TweakTown NewsRefine News by Category:
The malware software and cybercriminal techniques used to cripple Sony Pictures could be used in additional attacks against US companies, according to a recent alert from the U.S. Computer Emergency Readiness Team (US-CERT). Specifically, the malware, which is similar to code used to target South Korean companies, is able to communicate with operators while spreading quickly and conducting brute-force password attacks against systems.
"Due to the highly destructive functionality of this malware, an organization infected could experience operational impacts including loss of intellectual property and disruption of critical systems," the US-CERT warning stated. It's true that next-generation malware, written by increasingly skilled cybercriminal groups, has a wide variety of different purposes. Although stealing and compromising infected PCs remains lucrative, cyberespionage would be better served by disrupting day-to-day operations of necessary systems.
North Korea has been blamed by the US government for the attack against Sony Pictures, a charge it vehemently denies - has dedicated resources to improving its cyberattack capabilities.
Thanks to the "Lizard Squad", many bright-eyed youngsters were left out of luck - being unable to connect their new Santa-given PlayStation's and XBOX's to their respective online gaming and content networks.
This group of hackers targeted both of these large-scale online mediums on the 25th of December, seeing Kim Dotcom come in as some kind of savior - offering them 3,000 lifetime premium Mega accounts worth $99 each in return for PSN and XBOX Live's safety. The squad accepted, stopping the DDoS atacks instantly, vowing never to return.
According to a Twitter post, this deal is only made true if "they don't attack Xbox Live & PSN again. #ThatsTheDeal," in the words of Dotcom himself.
The Iranian government will move ahead with an effort to use "smart filtering" of the Internet for Iranian users, with "undesirable" content censored - Iran has some of the strictest regulation and controls of the Internet, with many foreign websites blocked.
Despite Facebook, Twitter, YouTube and other populations blocked, a growing number of Iranian users access these websites with virtual private networks (VPNs). However, Tehran wants to filter the content, hoping it's a more effective method of preventing some blocked content - and President Hassan Rouhani previously promised to begin opening up technology access.
"Presently, the smart filtering plan is implemented only on one social network in its pilot study phase and this will process will continue gradually until the plan is implemented on all networks," said Mahmoud Vaezi, Iranian Communications Minister, in a statement to the IRNA news agency.
The North Korean government has steadily increased capabilities of its secretive Bureau 121 cyberespionage unit, but very little is known about how it operates. A North Korean defector recently shed light on the division of specialized "cyber warriors," with specific training of programming languages, operating systems research, and IT network security vulnerabilities.
By the time hackers are officially hired by Bureau, some candidates have almost nine years of training, according to Jang Se-yul, a graduate of the top North Korean engineering college. Bureau 121 cybercriminals - and their families - are moved to Pyongyang and become among the country's top 1 percent, including a high salary, free apartment, and free Internet access.
The US and other western nations are focused more on limiting cyberespionage, especially from North Korea, Iran, China and Russia - but the cybercriminals have had a step up on us for quite some time. North Korea understands it wouldn't be able to win a conventional war against political rivals, but is able to cause chaos using their hacker branch.
Cybercriminals from China are increasingly targeting Japanese bank account holders, with more than $16 million stolen from the Sumitomo Mitsui Financial Group and Mitsubishi UFJ Financial Group during the first six months of 2014. Japanese police officials report a rising number of Chinese nations being arrested for cyber-related crimes, and security experts point towards Chinese-based IP addresses.
The chaos begins by a phishing attack that tricks users into providing their passwords. Money is transferred out of Japan and people are recruited to visit ATMs and withdraw as much money as they can. Products are purchased in Japan and the stolen items are shipped and re-sold in China.
Earlier in the year, Japanese government websites were compromised by suspected Chinese hackers, with most of the sites temporarily dropped by distributed denial of service (DDoS) attacks. However, other websites were defaced with political messages related to Japan-China sociopolitical propaganda - as both countries continue their efforts to rebuild an extremely tumultuous relationship.
Cybercriminals compromised a German factory and caused "massive" damage to a blast furnace inside of the facility, according to a Federal Office for Information Security report made available by the German government. The company impacted remains unknown, but it looks like they fell victim to a phishing attack that led to malware installation on company computers - and it didn't take long before PCs and factory systems to suffer.
Since the company's employees were not able to maintain control of the blast furnace, there was "massive damage to [the] plant." "The attackers were knowledgeable in conventional IT security and had extensive knowledge of applied control and production processes," according to a recently published report.
As cybercriminals find new methods to conduct cyberespionage, there is growing concern that they can breach critical infrastructure - and cause significant damage - and this German foundry incident is a worrying sign. It's unknown if the hackers intended to just steal data, or cause physical damage, but show how vulnerable computer systems can be.
The Lizard Squad reportedly has taken credit for dropping Microsoft's Xbox Live and Sony's PlayStation Network on Christmas Eve and Christmas day. It's not a complete surprise to hear of the cyberattacks, with the group promising them all month long. Lizard Squad used a distributed denial-of-service (DDoS) attack, with the FBI and other hacker groups reportedly targeting them.
Unfortunately, the group demanded 10,000 retweets of a message posted on Twitter, so gamers will be able to access Xbox.com, Xbox Live and other services - and regain playability on PSN. Both Microsoft and Sony are working on connectivity issues, with spotty service available in North America.
It's not a surprise to hear they wanted to target the attack for Christmas, as many gamers plug in their consoles for the first time - or hit the power switch to begin playing a new title.
Following a successful data breach targeting Sony Pictures, the Japanese government is increasingly weary of potential North Korea-based cyberattacks. Japan is used to China's ambitious cyberespionage campaigns, but North Korea has steadily improved its own ability to launch successful attacks.
Japanese Prime Minister Shinzo Abe wants to boost internal cybersecurity defense as the threat of foreign-based attacks reaches frightening levels. There is specific interest in ensuring critical infrastructure, such as its power grid, transportation networks, and gas supplies can continue to function even under continued attack.
"Japan is maintaining close contact with the United States and supporting their handling of this case," said Yoshihide Suga, Japanese Chief Cabinet Secretary, during a press conference. The Japanese government is relying on strong ties with Washington in a joint-cooperation to increase cybersecurity.
The long saga of the Sony hack is far from over, but Sony has finally taken the step of releasing "The Interview" for purchase on a variety of digital platforms. The Interview is available on Google Play, YouTube Movies, Microsoft's Xbox Video, and a Sony website. The movie was released at 1 PM EST today and is available to stream for $5.99, and for purchase at $14.99. Sony also announced that 300 theaters will play the movie on Thursday.
Sony has taken a considerable beating over the massive hack of the Sony Pictures outfit. The satirical film outlines an assassination attempt of North Korean leader Kim Jong-un. The pending release triggered strong condemnation from North Korea, which threatened action. Soon after, Sony Pictures was hacked, and the US government claims to have proof that North Korea was behind the attack. After the hacking attack, embarrassing internal Sony documents were released to the public, and the hacking group also threatened violence at any theaters showing the film. Several prominent film distribution companies refused to air the movie, leading Sony Pictures to pull the movie. That announcement met with widespread criticism, particularly from President Obama, who likened the move to cowing to terrorists.
South Korea hopes the Chinese government will be cooperative in a data breach investigation recently suffered by the Korea Hydro and Nuclear Power Co. just a few days ago. Some of the IP addresses used to compromise the Korean company are linked to a northeastern Chinese city close to the border with North Korea, according to an unnamed South Korean government official.
Despite its geographic location, there still isn't enough evidence to accuse China or North Korea of being directly involved in the cyberattack - although China is suspected of targeting the United States and its allies, while North Korea has been accused of previous cyber breaches suffered by South Korean companies.
"When we have the cooperation of the Chinese, where of course we don't have jurisdiction, we will be asking for checks or maybe a search of the location of the IP address," a South Korean official recently said. "As we're doing this, there is a possibility that the IP addresses in China are not the final source but used in a routing. It's possible (the network) in China was used (remotely) from some other location."