TweakTown NewsRefine News by Category:
China is on the short list of countries that have the ability to launch a cyberattack that would be able to shut down the US power grid along with other critical infrastructure, US government officials believe. It would appear these countries already launch reconnaissance probes that have found gaping security holes they can exploit in cyber defenses.
"We see them attempting to steal information on how our systems are configured, the very schematics of most of our control systems, down to engineering level of detail so they can look at where are the vulnerabilities, how are they constructed, how could I get in and defeat them," said Admiral Michael Rogers, NSA head and US Cyber Command head. "We're seeing multiple nation-states invest in those kinds of capabilities."
Beyond China, Admiral Rogers didn't publicly disclose other nation states believed to be sponsoring cyberattacks, though Russia almost certainly is on the list.
A Russian website is posting links to hijacked webcams and baby monitors, and US and UK privacy watchdog groups want to try to have the website shut down. The website has a listing of 4,591 cameras in the United States, 2,059 in France, 1,576 in the Netherlands, and numerous other cameras across Europe.
Some of the webcams listed on the website show a static image but don't appear to be running, while others still work just fine.
"The fact that a website is able to stream footage from thousands of cameras, illustrates the risks that consumers are taking by not changing the default passwords on camera enabled devices," said David Emm, Kaspersky Lab Principal Security Researcher. "It only takes a minute to change a password, and the longer it is left unchanged, the greater the chance that the device will be compromised."
The cyberattack that recently targeted the US Postal Service, affecting 800,000 employees nationwide, was a "very sophisticated" attack that is likely tied to the Chinese government. While there haven't been confirmed cases of identity theft, it appears names, addresses, Social Security numbers, and other personal information were stolen in the breach.
Meanwhile, Congress wants faster notification of a data breach from the USPS and other agencies - a strong likelihood considering the growing sophistication of cyberattacks. No one has claimed responsibility for the USPS data breach, and government officials didn't want to publicly comment on which group they believe is behind the attack.
"At this time, we do not believe that Postal Service transactional revenue systems in Post Offices, as well as on usps.com where customers pay for services with credit and debit cards, were affected by this incident," said Randy Meskanic, USPS cybersecurity official, during a recent testimony. "There is no evidence that any customer credit card information from retail or online purchases, change of address or other services was compromised."
The North Atlantic Treaty Organization (NATO) is currently engaged in its largest cyber defense exercise, designed at testing its network security protocols. Organized cyberattacks, with growing threats from state-sponsored attacks originating from China and Russia, have forced government agencies and military branches to be prepared for potential attacks.
There are 670 technical, government and cyber experts from dozens of Alliance and partner locations - in addition to testing their defense, NATO also helps strengthen partnerships with universities and private-sector companies.
"Among the priorities highlighted in the Enhanced NATO Policy on Cyber Defense, endorsed at the Wales Summit, is training and exercises," said Ambassador Sorin Ducaru, NATO Assistant Secretary General for Emerging Security Challenges. "The cyber threat is not just a potential threat, it is daily reality. Conflicts can be virtual but with consequences that are real and destructive."
The Kaspersky Lab security software firm blocked more than one billion attacks during Q3, which is a 33.1 percent increase over Q2. Targeted attacks and malware are significant threats to consumers and businesses alike, and continue to keep security software companies busy.
The company also added 74,500 new mobile malware samples to its library, a 14.4 percent increase - and an indication that cybercriminals still want to find ways to compromise smartphones, tablets, and other mobile devices.
"In Q3, Web antivirus modules were triggered at least once on almost one third of computers while owners were surfing the Web," said Maria Garnaeva, Kaspersky Lab Security Researcher of the Global Research and Analysis Team. "This figure has been falling for a year: in Q3 2013 it was 34.1 percent, in Q1 2014 it fell to 33.2 percent and starting from Q2 it 'froze' at 29.5 percent. This is due to a number of factors. First, browsers and search engines started helping to combat malicious sites. Second, there were fewer attacks involving exploit packs following the arrests of several developers."
The office supply store Staples and Michaels craft stores were both hit by data breaches in 2014, joining a growing list of companies hit by point of sale malware attacks. It would appear both retailers were hit by identical criminal infrastructure, with the malware targeting debit and credit card data captured on POS machines at checkout. The malware that hit Staples was connecting to the same control networks as the malware that hit Michaels - and it wouldn't be surprising if the same cybercriminal group was behind the incident.
"We are continuing to investigate a data security incident involving an intrusion into some of our retail point of sale and computer systems," said Mark Cautela, Staples spokesman, in a statement to KrebsOnSecurity. "We believe we have eradicated the malware used in the intrusion and have taken steps to further enhance the security of our network."
The volume of data breaches in 2013-2014 indicate these attacks are likely being orchestrated by state-sponsored hackers, and trying to prevent these incidents has proven difficult.
Similar to the United States and UK, German government agencies and companies are facing a mounting number of cyberattacks from foreign countries. Not surprisingly, it would appear a large number of the attacks are from suspected state-sponsored groups in China and Russia - and are extremely difficult to defend against. The German government is investing more resources into boosting cybersecurity to prevent successful breaches against its agencies and private companies.
There are an estimated 3,000 daily attacks targeting German government agencies, with five of those attacks blamed on foreign intelligence services. As a significant global power, there is a risk of cyberespionage from foreign governments trying to steal secrets to elevate their own political and military efforts.
"We have seen that there are ever more frequent attacks by foreign intelligence agencies on the German government IT infrastructure," said Hans Georg Maassen, the German domestic intelligence (BfV) chief. Former NSA contractor Edward Snowden revealed that the NSA snooped on German Chancellor Angela Merkel's phone, along with spying on other German government officials.
The US energy grid is a popular target for cybercriminals, most of them likely state-sponsored hackers, with 79 reported hacking incidents investigated by the Department of Homeland Security's Computer Emergency Readiness Team. Although it's a drop from the 145 investigated incidents from 2013, there is a significant issue of US critical infrastructure being targeted by skilled cybercriminals.
There have been at least 50 customized pieces of malware designed to target energy companies, and their security efforts haven't been able to hold up. The Russian BlackEnergy malware was found on software assigned to control US electrical turbines - and while there were no attempts to disrupt the machinery - is a clear indicator that cybersecurity efforts need to be boosted immediately.
"Our grid is definitely vulnerable," said David Kennedy, TrustedSec CEO. "The energy industry is pretty far behind most other industries when it comes to security best practices and maintaining systems."
A couple of days after temporarily shutting down its external email service, the US State Department has restored access after a suspected organized cyberattack from Russian hackers. State Department IT security staff detected "activity of concern" several weeks ago, and a response plan was developed to ensure no classified data was impacted. Full access to the service still hasn't gone live yet, while security experts verify new security protocols are complete.
"I can report that our external email services from our main unclassified system are now operating normally," said Jeff Rathke, State Department spokesman. "And for those who feel they are, you know, tethered to their BlackBerrys, they are once again - because the BlackBerry service is working."
US federal agencies have been under attack, as there have been breaches against the US Postal Service, White House and the National Oceanic and Atmospheric Administration (NOAA) in recent weeks. It would appear all of the attacks can be tied back to Russian state-sponsored hackers, which would not surprise security experts.
Seventeen people have been arrested as part of an identity theft ring aimed at defrauding the Internal Revenue System (IRS), trying to cash in on $2 million in fraudulent tax refunds. Federal prosecutors said identity thieves were able to use university student financial records to obtain the tax refunds, and the ringleader is accused of directing at least 92 tax refunds to a single account.
"The disturbing fact is that (many) of these individuals are current or former students who allowed their accounts to be compromised," said United States Attorney Wilfredo Ferrer.
While identity theft - and tax fraud - remain significant problems nationwide, it is especially problematic in Florida. Cybercriminals are targeting everything from medical records and tax refunds to debit and credit card accounts, and have been found stealing physical mail from residents' homes. There were 190 complaints filed for every 100,000 individuals, according to the Department of Justice, and 804.9 people per 100,000 filed fraud complaints in 2013.