiously typing, talking, reading, or browsing at once—come to a head on a crowded corner. We are all guilty of this conduct.

    All those years ago, Seneca argued that the more connected society becomes, the greater the chance that the individual will become a slave to that connectivity. Today, one could argue that the more connected we become, the greater the risk to all of us.

    We cannot turn back the clock. We cannot undo the impact of technology. Nor would we want to.

    But we must continue to build our collective capabilities to fight the cyber threat…we must share information…we must work together to safeguard our property, our privacy, our ideas, and our innovation.

    We must use our connectivity to stop those who seek to do us harm.

    Do you agree with Mueller about the threat posed by cyber attacks? Is the FBI doing enough to deter them? Or can more be done than what is already planned? Let us know in the comments.

  • 10 Years after 9/11, Cyber Attacks Are Big Threat

    In light of the 10th anniversary of 9/11, security experts are warning that cyber attacks could be the biggest area of threat. This news, however, should not come as a major shock, since attacks have been on the rise recently and have even managed to reach organizations such as Sony and Epsilon. This week, the famous “Anonymous” has even gone so far as to launch a new Twitter hijacking tool.

    What is your biggest cyber security concern? Let us know.

    Dr. Farshid Delgosha, a professor at the New York Institute of Technology, told us that the reason these attacks are becoming more prevalent is a result of the “widespread usage of ubiquitous computing.” In other words, consumers are able to access the Internet and complete tasks from nearly anywhere through mobile devices. While mobile developments have brought about an increased level of convenience for consumers, there are still risks involved.

    “This makes it easier for attackers to monitor wireless traffic exchange, hack into someone’s device, and steal personal data,” said Dr. Delgosha.

    Another reason he believes cyber attacks have increased is because consumers have become overly confident on the Internet. Social networks are, in part, to blame for this trend since they create a comfortable, fun environment for consumers to share information.

    “Individuals are becoming more confident in their online activity because that is where technology is taking us,” he said. “We should be cautious.”

    While mobile and social media are both areas of vulnerability in regards to security, Dr. Delgosha does not think that open platforms pose any real danger. He told us that they could be secure if they are properly designed. On the topic of cloud technology, he was a little more cautious and said that it needs more work and understanding.

    Even though technological advances can make it easier for attackers to breach security, Dr. Delgosha was quick to point out that he is not against mobile devices, social media, and other new developments. He does, however, think that people should be aware of the security issues involved and take them seriously.

    “Every person, any corporation, no matter what the size is – small or big – they should take security very, very seriously,” he said.

    He went on to echo what Charles Dodd, a U.S. government consultant on cyber defense, told us in June when he said, “Cyber will be the next generation warfare.”

    “Now, because of the widespread usage of the Internet and the Web and the great deal of information and sensitive information that exists on the Web, definitely that [cyber] is the battleground in the future,” said Dr. Delgosha.

    In an attempt to bring these issues into the spotlight and protect consumers and businesses, he, along with the entire team at the New York Institute of Technology, are putting on a Cyber Security Conference on September 15. The event hopes to examine and increase awareness of all these security issues.

    This past week, Senator Richard Blumenthal introduced the Personal Data Protection and Breach Accountability Act of 2011. “The goal of the proposed law is essentially to hold accountable the companies and entities that store personal information and personal data and to deter data breaches,” he is quoted as saying. ”While looking at past data breaches, I’ve been struck with how many are preventable.”

    Essentially, businesses would face substantial fines for not complying with a set of guidelines.

    We’ll continue to monitor the progress on that front, but clearly cyber security is being taken more seriously than ever.

    How concerned are you about cyber attacks? Let us know in the comments.

    View 9/11 and Freedom Tower news and media at NYC-Tower.com.

  • McAfee Defends Its Position on Operation Shady RAT

    Earlier this month, tech security firm McAfee issued a report, in which it revealed an attack that has been compromising organizations since 2006. The report is called Operation Shady RAT and is said to have infected at least 72 organizations across 14 different countries.

    What’s more is that the victims have been government agencies, defense contractors, and organizations such as the International Olympics Committee. From the report, it appears that the attacker, which McAfee calls a “nation state actor,” was going after information regarding diplomatic, economic, and military issues such as valuable intellectual property or trade secrets.

    “We can expect to see that information utilized for building competitive industries and taking away market share in the near future,” said Dmitri Alperovitch, the Vice President of Threat Research at McAfee and the author of the report.

    McAfee did not identify the attacker, but numerous reports have labeled China as the assailant. China, however, has denied these claims.

    Alperovitch went on to say that McAfee had been tracking the attack for some time but that it recently gained access to one specific command and control server used by the attackers. Through it, they were able to identify all the victims that had been compromised and understand the magnitude of its impact.

    “This really provided us a very complete picture of the full impact of these attacks on our entire economy, as well as nationally,” said Alperovitch.

    Other security firms, however, do not see eye-to-eye with McAfee’s report. Symantec has said that the attack was neither “advanced” nor “sophisticated” since it was able to freely access the same information about the victims on the attackers’ control and command site.

    In the Shady RAT report, Alperovitch said the focus of the analysis was on Advanced Persistent Threats (APTs). He told us that this term was coined by the government to describe a nation state actor that had committed cyber espionage against the government but that it was expanded to include any nation state that was performing computer network exploitation (CNE). He doesn’t think that the other security firms should focus on the terminology and said that a better acronym would be SPT to stand for Successful Persistent Threats.

    According to him, the attacks were only as advanced as they needed to be. The attackers didn’t have to use new tools or new tactics because the old ones were able to get them what they wanted.

    “One of the things that differentiates this activity from traditional criminal activity is that they’re really interested in you as an organization,” he said. “They don’t necessarily care about how well your competitors are doing… they’re going after you because of unique data that you have related to your intellectual property, or specific projects you’re working on, or sensitive business information.”

    “They can’t get that data anywhere else, which is why they’re targeting you,” he added.

    Alperovitch believes this activity is different from criminal activity because criminals have a financial motive. If they feel one bank, for example, is too hard to rob, they will try another bank.

    “Some firms correctly stated that some of these attacks were not very advanced, and we never claimed they were,” he said. “They were successful, and they were devastating from the impact to these organizations, but they were only as advanced as they needed to be.”

    Sophos has also spoken out against the Shady RAT and said that it doesn’t clearly state “what information was stolen from the targeted organisations, and how many computers at each business were affected.” It additionally claims that McAfee may have released the report to drum up some publicity since it was released just before the BlackHat security conference began.

    Eugene Kaspersky, the co-founder of Kaspersky Lab, also had some words to share about what he calls “Shoddy RAT.” He said it was a botnet that did not deserve as much attention as it had gotten and referred to McAfee’s conclusions as “largely unfounded and not a good measure of the real threat level.”

    In response to this criticism, McAfee CTO Dr. Phyllis Schneck wrote a post and said that these security firms were missing the big picture of the report. When we spoke to Alperovitch, he echoed her sentiment.

    “It doesn’t really matter how these intrusions are being done,” he said. “The fact of the matter is, they’re successful, and they’re having a massive impact on our economy.”

  • Lockheed Martin Hacked, Pentagon to Consider Cyber Attacks Acts of War

    Defense contractor Lockheed Martin was recently hit with a cyber attack, but is downplaying the notion of any major threat, as is the U.S. Department of Defense.

    While little has been revealed in the way of details surrounding the attack, the company says it was able to act quickly and protect critical data. Lockheed Martin released the following statement:

    On Saturday, May 21, Lockheed Martin detected a significant and tenacious attack on its information systems network. The company’s information security team detected the attack almost immediately, and took aggressive actions to protect all systems and data. As a result of the swift and deliberate actions taken to protect the network and increase IT security, our systems remain secure; no customer, program or employee personal data has been compromised.

    Throughout the ongoing investigation, Lockheed Martin has continued to keep the appropriate U.S. government agencies informed of our actions. The team continues to work around the clock to restore employee access to the network, while maintaining the highest level of security.

    To counter the constant threats we face from adversaries around the world, we regularly take actions to increase the security of our systems and to protect our employee, customer and program data. Our policies, procedures and vigilance mitigate the cyber threats to our business, and we remain confident in the integrity of our robust, multi-layered information systems security.

    Headquartered in Bethesda, Md., Lockheed Martin is a global security company that employs about 126,000 people worldwide and is principally engaged in the research, design, development, manufacture, integration and sustainment of advanced technology systems, products and services. The Corporation’s 2010 sales from continuing operations were $45.8 billion.

    Lt Col April Cunningham, is quoted as speaking on behalf of the Defense Department, saying the impact on the Pentagon was “minimal and we don’t expect any adverse effect.”

    Today, it’s being reported that the Pentagon has now decided that cyber attacks can be considered acts of war – a subject that will be addressed in its cyber strategy, which will be made public ( in part) in June. The Wall Street Journal reports:

    The Pentagon’s first formal cyber strategy, unclassified portions of which are expected to become public next month, represents an early attempt to grapple with a changing world in which a hacker could pose as significant a threat to U.S. nuclear reactors, subways or pipelines as a hostile country’s military.

    In part, the Pentagon intends its plan as a warning to potential adversaries of the consequences of attacking the U.S. in this way. “If you shut down our power grid, maybe we will put a missile down one of your smokestacks,” said a military official.

    Less than half of the cyber strategy will actually be available for public consumption, according to the report. That is, I assume, if they can manage to keep it off Wikileaks.

    The subject of cyber attack as an act of war will no doubt see plenty of heated debate in the months to come, but it is clear that recent events have made the subject a much more critical one for discussion and solution.

    On a semi-related note, PBS had its site hacked on Sunday, after the airing of a documentary about Bradley Manning (discussed here) as a nod to Wikileaks and Anonymous.

  • Google Partners with NSA on Cyber Attack Analysis

    Update 4: Google has reportedly now teamed up with the National Security Agency to analyze the attack and try to better defend against such attacks in the future.

    Update 3: The Chinese government has reportedly denied that it had any involvement in the much publicized cyber attacks against Google and other companies. AFP provides the following quotes:

    The "accusation that the Chinese government participated in (any) cyberattack, either in an explicit or inexplicit way, is groundless and aims to denigrate China," an unnamed spokesman for the Ministry of Industry and Information Technology told state news agency Xinhua.

    "We are firmly opposed to that," the spokesman said…

    "We urge the United States to respect facts and stop using the so-called Internet freedom issue to criticise China unreasonably," said foreign ministry spokesman Ma Zhaoxu.

    Update 2: The Chinese government has reportedly spoken up regarding Secretary of State Hillary Clinton’s speech, regarding China and Google.

    CNN quotes a spokesman for China’s Ministry of Foreign Affairs as saying, ""We’re firmly against this statement that goes against truth and damages U.S.-Sino relationship," adding that the Chinese government views the Google case as a "business dispute" that shouldn’t affect relationships between the U.S. and Chinese governments.

    Update:     In a speech today, Secretary of State Hillary Clinton called upon China to investigate the attacks on Google and the State Department will reportedly file "a formal protest over the complaints."

    Original Article: Google may try to continue with operations in China, even if it shuts its search engine down due to censorship. You must remember that Google is much, much more than just a search engine, and the censoring search results doesn’t necessarily come into play in all other aspects of its business.

    According to the New York Times, Google will be holding talks with Chinese government officials soon, which will likely determine the fate of Google’s operations in the country, and to what (if any) extent those operations will continue to exist.

    "In most countries, Google draws the majority of its revenue from ads that appear on its search engine, but the No. 1 source of revenue in China comes from ads that Chinese companies place on Google’s sites in the United States," reports Miguel Helft with the Times. "A person knowledgeable about Google’s business in China said ads that run on a network of Chinese Web sites are the company’s second-largest source of revenue in the country. Google can retain both of those if it is allowed to keep a sales force and advertising network there."

    Google China

    The question is, is the Google China situation going to be an all or nothing scenario? We will probably know soon enough if said talks get underway (according to the Times they will be in the coming days and weeks).

    On a related note, the Wall Street Journal has spotted that Google is showing ads on search Google+Leaves+China”>results related to the situation that point to the company’s official blog post that announced its decision to stop censoring search results in China. I guess that’s the best way to make sure the true source turns up no matter what combination of related keywords are used to search for information on the matter (I wonder what that says about the SEO vs PPC debate)?

    On yet another related note, security Vendor F-Secure says that the cyber attacks that kicked this whole thing into motion are now targeting United States defense contractors ( Via NetworkWorld). The firm says malicious PDFs under the guise of official Department of Defense documents were sent to them.


    Related Articles:

    > China Responds To Google Situation

    > Baidu’s Stock Soars Following China News

    > Google May Quit China

  • China Responds to Google Situation

    Update:  Chinese government officials have responded to Google’s proposed actions. As reported by Bloomberg:

    "The Chinese government administers the Internet according to law and we have explicit stipulations over what content can be spread on the Internet," Foreign Ministry spokeswoman Jiang Yu said at a regular briefing in Beijing today. Chinese law prohibits hacking and other forms of online attacks, she said, declining to say whether that law also applies to state agencies.

    "Effective guidance of public opinion on the Internet is an important way of protecting the security of online information," Wang Chen, director of the State Council Information Office, said in a question-and-answer session with reporters, a transcript of which was posted on the office’s Web site today.

    Google.cn has reportedly stopped censoring its results, and many expect it to be blocked, although (at least from here in the U.S.) it is currently still accessible, and even has a doodle up.

    Original Article: Google’s situation in China appears to be the biggest story to hit the tech industry in some time, at least in terms of discussion. If you’re not up to speed, we covered Google’s announcement here. What it boils down to is that Google may shut down its operations in China, where it has been censoring search results. Google is now taking the stance of no longer censoring, and the world is waiting to find out if and how China and Google can resolve the issue.

    Share your two cents about the Google China situation.

    It has come to light that the attacks against Google that kicked this whole thing off were part of a string of attacks against 33 companies according to iDefense (this is more than the "at least 20" Google suggested). The other companies are all unknown at this point, except Adobe. Wired Threat reports:

    A hack attack that targeted Google in December also hit 33 other companies, including financial institutions and defense contractors, and was aimed at stealing source code from the companies, say security researchers at iDefense.

    The hackers used a zero-day vulnerability in Adobe Reader to deliver malware to the companies and were in many cases successful at siphoning the source code they sought, according to a statement distributed Tuesday by iDefense, a division of VeriSign. The attack was similar to an attack that targeted other companies last July, the company said.

    As Google noted in its announcement, it looks like a goal of the attackers was to access the Gmail accounts of Chinese Human Rights activists. Again, more on the original story here.

    Hillary ClintonThe U.S. government is now involved. Secretary of State Hillary Clinton issued the following statement:

    We have been briefed by Google on these allegations, which raise very serious concerns and questions. We look to the Chinese government for an explanation. The ability to operate with confidence in cyberspace is critical in a modern society and economy. I will be giving an address next week on the centrality of internet freedom in the 21st century, and we will have further comment on this matter as the facts become clear.

    Opinions and speculation are rapidly flying around all over the web. Some feel that Google’s move is more of a business decision than really about "not being evil" and ethics. Robert Scoble, who is "torn" on this notion, has an interesting analysis up, in which he talks about "the push and pull of China" based on his travels to the country.

    Here are a few other noteworthy reactions from various blogs and news outlets:

    Henry Blodget at Silicon Alley Insider:

    "Google made the right decision to build a business in China a few years ago.  And it’s making the right decision now, by threatening to pull out of the country if China doesn’t relax its censorship demands. "

    "Google’s decision to make a big public threat now, when it controls 15%-20% of China’s search market and is known to most Chinese Internet users, will put far more pressure on the Chinese government to relax its policies than a boycott of the country five years ago would have."

    Google matters in China now. 

    Jeff Jarvis at Buzz Machine:

    Note that even Google’s cofounder, Sergey Brin, has waffled if not agonized over the company’s China policy.

    I can well be accused of being a Google fanboy; I wrote the book. But I have been consistent in my criticism of Google’s actions in China. And so now I have not choice but to become even more of a fanboy. I applaud Google for finally standing up to the Chinese dictatorship and for free speech.

    Will the Chinese people revolt at losing Google? We can only hope. Will other companies now have to hesitate before doing the dictators’ bidding? We can only hope. Will Google be punished by Wall Street? It probably will. But as I’ve argued, we should hope that Google’s pledge, Don’t be evil, will one day be chiseled over the doors of Wall Street.

    Frank Reeding at Marketing Pilgrim:

    While the Chinese people are clearly in favor of Baidu as their engine of choice, if Google were to say that they will not do business in China what kind of pressure does that place on other companies to possibly isolate the biggest and fastest developing market in the world? This could get interesting.

    From the New York Times:

    "The whole industry will become worse," says Yu Yang, chief executive of Analysys International, a Beijing-based research firm. "As for Baidu, without competition with Google, Baidu has no motivation to innovate."

    Stephen E. Arnold at Beyond Search:

    "Amidst the furor of the Google – China issue, I noticed that most of the pundits ignored the global disruptive power of a Google decision. I may be one of the few—maybe the only addled goose—pointing out that Google operates like a nation-state, not a garden variety company."

    Patrick Chovanec at Seeking Alpha

    But in China, nobody issues an ultimatum — especially not to the government — unless they are fully expecting a final and irreconcilable break. As long as you have some hope of a favorable outcome, you bite your tongue. That’s precisely why Facebook, YouTube, and Twitter have uttered not a word of complaint, even as a six-month ban on accessing those sites has left their Chinese market share in ruins. Google’s decision to publicly throw down the gauntlet — a move sure to be seen by the Chinese government as a virtual declaration of war — is a sign the company has already written off China and is ready to pack its bags.

    Philipp Lenssen at Blogoscoped quotes Google lawyer on CNBC:

    David Drummond When CNBC asked Google’s David Drummond in an interview, "Can you verify… that the cyber attacks were government based?”, David answered: "I want to be very careful here and be very clear. We’re not saying, one way or the other, whether these attacks were state-sponsored or done with any approval of the state. We can’t speculate on that at this point. What we do know is that they were highly organized, and we believe that the attacker came from China, and we know that political dissidents and people interested in human rights in China were clearly targeted here."

    As another speculative reason, Google now fighting for an uncensored Google.cn could have been part of the original plan, too: first, get into the market and find a relevant amount of users; second, potentially use that user base leverage for discussions about free speech issues.

    Rebecca MacKinnon at RConversation:

    Google’s decision was tough and is going to have a great deal of difficult fallout. Still, based on what I know, I think Google has done the right thing. They are sending a very public message – which people in China are hearing – that the Chinese government’s approach to Internet regulation is unacceptable and poisonous. They are living up to their "don’t be evil" motto – much mocked of late – and living up to their commitments to free speech and privacy as a member of the Global Network Initiative.

    The best way to keep up with the most recent commentary may be to follow a query like this on Twitter.

    Though there has already been an incredible amount of discussion on this topic, you can pretty well guarantee that it is only the beginning. As more of the story unfolds, it’s going to be quite interesting to see how the Google China situation turns out. It is big for the search industry in China, and it is big on a government level. It will also be interesting to see what to what extent the U.S. government gets involved.

    What do you think of Google’s actions? Share your thoughts in the comments.

    Related Articles:

    > Google May Quit China

    > Gmail Switches to Default Https Encryption Following Attack

    > Google Bows to Chinese Authors on Book Scanning