Australia is Spending Millions on Cyber-Security

In this day and age, cyber-security is a huge issue for countries and companies alike, and everyone wants to upgrade and protect their systems. The latest to join this barrage of countries if Australia who recently announced a new strategy in cyber-security.

Prime Minister Malcolm Turnbull launched the new strategy in Sydney, with a budget of $178 million, the scheme will look to bolster their defensive and offensive capabilities. That’s right while he didn’t confirm if the country had used its offensive capabilities against other countries, Turnbull did acknowledge it had hacking capabilities by saying that it “adds to [Australia’s] credibility as it promote norms of good behaviour on the international stage and, importantly, familiarity with offensive measures enhances [its] defensive capabilities as well.”

The funding will create new centers for cyber-security and give 5,000 companies the means to test their security. Supporting the country and the companies based within the new funding will look to support an already growing cyber economy, something which the schemes document claims is “growing twice as fast as the rest of the global economy”.

With GCHQ stating that a recent investment into cyber-security didn’t go as well as planned and a recent survey showing that executives thinking cyber-security is an IT problem, any investment to protect people from malicious hackers online should be welcome.

Obama to Appoint Execs From Uber, Mastercard & Microsoft to Cybersecurity Panel

Cybersecurity is a big issue this year, with people becoming more and more aware of the steps that both governments and companies are making to gain access to or stop others accessing their data. After its recent attempt to get Apple to help bypass the security features on an iPhone, the FBI rather embarrassingly revealed that government systems had been accessed by an unknown party since 2011. In a move to help combat cybersecurity issues, President Obama intends to appoint executives from several major technology companies to a new cybersecurity panel to help act on these matters.

As part of a $19 billion proposal, the Commission on Enhancing National Cybersecurity will see people who are described by President Obama as being “dedicated individuals [who will] bring a wealth of experience and talent to this important role, and I look forward to receiving the Commission’s recommendations.”.

Among the names appear the likes of General Keith Alexander, director of the NSA from 2005 till 2014; Ubers Chief Security Officer Joe Sullivan; the CEO of MasterCard Ajay Banga and corporate vice president of Microsoft Research, Peter Lee. With these being just a few of the names listed, the list seems to be focused on gathering the support of those who have experience within the industry, and while the released statement may be an announcement of his intent, any of the members on the list could provide valuable insight into cybersecurity.

Cyber Warfare Could Become A Specialist Combat Unit In The US

The saying goes that “to be prepared is half the victory”, this is never more the case in the modern day when everything can change in a split second. With the modern day battle happening months and even years before the first shot is fired, warfare happens every day on the internet attacking the minds and systems of countries with no warning. In response to this growing threat, cyber warfare could soon become a specialist combat unit within the United states military.

Currently, anything relating to cyber warfare is united as part of a “sub-unified command” beneath the U.S. strategic command, but reports are coming in that Defence Secretary Ash Carter may be looking at turning the cyber command unit into a full combatant command.

This would put cyber warfare on bar with the nine that currently operate within the U.S. military including six commands based on their geographical areas (Pacific, Europe, Africa, Middle East, Central and Southern command) and three based on their areas of specialty, such as the transportation command, strategic command (those in charge of nuclear forces) and special operations command groups. Moving out from strategic command to become the 10th COCOM (Combat Commander Exercise combatant command) would be a big step in realising the threat of cyber warfare and the steps that countries need to take to protect people beyond the lines of maps.

Executives Feel Like Cyber-Security is Just an IT Problem

Cyber-security is a big issue, with people and companies finding out the hard way that their security is exposed when it turns up online for sale or they receive phone calls advertising features with details they never hand out. With big companies like TalkTalk and even the government being victims of hacks, people are acting more and more with security at their mind front. This may change though soon as a survey of executives found they felt like cyber-security is just an “IT problem”.

The survey questioned 1,530 C-level executives, that is anyone who’s job title contains chief or another word beginning with c in it. This illusion of responsibility, one which often ends up landing with executives, comes as companies spent 25% more on information security in 2015 compared to 2014.

The survey was conducted on companies that were deemed “vulnerable” resulted in 91 percent of the executives saying that they couldn’t interpret a cybersecurity report, with 40 percent of those responding admitting that they didn’t even feel responsible for cyber-security.

These figures are certainly more than a little scary, with company executives feeling like they aren’t responsible on every level for protecting your information or even being aware of the threats and dangers that they encounter. In a day and age where you are more than likely to be attacked via the internet and your computer systems than on a street, it is the responsibility of everyone, especially those in power, to make sure that they uphold their legal responsibilities, even if that comes at a weeks crash course in cyber-security.

Former CIA Director Thinks EU “Gets in the Way” of Security Services

Security is a big issue with companies and governments alike having issues raised when it comes to people’s data. With the UK soon to take part in a referendum, the EU is at the heart of debates about security, both digital and physical. It would seem that some think the EU doesn’t quite help security services.

Retired General Michael Hayden, former director of the CIA, seems to think that the EU wasn’t “a natural contributor to national security”. The EU proposed late last year a set of guidelines for its member countries to follow in cybersecurity, with specialist teams designed to help track and address issues, countries would be expected to share information and help each other learn about the new threat that can be found in the digital world.Digital

Digital security became a big topic when Edward Snowden revealed the extent that the US government (and other governments around the world, including the UK) monitored and tracked people’s information. Europe is currently debating how the new data sharing policy it has with the US should look like, a decision that will change how much information both Europe and America will be allowed to store, save and access.

Mr. De Backer of the Belgian Group of the Alliance of Liberals and Democrats for Europe has stated that members of the EU need to forget the “old concept of sovereignty” and understand that sharing information and pooling resources could only be beneficial to security services, something that is all too true for global systems like the internet.

Blackberry to Launch Cyber-Security Consulting Service

BlackBerry used to be a major name in the mobile phone industry. They used to be one of the go to companies if you were a business looking for smartphones but with recent reports that BlackBerry is looking to exit the smartphone industry and reports of layoffs looking to confirm this it has come as a surprise that the company has now made a move in a new direction, cybersecurity consulting.

BlackBerry’s were known as secure phones, offering business security and peace of mind when it came to their employees communications and John Chen, the executive chairman and CEO of BlackBerry saying in a statement that:

“We recognize that security vulnerabilities are a top risk concern for public and private sector organizations alike. The creation of our Professional Cybersecurity Services practice and acquisition of Encription reinforces our commitment to providing customers the industry’s most secure mobility solutions and helping them to assess and mitigate risks”

To start the process, which will go by the name of Professional Cybersecurity Services (PCS), the U.K. based cyber security consulting firm Encryption Limited is currently being acquired by the company.

With cyber security being raised by everyone from the agencies and companies like FBI and Apple to children tracking software uKnowKids, the market is screaming out for security specialists and with their history in the industry, this could be the move that puts BlackBerry back into the public eye.

TMZ Falls Victim to Malvertising Campaign

Malicious online activity in the form of hacks, malware and viruses have seen an exponential increase over the past 5 years, the rise in the number of consumers online coupled with a lax understanding concerning the dangers of the many cyber threats has led to more and more victims. Malvertising is one such example of how online advertisements could be hijacked and used to spread Malware through Malicious ads.

This technique has now found a new victim after online gossip site TMZ was found to be harbouring malicious online advertisements. For those who are unfamiliar with the site, TMZ is a hugely popular website that features expose, gossip and general breaking news concerning the world of celeb, the site pulls in over 30 million visitors a month and is a major attraction for online revenue, below is a summary of the attack.

It has been observed that the attack has the same ad chain pattern; this is from “ContextWeb (PulsePoint) to Smarty Ads and eventually various rogue advertisers”. The latter is leveraging CloudFlare’s infrastructure with the aim of hiding the servers location as well as encrypting the advertisement delivery to consumers via the website.

 

 

The malicious ad is pretty cheap to deliver when you consider it costs “$0.19 (£0.12) for one thousand user impressions (CPM)” 

These attacks are designed to be as cheap as possible with the aim of targeting high impact traffic targets, on a side note, many websites try to discourage users from using popular ad blockers when accessing their sites, perhaps malicious advertisements leading to exploit kits is not the best deterrent.

Images courtesy of malwarebytes and nickcannon

Air Force Cyberspace System is Fully Operational

I know it sounds like it comes straight out of a movie but I promise this is all really happening. Air Force Space Command (AFSPC) is a part of the United States Air Force, focused mostly on supporting worldwide operations through digital means such as satellites or cyber tools. As with every part of the government and even business, any system connected to another proves a risk. One of the first ways you can limit that risk though is to limit the number of points you can access the system through. Something that the Cyberspace System can now do thanks to its fully operational status.

Fully operation status (or FOC) means that the new system is online and ready to control traffic between and in bases while also looking at the communications coming into the Air Forces operations. Previously the Air force had over 100+ regionally managed entry points to the network, imagine tracking down all those different access points if there was a problem! The new system means there are only 16, offering a much smoother and controlled entrance into their systems, effectively creating a solid wall to help reduce risks to their network and operations.

While impressed, Brigadier General Stephen Whiting, the Director stated, “This is a great achievement for the Air Force and the first cyberspace weapon system to achieve FOC.  We look forward to continued rapid progress and maturation of the Air Force Cyberspace mission. As we all know, our mission is to fly, fight and win in air, space and cyberspace”

So next time you see that movie and they are tapping away at the keys pinging nodes from all over the world to try to find a way into your system, you can be safe that the people using those systems know what their doing and are watching out for those who might misuse them!

The Unique World Of 2016 Cyber Security Predications

2016 is here and I still want my hoverboard, by this, I mean an authentic Back to the Future machine and not the cheap plastic device that is currently being marketed. Anyway, this year promises to be compelling for a number of reasons including Cyber Security and the nature of locking data away from the many threats that now lurk within the Cyber walls. Various individuals have had their predictions concerning the coming year’s potential cyber security issues and I thought it would be interesting to convey a selection of the many theories below.

A Cyber Attack will look to exploit the 2016 US presidential election
This may be classed as an outside possibility, even though it would be technically possible whether it will happen is a different matter, this prediction arrives courtesy of Ryan Olson, director of threat intelligence for Palo Alto Network who states that hackers could look to obtain private information from candidates via emails or social network accounts.  Any sensitive information that might be released could, in theory, sway an election, unless you’re Mr Trump who says what he thinks anyway.

Virtual Boarders that control access to the Internet
This theory is far from new, but could be a reality if certain powerful figures are able to exert major control over the internet.  According to Kaspersky Lab, we could see a development of Internet borders that divide access to information along country lines.

Hacked data could become a huge commodity
2015 became the year of the hack and included everything from Dating websites to the leaking of huge databases containing sensitive government details, according to Dmitri Alperovitch, CTO and co-founder of Crowdstrike, who states that hackers are aiming to build up huge stocks of information that contain multiple strands of data. This could lead to blackmailageddon, or something equally terrifying, whereby extortion attacks on individuals and companies are widespread.

Chinese VS Russian Hackers
This one sounds like an opening scene from Rush Hour, but no, according to experts with IID predict, as China’s economy stops growing, many cyber hackers might turn from Cyber espionage to cybercrime. This could then lead to criminal activity that is far bigger than that of Easton Europe.  Is it possible?  You never know considering the technical expertise many hackers possess in china.

Cyber attacks will destroy a major brand or product.  
This prediction from Mark Painter who is a security evangelist for Hewlett-Packard Enterprises is quite feasible considering the many holes which exist within certain tech products.  This individual states that “We are increasingly close to finding out in 2016 if a major product will shut down due to security issues”. Adobe Flash springs to mind considering we all know companies would quite happily cut their losses if a product becomes more trouble than it’s worth.

Will any of these come true?  Only time will tell, especially if Ronald McDonald becomes president.

Image courtesy of PCWorld

Juniper Networks Finds ‘Unauthorised’ Code in Its Software

Cyber security and the integrity of applications are essential for consumers to have confidence their details will be kept safe and not intercepted by a third-party. Well known internet hardware company Juniper networks have issued a warning concerning a discovery it has made within its firewall software, which could have led to a third-party being able to decrypt data which has been sent through an encrypted VPN (Virtual Private Network)

During a recent internal code review, it was discovered that “unauthorised code” had somehow made its way into Juniper’s ScreenOS software, it’s interesting to note that many ISPs (Internet Service Providers) and also large firms implement the companies routers and network switches. The vulnerability could have allowed a third-party, or as the company refers to the threat as a “Knowledgeable attacker”, could be 12-year-old for all we know, to gain administrative access to NetScreen devices and to decrypt VPN connections.

The unwanted slice of extra code has been present within different versions of ScreenOS since 2012. Juniper has confirmed that it is not aware or received any reports of the vulnerabilities being exploited and urges everyone running the affected devices to quickly apply the released patches with the aim of stripping the unauthorised code out of its firewall software ASAP.

It’s a serious breach and questions will surely be asked concerning how the code managed to make its way into the software.

Image courtesy of smarteranalyst

New Regulations Pave the Way for Self Driving Cars on the Road

The development of self-driving cars promises to offer consumers an exciting future, now, regulators in the sprawling metropolis known as California have published draft proposals aimed at paving the way for consumers to legally use self-driving cars on the road.

Included within the recommendations from the Department of Motor Vehicles is the stipulation that a fully licensed human driver must be present behind the wheel in case the technology fails or decides to drive into the nearest hedge. I understand the fully licensed bit, but I would have thought the whole point of a self-driving car is for people to easily travel from A – B in the car. The new regulations also stipulate that users must undergo “special training” and manufacturers must monitor the cars use.

Technology giant Google has experimented to the point whereby a vehicle does not even need a steering wheel or pedals, this sounds impressive, albeit slightly dangerous, for the foreseeable future at least. So much so that the DMV recommends all self-driving vehicles to be equipped with traditional controls. The draft regulations also provide requirements for self-driving cars to be protected from cyber attacks; it will be interesting to see how manufacturers respond to this considering very little is immune from hacks in the digital age.

Many fans and experts alike envisage a future whereby a driving licence is obsolete and even non-drivers are able to metaphorically drive, sounds good until you factor in the many issues including longer traffic jams as more people are able to use a vehicle, only time will tell as to the path with which this new breed of tech will follow.

Image courtesy of marketinginautomotive

The National Crime Agency’s Anti-Cyber Crime Campaign is Embarrassing and Ignorant

The National Crime Agency embarked on an appalling advertising campaign yesterday “aimed at educating the parents of 12-15 year old boys” who might be proponents of cyber-crime. Already we can see the ignorance flowing here, as focusing on the male gender is incorrect, and targeting such a narrow age range seems completely ludicrous. Not only that, the organization created a checklist for parents to help investigate their own children and see if they are engaging in illegal activity. This is a prior warning, the compiled list is possibly the biggest pile of nonsense I’ve read in years.

“Warning signs of cyber crime

The following behaviours may indicate a young person is at risk of getting involved in cyber crime:

  • Is your child spending all of their time online?
  • Are they interested in coding? Do they have independent learning material on computing?
  • Do they have irregular sleeping patterns?
  • Do they get an income from their online activities, do you know why and how?
  • Are they resistant when asked what they do online?
  • Do they use the full data allowance on the home broadband?
  • Have they become more socially isolated?

If a young person is showing some of these signs try and have a conversation with them about their online activities. This will allow you to assess their computer knowledge proficiency so you can understand what they are doing, explain the consequences of cyber crime and help them make the right choices.”

There’s so much wrong with the questions above that I really don’t know where to start. The idea that children spending time online is a negative concept is unbelievably outdated, and laughable. The internet is an integral part of daily life from educational activities to keeping up with friends on various social media platforms. Additionally, human beings don’t all have to be brash, loudmouth extroverts, and social isolation isn’t anything to be suspicious off. In reality, many socially isolated people are very creative and struggle to communicate with people. Anxiety is a terrible condition to deal with its impossible for non-sufferers to understand the daily torment. That’s why it’s incredibly hurtful to judge people and be suspicious of them just because they want alone time.

On another note, the one key profession society will need in the future is programmers, and they are in short supply at the high skill level. We should be actively encouraging children to attain coding skills and make their interest in this field flourish. To insinuate this passion as a negative aspect is frankly, embarrassing.

Hilariously, the NCA contradicts themselves and goes onto say:

Ways to use cyber skills positively

Skills in coding, gaming, computer programming, cyber security or anything IT-related are in high demand and there are many careers and opportunities available to anyone with an interest in these areas.”

According to their impeccable logic (insert sarcasm here), coding is a suspicious trait but it’s a way to use skills in a positive manner. If anyone can explain what the marketing team has been drinking, I’d love to know. This entire campaign makes zero sense and is a complete farce. While some feel the need to ridicule it, I find it very worrying that people in power have such an idiotic and uneducated viewpoint on the subject matter. As previously mentioned, the government, the actors, and anyone else involved in this mess should feel ashamed.

If you’re brave enough, here’s the cringe-worthy video in full:

GCHQ Could Be Fined For Latest Series Of Job Adverts

GCHQ are known for their presence within the UK as the cyber spies, the first and last defence against digital threats within the UK. In recent years though they have not had the best image, with incidents like being given permission to spy on politicians, recommending users store their passwords in software and do away with remembering them and breaching human rights with their internet surveillance. Their latest issue may be something a little more low-tech, with their latest job adverts possibly resulting in them being fined.

Hackney council has stated that they will fine and ask that GCHQ clean up their advertisements as they didn’t have permission to create the advert in Shoreditch.

https://twitter.com/JamesLiamCook/status/664064611642163200/photo/1

Featuring a pun on their name, combined with a web address, the adverts were created by using a technique called reverse graffiti. This means that instead of applying paint or another material atop the surface, you use a stencil and a power washer to remove and clean off the top layer of dirt, resulting in a white depiction of your stencil.

The adverts have also been spotted in Manchester, Birmingham, Wolverhampton and Leeds.  GCHQ claim that they were led to believe that Hackney Borough Council had an issue with clean graffiti on street furniture, not pavements.

If only they had a copy of the email that people sent with this information…

Dells Security Affects More Than Just Your PC!

Recently Dell has received a lot of attention regarding their security, to be more precise it was due to a digital certificate. These are small pieces of code that are used to encrypt the traffic between your system and any website or online system you use, remember that little padlock in your URL bar on the browser? That means that it’s used a certificate to verify that this is a legitimate website and not a fake website.

The problems started when Dell shipped their systems with a certificate, private encryption key included, on their systems. This is like giving somebody the mold to create their own keys, or even conduct man-in-the-middle attacks, where you are able to act as a midway point for communication, and with the encryption details you could easily read the information being sent.

When Duo Security, a digital security company, continued to search they found at least 24 IP addresses which had certificates with the a different digital fingerprint but the same name, eDellRoot. Different lock, same name.

The problem with this is that some of the systems appear to be SCADA (Supervisory Control and Data Acquisition), a system seen as pretty important given it is often used in energy and manufacturing industries. While these systems are normally closed off from the internet, no access = minimal risk, the systems could have been misconfigured but still have a potential risk.

Dell has posted stating that they would post instructions on how to fix the eDellRoot problem, which can be found here.

With problems like this, public knowledge and learning from the mistake are the best ways to prevent this affecting both companies and the public in the future.

Researchers Catch Cyber-Espionage Groups After Hackers Infect Their Own Systems

A cyber-espionage group who is believed to be tied to the Iranian Government, and has targeted over 1,600 defense officials, diplomats, researchers, journalists and more, may have just landed themselves in their own hacking trap. The group known as “Rocket Kitten” has been going since 2014, and for quite some time, their attacks have been analyzed by security teams trying to not only track them down, but to also prevent further security breaches. However, a team of researchers at Check Point Software Technologies caught a lucky break when they obtained access to the attacker’s command-and-control server.

It’s reported that Rocket Kitten is not very sophisticated, but rather persistent with their attacks. Using social engineering and phishing attacks to infect targets with malware. Researchers say the team left a major weakness in their infrastructure, allowing them to extract messages between members of the hacking group, as well as a list of over 1,600 intended victims in Saudi Arabia, the U.S., Iran, the Netherlands and Israel, that were targeted between August 2014 and 2015.

“It seems that the attackers did not take into consideration the possible compromise of their own command-and-control server and have infected their own computers with their custom keylogger-type malware, most likely for testing purposes.” reported CIO

By infecting their own computers with the malware they’ve been using to attack others, researchers believe they have been able to identify an Iranian software engineer who developed the tools for Rocket Kitten.

“In this case, as in other previously reported cases, it can be assumed that an official body recruited local hackers and diverted them from defacing web sites to targeted espionage at the service of their country,” the Check Point researchers said. “Such inexperienced personnel with limited training often lack operational security awareness.” they added.

Well there you go. If you’re going to breaking computer security, learn how to apply it in the first place.

Image source

 

US concerned Over Russian Activity Near Undersea Data Cables

Tensions between nations over Cyber warfare have increased dramatically over the last 5 years, from the US accusing China and Russia of systematically hacking into highly sensitive government systems through industrial means, to groups affiliated with IS and similar terrorist organisations who have cyber attacked various departments. Now, Washington is reportedly becoming concerned that Russia and its fleet of military submarines could in theory cut vital undersea cables that carry almost all global communications.

As yet there is no evidence to suggest Russia or any other country has attempted this, but, according to US intelligence, or lack of sometimes, who are monitoring a significant and increased “Russian activity along the known routes of the cables, which carry the lifeblood of global electronic communications and commerce”.

It was reported last month (Sep 2015) that a Russian spy ship “equipped with two self-propelled deep-sea submersible craft, cruised slowly off the East Coast of the United States on its way to Cuba — where one major cable lands near the American naval station at Guantanamo Bay”. US officials state this spy ship has the ability to launch submersible vehicles that in turn could cut data cables situated miles down in the sea.

The Pentagon is also concerned that Russia is attempting to hunt for cables at much greater depths than originally thought where such data lines are harder to both monitor and repair. The significance of these data cables is vast considering it has been estimated that they carry “global business worth more than $10 trillion dollars a day, including from financial institutions that settle transactions on them every second”

Is this all smoke and mirrors? Possibly, it’s difficult to know how much of this information is genuine and if so how much is actually being planned. If Russia succeeded in cutting vital cables then this would lead to a dramatic set of circumstances. One thing to bare in mind is that Putin quite likes the idea of censorship and could be looking at cutting Russia off from outside influences. What we do know is countries, for example Russia and China, have a vested interest in disrupting countries such as the US, but having said that, the US and others also have well-documented interests in intercepting gigantic amounts of data from other countries. It’s the same practice in a different pair of shoes, from both World Wars, the Cold War to modern-day cyber spying, countries want others data and will plot while both sides remain unsure of the final outcome.

Image source

New Firefox Testing Feature Warns Of Insecure Website Password Submission

Consumers are exposed to a myriad of cyber threats which are intent upon harvesting as much information as possible, from bogus emails offering state cash refunds to spoofed pages which purport to be from a genuine vendors, but are in fact aiming to collect sensitive consumer details. Well known and popular browser Mozilla Firefox have recognised the importance of alerting consumers to the security of password submission by offering a simple yet important safeguard within the latest Firefox Nightly build.

The security measure in question is in the form of a faded crossed out padlock icon within the address bar of the browser, thankfully it’s more useful than simply a new icon. The aim of this new feature is to warn consumers if a password field is not submitted over HTTPS and thus regarded as insecure. If a consumer clicks on the icon it will provide further details as to why a particular site is considered insecure, below is an image to convey the change. This feature is currently “only in testing as part of Firefox 44 Nightly”.

This new yet simple feature is a good way of informing consumers as to the risks of submitting a password over an insecure method, cyber security is a hot topic and the more every individual knows the better. It will be interesting to note the rollout timescale of this feature once Firefox confirms it for its finished builds. On a side note, let’s hope consumers actually update their browsers in order to benefit from the latest security fixes, I bet many a reader knows someone who is running a version of Firefox that is at least 10 versions behind that of the currently available.

Image courtesy of technodyan

NCA Warning After Hackers Steal £20 Million from UK Bank Accounts

The UKs National Crime Agency have urged the people of Britain to ensure they take adequate measures of online security after a significant strain of malicious software allowed criminal hackers to steal an estimated £20 million from UK bank accounts.

The highly skilled malware developers are thought to be based in Eastern Europe. The details that are collected are then exploited to steal money from individuals and businesses globally. The NSA has reported one significant arrest in relation to the multi-million pound scam. However, only after thousands of computers had already been infected by the Dridex malware known as Bugat and Cridex, with the majority of computers being Windows based machines.

Computers can become infected with the virus when users open documents in emails they believe to be legitimate. I myself have recently received emails proclaiming to be from PayPal stating: “Your PayPal account has been limited! Take a few moments to confirm your information. After you do, you can shop online and send money using your account.” After checking PayPal directly (not through the given link) I establish that there was no such limitation on my account.

To avoid becoming an unwilling victim of the costly Dridex malware the National Crime Agency is encouraging all internet users to ensure they have up to date operating systems and anti-virus software installed on their machines, to protect themselves from further cybercrime attacks. The NSA also urged users to visit the CyberStreetWise and GetSafeOnline websites where they state there is a number of anti-virus tools are available to download to help clean up infected machines; these sites also are a great way to gain further advice on how to protect yourself in the future.

Mike Hulett, Head of Operations at the National Crime Agency’s National Cyber Crime Unit said:  “This is a particularly virulent form of malware and we have been working with our international law enforcement partners, as well as key partners from industry, to mitigate the damage it causes. Our investigation is ongoing and we expect further arrests to be made.”

What measures do you take to ensure your online security? Let us know down in the comments below.

Thank you National Crime Agency for providing us with this information.

Microsoft Outlook Web App Vulnerable to Password Hacking via “Backdoor”

Typical Microsoft, the tech giant has more backdoors than Disneyland and World put together; the latest vulnerability that has been unearthed by researchers is a pretty serious breach and allows an attacker the option to steal e-mail authentication credentials from major organizations.

So what is it this time? The Microsoft Outlook Web Application or OWA in question is an Internet-facing webmail server that is being deployed within private companies and organisations, this then offers the ability to provide internal emailing capabilities. Research and subsequent analyses undertaken by security firm “Cybereason” has discovered a backdoor of sorts in the form of a suspicious DLL file. This file was found to be loaded into the companies OWA server with the aim of siphoning decrypted HTTPS requests.

The clever part of this attack is the innocuous nature of deployment in the form of the file name that was the same as another legitimate file; the only difference was the attack file was unsigned and loaded from another directory. According to Cybereason, the attacker (whoever it might be, mentioning no names) replaced the OWAAUTH.dll file that is used by OWA as part of the authentication mechanism with one that contained a dangerous backdoor.

Thus, this allowed attackers to harvest log in information in plain decrypted text, even more worrying is the discovery of more than “11,000 username and password combinations in a log.txt file in the server’s “C:\” partition. The Log.txt file is believed to have been used by attackers to store all logged data”.

The attackers ensured the backdoor could not be removed by creating an IIS (Microsoft Web Filter) that loaded the malicious OWAAUTH.dll file every time the server was restarted.

Indeed, yep, same old same old then, breaches of passwords is worryingly common in the digital age, there needs to be a radical re think of security infrastructure. I do feel companies are using tech as a cheaper alternative without investing in system protection or even real-time analyses, servers and communication lines are being ignored to the point whereby attackers have free reign over such systems. I wonder as I write this as to what else is being siphoned to individuals and attackers, if I see next the formula for Coke in China own brand cola, then it will make sense.

Thank you cybereason for providing us with this information.

Image courtesy of thehackernews

Global Nuclear Facilities at Greater Risk of a Cyber Breach than Previously Thought

We all know various connected infrastructure defences are vulnerable; these include recent attacks on high-profile websites and also communication arms of governments and well-known individuals. Technically anything can be hacked and therefore robust implementations need to be focused on securing data within organizations. Nuclear facilities are one such example and a new report warns of an increasing threat of a cyber attack that focuses on these plants.

The report by the influential Chatham House think tank studied cyber defences in power plants from around the world over an 18-month period; its conclusions are that “The civil nuclear infrastructure in most nations is not well prepared to defend against such attacks”. It pinpoints “insecure designs” within the control systems as one of the reasons for a possible future breach, the cause of this is most likely the age of the facilities and the need for modernization.

The report also disproves the myth surrounding the belief that nuclear facilities are immune from attacks due to being disconnected from the Internet. It said that there is an “air gap” between the public internet and nuclear systems that was easy to breach with “nothing more than a flash drive” Great, in theory that little USB drive could cause a nuclear holocaust. The report noted the infection of Iran’s facilities was down to the Stuxnet virus that used the above route.

The researchers for the report had also found evidence of virtual networks and other “links to the public internet on nuclear infrastructure networks. Some of these were forgotten or simply unknown to those in charge of these organisations”.

It was found by the report that search engines that sought out critical infrastructure had “indexed these links” and thus made it easy for attackers to find ways into networks and control systems.

This report has cheered me right up, it is noted that nuclear facilities are stress tested to withstand a variety of long-standing scenarios, though there does need to be a better understanding from staff in charge of the infrastructure in order to limit any potential damage a breach could inflict. The industry needs to adapt, gone are the days of one or two experts who could hack into a system, from state-sponsored cyber attacks to a teenager in their bedroom, the knowledge base is growing day by day and many companies are paying the price for poor security.

Let’s hope it’s not a nuclear power plant,

Thank you bbc for providing us with this information.

Image courtesy of zeenews

Anonymous Attacks The Canadian Government and Leaks Classified Data

In the real world, the establishment counteracts instances of criminality by an extensive array of resources and a structured organisation. In cyberspace, groups such as Anonymous are organised, well versed in operational hacking activities and are able to use tools which are inexpensive, perhaps this is why governments and companies have yet to get a grip on data which has metaphorically walked out the door, hitched a plane and ended up on someone else’s computer.

The fore mentioned Anonymous have looked to be using techniques to again prise open the gates to documents, as reports have begun to circulate over the leaking of yet another high-level federal document concerning the redevelopment of Canada’s key diplomatic centres in Britain. This alleged leak is the second in a campaign against the Canadian government with the information purporting to include budgetary deficits and the “selling, relocating and refurbishing of Canada’s diplomatic buildings in London”

The documents belong to the Treasury Board of Canada and are dated 6th February 2014, or if this is as many are believing to be authentic, a now very irritated Treasury Board of Canada. These leaks are an attempt by the Cyber infiltration group “to pressure the government over the fatal shooting of a protester in B.C. and the passing of Bill C-51, the controversial anti-terrorism bill that gave expanded powers to police and Canada’s spy agency”.

Meanwhile, sources say that federal authorities are comparing versions of the documents and scanning for discrepancies that may help track down from whose hands it may have slipped.

Have I any sympathy for the Canadian government? Well, you know me don’t you; it demonstrates poor Cyber awareness and a lack of safe practise in the storage of classified documents, remember, the infrastructure has not been breached by a country attacking another state but by a hacktivist group.

Governments are losing the argument when it comes to attacking the criminality of these acts, after all, the actions by this group are against the law, but for me, so are the increased surveillance capabilities of agencies and the implementation and recruitment of external hacking teams, as in the case of, well Hacking Team to be precise.

“Freedom is never more than one generation away from extinction. We didn’t pass it to our children in the bloodstream. It must be fought for, protected, and handed on for them to do the same”. Ronald Regan

Thank you nationalpost for providing us with this information.

Image courtesy of occupycorporatism

WikiLeaks Julian Assange Fears he will be “Assassinated”

Let’s for a minute contemplate the appearance of Julian Assange, he looks as if he is attempting to apply for this year’s role of Santa at a shopping centre. He might be slowly losing his marbles considering a few of his comments concerning his stay at the Ecuadorian embassy during an interview with The Times Magazine.

Can I source this link? Noooo, why? Behind a paywall, oh where else can I find a summary, I know, the many sources on the internet of course. Anyway, Julian Assange fears he will be assassinated if he steps onto either a balcony or out the door of the embassy. This is technically possible, although he might need to move further away from the building than that for it to look less obvious. Now for the weird, the following comments are his views on being “droned”

I’m a white guy,” Mr Assange said. “Unless I convert to Islam it’s not that likely that I’ll be droned, but we have seen things creeping towards that.”

I am just going to let that sink in for a sec, he also describes receiving bomb and death threats and he has also not been able to have any fresh air or sunlight for 3 years. His situation could be resolved in the next 2 years by which point his hotel stay at the embassy will be nearer five years.

Julian Assange is controversial yet has, through Wikileaks, been able to expose many a scandal which has included Surveillance and also disgraceful military practices. His situation depends on your viewpoint, many spectators have formed a conclusion that he does indeed have a target on his head, but it’s difficult to quantify his situation, after all, where will he be in 5 years.  Let’s hope he re-enters the world otherwise officials will start charging him per night for his room.

Thank you huffingtonpost for providing us with this information.

99% Of Women Profiles On Ashley Madison Were Fake

Oh, well I am not surprised but here we go, the well reported data breach on dating website Ashley Madison has exposed a wealth of information including a huge proportion of fake profiles.

Impact Team who were the group behind the hack, announced that it was releasing the information in part because Ashley Madison had duped consumers over the male to female account ratio on its website. At the time, the hackers claimed that 90-95% of the accounts on Ashley Madison were male with “thousands” of fake female profiles. It turns out the group were correct but underestimated the figures ever so slightly.

After careful scrutiny of the data in order to verify that 5.5 million female accounts were indeed fake, the information reveals that many accounts were created with a single localhost IP of 127.0.0.1. This was along with thousands of accounts which listed AshleyMadison.com email address as their primary contact point including organized accounts which stated 100@ashleymadison.com, 200@ashleymadison.com and so on.

Another piece of information which is certainly revealing conveys the last log in date a user has checked their inbox, this data is logged by the site even if the user only checks it once. It reveals a huge 20,269,675 men checked their messages while only 1492 woman viewed their inbox. Well, just look at those odds, even Ray Winstone cannot market this appealingly for Bet 365.

I do feel these sites offer the majority a false sense of possibility with reality far less forgiving; it conveys the level of information which can be harvested by third parties if not stored correctly. The irony to all this is that Ashley Madison offered a platform where people could cheat on their other half which is deplorable, yet far less possible than previously thought considering the number of fake profiles.

Thank you extremetech for providing us with this information

Image courtesy of huffingtonpost

White House Responds to Edward Snowdon Petition

Do you remember when 167,000 people signed a petition calling for Edward Snowdon to be pardoned? Not even Pepperidge Farms recalls this considering this was two years ago. The US government is known for hanging many decisions out, but I will give them credit for finally responding to this petition.

Once a petition reaches 100,000 signatures via the government’s official platform, under their rules they are duty bound to respond to it, which they have, eventually. So will Edward Snowdon receive a pardon? No, no he won’t according to Homeland Security advisor Lisa Monaco who accuses Snowdon of “running away from the consequences of his actions.”

A shortened redacted version of this statement is below, at least I have summarised the point unlike many US documents which have one word visible.

“Instead of constructively addressing these issues, Mr. Snowden’s dangerous decision to steal and disclose classified information had severe consequences for the security of our country and the people who work day in and day out to protect it.

If he felt his actions were consistent with civil disobedience, then he should do what those who have taken issue with their own government do: Challenge it, speak out, engage in a constructive act of protest, and — importantly — accept the consequences of his actions. He should come home to the United States, and be judged by a jury of his peers — not hide behind the cover of an authoritarian regime. Right now, he’s running away from the consequences of his actions”.

 This is the cliché catch 22 situation, if Edward Snowdon had of spoken out and challenged the status quo, this would have been quickly and silently shot down. One has to remember when scandals are broken; they are not publicized by establishment officials but journalists and external investigators, how do you challenge behaviour in-house?

I do feel that Edward Snowdon has placed a target with which to discredit via his asylum in Russia. It’s a bit of an irony to live in a country for speaking out against violations of democracy, when said new residence has the uncanny habit of hunting down perceived dissenters. I also don’t believe Snowdon will receive a fair trial at all in the US, one thing to consider concerning this aspect is this, during the somewhat recent trial of Boston bomber Dzhokhar Tsarnaev, the jury was made up of individuals which favoured the death penalty. Lawyers had the ability and are allowed to dismiss any juror who is opposed to the death penalty, thus in a roundabout way influencing the nature of the sentence.

The above example is just that, an example to show how the word “fair” could be slightly deviated for a desired outcome.

Thank you whitehouse petitions for providing us with this information

Image Courtesy of freigeistblog

 

Hacking Team Release Ludicrous Statement

This story is so preposterous that I am going to play a little game called; “who are the hypocrites here.” Hacking Team, who recently fell to a cyber attack have released a statement claiming to be victims and have bluntly claimed that they have “always operated with the law and regulation in an ethical manner.”

You heard it right, when government officials start inventing ludicrous laws which state that hacking citizen’s phones and computers for data is actually legal, you arrive at the juncture where the Italian spyware firm claim that “there was only one Violation of Law in this entire event, and this was “the massive cyber attack on the Hacking Team”

Now I don’t condone hacking, well I do in this case where rival decent hackers exposed nearly 50GB of data, this included internal documents such as internal emails, hacking tools zero day exploits, surveillance tools, source code for Spyware and a spreadsheet listing and every government client with date of purchase and amount paid.

Out of balance and to be fair to Hacking Team, I have viewed their statement and what really stands out is the following few lines.

“The company has always sold strictly within the law and regulation as it applied at the time any sale was made. That is true of reported sales to Ethiopia, Sudan, Russia, South Korea and all other countries”

Well, those are true democracies which really do underpin Hacking Teams morals. The scary thing is, if you give a despot surveillance tools, this could have well led to deaths and suffering of citizens.

There are no winners in these revelations with perceived democratic countries also using these tools along with many dodgy dictators. Hacking Team also state that “there had not been “access to the data collected by company’s clients using purchased spying software, as such information is only stored on the customer’s systems and can’t be accessed by the company itself.”

This is the tip of a seedy and unethical Iceberg, which in the long run, will not protect against every terrorist eventuality, but to only virtually incarcerate the whole world. Anyone who sells spying software to countries which have a habit of executing dissenters is either desperate for cash or completely void of conscious. A sale is possibly within the law, but so is selling a pint of beer to a 16-year-old if bought by an adult with a meal. The only difference is, a pint normally does not result in potential war crimes and more… usually.

Thank you to Hacker News for providing us with this information

Image courtesy of ilquotidianoitaliano