TweakTown NewsRefine News by Category:
Chinese hackers successfully breached a U.S. government network that includes personal data of federal employees and their security clearance applications. The incident took place in March and specifically targeted the Office of Personnel Management, and files included everything from financial data to medical records and other sensitive information.
It's troublesome how easily foreign hackers are able to breach networks, especially when they contain personal data. An unnamed Department of Homeland Security (DHS) official didn't announce that type of data was taken in the breach, but confirmed a security issue did occur.
"The administration has never advocated that all intrusions be made public," said Caitlin Hayden, Obama Administration spokesperson. "We have advocated that business that have suffered an intrusion notify customers if the intruder had access to consumers' personal information. We have also advocated that companies and agencies voluntarily share information about intrusions."
Two people with alleged ties to the Lecpetex botnet, compromising more than 250,000 computers to help mine for bitcoins, were arrested. Lecpetex brought infected PCs into the growing botnet, and compromised machines tried to infect machines using No. 1 social media website Facebook.
Facebook officials contacted Greek police and were able to identify multiple suspects allegedly involved in running the botnet.
"Late last year, our abuse-fighting teams started to see a distinct new botnet," Facebook said in a blog post. "Based on statistics released by the Greek Police, the botnet may have infected as many as 250,000 computers. In addition, the Lecpetex authors appeared to have a good understanding of anti-virus evasion because they made continuous changes to their malware to avoid detection."
The issues related to cybersecurity among utilities companies has a unique twist that sounds like something from a hacker movie made in Hollywood. A cyberattack to compromise a utility provider and demand cash ransom in exchange for access to the networks is possible if security measures aren't improved, according to Dr. Larry Ponemon, Ponemon Institute founder.
Ransomware attacks, made up of custom malware designed to encrypt files and interrupt business operations, is a successful technique that hackers from Eastern Europe and China have deployed. If altered to breach utility networks, the same type of attack might be extremely effective.
"With the increased convergence of cyber and physical world's, attacks are no longer limited to office computers and networks," said Steve Durbin, International Security Forum Managing Director, in a statement. "They can now have physical impact in the real-world."
The German government remains upset that the NSA snooped on German Chancellor Angela Merkel and other government leaders, requesting the top U.S. intelligence official in Germany to leave the country. It was an unexpected move by the German government, as the CIA official works at the U.S. embassy in Berlin - as parliamentary inquiries continue in Germany.
The German government wants to speak with Snowden, but the American turned down an in-person meeting that would have taken place in Russia. Even if German investigators are unable to chat with Snowden in the near future, there are obvious political tensions between Germany and the United States at the moment.
"The representative of the U.S. intelligence services as the Embassy of the United States of America has been requested to leave Germany," said Steffen Seibert, a Germany government spokesperson, in a statement. "The Federal Government takes these incidents very seriously. It remains vital for Germany, in the interest of the security of its citizens and its forces abroad, to cooperate closely and trustfully with western partners, in particular with the USA. To do so, however, mutual trust and openness are necessary. The Federal Government continues to be ready for this and expects the same from its closest partners."
As expected, the United States and China again discussed cyberespionage talks with China, following months of tense negotiations and stalemates from both sides. Washington and Beijing have an extremely fragile political relationship, and both sides have accused one another of organized cyberespionage attacks aimed at stealing information and disrupting network traffic.
Although U.S. Secretary of State John Kerry confirmed Washington raised cyber-related topics with China, though a large amount of dialogue is still necessary. The United States still accuses China of state-led global cyberespionage attacks, while Beijing criticized the NSA for its widespread surveillance activities.
"China is making preparations to adopt greater transparency including on foreign exchange, which will accelerate the move to a more market-based exchange rate," said Jack Lew, U.S. Treasury Secretary, when speaking of the cybercrime-related talks between both sides.
The controversial Cyber Information Sharing Act (CISA) was approved by the Senate Select Committee on Intelligence, aimed to help the government and private companies better defend against cyberattacks. The bill received a 12-3 vote, and is the latest step forward in an evolving battle to keep networks and users safe on the Internet.
As part of CISA, the director of national intelligence will need to increase classified and unclassified cyberthreat information - and individuals and companies are authorized to roll out countermeasures to keep their own networks and consenting customers secure.
There is a large amount of concern regarding the controversial program, especially following former NSA contractor Edward Snowden disclosed organized federal government spying operations.
Most companies combat advanced persistent threats (APTs) using anti-virus and anti-malware security software, according to the "Advanced Persistent Threat Awareness" report released by the ISACA non-profit information security group. The study found 96 percent of survey participants note AV or anti-malware solutions as the most popular option - with 60 percent also relying on remote access.
APTs are described as stealthy, prolonged attacks typically aimed at cyberespionage attacks against businesses and governments. Due to large numbers of malware, security experts try to keep end-users and networks secure while pinpointing activity from command and control network traffic.
"The technical controls most often identified as being used to prevent APTs are network perimeter technologies, such as firewalls and access lists within routers, as well as anti-malware and anti-virus," according to the ISACA report. "While these controls are proficient for defending against traditional attacks, they are probably not as well suited for preventing APTs for a number of researchs," including spear phishing or zero-day threats.
E-ZPass customers in Massachusetts, New York and New Jersey are being warned of an email phishing scam from criminals claiming to be from the E-ZPass "Customer Service Center." The email subject is "Payment for driving on toll road," and informs customers that they have unpaid tolls.
The fake email has the following message: "Dear customer, you have not paid a toll for driving on a toll road. This invoice is sent repeatedly, please service your debt in the shortest possible time. The invoice can be downloaded here."
Security experts point out a couple of different problems with this email, including: bad grammar and the realization that an official summons wouldn't ask recipients to download an invoice. Furthermore, the real E-ZPass Service Center doesn't email customers regarding payment problems and other correspondence.
Security company Kaspersky Lab today announced its updated product lineup for home consumers, including the Kaspersky Anti-Virus 2015, Kaspersky Internet Security 2015 and Kaspersky Internet Security - Multiple-Device 2015. Designed to protect Microsoft Windows, Apple OS X and Google Android devices from current threats in a rather complex security world.
New features include Webcam protection aimed at keeping built-in Web cameras safe and secure from outside hacking. Kaspersky also included a Wi-Fi security notification module that ensures public Wi-Fi hotspots are secure, informing users of vulnerable network connections or unsecured password transmission. Ransomware which encrypts files also is a major threat to PC users, so the Kaspersky Lab System Watcher module verifies all running processes to prevent criminals from encrypting files.
"Today's threat landscape is persistently evolving and at Kaspersky Lab we're continuously staying one step ahead of the cybercriminals," said Justin Priestley, Kaspersky Lab consumer sales SVP, in a statement. "We provide our customers with the most advanced protection tools available, like the innovative Webcam Protection and System Watcher features. Our 2015 suite of products, especially Kaspersky Lab Internet Security, is equipped with technologies that have proven to be effective not only in independent tests, but in the real-world, protection 300 million people across the globe."
A team of researchers at CrowdStrike is claiming China's "Deep Panda" cyber offensive group has begun targeting, and has now compromised, US national security think tanks. In an alarming statement, co-founder Dmitri Alperovitch asserted that the attacks seem to be tied into monitoring activity from the newly founded Islamic State of Iraq and the Levant (ISIS).
In a blog post, CrowdStrike's co-found Dmitri Alperovitch outlined the company's work with human rights groups and security think tanks. Former senior government officials frequently work in organizations like these, and so are a natural target of hostile intelligence services, Alperovitch said, adding that he has "great confidence" the Deep Panda group is affiliated with the Chinese government. It's one of 30 CrowdStrike closely follows in China, but the company points out it is also one of the most sophisticated.
As the armed ISIS faction launched an attack on an oil refinery, Alperovitch claims Deep Panda began a hunt for files from US thinktank employees. He pointed out that China is the top foreign investor in Iraq's oil infrastructure, and so espionage fits in with the country's national interests. "It wouldn't be surprising if the Chinese government is highly interested in getting a better sense of the possibility of deeper US military involvement that could help protect the Chinese oil infrastructure in Iraq," Alperovitch wrote. "In fact, the shift in targeting of Iraq policy individuals occurred on June 18, the day that ISIS began its attack on the Baiji oil refinery."